Whenever a teacher or police officer is revealed to have engaged in abusive behavior, a certain group of people always crawl out of the woodwork to defend the person of authority. They’re prepared to ignore any amount of evidence presented and to blame any abuse victims for being overly sensitive or for failing to do what was expected of them by the abuser or by society.
Year: 2011
Designing a Contextual Role-Based Capability Control System
Update May 2: ScopedRole is now a PHP5.3 library based on this design and is passing initial unit tests!
After surveying a few permissions models that one might want to choose for an LMS, I think Moodle really got right the notion that role-based permissions should be flexible depending on the domain(s) the user’s in. Unfortunately Moodle’s implementation is completely bolted in, so I started looking around for a standalone implementation (few dependencies, no globals/state) of something similar.
For PHP dating back to 2002, phpGACL is designed and documented really well. It’s truly a drop-in solution with some advanced functionality, but doesn’t quite cover the concept of contextual roles, so it doesn’t quite cut it. What I’m imagining is something very similar but ideally without forcing a particular DB abstraction library on you.
Using the awesome WWW SQL Designer, I designed a bare-bones schema for the data:
This is loosely based on Moodle’s schema, but I removed quite a lot, not only in hopes of getting it working quickly, but also because most implementers will have varying needs. E.g., implementers may need to localize role names and descriptions by language, so simple keys are all this schema is responsible for storing. I also removed special feature-related columns on the entities and link tables: the implementer is free to add columns as needed or just reference the id on each table. I’d imagine most folks dropping this into, e.g., a Zend Framework app just won’t need most of the features that Moodle had in there.
Also note it would come without a users table. The implementer will provides the system with unique integers for each user and that’s all it should need to do its job. You’re free to join the tables to create whatever views you need.
Any ideas for a catchier name than “Contextual Role-Based Capability Control System”? ScopedRole?
Programming is…
Myth: Programmers get to write code all day.
Truth: Most programmers spend a ton of time (in no particular order):
- Carefully composing e-mails to other programmers/mailing lists/non-technical folks
- Sitting in on meetings, working on mockups and DB schemas, worrying about performance implications of proposed features
- Writing bug reports and searching through bug DBs
- Scrambling to figure out why systems with numerous opaque layers are failing, digging through multi-GB log files with command line tools
- Explaining downtime to users/higher ups
- Contributing solutions to strangers’ problems
- Reading documentation/books/programming blogs/release notes/vulnerability announcements
- Searching for existing code that does what you want, maybe without knowing what that’s called
- Evaluating if code you found solves your problem/would perform acceptably/fits in your environment/has a compatible license/has a lasting support community
- Installing, configuring, and testing a codebase then finding it won’t work for you
- Googling error messages
- Digging through public code repositories to see “how [some open source project] does it”
- Learning source control tools, bash, GNU utilities, and Linux file permissions (and/or the Windows equivalents)
- Configuring IDEs, virtual machines, web servers, databases
- Figuring out how to shoehorn together codebases that weren’t designed to coexist
- Determining which tasks to prioritize from an endless supply
IE6/7 CSS Specificity Bug
After our team launched the new College of Education site, I discovered that IE8’s handy “Browser Mode: IE7” mode of IE8 is useless for real IE7 testing (but IETester actually works!). Undoubtedly this “IE7 mode” has many quirks in its emulation we’ll never know about, but after a few hours of hair-pulling I finally pinned down a real IE6/7 bug that the emulator doesn’t have.
IE versions before 8 apparently vary in their calculation of CSS specificity depending on the order of elements in the selectors. What this means for poor suckers who worry about IE6/7 is that rules that appear later and (should) match specificity won’t always override values. E.g.
<div id="foo"><div id="bar">I should be green.</div></div>/* both rules have the same specificity */
#foo div { background:red /* IE6/7 apply this value */ }
div #bar { background:green /* correct value to apply */ }This bug will hit you when you’re pursuing a good goal: trying to keep selectors short. So in these situations make sure to test in IETester at the very least and leave a comment to let future CSS editors know why a selector is longer than needs to be.
Honduras Might Try Charter Cities
From the Charter Cities blog:
The government in Honduras is convinced that a charter city could be the safe playing field, with new rules, where Hondurans of all backgrounds can come together and put their skills to work with the financial resources, expertise, and technology available in the rest of the world.
I first read about charter cities last June, and I still see it as an incredibly important idea. Some of the best criticism of the idea I’ve read is from Ranil Dissanayake on the Aid Thoughts blog. This quote (from here) seems to sum up his argument:
Romer’s approach is wrong not because he thinks rules are important or that countries should invite rich Governments to enforce them, but because Romer thinks he already knows the rules, and that they can be imported anywhere. That’s not how it works. In a recent post I pointed out how different rich countries are from each other. That’s partly because their rules, evolved over hundreds of years in some cases, are specific to each of their own contexts. Romer doesn’t see this. He just sees the rules of today, and imagines that they can be peeled off a society and pulled over a new one, like a one size fits all t-shirt.
Firstly, I’ve yet to read that Romer thinks he “already knows the rules”, especially down to the details. From the early mention of the Honduras experiment, it seems unlikely that Romer, the Charter Cities organization, or foreign governments will be deciding all the rules. Secondly, some rules are much more important for success. E.g., Dissanayake mentions the variance in rape law between the U.S. and France, but these differences have little influence on economic progress (Koreans once all had similar, if not identical, cultural laws and norms, but changes in those aren’t what held North Koreans back), and immigrants in both countries easily accommodate either law. There are large chunks of the “rules” that could be left up to the host country or designed around the culture of the populations most likely to migrate there.
Also I think the incentives are right for allowing cultural enclaves some variance in their social laws if it reduces ethnic tension, since this would be destructive to land value (reducing the rents the host country can collect), to productivity (making investors unhappy), and to the credit of the organizations making the rules.
In short I think Dissanayake significantly underestimates the willingness/ability of people in poverty—and willing to move to escape it—to accept culturally different rules. I think in richer countries we’ve come to see cultural rules as so important because we can afford to.
Since I didn’t post it before, here’s the TED talk (19 min) on charter cities from 2009:
Filtering WordPress Navigation Menus
WordPress 3 introduced native navigation menus, usually created via the wp_nav_menu theme function and the built-in Custom Menu widget. If you have a menu with a deep hierarchy, you may want to display only the active branch and the submenu directly below the active item (given class “current-menu-item” by WordPress). You can see this menu behavior on the left in the UF College of Education Faculty site.
This is sadly not doable with CSS. I originally did it with Javascript, but the requirements of progressive enhancement required that the whole menu be output before attacking the DOM. Depending on the page, this caused a distracting collapse of the menu during the layout.
The class Coewp_MenuFilter does this menu filtering server-side. Until I wrap this in a plugin, just put it in your theme folder:
// in functions.php
require dirname(__FILE__) . '/MenuFilter.php';
Coewp_MenuFilter::add();
How it works
add() attaches a filter to the “wp_nav_menu” hook, so WordPress passes menu HTML through the class’s filter() method before returning it in wp_nav_menu(). In filter(), the HTML is converted to a DOMDocument object, which is edited using DOM methods (with XPath available, this version was almost a direct port of the jQuery version). After cutting it down, the DOM tree is re-serialized to HTML.
I was really hoping this filtering could be done before the HTML was created, say by subclassing WP’s Walker_Nav_Menu class, but this proved difficult to debug.
Simpler API for Zend’s built-in Firebug Logger
Zend Framework has functionality to send messages to the Firebug console (via Firefox’s FirePHP addon), but if you’re not using the ZF front controller, the API is a bit of a pain. Besides your instance of Zend_Log, you must keep track of a few additional objects just to manually flush the headers after all your logging calls. Since I knew the old FirePHP class didn’t need this follow-up step, I figured I could just flush the headers after each send.
The result is FireLog. On the FireLog instance, calls to methods like log(), info(), warn(), etc. are proxied to an internal Zend_Log instance, while the methods send(), group(), and groupEnd() are proxied to the static methods on Zend_Wildfire_Plugin_FirePhp. In both cases the headers are set immediately using some simple ZF subclassing.
Goodbye Trish Keenan
The singer of one of my favorite bands passed away.
It is with great sadness we announce that Trish Keenan from Broadcast passed away at 9am this morning in hospital. She died from complications with pneumonia after battling the illness for two weeks in intensive care.
Our thoughts go out to James, Martin, her friends and her family and we request that the public respect their wishes for privacy at this time.
This is an untimely tragic loss and we will miss Trish dearly – a unique voice, an extraordinary talent and a beautiful human being. Rest in Peace. [Warp records]
Content Delivery and Format Fail
The pic on the right is from The Berrics’ “New Year’s Dae” video. The skating is amazing—well worth a dollar—and the site’s registration and checkout was painless, but the rest has been a disappointment:
- There’s no way to download this “downloadable part,” as it’s advertised. You must install an Adobe Air application, which downloads the video.
- There was nothing in the checkout process to let me know I needed to install Air first. The only link to “download instructions” (who would think they need to read this?) was on the “add to cart” page. Once most people have checked out they’ll have to run to Google what an .air file is.
- The app isn’t digitally signed, so the publisher reads “unknown” and it asks for “unrestricted” access to my system. Does not inspire trust.
- You can only watch the video via the app! So no fancy controls you might want while, say, watching a skateboarding part.
- Considering I downloaded 150MB for a 5 minute video, the quality is astoundingly bad. See the horizontal lines in the screenshot? They’re a constant distraction and it all looks even worse at full screen. Every video on the The Berrics site looks better than this. Like most Rodney and Daewon parts, the filming is just not exciting, but it’s forgivable.
- Since I downloaded it on my wife’s PC last night, the download link in my account is already “expired”, so I can’t install it on mine.
The pic is actually from a copy I found immediately on Vimeo, highlighting the absurdity of this level of copy control. Lesson: Only paying customers have to deal with DRM nonsense.
Update: 5 days later, the video no longer plays.