Building your own permission system in ruby on rails.

If you're like me and have a application that's growing into a fairly complex application and certain pages are only accessible to certain users/groups then the best way to keep track of your permissions is to generate a permissions model to store the permissions data. This article is a step by step guide to creating a fully functioning permissions that should suit your applications needs.

Step 1, Create the UserPermission model.

script/generate model UserPermission controller:string action:string id_of_object:integer t.integer person_id:integer

You may or may not want to delete the t.timestamps out of the migration that was created for you in db/migrate (should be your newest migration, eg. 20100401043834_create_user_permissions.rb) as I don't feel timestamps are necessary for this type of data.

In your User model add:

has_many :user_permission

In your UserPermission model add:

belongs_to :person
validates_presence_of :controller
validates_presence_of :action
validates_presence_of :id_of_object
validates_presence_of :person_id

Step 2, Implement your before_filter method
Note you must already have your own method to access the current user to complete this step.

In this code example we access our current user with the @user variable (which in my code this is defined in a before_filter that executes on every page)

In app/controllers/application_controller.rb, write the following. I wrote mine under private.
def require_permission

   p =  = @user.user_permission.first(:conditions => "controller = '%s' and (action = '%s' OR action = '*')" % [params[:controller], params[:action]])

    if params[:id] and p

      unless p.id_of_object == params[:id].to_i or p.id_of_object == 0

        p = false

      end

    end

    unless p

      flash[:notice] = "Permission Denied"

      redirect_to :controller => 'people'

    end

end

Step 3, Implement

Add a before_filter :require_permission anywhere where you want this to execute.

Now lets create some permissions, I do this in my app console with the following code but you may create your own view from here to do this.

script/console production in your app directory to access console for your production environment (remove production for development environment)

Then type this:

p = @user.user_permission.new(:controller => 'posts', :action => '*', :id_of_object => 0); p.save

This will give you access to all objects and all actions for posts. * is a wildcard for :action and 0 is a wildcard for :id_of_objects, you can set this to something specific like :action => 'new' or set the :id_of_object to a specific number.

Anyways hope this helps, if any questions feel free to ask!

Music Video: Electric Feel

MGMT - "Electric Feel" Music Video

I thought this was one of the most creative music videos I have seen in a while. What you think? Leave comments please!

Website Development, The Do's and Don'ts.

DO use frameworks.
Frameworks is the serious shit. If you're going into any project, or any task, and you're building it around a framework, you're construction process will always go more smoothly, from CSS frameworks (960.gs, Blueprint), to web application frameworks, such as Django (Python), CakePHP (PHP), Rails (Ruby).
You'll be working with an environment that helps you worry less about structure and standards and focus on the development.
DO write validated HTML.
If you aren't doing this, you'll be shamed upon by anyone looking at your source. You should care because search engines care; however, even writing validated html does not necessarily mean you're writing meaningful html.
DO write meaningful HTML.
Doing <h1><img src="/imgs/mylogo.jpg" /></h1>. Well knock it off. To a computer it means the image link is the header of your page. Instead, do <h1>My Site Name</h1> then add some css style to the h1 tag like, say you wanted to replace that with an image, you could add the attributes: display:none; background:url('/imgs/mylogo.jpg'). If you're writing your html and thinking about the design at the same time, you're simply not doing it right. Instead, just write the content out. Use <h1>s, you may use <div> to split up some sections, or you should use <p> to wrap around your text. Then when you're done with that you add the css attributes to the base tags first. Then follow on with classes for specific detailing. A good example of displaying your page header would be scribefire's homepage.
DO be enthusiastic.
If you want your site to do well, then think about it, be creative, think of different ways to improve your site. Think about your readers wants. Try to get feed back and always challenge yourself. If you wanted to do something in ajax, write down specifically what you're trying to achieve and learn it (Trust me it's not that hard). You're living in an information age, if you feel held back by knowledge, you're not taking advantage.
DON'T get too enthusiastic.
But you can't be too enthusiastic, see when you're researching, you're not really constructing anything. The only way for your site to change, or at least it's core attributes can be your doing. And if you spend too much time researching but not enough time developing, you start to wander too far off and never get anything done due to losing a sense of direction. Try to be focused. Write down a requirement and fulfill it. One requirement at a time. So if you need a comment system but want your users to sign in first. Make the user controller first, and create the log in page. By breaking down the things that you can become more focused on a specific task.
DON'T design sites with flash.
Don't use flash for design purposes. You might think it's cute, or cool. It's not, in fact it's fucking annoying, it wastes my memory, Flash is proprietary and it's support outside of Mac and Windows is pretty shit. You make your site unvisitable from my PHONE. If you have a application that you developed, like a video player or something, then by all means, use it. But if putting flash on your site to represent a menu which doesn't do anything but have a couple hyper links then why are you using flash? Flash is not fast, flash isn't truly re sizable. Flash is one of those things that you should really want to use less of. Adobe hyped you kids up to make you think it was the shit, it really isn't.

Firefox 3.5 is amazing.

I know my title seems like it's lacking creativity, but I was just being honest. I had to go through 5 minutes of instructions on how to install the firefox 3.5 package for Ubuntu but it wasn't too troublesome. You just needed to goto Mozilla's personal repository and then follow the instructions from there on.

After installing you'll notice not much has change. In fact, everything but the new tab button seems pretty much the same.

But under the hood is where the new firefox 3.5 just shines.

No more render hick-ups, no more rough scrolling, everything is just fast.

Web pages render incredibly fast. And from what I've heard, Firefox implements state of the art standards from the world wide web and is really just a showcase of how powerful the open-source community is.

DotA HK logo

So I woke up this morning, and I normally sleep with either my girlfriend in my bed or my laptop in my bed. I can't really say which I prefer sleeping with more, but today I woke up thinking about DotA.HK, now I'm a guy who always has a idea but sometimes never takes the time to fully implement them so I decided to take a look at my past work on various web projects, turns out I had some pretty cool stuff ready made for the DotA.HK logo. Take a look!

Personas for Firefox

Don't really like using themes to change the look of your Firefox?
Want something refreshing? Try Mozilla's new personas!

It's a very cool Firefox add on which allows you to easily change your browser's "clothes".

JGhostInfoceptor project started, and open source.

Yes, I've decided to open-source my GhostInfoceptor and have disbanded the original GhostInfoceptor which was written in Python and renamed it as JGhostInfoceptor written in (yep you guessed it) Java.

So far I'm very pleased with how Java deals with buffers and it's garbage collection. It parses the log file very quickly and I believe it could be quite easy to make this application multi-threaded if I needed to.

Anyways I am using GIT for the distributed version control system as I really like it's philosophy and helps me keep track of everything quite easily.

You're all welcome to fork my repository and start making your improvements to propose and I will gladly take the time to consider third-party improvements.

JGhostInfoceptor Repository link