Tony Amoyal

Rails Authentication with Devise and CanCan – Customizing Devise Controllers

Tony — Wed, 28 Jul 2010 16:34:17 +0000

I’m tired of spending loads of time creating user authentication systems with permissions or swimming against the current to customize what’s available. There’s great open source stuff out there but until now, I haven’t gotten the full package with really easy customization.

The Devise and CanCan combo for user authentication and permissions in Rails is my combo of choice.

With Devise and CanCan, you can create a customized authentication and registration process in 15 minutes, and spend another 15 minutes implementing roles and permissions.

It’s pure beauty.

Note that the code here uses Rails 3. The difference in Rails 3 and Rails 2 code for this purpose should be minimal, but please refer to the documentation for differences.

Let’s start with authentication using devise.

Step 1 – Installation

gem install devise
rails generate devise:install
rails generate devise user

Step 2 – Configuration
Configuration is super easy with Devise. Just choose which of the 11 available modules you would like to include in your authentic model (most up-to-date list here):

Database Authenticatable: encrypts and stores a password in the database to validate the authenticity of an user while signing in. The authentication can be done both through POST requests or HTTP Basic Authentication.
Token Authenticatable: signs in an user based on an authentication token (also known as “single access token”). The token can be given both through query string or HTTP Basic Authentication.
Oauthable: adds OAuth2 support
Confirmable: sends emails with confirmation instructions and verifies whether an account is already confirmed during sign in.
Recoverable: resets the user password and sends reset instructions.
Registerable: handles signing up users through a registration process, also allowing them to edit and destroy their account.
Rememberable: manages generating and clearing a token for remembering the user from a saved cookie.
Trackable: tracks sign in count, timestamps and IP address.
Timeoutable: expires sessions that have no activity in a specified period of time.
Validatable: provides validations of email and password. It’s optional and can be customized, so you’re able to define your own validations.
Lockable: locks an account after a specified number of failed sign-in attempts. Can unlock via email or after a specified time period.

I chose 5 of the 11 modules and configured with the following code:

# In your model
 class User < ActiveRecord::Base
    devise :database_authenticatable, :confirmable, :recoverable, :rememberable, :trackable, :validatable
end
 
# In your migration
create_table :users do |t|
    t.database_authenticatable
    t.confirmable
    t.recoverable
    t.rememberable
    t.trackable
    t.timestamps
end
 
# In your routes
devise_for :users

Step 3 – Use It!

# In your controllers
before_filter :authenticate_user!, :except => [:some_action_without_auth]
# Access Current User
def index
    @things = current_user.things
end

This simple modular approach to authentication is hot. Devise also makes it really easy for you to customize views. The out-of-the-box views are great for prototyping, but if you need more, just generate the views and edit them:

rails generate devise:views

Devise will generate all of the views it is using and place them in an app/views/devise directory. Now you have complete control over your views.

The next thing you might want to do is customize your controllers. This is a bit more tricky with devise and we’ll get to that in a minute. Right now I want to touch on permissions and then I’ll tie it all together.

Let’s consider an example where your website is in Alpha/Beta or maybe an internal tool. You want to restrict user registration to only an administrator. Enter CanCan created by Ryan Bates.

CanCan

CanCan is a great gem for implementing model permissions. The main reasons I chose CanCan are:

The code written to check permissions is very readable
The code written to declare permissions is very concise and readable
It keeps permission logic in a single location so it is not duplicated across controllers, views, etc.
Aliasing actions (read = index and show) creates more concise and readable code

Ryan Bates has a great screen cast on using CanCan here, but I do not recommend using his roles mask method (mentioned in the screen cast). It certainly works but it’s bad database design and you will feel the pain later.

After you install CanCan (instructions here), I recommend you set up a typical users HABTM roles relationship. So you end up with migrations that look like this:

class CreateRoles < ActiveRecord::Migration
  def self.up
    create_table :roles do |t|
      t.string :name
      t.timestamps
    end
  end
 
  def self.down
    drop_table :roles
  end
end
 
class UsersHaveAndBelongToManyRoles < ActiveRecord::Migration
  def self.up
    create_table :roles_users, :id => false do |t|
      t.references :role, :user
    end
  end
 
  def self.down
    drop_table :roles_users
  end
end

And your models look like this:

# User Model
class User < ActiveRecord::Base
  has_and_belongs_to_many :roles
....
# Role model
class Role < ActiveRecord::Base
  has_and_belongs_to_many :users
end

The next step is to create your Ability class that will define permissions. Mine looks like this:

class Ability
  include CanCan::Ability
 
  def initialize(user)
    user ||= User.new # guest user
 
    if user.role? :super_admin
      can :manage, :all
    elsif user.role? :product_admin
      can :manage, [Product, Asset, Issue]
    elsif user.role? :product_team
      can :read, [Product, Asset]
      # manage products, assets he owns
      can :manage, Product do |product|
        product.try(:owner) == user
      end
      can :manage, Asset do |asset|
        asset.assetable.try(:owner) == user
      end
    end
  end
end

Most of this is application specific but you can see some conveniences right away. For example, the super admin role “can manage all”. That line is saying “If the user has the super_admin role, he may perform any action on any model.” Easy enough. Also notice that the product team can “read” products and assets. This means that they can access the index or show action of either of those models. You can pass a block to the can method for more complicated permission checks, but that is beyond the scope of this post and pretty easy to figure out.

Let’s take a look at the role method. I store role names as CamelCase strings in the database but I access them with underscores which is more ruby like. The method looks like this:

def role?(role)
    return !!self.roles.find_by_name(role.to_s.camelize)
end

Tying it all together

Now let’s go back to the situation I mentioned earlier – you want to protect user registrations. This requires us to use CanCan to check for permissions but customize the Devise Registrations controller to restrict access.

One way to do this is to copy the devise controllers into your controllers directory and start customizing. That may be the best way to go and it’s certainly an obvious path, but all I want to do restrict registration. Should I really have to re-implement the registrations controller to do that? For now, I will not. It might make sense when there are more customizations. Instead I inherit from the Devise Registrations controller. Here are the steps:

Step 1 – Create the controller
$ mkdir app/controllers/users
$ touch app/controllers/users/registrations_controller.rb

Step 2 – Add the custom functionality

class Users::RegistrationsController < Devise::RegistrationsController
  before_filter :check_permissions, :only => [:new, :create, :cancel]
  skip_before_filter :require_no_authentication
 
  def check_permissions
    authorize! :create, resource
  end
end

The check permissions method is really simple. It calls the CanCan method, authorize!, and checks if the current user can create users. We use resource here because devise uses resource to refer to the model that can be authenticated. Also notice how I removed the require_no_authentication filter, a Devise filter which allows access to actions without authentication.

Step 3 – Tell your routes to go to the new controller

# replace devise_for :users with:
devise_for :users,  :controllers => { :registrations => "users/registrations" }

Step 4 – Handle the CanCan::AccessDenied exception
At this point if you hit the users/sign_up page when not logged in, you will notice that a CanCan::AccessDenied is thrown. This exception is thrown anytime permission is denied so you should customize it to your liking. I put the handler in my ApplicationController:

class ApplicationController < ActionController::Base
  ...
  rescue_from CanCan::AccessDenied do |exception|
    flash[:error] = exception.message
    redirect_to root_url
  end
  ...
end

I realize I skipped some steps in here but this post + Devise documentation + CanCan documentation should help you set up authentication with roles and permissions very quickly. Let me know if you have any questions. Enjoy!

Safely turn off Spotlight and remove from menu bar in OS X Snow Leopard

Tony — Thu, 17 Jun 2010 17:55:13 +0000

I don’t like the Spotlight indexing and search that is included in Mac OS X. I use Quicksilver instead but have been procrastinating turning off Spotlight.

Well I finally got around to disabling Spotlight and wanted to go about it in a safe way. I came across too many forum posts doing dangerous things to disable Spotlight. I also wanted and easy way to remove it from the menu bar. Below are aliases I added to my bash profile to conveniently enable and disable spotlight. I am not a bash scripting master, so feedback is welcome and appreciated.

Step 1 – Add aliases
Open your bash profile (location: ~/.bash_profile ) and add these lines:

alias spotlight-off='sudo mdutil -a -i off && sudo mv /System/Library/CoreServices/Search.bundle/ /System/Library/CoreServices/SearchOff.bundle/'
alias spotlight-on='sudo mdutil -a -i on && sudo mv /System/Library/CoreServices/SearchOff.bundle/ /System/Library/CoreServices/Search.bundle/'

Step 2 – Source your bash profile

source ~/.bash_profile

Step 3 – Run command
In your shell, run

$ spotlight-off

Step 4 – Restart SystemUIServer Process

$ ps aux | grep SystemUIServer.app
# take note of the PID which is the first number you will see
$ kill -HUP <insert PID here>

You could potentially restart your computer instead of performing Step 4, but that is inconvenient. Let me know if you have any comments or a nice way to include everything in one script. I didn’t have time to condense this process further.

Country Seed Data for your Rails App

Tony — Tue, 15 Jun 2010 19:49:35 +0000

Never go looking for basic country seed data again:

[
  { :name => 'Afghanistan', :iso_two_letter_code => 'AF' },
  { :name => 'Aland Islands', :iso_two_letter_code => 'AX' },
  { :name => 'Albania', :iso_two_letter_code => 'AL' },
  { :name => 'Algeria', :iso_two_letter_code => 'DZ' },
  { :name => 'American Samoa', :iso_two_letter_code => 'AS' },
  { :name => 'Andorra', :iso_two_letter_code => 'AD' },
  { :name => 'Angola', :iso_two_letter_code => 'AO' },
  { :name => 'Anguilla', :iso_two_letter_code => 'AI' },
  { :name => 'Antarctica', :iso_two_letter_code => 'AQ' },
  { :name => 'Antigua And Barbuda', :iso_two_letter_code => 'AG' },
  { :name => 'Argentina', :iso_two_letter_code => 'AR' },
  { :name => 'Armenia', :iso_two_letter_code => 'AM' },
  { :name => 'Aruba', :iso_two_letter_code => 'AW' },
  { :name => 'Australia', :iso_two_letter_code => 'AU' },
  { :name => 'Austria', :iso_two_letter_code => 'AT' },
  { :name => 'Azerbaijan', :iso_two_letter_code => 'AZ' },
  { :name => 'Bahamas', :iso_two_letter_code => 'BS' },
  { :name => 'Bahrain', :iso_two_letter_code => 'BH' },
  { :name => 'Bangladesh', :iso_two_letter_code => 'BD' },
  { :name => 'Barbados', :iso_two_letter_code => 'BB' },
  { :name => 'Belarus', :iso_two_letter_code => 'BY' },
  { :name => 'Belgium', :iso_two_letter_code => 'BE' },
  { :name => 'Belize', :iso_two_letter_code => 'BZ' },
  { :name => 'Benin', :iso_two_letter_code => 'BJ' },
  { :name => 'Bermuda', :iso_two_letter_code => 'BM' },
  { :name => 'Bhutan', :iso_two_letter_code => 'BT' },
  { :name => 'Bolivia', :iso_two_letter_code => 'BO' },
  { :name => 'Bosnia and Herzegovina', :iso_two_letter_code => 'BA' },
  { :name => 'Botswana', :iso_two_letter_code => 'BW' },
  { :name => 'Bouvet Island', :iso_two_letter_code => 'BV' },
  { :name => 'Brazil', :iso_two_letter_code => 'BR' },
  { :name => 'British Indian Ocean Territory', :iso_two_letter_code => 'IO' },
  { :name => 'Brunei Darussalam', :iso_two_letter_code => 'BN' },
  { :name => 'Bulgaria', :iso_two_letter_code => 'BG' },
  { :name => 'Burkina Faso', :iso_two_letter_code => 'BF' },
  { :name => 'Burundi', :iso_two_letter_code => 'BI' },
  { :name => 'Cambodia', :iso_two_letter_code => 'KH' },
  { :name => 'Cameroon', :iso_two_letter_code => 'CM' },
  { :name => 'Canada', :iso_two_letter_code => 'CA' },
  { :name => 'Cape Verde', :iso_two_letter_code => 'CV' },
  { :name => 'Cayman Islands', :iso_two_letter_code => 'KY' },
  { :name => 'Central African Republic', :iso_two_letter_code => 'CF' },
  { :name => 'Chad', :iso_two_letter_code => 'TD' },
  { :name => 'Chile', :iso_two_letter_code => 'CL' },
  { :name => 'China', :iso_two_letter_code => 'CN' },
  { :name => 'Christmas Island', :iso_two_letter_code => 'CX' },
  { :name => 'Cocos (Keeling) Islands', :iso_two_letter_code => 'CC' },
  { :name => 'Colombia', :iso_two_letter_code => 'CO' },
  { :name => 'Comoros', :iso_two_letter_code => 'KM' },
  { :name => 'Congo', :iso_two_letter_code => 'CG' },
  { :name => 'Congo (DRC)', :iso_two_letter_code => 'CD' },
  { :name => 'Cook Islands', :iso_two_letter_code => 'CK' },
  { :name => 'Costa Rica', :iso_two_letter_code => 'CR' },
  { :name => 'Cote d\'Ivoire', :iso_two_letter_code => 'CI' },
  { :name => 'Croatia', :iso_two_letter_code => 'HR' },
  { :name => 'Cuba', :iso_two_letter_code => 'CU' },
  { :name => 'Cyprus', :iso_two_letter_code => 'CY' },
  { :name => 'Czech Republic', :iso_two_letter_code => 'CZ' },
  { :name => 'Denmark', :iso_two_letter_code => 'DK' },
  { :name => 'Djibouti', :iso_two_letter_code => 'DJ' },
  { :name => 'Dominica', :iso_two_letter_code => 'DM' },
  { :name => 'Dominican Republic', :iso_two_letter_code => 'DO' },
  { :name => 'Ecuador', :iso_two_letter_code => 'EC' },
  { :name => 'Egypt', :iso_two_letter_code => 'EG' },
  { :name => 'El Salvador', :iso_two_letter_code => 'SV' },
  { :name => 'Equatorial Guinea', :iso_two_letter_code => 'GQ' },
  { :name => 'Eritrea', :iso_two_letter_code => 'ER' },
  { :name => 'Estonia', :iso_two_letter_code => 'EE' },
  { :name => 'Ethiopia', :iso_two_letter_code => 'ET' },
  { :name => 'Falkland Islands', :iso_two_letter_code => 'FK' },
  { :name => 'Faroe Islands', :iso_two_letter_code => 'FO' },
  { :name => 'Fiji', :iso_two_letter_code => 'FJ' },
  { :name => 'Finland', :iso_two_letter_code => 'FI' },
  { :name => 'France', :iso_two_letter_code => 'FR' },
  { :name => 'French Guiana', :iso_two_letter_code => 'GF' },
  { :name => 'French Polynesia', :iso_two_letter_code => 'PF' },
  { :name => 'French Southern Territories', :iso_two_letter_code => 'TF' },
  { :name => 'Gabon', :iso_two_letter_code => 'GA' },
  { :name => 'Gambia', :iso_two_letter_code => 'GM' },
  { :name => 'Georgia', :iso_two_letter_code => 'GE' },
  { :name => 'Germany', :iso_two_letter_code => 'DE' },
  { :name => 'Ghana', :iso_two_letter_code => 'GH' },
  { :name => 'Gibraltar', :iso_two_letter_code => 'GI' },
  { :name => 'Greece', :iso_two_letter_code => 'GR' },
  { :name => 'Greenland', :iso_two_letter_code => 'GL' },
  { :name => 'Grenada', :iso_two_letter_code => 'GD' },
  { :name => 'Guadeloupe', :iso_two_letter_code => 'GP' },
  { :name => 'Guam', :iso_two_letter_code => 'GU' },
  { :name => 'Guatemala', :iso_two_letter_code => 'GT' },
  { :name => 'Guernsey', :iso_two_letter_code => 'GG' },
  { :name => 'Guinea', :iso_two_letter_code => 'GN' },
  { :name => 'Guinea-Bissau', :iso_two_letter_code => 'GW' },
  { :name => 'Guyana', :iso_two_letter_code => 'GY' },
  { :name => 'Haiti', :iso_two_letter_code => 'HT' },
  { :name => 'Heard and McDonald Islands', :iso_two_letter_code => 'HM' },
  { :name => 'Holy See (Vatican City State)', :iso_two_letter_code => 'VA' },
  { :name => 'Honduras', :iso_two_letter_code => 'HN' },
  { :name => 'Hong Kong', :iso_two_letter_code => 'HK' },
  { :name => 'Hungary', :iso_two_letter_code => 'HU' },
  { :name => 'Iceland', :iso_two_letter_code => 'IS' },
  { :name => 'India', :iso_two_letter_code => 'IN' },
  { :name => 'Indonesia', :iso_two_letter_code => 'ID' },
  { :name => 'Iran', :iso_two_letter_code => 'IR' },
  { :name => 'Iraq', :iso_two_letter_code => 'IQ' },
  { :name => 'Ireland', :iso_two_letter_code => 'IE' },
  { :name => 'Isle of Man', :iso_two_letter_code => 'IM' },
  { :name => 'Israel', :iso_two_letter_code => 'IL' },
  { :name => 'Italy', :iso_two_letter_code => 'IT' },
  { :name => 'Jamaica', :iso_two_letter_code => 'JM' },
  { :name => 'Japan', :iso_two_letter_code => 'JP' },
  { :name => 'Jersey', :iso_two_letter_code => 'JE' },
  { :name => 'Jordan', :iso_two_letter_code => 'JO' },
  { :name => 'Kazakhstan', :iso_two_letter_code => 'KZ' },
  { :name => 'Kenya', :iso_two_letter_code => 'KE' },
  { :name => 'Kiribati', :iso_two_letter_code => 'KI' },
  { :name => 'North Korea', :iso_two_letter_code => 'KP' },
  { :name => 'South Korea', :iso_two_letter_code => 'KR' },
  { :name => 'Kuwait', :iso_two_letter_code => 'KW' },
  { :name => 'Kyrgyzstan', :iso_two_letter_code => 'KG' },
  { :name => 'Laos', :iso_two_letter_code => 'LA' },
  { :name => 'Latvia', :iso_two_letter_code => 'LV' },
  { :name => 'Lebanon', :iso_two_letter_code => 'LB' },
  { :name => 'Lesotho', :iso_two_letter_code => 'LS' },
  { :name => 'Liberia', :iso_two_letter_code => 'LR' },
  { :name => 'Libya', :iso_two_letter_code => 'LY' },
  { :name => 'Liechtenstein', :iso_two_letter_code => 'LI' },
  { :name => 'Lithuania', :iso_two_letter_code => 'LT' },
  { :name => 'Luxembourg', :iso_two_letter_code => 'LU' },
  { :name => 'Macao', :iso_two_letter_code => 'MO' },
  { :name => 'Macedonia', :iso_two_letter_code => 'MK' },
  { :name => 'Madagascar', :iso_two_letter_code => 'MG' },
  { :name => 'Malawi', :iso_two_letter_code => 'MW' },
  { :name => 'Malaysia', :iso_two_letter_code => 'MY' },
  { :name => 'Maldives', :iso_two_letter_code => 'MV' },
  { :name => 'Mali', :iso_two_letter_code => 'ML' },
  { :name => 'Malta', :iso_two_letter_code => 'MT' },
  { :name => 'Marshall Islands', :iso_two_letter_code => 'MH' },
  { :name => 'Martinique', :iso_two_letter_code => 'MQ' },
  { :name => 'Mauritania', :iso_two_letter_code => 'MR' },
  { :name => 'Mauritius', :iso_two_letter_code => 'MU' },
  { :name => 'Mayotte', :iso_two_letter_code => 'YT' },
  { :name => 'Mexico', :iso_two_letter_code => 'MX' },
  { :name => 'Micronesia', :iso_two_letter_code => 'FM' },
  { :name => 'Moldova', :iso_two_letter_code => 'MD' },
  { :name => 'Monaco', :iso_two_letter_code => 'MC' },
  { :name => 'Mongolia', :iso_two_letter_code => 'MN' },
  { :name => 'Montenegro', :iso_two_letter_code => 'ME' },
  { :name => 'Montserrat', :iso_two_letter_code => 'MS' },
  { :name => 'Morocco', :iso_two_letter_code => 'MA' },
  { :name => 'Mozambique', :iso_two_letter_code => 'MZ' },
  { :name => 'Myanmar', :iso_two_letter_code => 'MM' },
  { :name => 'Namibia', :iso_two_letter_code => 'NA' },
  { :name => 'Nauru', :iso_two_letter_code => 'NR' },
  { :name => 'Nepal', :iso_two_letter_code => 'NP' },
  { :name => 'Netherlands', :iso_two_letter_code => 'NL' },
  { :name => 'Netherlands Antilles', :iso_two_letter_code => 'AN' },
  { :name => 'New Caledonia', :iso_two_letter_code => 'NC' },
  { :name => 'New Zealand', :iso_two_letter_code => 'NZ' },
  { :name => 'Nicaragua', :iso_two_letter_code => 'NI' },
  { :name => 'Niger', :iso_two_letter_code => 'NE' },
  { :name => 'Nigeria', :iso_two_letter_code => 'NG' },
  { :name => 'Niue', :iso_two_letter_code => 'NU' },
  { :name => 'Norfolk Island', :iso_two_letter_code => 'NF' },
  { :name => 'Northern Mariana Islands', :iso_two_letter_code => 'MP' },
  { :name => 'Norway', :iso_two_letter_code => 'NO' },
  { :name => 'Oman', :iso_two_letter_code => 'OM' },
  { :name => 'Pakistan', :iso_two_letter_code => 'PK' },
  { :name => 'Palau', :iso_two_letter_code => 'PW' },
  { :name => 'Palestinian Territory', :iso_two_letter_code => 'PS' },
  { :name => 'Panama', :iso_two_letter_code => 'PA' },
  { :name => 'Papua New Guinea', :iso_two_letter_code => 'PG' },
  { :name => 'Paraguay', :iso_two_letter_code => 'PY' },
  { :name => 'Peru', :iso_two_letter_code => 'PE' },
  { :name => 'Philippines', :iso_two_letter_code => 'PH' },
  { :name => 'Pitcairn', :iso_two_letter_code => 'PN' },
  { :name => 'Poland', :iso_two_letter_code => 'PL' },
  { :name => 'Portugal', :iso_two_letter_code => 'PT' },
  { :name => 'Puerto Rico', :iso_two_letter_code => 'PR' },
  { :name => 'Qatar', :iso_two_letter_code => 'QA' },
  { :name => 'Reunion', :iso_two_letter_code => 'RE' },
  { :name => 'Romania', :iso_two_letter_code => 'RO' },
  { :name => 'Russia', :iso_two_letter_code => 'RU' },
  { :name => 'Rwanda', :iso_two_letter_code => 'RW' },
  { :name => 'Saint Barthelemy', :iso_two_letter_code => 'BL' },
  { :name => 'Saint Helena', :iso_two_letter_code => 'SH' },
  { :name => 'Saint Kitts and Nevis', :iso_two_letter_code => 'KN' },
  { :name => 'Saint Lucia', :iso_two_letter_code => 'LC' },
  { :name => 'Saint Pierre and Miquelon', :iso_two_letter_code => 'PM' },
  { :name => 'Saint Vincent and the Grenadines', :iso_two_letter_code => 'VC' },
  { :name => 'Samoa', :iso_two_letter_code => 'WS' },
  { :name => 'San Marino', :iso_two_letter_code => 'SM' },
  { :name => 'Sao Tome and Principe', :iso_two_letter_code => 'ST' },
  { :name => 'Saudi Arabia', :iso_two_letter_code => 'SA' },
  { :name => 'Senegal', :iso_two_letter_code => 'SN' },
  { :name => 'Serbia', :iso_two_letter_code => 'RS' },
  { :name => 'Seychelles', :iso_two_letter_code => 'SC' },
  { :name => 'Sierra Leone', :iso_two_letter_code => 'SL' },
  { :name => 'Singapore', :iso_two_letter_code => 'SG' },
  { :name => 'Slovakia', :iso_two_letter_code => 'SK' },
  { :name => 'Slovenia', :iso_two_letter_code => 'SI' },
  { :name => 'Solomon Islands', :iso_two_letter_code => 'SB' },
  { :name => 'Somalia', :iso_two_letter_code => 'SO' },
  { :name => 'South Africa', :iso_two_letter_code => 'ZA' },
  { :name => 'South Georgia and the South Sandwich Islands', :iso_two_letter_code => 'GS' },
  { :name => 'Spain', :iso_two_letter_code => 'ES' },
  { :name => 'Sri Lanka', :iso_two_letter_code => 'LK' },
  { :name => 'Sudan', :iso_two_letter_code => 'SD' },
  { :name => 'Surinam', :iso_two_letter_code => 'SR' },
  { :name => 'Svalbard and Jan Mayen', :iso_two_letter_code => 'SJ' },
  { :name => 'Swaziland', :iso_two_letter_code => 'SZ' },
  { :name => 'Sweden', :iso_two_letter_code => 'SE' },
  { :name => 'Switzerland', :iso_two_letter_code => 'CH' },
  { :name => 'Syria', :iso_two_letter_code => 'SY' },
  { :name => 'Taiwan', :iso_two_letter_code => 'TW' },
  { :name => 'Tajikistan', :iso_two_letter_code => 'TJ' },
  { :name => 'Tanzania', :iso_two_letter_code => 'TZ' },
  { :name => 'Thailand', :iso_two_letter_code => 'TH' },
  { :name => 'Timor-Leste', :iso_two_letter_code => 'TL' },
  { :name => 'Togo', :iso_two_letter_code => 'TG' },
  { :name => 'Tokelau', :iso_two_letter_code => 'TK' },
  { :name => 'Tonga', :iso_two_letter_code => 'TO' },
  { :name => 'Trinidad and Tobago', :iso_two_letter_code => 'TT' },
  { :name => 'Tunisia', :iso_two_letter_code => 'TN' },
  { :name => 'Turkey', :iso_two_letter_code => 'TR' },
  { :name => 'Turkmenistan', :iso_two_letter_code => 'TM' },
  { :name => 'Turks and Caicos Islands', :iso_two_letter_code => 'TC' },
  { :name => 'Tuvalu', :iso_two_letter_code => 'TV' },
  { :name => 'Uganda', :iso_two_letter_code => 'UG' },
  { :name => 'Ukraine', :iso_two_letter_code => 'UA' },
  { :name => 'UAE', :iso_two_letter_code => 'AE' },
  { :name => 'United Kingdom', :iso_two_letter_code => 'GB' },
  { :name => 'United States', :iso_two_letter_code => 'US' },
  { :name => 'United States Minor Outlying Islands', :iso_two_letter_code => 'UM' },
  { :name => 'Uruguay', :iso_two_letter_code => 'UY' },
  { :name => 'Uzbekistan', :iso_two_letter_code => 'UZ' },
  { :name => 'Vanuatu', :iso_two_letter_code => 'VU' },
  { :name => 'Venezuela', :iso_two_letter_code => 'VE' },
  { :name => 'Vietnam', :iso_two_letter_code => 'VN' },
  { :name => 'British Virgin Islands', :iso_two_letter_code => 'VG' },
  { :name => 'US Virgin Islands', :iso_two_letter_code => 'VI' },
  { :name => 'Wallis and Futuna', :iso_two_letter_code => 'WF' },
  { :name => 'Western Sahara', :iso_two_letter_code => 'EH' },
  { :name => 'Yemen', :iso_two_letter_code => 'YE' },
  { :name => 'Zambia', :iso_two_letter_code => 'ZM' },
  { :name => 'Zimbabwe', :iso_two_letter_code => 'ZW' }  
].each do |c|
  Country.find_or_create_by_name(:name => c[:name], :iso_two_letter_code => c[:iso_two_letter_code])
end

Let me know if you have any improvements, but it’s pretty much taken directly from the ISO website.

Simple Quarter Select – Rails plugin for Q1,Q2,Q3,Q4 selector

Tony — Thu, 06 May 2010 17:23:44 +0000

Have you ever wanted a select component for Quaters of the Fiscal Year (Q1,Q2,Q3,Q4)? The Simple Quarter Select Ruby on Rails plugin does it for you. It’s highly configurable and maps to the month of any datetime attribute in your model.

Why map the quarter to a datetime attribute?
I think the answer is obvious but for the sake of being comprehensive, I’ll list 3 questions to guide your decision:
1) How else would you store the information in your database?
2) What if some of your objects are quarterly but others are actual dates? How about semiannual?
3) How would your sort-by-date query look?

If you answer these 3 questions, you will likely see the logic in my decision.

Installation
Get it or view the source here

Usage
It’s really easy to use. Just toss this code into your view:

<%= date_select(:some_model, :some_date_attribute, {:discard_day => true, :order => [:month,:year], 
:simple_quarter_select => true}) %>

Configurability
Simple Quarter Select has a misleading name. It should really be called “Named Month Intervals” because that represents its true flexibility. To illustrate this, let’s look at an example. Let’s say you want your users to be able to choose from two halves of a year:

<%= date_select(:some_model, :some_date_attribute, {:discard_day => true, :order => [:month,:year], 
:simple_quarter_select => true, :month_interval => 6, :interval_names => ["H1","H2"]}) %>

“H1″ would store as 01/01/YYYY and “H2″ would store as 07/01/YYYY.

Or maybe you just want to display the full word “Quarter” in each option:

<%= date_select(:some_model, :some_date_attribute, {:discard_day => true, :order => [:month,:year], 
:simple_quarter_select => true, :interval_names => ["Quarter 1","Quarter 2","Quarter 3","Quarter 4"]}) %>

You get the idea

Let me know if you find this plugin useful or find any bugs. Enjoy!

Scaling a Rails Application – Thinking About the Full Stack

Tony — Thu, 06 May 2010 14:13:59 +0000

I found a great presentation about scaling web applications that I wanted to share with the world. Enjoy!
Scaling a Rails Application from the Bottom Up

Getting FancyUpload to work with Rails

Tony — Tue, 27 Apr 2010 15:41:56 +0000

FancyUpload is a slick looking file uploader with a progress bar. However, it’s not completely obvious how to get it working with your Rails application. I searched long and hard and found 2 pretty good examples here and here. The problem is that the former only works with Amazon S3, and the latter just doesn’t seem to work. If you are using Amazon S3 check out the first link which will be more useful than this article. I will show you how to get a great file uploading interface up and running in minutes.

After some wrestling with the code in both examples, I was able to get a sample Rails app up and running. The app is hosted on github for your downloading pleasure.

I don’t think it’s worth going through the fancyuploader code here because you can view examples and usage on the official website, but I will mention the trick to getting it working in Rails:

Step 1. Disable protect_from_forgery for the upload action
This is as simple as:

class UploadsController < ApplicationController
  protect_from_forgery :except => 'upload'
  def upload
...

Step 2. Copy the file somewhere useful and return 200

class UploadsController < ApplicationController
  protect_from_forgery :except => 'upload'
  def upload
    FileUtils.mv params[:file].path, RAILS_ROOT+"/data/#{params[:Filename]}"
    return render :nothing => 200
  end
end

Step 3. Set the URL param of FancyUploader properly

...
var up = new FancyUpload3.Attach('uploader_file_list', '#upload_link', {
      path: 'http://#{request.host_with_port}/javascripts/fancyupload/source/Swiff.Uploader.swf',
      url: 'http://#{request.host_with_port}/uploads/upload',
...

I highly recommend checking out the sample app from my git repository and poking around in the code. There is very little. Feel free to contact me if you cannot get fancyupload to work with Rails after trying my sample app.

How to change a UIBarButtonItem in the iphone toolbar

Tony — Sat, 17 Apr 2010 19:23:06 +0000

I recently needed to add a custom button to the iPhone toolbar but it needed to have state. Specifically, I needed the ability to enable and disable it based on some conditions. I implemented this using two images for the button – one for enabled and one for disabled.

First, add the button to the toolbar:

UIBarButtonItem *flexibleSpace = [[UIBarButtonItem alloc] initWithBarButtonSystemItem:UIBarButtonSystemItemFlexibleSpace target:nil action:nil];
UIImage *shuffleButtonDisabledImage = [UIImage imageNamed:@"shuffle_button_disabled.png"];
UIButton *shuffleButton = [UIButton buttonWithType:UIButtonTypeCustom];
[shuffleButton setImage:shuffleButtonDisabledImage forState:UIControlStateNormal];
 
shuffleButton.frame = CGRectMake(0, 0, shuffleButtonDisabledImage.size.width, shuffleButtonDisabledImage.size.height);
[shuffleButton addTarget:self action:@selector(shuffleSelected) forControlEvents:UIControlEventTouchUpInside]; 
UIBarButtonItem *shuffleBarItem = [[UIBarButtonItem alloc]	initWithCustomView:shuffleButton];
 
toolbarItems = [NSMutableArray arrayWithObjects:flexibleSpace,shuffleBarItem,flexibleSpace,nil];
[toolbarItems retain];

I did this in my init function.

Next you need to implement the logic for disabling and enabling:

if(someFlag){
        shuffleActivated = YES;
        [(UIButton *)[[toolbarItems objectAtIndex:1] customView] setImage:[UIImage imageNamed:@"shuffle_button_small.png"] forState:UIControlStateNormal];
}else{
        shuffleActivated = NO;
	[(UIButton *)[[toolbarItems objectAtIndex:1] customView] setImage:[UIImage imageNamed:@"shuffle_button_small_disabled.png"] forState:UIControlStateNormal];
}

Update:
There is actually a better way to set enabled and disabled view states for a button anywhere in your iPhone application. You can specify which image to display based on the enabled or disabled state of the button, and then just manage the button state. One benefit to this is your disabled button won’t bounce like it is enabled. You also don’t have to create an image every time the button state changes. Of course you could have avoided both of these issues with a little more code, but this is a nice way to avoid both of those issues with a little less code. Here is what creating the toolbar will look like now:

UIBarButtonItem *flexibleSpace = [[UIBarButtonItem alloc] initWithBarButtonSystemItem:UIBarButtonSystemItemFlexibleSpace target:nil action:nil];
// this code is copied which is bad, should put in a utility class
UIImage *shuffleButtonDisabledImage = [UIImage imageNamed:@"shuffle_button_disabled.png"];
UIImage *shuffleButtonEnabledImage = [UIImage imageNamed:@"shuffle_button.png"];
UIButton *shuffleButton = [UIButton buttonWithType:UIButtonTypeCustom];
shuffleButton.adjustsImageWhenDisabled = YES;
[shuffleButton setEnabled:NO];
[shuffleButton setImage:shuffleButtonEnabledImage forState:UIControlStateNormal];
[shuffleButton setImage:shuffleButtonDisabledImage forState:UIControlStateDisabled];
 
shuffleButton.frame = CGRectMake(0, 0, shuffleButtonDisabledImage.size.width, shuffleButtonDisabledImage.size.height);
[shuffleButton addTarget:self action:@selector(shuffleSelected) forControlEvents:UIControlEventTouchUpInside]; 
UIBarButtonItem *shuffleBarItem = [[UIBarButtonItem alloc]	initWithCustomView:shuffleButton];
 
toolbarItems = [NSMutableArray arrayWithObjects:flexibleSpace,shuffleBarItem,flexibleSpace,nil];
[toolbarItems retain];

Again, this is done in my init function.

Your enabling/disabling logic would look like this:

if((numSelected == 1)&&(!shuffleActivated)){
	[(UIButton *)[[toolbarItems objectAtIndex:1] customView] setEnabled:YES];
}else if((numSelected == 0)&&(shuffleActivated)){
	[(UIButton *)[[toolbarItems objectAtIndex:1] customView] setEnabled:NO];
}

B’more on Rails synopsis – April 2010

Tony — Wed, 14 Apr 2010 18:33:10 +0000

B’more on Rails is a community of Baltimore folks who use the Ruby programming language and the Ruby on Rails application framework. Check out our MeetUp page. Below is a brief synopsis from our April 2010 meetup. You can also download the slides here.

Bundler is great for gem management. Among other things, it solves the issue where gems are required to load your environment but the environment needs to be loaded for the bootstrapping code that installs those gems to execute.

Cucumber seems to be the most agile solution for BDD style integration tests. Writing out the features before you write code seems like a lot of work, but it will yield better productivity as it forces you to keep the business requirement paramount during development. It’s overkill for unit tests in which case RSpec, Shoulda, or TestUnit (shipped with Rails) will serve you well. Also, it can be quite painful at first, but the key is to start simple and you will be naturally drawn to advanced usage.

Cucumber should be used in conjunction with Capybara or Webrat for browser simulation. Also the following testing tools were mentioned:

Email-spec: a great way to test emails with Cucumber
Pickle: great Cucumber steps for creating your models
Factory Girl: fixtures replacement (use in conjunction with Pickle)
Timecop: travel time for time-dependent tests (cucumber usage here)
Friendly ID: more friendly (readable) references to your model

Install MySQL on Mac OS X 10.6 and add StartupItem

Tony — Tue, 13 Apr 2010 15:03:09 +0000

Installing MySQL on Mac OS X 10.6 took a bit of digging around. Here is a consolidated tutorial. I am leaving out sudo commands for convenience. Use them where you don’t have permission.

# create the directory where you will keep your MySQL binary distribution
mkdir ~/src
cd ~/src
 
# download mysql binary distribution from http://dev.mysql.com/downloads/mysql/
# then move the distribution into your src directory
mv /path/to/mysql/download.tar.gz ~/src
# make sure you are in ~/src (use pwd if unsure) then untar
gunzip < /path/to/mysql-VERSION-OS.tar.gz | tar xvf -
 
# create the MySQL group
dscl . create /Groups/mysql
# give it some group id
dscl . create /Groups/mysql gid 296
# create a MySQL user
dscl . -create /Users/mysql
# make the MySQL user a member of the MySQL group
dscl . append /Groups/mysql GroupMembership mysql
# change ownership to mysql
chown -R mysql .
chgrp -R mysql .
 
# install mysql
scripts/mysql_install_db --user=mysql
# make a symlink in the /usr/local directory or you can customize the location in support-files/mysql.server if you prefer
mkdir /usr/local
cd /usr/local/
ln -s /full/path/to/your/mysql/install/directory mysql
 
# you should now be able to start the server
support-files/mysql.server start
 
# add mysql to your PATH
# in ~/.bash_profile
export PATH=/usr/local/mysql/bin:$PATH
source ~/.bash_profile
# should bring up the mysql CLI
mysql
# exit 
mysql> exit
 
# set mysql server to auto start upon boot
mkdir /Library/StartupItems/MySQLCOM
cd /Library/StartupItems/MySQLCOM/
ln -s /usr/local/mysql/support-files/mysql.server MySQLCOM
 
# test for success
/Library/StartupItems/MySQLCOM/MySQLCOM stop
/Library/StartupItems/MySQLCOM/MySQLCOM start
 
# create a root password
mysqladmin -u root password your_root_password

Recovering off screen windows in Mac OS X

Tony — Thu, 18 Feb 2010 22:46:44 +0000

I constantly lose windows on OS X. I think it’s because sometimes I am connected to an external monitor so OS X gets confused when I am not. I found a great solution online that I would like to re-post here so that I never have to look for it again and I can help share it with the world. All credit goes to the author of the original article.

The solution is to pop open your Script Editor and run this Apple script:

-- Example list of processes to ignore: {"xGestures"} or {"xGestures", "OtherApp", ...}
property processesToIgnore : {}
 
-- Get the size of the Display(s), only useful if there is one display
-- otherwise it will grab the total size of both displays
tell application "Finder"
  set _b to bounds of window of desktop
  set screen_width to item 3 of _b
  set screen_height to item 4 of _b
end tell
 
tell application "System Events"
  set allProcesses to application processes
  set _results to ""
  repeat with i from 1 to count allProcesses
    set doIt to 1
    repeat with z from 1 to count processesToIgnore
      if process i = process (item z of processesToIgnore) then
        set doIt to 0
      end if
    end repeat
 
    if doIt = 1 then
      tell process i
        repeat with x from 1 to (count windows)
          set winPos to position of window x
          set _x to item 1 of winPos
          set _y to item 2 of winPos
 
          if (_x < 0 or _y < 0 or _x > screen_width or _y > screen_height) then
 
            set position of window x to {0, 22}
 
          end if
        end repeat
 
      end tell
    end if
  end repeat
end tell