Blog

I’ve start designing an access control system for an application and at the moment i ended up with
A/RECON that stands for:

A – Admin
R – Read
E – Edit
C – Custom
O – Owned
N – None

In theory each application has resources, that can each have infinite level nested resources. Selecting a type of access for one resource will apply that access to the children resources as well.

ADMIN (A) will allow access to configuration options for a resource and children plus all other types.

CUSTOM (C) will delegate access control to the first level children resources.

OWNED (O) provides Read & Edit access to resources created by the user.

EDIT (E) provides create, update, delete for a resource.

In the next step i will test this into the code world.

Scenario: A grid with a checkboxcolumn that does fire afteredit event when the checkbox is checked or unchecked.

var cellEditor = Ext.create('Ext.grid.plugin.CellEditing', {
            listeners : {
                afteredit : function(e, v) {
                    var record = v.record;
                    console.log(record);
                 }

            ......

var grid = Ext.create('Ext.grid.Panel', {
            plugins : [cellEditor],
          .....
            columns : [
             {
              xtype : 'checkcolumn',
              dataIndex: 'visible',
              listeners : {
                checkchange : function(column, recordIndex, checked) {
                    // force selection of the clicked row
                    grid.getSelectionModel().select(recordIndex);
                    // construct Event Object, could not find any
                    // method to retrieve it at this point
                    e = {
                         grid : grid,
                         record : grid.getSelectionModel().getSelection()[0],
                         field : 'visible',
                         value : checked,
                         rowIdx: recordIndex,
                         colIdx : column.getIndex()
                        };
                     cellEditor.fireEvent('afteredit', this, e)  ;
        .......

In this case server app is returning JSON with different integer codes, that need to be presented in a human format in a grid (for example 0 = not authorized, 1 = administrator, etc…).
It can be done on the server before sending the data to the client, however considering the pressure on the server i wanted to have a clean fast json render from select and process the rest client side.

It can be done by the grid panel using renderer: function() for the column, and groupHeaderTpl: templating for grouping, or do it right in the model: add a new column inside the model, with the translated value that will be displayed on the gridpanel.

Ext.define('App.model.Right', {
    extend: 'Ext.data.Model',
      fields : [ 'id', 'name', 'email', 'user_right',

       // create a new field
         {
          name: 'grid_user_right',
          convert: function(v, record) {
            return App.model.Right.renderRights(record.data.user_right);
            }
          }
       // end create field
    ],
    proxy : {
                    .....
        },

   // static function used for translation, can be also global
    statics: {
        renderRights: function(value) {
         switch(value){
             case '0': return 'Not Authorized';
             case '1': return 'Administrator';
              ......
         }
        }
    },
});

Conclusion:

It did took some time to find this two, in the overwhelming information present
on both provider websites:

Facebook API:

https://developers.facebook.com/apps
It accepts IP address as host URL for development.

Google API

https://code.google.com/apis/console
Services Tab > Google+ API > Enable
It does not accept IP address for redirect after authorization
but it accepts localhost, than I setup localhost on my computer
to point to the development server for testing.

Ruby on Rails and routes will cause unexpected results for some parameters sent trough
get requests, for example email address, in this case a part of the parameter will be lost
because of the dot :

GET /controller/abcd@abcd.com
params[:email] will be  abcd@abcd

Encoding the parameters to alphanumeric strings is a solution that can
generate nicer strings and even obfuscate sensitive information in the url.

# encoding the email
<%= link_to('Link', route_path(:email => user.email.unpack('H*'))) %>
# the result will be : /path/6565656540656565652e636f6d

# decoding the email:
email = params[:email].split.pack('H*')

Finally i decided to make a new project with Ror. I admit at start it seemed a bit complicated to setup the environment for that (coming from the usual php/apache/mysql) but after getting used to it, the process is simple.

Beside the simple logic and structure, I am amazed by the available documentation, code examples, gems and even video tutorials available.

Making web apps with Ruby turns programming into more of a puzzle solving game, where you just take the pieces and put them toghether.

Inspired by Dub Fx Flow.

Saving the setup procedure here for future reference ^^

Update 30-March-2012:
Due to printing problems from windows machines through Samba, I had to modify printer in cups
administration panel to use Raw driver and Raw Queue instead of the Xerox ones.

Download ubuntu driver:

wget http://download.support.xerox.com/pub/drivers/6000/drivers/linux/en_GB/6000_6010_deb_1.01_20110210.zip

Unzip and install the driver:

unzip 6000_6010_deb_1.01_20110210.zip && cd deb_1.01_20110210/

sudo dpkg -i xerox-phaser-6000-6010_1.0-1_i386.deb

Use CUPS admin (server:631) to add the new printer in the system.

Setup samba acces for printers:

[printers]
comment = All Printers
path = /var/spool/samba
public = yes
printable = yes
guest ok = yes
browseable = yes
writable = no
use client driver = Yes  # Required for windows machines that get Authorization failed message