Securing ELMAH with ASP.NET MVC

So I like Elmah and its logging of my unhandled exceptions suer, but I don’t need every yahoo with visibility to that. This is the steps I took to only allow Elmah access to users in the “Admin” role and have it still work with ASP.NET MVC.

Put this into the web.config;

  
    
      
        
      
      
        
        
      
    
  

Now put this into your global.asax, up top (before all the other routing) is best;

            routes.IgnoreRoute("admin/elmah.axd");
            routes.IgnoreRoute("admin/{resource}.axd/{*pathInfo}");

You don’t have have any controller action setup, the handler builds this on the fly to handle the incomding axd request. Nice and simple.

Enjoy!

Simple merging object to object

I use View Models to hand to my MVC views, nice and slim with little if any methods on them and I use a think ORM model that has all my business logic and is generated by my ORM (BLToolkit).

So the problem is I wanted to take the View Model and update the ORM model with the modified values from the post, kind of a reverse AutoMapper (or BLToolkit.Mapper).

So a ORM class like this;

    public class Contact
    { 
         public int Id { get; set; }
         public string Firstname { get; set; }
         public string Lastname { get; set; } 
         // Loads of other properties
    }

And a View Model like this (note the type and name should be “EXACTLY” the same;

    public class ContactModel
    { 
         public int Id { get; set; }
         public string Firstname { get; set; }
         public string Lastname { get; set; } 
    }

Then with this generic Extension method;

        public static void MergeWith(this T1 primary, T2 secondary)
        {
            foreach (var pi in typeof(T2).GetProperties())
            {
                var tpi = typeof(T1).GetProperties().Where(x => x.Name == pi.Name).FirstOrDefault();
                if (tpi == null)
                {
                    continue;
                }
                var priValue = tpi.GetGetMethod().Invoke(primary, null);
                var secValue = pi.GetGetMethod().Invoke(secondary, null);
                if (priValue == null || !priValue.Equals(secValue))
                {
                    tpi.GetSetMethod().Invoke(primary, new object[] { secValue });
                }
            }
        }

So you make the magic in the Controller (for example) like this;

[Authorize]
[HttpPost]
[ValidateAntiForgeryToken]
[ValidateInput(false)]
public ActionResult EditContact(ContactModel model)
    Contact c = Repo.Get<Contact,long>(model.Id);
    c.MergeWith<Contact,ContactModel>(model);
    Repo.Update<Contact>(c);
}

Yea its cheesy, but it works for me 😉

Enjoy!

Microsoft Live Writer + WordPress

Wanting to use Microsoft Live Writer to be able to make blog entries I thought I would see what sort of super magic it would take.

To my surprise once you setup your user account to have at least the “Editor” role in WordPress  and then you enable the “XML-RPC” Remote Publishing option – your done. 😉

Super nice. Got to say that so far WordPress is an extremely polished project, there aren’t many open source projects on the same finish. The plug-in architecture and operation is something other projects should envy.

Enjoy!

Moved to WordPress

So I just could not take the spam from friggin’ BlogEngine.net and the fact that project doesn’t have a decent CAPTCHA to help block some of the SPAM is just mindboggling.

I personally don’t like getting 80-100 emails a day from those damn Payday Loan losers, I guess the BlogEngine.NET folks like that sort of stuff.

At any rate I figured WordPress should have lots of plugins for me to mess with and getting Live Writer integrated should be rather simple.

If your looking for some old posts, the search engine on WordPress is pretty good; most likely the page your looking for got moved around. I need to clean up the tags and slugs and all that bloggy stuff; perhaps tomorrow – perhaps.

Enjoy!

DotNetOpenAuth MVC Template + VS2010 + Win7 64 == crap;

Well I was playing around with trying to setup a new MVC 2.0 site to use DotNetOpenAuth and I was thrilled to see that the site has a template you can download to make an example site. Excellent I thought!

But of course then I tried it; Using VS210 (10.0.30319.1 RTMRel) and ASP.NET MVC 2 I get this lovely error once I get past the setup.aspx page;

The view at '~/Views/Home/Index.aspx' must derive from ViewPage, ViewPage, ViewUserControl, or ViewUserControl.

Humm I figure its something I am doing so I go out and get my Google fu on, I find its a common problem with VS2010 + ASP.NET MVC + Win7 64 Bit. Ah Joy.

So download the VS2008 template, using VS2008, run through the setup.aspx and viola it works like a charm. No funky errors with the template and the redirect they are doing.

Thought I would share as I was kinda sad to see that a VS2010 bug with ASP.NET MVC persisted past QA. So sad.

Enjoy!

Nice javascript to set window size for popups

This is some spiffy javascript to get the proper sizes of the window for say a nifty colorbox popup;

    var myWidth = 0, myHeight = 0;
    function setWindowSize() {
	if( typeof( window.innerWidth ) == 'number' ) {
		//Non-IE
		myWidth = window.innerWidth;
		myHeight = window.innerHeight;
	} else if( document.documentElement && ( document.documentElement.clientWidth || document.documentElement.clientHeight ) ) {
		//IE 6+ in 'standards compliant mode'
		myWidth = document.documentElement.clientWidth;
		myHeight = document.documentElement.clientHeight;
	} else if( document.body && ( document.body.clientWidth || document.body.clientHeight ) ) {
		//IE 4 compatible
		myWidth = document.body.clientWidth;
		myHeight = document.body.clientHeight;
	}
};

An example of using it is like this;

$.fn.colorbox({
    iframe: true,
    open: true,
    href: '/Controller/Action',
    width: myWidth - 40, // just a bit smaller than the window
    height: myHeight - 40 // just a bit smaller than the window
});

Dont forget to bind the window resize to reset your size variables;

$(window).resize(function(e){
    setWindowSize();
});

Enjoy!

Two forms same page?

I have a page that has two forms in the same page, the catch is the second form is nested inside the first form. Well this violates W3C, and it seems that IE8 doesn’t work with it. Color me surprised that IE8 actually is doing what it suppose to do according to the HTML specs.

Anyhow I needed this to work for my form to function and I was limited on time. So here is what I did to make the submit work with IE8.

1. Remove the “Submit” on the Button and just make it plain button;

2. Add some jQuery magic to submit the first (the outer) form;

$("#Save").click(function() {
    var form = $("form:first").serialize();
        $.ajax({
	    type: "POST",
	    url: "/Tickets/Edit/",
	    data: form,
	    success: function(msg) {
	    window.location = '/Tickets/Details/';
	    }
	});
});

Enjoy!

MySQL SubSonic case sensitivity non-sense

So I had my database on a Linux box using MySQL then I decided to move it to my local box while in development as I wanted to simplify my life.

I backed up the files from the Linux machine and then restored them to the Windows box MySQL instance. Then I told Subsonic to re-run the T4 files to regenerate the classes for the DAL (of course after I modified my connection string).

Then I look to my horror and I have 240 errors. Nice. Seems the case sensitivity is not as one would expect between the Linux and the Windows box. 

After farting around with a couple of SQL rename statement, which didn’t work, I read that in window the best way is to stop the MySQL service, go to the files in the DB data folder rename them as you want them to be, then re-start the MySQL service.

I did this, then regenerated my classes (again via the Subsonic T4 files) and this time no errors, the case sensitivity of the filenames (yes I like CamelCase, so what) carries over into the MySQL connections.

The trick (to me anyhow) was figuring out where the heck the files for the DB where stored. I found it like this; If you look on the properties of the MySQL service you will see it is getting handed the ini file to use for settings (I think the default is ‘my.ini’). This file in in the program files install folder, so open it up and you will see a “datadir” section. This is the folder where the database files are stored.

Enjoy!

 

Different Software Developer Levels

Something I have been thinking about and is bothering me so I put it on a blog for all to gaze upon my insanity.

There are several ‘levels’ (or ‘Degrees’ if you will) to a software developers coding skill.

1. Novice

2. Expert

3. Distinguished

4. Revered

Novice; The guy at work who does write software for a living, but he doesn’t; read any blogs, know who or what GOF is, has no idea about any upcoming technologies (relies upon the Experts on his team to inform him), usually is a sports fan, does more activities not involving developement than does. This type is not only ignorant of nearly all aspects of software develoment, other than the minimul to do his job, he seems content in his ignorance – knowing that the Experts will keep him updated as needed for him to do his job.

Expert; The guy at work who does read blogs, is usually looked at as a Geek, spends more time at his computer than not, is the guy the Novice developers listen to for help. This is what I consider myself.

Distinguished; This is the guy the Expert’s listen to. He is a developer who has been recognized by the Experts as someone who is very skilled, knowledgable and a resource for continual good help. This would be along the lines of Hanselman, Haack, Gutherie, etc.

Revered; Developers who are legendary in their contributions or accomplishments. Those who made a profound difference in software development. This level is a small field and usually looked at with great respect by all other developers. Among these would be greats like; Heijlsberg, van Rossum, Ritchie, Torvalds, etc.

The interesting part to me is that (most of the time) arrogance increases by the level. The Expert seems snotty to the Novice, The Distinguished seems snotty to the Expert. But after observing this in the wild I have realized its not arrogance its almost empathy. The higher level realizes that generally speaking the only difference between him and the lower level is dedication. Dedication to spend time learning, to constantly evolve and adapt to the new tools in software development. That or is the disgust that isnt because of some inability of the lower level, but the lack of drive of the lower to reach higher and attempt to increase his skills.

Next time your talking to someone who you perceive is above your level and you get the urge to smack them for being an asshole, take that as a compliment that they recognize that you have skills and ability and that they think you could achieve more.

Drive on…

Ramblings of an often confused opinionated yak shaver.