[horde] reagent: the code

Mij mij at bitchx.it
Tue Apr 20 16:59:15 PDT 2004


hello people

so. I spent some hours the last days on reagent (see former posts).
While there are thounsand details that require to be fixed/completed
I got the application working. You can:

- list users/developers registered to the community
- see the profile of a specific user (photo, realname, notes etc and
the project he contributes)
- see the profile of a specific project (logo, name, synopsis etc and
the members it encounters)
- edit the profile of a user (*1)
- create a new user (*2)
- edit the profile of a project (*1b)
- create a new project
- subscribe/unsubscribe members to projects, set them leader,
change their role against the project

Its architecture has been thought to be easy and pleasant to use.
Parts of the Apple Human Interfaces Design Guide has been used.



*1:
it's thought this way: a) anyone can edit his own profile. There are a 
set of
special users, "administrators", who can edit *all* the profiles; b) 
projects
works about the same way. There's a "project leader" who can edit the
project he leads, then every admin has the ability to change every 
project.
Admins can also create new projects and new users.

*2:
this means two things: you can create a new *horde* user (this is 
currently
not implemented but quick to be done. Just the next thing to do. You can
create a *reagent* user, or better "enable an existing horde user to be
profiled on reagent". This one is currently supported.


There's some screenshots on 
http://dev.publicshout.org/reagent/shot_reagent/png/

Of course everything on those shots is completely stupid and mostly not 
existing,
just to fill the database with something to dump on the application.


Important, about its license:
I didn't decide for a license yet. It will probably be BSD, maybe LGPL, 
at most GPL.
Have to say that it's the fruit of a project I'll be assessed on as 
part of a university
examination. Unlikely will the Institute (Politecnico di Milano) impose 
requirements
about the license. Even in this case, very very unlikely they will 
impose me to
license it with a license stricter than "free for non-commercial use". 
I guarantee I will
fight for the most free. What I hope and think: they will request the 
Intellectual Property,
leaving it free for any use for the rest. After all, 
http://webmail.polimi.it/ ...

Then:
for the facts above, I haven't still marked any source with licenses 
stuff. I will provide
sources to anyone interested in having a look, but privately: just drop 
me a mail.
I just want to skip sources leaks.
For anyone who formerly notified his interest in contributing: please 
write me again,
I will provide:

- tgz sources
- reagent cvs account
- reagent test platform web account
- reagent database account (it contains that stupid data said above,
but with the tables ready)


Other notes:
As part of the project said above, this kind of jobs are meant to take 
students about
70-80 hours. Since it requested to me a bit more and it's <80% done, I 
requested
for extending it to a wider project I'll offer as micro-thesis. This 
will imply to introduce
more techology like XML, security, performance. Giving example, I 
thought to
implement CRAM (*3) for horde (i'll do that for reagent, so extending 
wouldn't be heavy),
and import/export anything about projects and users through XML.

*3: it is quite useless to store password as md5 hashes on the db, then 
ask the
user to post its clean password via http: 80% of the times the db and 
the web servers
are on the same host, and the rest of the times their link can be 
easily made secure
with a simple encrypted tunnel. What is actually insecure is 
client-webserver.
The job is to require the client to compute the md5 itself (via JS) and 
sent *that*
password to the client. In fact, the thing will be: the server posts a 
challenge to the client.
the client computes the md5 of the clear password, concatenates the 
challenge and
computes a the md5 (hex) of the result, then posts *that* password. The 
server pulls
the md5 hash of the user's password and authenticates the same way.
I already got that working on a standalone trial, using a nice JS 
library which's BSD
licensed.


-> TODOs
there's a lot of todos. most of them are in the TODO file inside the 
package, but there's
more. Thanks to the current status of the app, all the core code is 
well written, but
it hasn't been refined enough all the UX.
Mostly:
- completely do the errors handling. I just roughly invoke a 
Horde::fatal() now
- rewrite the search panel for rising its powerful (quick job, just 
replace radios with
checkboxes and the engine is almost ready for handle that)
- better integration with horde's "widgets"
- introducing users' prefs
- implementing custom order in lists (users, projects, members ...)
- automatically generate thumbnails of the pictures users submit (for 
themselves
and as logos for projects) and include these thumbs while listing users 
(include
their pictures) and projects (their logo)
- i18n: the app is gettext-ready. Just write translations (italian half 
done as proof of concept).
- ... about twenty other TODOs


In sum:
- current status: have a look at 
http://dev.publicshout.org/reagent/shot_reagent/png/
- who's interested in having the code, plase write me: i'll be happy to 
send you.


sorry for the mess with sources.

If you have questions of any kind, i'll be glad to answer here on the 
ml.

ciao



More information about the horde mailing list