Jan 10 2013

Authenticate to Google using OAUTH2 in your RubyMotion App

Category: UncategorizedDoug Puchalski @ 5:33 pm

I’ve built a sample project that integrates Google open-source iOS libraries to connect your app to the plethora of services Google offers.


Google APIs with generated interfaces include

For more information, see Using OAuth 2.0 to Access Google APIs and Google APIs Client Library for Objective-C.

Project source is available on github.


Tags: , , ,

Jun 11 2012

Prevent Rails Session Hijacking in Warden

Category: UncategorizedDoug Puchalski @ 12:47 pm

Thanks for Ryan Bates for his recent screencast on the Dangers of Session Hijacking. In short, a session can be hijacked if your user has an https session but then browses to the same site using http. An attacker can capture the cookie with a network sniffer and use it to access the user’s secure session.

If you’re using warden, you can use the serialization hooks to implement Ryan’s strategy.

Warden::Manager.serialize_into_session do |resource|
  if request.ssl?
    # Use an extra token under SSL to block session hijacking
    # Based on http://railscasts.com/episodes/356-dangers-of-session-hijacking
    session[:secure_token] = SecureRandom.hex
    cookies.signed[:secure_token] = {secure: true, value: session[:secure_token]}
  [resource.class.name, resource.id]

Warden::Manager.serialize_from_session do |identifier|
  result = nil
    if !request.ssl? || cookies.signed[:secure_token] == session[:secure_token]
      class_name, id = identifier
      id = id.to_i rescue nil
      klass = Kernel.const_get class_name
      result = klass.find(id) if id.is_a? Integer
  rescue ActiveRecord::RecordNotFound => exc
    # Fail silently, stale cookie or user id

Mar 13 2012

Caloris: A git-based CMS back-end for Mercury Editor

Category: Open Source,Ruby,Ruby on RailsDoug Puchalski @ 8:38 pm

The Mercury Editor is an excellent and beautiful start to a great Content Management System. It’s a Rails Engine, and provides a coffee-script-based front-end and stops there. This is actually a great thing. Too many CMS implementations try to to do too much, and complexity renders them cumbersome or difficult for certain use cases.

I’ve picked up where Mercury left off with Caloris, named after an impact crater on the planet.

My goal is to be able to manage content using a text-editor, using git for version control, and capistrano for deployment. For the non-technical, they can use the Mercury front-end to make things easy.

Caloris uses low-level git on the back-end, committing on each save to a branch that the user must set up, while content is served from the master branch. Page versions can be browed by branch and/or commit. When a user is ready to submit their changes, I can view them using the CMS, and/or diff those changes against master for review, and merge when ready.

A work in progress, but I’m very happy with where it’s going. Check it out. Contributions will be welcome.

Jan 14 2012

Install Ruby Debug Gems for rbenv

Category: UncategorizedDoug Puchalski @ 5:39 pm

Ruby debug gems don’t seem to install nicely when you’re not using the default system ruby. When using rbenv (similiarly done for rvm), you’ll need to specify the ruby directory when installing. I keep this around for installing new or upgrading development machines.

export ruby_include=$HOME/.rbenv/versions/1.9.2-p290

gem install ruby-debug19 -- --with-ruby-include=$ruby_include
gem install ruby-debug-base19 -- --with-ruby-include=$ruby_include
gem install ruby-debug-base19x -- --with-ruby-include=$ruby_include
gem install ruby-debug-ide19 -- --with-ruby-include=$ruby_include
gem install ruby-debug-ide -- --with-ruby-include=$ruby_include

Aug 04 2011

Link Media brings semantic search technology to its international news site

Category: UncategorizedDoug Puchalski @ 3:10 am

Link Media, which broadcasts documentaries, global news, world music, international cinema and more on its Link TV satellite channel in the U.S., is expanding its news video offerings with the launch of Link News.  Link has long been a provider of international news reporting. During the recent uprisings in Egypt, it provided extensive coverage thanks to feeds from Al Jazeera English and Mosaic, its Knight-sponsored, Peabody Award-winning daily news program on the Middle East and North Africa. But with the launch of Link News, the site’s powerful new search tools will bring an even greater variety of stories from all over the web, which will be available to users worldwide for free.

With support from Knight Foundation, Link Media developed semantic search technology for its news video platform. This technology, based on Link’s ViewChange.org, analyzes the transcripts and descriptions of the videos and produces multiple topic keywords. These topics are then used to find related videos and articles from all over the web. The search also pulls up different suggestions on how viewers can engage with the news story they just watched— for example, the names of related volunteer organizations or petitions that they can sign. Results are constantly updated in real time to include new, relevant content.

After developing ViewChange.org and the LinkTV Platform in Ruby on Rails and jQuery with Definition LLC, I was asked to participate in the final stages of Link News, the second site to use the platform. Working with Link and Definition to advance the semantic web and now to add even more functionality around it was a great opportunity.

Read the rest of the blog post at the Knight Foundation.


Jun 01 2011

ViewChange.org Releases Open Source LinkTV Platform

Category: UncategorizedDoug Puchalski @ 2:27 am

Today, the ViewChange.org team announced the release of Link TV Platform, the open source project that powers ViewChange.org and LinkTV News. A semantic video platform, the project combines the rich media experience of video with the data-centric concepts of the Semantic Web.

Link TV Platform has been released as a Rails Engine for the popular Ruby on Rails web application framework. Essentially an application within an application, this modular approach provides a robust foundation, while allowing for your own customizations and enhancements.

Contact fullware for the most efficient implementation of your site using the platform, by its main developer. Email linktv_platform at this site’s domain for more information.

Platform Features

  • Flexible video support
    Import videos from MRSS feeds to Amazon S3, streaming support via Amazon CloudFront, YouTube content and HTML5 video playback
  • Content analysis & curation
    Create distinct video segments (chapters), assign suggested topics from video transcript text analysis (via Zemanta API) and weight topic associations by relevance.
  • Semantic Web features
    Linked Data URIs, contextual RDFa markup with owl:sameAs links to Freebase and DBpedia entities, RDF/XML endpoints.
  • Related content discovery
    Aggregate related articles, videos and actions from around the web, leveraging APIs from Daylife, Zemanta, Truveo and Social Actions.
  • Advanced search & API
    Fulltext search powered by Apache Solr and an available JSON/XML API.

I’m happy to have worked with Definition, LinkTV, Method, and SocialActions on this very successful project.

Read more here.

May 26 2011

Easily Load Rails Migrations for Console Execution

Category: UncategorizedDoug Puchalski @ 8:35 pm

When in development, you may find yourself making changes to your migrations rather than adding new ones. This makes sense when you haven’t deployed versions of the database, and you’d prefer to limit the number of migrations.

Create a file “config/initializers/require_migrations.rb”

# Load in all the migrations for easy manual exection
def require_migrations
  Dir.glob(Rails.root + "db/migrate/*.rb").each{|s| require s}

Then, in the console, you can easily redo a single migration:

ruby> require_migrations
ruby> CreateUsers.down
ruby> CreateUsers.up

May 10 2011

Autoload and Unloadable in Ruby Libraries

Category: UncategorizedDoug Puchalski @ 9:23 pm

Question: I’m developing a gem alongside my Rails app. I’d like to be able to modify the code in the gem without having to restart my server, or the console. How can I extend Rails’ “unloadable” functionality to my gem?

When developing a library to be used in your Rails app, it’s helpful that the modules and classes are reloaded on each request (and/or with the “reload!” command in the console), just as with what you have defined in your app. I’ve done quote a bit of hunting around for this, but in the end with trial and error did a simple solution reveal itself.

Just use ActiveSupport::Dependencies to handle your (auto)loading:


require 'active_support/dependencies'
ActiveSupport::Dependencies.autoload_paths += [File.expand_path("..", __FILE__)]

module MyGem
  include ActiveSupport::Dependencies

Be sure to add “unloadable” to all of your classes as well.

Apr 29 2011

Use require_or_load to avoid "unloadable" issues with extended models and controllers

Category: UncategorizedDoug Puchalski @ 7:42 pm

In the default development.rb, cache_classes is set to false. This is what allows code changes to be reflected in each new request without requiring a server-restart. By default, this will only apply to the classes with your app, not those from external libraries or gems.

Let’s say you are extending a controller from a Rails Engine from a gem to add an action:


require "#{Gem.loaded_specs['my_engine'].full_gem_path}/app/controllers/application_controller'

class ApplicationController
  def new_action


class ApplicationController < ActionController::Base
  def old_action

On the first request, everything works fine, but at the end of the request the problem begins. Rails will unload ApplicationController because the constant :ApplicationController was marked as unloadable when your app's version was autoloaded. But, Rails also remembers that the engine's file was already required in. On the second request, your app's controller will be reloaded, but the require statement will be ignored. As a result, "old_action", won't exist, and in fact, now your ApplicationController will inherit from Object and not ActionController::Base.

The simple fix is to use require_or_load, defined in activesupport/lib/active_support/dependencies.rb.

require_or_load "#{Gem.loaded_specs['my_engine'].full_gem_path}/app/controllers/application_controller'

class ApplicationController
  def new_action

More information on how Rails in development mode and autoloading is included in Required or Not? by Frederick Cheung.

Mar 27 2011

Verify a DB table supports transactions with rspec

Category: UncategorizedDoug Puchalski @ 10:52 pm

If your design counts on transaction support, it might be a good idea to specify the fact early and succinctly.

First, you’ll need to turn off use_transactional_fixtures. This means that rspec won’t wrap each example in a DB transaction, which it would roll back at the end of the example to return to DB to pristine state. Instead, use Database Cleaner, as shown in the spec_helper.rb below. Database Cleaner’s docs will also who you how to change modes on a per-example basis, if necessary.

In spec_helper.rb:

  require 'database_cleaner'
  DatabaseCleaner.strategy = :truncation

  RSpec.configure do |config|
    config.use_transactional_fixtures = false

  # Might want to move these into a separate file, i.e. spec/models/shared_examples.rb
  shared_examples_for "transaction table" do
    it "supports transactions" do
        described_class.transaction do
          object = described_class.new
          object.save validate: false
          object.id.should_not == nil
          described_class.count.should == 1
      described_class.count.should == 0

In your ActiveRecord model specs, indicate that the table should allow transactions:

  describe MyModel do
    it_behaves_like "transaction table"

Note that if you’re using MySQL, you won’t automatically get InnoDB tables in your generated migrations. Add an option to each create_table block like this:

  create_table :rec, :options => 'ENGINE=InnoDB' do |t|

Next Page »