“Top 10 Open Source Web-Based Project Management Software”

Posted by Piyush Gupta on September 06, 2010

Project management software is not just for managing software based project. It can be used for variety of other tasks too. The web-based software must provide tools for planning, organizing and managing resources to achieve project goals and objectives. A web-based project management software can be accessed through an intranet or WAN / LAN using a web browser. You don’t have to install any other software on the system. The software can be easy of use with access control features (multi-user). I use project management software for all of our projects (for e.g. building a new cluster farm) for issue / bug-tracking, calender, gantt charts, email notification and much more.

Obviously I’m not the only user, the following open source software is used by some of the biggest research organizations and companies world wild. For example, NASA’s Jet Propulsion Laboratory uses track software or open source project such as lighttpd / phpbb use redmine software to keep track of their projects.

You use the following top 10 software for personal or business use. Keep track of all your projects in one place and finish them successfully on time.

#1: Codendi

Codendi is an open-source collaborative development platform offered by Xerox. From only one interface, it gathers, all the needed tools for software development teams: management and versioning of code, bugs, requirements, documents, reporting, tests etc. It is mainly used for managing software project processes.

#2: Redmine

Redmine is a flexible project management web application. Written using Ruby on Rails framework, it is cross-platform and cross-database. It includes calendar and gantt charts to aid visual representation of projects and their deadlines.

#3: ProjectPier

ProjectPier is a Free, Open-Source, self-hosted PHP application for managing tasks, projects and teams through an intuitive web interface. ProjectPier will help your organization communicate, collaborate and get things done Its function is similar to commercial groupware/project management products, but allows the freedom and scalability of self-hosting.

#4: Trac

Trac is an open source, web-based project management and bug-tracking tool. Trac allows hyperlinking information between a computer bug database, revision control and wiki content. It also serves as a web interface to a version control system like Subversion, Git, Mercurial, Bazaar and Darcs.

#5: Project HQ

Project HQ is a collaborative open source project management tool, similar to Basecamp and activeCollab. Project HQ is built on open source technologies like Python, Pylons and SQLAlchemy and is fully database independent. Project HQ uses a structured workflow to assist you in managing your projects.

#6: Collabtive

Collabtive is a web-based project management software that is being published as Open Source software. The project was started in November 2007. It strives to provide an Open Source alternative to proprietary tools like Basecamp or ActiveCollab.

#7: eGroupWare

eGroupWare is a free open source groupware software intended for businesses from small to enterprises. Its primary functions allow users to manage contacts, appointments, projects and to-do lists.

It is used either via its native web-interface, making access platform-independent, or by using different supported groupware clients, such as Kontact, Novell Evolution, or Microsoft Outlook. It can also be used by mobile phone or PDA via SyncML.

#8: KForge

KForge is an open-source (GPL) system for managing software and knowledge projects. It re-uses existing best-of-breed tools such as a versioned storage (subversion), a tracker (trac), and wiki (trac or moinmoin), integrating them with the system’s own facilities (projects, users, permissions etc). KForge also provides a complete web interface for project administration as well a fully-developed plugin system so that new services and features can be easily added.

#9: OpenGoo

It is a complete online solution focused on improving productivity, collaboration, communication and management of your teams. OpenGoo main features include document management, contact management, e-mail, project management, and time management. Text documents and presentations can be created and edited online. Files can be uploaded, organized and shared, independent of file formats.

#10: ClockingIT

ClockingIT is a free Project Management solution, which helps your team stay focused and on top of things.

Other FOSS Project Management Software Projects

  1. JotBug
  2. Bugzilla (only bug tracking)
  3. OpenProj (desktop app – replacement for MS-project)

How do you manage your IT / software and other projects? Are you using a better option? Let us know in the comments.

“Learning Rails”

Posted by Piyush Gupta on July 19, 2010

We all use Agile web development , ruby for rails, rails in 4 days, ruby , ajax etc books to get a hang of ruby on rails also some more books like pragmatic etc .

However I thought of making a list of websites which help do so

So here is the bunchedin : http://www.bunchedin.com/vuIMCc

“Some interesting threads/blogs/mails” 5

Posted by Piyush Gupta on June 18, 2010

See the comments .Whenever I stumble upon one will add in the comment .
 

“Story Driven Development in Ruby on Rails with cucumber, webrat, shoulda and factory_girl”

Posted by Piyush Gupta on June 18, 2010

I was researching on Story Driven Development in Ruby on Rails and I came across the below tutorial .

It uses cucumber, webrat, shoulda and factory_girl.

Also has documented step-by-step setup, commands and code that you can follow.

Check it out at:

http://www.bunchedin.com/gqqG16

and let me know what you think! =)

“Logstalgia from Remote server”

Posted by Piyush Gupta on June 08, 2010

Remote graphical apache log monitoring via Logstalgia is a simple little graphical way to watch traffic on your website.

Install via
sudo apt-get install logstalgia

Run via
ssh machine_username@hostname “tail -f /var/logs/apache/access_log” | logstalgia -

Related Posts

    * glTail – Visual Log Analyzer

“Dress for the Office to Increase Telecommuting Productivity”

Posted by Piyush Gupta on May 24, 2010

One of the first things new telecommuters like to do is work in their pajamas just to say they’ve done it. As fun as that may be, dressing up for work will boost your productivity.

When you’re dressed for work it sends a message that you’re ready to work. A message to who? To yourself, dressing like you’re about to go take a power nap or plan some racquetball doesn’t send a signal that you’re about to get some serious work done. At the financial blog Lazy Man and Money they write:

Wear Pants – I never thought I’d find myself writing about the basic need to wear pants… but I am. It’s very tempting to just roll out of bed and get working. For me that’s a recipe for failure. For some reason, I subconsciously associate pajamas with “Time to check out stats in my fantasy baseball league.”

When I first started working from home I’d just wear casual clothing. Right now I’m wearing the same business attire I used to wear when I went into an office every day. My principal reason for doing so is that the clothing, aside from flipping a psychological switch that it’s “work time” makes it hard to do non-work stuff. If I notice something that needs to be done around the house—a constant distraction for people who work from home—I’m less likely to go and do it if I’m wearing business attire than if I were just wearing jeans and a t-shirt.

Source : www.bunchedin.com/9Vp1MB

Technorati Tags: , , ,

“3 New Date and Time Libraries for Rubyists”

Posted by Piyush Gupta on May 21, 2010

They all made an appearance on RubyFlow last week and are all useful in their own ways, depending on how you’re working with dates and times.
ice_cube – Fast querying and expansion of event recurrence rules

ice_cube is a library by John Crepezzi that provides “fast querying and expansion of recurrence rules in Ruby.” What this means is that you can create schedules powered by date recurrence rules that can be quite complex (e.g. every 4 years on a Tuesday in the first week of November). Rules like these are defined by chaining methods together, rather than using natural language.

To install:

gem install ice_cube

To use:

require 'ice_cube'
rule = IceCube::Rule.yearly(4).month_of_year(:november).day(:tuesday).day_of_month(2, 3, 4, 5, 6, 7, 8) schedule = IceCube::Schedule.new(Time.now)
schedule.add_recurrence_rule rule
schedule.first(3)
# => [Tue Nov 02 05:04:38 +0000 2010, Tue Nov 04 05:04:38 +0000 2014, Tue Nov 06 05:04:38 +0000 2018]

ice_cube also supports exporting rules into iCal and YAML formats as well as a natural language equivalent.

John has put together a PDF presentation that shows off more usage, and there are some simple examples on the official site too.
tickle – A natural language parser for recurring events

tickle is a natural language parser for recurring events by Joshua Lippiner that stands in contrast to ice_cube’s method driven approach. It depends on the popular chronic natural language date parser and appears (through my experience) to be for Ruby 1.9+ only.

tickle lets you throw it things like every 4 days starting next saturday, every other week, the tenth of the month and similar (there are a lot of examples on tickle’s GitHub page). You pass these to the Tickle.parse method and you get the next occurrence of the rule.

To install:

gem install tickle

To use:

require 'tickle'
Tickle.parse('every 4 days starting next saturday')
# => 2010-05-01 12:00:00 +0000

tickle isn’t particularly mature yet and it only makes it easy to get the next occurrence of your rule, but the developer suggests that once an event has occurred, you automatically run Tickle again to get the next date. In this way, it seems tickle is well suited for situations where only the next occurrence needs to be stored and the rule can be kept in a separate database column or similar.
business_time – Time and date offsets based on “business time/hours”

business_time is a new library that works with the concept of “business time” or “business hours.” Rather than just letting you perform operations on dates by absolute numbers of days or hours, you can now work with business days and hours of your own definition. business_time depends heavily on Active Support.

To install:

gem install business_time

Note: business_time depends on Active Support (gem: activesupport)

To use:

require 'active_support'
require 'business_time'
# Examples "from now"
4.business_hours.from_now
5.business_days.from_now
# Using user supplied dates
my_birthday = Date.parse("August 4th, 2010")
10.business_days.before(my_birthday)
# Add a day to not count as a business day
BusinessTime::Config.holidays << my_birthday
# Overlapping days are OK
6.business_hours.after(Time.parse("August 3rd, 3:00pm"))

Source : www.bunchedin.com/OaxTCZ

Technorati Tags: , , , ,

“Users and Passwords – Rails (Best Practices)” 2

Posted by Piyush Gupta on May 18, 2010

Last week I lost several productive hours resetting my ‘insecure’ password on several websites due to a security breach, if you’ve ever used that site, you’d be well advised to change your password pretty much everywhere. In order to prevent this happening in the future, I figured I’d write up a simple best practices article on handling passwords and authentication. There’s nothing particularly new here, but it’s always worthwhile revisiting the basics.

What Not to do?

Never store your users’ cleartext passwords in your database, no exceptions. The most important reasons is that if your site is compromised or your backup drive lost all your users will be in danger. The attacker will have access to a ready-made list of passwords and the related email addresses which they’ll be able to go off and cause havoc with other websites. The second risk is that any one of your staff members could steal that information and use it to attempt to access other systems where your users have used the same password.

While it’d be nice if users never reused a password, the reality is that nearly everyone does it. We need to be responsible and realistic, and take the necessary precautions to protect our users.

Instead what you should be storing is a hash of the user’s passwords. This will let you verify that the password provided matches the one on file, but will never let you recover that password.

Salting

But just storing a hash of the passwords isn’t enough, this would still leave you open to rainbow attacks where an attacker pre-calculates hashes of millions of passwords, then compares the hashes with the values they’ve stolen from your database. To prevent this you need to salt them. This means storing a small random value against each of your users and adding that to the password before you hash it.

Putting it Together.

So this leaves us with a user model with two relevant columns, salt and hashed_password, leaving us with a simple migration like:

create_table :users do |t|
  t.string :email
  t.string :hashed_password
  t.string :salt
end

We’ll also need two kinds of method on the model itself, hashing methods and verification methods. We’ll cover the hashing methods first:

require'digest/sha2'
  class User ActiveRecord::Base
    # Create two virtual (in memory only) attributes to hold the password and its confirmation.
    attr_accessor:new_password,:new_password_confirmation
    # We need to validate that the user has typed the same password twice
    # but we only want to do the validation if they've opted to change their password.
    validates_confirmation_of :new_password, :if => :password_changed?
    before_save :hash_new_password, :if => :password_changed?
    # By default the form_helpers will set new_password to "",
    # we don't want to go saving this as a password

   def password_changed?
     !@new_password.blank?
   end

   private # This is where the real work is done

   def hash_new_password
     # First reset the salt to a new random string.  You could choose a
     # longer string here but for a salt, 8 bytes of randomness is probably
     # fine.  Note this uses SecureRandom which will use your platform's secure
     # random number generator.
     self.salt = ActiveSupport::SecureRandom.base64(8)
    # Now calculate the hash of the password, with the salt prepended, store
    # store that in the database
    self.hashed_password = Digest::SHA2.hexdigest(self.salt + @new_password)
  end
end

Of note here is the salt, it’s set to a new random value every time the user changes his password, this will come in handy another day. The next method we need to implement is the authentication method.

Class User < ActiveRecord::Base
   # As is the 'standard' with rails apps we'll return the user record if the
   # password is correct and nil if it isn't.

   def self.authenticate(email, password)
      # Because we salt the passwords we can't do this query in one part, first
      # we need to fetch the potential user
      if user = find_by_email(email)
           # Then compare the provided password against the hashed one in the db.
            if user.hashed_password == Digest::SHA2.hexdigest(user.salt + password)
                   # If they match we return the user
            return user
            end
       end
    # If we get here it means either there's no user with that email, or the wrong
     # password was provided.  But we don't want to let an attacker know which.
    return nil
  end
end

Cleanse the Logs

Finally, you need to make sure that your user’s passwords don’t get logged either, thankfully this is built right in with rails.

  class ApplicationController < ActionController::Base
     filter_parameter_logging :password
  end

Wrap Up

All in all using secure password hashing takes around 15 lines of code so there’s no excuse for not doing it in your applications. It’s also relatively simple so I wouldn’t suggest using a plugin if all you want is simple secure login code, those plugins come with tonnes of additional features which you may not want. I’ll follow up next week with simple secure remember-me tokens which also don’t require anything fancy.

Finally a product plug, 1Password from AgileWebSolutions is a really useful tool for generating, storing and recalling secure passwords for the myriad of websites which require logins. It’s much simpler and more secure than re-using some ‘insecure’ password on dozens of websites. It also has the side benefit of being pretty-well immune to phishing attacks.

Technorati Tags: , , ,

“Best Ruby on Rails Tutorials” 1

Posted by Piyush Gupta on May 03, 2010

Oh well! Now since people around me at Shine are using Rails, I thought I dive in as well. Learning has another name, that is web. There are so many useful resources on the web for RoR. I am sharing here a few that I found quite useful:

  1. Rolling with Ruby on Rails – Curtis Hibbs of ONLamp.com offers his first excellent introduction to Ruby on Rails. This is the article that got me really excited about RoR.
  2. Rolling with Ruby on Rails, Part 2 – The sequel to Curtis Hibbs excellent series of articles.
  3. Four Days on Rails (PDF) – a great tutorial that is broken down into simple tasks that you can do over a four day period. To be quite honest, this tutorial only takes about 2 hours, but nonetheless it is very well organized!
  4. Really Getting Started in Rails – Amy Hoy has a great tutorial that not only covers RoR, but also introduces the reader to many of the basic concepts of the very cool Ruby scripting language.
  5. Tutorial in Ruby on Rails – is a basic tutorial aimed at newbies.
  6. Fast-track your Web apps with Ruby on Rails – IBM jumps into the sandbox with an excellent (as usual) tutorial to get you on your feet fast.
  7. Ajax on Rails – Curtis Hibbs offers part 3 of his look at RoR
  8. Many to Many Tutorial for Rails (PDF) – is a nice document that begins to delve into some of the more complex parts of web application programming, but in fine Ruby on Rails manner, it’s really not too complicated!
  9. Distributing Rails Applications – A Tutorial – So now you’ve built your RoR application, how to you push it to a production server? This tutorial covers the bases.
  10. Installing Ruby on Rails with Lighttpd and MySQL on Fedora Core 4 – and of course this list wouldn’t be complete without a shameless bit of self-promotion, this tutorial promises what it says. Other install tutorials can be found here!

Technorati Tags: , , , ,

“Notes from the field upgrading to Rails 3″ 1

Posted by Piyush Gupta on April 02, 2010

I will be testing out the Rail3 upgrader and post a follow up article.

During the Rails 3 bug mash I decided to see what happens when I migrate a Rails 2.3.5 app to Rails 3.

Much has changed, the upgrade path is not trivial. Nonetheless, this site is now running Rails 3 with nginx and Ruby 1.9.2 head. So you can feel it in action.

Learn to love bundler

The proper way to manage dependencies in Rails 3 is using a new gem called bundler. This gem gives the gem command an extra command namely: gem bundle

When you run gem bundle it will determine all the correct dependencies for the files specified in a file called Gemfile

This is the Gemfile (which is in the Rails.root directory) for this site uses:

gem "rails", :git => "git://github.com/rails/rails.git"
gem "arel", :git => "git://github.com/rails/arel.git"
gem "authlogic", :git => 'git://github.com/binarylogic/authlogic.git'
gem "ruby-openid", :require_as => "openid"
gem "uuidtools"
gem "hpricot"
gem "bluecloth"
gem "diff-lcs", :require_as => "diff/lcs"
gem "liquid"
gem "rdiscount"
gem 'sanitize'
gem 'will_paginate'
gem 'haml'
gem 'mysql'
gem 'memcached'

Yehuda Katz has written extensively about the bundler. In a nutshell, dependencies using the old config.gem way of doing things in Rails 2 is fundamentally broken. Bundler fixes this. It creates a directory where all the dependencies exist. Meaning unlike Rails 2, each application in Rails 3 is meant to have a full copy of all the gems it depends on.

After this Gemfile is created you can run gem bundle to pull in all your dependencies. You can use this trick with other ruby apps as well, bundler is totally reusable. Bundler is how you vendor Rails and how you grab all your plugins.

So, to summarize step one: grab all your config.gem lines in your environment.rb file, and place them in your Gemfile, remove the config. and replace :lib with :require_as, require rails from github at the top.

The voodoo boot process of Rails 2 has been replaced

Take a minute and have a look at your Rails 2 boot.rb file. Its long and complicated.

Compare it with this sites boot.rb file:

# config/boot.rb
require File.expand_path('../../vendor/gems/environment', __FILE__)
# you can even require portions of rails instead of the whole kaboodle
require 'rails/all'
# since there is no config.gem anymore, require stuff you need to star your app here.
require 'authlogic'
require 'will_paginate'
require 'rdiscount'
require 'uuidtools'
require 'openid'

You also need a new environment.rb file, the old one contained lots of configuration data, instead environment.rb in rails 3 only contains a simple step:

require File.expand_path('../application', __FILE__)
CommunityTracker::Application.initialize!

You will need to set up an application

Gone are the days of Rails::Initializer and Rails.boot Rails 3 is serious about the move to rack, the best practice is to have an application.rb file that defines what it is your application does. This is the current sites one:

# config/application.rb
module CommunityTracker
  class Application < Rails::Application

    # Specify gems that this application depends on and have them installed with rake gems:install
    config.time_zone = 'UTC'
    config.action_mailer.delivery_method = :smtp
    config.action_mailer.smtp_settings = {:address => "localhost", :port => 25, :domain => "localhost"}

    config.middleware.use "RequestCache"
  end
end

if defined?(OpenID)
  OpenID::Util.logger = RAILS_DEFAULT_LOGGER
end

ActionView::Base.field_error_proc = Proc.new{|html_tag, instance| %(<spancolor: black; background-color: rgb(160, 255, 255);">field-with-errors">#{html_tag}</span>)}
require "haml"
require "haml/template"
Haml::Template.options[:format] = :html4
Haml::Template.options[:escape_html] = false

Most of your old code from environment.rb can stay here but you will have to get rid of all those config.gem lines and use bundler for that.

It’s a Rack application sir

You need a new config.ru file in your Rails.root

# config.ru
require ::File.expand_path('../config/environment',  __FILE__)
run CommunityTracker::Application.instance

This is the rack up file for your application, Rails 3 takes rack very seriously.

Your config files are broken

All the files in config/environments need some special handling:

# production.rb
CommunityTracker::Application.configure do
  config.action_mailer.default_url_options = {:host => 'community-tracker.com'}
  config.cache_classes = true
  config.action_controller.consider_all_requests_local = false
  config.action_controller.perform_caching             = true
  config.action_view.cache_template_loading            = true
end

Note the new block.

No more RAILS_ENV, RAILS_ROOT etc.

If you want to avoid a ton of pesky warnings, better move to using Rails.root and Rails.env today, rails 2.3.5 supports this syntax, the old RAILS_ENV is deprecated and it nags you to change it.

XSS protection is everywhere

Rails 3 tries to protect you from all sort of nasty cross site scripting. This protection is baked in pretty deep. Gone are the days you have to remember to escape a string using the h method. Instead Rails 3 assumes all the strings are unsafe, the various view helpers are hooked up to perform escaping for you.

Every string knows if it is safe for html rendering or not. (from active support)

class String
  attr_accessor :_rails_html_safe
  alias html_safe? _rails_html_safe

  def html_safe!
    @_rails_html_safe = true
    self
  end

  def html_safe
    dup.html_safe!
  end
#...
end

So, if for example you would like to link to a bold string use html_safe!

link_to "<b>google</b>", "http://google.com" #results in an escaped &lt;b&gt;
# this works
link_to "<b>google</b>".html_safe!, "http://google.com"

This issue will affect any large scale Rails app.

Rail 3 is much more strict.

In Rails 2 you could get away with having your helper functions defined in the wrong file, this is no longer the case in Rails 3. This is a good thing, it forced me to better organize my helpers.

Ruby 1.9.2 head is surprisingly stable and compatible

You can see the list of gems I’m using, its quite extensive. Most of the gems I tried work in 1.9.2 and the ones that do not have usually not been updated for years. 2010 may be the year people really start moving to 1.9.

Weird issues

Obviously not everything is perfect, Rails 3 is pre-release software which is not meant to be running in production. I noticed a few notable strange issues:

  1. When requiring gems in a lib sometimes the whole request just crashes, I have not figured out exactly how or why this happens.
  2. I can not run my application in development mode, I use rack middleware, and something about my middleware is wrong and Rails refuses to reload it in development mode.
  3. No rspec, rspec does not work on Rails 3, the rumor is that it will be supported in the rspec 2 time frame.
  4. The logger is a bit rough, the logging in rails 2 seemed a bit more consistent.
  5. This issue is likely to affect anyone using the open-id gem.

Technorati Tags: , , , ,