Posts Tagged merb

Ruby authentication of CouchDB requests

Posted by Matt Aimonetti in Misc on July 13th, 2009

CouchDB is an awesome technology. I’m lucky enough to work on quite a big project where we decided to switch from MySQL to Couch for various reasons.

One of the many things I like with Couch is that it handles attachments and can replicate them as well as serve them for you using the Erlang based builtin webserver. (you can load balance your dbs and do some other really cool stuff)

Let’s take a use case. Let’s imagine that you have a web app with logged in users. Every user can have their own avatar.

No big deal, you get the user to upload his/her avatar to your app and add it to the user document in the database. To serve it from the database, you just need to create a proxy in nginx/apache and redirect the virtual avatar url to the protected DB making sure the request is a GET request.

Add to that a caching solution like varnish or memcached module for nginx and all your db goodies get cached and served by the cache (server/client) until they get modified.

Now, the problem is when you want to serve authorized attachments. Let’s imagine that we want to let our users upload private files, files that should be accessible only by the owner or users designated by the owner.

In this case, a simple nginx rewrite wouldn’t work. We need to authorize attachment requests. Here is a cool way of doing that using nginx and merb’s router. (Expect Rails3 router to do the same).

Let’s start by setting up nginx and create a proxy for couchdb:

Now that this is done, we are going to use Merb’s awesome router to handle the incoming requests. The cool part of this is that we won’t be dispatching requests so, going through the router is almost free. (check on the Merb router benchmarks for more info). Let’s edit our router and set a special route for our assets.

We are using a deferred route which gets executed instead of dispatching the request.

If the attachment route is being matched then we are checking what environment we are currently running in. If we are in production or staging environment then we are sending back a rack response to the webserver. The response is just a forward to the proper couchdb document behind the proxy. Of course, before allowing that to happen, we could authenticate the logged in user, log the request and do a couple of other things. You have full access to your models from the router, so authenticating a session isn’t a big deal. You could even create temporarily urls like AWS s3 does.

If we are not in production or staging mode, then just redirect the request to couch since we assume you have access to the local db. This way, your asset urls will be working in production and dev. In real life, you’ll want to apply the authorization before choosing how to deliver the document/attachment tho as you want it work the same way in development and production.

, , ,

2 Comments

RailsConf 2009

Posted by Matt Aimonetti in News, merb, rails on May 8th, 2009

RailsConf 2009 has now finished.  This time last year, no one would have ever guessed that the Merb and Rails teams would join forces and focus on what will hopefully be known as one of the best Web Frameworks.

It was encouraging to see so many people excited about what’s being ported over from Merb and the new options available to people who are currently limited by the existing stack. For those interested in pushing Rails further and doing stuff out of the norm, here are my slides. Arthur Zapparoli from Brazilian Rails squad recorded most of the talk and told me he will upload the video ASAP. You can also read Yehuda Katz’ blog which covers what he talked about.

Rails3: Stepping off of the golden path

It was really great to meet a lot of new people as well as people I only knew via IRC/IM/twitter.

It was a great honor to finally meet Dan Kubb (DataMapper), Ninh Hernandez-Búi & Hongli McLovin Lai (Phusion), Peter Cooper (RubyInside), Raimonds Simanovskis (Oracle adapter for AR), Arun Gupta (Sun/Glassfish),  Jeremy Hinegardner (crate), Michael Maxilien (IBM), Dana Jones (railsbridge), Zach Zolton & Geoff Buesing (CouchRest) and of course the Brazilian crew (lots of awesome .br guys came this year, I’m looking forward to RailsSummit) and last but not least, the French speaking crew (I’m glad to see Ruby is picking up back home). (I know I’m forgetting people… sorry about that)

It was also really nice to talk with some experts like Dave Astels, Aslak Hellesøy, Rich Kilmer, David Chelimsky, Ryan Brown, Derek Neighbors etc.. to get their feedback on various projects I’m working on.

Leaving Vegas, I feel like the Rails community is expanding quickly (it was the first RailsConf for 1/4 to 1/5 of the attendees) and that the community is organizing itself to welcome a new audience (better documentation, great initiatives like railsbridge.org, willingness to help), as well as trying to be more available to the ‘Enterprise’ world.

These feelings were enforced during our Rails Activism BOF and after talking with 3rd party developers and sponsors really trying to solve problems that newcomers to Rails are now facing. This is an exciting time.

, , , ,

2 Comments

Merb 1.0.10 (minor release)

Posted by Matt Aimonetti in News, merb on March 18th, 2009

We just pushed a really tiny update because of a bug in 1.0.9 affecting people using: Merb::Config[:max_memory]

Merb::Config[:max_memory] has been fixed and now polls for memory usage every 30s instead of 0.25s. (memory is set in KB)

This new version also uses DataMapper.repository instead of Kernel#repository (DM and Vlad related bug fix)


We are still on schedule for Merb 1.1 which is planned for early April. (If you install Merb from our edge server, the latest version should already be Ruby 1.9 compatible)

,

No Comments

Merb 1.1 roadmap

Posted by Matt Aimonetti in News, merb on March 2nd, 2009

Yesterday, Carl Lerche, Yehuda Katz and myself had a meeting to discuss Merb 1.1′s roadmap.

Key items on the agenda were:

  • Ruby 1.9
  • Mountable apps
  • migration path to Rails3

After spending some time arguing back and forth, we decided that few things had to happen before we could migrate the current slices to pure mountable apps. Freezing the releases while waiting to get that done doesn’t seem like a good idea.

Therefore, here is the plan for Merb 1.1:

  • Ruby 1.9 full compatibility (with the very appreciated help from Maiha and Genki (preview of their work there)). Because Merb depends on different gems, we also need to work with 3rd party developers to make sure Merb’s dependencies are Ruby 1.9 compatible
  • Merb helpers (fixes, enhancement and missing helpers)
  • Make Merb controllers, rack endpoints. This is a fully transparent change for the framework users. By making this switch, we offer more flexibility to the router (you can mount a sinatra app for instance) and we adopt the same approach as Rails 2.3 making the transition to 3 much easier and facilitating the implementation of mountable apps. Again, this is an internal change and you won’t have to change anything in your application.
  • Router optimization, Carl has been working on few tricks/optimizations for the router that will be available in 1.1
  • Namespacing. If we want to make every single application, a potential mountable app, we need to namespace our applications. This is something we already do with slices, but currently generated applications are not namespaced. We are planning on doing that for 1.1 (backward compatible) to make mountable apps easier.
  • ActiveORM. ActiveORM is an ORM abstraction layer developed by Lori Holden (AT&T interactive) which helps with helpers and other parts of your code accessing your ORM directly. For instance, the errors_for method need to be implemented differently depending on the underlying ORM. ActiveORM offers mapping for the 3 major Ruby ORMs: ActiveRecord, DataMapper and Sequel but let you hook to it if you want to extend ActiveORM to support your own ORM.

There is plenty to do but we decided to still try to have an expected release date: around the end of March. As always in the OSS world, this is something we hope for, not a promise ;)

What about Merb 1.2?

1.2 will focus on mountable apps and we hope to get started on a separate branch before we release 1.1. However, mountable apps are hard to spec and we need a better feedback from the community. Tell us what you like with slices and what you don’t like. Let us know how you would like the new mountable apps to work. Be as precise as possible. (you can leave a comment here or on the mailing list)

,

6 Comments

Meet the merbists: Hampton Catlin

Posted by Matt Aimonetti in Meet the merbists on January 6th, 2009

Meet today’s merbist: Hampton Catlin
I’m personally looking forward to seeing Hampton’s work migrated to Rails 3 in a few months.


Matt Aimonetti: Hi Hampton, could you please introduce yourself and tell us what you do for a living.
Hampton Catlin: I’m Hampton Catlin. I’m “The Haml Guy” as I’m apparently termed all the time when introduced. I’m an early Rails hacker who has done a lot more than Haml, but whatever. These days, I’m doing a ton of iPhone development and am currently heading Wikimedia’s efforts for a new mobile platform… based on Merb!


Matt Aimonetti: How did you get started with Ruby, what’s your background?
Hampton Catlin: Well, everyone is welcome to laugh. But Slashdot introduced me to Ruby. I got into it about two months before Rails because the hotness (it was an obscure project at the time) and I grabbed a copy of the Pickaxe and never looked back. Prior to that I was working a crappy job getting people coffee at a bank. And then prior to that I was doing research for Nasa at my university with Java beuwolf clusters. It sounds fancier than it was.


Matt Aimonetti: You chose to learn and use Merb, could you please let us know why and how that happened?
Hampton Catlin: I had known of Ezra for a while and Yehuda. And so when I heard about the project, I was very interested. At the time I was looking forward to using a “Rails Light”. Of course, we know Merb is much more than that, but that was the original attraction.

Also, at some point I got really upset by the use of global variables in both of the frameworks, so I did some major patching to Merb to change over to module based constants. Aka, Merb.root instead of MERB_ROOT. I was ranting about it enough that I decided to do something about it. Also, I did some patches that messed up Merb with some weird documentation stuff. Sorry, Ezra.


Matt Aimonetti: Do you have some Merb projects available online we can look at? what was your experience so far?
Hampton Catlin: My most successful iPhone app (which was recently purchased by Wikimedia) was an app to browse Wikipedia. I chose Merb because I knew that I wanted something a little more bare bones than Rails, and it turned out to be a really good choice. And now, I’m getting a chance to extend that work into an entire platform for Wikimedia mobile. I am still looking for help with it….

http://github.com/hcatlin/wikimedia-mobile/tree/master
Its not live yet with wikipedia, but that’s the code that you can help with! :)


Matt Aimonetti What is your favorite aspect of the Merb framework?
Hampton Catlin: Its modular design. Its as complex or as simple as you would like it to be. Also, its easy to run Haml, and the more people that use Haml, the harder my nipples get.


Matt Aimonetti Could you please mention an aspect of Merb you hope to see being improved in the near future?
Hampton Catlin: Honestly, everyone is wild about gems, but I’m not particularly. I find gem management a bit cumbersome. I’m most likely doing something wrong or not doing it the right way. But yeah, I still find it cumbersome. I’d like to pair the excellent Gem support with better library creation support. I think both are needed. I don’t want to throw stuff in my /lib folder or randomly in my project. I want some structure and some simplicity. Somewhere between plugins and base libraries. I think this is where Merb *could* shine.

Also, resource handling. I wrote make_resourceful for Rails and I keep needing to do something similar for Merb. m_r is not very popular because I haven’t really put much time into spreading the word. Mostly, I just use it. However, there are about 60 other Rails developers in the world that use it extensively. So, its a small, close-knit group of developers using the tool. And, I think something like it could be much more elegantly mixed into Merb. Obviously its a plug-in, but I think its a low hanging fruit. “current_object” as a method should ALWAYS be around when its logical.


Matt Aimonetti Thank you for your time. Anything else you would like to add?
Hampton Catlin: Buy my book. Buy my book. Buy my book. Buy my book. Buy my book. Buy my book. Buy my book. Buy my book. Buy my book. Buy my book. Ok, not really. My book isn’t very good. But, I just wanted to make a “The Critic” reference.


, , ,

7 Comments

Presenting the Rails Activists

Posted by Matt Aimonetti in News, rails on January 5th, 2009

Today is Monday. I usually don’t like Mondays.
Being Monday goes with waking up early, going back to work, and lots of deadlines.

However, today is a special Monday. It’s the first Monday of the year and I have a special announcement!

During the Rails/Merb merge announcement, it was mentioned that I will be joining the soon to be created “Evangelism team”.

A few people asked me what being a “Rails Evangelist” means. To reassure my parents and close friends, no, I didn’t join a new cult worshiping locomotives. However, I still think that public transportation should be improved, especially in this time of crisis (but that’s a different topic).

A technical evangelist, is usually someone who knows and uses a specific technology and thinks others should look into it. This is something I’ve been doing for Merb while being part of the core team. I initiated and helped organizing MerbCamp, re-did the wiki, started working on the merb-book, spent time looking for and listening to users, spent time with third party developers and people pushing Merb to a new level (YellowPages, Wikimedia and many others).

This interaction with the end users and the third party developers is something the entire Merb team valued a great deal and I always felt it was something the community really appreciated.

As part of the merge, it was agreed that we would push things further and have a team within the Rails team to take care of “communication”. Rails is a bigger project than Merb and communication between the dev team and the users isn’t always something easy to do.

That’s why we have formed a separate team that will help communicate and support the community better. We now even have an official page on the Rails website itself :)

The Rails Activists

The A-Team just got announced on the Rails blog.

Instead of being called “evangelists”, we are going to be called “activists”. I think part of the argument was that the E-Team doesn’t sound as good as the A-Team.

We started with team of 4. You might not know them yet but they all are brilliant people and I’m really glad to be working with them.






Gregg Pollack, from Rails Envy. You might remember Gregg from the Rails vs * commercials or from the Rails Envy podcasts. I’ve known Gregg for a little while and he’s someone you can rely on and always full of energy/new ideas.



Ryan Bates, mainly known for his Railscasts. I only met Ryan once in person, but I’ve always been impressed by his work (don’t tell anyone, but I secretly dreamt of having something like Railscasts but for Merb :) )


Mike Gunderloy. I actually did not know Mike but I have read and enjoyed his blog and have seen his work on the Rails guides. Mike is an experienced writer and developer. He joked the other day saying that he started programming before any member of the Rails team was even born. Mike is a great addition to the team and I’m looking forward to learning from his experience.

Gregg and Ryan also covered the event, you might want to check their blog posts (Gregg’s and Mike’s)

So what are we going to do?

Pretty simple. We’ve boiled it down to 2 sentences:

The mission of the Rails Activists is to empower and support the worldwide network of Ruby on Rails users. We do this by publicizing Rails, making adoption easier, and enhancing developer support.

if you prefer a few more details, here are some of the tasks we are going to work on:

  • Public Relations with media of all sizes
  • Ombudsman work to ensure good user-to-user support
  • Community Leadership at events and conferences
  • Media Organization to help create good promotional opportunities
  • Website maintenance
  • Documentation efforts
  • Developer support

Do we need help?

Absolutely! The idea is not that we are going to do all the work. The concept of this new team is to help organize the community. We are going to build a Rails Network, a network of people involved in local Rails “evangelism”/activism, people contributing and/or translating documentation, third part developers etc…

First thing would be to join the mailing list and share your suggestions, comments, concerns, etc., with us.

Secondly, we have already set up some forums to hear your feedback.

To start off, we are asking people to let us know what they would like to see happening in the Rails3 timeframe.
We have other forums for more general feedback, but we need to work with deadlines so we can prioritize accordingly. Using the Rails3 milestone should help us focus on a short/medium term deadline. Long term and not specific suggestions are welcome in the other forums.

Finally, contact us. You can find multiple ways to do so on the activism team web page.

, , , , ,

6 Comments

latest Merb and Rails 3.0 news

Posted by Matt Aimonetti in News, merb, rails on December 29th, 2008

Basically, the work started, we are getting familiar with the rails code base and are optimizing things slowly but surely with a focus on testing JRuby. The Merb router is being optimized and ported over to Rails 3.0. Rails and Merb developers will be able to stick to their DSL (so we stay backward compatible). Merb bootloader is also being ported over without breaking the backward compatibility. Finally, ActiveSupport is being broken down in more manageable/independant chunks so people will be able to pick only what they want to use. A “mini” version is also on the work.

  • Merb 1.0.7 got released yesterday with a bunch of bug fixes.
  • merb_sequel 1.0 should be released sometime this week and i’m planning on adding rails i18n syntax support to merb_babel.

,

5 Comments