New year, new VPS, new blog software. I was going to follow the path of least resistance and just get wordpress set up here, since that’s what I used to use, but somewhere in the thick of nginx+FastCGI PHP configuration I just got sick of it all.
So, for something a little different, I’m giving Octopress a try. Ruby-powered static publishing – what’s not to like?
Beware; there is a lot of enterprisey phraseology thrown around this space. In my more cynical moments I wonder if there’s a there there, or just a bunch of selling. One challenge is that it is often unclear what people mean when they use a phrase such as “Digital Asset Management”, “Enterprise Content Management”, or even good ol’ “Content Management”. Wikipedia’s ECM page seems like a good overview of what I take to be the bigger problem space.
I do tend to wonder how many of these /(asset|content) management/ problems could be solved with free accounts at tumblr or wordpress.
One minor surprise is the meagre availablity
If you are using the phrase “Digital Asset Management” in its more tightly defined sense, there are a plethora of existing software solutions, many of which are open source. Of the latter, most tend to be written in XML java, with some php options too. Pardon me while I stifle my enthusiasm.
Poking around did reveal one python-based option: NotreDAM. The sense of humor is appreciated in this space. It doesn’t look like the project is super established yet but it looks promising.
Disclaimer: this may be completely obvious to front end wizards, of which I am not.
I ran into an elusive AJAX gotcha the other day: whenever I hit the ‘back’ button after completing a certain task on a current project, rather than see the page I’d just been on, I got a raw JSON payload that had been requested by that page. After some trial and error I think I’ve figured out what was going on:
As I gather, when a given URL (let’s say /foo) is requested normally by the browser and then via JSON, the browser decides to remember the last version it saw, which happens to be the JSON payload. This might happen in a Rails application if you had a controller method behaving differently based on request.xhr? So when you click ‘back’, rather than your finely crafted HTML and CSS, the browser returns tag soup. Not cool. I guess I’ve never run into this before since I’ve never before had an app with the sequence of GET /foo, GET /foo (the latter asking for JSON rather than HTML).
If you’re requesting the JSON via jQuery, a solution is straightforward. Setting the cache argument to false prevents the browser from overwriting the full HTML version of the page in its history. See http://api.jquery.com/jQuery.ajax/ for more.
The Refinery CMS is apparently the most used chunk of CMS code in the rails ecosystem. Version 1.0 came out recently, and one of the recent changes involved the authentication system. Previously, Refinery had bundled authlogic; now it’s using Devise.
If you’re not doing anything worth testing on the admin side, the authlogic / Devise switch doesn’t make a difference. Still, there is one snag to overcome even in functional tests of your public code: a Refinery installation will direct all requests to a screen for creating the initial user, until said superuser is created. This applies as much to your empty test database as to a newly created Refinery site.
An admin user needs to exist, but doesn’t have to be logged in. The default admin has roles ‘Refinery’ and ‘Superuser’, so I create such a user via factory_girl 1:
Then within functional classes, we simply need to create that user:
def setup
admin = Factory.create(:user)
end
If you want to check admin-side code in functional tests, the admin user needs to be logged in. I had a solution under the old setup, but had to make a few changes after the move to Devise. Here’s what’s working now:
1: well, factory_girl_rails is needed for rails 3, and it includes factory_girl. The stable version of factory_girl, which has a different syntax than the master code you’d see at the factory_girl github page. Confusing!
I’ve been working with a sizable open source project hosted on subversion lately, and cringing at how long it took to just run svn status or svn diff to verify my local changes. Also not enjoying the need to do stuff like
diff -Nrc -x '.svn' -x target v1.6 local_16/ > ../local_changes.diffto capture my changes between upstream releases.
Better late than never, I spent a few minutes this week getting the project mirrored on GitHub, thanks to pointers from the following two resources. I’d say it’s already paid off in time saved in just the two days since.
True, there is a vim plugin that provides JSON syntax highlighting, but why not just use the existing javascript rules? Respect to Christopher Sexton.
Twitter followers, you may have noticed that I’ve been reading Gary Taubes’ Good Calories, Bad Calories
GCBC is the result of five years of reasearch on Taubes’ part (he’s a science journalist by trade), and weighs in at 460 pages, plus 113 pages of footnotes. It covers the last 100 years of medical and scientific thinking on the connections between food and health, focusing particularly on what aspects of diet may lead to overweight, diabetes, and heart disease.
I despair a bit at summarizing these 460 pages of reasonably technical science history (very readable, I will add). As a teaser, I will say that one major surprise is the all but complete lack of evidence behind the low-fat diets commonly advocated. Another shocker is Taubes’ dismantling of the “calories in, calories out” equation, eg. “you lose weight if you burn more calories than you consume, and vice versa”. I’d always been a firm believer in that equation, but not any more.
While I seem to have been blessed with a genetic makeup that resists putting on extra weight (thanks mom & dad!), having my beliefs about the connections between food and health upended is still quite an experience, and it’s one that other naturally lean folks would benefit from too. If nothing else, my sympathy and understanding for people who do wrestle with the “diseases of civilization” is much greater now.
Say you’re hosting a refinerycms site on Heroku, and would like to rewrite all admin access to use Heroku’s free piggyback SSL.
Say also that you have a few different environments, accessible via your own domain (http://mysite-dev.mydomain.com). The following in your application controller seems to do the trick:
If you get the error undefined method `application' for Sinatra:Module and your config.ru includes the line run Sinatra.application, try changing that to run Sinatra::Application and it should actually work.
(via http://www.sinatrarb.com/one-oh-faq)
Background: looking at going to a Voice Over IP phone system at work. Wondering if Massachusetts’ new law about information security applies.
Why it might not: a potential (MA based) vendor we’re talking to says
We’ve not been asked this before and about 201 CMR 17 Compliance and IÂ don’t particularly think it applies to our VoIP, or VoIP in general
Why it might: Section 17.04 qualifies the applicability of the rule to
Every person that owns or licenses personal information about a resident of the Commonwealth and electronically stores or transmits such information shall include…a security system covering its computers, including any wireless system
Like just about any business, we definitely transmit personal information over our phone system, so I think the technical / legal question is whether an electronic phone system of the type in question is covered under the “its computers” phrase.
Stepping back from the legal to the practical, however, it seems fair to expect reasonable information security from our communications systems, including VOIP. At least in its intent, I think that’s what 201 CMR 17 is after. VOIP is still new enough that I suspect many prospective customers (like us!) aren’t quite sure what constitutes a reasonably secure installation, though we sense that there are all kinds of potential attack vectors not present in POTS.