[horde] reagent: the code
Mij
mij at bitchx.it
Tue Apr 20 16:59:15 PDT 2004
hello people
so. I spent some hours the last days on reagent (see former posts).
While there are thounsand details that require to be fixed/completed
I got the application working. You can:
- list users/developers registered to the community
- see the profile of a specific user (photo, realname, notes etc and
the project he contributes)
- see the profile of a specific project (logo, name, synopsis etc and
the members it encounters)
- edit the profile of a user (*1)
- create a new user (*2)
- edit the profile of a project (*1b)
- create a new project
- subscribe/unsubscribe members to projects, set them leader,
change their role against the project
Its architecture has been thought to be easy and pleasant to use.
Parts of the Apple Human Interfaces Design Guide has been used.
*1:
it's thought this way: a) anyone can edit his own profile. There are a
set of
special users, "administrators", who can edit *all* the profiles; b)
projects
works about the same way. There's a "project leader" who can edit the
project he leads, then every admin has the ability to change every
project.
Admins can also create new projects and new users.
*2:
this means two things: you can create a new *horde* user (this is
currently
not implemented but quick to be done. Just the next thing to do. You can
create a *reagent* user, or better "enable an existing horde user to be
profiled on reagent". This one is currently supported.
There's some screenshots on
http://dev.publicshout.org/reagent/shot_reagent/png/
Of course everything on those shots is completely stupid and mostly not
existing,
just to fill the database with something to dump on the application.
Important, about its license:
I didn't decide for a license yet. It will probably be BSD, maybe LGPL,
at most GPL.
Have to say that it's the fruit of a project I'll be assessed on as
part of a university
examination. Unlikely will the Institute (Politecnico di Milano) impose
requirements
about the license. Even in this case, very very unlikely they will
impose me to
license it with a license stricter than "free for non-commercial use".
I guarantee I will
fight for the most free. What I hope and think: they will request the
Intellectual Property,
leaving it free for any use for the rest. After all,
http://webmail.polimi.it/ ...
Then:
for the facts above, I haven't still marked any source with licenses
stuff. I will provide
sources to anyone interested in having a look, but privately: just drop
me a mail.
I just want to skip sources leaks.
For anyone who formerly notified his interest in contributing: please
write me again,
I will provide:
- tgz sources
- reagent cvs account
- reagent test platform web account
- reagent database account (it contains that stupid data said above,
but with the tables ready)
Other notes:
As part of the project said above, this kind of jobs are meant to take
students about
70-80 hours. Since it requested to me a bit more and it's <80% done, I
requested
for extending it to a wider project I'll offer as micro-thesis. This
will imply to introduce
more techology like XML, security, performance. Giving example, I
thought to
implement CRAM (*3) for horde (i'll do that for reagent, so extending
wouldn't be heavy),
and import/export anything about projects and users through XML.
*3: it is quite useless to store password as md5 hashes on the db, then
ask the
user to post its clean password via http: 80% of the times the db and
the web servers
are on the same host, and the rest of the times their link can be
easily made secure
with a simple encrypted tunnel. What is actually insecure is
client-webserver.
The job is to require the client to compute the md5 itself (via JS) and
sent *that*
password to the client. In fact, the thing will be: the server posts a
challenge to the client.
the client computes the md5 of the clear password, concatenates the
challenge and
computes a the md5 (hex) of the result, then posts *that* password. The
server pulls
the md5 hash of the user's password and authenticates the same way.
I already got that working on a standalone trial, using a nice JS
library which's BSD
licensed.
-> TODOs
there's a lot of todos. most of them are in the TODO file inside the
package, but there's
more. Thanks to the current status of the app, all the core code is
well written, but
it hasn't been refined enough all the UX.
Mostly:
- completely do the errors handling. I just roughly invoke a
Horde::fatal() now
- rewrite the search panel for rising its powerful (quick job, just
replace radios with
checkboxes and the engine is almost ready for handle that)
- better integration with horde's "widgets"
- introducing users' prefs
- implementing custom order in lists (users, projects, members ...)
- automatically generate thumbnails of the pictures users submit (for
themselves
and as logos for projects) and include these thumbs while listing users
(include
their pictures) and projects (their logo)
- i18n: the app is gettext-ready. Just write translations (italian half
done as proof of concept).
- ... about twenty other TODOs
In sum:
- current status: have a look at
http://dev.publicshout.org/reagent/shot_reagent/png/
- who's interested in having the code, plase write me: i'll be happy to
send you.
sorry for the mess with sources.
If you have questions of any kind, i'll be glad to answer here on the
ml.
ciao
More information about the horde
mailing list