Saturday, May 27, 2023

Identity Access Control

 Identity Access Management (IAM) is a framework of business processes, policies, and technologies that manages digital identities and controls how identities can be used to access resources.


IAM is used to ensure that the right individuals access the right resources at the right times for the right reasons. Here's a brief explanation of its key components:


1. **Authentication**: This is the process of determining whether someone (or something, like a system) is who they claim to be. This is often accomplished via passwords, two-factor authentication, biometric data, or other methods.


2. **Authorization**: After a user is authenticated, the next step is to determine if they have permission to access the resource they're trying to use. This is often determined based on the role assigned to the user or the rules defined for the resource.


3. **User Management**: IAM systems manage user identities, including the creation, removal, and organization of user profiles. Administrators can assign and revoke rights and permissions, often using a dashboard or control panel.


4. **Single Sign-On (SSO)**: SSO is a feature that allows users to authenticate with one set of credentials and access a suite of related applications. This not only improves the user experience but also enhances security by limiting the use of (and thus exposure of) credentials.


5. **Multi-Factor Authentication (MFA)**: MFA adds an extra layer of security by requiring users to provide two or more verification factors to gain access to a resource.


6. **Identity Federation**: This feature allows users to use the same identity (username, password, etc.) across multiple systems, which is especially helpful in hybrid and cloud environments.


7. **Identity Governance**: This is the policy-based centralized orchestration of user identity management and access control. It helps organizations achieve compliance by providing auditable trails.


By employing IAM, organizations can enhance security, improve productivity, meet compliance requirements, and deliver a better user experience.

Role Based Authentication

 Role-Based Access Control (RBAC) is a method of managing access to a system's resources based on roles assigned to individual users within an enterprise. This method provides fine-grained control and offers a simple way to manage permissions across a large number of users.


Here's a brief explanation of how it works:


1. **Roles**: Roles are defined according to job competency, authority, and responsibility within an organization. For example, you might have roles such as "admin", "manager", "developer", "user", etc.


2. **Users**: Each user is assigned one or more roles, and each role grants certain permissions. For example, a "user" might be able to view data, a "developer" might be able to modify that data, and an "admin" might have full control over all operations.


3. **Permissions**: Permissions define what resources a role can access and what operations it can perform. Permissions are associated with roles, and users inherit these permissions through their roles.


4. **Access Decision**: When a user tries to access a resource, the system checks the user's role and determines whether that role has the required permissions to access the resource. If the role has the necessary permissions, the system allows the user to access the resource.


This approach greatly simplifies management and auditing of user privileges. Instead of assigning permissions to each user individually, permissions are assigned to roles, and users are assigned roles, allowing administrators to manage user privileges by simply assigning appropriate roles to users. 


Furthermore, RBAC can be used in combination with other access control methods such as Attribute-Based Access Control (ABAC) for even finer control over system resources.

Monday, May 15, 2023

Redoc Demo

 https://redocly.github.io/redoc/?url=openapi-3-1.yaml#tag/pet/operation/addPet

Thursday, May 04, 2023

Mikado Method

 Explain Mikodo method and creating Mikodo graphs


It seems like you might be referring to "Mikado Method" and "Mikado Graphs." If that's the case, here's an explanation of the Mikado Method and how to create Mikado Graphs:


The Mikado Method is a systematic approach to facilitate large-scale refactoring and reorganization of code in a software project. It helps developers identify and manage dependencies between different parts of the code, minimizing the risk of breaking the system while making changes. The method is particularly useful when dealing with legacy code or complex systems that require significant restructuring.


Creating Mikado Graphs:


A Mikado Graph is a visual representation of the dependencies and tasks involved in the refactoring process. It helps you keep track of the changes required and the order in which they need to be implemented. Here's a step-by-step guide to create a Mikado Graph:


Identify the goal: Define the refactoring goal you want to achieve, such as improving code structure, updating a library, or implementing a new feature. Write the goal at the top of a blank sheet of paper, whiteboard, or digital drawing tool.


Try the simplest solution: Attempt to make the desired change directly in the code. If it works without causing problems, you're done. If it introduces issues or breaks other parts of the system, proceed to the next step.


Add prerequisites: Identify the issues that need to be resolved before implementing the change. These are your prerequisites, and they should be represented as nodes in the Mikado Graph. Draw arrows from the goal node to each prerequisite node.


Recurse: For each prerequisite node, repeat steps 2 and 3. If the prerequisite can be implemented without causing problems, mark it as done. If it introduces new issues, create new nodes for each new prerequisite and connect them to the current node with arrows.


Undo changes: As you identify new prerequisites, undo any code changes made during the process to maintain a stable system. The Mikado Graph serves as a guide to implement the changes in the correct order later.


Complete prerequisites: Once the graph is complete, start implementing the prerequisites from the bottom up. Each completed node will enable you to tackle its dependent nodes until you finally reach the main goal.


By following the Mikado Method and using Mikado Graphs, you can systematically refactor and reorganize your codebase while minimizing the risk of breaking the system.


Are there any resources to learn how to apply it for Rails code base?


While there aren't many resources specifically dedicated to applying the Mikado Method to a Ruby on Rails codebase, you can still learn the method and apply it to any codebase, including Rails projects. The concepts and practices of the Mikado Method are universal and can be adapted to various programming languages and frameworks.


Here are some resources to help you learn the Mikado Method:


The Mikado Method book: The primary resource for learning the Mikado Method is the book "The Mikado Method" by Ola Ellnestam and Daniel Brolund. This book provides a detailed explanation of the method along with examples and case studies. Although not focused on Rails, the book's principles can be applied to Rails projects.

Book link: https://www.manning.com/books/the-mikado-method


Blog posts and articles: There are several blog posts and articles available online that explain the Mikado Method and its application. Here are a few examples:


https://medium.com/@_nikkormat/mikado-method-a-structured-way-to-make-big-changes-3db35e3aa3c

https://www.methodsandtools.com/archive/mikado.php

Videos and presentations: Various recorded talks and presentations can help you learn the Mikado Method through visual explanations. Here are a couple of examples:


https://www.youtube.com/watch?v=bGk_VM9Xgxo

https://vimeo.com/123635803

To apply the Mikado Method to a Rails codebase, you can follow the general principles and adapt them to Rails-specific concepts and components. As you gain a deeper understanding of the method, you'll be able to apply it effectively to refactor and reorganize Rails projects or any other codebase.


Can it be used to update library used in a web application?


Yes, the Mikado Method can be used to update a library used in a web application. The method helps you identify and manage dependencies and required changes in a systematic way, which is particularly useful when updating libraries that might have a significant impact on your application.


Here's a high-level overview of how to apply the Mikado Method for updating a library in a web application:


Define the goal: The goal is to update the library to a specific version or to replace it with another library. Write this goal at the top of your Mikado Graph.


Update the library: Attempt to update the library directly. If the update is successful and doesn't cause any issues, you're done. If it introduces breaking changes or issues, proceed to the next step.


Identify prerequisites: Determine the issues that need to be resolved before the library update can be implemented. These issues could include changes in function signatures, updated configuration settings, or modifications in the library's behavior. Add these prerequisites as nodes to your Mikado Graph and connect them to the goal node with arrows.


Recurse through prerequisites: For each prerequisite node, try to implement the required changes. If the changes introduce new issues or dependencies, create new prerequisite nodes and connect them to the current node. Remember to undo any code changes made during this process to keep the system stable.


Complete prerequisites: Once you've identified all dependencies and required changes in the Mikado Graph, start implementing the prerequisites from the bottom up. As you complete each node, you'll be able to tackle its dependent nodes, eventually leading to the main goal of updating the library.


By following the Mikado Method, you can systematically update libraries in your web application while minimizing the risk of breaking the system or introducing new issues.


So it is not really restricted to just refactoring a code base?


That's correct. The Mikado Method is not restricted to just refactoring a codebase. While it is primarily known for its effectiveness in handling large-scale refactoring, it can also be applied to other aspects of software development, such as updating libraries, implementing new features, or reorganizing code.


The strength of the Mikado Method lies in its systematic approach to identifying and managing dependencies and required changes. This makes it a versatile technique that can be adapted to various tasks within software development, ensuring that changes are implemented in a well-structured and organized manner, while minimizing the risk of breaking the system.


How to choose whether to pick breadth first or depth first when using the Mikado method?


When using the Mikado Method, choosing between breadth-first or depth-first traversal depends on the specific refactoring goal, the complexity of the codebase, and personal preferences. Both approaches have their advantages and can be effective in different situations.


Breadth-first traversal:

In breadth-first traversal, you address all immediate prerequisites of a node before moving on to their prerequisites. This approach allows you to identify and understand the full scope of required changes at each level before diving deeper into the dependencies.


Advantages:


Provides a clearer picture of the overall scope of changes at each level.

May help identify common dependencies or overlapping tasks early in the process, allowing for potential optimization.

Easier to parallelize work among team members, as multiple tasks can be tackled at the same level.

Depth-first traversal:

In depth-first traversal, you follow a single chain of prerequisites to its end before backtracking and exploring other chains. This approach allows you to focus on one dependency path at a time, which can be helpful when dealing with complex or deeply nested dependencies.


Advantages:


Helps maintain focus on a single chain of dependencies, which can be beneficial in complex codebases.

Potentially faster in identifying the full extent of a specific dependency chain.

Easier to understand the context and interconnectedness of tasks within a single chain.

To decide which approach to use for the Mikado Method, consider the following factors:


Complexity: If your codebase has a high level of complexity and deeply nested dependencies, depth-first traversal might be more manageable and efficient. For less complex codebases or when the scope of changes is relatively small, breadth-first traversal could provide a better overview.


Familiarity: If you are already familiar with the codebase, you might have a better idea of which traversal method would be more suitable. If you're new to the codebase, experimenting with both approaches might help you determine the most effective method for your specific situation.


Personal preference: Some developers may prefer the focused approach of depth-first traversal, while others may find the broader perspective of breadth-first traversal more intuitive. Choose the approach that you're most comfortable with and that aligns with your problem-solving style.


Ultimately, the choice between breadth-first and depth-first traversal in the Mikado Method depends on your specific refactoring goal, the complexity of your codebase, and your personal preferences. You can even switch between the two approaches during the process if it makes sense for your particular situation.


Wednesday, May 03, 2023

Find all users created yesterday

 To find all User records with a created_at timestamp of yesterday using ActiveRecord in Rails:


yesterday = Date.yesterday.beginning_of_day..Date.yesterday.end_of_day

users_created_yesterday = User.where(created_at: yesterday)


This code first creates a range representing yesterday's date from the beginning of the day to the end of the day. Then, it queries the User model using the where method to filter the records based on the created_at timestamp within the specified range. The result is an ActiveRecord relation containing all User records created yesterday.


Tuesday, May 02, 2023

Search and display surrounding lines in log file

 grep -n 'search_string' /path/to/log/file.log | cut -d: -f1 | xargs -I {} awk 'NR >= {} - 50 && NR <= {} + 50' /path/to/log/file.log | sed -n '1,101p'