Mid July 2018

Client work

This past couple of weeks I have been carrying on work for the medical helpline web based software module.

The system now has “Advanced Case Search” and “Merge Cases” functionality.

The “Advanced Case Search” allows a user to search existing cases in detail.

The “Merge Cases” functionality allows the user to merge together two existing cases, picking and choosing the information the user wants from each case to create a new case from the existing cases.

I have been really going to town on this module in terms of the subtle but nice features that make the software easy to use.

One of these features is the “search before create” functionality.

Originally a user would access the case screen which lists all the cases and click “Create” to create a new case.

However as this part of the system will need to be used by support staff who are answering support calls more functionality for this part of the system was needed.

Now when a support user clicks “Create” to create a new case, the user is given a text field to enter the callers name.

After this the existing cases the caller is already potentially a part of is displayed to the support user from which the support user can then use to select an existing case or create a new case.

If the support user creates a new case at this point the support user is then presented with the case create form with the callers name fields already filled in.

If the support user updates a case at this point the support user is then presented with the case update form with the callers existing details already filled in.

This is an improvement from the original separate create case / search case areas that where the support users only option originally.

Now the system has a “case search and create” all built into the same area to make the process quicker for the support user.

Another feature I have enhanced is the “case note” creation form.

On the case note creation form there is a section where the support user can fill out the duration, call received time and call returned time …

medical-duration

I used the Kartik TimePicker plugin for the time-picker input fields …

https://github.com/kartik-v/yii2-widget-timepicker

Originally I thought I could get rid of the duration field as that can be calculated automatically based on the call received time and call returned time.

However the client wants the flexibility of having the duration field there as well so they have option of typing in a duration in minutes or setting the call received time and call returned time.

I built a solution for this that would allow the client to have both.

When the duration is altered it modifies the call returned time in relation to the duration.

When the call received time or call returned time is altered it modifies the duration to match the minutes between the call received time and call returned time.

As well as the above areas I have implemented case lock functionality which allows a user to take ownership of a case which means no other user can edit that case until the owner user clicks save.

Bolsover castle

One of my new goals has been to get out and about more. There is nothing worse than being stuck in week after week so I have started to put some effort into making sure I go out and do something at the weekend.

Recently I have visited Bolsover Castle. Bolsover Castle is a 17th century castle built on the site of a 12th century medieval castle.

Bolsover is not a military style castle but is more of the stately home built in a similar form to a castle.

Some photos from my day out at Bolsover Castle can be seen below …

New car

My Dad bought a new car which gave me the opportunity to purchase his old car of him …

new-car

The car is a Renault Clio Mark 4 with alloy wheels, sat nav, cruise control, IPod music player and a diesel engine.

This is the first car I have had which actually seems like a proper car. All the other cars I had before this seemed old because they where old.

My last car had a tape player and no air conditioning which is strange because the car I had before that had a CD player and air conditioning even though it was an older car.

Feels good to have the air conditioning on in this weather as well as the music playing. This car has a much more stylish interior than any other car I have had to date as well.

Losing weight

I have bought up the weight loss a couple of times in the past but this time I am really going for it.

I have modified my diet and I am have made an effort to do more exercise and stick to it. I have lost just over one and half stone so far.

So that concludes what I have been up to the last couple of weeks.

July 2018

Client work

I have recently been working on a new module for a medical web software system.

The new module serves the purpose of collecting information for a medical support helpline.

Essentially people can ring the medical helpline and the support staff at the other end of the phone can use the system to enter various details.

Details about the caller, medical patient, details about the illness and about the call can all be stored within the system.

So far I have been implementing a massive form which has loads of input fields as well as a case notes section.

The module has been built on the Yii 2 framework which is what the rest of the system is built in.

The Yii 2 framework is a framework built using the PHP programming language.

The form has an associated grid which lists all the current cases or records. The grid is searchable and sortable.

The database for the module was created using the Yii 2 migrations and SQL.

Migrations are a library within the framework which allow you to write code to generate the database.

Migrations can be rolled forwards and backwards so allow a way of versioning the database.

The case notes section includes an Ajax form along with a good looking styled list view.

At its most basic Ajax is a way of communicating with the server from the browser in the background using Javascript.

Which means from a user standpoint the page does not need to reload when adding new case notes.

PHPStorm IDE

For this project I have actually been using a new program called PHPStorm …

https://www.jetbrains.com/phpstorm

I needed to use this as part of the project as PHPStorm was part of the clients requirements as the client also uses PHPStorm.

PHPStorm has a lot more features than the text editor program I was using before because PHPStorm is an IDE and not a text editor.

IDE mean Integrated Development Environment.

PHPStorm takes some getting use to as one would expect but by the looks of things PHPStorm will be worth it the more I learn about it.

I like the way PHPStorm provides information about areas of the code such as class / function definitions.

I also like the way PHPStorm provides the class structure of the project.

There is a lot more to PHPStorm than this though.

The text editor I was using before was called TextMate …

https://macromates.com

I really like TextMate and I will most likely still use TextMate for some of my personal projects.

Although TextMate has a lot less features the feel of it is more slicker and less clunky than PHPStorm.

Also as one would expect due to its smaller feature set.

Toolkit new report feature

I have added a new report to my custom built business management system named Toolkit.

I built the system a while ago to collect information on various areas of my business.

I have added a new report to the system which shows me how many hours I have spent on a particular project and the cost of the project so far.

The cost is calculated by multiplying the number of hours by the project rate or rates.

I already had many reports in this Toolkit system but this has been needed for a while now.

It makes it easier when I can just click on a project and see how many hours I have spent on the project and how much money the project has been billed for so far.

So that concludes the work I have been doing recently.

Yii / Yii2 checking controller params at the access control level

One of the areas I notice in a lot of Yii / Yii 2 web applications is the checking of parameter variables in what I consider the wrong areas.

Here is an example of one of my controller methods for saving a Book …

So what stands out about this method? No load Model method? No checking to see whether the Book has a valid ID? How will we know whether the Book has a valid ID, how will we know whether the Book is suppose to be accessed by the particular user that is logged into the system?

The answer is, the access rules and bizrules of the web software application. All controller methods should be assigned to an access rule. If the controller method contains parameters then the controller method should be assigned to an access rule as well as a bizrule.

For smaller / less complex applications you can actually emulate the bizrule by using “matchCallback” which is spoken about in this article I wrote previously …

http://www.jamesbarnsley.com/site/2017/06/13/yii-2-user-permission-using-matchcallback/

You can also read my previous article on what I think of the Yii / Yii2 load Model method …

http://www.jamesbarnsley.com/site/2015/04/22/yii-loadmodel-method/

All controller parameters should be checked and validated in the bizrule, by the time the parameter reaches the controller method there should no need to have any checking in the controller method at all for the controller parameters.

If the Book does not exist or the Book is not accessible by the current logged in user then that will be handled before any controller method code gets executed in the first place.

There is no reason to have this level of checking in the controller method itself. Doing it the way I have described also keeps the controller more clean as extra code is not needed to check the controller parameters.

Yii 2 User Permission using matchCallback

As a web software developer I sometimes need to implement some kind of user permissions in the web applications that I build. The Yii 2 framework which I currently use has a built in system for doing just this however for applications that need a more lightweight user permission system the Yii 2 framework has introduced a method which was not available in the Yii 1 framework that can be used to easily build lightweight user permissions and that method is “matchCallback”.

Both Yii 1 and Yii 2 have a user permissions system named RBAC. In Yii 1 RBAC is implemented by writing code to define the user permissions, this code then populates the database tables with the user permissions. The user permissions are then applied to controller methods via more code known as access rules.

User permissions can also have what is known as a “bizRule”, a “bizRule” is an additional piece of code executed with the user permission that needs to evaluate to true in order for the user permission to be true. This can be used to implement checks to see if the record being displayed on the page is owned by the user trying to access the page as well as various other checks. The “bizRule” code is stored in the database along with the user permission.

One of the differences between the Yii 2 implementation of RBAC and the Yii 1 version is that the Yii 2 “bizRule” code is stored in code files and not the database. This makes more sense to me as the “bizRule” code is kept alongside the other code in the frameworks, models, controllers, views etc.

Infact it makes so much sense that during the later stages of using the Yii 1 framework I actually just stored class / function references in the “bizRule” code and wrote my real “bizRule” alongside the rest of framework code. Essentially implementing my own version of what Yii 2 covers as standard.

As mentioned above Yii 2 now implements a method called “matchCallback”. This means for web applications requiring simple user permissions RBAC is not needed as the “matchCallback” can be used to define the “bizRule” directly in the access rules …

So as shown above for web applications only requiring simple user permissions, the access rules are all that are needed.