8 posts tagged with "opensource"

One of the toughest parts of building an MVP isn't coming up with the idea, it's getting something functional out the door without drowning in boilerplate code. Every hour spent writing controllers, setting up authentication, and plugging in authorization logic is an hour not spent validating the actual product. Rhino exists to cut that overhead. It's an abstraction layer on top of Ruby on Rails designed specifically to help you move fast, handle the boring parts, and still leave room for custom logic when you need it.

Rhino provides robust core authorization and authentication through its policy system. While the default CrudPolicy and role-based policies (AdminPolicy, EditorPolicy, ViewerPolicy) handle most scenarios, some applications require fine-grained, permission-based authorization where individual actions are explicitly granted or denied based on a permissions table.

This guide will explore how to extend Rhino's authorization system with custom permissions while leveraging the existing policy architecture.

The Rhino Notifications module (rhino_project_notifications) is a Rails engine that wraps and extends the activity_notification gem (v2.3.3) to provide a complete notification system for Rhino-based applications. It provides both backend (Rails API) and frontend (React) components for managing user notifications.

This guide will first explain the base activity_notification gem capabilities, then detail what Rhino adds on top, and finally walk through setup and usage.

DevContainers (Development Containers) are a standardized way to define and manage development environments using Docker containers. They encapsulate an entire development toolchain into a single, self-contained unit, providing a consistent, reproducible, and isolated environment that works seamlessly across different machines and operating systems.

In the context of the Rhino project, devcontainers are crucial for eliminating the classic "it works on my machine" problem. By ensuring that all developers, whether working on macOS, Windows, or Linux use an identical set of tools, dependencies, and configurations, we streamline collaboration and reduce environment-related bugs.

In modern web applications, offloading time-consuming tasks to background jobs is essential for maintaining responsiveness and a smooth user experience. The Rhino framework, a powerful Rails + React solution, provides a robust, built-in system for handling these asynchronous operations. This article delves into Rhino's job queue architecture.

The Rhino project, a Rails and React framework, utilizes a CI/CD pipeline built on Docker and Heroku. This setup creates distinct, optimized environments for development and production, governed by key configuration files. This article provides a technical overview of this configuration.

In the first part of this series, we introduced Rhino's Model-Driven Development (MDD) approach and explored how its dynamic routing system generates API endpoints directly from your models. This architecture allows for rapid development, but it requires an equally robust system to secure those endpoints. This post will dissect that next layer, breaking down how Rhino handles authentication (verifying a user's identity) and authorization (determining what that user can do).

At the core of Rhino's security model are established and trusted Ruby gems: devise_token_auth for token-based authentication and pundit for fine-grained authorization. When the optional rhino_organizations module is installed for multi-tenancy, the rolify gem is introduced to enable sophisticated role-based access control (RBAC). We will explore how these components are seamlessly integrated within Rhino's default CrudController and CrudPolicy to provide a secure-by-default foundation for all your API resources, allowing you to build with confidence from the start.

Welcome to our engineering blog series on Rhino, a framework that truly embodies the principles of Model-Driven Development (MDD). As a vibe-coding friendly framework, Rhino is perfect for developers who want to focus on their application's core logic and bring ideas to life with minimal friction. In this series, we'll explore how its architecture accelerates development by providing a robust set of tools and conventions out of the box. This first post will provide a high-level overview of the framework's structure, walk through a practical example, and then dive into the core mechanisms that make it such an intuitive platform.