First steps with UCommerce

This week I had a look at Umbraco and UCommerce. I already created a small site (just for personal practice) with Umbraco.
So I downloaded the latest versions from Umbraco (https://our.umbraco.org/download) and UCommerce (https://ucommerce.net/platform). There’s a free version of UCommerce as well.

I think UCommerce is quite interesting, because it is available for various CMS’ like Kentico, Sitecore and of course Umbraco. So I hope you can reuse your knowledge, when learning it on one platform and then you have to implement it for another project on another platform.

Just as mentioned by a colleague, there’s currently no support for specific german payment- and shipping-providers. So I’m interested in implementing them.
I already started with the payment-provider. In my case Wirecard.

My starting point for this is the documentation of UCommerce for implementing a payment-service:
https://docs.ucommerce.net/ucommerce/v7.11/payment-providers/integrating-a-payment-gateway.html

So far I found the most promising way on the wirecard page to be the “seamless checkout” page, where you first post your parameters (from the payment object, which is passed to your payment-service method above) to “Init”. You’ll get a link back then where you have to bring the user to to start the payment process.
I’m not sure, but I guess if you reached that milestone, you’ll just have to handle the payment-result in UCommerce then:
https://guides.wirecard.at/wcs:frontend_init

If anyone of you already has some more experience with Umbraco or UCommerce, I’d be glad to chat with you.

Ah – before I forget my favorite part … If you want to try this your own. I spent several hours to understand, that my biggest problem with the UCommerce Demo-Shop was the fact that I already installed the UCommerce Demo-Page … so the templates mixed up. Just do not install the Umbraco Demo-Page and everything will work fine ;-).

Coding evening and Jira API

In the first week of january, we’ve visited our colleagues in Hamburg. And when you’re driving there for some hours (and haven’t been there in a while), I couldn’t of course resist to have a nice coding-session in the evening. For that we decided even to stay a day longer, so we didn’t have to hurry to drive home when the evening got late.
Our self-set todo for that evening was to load tickets via API from a local Jira system.
So one of my colleagues took care of reading into the API and preparing the .NET classes (as well as the handling of the data), while I on the other side tried my luck with the authentication.

My mate was quite successful, in a short amount of time, because the API was documented quite well. You can retrieve boards, sprints and issues (separately and grouped by sprint) just by knowing the correct endpoints. You can find the REST documentation on the atlassian page:
https://docs.atlassian.com/software/jira/docs/api/REST/7.6.1/

But have a look at the version number. As we realized at the end of the evening: Our system was just one version below that one we needed to directly query relations between projects and boards. Patches help 😉

I myself despaired the whole evening while working on the OAuth 1.0 authentication. Actually I did that various times (whereas I have to confess that I’m not that firm in implementing such stuff), but I didn’t get that exact way on this evening.

While all my current implementations used HMAC-Sha-something as signature method, Jira insisted on having an RSA-Sha-something. No problem … i thought … if only my libraries (I tried 2 or 3) wouldn’t have acknowledged my tries to set RSA as method with the message “method not supported”.
Some days later I read into that topic again and found something like this:
https://crypto.stackexchange.com/questions/11293/hmac-sha256-vs-rsa-sha256-which-one-to-use

“While HMAC has to use a shared key between server and client (because it’s symmetric) – RSA uses only the PublicKey to validate (that’s called asymetrisch)”. So only one party has to know the privat key.
Well – ok – sounds valid. But on that evening it was already late and I didn’t get it then anymore.

And because I didn’t want to end that evening without a result, I lateron sat down in the hotel to have a further look. I already read that you could of course use the Jira API with basic authentication instead of OAuth … but there was even more (when not in a hurry to find the solution within a given time) … There is for example a library which calls itself “Atlassian SDK”. You can find it here:
https://bitbucket.org/farmas/atlassian.net-sdk/overview

My mate called it “boring” using a library – but hey – decide for yourself ;). Btw.: That library is written by a guy called “Federico Silva Armas”. LinkedIn tells us, that he’s been working at atlassian (QA engineer) and now works as core-dev on the azure-portal … well … Azure seems to be everywhere 😉

Activities during the holidays

Because Linux is a big topic in Azure as well, there’s an exam from Microsoft, that is called “Linux on Azure”. The prerequisites therefore are two things: A passed LFCS test of the Linux Foundation (Linux Foundation Certified System Administrator), as well as the MS exam 70-533 “Implementing Microsoft Azure Infrastructure Solutions”. You can find details over here:
https://www.microsoft.com/de-de/learning/mcsa-linux-azure-certification.aspx

The Linux Foundation has created a six-part series of video tutorials as a preparation for the former test. For the latter there are materials from MS. You can find both here:
http://aka.ms/azuremaster

Because I wanted to have a look at them (and had some free time) I watched them during the christmas holidays. With a monotonous enthusiams, a guy explained there in about 12h (all videos are about 1,5-2,5h long) the various topics.
It might have been a little bit more or less time – but with all my taking-notes, jumping forwards and backwards as well of course the watching, it took me about 19h.

Roughly grouped you’re told about the following topics

  • Shell
  • Folder structure (and the most important directories in Linux)
  • Filesystem + Mounting of devices
  • Editors (and especially VI)
  • Bootsequence / Bootloader / Config
  • SystemD (+systemctl)
  • Permissions (ACL,…) + Root
  • Manpages
  • Processes (pids; lists; signals)
  • Scheduling
  • Softwareinstallation + Packagemanager
  • User / Passwords / Groups
  • LSM (Linux security modules) / SELinux / PAM
  • SSH, Telnet
  • Network + Firewall (iptables) + Routing + DNS + FTP + NFS + KVM
  • Timeserver (chrony)
  • Samba
  • Mails (postfix, dovecot)
  • Apache (Webserver), Squid (Cache), MariaDB
  • Container
  • Partitions (dd, xdd, fdisk, LVM) + Raid, LUKS, Quota

So now I got a long list of dangerous superficial knowledge 😉 … I’m curious what of these I’ll learn in greater detail during this year and which I’ll need at all ;-D.

Mongo Auth

Just playing a little with mongodb and nodejs. Wanted to try out if there’s anything you have to take care of. Issues you wouldn’t expect.

So I created a node project (just a start.js), installed mongoose via npm (I read today that it’s a whole ORM for mongo, but that was the first driver that was recommended to me) and tried to connect:

mongoose.connect(‘uri’, options)

So I passed my credentials in the options object, but got the error message:

MongoError: auth failed

At first I thought I would have passed invalid credentials or had to choose the database first (but that is done via the uri). So I had a closer look at the message in the mongo host console itself. Well: UserNotFound … myuser@mydatabase … So I fired up MongoVUE (an admin UI for mongo) and double-checked that the user existed in the correct database.

Long story short: Mongo starts by default in a mode where no user is required. You have to pass “–auth” as parameter so the authentication module is loaded. After restarting mongo with:

.\mongod.exe –dbpath .\local_mongo –smallfiles –auth

Everything worked fine. I’m happy that I got one step further in understanding that stuff. And btw.: Without “–smallfiles” mongo was not able to start on my well filled harddrive, because the journal files where to big. But it might affect the performance, so I’ll remove that in the production-version.

MySQL Source

I just fell in love with mysql “source”-command … just wanted to mention that ;-)!

Having trouble importing a large file into a mysql database? Simply open the prompt, connect to the server (on my local machine I didn’t need to specify a host) so something like:

mysql -u [user] -p

And as soon as mysql lets you in, you can select the database to import your file into with the command:

use [database]

After the database is selected, you can import your file with this little nugget:

source [file]

All commands without brackets 😉 … and mysql will start importing the data into your database. No more workbench messages like “unable to allocate sufficient bytes to read the file”. Live can be so easy!

Apple event 2014-09

I’m kind of a fan-guy. Apple stuff is really interesting and especially the latest iOS/iPhone version really seemed to be a good release again – something you don’t wanna make jokes about like “oh – they added a new icon row” … So I sat down on 09-09 and wanted to watch the live event … unfortunately I got this:

2014-09-AppleCountdownUhm – seems like a normal countdown? Be happy! Cheer! It’s starting now! … … … Nope … … … It’s all about the little sentence below the “add to your calendar icon” … it reads:

“Live streaming video requires Safari 5.1.10 or later on OS X v10.6.8 or later; Safari on iOS 6.0 or later.”

Come on! I’m on a Chrome – Webkit – that HAS to be sufficient … Nope … no Apple guy (my Mac-Mini is in a drawer, but I don’t wanna unpack it and my Apple TV Remote is hidden somewhere between some other parts) … but – hey! You can’t just lock out your fans, because they’ve got other devices as well. That’s really not nice.

I still watched the stream … Some guys showed it, but made comments about everything, Stating every X minutes that “you could switch to the live-stream, if you didn’t want to listen to them” … o0 … yeah… well …

PixiJS

I recently searched for a 2D-Javascript game engine and came by this site: http://html5gameengine.com/. It lists various game engines. It seems their default sorting is “by popularity”. So let’s have a look at the first four entries. Construct 2 is a “whole editor, bring everything and just click your logic”-framework. I saw a screencast some days ago about it. It’s really cool for guys that don’t wanna do it “themselves” 😀 (no offense – it’s just to heavy-weight for me). Impact has a 99$ fee I didn’t want to pay at startup and EaselJS looks really cool, but was to much for me to start with (It’s part of CreateJS and that one brings sound, tweening and even a separate preloader). So I decided for PixiJS (after two colleagues, which used that one as well, told me it was a good lib).

Fun-fact: If you sort the list by “rating”, you’ll get pixi at the top ;-).

While some of the other frameworks bring “all you need” to the party, Pixi (http://www.pixijs.com/) just focuses on the rendering. They claim to be “the fastest” … that’s a good slogan, which I’ve already read several times, but if you read the discussions in the forum of Pixi, they’re always consider things like “we could do that, but that’s slower – we should go without that”.

Unfortunately the reason I read this was because I searched for shaders. I was told that they’re just gonna enable shaders for WebGL, but not for the canvas fallback (because Canvas doesn’t support them and they’d have to re-implement that behavior themselves). Even though they’re normally “It wouldn’t work in both ways, so we don’t implement it”, they seem to make an exception for the shaders, so you can use them if you’re really sure. In the documentation (which is a minus point, because it’s not really good maintained, but there’re several example projects where you can take the information from), you can see that it’s just offered for that one case and you won’t get the same functionality in the fallback if you’d use that feature.

As I tried to figure out whether I want to use Pixi, I just had written some custom clearRect logic for my own canvas script. So I wanted to check how the redraws in Pixi were handled … while I just re-rendered the area I wanted to change, Pixi always refreshes the whole area (you can see that in the chrome-dev-tools (F12 -> rendering -> Show paint rectangles).

I guessed it wouldn’t be that nice to have that behavior and so I searched for performance measurements of Pixi … and they all said: If you use WebGL, your performance will keep up … if you go to the fallback x00 (think it was about 600) items will tear down your framerate.

So I decided to stay with Pixi for the moment … and if I should realize at any time, that Pixi is not as good as I currently hope, the object model will save me … you just modify existing objects and the render-loop of pixi redraws them. So If I’m required to replace Pixi, my model will already be nice and clean so that it shouldn’t be a big deal.

Login Usability

Some time ago I wanted to read an article about NuoDB on forbes.com. Was interesting to read, but I didn’t fully comply with the authors opinion. So I wanted to ask in a comment about something I heard on a conference in Hamburg. But that’s just a side-story.

The funny thing happened, as I wanted to comment. Of course you’ll have to create an account to comment to minimize spam. But because I haven’t an account, I created one … After that was done and the account activated, I wanted to post my comment … unfortunately while the page still told me I wasn’t logged in and wouldn’t let me post, the login frame itself recognized my just activated account and told me – you can’t login … YOU ARE ALREADY LOGGED IN … o0 …

2014-07-ForbesLogin

What the hell? Why can’t you just check if there’s a user after clicking the “log in” button instead of telling me I was not permitted, because I already did that. Reloading the whole page fixed the problem.

That’s a good example why you (and I) always should think about the usability while developing new stuff.