Hi Guys, first off thanks for inviting us to Seattle! It was an awesome experience!

Hope to do it again soon.

Here are the assets of what I was working on-

https://www.dropbox.com/sh/36u1b385n75v7pe/-u7rXlyKPb

and here is the blog

https://medium.com/p/f9a64f526ed 

thanks again

-Cal 

Hey all!

Back in California now but I was definitely having withdrawals as soon as I walked away from the #airportsprint. Let’s do this again soon! Anyway, I put together a fancy blog post about what I learned during the sprint. I’m pretty sure every time I talked to someone new, I picked up another great Plone tip, but I recapped the top three for starters. — https://medium.com/p/e7dc4757e4b4

Also, for posterity, here are the assets for both the login screen mock-ups and the Plone.com mock-ups. Feel free to remix ‘em if you want to! (Bonus: the Emerald Sprint logo is in there, too.) — https://www.dropbox.com/sh/c02o8j8rysrkxlh/XEYhGzOLiD 

Til next time,

Trish 

Much is possible, with a little help from your friends -- and a few sprint sponsors.

The recent Emerald Sprint concentrated on user issues: how those pesky people who don't work at the command prompt register, login, logout and fill out their user profiles. With Ian Anderson and Luke Brannon, I worked on PLIP 13350, a proposal to make the fields that make up a user profile easy to extend and edit.

Changing user profile fields is one of those long-term Plone annoyances. It's something that's very easy to do -- for an experienced integrator -- but completely opaque to new integrators and developers. Eric Brehault (ebrehault) and Mathieu Le Marec - Pasquet (kiorky) submitted a plan to clean this up with PLIP 13350 using something like the Dexterity field editor. They also laid the implementation groundwork, actually using Dexterity's schema and schema editor.

Ian, Luke and I took on getting this ready for Plone 5. We also wanted to reconcile Eric and Mathieu's work with the one of the big ideas of the Emerald Sprint: that user profile fields be distributed through registration, mandatory profile updating and profile editing.

Luke and I scored big by getting to work with Ian. Re-purposing Dexterity's schema editor to work outside of Dexterity's content type configlet is a mind-bending bit of manipulation of z3c.form, plone.schemaeditor, plone.supermodel and plone.app.z3cform. David Glick also added in another ingredient: new implementations of Edit and URI zope schema fields in plone.schema. All this is the sort of thing I can usually figure out in a week or two, but this was a three-day sprint. Ian, though, got the hard part figured out pretty quickly, and Luke and I were able to follow him around writing tests and cleaning up details.

We didn't finish, but by sprint's end it was pretty much working. Ian had even consolidated all the fields into a single schema with field-specific flags to indicate which forms the belonged on. David jumped in from across the table to add a "these fields may not be deleted" list to the schemaeditor, and Ian was able to use it to protect fullname and email address fields -- the ones we need for Plone basics and can't allow a site admin to delete.

All of this was the kind of work that is hard to do in isolation, but can move at lightning speed at a sprint -- where you can call on a lot of community resources. So, we all owe a big thanks to the Seattle Plone Users' Group, our organizers, and all the sprint sponsors, particularly including the Plone Foundation and Chris Calloway.

"Plock Pins are the greatest thing to happen to Plone since Buildout"— Alex Clark

Plock Pins are the final incarnation of a collection of Plone Buildouts I've been developing since 2010. They attempt to make it easy to install Plone with only Python installed [1]. Installing Plone with Plock Pins looks like this:

$ virtualenv-2.7 .
$ bin/pip install zc.buildout
$ bin/buildout init

Now edit your buildout.cfg to add a link to extend the Plock Pins:

[buildout]
extends = https://raw.github.com/plock/pins/master/plone-4-3

Then run Buildout:

$ bin/buildout

Followed by the following command to start Plone:

$ bin/plone fg

That's it! This technique should work for all versions of Plone all the way back to Plone 1.1. If it doesn't, please let me know here:

• https://github.com/plock/pins/issues

Finally, here is a list of all available Plock Pins you can extend [2]:

• https://raw.github.com/plock/pins/master/plone-4-3
• https://raw.github.com/plock/pins/master/plone-4-2
• https://raw.github.com/plock/pins/master/plone-4-1
• https://raw.github.com/plock/pins/master/plone-4-0
• https://raw.github.com/plock/pins/master/plone-3-3
• https://raw.github.com/plock/pins/master/plone-3-2
• https://raw.github.com/plock/pins/master/plone-3-1
• https://raw.github.com/plock/pins/master/plone-3-0
• https://raw.github.com/plock/pins/master/plone-2-5
• https://raw.github.com/plock/pins/master/plone-2-1
• https://raw.github.com/plock/pins/master/plone-1-1

I’m back from another successful annual West Coast Plone sprint: the Emerald Sprint on Whidbey Island near Seattle. Don’t miss Trish’s lovely video montage of our weekend:

I worked with Ross Patterson and Fulvio Casali on the users & groups control panel. The plan is to make it look and work similarly to the new folder contents UI, with the data getting loaded as JSON and manipulated by javascript:

Compared to the existing control panel, the new one shows more information about each user, including join date, last login date, whether the user is allowed to log in, and whether the user has confirmed their email address. It also will make it easier to apply some actions in bulk, such as adding a many users to a group or adding a role to many users at once.

So far our implementation uses the same mockup pattern as the folder contents UI (the “structure” pattern), but with different columns and actions. There’s still quite a bit of work to be done:

• Implementing the JSON view for fetching user and group data. Ross has started on this but it’s complicated because of fetching roles inherited from groups, etc
• Implementing the various actions that can be performed on a user or set of selected users
• Using a simple search instead of the query builder, which is intended for content indexed in the catalog. 
• Integrating the pattern into Plone’s control panel.

The Quick Way

Go to http://plone3.webcluster.uwosh.edu:15082/sites4/manage_main and Copy then Paste the site called ".sandbox-template-site".

The Manual Way

Create a Plone site with

uwosh.policy.ldap
uwosh.intranet_theme
uwosh.securelogin
uwosh.secureloginportlet

 	DataGridField 	1.8b2	1.8b2 
 	Easy Template 	0.7.10	0.7.10 
 	HTTP caching support 	1.0	1.0 
 	PFGDataGrid
 	Plone Classic Theme 	1.1.1	1.1.1 
 	PloneFormGen 	1.7.1	1.7.1 
 	PloneFormGen Save Data to Content(d2c) 	2.1b3	2.1b3 
 	Workflow Manager 	1.0a3	1.0a3 
 	Workflow Policy Support (CMFPlacefulWorkflow) 	1.5.4	1.5.4 
 	jQuery UI 	1.8.13.1	1.8.13.1 
 	uwosh.policy.ldap 	0.2	0.2 
 	uwosh.securelogin 	0.1.1	0.1.1 
 	uwosh.secureloginportlet 	0.1.2	0.1.2 
 	uwosh_intranet_theme

go into the GradStudies portal_skins/custom and copy everything there then paste into portal_skins/custom for the new sandbox site

go to GradStudies/@@manage-viewlets and use as a template for the new sandbox site

Site Setup -> Mail, set SMTP server to out.mail.uwosh.edu, from address to site owner

Site Setup -> Users and Groups -> Groups tab, assign sandbox site owners to Administrator group, assign these others to the group too:

 	  Brian Ledwell (ledwell)  	 ledwell@uwosh.edu  
 	  John Hren (hrenj)  	 hrenj@uwosh.edu  
 	  Luke Scorcio (scorcl56)  	 scorcl56@uwosh.edu  
 	  Michelle Loker (loker)  	 loker@uwosh.edu  
 	  Petersen, Dan J. (petersed)  	 petersed@uwosh.edu  
 	  T. Kim Nguyen (nguyen)  	 nguyen@uwosh.edu

set the skin layers correctly for all skins to include securelogin and secureloginportlet, and to put the uwosh.pfg.d2c layer above the PloneFormGen layer so the topmost ones look like this:

    custom
    uwosh_pfg_d2c_templates
    PloneFormGen
    CMFPlacefulWorkflow
    DataGridWidget
    uwosh_securelogin_custom_templates
    uwosh_securelogin_custom_images
    uwosh_secureloginportlet_custom_images

set up NetID in acl_users.

set login_form size of login name and password fields to 8

disable the "forgot your password?" on login form by going to ZMI Security tab, finding "Mail forgotten password" and unchecking Acquire

make visible the portal_actions/user/login

portal_view_customizations to add site title to the plone_logo; tweaked like this

<div metal:define-macro="portal_logo"
     tal:attributes="class string:cell width-1:4 position-0" id="logo"> 
<a id="portal-logo"
   title="Home"
   accesskey="1"
   tal:attributes="href view/navigation_root_url;
                   title view/navigation_root_title"
   i18n:domain="plone"
   i18n:attributes="title">
    <img src="logo.jpg" alt=""
         tal:replace="structure view/logo_tag" /><h1 id="siteName">Graduate&nbsp;Studies</h1></a>
</div>

May have to adjust ploneCustom.css for #portal-logo margin: 15px and #siteName top: 20px

enable cacheing, set cacheing proxies, set rulesets to Moderate

disable portal_css development mode!

change default front page content

add a plonedev.uwosh.edu URL

TO DO

add site owner to site owners list or intranet site owners list?

add to Plone site wiki in Intranets section

add Groups to drop down menu

Netsight have invited Cosent to collaborate on designing a complete social intranet software suite, to be developed in collaboration with the open source Plone community.

A "Plone Intranet" summit in the wake of the 2013 Plone conference listed user experience, that is: design, as the single most important challenge to tackle if we want to strengthen Plone's attractiveness for the intranet market.

As everybody knows, design is not a problem one solves in a committee. We're using a hybrid model of collaboration styles that allows us to combine the design strengths of a core team with the scaling capabilities of an open source community.

The plan is to donate the work we've been doing to the Plone community, so come and join us at the Plone Open Garden 2014 in Sorrento to get involved.

So, what have we been up to?

Last winter Cosent published the Digital Workplace Technology Roadmap.

Following up on that, we've been analysing the competition, both in terms of the user experience their platforms offer but also in the kind of problems they solve, i.e. what markets they're in. We see significant market potential for a Plone-based solution.

Additionally, we've analysed dozens of cases studies of award-winning intranet designs and have clustered hundreds of intranet screenshots to understand common functional areas, or landing pages, in intranets, mapping those against the model provided by the Digital Workspace Technology Roadmap.

Last week, Netsight and Cosent have been sprinting to turn the insights gained from all of that into actionable designs, that can be used to guide software development.

We selected three types of landing pages in intranets for deeper investigation. For each of these pages, we brainstormed specific functions that users would want to use and card-sorted those into families of similar functionality.

We then picked a single landing page to work on and created several epics with short scenarios about a typical sequence of actions a user would execute to obtain a specific outcome. For example, one of our epics is:

(Team Member) Wendy receives an email from Peter with a list of questions and data that need to be collated before the next meeting of the project board. She forwards the mail into the intranet, where she flags it as a todo for next week on Project X, tags it as "board meeting", adding a note with some initial ideas and could @marcella maybe share her thoughts on this?

For each epic, we created a diagram that sequenced every function invoked as part of the scenario, and then expanded each function step into a full-fledged user story. For example, one of the steps halfway the above epic is the following user story:

Team Member can mention other Team Members in the note (using '@' syntax).

Don't shuffle the stack

Fleshing out those user stories was a lot of work, and involved detailed discussions about our assumptions and choices regarding security architecture and overall strategy. This was done by part of the team, while the other half worked on wireframing possible solutions for the epic. That was a bad idea. They had the same discussions, with different conclusions.

Moving from epic to wireframing involves jumping a level up the design stack in the Garrett five-level model of the design process. When we brought the finished user stories together with the wireframe sketches we had some major inconsistencies. This appears to confirm the model and indicate that you need to get your foundations right before moving to more concrete designs. In this case, you really need to define your scope in detail, before wireframing solutions.

After re-syncing our minds and merging our work, in the final day we ventured into wireframing territory not for a whole page, but for exploring a set of micro-interactions that form the core of a cohesive social intranet experience. We also deepened our understanding of user needs and elaborated on the personas we're using to drive the design.

All in all, we feel we have not only made significant progress towards valuable design outcomes, but also have prototyped a repeatable design process that tackles very complex design challenges in a systematic way.

We plan to have another design sprint in a few weeks to prepare for Sorrento, and look forward to sharing our work there. See you in lovely Italy!

Don't be fooled!  There are only 5 days to go to our April 1 deadline to:

• submit talk proposals for June 18 & 19
• register at the early bird discounted rate

Don't miss:

• our invaluable & inexpensive training classes (June 13-17)
• the Plone / plone.com marketing pre-sprint (June 17 & 18)
• our great keynote speakers (June 18 & 19)
• our sprints where all newcomers are welcome (June 20-22)

"Plone 5: Ship It - Ship It Good!" will be the theme for our sprints :)

Come learn, share, and make great connections!

    The Plone Rangers at UW Oshkosh

This blog post is about how to duplicate your Linux services and configuration from one server to another. We use simple and hackable SSH, rsync and shell scripting to copy the necessary files to make a cold spare from your existing server installation.

1. Preface

The method describes here is quite crude and most suitable for making a spare installation of your existing server. In the case you lose your production server, you can boot your cold spare, point your (fail-over) IP address to the spare server and keep business going – something you might want to do if you run mom’n'pop web hosting business. Because of the simplicity of the method it works on default Linux installations, bare metal servers and old-fashioned file systems like Ext4.

The instructions here have been tested with Ubuntu Linux 12.04, but should work with other versions with minor modifications. I have used this method successfully  with Heztner hosting (highly recommended for all the cheapskates out there) by having one production machine and one spare machine. The spare is mirrored weekly. Daily Duplicity backups can be restored on the spare if week is too long data loss period. Though in my case the servers are bare metal, the method works for VPSes as well.

The duplication script might be also useful for setting up a staging server from your production server for software developer and testing.

2. More powerful duplication tools

More fail safe, more engineer-oriented duplication approaches exist, but usually require additional preparation and tuning on the top of the default Linux installation. Applying these to existing running Linux installation might be tricky.

• Use virtual machines like KVM and snapshot them, then migrate the snapshotted copy on another server.
• Use a file system supporting snapshots like Brfs or ZFS.
• Replicate your databases using native replication (MySQL, PostgreSQL) – if you cannot afford losing few database rows (hot spare).
• Replicate your file system (hot spare)
• (If you have any more ideas how to make hot or cold spares please post in the blog comments)

3. Building and running the duplication script

This script is run on the target server (cold spare) and it will clone the content of the source server (actual production machine) on itself. It uses SSH keys and SSH agent to create the initial connection, so make sure you are familiar with them.

Assumptions

• The target server must be clean Linux installation, the same exact version as on your source server.
• Your server has standard /etc/passwd user account management. This is copied first so that we correctly preserve file ownership (related ServerFault discussion).
• Services you run (PHP, Django, Plone, Node.js, you-name-it) are under /srvas recommended by Linux filesystem hierarchy standard
• Source and target MySQL servers must have initialy same password for the root. Set this when the script runs apt-get install mysql-server for the first time.

Limitations

• The first run is interactive, as apt-get install asks bunch of stuff for packages like MySQL and Postfix.
• MySQL dumping and loading the dump does not guarantee all of your data survives intact, especially when skip-lock option is used for the performance reason. For ordinary CMS operations this isn’t a big issue.
• If you other services beside MySQL needing special flush or lock handling follow the related instructions.

For MySQL duplication make sure you have the following /root/.my.cnf file on the source server, as it allows you to interact with MySQL:

[mysqldump]
user=root
password=YOUR PASSWORD HERE

[client]
user=root
password=YOUR PASSWORD HERE

Run the script inside a screen, because the duplication process may take a while and you do not want to risk losing the process because your local internet connectivity issue.

scp mirror-ubuntu.bash targetserver:/tmp
ssh targetserver
screen 
cd /tmp
bash mirror-ubuntu.bash

4. Testing the spare server

After the duplication script has successfully finished mirroring the server you want to check if the services can be successful started and interacted on the cold spare.

Change internet-facing IP addresses in the related services to be the public IP address of the spare server. E.g. the following files might need changes:

• /etc/default/varnish
• /etc/apache2/ports.conf
• /etc/apache2/sites-available/*

Spoof your local DNS to point the spare server on the tested sites. Edit your local /etc/hosts and add spoofed IP addresses like:

1.2.3.4 www.service1.example.com www.service2.example.com opensourcehacker.com

Access the sites from your web browser, see that database interaction works (login) and file interaction works (upload and download files).

5. mirror-ubuntu.bash

#!/bin/bash
#
# Linux server ghetto duplication script
# Copyright 2014 Mikko Ohtamaa http://opensourcehacker.com
# Licensed under MIT
#

# Everything is copied from this server
SOURCE=root@myserv.example.com

# Our network-traffic and speed optimized rsync command
RSYNC="rsync -a --inplace --delete --compress-level=9"

# Which marker string we use to detect custom init.d scripts
INIT_SCRIPT_MARKER="### BEGIN INIT INFO"

# As we will run in screen we need to detach
# from the forwarded SSH agent session and we use a local
# SSH key to perform the operations.
# Also overriding /root destroys our key.
# Create a key we use for the remaining operations.
TEMP_SSH_KEY=/tmp/mirror_rsa

# The software stack might have touched the following places.
# This list is compliled through trial-and-error,
# sweat and cursing.
# We cannot take /etc as a whole, because it contains
# some computer specific stuff (hard disk ids, etc.)
# and copying it as a whole leads to unbootable system.
CHERRYPICKED_ETC_TARGETS=(\
    "/etc/default" \
    "/etc/varnish" \
    "/etc/apache2" \
    "/etc/ssl" \
    "/etc/nginx" \
    "/etc/postfix" \
    "/etc/php5" \
    "/etc/cron.d" \
    "/etc/cron.daily" \
    "/etc/cron.monthly" \
    "/etc/cron.weekly" \
    "/etc/init.d")

# Create a key without a passphrase
# and put the public key on the source server
rm $TEMP_SSH_KEY 2>&1 > /dev/null
ssh-keygen -N '' -f $TEMP_SSH_KEY
ssh-copy-id -i $TEMP_SSH_KEY $SOURCE
# Detach from the currently used SSH agent
# by starting a session specific to this shell
eval `ssh-agent`
ssh-add $TEMP_SSH_KEY

# Assume the system have same Ubuntu base installation and no extra repositories configured.
# Bring target system up to date.
apt-get update -y
apt-get upgrade -y

# TODO: check that the kernel uname is same
# on the source and the target systems

# This is somewhat crude method to try to install all the packages on the source server.
# If the package is missing or replaced this command will happily churn over it
# (apt-get may fail). This MAY cause user interaction with packages
# like Postfix and MySQL which prompt for initial password. Not sure
# what would be the best way to handle this?
ssh $SOURCE dpkg --get-selections|grep --invert-match deinstall|cut -f 1|while read pkg
do
    apt-get install -y $pkg
done

# As some packages might have changed due to version upgrades and
# deb renames the following step needs interaction
ssh $SOURCE dpkg --get-selections|grep --invert-match deinstall|cut -f 1

# Copy user credentials first to make sure we
# get the user permissions and ownership correctly.
# http://serverfault.com/a/583336/74975
echo "Copying users"
$RSYNC $SOURCE:/etc/passwd /etc
$RSYNC $SOURCE:/etc/shadow /etc
$RSYNC $SOURCE:/etc/group /etc
$RSYNC $SOURCE:/etc/gshadow /etc

# Copy home so we have user home folders available
# Skip duplicity backup signatures
echo "Copying root"
$RSYNC $SOURCE:/root / --exclude=/root/.cache
# lost+found content is generated by fsck, uninteresting
echo "Copying home"
$RSYNC $SOURCE:/home / --exclude=/home/lost+found

echo "Copying /etc targets"
for i in "${CHERRYPICKED_ETC_TARGETS[@]}"
do
   $RSYNC $SOURCE:$i /etc
done

# Most of your service specific stuff should come here
echo "Copying /srv"
$RSYNC $SOURCE:/srv /

# Make sure stuff which went to /etc/init.d gets correctly reflecte across runlevels,
# as our /srv stuff has placed its own init scripts
for i in  /etc/init.d/*
do
    service=`basename $i`
    # Separate from upstart etc. jobs
    if grep --quiet "$INIT_SCRIPT_MARKER" $i ; then
        update-rc.d $service defaults
    fi
done

# Copy MySQL databases.
# Assume source and target root can connect to MySQL without a password.
# You need to set up /root/.my.cnf file on the source server first
# for the passwordless action.
# http://stackoverflow.com/a/9293090/315168
echo "Copying MySQL databases"
ssh -C $SOURCE mysqldump \
    --skip-lock-tables \
    --add-drop-table \
    --add-drop-database \
    --compact \
    --all-databases \
    > /root/all-mysql.sql

# MySQL dump restore woes
# http://stackoverflow.com/a/21087946/315168
mysql -u root -e "SET FOREIGN_KEY_CHECKS = 0; source /root/all-mysql.sql ; SET FOREIGN_KEY_CHECKS = 1;"

# Remove the key we used for the duplication
rm $TEMP_SSH_KEY

Buy open source friendly bitcoins Subscribe to this blog in a readerFollow me on TwitterFollow me on FacebookFollow me Google+

I worked with Franco Pellegrini, Chris Calloway, Cris Ewing, Eric Steele, and Liz Leddy to move Plone’s login to a more modern z3c.form based implementation. The first part of this process was to discover and document the parts that needed to be updated. From this, we decided to create a html based prototype before actually getting down to coding. This planning allowed us to determine what the major tasks were, and what could be done later. 

Login:

Note that we’ve included external auth sources right on the login view. Additionally, links for help and new account sign up are easy to find. External auth is not yet implemented. The login implementation is working, but may not handle all the cases that the current login functionality has.

Signup/Registration:

Two things to note is the ability to use an external source for your registration and the gray bars at the bottom is the password strength indicator. Both of these are not yet implemented.  

Login Help:

 The login help form has been stubbed out but needs a full implementation.

Logout, Insufficient Privileges, Request Access have all been implemented, but require further attention. Desired improvements to the login system include a way for integrators to easily include their own organization’s custom password policy.

To see it in action follow the instructions to get the Plone 5 cordev buildout working, then run  

./bin/buildout -c  plips/plipNNNN-new-login-flow.cfg

Working with Ian Anderson and Steve McMahon was great. We were able to take and re-factor the existing work done to make user data schema editable through the web, and allow it to be updated via Generic Setup with package installation. But there is still some work to be done: 

Before signing off, I’d like to take a moment to thank Fulvio for bearing the brunt of organizing and managing the sprint. Sally also deserves a round of applause for taking charge of the dining logistics and to those that provided their expertise in the kitchen (Sally, Ross, Spanky, Liz, Fulvio, Cris, and Franco) to sustain the sprinters. Just ask any of the sprinters about Franco’s Tuco sauce, Sally’s oyster pasta, Spanky’s salsa and guacamole, or Ross’ fabled Aviation.  There really needs to be a Sprinter’s Cookbook for future endeavors.

When writing a web application or REST backend I occasionally run into a common problem: sometimes I need to do things that will take a while: sending a push notification to mobile apps, generating emails or doing an expensive calculation. Doing this immediately would result in very long response times, which is not acceptable. That means I need a way to offload those to something

Read entire article.