Tuesday 10 September 2013

Building an assessment app in 2+ɛ days -- dealing with Heroku's slow Scala build times

(This post is retrospective -- students started using it yesterday.)

While Impressory is just running on an AWS instance, I put Assessory for our class on Heroku so that it would get an https address immediately *, and there wouldn't be a delay while I waited for DNS settings for a new domain name to propagate.

Heroku is a Platform-as-a-Service provider that uses a push to deploy mechanism. Add Heroku as a remote to the git repository, and then…

git push heroku master

…and Heroku will build and deploy your code.

This works for a number of platforms, including Scala Play apps such as this one.

In theory.

In practice, Heroku can be very slow building a Scala Play app, even one as simple as this, and it would regularly take longer than the 15 minute maximum that Heroku allows. In which case, Heroku would reject the push, and even though the update might only have been seconds away from going live, I'd be frustratingly bunted back to starting the deployment again.

The modular nature of the app, while great for keeping the code tidy, also seemed to slow down Heroku's builds as it has to go through an update cycle (resolving dependencies) for each of the modules as it compiles them. These seem to take a bit of time on Heroku.

Avoiding Heroku's long build times

The short answer to avoiding Heroku taking an age to compile an app (and often having to compile the compiler interface before it starts), it turns out, is this: don't let it compile it at all.

There's two ways of "not letting it".

  1. Apparently there's an alternative build mechanism for Heroku called Anvil.

    This uses Heroku's build packs on some other AWS servers. It seems to get around the timeout but still takes some time.

    To be honest, I didn't get time to look at it until later, as I needed to get an update up quickly. When I did try it out, while writing this post, it did work -- though it took its merry time too.

  2. The other is a hacky little workaround that involves almost no set-up, and is very much faster.

    Don't push the Play app itself to Heroku. Instead, publish it as a JAR file to a Maven or Ivy repository. Play apps can be published as JAR files just by running this from sbt:

    + publish
    

    This tends to be very fast because you've already compiled your code locally before you decide you want to upload it. (And your development machine is probably quicker than the AWS machines that Heroku builds on.)

    Then we create a second, essentially empty Play app that has our real app as its only dependency. We're treating our app as a library that's used by a trivial wrapper app. (We include only a very few files that we need to be a valid Play app: application.conf, plugins.sbt, build.properties. Perhaps one or two others, but they are straight copies of the files in our "real" app.)

    We push our wrapper app to Heroku, and Heroku will happily fetch our application code -- already compiled and packaged -- from the repository when it does its dependency resolution, as it would any other library. HTTP calls to the almost-empty outer app be served by the code in our JAR file -- including requests for the minified Javascript. Bingo, our app is up and running. Deployments take less than a minute because there is nothing for Heroku to compile.

    If you're not keen on pushing your code to a public Maven or Ivy repository, then you can push it to a local repository that you include in the almost-empty Heroku app.

This second approach feels like cheating, but in practice the only downside I've noticed so far is that public assets (images) from our "real" app would now be served out of the JAR file -- which is slower than serving them straight from a file if the app wasn't packaged up as library.

But in Assessory there are only three images that get served anyway -- the cartoon drawings on the NotFound, Forbidden, and InternalServerError screens. (And as it happens I messed up the URL so they're not appearing in the dependent-JAR-file version because of a double // in the path. The image below is from the un-JARed version in a previous post.)

This is one of the only pages in the app with an image

So I think for a while, I'm just going to put my few static images up somewhere else on the web -- perhaps in Cloudinary, and keep using this dependent app trick to make Assessory deployments fast.

* If a user accesses a site using http rather than https on a passwordless WiFi network (such as UQ's visitor WiFi), then it's possible to intercept their session key over the air. This is fairly well-known, and it's why Facebook, Google and others have moved to https only. For Assessory, where students are marking each other, I'd like to ensure that an https URL is available.

Monday 9 September 2013

Building an assessment app in 2+ɛ days -- students started using it yesterday. (Going retrospective)

Students started using the app to critique each others' projects yesterday, as planned. Though I hadn't done a demo in the previous lecture as I'd hoped. So it wasn't two days, but it got there in time to be useful.

The screenshot below is from the form for editing the questionnaire -- as I was struggling to find screenshots that wouldn't reveal student data I should keep hidden.

For instance, if I clicked on "Allocations" I'd get a neet little list of which students are allocated to review which groups, whether they've logged in and linked their GitHub accounts, and which reviews they've started writing. But I don't want students knowing who is reviewing them, so I can't publish a picture of that to the web!

I guess another one I can show you is this:

Those pictures down the bottom are the GitHub avatars of users in those groups who have logged in (and the pre-enrol system has spotted them and automatically added them to their groups). The pictures are funny blocky images because these ones have been generated by GitHub for users who haven't set their avatar picture.

Most of the groups appear to be empty. This just means I took the picture less than a day after advertising the app to students. The pre-enrol system means that students are automatically added into their groups when they visit the course page. When I took the picture, 23 students had already logged in, but I cropped the image just before the first student who had uploaded an avatar (to avoid publishing people's photos or drawings on my blog.)

Going retrospective

Anyway, the next few posts will be retrospective -- looking back on the app that's been built rather than blogging as I go.

Friday 6 September 2013

Building an assessment app in 2+ɛ days -- refining the concepts

The nineteenth commit is up, but it's high time I started discussing the design of the app itself.

(I think I've been through all the technical odds and ends. There's also support for server-sent events and websockets, but I'm not putting that in this app.)

Screenshot at latest commit

Trying to keep it simple, the app centres around Groups and Tasks in a course. So that's what students will see on the course's Assessory page.

It turns out there are some interesting relationships between tasks and groups.

The first task

The first task I'm going to need to write is the group peer critique task.

Students are in two kinds of group:

  • A Tutorial Group

    There are two tutorial sessions, with approximately half the
    class in each

  • A Project Group

    Each project group has 3 to 5 students in it

(These categories correspond to "Group Sets" in Assessory.)

Groups are going to be presenting their work in the tutorial on Monday. That means that the critique task has to care about both group sets -- it has to allocate each student to review another project from the same tutorial.

If it allocated them the same project group, well you can't assess yourself; and if it allocated them a group from the other tutorial, they wouldn't be there to see the presentation.

The second task

When students critique each other's work, they also get to critique the critique.

The second task we want is for each student to read the critiques their group has received, and mark whether or not they were constructive and useful.

So back to it...

So, now all the course and group pre-enrolments are in and working, it's time to get these tasks written.

Thursday 5 September 2013

Building an assessment app in 2+ɛ days -- 16th commit

Right, back to it then… After the fun of the CEO's visit this morning, (and a big long sleep last night) back to work on the assessment app.

The students are going to be using it on Monday, so that's a deadline I can't let whoosh past me, as it's not just me making up a deadline for myself.

User updates in a functional world

The commit I just pushed changes course pre-enrolments so they happen automatically when the browser asks for the user's courses.

That means this is a request that changes something about the user -- it changes the user's registration.

I've written the app in a way that is functional and typically works with immutable data. That means there's one small additional wrinkle in this request.

DataAction.returning.one automatically converts an item to JSON for the requesting user. It uses an Approval[User] that typically has a LazyId for the user, fetched the first time it's needed.

But, I happen to have written this particular app in a functional style -- with immutable data objects. (You don't have to write your app with immutable data types, I just did for this one.) And this request modifies the user.

If your data types are immutable, you can find yourself with a small bug where this happens:

  1. We ask for the user, because to look up any pre-enrolments, we need a list of their social identities

  2. This triggers the lazy reference to the user to load.

  3. We find a pre-enrolment in the database, and update the user's registrations.

  4. We return the course from DataAction.returning.one

  5. But the Approval in the request has an immutable representation of the user that was fetched before we registered them to the new course, and the JSON comes out as if they weren't registered.

The solution involves a change to one line of code, and the addition of two more:

  1. Change the method from DataAction.returning.one to DataAction.returning.json

    (or from DataAction.returning.many to DataAction.returning.manyJson)

  2. Create a new approval for the updated user.

  3. Call the JsonConverter with the new Approval

We can see this in CourseController.myCourses

def myCourses = DataAction.returning.manyJson 
{ implicit request =>

  val userAfterUpdates = for (
    u <- request.user; 
    updated <- doPreenrolments(u)
  ) yield updated

  // As we've updated the user, we'll need a new Approval
  val approval = Approval(userAfterUpdates)

And at the end of the method:

  approved <- approval ask Permissions.ViewCourse(c.itself);
  j <- CourseToJson.toJsonFor(c, approval)
) yield j

Wednesday 4 September 2013

Building an assessment app in 2+ɛ days -- 13th commit

This is a little picture of where the app is up to at the moment. (This is the admin screen for a course.) After the lecture this morning, and a little more coding, I'm going to pop home and take a kip, and resume updates a little later.

The last few commits haven't been especially interesting to blog about -- just adding more of the DAO classes, services, and controllers, in much the same style as the previous ones.

However, I have been making a few design decisions for how the app will behave that might make interesting reading later on today.

Is that a whooshing noise?

A couple more commits have gone in, though I haven't blogged them.

Course pre-enrolments happen, but I haven't yet set up group pre-enrolments or the critique task itself. Those will need to happen later today instead.

So, it looks like it'll need to be an assessment app in three days.

Building an assessment app in two days -- 8th commit

A few yawns are creeping in here, it's getting late…

The eighth commit is up, and now we can create courses. The interesting part of this commit, however is security.

Security in Assessory

If you have a look in CourseController, you'll see controllers that look like this:

/**
 * Retrieves a course
 */  
def get(id:String) = dataAction.one { 
  implicit request =>     
    val cache = request.approval.cache
    for (
      course <- cache(refCourse(id));
      approved <- request.approval ask 
                  Permissions.ViewCourse(course.itself)
    ) yield course
}

The permissions check is chained right there in the for loop (which is syntactic sugar for chaining flatMap calls on the Refs)

The way of thinking about it is that at any stage you can ask for approval to do something. That approval might be given; it might take some time to work out (involve looking something up in the database) and it might fail or be refused. All those fit neatly into the functionality of Ref, so we treat is asking for a Ref[Approved].

This also means it's independent of the database or Play classes, and I've declared the permission rules in the assessory-api module.

Security is in the API

If you look in Permissions, you can see the different permissions that an Approval[User] can ask to be approved.

Sometimes these are straightforward objects:

case object CreateCourse extends Perm[User] {    
  def resolve(prior:Approval[User]) = {
    Approved("Anyone may create a course")
  }
}

And sometimes they are approvals on an item:

  case class ViewCourse(course:Ref[Course]) 
       extends PermOnIdRef[User, Course](course) 
  {
    def resolve(prior:Approval[User]) = 
      hasRole(
         course, prior.who, 
         CourseRole.student, prior.cache
      )
  }

Approvals on an item (PermOnIdRef) are clever enough to realise that if you ask for an approval on Course(id=1).itself, and you ask for an approval on LazyId(classOf[Course], "1"), those are the same approval and it doesn't need to look up the ID the second time.

And it can do that independently of what kind of database you've wired up, or whether or not it's in a Play app.

Cache

As well as remembering granted approvals, Approval also contains a cache for Ref lookups.

The Approval tends to be present in all three of the controller, the security check, and the JSON conversion -- and these are the three places where you typically need to look up Refs. So having a cache attached to it is rather handy.

JSON conversion is seemless with security too

All this flatMapping on Refs has another payoff in the JSON conversion.

If you have a look at CourseToJSON, you'll see that it embeds a permissions block into the JSON it returns

def toJsonFor(c:Course, a:Approval[User]) = {

  val permissions = for (
    view <- optionally(
      a ask Permissions.EditCourse(c.itself)
    );
    edit <- optionally(
      a ask Permissions.EditCourse(c.itself)
    )
  ) yield Json.obj(
    "view" -> view.isDefined,
    "edit" -> edit.isDefined
  )

  for (p <- permissions) yield {
    courseFormat.writes(c) ++ 
    Json.obj("permissions" -> p)
  }
}

This happens asynchronously -- the user reference in the approval is asynchronous and may or may not already have been retrieved.

The JSON block that this produces ends up looking like something this:

{
  "id":"52275e6a9acb3a4500d7c2ea",
  "title":"Design Computing Studio 2",
  "shortName":"DECO2800",
  "shortDescription":"…",
  "addedBy":"522732099acb3a4d00fedff9",
  "created":1378311786259,
  "permissions": {
    "view":true,
    "edit":true
  }
}

Because the permissions block is in the item, on the client it is easy to enable and disable components using Angular.js.

Say, for instance, we might have an edit link that only shows if the edit permission is present:

<a href="edit" ng-show="course.permissions.edit">
  Edit
</a>

Building an assessment app in two days -- 7th commit

After another long delay, the seventh commit is up. This is the last of the plumbing commits, and adds OAuth login.

The OAuth authentication is handled by handy-play-oauth, which is about the smallest possible OAuth library. It doesn't itself do user management or any of that. All it does is:

  1. Forward the request to the relevant authentication service (in this case, GitHub's OAuth URL)

  2. Extract the returned OAuth repsonse

  3. Use the authentication token to call the service's REST API to get the user's details

  4. Call whatever action you've configured

In this case, the action I've configured is InterstitialController.onAuth. It either logs you in (if you've already set up your account), or shows an "interstitial" confirmation page if you haven't.

The reason for the confirmation page is that you can attach multiple identities to your account. So before Assessory creates a new account for you, it asks you to confirm that's what you want to do -- in case what you really wanted to do was add the login to an existing account.

(The long delay was me having dinner and getting over a migraine, by the way. Plus staring for far too long at a stupidly trivial bug while my head ached.)

Building an assessment app in two days -- 6th commit

After a long pause while I fixed that bug, back to getting the app up and running.

The sixth commit has basic sign-in, sign-up, and sign-out functionality working, which means we have our first proper controller on the server and our first proper service on the client.

Earlier I said I wasn't going put in email/password log in. Well, I then realised I would need to.

Later on, I'm going to need to try out creating a course (as staff) and then preenrolling a different user (as a student). That means I need two accounts, but I only have one GitHub log in.

Handling users on the server

UserController contains the various concise actions that we've defined on the server:

  • self to return JSON for the currenlty logged in user
  • signUp to sign up
  • logIn to log in
  • logOut to log out.

At the top of the controller, there is the interesting line

implicit val userToJson = UserToJson

This is used to convert the responses to JSON format.

If you then have a look at UserToJson, you'll see it's a slightly different strategy for converting to JSON than most libraries. The key function is:

def toJsonFor(u:User, a:Approval[User]) = { 
  // etc

This is from recognising that very often we want to give different information depending on who's asking. For instance, in this case we only want to give out the JSON data for the user if they are asking about themselves, not someone else.

And, it returns a Ref[JsValue] rather than just a JsValue, in case it has any other work it needs to do before it can return a result.

Handling users on the client

UserService is the corresponding component on the client. Again, it has self, signUp, logIn, and logOut actions which are all neatly concise.

Angular.js has built into it promises. These are very much like the way Promises and Futures work in Scala on the server.

Which is perhaps why I quite like working with Angular.js in the browser!

Building an assessment app in two days -- bug resolved

Ouch that was a painfully long delay...

The pause in committing code was because I hit an issue between DataAction and Play that took a little while to resolve. So there's a commit on the handy project that's just been pushed to resolve it.

The gory details can wait for another time, but the short version is that Play has a distinction between EssentialAction and Action, and these two Play classes don't work quite as nicely together as I naively assumed. This was causing problems in DataAction.one(parse.json). It was a bit of a fiddly workaround that was needed.

So, back to it, but having taken a few hours out to deal with that, I might be having a late night after all.

Tuesday 3 September 2013

Building an assessment app in two days -- 5th commit.

So, it's late on Wedndesday morning and I probably should get a wriggle on if this is going to be done by tomorrow.

The commits I've been making so far are mostly basic plumbing -- wiring together the different components we're going to use. At some point, I'll publish these as a template project (using giter8), so that future projects can start from a pre-plumbed base.

But, someone has to plumb the first one.

Fifth commit: The basics of the Angular.js app

The 5th commit sets up the basics of our Angular.js app.

Here's a little 404 pic for evidence:

It might look a little odd that a 404 Not Found is telling me that I've got that part of the app wired up correctly, but it's because that error page is part of our Angular.js app -- it's not just plain HTML from the server.

Angular.js app

The Angular.js app is set up in two parts

  • app/assets/javascripts/modules/base.coffee

    This declares the Assessory module, and is the first thing we call

  • app/assets/javascripts/modules/app.coffee

    This configures the app and declares the routes, and will usually be the last thing we call (because it's going to be using a few controllers we haven't created yet)

We use require.js to enforce the order in which all the scripts are run, and also to combine and minify the scripts in production so that the browser doesn't have to make so many requests for javascript files.

The rest of this post is gory details about how we're getting Angular.js to render the error page, and how the header at the top is our first Angular directive.

(It's here because I feel I ought to explain what's going on, but the chances are you'll want to skip it for more interesting posts later.)

That 404 page comes from the client

That friendly little fellow with the map (sorry for my poor drawing) is also being rendered by our Angular.js app.

What happens is this: the / route (the home page) is configured to use a template that I haven't written yet. So, Angular.js gets a 404 error when it requests it.

Our app has configured Angular.js that when it has a routing error (such as this), it should set an error variable in $scope.

# Handles route change errors so that the user doesn't just see a blank page
Assessory.angularApp.controller('ErrorController', ['$scope', ($scope) ->
  $scope.$on("$routeChangeError", (event, current, previous, rejection) ->
    $scope.error = rejection
  )
  $scope.$on("$routeChangeSuccess", () ->
    $scope.error = null
  )
])

$scope is an Angular.js concept -- it contains the data for rendering a fragment of the page. There are usually quite a few scopes, corresponding to different parts that are showing.

The error in this scope (the root scope) causes Angular.js to show the error portion of the main template:

  <div ng-show="error">
    <ng-include src="'client-error-template'"></ng-include>
  </div>

The client error template is pre-embedded in the first HTML we sent the browser, and includes some switches to change what's shown depending on what the error was.

Site header directive

At the top of the image, you can see a site header. That's our first directive. The template is just a fragment of HTML in views.components.directive_siteHeader.scala.html.

If you look in includeDirectives.scala.html you can see how we use Play's templating to insert the template into the HTML that we initially send the browser -- this means that Angular.js never has to make a request to the server to fetch that template, because we've already provided it.

<!-- Site UI components --> 
<script type="text/ng-template" 
        id="directive_siteHeader.html"
>
  @views.html.partials.components.directive_siteHeader()
</script>

(includeDirectives is in turn embedded into the main HTML in main.scala.html.)

The other side of the directive is the Javascript code that declares it to Angular.js

That is in assets.javascripts.components.SiteHeader.coffee and looks like this

define(["modules/base"], (l) -> 

  Assessory.angularApp.directive("siteHeader", () -> 
    {
      restrict: 'E'
      templateUrl: "directive_siteHeader.html"
    }
  )

)

Around the outside, we have a require.js call that makes sure modules/base is loaded first. (That's going to create Assessory.angularapp)

And then we create a directive that tells Angular.js to replace <site-header></site-header> with the content of our site header template.

Building an assessment app in two days -- 4th commit.

The fourth commit has been pushed to GitHub.

Starting to set up the client

This sets up the beginnings of the Angular.js / Play app. Though the app doesn't do anything yet.

A quick run-down on its contents:

  • Global.scala

    This contains the application start-up code for Play. At the moment, it has three things to set up:

    • Set up the database, looking in application.conf for connection details (which in turn looks up some environment variables)

    • Set the home action for DataAction

      DataAction is particularly designed for "single page apps" such as this one.

      When the app is running in the client, Angular.js is going to request data in JSON format from the server, and render it appropriately in HTML.

      But at any stage, the user might click "Refresh", in which case the browser will make a request to the server on that URL. And in that case, we don't want to return JSON data, but the HTML and Javascript that will bootstrap our Angular.js app.

      DataAction uses the Accepts HTTP header to tell the difference between a request from our Angular.js app, and a request from a browser asking for HTML.

      If a request is made with an Accepts header looking for a JSON response, then the DataAction will run and return (asynchronously) data in JSON format. But if the request is made with an Accepts header asking for HTML, then it returns the home action (delivering our Angular.js app to the browser to get started).

    • Set the look up method for RefById and RefManyById.

      This configures how items are retrieved from the database. The basic handy library, (where Ref, RefById, LazyId, and RefManyById, amongst others, are defined) is database agnostic, so this is how we wire it up to our ReactiveMongo database layer.

      The DAO classes we have defined automatically inherit partial functions for looking up the classes they handle. (The DAO trait in handy-reactivemongo defines an appropriate partial function). So, the lookup method just has to call the partial functions from the DAO classes to see which one applies.

      (If you're new to Scala, a "partial function" is essentially a function that can say "actually, no I can't handle that argument after all". So, we can keep a set of partial functions for looking up different classes of item by their ID, and the partial functions themselves can decide whether or not they apply to the reference we gave them.)

  • Application.scala

    This contains a few key "actions" for our app.

    • index

      This action delivers the HTML for our Angular.js app

    • The default action

      Angular.js includes its own routing (its own handling of URLs) in the browser. In a single page app, the routing on the client side is somewhat decoupled from the routing on the server side.

      This means it's perfectly possible that there will be a valid URL in the client that isn't defined as an explicit action on the server.

      But we still need to handle the request if the user hits "refresh" and causes their browser to make an HTTP GET request to the server for that URL.

      The default action causes those requests to return the index action (containing our Angular.js app).

    • The partials action

      Periodically, Angular.js needs to request the HTML for a new template to show. As we define new views, we will be defining new partial templates.

      If we gave each partial template its own entry in the routes file, then in development, every time we add a new partial template, Play would want to recompile all the controllers as the routes file (containing all the controllers' action URLs) would have changed. If we instead put all the partials into this one action, then adding a new partial template only causes the Application controller to recompile.

  • main.js

    We're going to use require.js to combine and minify our Javascript (because we're going to have a lot of small Javascript files by the time we're finished).

    At the moment, there are no Javascript files to load, so we're "requiring" an empty array of files.

    We have set it up, though, so that when all the (zero) libraries have loaded, require should tell Angular.js to bootsrap.

  • includeDirectives.scala.html

    This is where we'll embed the HTML for Angular.js template directives. But at the moment, there aren't any.

Building an assessment app in two days -- third commit.

The third commit puts in place the first Data Access Object for the database: UserDAO

This uses ReactiveMongo, which is a non-blocking database driver for MongoDB. That means that when the database is processing a query, the thread is not left waiting, but can get on with other tasks.

Each of the methods returns Ref.

You're probably getting a bit tired of seeing Ref everywhere, but if you glance over to the test, you should see how they can be chained together in a fairly easy to read style. (If you're familiar with Scala.)

For instance, in this snippet, you can read those for statements as sequential actions that happen one after another. They happen asynchronously, but in order. First we save the user, then we push a new session, then we fetch the user again using the session, and then we extract the name from the user we got back.

"push sessions correctly" in {      
  val u = UserDAO.unsaved.copy(name=Some("Cecily Cardew"))
  val returnedName = for (
    saved <- UserDAO.saveNew(u);      
    pushed <- UserDAO.pushSession(
      saved.itself, 
      ActiveSession(key="mysession")
    );
    fetched <- UserDAO.bySessionKey("mysession"); 
    name <- fetched.name
  ) yield name      

  returnedName.toFuture must be_==(
    Some("Cecily Cardew")
  ).await      
}

There are a few design decisions taking place in this commit.

  • User contains a sequence of active sessions.

    This is going to let us list your active sessions in the browser, and remotely log yourself out if you've left yourself logged in on another computer.

  • There's no save, only saveDetails and a lot of push.. methods.

    When we save a user, we don't want to overwrite the sessions -- in case a concurrent request is updating them while we're processing this save. (Whether or not it's concurrent within the database, there might be two requests from the browser in flight.)

    Accordingly, saveDetails does not update the active sessions or any of the other lists.

  • Password hashing is already in there

    Although we're not supporting log-in with passwords, the default classes in handy-appbase-core already create a salt and a hash method, so that it's easy to store passwords salted and encrypted. (This uses encryption that comes standard in the JVM)

Monday 2 September 2013

Building an assessment app in two days -- second commit.

The second commit is where I need to start thinking about the app a bit more. We're going to establish a few basic data model classes. They'll change as the rest of the code is written, but this commit will make a start on it.

Our situation gives us a slightly unusual need:

  • The students are all in groups already
  • The software hasn't been written yet, so the students are not in the database
  • We can't use their UQ logins (institutional policy reasons)
  • But we have all the students' GitHub usernames in a spreadsheet

When students log in, they need to be able to get their groups — which means the groups need to be entered before the students have created their accounts in the database.

That means we're going to need a concept of a "pre-enrol", so that when a student has logged in, they can automatically find both the course and their group, in this case using their GitHub username.

Although I'm writing this initially for our course, I'll try to make the data model reasonably general.

Things you'll notice about the data model

  • There are lots of Refs. This is part of my handy library. A ref is a reference to a data object. It might be the object itself; it might be a Future that will return the object when a database fetch has completed. It might be a LazyId if all we have so far is the ID of the object. There are quite a few possibilities for what a Ref can be.

    Ref is a monad, which means that it has flatMap and map methods that I'm going to use extensively, and ensures that at the end of an algorithm I'll still have something that meets Ref's contract.

    It's what I call an "ad-hoc" monad, however, because we haven't predetermined the specific kind of Ref we're going to end up with.

    More information will go up on handy's documentation site (And there's a paper I want to write on this style of app development soon.)

  • Each of the data classes extends HasStringId.

    This means a little more than just that it has a string id. Ref.getId looks for an "implicit argument" that can produce a canonical id for an object. (For instance, so that if you use Integer ids, Ref(classOf[Foo], 10:Int) and Ref(classOf[Foo], "10") resolve to the same item.)

    Within the handy library, there's an appropriate object GetsStringId for handling this for objects whose canonical IDs are Strings.

    (In the database layer, however, we're going to be converting to and from MongoDB's BSONObjectID class. I just don't want to expose object IDs in the API.)

So, in this commit we have some incomplete data classes:

  • User

    A user in the system. This inherits from one in handy-appbase-core, and includes types for Identity and PasswordLogin (though we won't be using the PasswordLogin for now)

  • Identity

    A social login identity, such as a GitHub account. (Or, in time, LTI for logging in directly from Blackboard, but university policy prevents us from doing that yet.)

  • Task

    Well, if we're asking them to do a peer critique, maybe we'll have other tasks for students in time.

  • Course

    A course (we'll try to open this up for others too)

  • Preenrol

    A way of pre-registering students for courses if all you have is a social identity

  • Group

    A group, for the group critique

  • GroupSet

    Sometimes, in courses, students are in more than one group. For instance, they may have a tutorial group as well as a project group. Or their group may change every so often, but you'd like to preserve the historical groups they've been in in the past so you can look back on their previous work.

    GroupSet will support this

  • GPreenrol

    Preenrol for groups

  • Question

    The critique is going to need a survey form of some sort, which will be made up of questions. We'll establish the different kinds of question in a later commit.

    (Likewise, there's an Answer trait)

  • Critique

    A critique

  • CritTask

    The task of doing a critique

Building an assessment app in two days -- first commit.

So it's Tuesday lunchtime, and now that the meetings of yesterday evening and this morning are done, I can get started.

(I've got another meeting in an hour.)

The repository is now up on GitHub at http://github.com/impressory/assessory

The first commit just establishes the basic structure of the project. (The link takes you to github's page showing the committed code.)

We have three projects:

  • Outermost, the Play app itself
  • asserssory-api, which will contain classes for the data in the app.
  • assessory-reactivemongo, which will contain our database layer. The project will use ReactiveMongo, which is a non-blocking driver for MongoDB.

    And when I get to writing the database components, it'll also use handy-reactivemongo that contains some useful common code, and wraps the returned data as a Ref.

There are no tests yet, because there's no code to test. But on my machine at least, the Play project starts.

If you check it out, you might find that sbt isn't wholly content about the "SNAPSHOT" dependencies and keeps trying to re-resolve them every time you run a command, even if it only just did so. This might make your build slower than ideal. This doesn't happen on my machine because I've built those dependencies and run sbt publish-local on them, so that sbt only has to look as far as the ~/.ivy2 directory on my laptop.

I'll resolve that in due course.

Building an assessment app in two days without rushing (hopefully)

At the University of Queensland, I'm helping to teach a software engineering studio course ("Design Computing Studio 2") where students are all collaborating, in groups, on 170-person project. It's a somewhat unique course, as it has a very large amount of collaboration between groups, and we've presented papers on it at two well-regarded international conferences: ICSE and ITiCSE.

This year, my colleague Jim has introduced peer critiques into the course — something that was missing in previous iterations. Groups will be asked to present their plans, and students will be asked to critique them. The groups in turn get to rate whether or not the critique feedback was useful.

I've also been writing the interactive teaching software "Impressory" for use on the course, and have a number of other software projects on the go. So, I wrote handy to make it easy and concise to write interactive, functional, webapps (generally, with Angular.js and Play).

It's time to find out how easy it really is.

The challenge

This week, I'm going to write the critique tool, as the first piece of functionality for an open source assesement app. And I'm going to blog it as I go — each post describing what code I've written, and how and why it does what it does.

This isn't going to be a hackathon — I'm not planning on staying up nights. In fact the next thing I have to do after posting this is head out the door to a meet-up about something completely different. And then I've got another meeting tomorrow morning. (So you might not see the next post until tomorrow afternoon.)

But the next lecture for the course is at 8am on Thursday, and I'd like to have it done by then so I can show it in class. Right now, it's 6pm on Monday. So that leaves Tuesday and Wednesday to get it done (in between other things like writing lecture content).

Let's see how we go.

For the students on the course

On the course, we teach highly collaborative ways of building software — part of our ethos is that even when we think we're working individually, we are still collaborating because we work with each others' code. There are tests, continuous integration, ticket management, collaboration tools, and all the fun of the fair.

If I'm writing this app in public and blogging it, then the chances are at least one or two students will glance at my code and the blog posts. And, if they're anything like I was as a student, they will be particularly delighted to see what I get wrong! (I'm sure there will be some things.)

So, I'd better to make the disclaimer up front that there will be some short-cuts.

Things that will be the same:

  • Version control, using git on github
  • There will be some tests (though using Specs2 rather than JUnit)
  • Automated builds (though using sbt rather than gradle). At each stage, you should be able to run it at home if you want.

Things that will be different:

  • Scala, not Java.

    Later in the course, we introduce students (a little) to Scala. But for the moment, it might look a little alien.

    Using Scala means a lot of the code I write can be much more concise.

    It can also be written in a functional style that makes it easy to use some powerful abstractions, and to avoid some mistakes (by making it less likely that a mistake will compile without errors).

  • Some unfamiliar libraries.

    In handy, I hopefully have a bit of a head start.

    handy-appbase-core contains a few classes that have been hived off from Impressory to mean I don't need to repeat myself about functionality I've already written.

    And that includes dealing with security, asynchronous databases, returning model objects as JSON, log in with GitHub, dealing with whether it's a JSON request for data or a browser hitting a data URL, etc.

  • Probably fewer tests

    On the course, having fewer tests would be a very bad habit — there's 169 other programmers who could break your code at any moment, and we'd like a test to show they haven't please.

    But over the next few days I'm not going to have 169 collaborators to keep me honest.

    The style I'm writing this in, however, tries to make sure that the type checker is less likely to let a mistake through than for a typical Java program.

  • No CI server.

    I haven't yet set up a continuous integration server for the project. As I'm a lone developer, so there's nobody to continuously integrate with, I might not.

Sunday 1 September 2013

Play, Angular.js, and Handy

For a few recent projects, I've been using Angular.js at the client and the Scala Play framework at the server.

I also have a handy library that helps make a lot of things quick, easy, and tidy.

Normally, every framework has its good points but the occasional gotcha. But in this case, I found them to be a very virtuous combination, each making the others more useful.

Play and Handy

Play is a non-blocking framework, and with my handy library, it's nice and easy to write code that can include as many asynchronous calls as it likes and returns the result to the client. Even if the JSON conversion involves more asynchronous calls to fetch other information you'd like to include.

def get(contentId:String) = DataAction.one  { 
  implicit request => 
    for (
      content <- contentRef(contentId);
      approved <- request.approval ask 
                  Permissions.ReadContent(content.itself)
    ) yield content
}

In our hypothetical example here, DataAction.one will call content.toJsonFor(request.approval) to produce JSON to return. In our hypothetical example the "content" is sometimes a sequence — a playlist of other pieces of content to show in order — and converting it to JSON fetches and embeds them in the response. And it all happens aynschronously in a compact monadic style.

(This example is a slightly butchered version of what happens with content sequences in Impressory)

I'm gradually improving the documentation at handy, if you want to find out how it makes things easier.

Play's snag with HTML

If you want to Play's templating system for HTML, it has the annoying gotcha that while you can embed an Option straight into the template,

<span>@{object.myOptionValue}</span>

you can't embed a Future straight into the template.

<!-- not supported -->
<span>@object.myFutureValue</span> 

Of course that's where "gotcha" means "has the same limitation that every other templating system on the planet has too".

Play's templating, like just about every other templating framework I know of, doesn't have the smarts to turn the template itself into a Future if it's got a Futures embedded into it.

This is perfectly fair enough, but means that if you're working in a non-blocking way, you end up needing to resolve all your Futures and only then call the template, passing them in as explicit parameters.

Which always made me grumpy, as it was unnecessary overhead making things look messy. Thanks to my handy library, I could convert to JSON in an asynchronous way, with embedded Futures in the conversion, but not to HTML.

Angular.js to the rescue

The obvious way that Angular.js helps Play is that the templating happens on the client. You're no longer embedding data into the HTML, so you don't end up needing to resolve those futures.

A problem not encountered is as good as a problem solved!

A snag with Angular.js

The first gripe I had about Angular.js was perhaps an unusual one. Not the documentation (that I've coped ok with), but that inlining reusable snippets is a little clunky.

There are directives, and there's ngInclude, but the template to include either has to either:

  • be fetched in another http request,
  • or embedded into a <script> element in the HTML. (Which doesn't itself solve how to split it into a different file.)

Play's templating to the rescue

Well, this is of course is where Play's templating solves the problem.

An Angular.js template can be broken up into as many fragments as you like, and pieced together on the server in a single request.

So for instance, Impressory has an includeDirectives.scala.html file, whose sole responsibility is to pull in all the directive templates

<-- etc -->
<script type="text/ng-template" 
        id="directive_ce_edit_tags.html"
>
  @views.html.partials.viewcontent.directiveEditTags()
</script>
<script type="text/ng-template" 
        id="directive_ce_edit_settings.html"
>
  @views.html.partials.viewcontent.directiveEditSettings()
</script>
<-- etc --> 

In the end

In the ends, this gives me a way of writing Single Page Apps that is:

  • very compact
  • scalable and non-blocking
  • typesafe
  • looks neat and clean (a simple monadic style)
  • separates concerns well (database, security, JSON conversion, etc are all handled tidily)
  • above all, fast to write

This last part is particularly important — I'm employed as a research engineer, and there's only so long I can get away with cranking out code. Most of the time I want to be deciding what to build and inventing interesting solutions to interesting problems, rather than spending too much time writing the code.