Hello to all developers and IRIS users.
I am submitting to the competition a project for an alternative IRIS management portal that I have long wanted to create. The project was implemented on the Django framework and the intersystems_irispython-3.2.0-py3-none-any.whl library using native IRIS. The Django project is integrated with the telegram messenger and can be launched from a docker container or directly.
To run it, you need to create a .env file in the project root for which you can use the .env_example example.
This project is implemented as a tool for viewing temperature data taken from a temperature sensor installed in Rasperry PI and located in a remote place where there is Internet, for example, in dacha.
The module for regular reading and sending information is implemented in python and is built in the same project.. If the temperature in the country house becomes lower or higher than the threshold values, then a notification will be sent to the telegram channel. It is very convenient if you come to the country house only at the end of the week.
Introduction
There are many entities in IRIS which are extremely difficult to transfer to another system.They usually contain important system-stored objects: users, roles, privileges, mappings, and applications. The exception to this list is for resources, which are facilitated by the ability to select and save them from the management portal interface [System > Security Management > Resources]. Yet, things are not as good with other system objects. I even got an idea for this topic
I have been developing this project for many years. He helps me a lot in my daily work as a DBA and full stack developer. This project has grown into a platform on which many of my other projects are based. You can read more about the project in the article. And I proposed this project for the contest, maybe it will be useful to you.
I think each of us has on the computer directories with photo files of relatives and friends, music albums of favorite bands and singers, as well as e-book libraries. I also have them, and I came up with the idea to implement a convenient interface for these files. You can read more about the project in the article. And I proposed this project for the contest, maybe it will be useful to you.
I will devote the third article to a story about the additional features of the project.
znamespace
Very often you need to find out if there is a specific package in the current instance, for example, so as not to duplicate.
To do this, I implemented a modification of the namespace command of the package manager, on the option tab, you need to press the FIND button.
You can filter by package name. You can filter by package name. As a result, we get a list in which namespaces, which versions of packages are.
package
In a previous article, I talked about the implemented package manager commands (generate, list, load).
In this article I want to talk about other commands.
repository
On the Option tab, you can see which current case is set and switch
search
To see the list of packages in the current register, click on the search button.
install
To install a package in the current namespace, you need to check the selected package and click the install button.
Before this project, I built zpm packages almost by hand. I edited the module.xml file, inserted resources into it and copied the resources to disk, then checked the correctness of the assembly. I was tired of it and I decided to make this work easier for myself.
I present to the contest zpm-generate-ui resource manager, which represents the ui for selecting packages, classes, globals and web applications for creating zpm… modules, for subsequent export to the current registry or repository for deployment in the same or another instance.
Hello everyone. I present this project to the contest. The export module is essential in many of my projects and is often used in all my product servers.
I have implemented various scenarios in the invoke attribute initialization module, both maximalistic with many additional projects to demonstrate in GCR , and minimalistic to install natively in production instance
zpm "install appmsw-sql2xlsx -Dzpm.demo=none"
To demonstrate the possibilities, I used the fileserver and csvgen projects.
It is becoming more and more common to see beautiful badges in the README.MD file with useful information about the current project in the repositories of GitHub, GitLab and others. For instance:
The project is being developed The quality of the code, which also provides its own badge, which immediately shows the status of code validation of the project. If you insert a line into the README.MD file
For the demonstration, a exchange-rate-cbrf-ui project was made and deployed an online demonstration in the cloud.
For authorization, you can use the account superuser with password SYS
For this project, I used the AdminLTE template, which I have already used in my projects more than once, for example info-chest or access-matrix.
On the main page, you can get a table of exchange rates...
... or download data from the official website of the Central Bank of the Russian Federation.
Two more pages have been created for demonstration purposes.
A full cycle project, from initial data initialization, daily update products from the official website, a service for sending a course on request and receiving a schedule for any period.
Looking at my old articles recently. I saw an undeservedly forgotten program that can significantly increase the security of your system by not allowing the user to use old passwords when changing.
To meet the requirements of section 8.2.5 PCI DSS "Prohibit the use of old passwords", a small application has been implemented that will be launched by the system when a user tries to change a password and check if it was used before.
You can install the program from the terminal and from the management portal interface
Open IRIS terminal:
I recently published the "appmsw-docbook" module for deploying the solution not by individual programs, but by the entire database. This solution allows you to deploy a project without source codes.
Having received feedback, I decided to improve it significantly. Replaced zip archive with tgz, which will allow not using external system-dependent archivers.
Developing the project zpm "install isc-apptools-lockdown" implemented the ability to set the security level not only to lockdown, but also to minimum and normal.
Increasing security settings
You can replace the shared password if the password of the predefined system users has been compromised
USER>do ##class(appmsw.security.lockdown).ChangePassword("NewPass231",##class(appmsw.security.lockdown).GetPreparedUsers())
Apply Security settings to "LockDown"
USER>do ##class(appmsw.security.lockdown).SetSecurityLevel("lockdown","NewPassword123")
or equivalent
Continuing the description of work on the use of the openhl python module in productive mode.
Since the version of iris with Embedded Python, does not yet have a final release, it is already necessary to use it in production now. We decided to back up the service for exporting requests to a xlsx file on a separate server, and save the query result in a global in a separate database.
This database was made networked, local for the service server and remote for the product server. The communication between the prod server and the service was implemented using a rest service.
For a long time, we have been using a utility in production to export the result of a query to an Excel spreadsheet. Moreover, we have applied a modification of it, in which the explicit setting of column formats is a priority.
This utility used the module %SYS.ZENReportExcelExporter and is based on a java program. Every year the report grew and there was not enough java RAM, so we had to increase the value of the environment variable. The value has reached 7gb and now it has become a problem.
Hello developers! I present to you the project of editors in terminal mode. The full-screen editor of routines, arrays and text files in terminal mode can be useful to you when debugging your project in docker or when your web interface is unavailable or limited for some reason. Although this project is self-sufficient, I decided to make it as an addition to the ‘zapm’ module for the convenience of calling editor commands.
If your instance does not have a ZPM, then you can install the zapm-editor module in one line:
When you have more than ten thousand users in your database, it becomes time-consuming and inconvenient to assign group access rights through the standard IRIS interface. In this artilce I want to introduce you an application to automate this process.
I’ll show you how to assign and change the role lists for the users, selecting them by context, and I will also show you how to expand this application’s functionality. you know how to apply your work as an administrator and developer to the new features of the well-proven apptools software complex. With the addition of an adminLTE template, you can now quickly and easily create interface interactions for any entity and many functional modules. The goal while developing this toolkit is to write as little JavaScript as possible as well as transfer and implement all the dynamics as much as possible in the ObjectScript.
Hello, authors of projects published in ZPM.
We ask you to add a module.xml to the file. attribute Description and republish your projects.
To update the description of your module in the public register ZPM, update the release in Open Exchange please. https://openexchange.intersystems.com/markdown?url=assets%2Fdoc%2Freleases.md Thanks.
Good day, developers!
The "apptools-admin" project is not only a set of tools for the administrator, but a platform for the rapid creation of a prototype of any solution. For example, Photo Album, Music Player, and Personal Library all come together in a user-friendly treasure chest design.
Load http:// your-host:your-port/apptoolsrest/a/infochest
Change the path to your treasure files and start viewing, listening or reading from any convenient device: desktop, tablet or smartphone.
The example will be located at ${CSPdir}/apptools/files
Hi developers. I often miss the ZPM program on a clean system. Nothing complicated? Take and install. And in one line? Especially in a docker container. There is a solution. I'm very happy with it;) Maybe the line can be shortened?
Hello, developers!
I would like to share the history of the project - the ZAPM shell.
As soon as ZPM was implemented, I immediately began to think about how best to use it.
And immediately faced with the desire to move more quickly between namespaces, especially when there are more than 20 of them. I had to leave the ZPM, move to the desired namespace and re-enter the shell. I suggested an improvement - a new "namespace" command for easier navigation. I didn’t wait - I did it myself. And so it went. If you need it, get ready to do it yourself.
Hello developers!
I submitted for the contest a solution that would allow organizing message notifications and providing information to users of the messenger Telegam. This is achieved by creating two bots: an administrator and an informant. The administrator manages the list of users connected to the bot informator and their access rights.
The Solution based on project https://github.com/intersystems-community/TelegramAlerts
In this article, we'll talk about an application that I use every day when monitoring applications and integration solutions on the InterSystems IRIS platform and finding errors when they occur.
Hello developers!
Share the best practices: 1) saving frequently used code sections, 2) quickly finding it, and 3) quickly including it into the current program? There was a thought for 1,2 to use DC(this resource), but the search is not always convenient not only for me
The idea on the surface is to use the git repos wiki. Are there any other best practices?
There is a project github awesome.
Maybe we should include the awesome-objectscript sections in it?
And in the future for vscode to develop a plugin for awesome-objectscript ?
When you first start working with InterSystems IRIS, it’s a common practice to install a system with only a minimum level of security. You have to enter passwords fewer times and this makes it easier to work with development services and web applications when you're first getting acquainted. And, sometimes, minimal security is more convenient for deploying a developed project or solution.
And yet there comes a moment when you need to move your project out of development, into an Internet environment that’s very likely hostile, and it needs to be tested with the maximum security settings (that is, completely locked down) before being deployed to production. And that’s what we’ll discuss in this article.
For more complete coverage of DBMS security issues in InterSystems Caché, Ensemble, and IRIS, you may want to read my other article, Recommendations on installing the InterSystems Caché DBMS for a production environment.
The security system in InterSystems IRIS is based on the concept of applying different security settings for different categories: users, roles, services, resources, privileges, and applications.
This article was written as an attempt to share the experience of installing the InterSystems Caché DBMS for production environment. We all know that the development configuration of a DBMS is very different from real-life conditions. As a rule, development is carried out in “hothouse conditions” with a bare minimum of security measures, but when we publish our project online, we must ensure its reliable and uninterrupted operation in a very aggressive environment.
##The process of installing the InterSystems Caché DBMS with maximum security settings
OS security settings