Rails and PHP scripts

rubyonrails-talk
1

Hi,

I’m quite new with Ruby On Rails. I have working Rails 3 environment with Apache / Passenger and Devise authentication. Everything is working fine but I have one question. I have some GIS (maps) webservices and those services are implemented with PHP -mapscript. I have to use PHP in those GIS services because there isn’t such GIS features in Ruby.

Is it possible to control access to those PHP services with Rails and Devise. The question is how can I route requests to PHP scripts via Rails, control access to PHP scripts with Devise and prevent direct access to those PHP scripts.

Thanks in advance

AL

2

Hi,

I’m quite new with Ruby On Rails. I have working Rails 3 environment with Apache / Passenger and Devise authentication. Everything is working fine but I have one question. I have some GIS (maps) webservices and those services are implemented with PHP -mapscript. I have to use PHP in those GIS services because there isn’t such GIS features in Ruby.

I don’t know a ton about MapServer but it claims to have ruby support: An Introduction to MapServer — MapServer 8.0.1 documentation

I did notice, however, that their MapScript documentation only has language-specific sections for PHP and Python. That said, it looks like some people have used the ruby bindings for mapscript (at least on Mac): http://osgeo-org.1803224.n2.nabble.com/Ruby-Mapscript-on-Windows-td2243552.html

Also, it would appear development on the mapscript ruby bindings is at least being maintained: #3749 (Ruby MapScript Exceptions) – MapServer (bug closed 6 weeks ago).

Anyhow, that said, the lack of documentation (other than this language-neutral mapscript reference: SWIG MapScript API Reference — MapServer 7.6.4 documentation) does make it look like it might be dicey/glitchy to figure it out, but it might be worth experimenting with if it means you can have a more homogeneous environment.

Is it possible to control access to those PHP services with Rails and Devise. The question is how can I route requests to PHP scripts via Rails, control access to PHP scripts with Devise and prevent direct access to those PHP scripts.

Now, is your PHP MapScript code a web application designed to be used directly by end-users? Or does it implement an actual “web service” Web service - Wikipedia designed to provide an API for other software to use?

If it is the former and you want to integrate your rails/devise-based authentication/authorization, then this is messy as you’d have to either:

  1. Proxy all “php requests” through a rails or (preferably) a rack app (devise uses the rack-based warden gem for authentication; you could work on top of that). This is a bad idea IMO
  2. Implement your warden/devise-compatible auth layer in PHP (this is more doable; I’ve had to integrate the sessions/auth layers of PHP apps with rails apps before).

If, however, it is the latter case (PHP implements a web service) then:

  1. If you keep access to the web service locked down (private access only) you can implement a web service client in ruby and use this in your front-end rails application (that already uses devise for auth).
  2. Or, if the PHP web service is publicly available and you need it locked down (in a manner compatible w/your existing rails auth system) then you’re back to the first two options already mentioned above.

Well, I don’t know if any of this was helpful or not or what your exact situation is. Others might care to contribute more/better ideas?

Either way, hope you find a solution.

3

Hi,

and thanks for the information.

I have searched information about Ruby mapscript but I found only few articles so I'm not sure about maintenance and support of Ruby mapscript. PHP mapscripts are widely used and there is lot of documentation available, I'd prefer Ruby but I have to stay in PHP for now because of those reasons ;(

My PHP scripts implements WMS GetMap api (Wikipedia, the free encyclopedia Web_Map_Service), so it is a Web Service. GetMap request (http GET) includes some location, size and format parameters and returns map image. Map image is used by OpenLayers library in browser (http:// openlayers.org/).

I think alternative 3. sounds suitable for my case. I have to implement GetMap api to Rails application, after authentication Ruby script sends request to PHP service. PHP service returns map image to Ruby script and Ruby / Rails returns it to browser, did I understand the point correctly?

BR,

AL

4

Hi,

and thanks for the information.

I have searched information about Ruby mapscript but I found only few

articles so I’m not sure about maintenance and support of Ruby

mapscript. PHP mapscripts are widely used and there is lot of

documentation available, I’d prefer Ruby but I have to stay in PHP for

now because of those reasons ;(

Totally understandable.

My PHP scripts implements WMS GetMap api (http://en.wikipedia.org/wiki/

Web_Map_Service), so it is a Web Service. GetMap request (http GET)

includes some location, size and format parameters and returns map

image. Map image is used by OpenLayers library in browser (http://

openlayers.org/).

I think alternative 3. sounds suitable for my case. I have to

implement GetMap api to Rails application, after authentication Ruby

script sends request to PHP service. PHP service returns map image to

Ruby script and Ruby / Rails returns it to browser, did I understand

the point correctly?

Yeah, this is a pretty normal setup. For instance, I have a rails app. that allows our employees to “ship” packages via Fedex. Fedex provides a web service that clients can use to get rates and create/schedule shipments (including allocating tracking numbers, generating labels, etc.). So, my rails app simply includes client code (a folder w/several code/class files in my rails’ “lib” directory and some models in “app/models”) for talking to and saving fedex shipment web service “objects”.

Then my controller has simple code in various actions to create or otherwise modify or operate on my “fedex shipments” (FedexShipment model class for example) which, in some instances just works against my local database and in others calls library code to make actual web service calls.

I used the savon gem to help implement my SOAP client but there are other gems that may work better for all I know.

Anyhow, this setup make it so all auth(entication/orization) is done normally in the rails app. which app. also happens to be a SOAP/web-services client.

Have fun!