Scribd Logo
Upload

Welcome to Scribd!

  • 3K views

    Web2py: Ideas We Stole - Ideas We Had

    Uploaded by

    Massimo Di Pierro
    This document provides an overview of the web2py web application framework. Some key points: - web2py allows for one instance to run multiple applications (hot plug and play). It includes a web-based integrated development environment. - Main features include built-in security, logging, internationalization, and more. It can run on all platforms and requires no installation beyond downloading and unzipping. - Applications are made up of models, controllers, views and other components. The architecture includes core libraries and user-defined applications. - web2py emphasizes simplicity and ease of use through its integrated development environment and architecture.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd

    Web2py: Ideas We Stole - Ideas We Had

    Uploaded by

    Massimo Di Pierro
    3K views47 pages
    This document provides an overview of the web2py web application framework. Some key points: - web2py allows for one instance to run multiple applications (hot plug and play). It includes a web-based integrated development environment. - Main features include built-in security, logging, internationalization, and more. It can run on all platforms and requires no installation beyond downloading and unzipping. - Applications are made up of models, controllers, views and other components. The architecture includes core libraries and user-defined applications. - web2py emphasizes simplicity and ease of use through its integrated development environment and architecture.

    Original Description:

    This is a talk given at the San Francisco Python Meetup in July 2011

    Original Title

    web2py talk

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides an overview of the web2py web application framework. Some key points: - web2py allows for one instance to run multiple applications (hot plug and play). It includes a web-based integrated development environment. - Main features include built-in security, logging, internationalization, and more. It can run on all platforms and requires no installation beyond downloading and unzipping. - Applications are made up of models, controllers, views and other components. The architecture includes core libraries and user-defined applications. - web2py emphasizes simplicity and ease of use through its integrated development environment and architecture.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    3K views47 pages

    Web2py: Ideas We Stole - Ideas We Had

    Uploaded by

    Massimo Di Pierro
    This document provides an overview of the web2py web application framework. Some key points: - web2py allows for one instance to run multiple applications (hot plug and play). It includes a web-based integrated development environment. - Main features include built-in security, logging, internationalization, and more. It can run on all platforms and requires no installation beyond downloading and unzipping. - Applications are made up of models, controllers, views and other components. The architecture includes core libraries and user-defined applications. - web2py emphasizes simplicity and ease of use through its integrated development environment and architecture.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 47

    web2py

    ideas we stole - ideas we had


    "Thanks Django, Rails, TG, Flask, Cherripy, Mako, web.py, ...."

    by Massimo Di Pierro @ DePaul University

    Thursday, July 14, 2011

    web2py

    Thursday, July 14, 2011

    Main features
    One Instance - Many Applications (hot plug and play)

    Web based Integrated Development Environment Web based Database administration (for each app) Each application can connect to multiple Databases Writes SQL for you Strong on Security (no SQL Injections, XSS, CSRF, ..., audited) Built-in ticketing system (logs all errors) Runs everywhere (it is written in Python) Requires NO Installation (just download and unzip) Has no coniguration files and no third party dependencies Can run off a USB drive Always backward compatible (since 2007 and on...) 50+ of developers already involved
    Thursday, July 14, 2011

    Admin

    wizard

    new app

    download app edit app


    Thursday, July 14, 2011

    upload app

    Included APIs
    generation and parsing: HTML / XML / RSS / JSON web services: JSON / JSON-RPC / XML / XML-RPC / AMF document generation WIKI, CSV, RTF, LATEX, PDF 10 different SQL dialects and Google App Engine Role based access control with login plugins local, OpenID, OAuth
    1 and 2, Janrain, LDAP Consumer + Provider Central Authentication Service

    sending SMS, accepting Credit Card payments internationalization, cron jobs, multi-tenancy, ...

    Thursday, July 14, 2011

    web2py Architecture
    User Applications

    welcome

    examples

    admin

    Core Libraries HTTP request, HTTP response, session, cookies, internationalization, cache, authentication, authorization, web forms, template language, helpers, database APIs, web services APIs, etc. rocket (ssl enabled web server) API for third party servers (Apache,...)

    python interpreter

    Thursday, July 14, 2011

    web2py modules

    web server (one le)

    Thursday, July 14, 2011

    web2py modules

    main wsgi app (one le)

    Thursday, July 14, 2011

    web2py modules

    DAL / ORM (one le)

    Thursday, July 14, 2011

    web2py modules

    template (one le)

    Thursday, July 14, 2011

    web2py modules

    helpers (one le)

    Thursday, July 14, 2011

    web2py Architecture
    User Applications

    welcome

    examples

    admin

    user dened

    ...

    Core Libraries HTTP request, HTTP response, session, cookies, internationalization, Scaffolding cache, authentication, authorization, web forms, template language, helpers, Application database APIs, web services APIs, etc. rocket (ssl enabled web server) API for third party servers (Apache?)

    python interpreter

    Thursday, July 14, 2011

    web2py Architecture
    User Applications

    welcome

    examples

    admin

    user dened

    ...

    uploaded

    Core Libraries HTTP request, HTTP response, session, cookies, internationalization, be Applications can cache, authentication, authorization, web forms, template language,and installed downloaded helpers, database APIs, web services APIs, etc. remotely rocket (ssl enabled web server) API for third party servers (Apache?)

    python interpreter

    Thursday, July 14, 2011

    web2py Architecture
    User Applications

    welcome

    examples

    admin

    user dened

    ...

    uploaded

    Core Libraries HTTP request, HTTP of ofcial session, cookies, internationalization, entire clone response, cache, authentication,with running web forms, template language, helpers, web site authorization, database examples APIs, web services APIs, etc. rocket (ssl enabled web server) API for third party servers (Apache?)

    python interpreter

    Thursday, July 14, 2011

    web2py Architecture
    User Applications

    welcome

    examples

    admin

    user dened

    ...

    uploaded

    Core Libraries web based HTTP request, HTTP response, session, cookies, internationalization, Integrated cache, authentication, authorization, web forms, template language, helpers, Development database APIs, web services APIs, etc. Environment rocket (ssl enabled web server) API for third party servers (Apache?)

    python interpreter

    Thursday, July 14, 2011

    web2py Architecture
    User Applications

    Core Libraries HTTP request, HTTP response, session, cookies, internationalization, cache, authentication, authorization, web forms, template language, helpers, database APIs, web services APIs, etc. rocket (ssl enabled web server) API for third party servers (Apache?)

    python interpreter

    Thursday, July 14, 2011

    Admin - Design

    plugin_wiki (CMS)

    Thursday, July 14, 2011

    web2py applications

    No metadata Can edit files using shell or web IDE

    layouts plugin_wiki ....

    Thursday, July 14, 2011

    plugins

    Architecture of Applications
    User Applications

    user application Models Controllers Views Translations Static Files (media) Plugins Data appadmin

    Description of data representation Example: db.dene_table('friend',Field('name'))

    SQL to create and alter table is written automatically as needed.

    Field types include: string, text, integer, double, date, datetime, time, boolean, password, upload, blob, reference, list:string, list:interger, list:reference

    Thursday, July 14, 2011

    Architecture of Applications
    User Applications user application Models Controllers Views Translations Static Files (media) Plugins Data appadmin crud.create, crud.update, crud.select, crud.search, ... Role Based Access Control API Description of application logic Example: @auth.requires_login() def index(): # http://..../index form = crud.create(db.friend) friends = db(db.friend).select() return locals()

    db(query).select, db(...).update, db(...).count, db(...).delete, db.table.insert

    Thursday, July 14, 2011

    Architecture of Applications
    User Applications user application Models Controllers Views Translations Static Files (media) Plugins Data appadmin embeds and renders any object in the page full python allowed in {{...python...}} including loops and function denitions. Description of data presentation Example: {{extend 'layout.html'}} <h1>{{=T('My Friends')}}</h1> <h2>New Friend</h2> {{=form}} <h2>Current Friends</h2> {{=friends}}

    Thursday, July 14, 2011

    Architecture of Applications
    User Applications user application Models Controllers Views Translations Static Files (media) Plugins Data appadmin Translations for text in the application - "my friends" - "i miei amici" - "mis amigos" - "meus amigos" - "mes amis" - "meine freunde" - ... - "maraki zangu"

    Thursday, July 14, 2011

    Architecture of Applications
    User Applications user application Models Controllers Views Translations Static Files (media) Plugins Data appadmin Static les distributed with the application and/or uplodaded by users: images movies audio les css les js code (scaffold includes jQuery) ....

    Thursday, July 14, 2011

    Architecture of Applications
    User Applications user application Models Controllers Views Translations Static Files (media) Plugins Data appadmin Any subset of an application can be packaged and can be distributed. This is called a plugin. Often plugins dene components, i.e. functional elements that can be embedded in pages. Example: plugin_wiki adds a CMS to you app plugin_mobile makes it iphone look-alike

    Thursday, July 14, 2011

    Architecture of Applications
    User Applications user application Models Controllers Views Translations Static Files (media) Plugins Data appadmin Includes: databases (SQlite, MySQL, PostgreSQL, Oracle, MSSQL, DB2, Firebird, MyBase, Informix, Google App Engine) metadata for automatic migrations cache

    Thursday, July 14, 2011

    Architecture of Applications
    User Applications user application Models Controllers Views Translations Static Files (media) Plugins Data appadmin default web based interface to your data

    Thursday, July 14, 2011

    Complete Application ("friends")


    File: "friends/models/db_friend.py" db.dene_table('friend',Field('name')) File: "friends/controllers/main.py" @auth.requires_login() def index(): form = crud.create(db.friend) friends = db(db.friend).select() return locals() File: "friends/views/main/index.html" {{extend 'layout.html'}} <h1>{{=T('My Friends')}}</h1> <h2>New Friend</h2> {{=form}} <h2>Current Friends</h2> {{=friends}}
    web2py/ applications/ friends/ models/db_friends.py controllers/main.py views/main/index.html ... ...

    Thursday, July 14, 2011

    cd /path/to/demo wget -O web2py_src.zip http://web2py.com/examples/static/web2py_src.zip unzip -o -q web2py_src.zip cd web2py python web2py.py -a hello -p 8000 & cd applications mkdir friends cp -r welcome/* friends/ cd friends echo "db.define_table('friend',Field('name'))" > models/db_friends.py echo " @auth.requires_login() def index(): form = crud.create(db.friend) friends = db(db.friend).select() return locals() " > controllers/main.py mkdir views/main echo " {{extend 'layout.html'}} <h1>{{=T('My Friends')}}</h1> <h2>New Friend</h2> {{=form}} <h2>Current Friends</h2> {{=friends}} " > views/main/index.html

    Thursday, July 14, 2011

    Controllers
    Django (view in MTV)
    def index(request): entry_id = request.GET['entry_id'] entry = Entry.objects.get(pk=entry_id) output = entry.name return HttpResponse(output)

    web2py (controller in MVC)

    def index(): entry_id = request.get_vars.entry_id or redirect(URL('error')) entry = Entry(entry_id) output = entry.name return dict(output=output) # defaults to generic template

    Thursday, July 14, 2011

    Routing (in, out, onerror)


    Django (urls.py)
    urlpatterns = patterns('', (r'^articles/$', 'news.views.index'), (r'^articles/(\d{4})/$', 'news.views.read'), )

    web2py (routes.py) - ALWAYS OPTIONAL


    routes_in = [ (r'articles/', '/news/default/index'), (r'articles/(\d{4})', '/news/default/read/\1'), (r'articles/$year', '/news/default/read/$year'), (r'127.0.0.*:http://domain.com articles/(\d{4})','/news2/default/read/\1') ] routes_out = [...] routes_onerror = [ (r'init/400', r'/init/default/login'), (r'*/*', r'/init/static/fail.html')]

    Thursday, July 14, 2011

    Templates
    Mako (template in MTV)
    <%inherit file="base.html"/> <%def name="makerow(k)"> <tr> <td>${k}</td> <td>${k*k}</td> </tr> </%def> <% numbers = range(0,10) %> <table> % for k in numbers: ${makerow(k)} % endfor </table>

    web2py (template or view in MVC)


    {{extend "base.html}} {{ def makerow(k): }} <tr> <td>{{=k}}</td> <td>{{=k*k}}</td> </tr> {{ return }} {{ numbers = range(0,10) }} <table> {{ for k in numbers: }} {{ makerow(k) }} {{ pass }} </table>

    In web2py, no indentation requirement Django-like blocks, output always escaped


    Thursday, July 14, 2011

    App-Admin
    Django web2py

    Django "admin" designed for public access web2py "app-admin" designed for administrator access only CRUD components from appadmin can be embedded in apps web2py "app-admin" not to be confused with web2py's "admin"
    Thursday, July 14, 2011

    Models
    Django (model)
    class Entry(models.Model): name = models.CharField(max_length=255,null=False) body = models.TextField() image = models.ImageField() pub_date = models.DateTimeField() rating = models.IntegerField()

    web2py (model)
    Entry = db.define_table('entry', Field('name',length=255,notnull=True), Field('body','text'), Field('image','upload',requires=IS_IMAGE()), Field('pub_date','datetime'), Field('rating','integer')]

    Thursday, July 14, 2011

    Queries
    Django (model)
    q = Entry.objects.filter(headline__startswith="What") q = q.filter(pub_date__lte=datetime.now()) q = q.exclude(body__icontains="food") print q

    web2py (model)
    q = Entry.headline.startswith("What") q = q & (Entry.pub_date<datetime.now()) q = q & (!Entry.body.contains("food")) print db(q).select()

    Thursday, July 14, 2011

    Thread Locals
    Flask (proxies to objects that are local to a specic context)
    from flask import request with app.request_context(environ): assert request.method == 'POST'

    web2py (thread-locals)
    from gluon import current assert current.request.env.http_method == 'POST'

    In Flask "request" is a proxy to a thread local object. In web2py


    "request" is a thread local object cotained into a "current" "gluon" is the library that contains web2py.

    Thursday, July 14, 2011

    Multi-version / No-conflicts
    https://github.com/mitsuhiko/multiversion
    import multiversion multiversion.require_version('mylib', '1.0') import mylib

    web2py (each app can ship with its own version of libraries)
    # app 1 import mylib # app 2 import mylib # from applications/app1/modules/

    # from applications/app2/modules/

    Each app ships with its own modules/ folder. Not added to sys.path No conflicts One web2py instance
    Thursday, July 14, 2011

    Role based Access Control

    For any function

    @auth.requires_login() @auth.requires_membership(role='secret agent') @auth.requires_permission('kill', 'bad_people', all) def test(): return 'done'

    Thursday, July 14, 2011

    Web Services

    For any function @service.json @service.xml @service.jsonrpc @service.xmlrpc @service.soap @service.amfrpc3('domain') def add(a,b): return a+b

    Thursday, July 14, 2011

    Record Versioning

    Any method db._common_elds.append(auth.signature) crud.settings.update_onaccept(crud.archive)

    Store all previous version of each record with names of the user
    who changed and timestamp of the change

    Thursday, July 14, 2011

    Modularrity with Digintally Signed URLs


    web page component component

    component

    In page {{=LOAD('plugin','component',user_signature=True)}}

    In controller @auth.requires_signature() def component(): return 'component'

    web2py can sign all URLs (links, ajax callbacks, components) so


    the called action delegates security the caller

    Thursday, July 14, 2011

    Federated Authentication

    App "one" auth = Auth(db)

    Other apps auth = Auth(db, cas_provider = 'http://.../one/default/user/cas')

    Any application can be both a provider and a client for CAS 2.0 Other federated authentication mechanism available as clients

    Thursday, July 14, 2011

    Multi-tenancy

    Any model db._common_elds.append(Field('request_tenant',default=request.env.host_name))

    All records are filtered based on tenant ownship Tenant identified for example by domain name Tables can be shared between tenant or not http://domain1 or http://domain2 (same app, different data)
    Thursday, July 14, 2011

    GAE Deployment

    upload to GAE

    Thursday, July 14, 2011

    Web translation

    english italian

    Thursday, July 14, 2011

    Error logging

    error occurred 3 times oops: 1/0

    Thursday, July 14, 2011

    Who uses web2py?

    3000 registered users


    Thursday, July 14, 2011

    Conclusions
    web2py has been abround for since 2007 +50% was rewritten in 2010 while mantaining backward compatibility Some like it, some find it useful Give it a try!

    Thursday, July 14, 2011

    You might also like