Zotonic
Zotonic
zotonic@conference.zotonic.com
Monday, 19 August 2013< ^ >
Arjan has set the subject to: Zotonic - The Erlang Web Framework & CMS
Room Configuration

GMT+2
[07:31:24] Andreas Stenius joins the room
[09:45:07] Piotr Nosek joins the room
[09:47:56] arjan joins the room
[09:48:31] arjan leaves the room
[09:48:34] arjan joins the room
[10:47:48] arjan leaves the room
[11:03:44] Marc Worrell leaves the room: Disconnected: connection closed
[12:08:47] arjan joins the room
[13:32:28] Maas joins the room
[13:41:22] <Andreas Stenius> Hmm... I wonder why mod_backup depends on mod_rest?!
[13:42:02] arjan leaves the room
[14:00:09] <Piotr Nosek> Hi everyone. I'm planning to integrate Zotonic builtin authentication with my site and I'm not sure if I can use mod_authentication? Do I have to enable it for my site or can I just use controller modules from it? What should be in the data passed to controller_logon and how can I later check in my controllers if current user is allowed to do something or how can I access some meta data about current user?
[14:02:27] <Piotr Nosek> Also do I have to use some existing table in DB for keeping user data or can I create some custom one?
[14:03:08] <Andreas Stenius> Hi Piotr Nosek
[14:03:27] <Andreas Stenius> Let's see if we can straighten some question marks there..
[14:04:12] <Andreas Stenius> first, regarding user data... the assumption is that the user id is also in the rsc table (with that same id)
[14:04:49] <Andreas Stenius> but that is only relevant if you rely on any of the existing modules for authentication
[14:06:39] <Andreas Stenius> what a user is allowed to do is checked by a module providing the acl functionality. There are currently two of those: mod_admins_only, and mod_acl_simple_roles.
[14:07:38] <Andreas Stenius> I've been working on a more sophisitcated acl module implementing RBAC.. (can find it here: https://github.com/kaos/zotonic/tree/rbac )
[14:08:34] <Andreas Stenius> also, did you read the section on acess control in the docs? : http://zotonic.com/docs/0.9/manuals/auth/index.html
[14:08:45] <Piotr Nosek> Let's assume that I don't need anything more sophisticated than distinction between admins and ordinary users :)
[14:09:12] <Andreas Stenius> should ordinary users still logon, or are they anonymous?
[14:10:04] <Andreas Stenius> If the only ones logging on are amdins, the acl admins only should be fine for you.. otherwise acl simple roles should do the trick
[14:10:10] <Piotr Nosek> Yes. I have read it but it's unclear how to apply this in custom controller added to empty skeleton. I somehow got an impression this doc is created for someone extending "blog" skeleton or something… :)
[14:10:42] <Andreas Stenius> ah, ok :) (I'd be happy to improve those docs with your help, as I wrote them :p )
[14:11:02] <Piotr Nosek> If you put it this way there will be 3 kinds of users: not logged in just for browsing site, logged in for submitting data and admins for accessing custom admin panel
[14:11:20] <Andreas Stenius> simple roles it is
[14:11:34] <Piotr Nosek> OK, it's a start :)
[14:12:31] <Andreas Stenius> if you write a custom controller, just take a peek at how controller_template checks the is_authorized call: https://github.com/zotonic/zotonic/blob/master/modules/mod_base/controllers/controller_template.erl
[14:13:18] <Andreas Stenius> ah, I see your point about the docs now.. :)
[14:14:02] <Andreas Stenius> for checks in templates, you have: http://zotonic.com/docs/0.9/ref/models/model_acl.html#model-acl
[14:14:20] <Andreas Stenius> but the corresponding docs for z_acl are missing
[14:15:24] <Piotr Nosek> Why each user must have an entry in "rsc" table? It looks rather like a table for site pages or blog posts :)
[14:16:02] <Andreas Stenius> well, it's a table for everything that is something.. such as pages, posts... and users
[14:16:40] <Andreas Stenius> the user resource has information about the name, e-mail address, and everything else you may want to store about the user..
[14:19:28] <Piotr Nosek> OK, give me a minute. I'll create some user and see how it looks in DB. :)
[14:19:59] <Andreas Stenius> the login credentials are kept in it's own table, btw..
[14:22:55] <Piotr Nosek> And I should use http://zotonic.com/docs/0.9/ref/modules/mod_signup.html to manage entries in these tables? :)
[14:23:23] <Andreas Stenius> yeah, that's one way to do it, that makes it easier for you :)
[14:24:21] <Andreas Stenius> once signed up, you'd need an admin or custom built interface for updating the user information though... (there is support for recovering lost passwords, however)
[14:25:38] <Piotr Nosek> By user information you mean first/last name, e-mail etc.?
[14:25:57] <Andreas Stenius> yes
[14:29:11] <Piotr Nosek> OK, to sum it up: I need to use mod_authentication and mod_signup to register and login users. Access should be controlled with simple roles. My custom controllers need to export is_authorized/2 function.
[14:30:31] <Piotr Nosek> And about controller_template: what exactly is_authorized/2 here checks for? BTW: what does "WM" in ?WM_REQ or in wm_is_authorized stand for?
[14:30:58] <Piotr Nosek> Also why do I need to call z_context:ensure_all at the beginning of is_authorized2?
[14:31:27] <Piotr Nosek> And it seems that is_authorized returns #context{}? Why not true or false?
[14:50:35] Steffen Hanikel joins the room
[14:51:21] <Steffen Hanikel> hi, I'm new to Erlang development. What do you guys use as an editor/IDE?
[14:52:56] <Piotr Nosek> Many of my colleagues use SublimeText, I'm rather vim person :)
[14:54:28] <Steffen Hanikel> Do you have any experience with the Intellij Idea plugin? I really like intellij for my other programming work
[15:07:11] <Piotr Nosek> Nope, never used it.
[15:07:27] <Piotr Nosek> Guys, do you have any idea what might cause this crash:
[15:07:41] <Piotr Nosek> (…)
15:03:58.396 [info] gen_smtp_server starting at 'zotonic001@d-srv-web1'
15:03:58.397 [info] gen_smtp_server listening on {0,0,0,0}:2525 via tcp
15:03:58.428 [info] Site started: zotonic_status (<0.149.0>)
Terminating due to shutdown
{"init terminating in do_boot",{{badmatch,{error,{shutdown,{zotonic_app,start,[normal,[]]}}}},[{zotonic,start,1,[{file,"src/zotonic.erl"},{line,52}]},{init,start_it,1,[]},{init,start_em,1,[]}]}}
Crash dump was written to: erl_crash.dump
init terminating in do_boot ()
[15:08:11] <Piotr Nosek> My guess is it's because some other server is using port 8000 on the same machine. How can I make Zotonic use different port?
[15:09:37] <Piotr Nosek> I know that it should be somewhere in config in priv/sites but it seems that :8000 is not explicitly stated there
[15:15:07] arjan joins the room
[15:16:21] <Steffen Hanikel> Piotr Nosek: in priv/config there should be a listen_port entry
[15:16:33] arjan leaves the room
[15:16:36] <Steffen Hanikel> I guess you can just add it if it's not there
[15:16:51] arjan joins the room
[15:18:32] <Piotr Nosek> Yes, it's there. Thanks
[15:38:59] arjan leaves the room
[15:39:10] arjan joins the room
[15:41:36] arjan leaves the room
[15:42:15] arjan joins the room
[15:46:48] <Andreas Stenius> I use emacs, and there's a zotonic mode for emacs that support our template language too.. ;)
[15:48:08] <Andreas Stenius> Piotr Nosek: wm stands for webmachine. As the controllers are webmachine resource handlers, they follow the api defined by webmachine.
[15:49:10] <Andreas Stenius> is_authorized is called for each request to let the controller decide if the request is authorized or not. Why it doesn't return just true/false is how it has been implemented in webmachine.
[16:00:00] <Steffen Hanikel> ah, so I guess I have too take another look at emacs. does it also do completion?
[16:01:23] Piotr Nosek leaves the room
[16:11:28] <Andreas Stenius> Steffen Hanikel: it does autoclose on tags. No auto completion besides that, yet.
[16:21:17] Andreas Stenius leaves the room
[16:41:56] Steffen Hanikel leaves the room
[16:42:59] Kaos joins the room
[17:13:46] Steffen Hanikel joins the room
[17:25:52] <Steffen Hanikel> Hey http://demo.zotonic.com/ is broken, someone deleted all content and users
[17:31:52] arjan leaves the room
[17:32:30] arjan joins the room
[17:37:19] arjan leaves the room
[17:47:22] Maas leaves the room
[19:26:16] Steffen Hanikel leaves the room
[19:46:35] arjan joins the room
[20:46:19] Steffen Hanikel joins the room
[20:47:46] Steffen Hanikel leaves the room
[20:55:07] arjan leaves the room
[21:11:17] Steffen Hanikel joins the room
[21:29:50] <z-bot> [mawuli] Hi :)
[21:30:48] <z-bot> [mawuli] Is it necessary to update the server after every module installation? I would like to bypass that and install multiple modules, then only update the srever once all the modules are installed
[21:33:27] <z-bot> [mawuli] * server
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!