Archive for January, 2013

This Week in Grails (2013-03)

Tuesday, January 22nd, 2013

The Groovy team announced the second release candidate for Groovy 2.1.0 this week, and they’ve already released RC3 since then. This should be the final RC before 2.1.0 final.

The Griffon team released version 1.2.0 this week.

Marc Palmer is doing some interesting experiments with paid Grails plugin development, maintenance and documentation. He’s testing the waters with an e-book for the email-confirmation plugin, and is looking into how interested people are in a book on the resources plugin. And he should have a KickStarter campaign going soon to fund the development effort to clear the backlog of bugs and feature requests for the resources plugin. It’ll be interesting to see if the historically cheap Java-based community will be willing to dig into their wallets 🙂

Greach is this week, it will be Friday and Saturday in Madrid. Tickets are still available. Two tracks, a great lineup of speakers, Madrid. What more could you ask for?

The call for papers for the two GR8Conf conferences ends in a few weeks on February 15th. Get those talk proposals submitted, here for the EU conference and here for the US conference.


If you want to keep up with these “This Week in Grails” posts you can access them directly via their category link or in an RSS reader with the feed for just these posts.


Translations of this post:



Plugins

There were 3 new plugins released:

  • coffeescript-compiler version 0.5. Compiles .coffee source files into .js files
  • excel-export version 0.1.3. Export data in Excel (xlsx) format using Apache POI
  • hsoy-templates version 0.3. Adds support for Hsoy Templates (Google Closure Templates with HAML syntax)

and 21 updated plugins:

  • airbrake version 0.9.2. Notifier plugin for integrating apps with Airbrake
  • akka version 0.6.2. Akka actors integration from Groovy and Java, in a Servlet 3.x environment
  • asynchronous-mail version 1.0-RC3. Send email asynchronously by storing them in the database and sending with a Quartz job
  • atmosphere version 1.1.0.beta2. Provides integration with the Atmosphere project, a portable AjaxPush/Comet and WebSocket framework
  • easygrid version 1.2.1. Provides a convenient and agile way of defining Data Grids
  • email-confirmation version 2.0.8. Sends an email to a user with a link to click to confirm site registration
  • events-push version 1.0.M7. A client-side event bus based on the portable push library Atmosphere that propagates events from the server-side event bus to the browser
  • feature-switch version 0.5. Allows turning on and off of features
  • functional-test-development version 0.9.4. Installs a script, develop-functional-tests, that you can use to develop your functional tests more conveniently
  • handlebars-resources version 0.3.5. Supports using Handlebars.js templates with the Grails Resources Plugin
  • jquery version 1.9.0. Integrates jQuery
  • mail-on-exception version 0.1.1. Allows one to specify an email address where all frontend exceptions will be sent
  • newrelic version 0.6. Adds the NewRelic Real User Monitoring feature to your GSP pages
  • plastic-criteria version 0.5. Mock Grails Criteria for Unit Tests
  • platform-core version 1.0.RC5. Provides functionality for plugins to use to achieve greater integration with each other and with applications
  • raven version 0.5.3. Sentry Client for Grails
  • remote-control version 1.4. Execute code inside a remote Grails application
  • sanitizer version 0.8.0. Sanitizes markup(HTML, XHTML, CSS) using OWASP AntiSamy Filters
  • spring-security-facebook version 0.10.4. Plugin for Facebook Authentication, as extension to Grails Spring Security Core plugin
  • vaadin version 1.7.0-rc1. Adds Vaadin (http://vaadin.com/) integration
  • xwiki-rendering version 1.0-RC2. Convert texts using XWiki Rendering Framework

Interesting Tweets

Jobs



User groups and Conferences


This Week in Grails (2013-02)

Thursday, January 17th, 2013

Graeme wrote about the new Aether-based depedency resolution approach in 2.3. Aether is missing a few features that Ivy has but makes up for that in several ways, in particular by being significantly faster.

The Groovy team released an RC of Groovy 2.1. Lots of cool stuff there, the most interesting to me being support for invokedynamic. This promises to bring huge performance increases without any annotations or code changes (as long as you’re using a JDK version that supports it).


If you want to keep up with these “This Week in Grails” posts you can access them directly via their category link or in an RSS reader with the feed for just these posts.


Translations of this post:



Plugins

There were no new plugins released but 11 updated:

  • asynchronous-mail version 1.0-RC1. Send email asynchronously by storing them in the database and sending with a Quartz job
  • clover version 3.1.10.1. Integrates the Clover code coverage tool
  • cookie-session version 2.0.3. Allows you to store session data in a cookie
  • cucumber version 0.8.0. Test your Grails apps with Cucumber
  • easygrid version 1.1.0. Provides a convenient and agile way of defining Data Grids
  • kissmetrics version 0.2.0. Allows your Grails application to use KISSmetrics APIs
  • localizations version 1.4.4.7. Store i18n strings in a database
  • quartz version 1.0-RC5. Schedules jobs to be executed with a specified interval or cron expression using the Quartz Enterprise Job Scheduler
  • remote-pagination version 0.4.1. Provides tags for pagination and to sort columns without page refresh using Ajax and loads only the list of objects needed
  • slug-generator version 0.2. Generates unique slugs for String properties, for example to generate unique ‘nice’ urls for access to domain objects
  • vero version 0.2.0. Allows your Grails application to use Vero APIs

Interesting Tweets

User groups and Conferences


This Week in Grails (2013-01)

Thursday, January 10th, 2013

The big news of this week is that there is finally a book available that covers Grails 2, Jeff and Graeme’s The Definitive Guide to Grails 2. There’s even photographic proof that it’s shipping 🙂

If you’re considering submitting talk proposals to either or both of GR8Conf Europe and GR8Conf US be sure to do so soon; the deadline is February 15. Submit for the US conference here and the EU conference here, and if you want to submit for both you can do that from either site.

I released two new plugins this week. The first was the database-migration-jaxb plugin which was going to be part of the database-migration plugin but it requires Java 7 or higher (more specifically JAXB 2.2 or higher) so I released it as an addon instead. It adds a new approach to creating database migrations – writing them programmatically using JAXB-generated classes. I wrote about this and the big new 1.3 release of the database-migration plugin in this blog post.

The other new plugin is spring-security-shiro which adds the ability to use Shiro’s easy and powerful ACLs and permissions alongside Spring Security and the spring-security-core plugin. See this blog post for more information.


If you want to keep up with these “This Week in Grails” posts you can access them directly via their category link or in an RSS reader with the feed for just these posts.


Translations of this post:



Plugins

There were 2 new plugins released:

and 13 updated plugins:

  • akka version 0.6.1. Akka actors integration from Groovy and Java, in a Servlet 3.x environment
  • browser-detection version 0.4.3. Provides a service and tag library for browser detection
  • database-migration version 1.3.2. Official Grails plugin for database migrations
  • equals-hashcode-test version 0.3. Base Spock specification for testing equals and hashCode methods of domain classes and other Groovy objects
  • facebook-sdk version 0.4.8. Allows your application to use the Facebook Platform and develop Facebook apps on Facebook.com or on web sites (with Facebook Connect)
  • grom version 0.3.0. Sends notifications on Windows, Linux, and Mac
  • handlebars-resources version 0.3.4. Supports using Handlebars.js templates with the Grails Resources Plugin
  • newrelic version 0.5. Adds the NewRelic Real User Monitoring feature to your GSP pages
  • quartz-monitor version 0.3-RC1. One clear and concise page that enables you to administer all your Quartz jobs
  • remote-pagination version 0.4. Provides tags for pagination and to sort columns without page refresh using Ajax and loads only the list of objects needed
  • spring-security-facebook version 0.10.3. Plugin for Facebook Authentication, as extension to Grails Spring Security Core plugin
  • stripe version 1.3. Use Stripe to process credit card transactions
  • war-exec version 1.0.2. Makes the war files generated by Grails executable (java -jar myapp.war) by embedding Jetty. Jetty can be configured using properties in Config.groovy

Interesting Tweets

User groups and Conferences


A Grails plugin to bridge Spring Security and Shiro

Sunday, January 06th, 2013

I started using Spring Security in 2007 when I was tasked with adding security to a Spring/Hibernate application at the company I was working for. There were a few options to choose from, none of them particularly friendly to work with, and we chose Acegi Security because it was the most popular option for Spring applications. My experience was like that of many others – it was confusing and frustrating, and required a ton of XML. The next major release was renamed Spring Security 2.0 and it was officially brought in as a Spring subproject, and fortunately it made configuration dramatically simpler by using Spring XML namespaces.

When I started using Grails and found that it supported plugins one of the first I looked at was the acegi plugin, and I eventually became the plugin maintainer and later wrote most of the newer Spring Security plugins. I keep working with Spring Security because it’s very powerful and because I know it well, having struggled with learning Acegi 1.0.x, and then moving on to Spring Security 2.x and 3.x.

Grails has another popular security plugin, the shiro plugin. I haven’t used it but it has the reputation that it’s easier to use than Spring Security. I think that’s less the case with the plugins since spring-security-core and its dependent plugins are quite user-friendly, but more so when you’re not using the plugins or are working directly with the underlying APIs. For the most part the feature set of Spring Security and Shiro overlap with Spring Security having a few more features (but Shiro is catching up quickly). But one feature that is strangely implemented and hard to use in Spring Security but easy to use in Shiro is ACLs and permissions.

It took me a long time to get the spring-security-acl plugin finished, in large part because the Spring Security ACL implementation is overly complicated and hard to use. It works, but it’s far from user-friendly. But looking at the Shiro plugin’s documentation I was jealous to see that you can do simple things like grant the “printer:print:*” permission to a user, and the wildcard implies the “printer:print:lp7200” and “printer:print:epsoncolor” permissions. Then you can guard a service method with @RequiresPermissions('printer:print:*) and a user granted “printer:print:*” (or a more specific permission like “printer:print:lp7200”) can call the method, and others will be denied.

A while back I thought it would be cool to be able to use Shiro’s permission support in addition to Spring Security. I started working on it a few months ago and picked it up again this weekend and got it working. Basically it just adds a filter that runs after the Spring Security SecurityContextPersistenceFilter which populates the SecurityContext (typically from the HTTP session) with your current Authentication, and creates a Shiro Subject with the same information and registers it in the ThreadContext. In addition it adds support for storing permission information. This is done by default with a domain class that has a many-to-one relationship with the existing user class, but this is customizable.

So now you can install the spring-security-shiro alongside the spring-security-core and any of its dependent plugins and use both approaches. You can even use Spring Security ACLs and Shiro ACLs at the same time.

Check out the plugin page and the documentation for more information.

Updated Grails Database Migration plugin

Friday, January 04th, 2013

Edit: January 5 – I released the plugin that adds support for JAXB-based classes; see the plugin page and the documentation for more information.


One of the downsides to releasing a lot of plugins is lots of reported issues. I’ve joked that since there aren’t good ways to know how much use a plugin gets, the best metric is the number of reported bugs and feature requests, and that is mostly true. Using that logic the database-migration plugin is very popular 🙂

I try to address serious issues, but most of this plugin’s issue have to do with generated code. My attitude towards generated code is that it should not be trusted, and should rarely be expected to be completely correct. For example, when you use the dbm-gorm-diff or dbm-generate-gorm-changelog scripts, they do most of your work for you. My hope is that it saves you lots of time and that you shouldn’t need to do much work to fix any issues, but that you should expect issues.

When I did the What’s new with Grails 2.0 talk at NEJUG a year ago I mentioned this plugin and focused on the GORM-based scripts because I think they’re the best approach to creating migrations. But one of the attendees who also uses Rails said that Rails migrations were better because they have a DSL that you can use to write the migrations. I realized that I was so used to running dbm-gorm-diff that I had neglected to even mention the extensive Groovy DSL that the plugin supports (it’s a 100% clone of the XML syntax in native Liquibase). It’s a good DSL and you can create migrations completely by hand using it, but I can’t see why you would do that given how much you can get for free with the scripts. I mention this story to point out why I think it’s ironic when people complain that it’s tedious to have to fix invalid code that a script generated; feel free to use the DSL directly and forego the broken scripts 😉


The bug list for the database-migration plugin was getting a bit big and there were quite a few open pull requests. The tipping point however was seeing this tweet and realizing that I should spend some time on the plugin again.

The pull request that Zan mentioned in his tweet was a big one, adding support for doing migrations on multiple databases, mirroring the multi-datasource support in Grails 2.0. It would be great if all pull requests were this high-quality, including documentation updates and lots of tests. While I was integrating that (I had made some changes since then that required a traditional pull request since the Github UI wouldn’t do an automatic merge, and there were a few conflicts) I worked on the other outstanding issues.

I merged in all of the open pull requests – many thanks for those. I also closed a few bugs that weren’t real bugs or were duplicates, and fixed several others. That made for an interesting JIRA 30-day issue graph:

Many of the other reported issues were variants of the same problem where Liquibase was specifying the size of database columns that don’t support a size (for example bytea(255)). Hibernate does a much better job of this, so I was able to rework things so the Hibernate data types are used where possible instead of what Liquibase generates. So hopefully the generated changelogs will be much more accurate and involve less tweaking.

You can see the release notes of the 1.3 release here and the updated docs here.

Note that the latest version of the plugin is 1.3.1 since there were issues with the JAXB code that I included in the 1.3 release. I removed the code since it depends on Java 7 (and wasn’t completely finished) and will release it as a separate plugin.

This Week in Grails (2012-52)

Wednesday, January 02nd, 2013

Tomas Lin published a great blog post with a large collection of Grails testing resources.
Be sure to register your support for Marc Palmer’s proposed book on the resources plugins.

The Greach conference is getting closer, only a few weeks away. Do you have your ticket yet?

I released a new plugin this week, the lazylob plugin. It adds support for lazy loading of BLOB and CLOB domain class properties so you don’t have to artificially split your domain class into a one-to-one just to avoid the cost of loading large object data when you load domain class instances.


If you want to keep up with these “This Week in Grails” posts you can access them directly via their category link or in an RSS reader with the feed for just these posts.


Translations of this post:



Plugins

There was 1 new plugin released:

  • lazylob version 0.1. Adds support for lazy-loaded Blobs and Clobs

and 3 updated plugins:

  • quartz version 1.0-RC4. Schedules jobs to be executed with a specified interval or cron expression using the Quartz Enterprise Job Scheduler
  • spring-security-taobao version 1.1. Integrates the Taobao Open API Authentication with the Spring Security Core plugin
  • zk version 2.1.0. Adds ZK Ajax framework (www.zkoss.org) support to Grails applications

Interesting Tweets

User groups and Conferences


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.