5 Years!

I just realized that it’s been approximately 5 years since I started “blogging” – shortly after the untimely demise of The Company Who Shall Not Be Named (March, 2001), I started dabbling with weblog software. First, I played with a copy of a blog app that was included on my Dad’s MacAddict CD-ROM, then I played with Blosxom. The first year’s worth of posts were either intensely personal, or intensely boring (or both) and have long since evaporated into the ether. The oldest surviving post on this blog is just shy of 4 years old.

There must be some kind of pin or something. Or maybe a support group or 12-step program…

Blog move to Dreamhost now finalized

My various online bits are now living at Dreamhost. It took only a few minutes to install my stuff, copy over the files, and get up and running. It’s taken a bit longer to have DNS changes propagate, but I think that process is pretty much over now. WordPress seems pretty happy there, and I’ve installed copies of Drupal, Mediawiki and Lace (the cool ajax chat app), as well as a Quicktime streaming server and Jabber server. The last two were autoinstalls, so I just flicked them on to see what they did. Actually, everything but Lace could have been automatically installed, with subdomains and databases created automatically, but I opted to do the manual install because I already have copies of the apps configured.

So far, things seem to be working pretty well. They give an insane amount of disk space (20 GB to use as I need) and monthly bandwidth (1 TB/month, plus an extra 8 GB added each week), as well as SSH and FTP access.

I’m looking forward to playing around with Rails a bit, and have a place to host it.

The Dreamhost support team is also pretty darned responsive. I’ve had to contact them twice (once when their account creation form barfed on the apostrophe in my name, and once when the stats weren’t being displayed). Very helpful, those Dreamhost folks. They also have 2 blogs that they use to communicate about status and other stuff. The off-site dreamhoststatus.com blog is a good way to keep up on pending changes or outtages. And their general blog is just plain entertaining – with a category dedicated to rants! It’s good to see a decade-old hosting company that’s grown rather large still be able to have a sense of humour.

Update: One of the things I’m loving about hosting at Dreamhost is that backups are trivial. I have a script in my hosted account that I can trigger via SSH, and it will rsync my entire home directory (including all files needed to host my domain and any subdomains) to my desktop box on campus for backup. And, because rsync is so cool, it only takes a few seconds, since only changed files are sent. So, I can make sure all of my 300+MB of files are backed up in about 10 seconds. Add a scripted mysqldump into the mix, and all data backups are up to date as well.

Access Control Lists in Drupal?

I’ve been trying to figure out a workable solution for a couple of months, and have come up with nothing more than some hacks and approximations of what is needed.

Here’s a use case:

User “A” (let’s call her “Amy”) writes a blog post. She wants it to be readable by her professor (let’s call her “Betty”) and one other student (let’s call her “Carmen”).
But, she doesn’t want the post to be readable by the rest of the class, by students in other classes, nor by the unwashed masses stumbling across a post via Google.

So, Amy wants to grant these privileges to her blog post: Amy: Read/Write/Delete Betty: Read Carmen: Read

Currently, she can create an Organic Group, add the three users to the group (let’s call it “Amy+Betty+Carmen”), and mark it as “not public” and having an audience of “Amy+Betty+Carmen”.

That Organic Groups model works, but for her next blog post, Amy wants it to be available by another student (let’s call him “Dmitry”). So, she has to create a new Organic Group called “Amy+Betty+Dmitry” and add the three users to the group. She then writes a new blog post, sets it to not be public, and have the audience of “Amy+Betty+Dmitry”.

That pattern just doesn’t scale. Each user may have to belong to hundreds of Organic Groups to cover all permutations of sharing and privacy involved with a class or project.

It would be easier if there was just an “Access” section of the blog authoring page, where Amy could just select the users that she wants to add to each of the two non-owner roles (read and edit). This could pose some issues wrt scalability – if there are 100 users in a copy of Drupal, she won’t want to have to scan a list. Ideally, some ajax-powered user search would let her just start typing a person’s name (she may not know their username or email address) and have the system provide a list of matches.

So, the Organic Groups trick works, but doesn’t scale. If Amy wants to allow co-authoring on a post (a book page or something), she needs to start fiddling around with Simple Access (or make sure everyone has “Administer Nodes” privs, which won’t fly in a community based on assumed privacy for some content). Simple Access is tied to Drupal’s concept of Roles, so there may need to be 13 bajillion Roles in the system to cover all permutations (or a Role per user). Doesn’t scale. And, there’s the strange interaction between Simple Access and Organic Groups, where if you want OG to work, you can’t use Simple Access (you have to create a dummy Role called “nobody” with nobody in it for OG to kick in, as Simple Access will override it otherwise).

There are some others who appear to have a similar need. First, there’s the “na-arbitrator” module, which adds access control lists to forum posts (so far) – but it appears to be tied to the concept of Roles, with Users being added as Moderators. Close.

Node Privacy by Role” module sounds close, but again is tied to the concept of Roles, not Users.

There’s the Taxonomy Access module, which would require enforcing a taxonomy and making sure only the appropriate people use a given term in the vocabulary. Don’t think this would scale either.

Then, there’s a rather detailed design spec but it appears to have been orphaned for a year or so… There are some other attempts dating back to 2004, but nothing appears to have been completed.

Perhaps the most promising sounding project is the “Groups” module – but even that hasn’t been touched in 13 months, and doesn’t work with Drupal 4.7

The official Drupal handbook includes a section that touches on this topic, but the solutions provided there don’t offer the level of user-defined granularity. They rely on administrators to set up roles and taxonomies and to manage the interaction between them. What is needed is a way for users to define the exact audience of any node they wish to restrict access to.

Long story short, I have no good idea on how to currently enable per-node per-user access controls in Drupal. I’ve got some projects that will either rely on this, or will benefit greatly from it.

AJAXWrite – MS Word in your browser

While Writely is cool, it deals with online documents. You can import/export, but the document lives online. That’s cool for many uses, but scares some people.

I just found a link to AjaxWrite (via Tangled up in Purple) – it’s a javascript based word processor that appears to be compatible with MS Word. You open and save documents on your local hard drive – not in the Internet Cloud.

AjaxWrite ScreenshotBasically, it’s just a copy of Word that lives in a browser window, meaning you don’t have to install it anywhere. Stick your .doc files on a USB thumbdrive (perhaps with a copy of Portable Firefox) and you’ve got a portable word processor that you can take anywhere, regardless of how a “guest” computer is configured… (actually, if you want portable word processors, there are some options for native applications as well)

In the screenshot here, I’ve opened a somewhat complicated .doc file on my hard drive (tables, colours, etc…) and it let me do editing right in Firefox. Note the toolbar icons, and regular menu bar.

It might not be quite as fully featured as a copy of MS Word, but it’s handy, and lives anywhere with an internet connection…

Canadian Music Creators Coalition

From Slashdot comes a mention of the Canadian Music Creators Coalition.

This is one of the coolest things from the world of musicians with respect to IP and copyright. Some of the biggest names in Canadian music just put their feet down to tell the Big Labels not to be evil.

They have a handy website up, with their three principles:

  1. Suing Our Fans is Destructive and Hypocritical
  2. Digital Locks are Risky and Counterproductive
  3. Cultural Policy Should Support Actual Canadian Artists

So, the artists that have the most to gain from protecting the status quo are being very vocal about not wanting to be involved with it.

The odds of me spending cash on buying Canadian music just went way up. Some Broken Social Scene tracks are in my immediate future…

Automatically Updated Colophon

The colophon, listing the various bits that get twiddled to run my blog, has been woefully out of date. I get periodic emails about the various plugins I use, especially the latest Podpress plugin, so I thought it’d be a good idea to automate the process of updating the list. Enter the bdp_setup plugin by Bryan Palmer at ozpolitics.info.

The colophon is now automatically generated, and guaranteed to stay up to date for as long as I’m using WordPress to run my blog…

Identity Management Systems

For some of our projects here at the TLC, we need to be able to manage identity information – traditionally, user accounts, groups, roles, etc… We’re taking a bit of time to think about a better way of implementing this, and how to use a flexible, distributed identity model.

I’ve been going through some web searches to find out what others are doing. The “version numbers” are loosely based on Dick Hardt’s descriptions (with apologies to him if I’ve misinterpreted what he was trying to say).

“Identity 1.0″

  • centralized repository – institutional directory…
  • LDAP
  • OpenLDAP

“Identity 1.5″

“Identity 2.0″

Any glaring omissions? I’ll be editing this post as I go along (I’ve got the info in our TLC wiki, but that’s behind an Identity 1.0 login)

Flock pre-Cardinal Update

I’m playing with a pre-Cardinal (the next Big Release) build of Flock, and man is it nice! They’ve replaced the blog editor, and it’s the best blog editor I’ve used. Very nice. The blog manager topbar appears to have disappeared, but I assume it’s just being tweaked and will return before the Big Release.

My only gripe is that category selection still sucks – no way to easily find one of my 331 categories in a list sorted by primary key of the category database record. Some sorting/searching/filtering/text-auto-complete interface would be waaay more effective. Oh, and the selected category didn’t get applied anyway. I’ll go in through the WordPress web UI to fix it…

The Flickr interface is great, too. Uploading stuff, browsing people and tags. I’m really looking forward to using the native del.icio.us bookmark manager as well – the web-based one used by the Firefox extension is so slow it’s actually painful to use. Cocoalicious works great, but needs to be installed and running in order to be faster than the FF extension…

Update: Wow. This build of Flock has a cool add-on, where it recognizes any image hosted by Flickr, and adds a contextual link to let you easily browse that person’s photostream. Something you could do otherwise, but it takes 2 clicks, and goes through Flickr’s site. The Flock feature uses their cool photostream UI instead. Very cool.

Blogs, Wikis, Podcasts, etc… for classrooms

My copy of Will‘s book “Blogs, Wikis, Podcasts, and Other Powerful Web Tools for Classrooms” just came in. Looks like it’s going to be a pretty good read, providing the perspective of an in-the-trenches teacher, rather than just the geek echochamber I usually expose myself to…

Will Richardson: Blogs, Wikis, Podasts, and other web tools for classrooms

The book is definitely on top of my nonfiction reading list (my fiction reading, on the bus ride commute, is currently another Gregory Benford book I’m deliberately reading out of sequence…)