Bruce Perens develops model security for Active Record

Bruce Perens is working on model security for Active Record sponsored by Sourcelabs:

I’ve developed ModelSecurity, a new Ruby on Rails facility that helps
developers implement a security defense in depth by implementing
access control within the data model.

If you are like most developers, you think about security when you
program controllers and views. But a bug in your controller or view can
compromise the security of your application, unless your data model has
also been secured.

The economical, flexible, and extremely readable means of specifying
access controls provided by ModelSecurity makes it easier for the
developer to think about security, and makes security assumptions that
might otherwise live in one developers head concrete and communicable
to others.

Please check it out and give Bruce a hand with testing.

Major healthcare application switches from J2EE to Rails

Rick Bradley shares a great case study on how his team replaced a partial J2EE solution that wasn’t moving the team forward fast enough with Rails. Result? A 20:1 reduction in the amount of code needed to solve the problem.

And this is not Yet Another Blog, or even those luxury todo lists we do at 37signals, but a healthcare application that has to play in the regulated world of HIPAA, Sarbanes-Oxley, drug trial requirements, and all that other heavy-duty joy.

Rails takes another step deeper into The Enterprise.

Even more Rails training from Relevance

In case the public, scheduled training programs doesn’t fit your organization, consider Relevance for on-site appointments instead. Justin Gethland and team offers a wide range of packages. Including a 2-day Advanced Rails program.

Any other training offers out there we’ve missed?

Typo theme contest: Win cool stuff!

Geoffrey Grosenbach has put together a Typo theme contest to get a whole bunch of cool new blog designs generated for the premiere Rails blogging engine. You can win the Rails book, a 4GB iPod nano, licensees to TextMate, and lots of other cool stuff. Make Typo pretty!

Rake 0.6.2 fixes incompatibilities

Jim Weirich has released Rake 0.6.2, which fixes the incompatibilities that earlier 0.6.x releases had with Rails. Just fire up gems and do “gem install rake” to get the latest.

Learn Ruby on Rails from the Pragmatics

Dave Thomas and Mike Clark has just announced the Pragmatic Studio and their intentions to run a Rails Studio as their first workshop.

It’ll be two days of action-packed Ruby on Rails training that’ll touch on all parts of the framework. If you’re skeptic about the studio only being two days and whether that’ll leave to any usable software, they reply:

Can you really learn how to build web applications with Rails in two days? Absolutely! Now, if we were trying to teach you how to build web applications using Spring, Hibernate, and a mishmash of other J2EE technologies, you’d be away from the office for at least a week. Instead, by the end of the week you could have your Rails application up and running!

You should hurry, though. Signup is happening rapidly for the first date on November 18-19 in Reston, VA. The price ranges from $1,000 (single person including 1-day Ruby tutorial) to $650 (part of 5+ team, just Rails).