One fun thing about writing is I mostly want to do it while traveling and “away” from my desk and day to day. But I hate typing on any keyboard that’s not the one at my desk.

margin-trim looks nice. Beautiful typography in CSS still feels like a mystical art to me, where the controls keep getting more and more complex and layered. I guess it’s necessary, maybe.

It turns out, one of the best burgers in Baltimore can be found at Camden Yards.

The AVAM in Baltimore is such a weird, precious treasure.

My current experience is that all of the music services work great and are a boon to those of us who are listeners. All of the music apps are garbage.

I have spent a fair amount of time “on the side” thinking about authorization rules over the last year. At work, things have gotten sufficiently complex that we are really straining our existing system. At least some of that comes from our choices, a lot of that comes from the domain complexity we have, and some of that comes from Phoenix only having an opinion in the current 1.8 release RC about “how this should be done” leaving us to make our own bad choices.

I’ve largely been insisting on maintaining an RBAC-driven or RBAC-like system. One thing I’ve learned in past versions of our applications is school districts want very fine-grained controls, almost on the level of individuals, and then quickly find out that maintaining permissions for individuals is just an untenable nightmare. But one thing that a school district does and can consistently know is what someone’s job title/role is.

What we’ve come up with are users have roles in an organization ¹. A user can have only one role in an organization, but they can have many of these… role-organization combinations. For example, I can be the principal supervisor of ABC Elementary and XYZ Elementary (two role-orgs) and the department head of Elementary Schools (a third role-org). Intuitively, I think this makes sense and is fairly easy to maintain.

But I have really struggled with language around this stuff. What are these role-organization combinations? Is organization or budget or any of these domain-ish terms correct, or is there a better technical term? Scopes come up often, but we extensively used that term elsewhere– now Phoenix supports scopes directly, so oops– and I found the term scope as having specific, inconsistent, and different definitions in different contexts. One doesn’t really have a role in a scope, but rather, has certain scopes by having a role.

Anyway, all this is preamble to say that while I haven’t read it yet, I’m glad that Tom MacWright linked to Zanzibar, something I completely missed when it came out in 2019. Like Tom, the distributed nature of Zanzibar is not of particular interest, but I’m hopeful that the features and concepts introduced will provide me with better language when talking about authorization going forward.

If it wasn’t so fucking sad and dangerous it could be almost funny how a Yale Law grad is pretending to not have a Schoolhouse Rock level of understanding of how the government works as a sign of fealty to a man as loathsome as Donald Trump.

It’s amazing how they describe the worst periods of the Soviet and Chinese economy, when knowledge work was destroyed and replaced with terrible factory jobs, and say “this is what we should do!”

Morons.