10 tips for the young entrepreneurs

I’ve wanted to write this post ever since last january, nop, ever since august 2009; back then when myself and my colleagues at mash, Ltd. realized that we were over the startup phase, and that we’ve set our legs firmly in the software market here in Cairo, heck we even reached beyond our expectations by establishing our selves in the RoR community, not bad for a 2 year startup back then, but soon we realized that whatever hardships we faced during those two years, it was nothing in comparison to the new and critical 3rd year; a lot of lessons were learned and still many to come as the first month of our 4th year come to an end.

All this encouraged me to finally share some of the experience we gained over those 3 years, in the form of tips, some of those tips will most probably not fit elsewhere but MENA (Middle East and North Africa) given the sanctity of the traditions and culture exhibited overhere, but nevertheless most of them will fit right anywhere; they are personality related rather than culture or market related.

• Listen

  One of the first things that give a bad impression is an irresponsible remark, or an interruption.

  If you want to close that deal or resolve that conflict, whether internally with your team or externally with a client, be sure to listen very good and only speak when you’ve got all the bits and pieces of the conversation understood, and remember NEVER INTERRUPT someone while they are talking.

• Its ok to be mean sometimes

  If I had a nickel for every situation that required a mean action to be taken !!

  People are not always good, sometimes they lack common sense, sometimes they slack and sometimes they just are stubborn with their methods and systems.

  When you find yourself in a situation where your rights or agreement will be taken for granted, dont be shy, speak up and even yell, make them understand that you are not a push over and clearly state your problem in a language that is equal to your frustration but nonetheless professional.

• Always be 200% informed about what you are talking about

  Probably one of the hardest lessons I’ve had to learn, being a young partner with 3 other young entrepreneurs, and CEO of a young startup employing a team with an average age of 22, it is very important to know your field of work cover to cover.

  On several occasions we would go around talking, giving excuses and sometimes blaming others, and then realize we were wrong, I cant begin to explain how this is bad for your professional and personal image.

• Dont be afraid of admitting your mistakes

  Only when you admit you are mistaken that you will truly learn from your mistakes.

  Its all one ship, everybody start denying you will suddenly find your team overwhelmed with the blame game rather that resolving the issues at hand.

• Consider your clients part of the team

  Your clients know more about their needs and business, keep them in the loop and most importantly dont be afraid to admit your mistakes to them.

  You’d be surprised how clients would appreciate your honesty and would even help you resolve the issues raised.

• Be Punctual

  Wether with deadlines or meetings, punctuality is the key, miss that deadline and you will find your team in a cycle of doom.

  Missing deadlines equals de-motivation, and stress for you and your team, so make sure you set correct deadlines and meet them no matter what.

  Be on time for all meetings, after all, time is your most precious asset.

• Cashflow, Cashflow, Cashflow

  Its not a new tip, nor is it mine, in fact I think this tip is repeated by every successful entrepreneur there is.

  Issue your invoices on time, and collect them on time.

  Have a system and strive hard to keep your cashflow consistent, after all your team needs to be paid on time.

• Money isn’t a motive

  Several researches were conducted on motivational tools, and they all stated that when it comes to mentally engaging activities, money is hardly motivational, its even de-motivational sometimes.

  Think out of the box when it comes to motivating your team, engage in social activities together, have creativity thursdays or even go paintballs, you will be surprised with the results.

• Learn & Innovate

  You think you got the game all figured out? well think again, you dont !!!

  The world is always moving, new stuff gets discovered each day, new trends, new creations and so many ideas out there.

  Don’t stop learning new skills and improving old ones, risk your time to learn about a new technology, or catch a skill that is still out there in the wild.

  Remember when the iPhone came out? it was simply a gold rush, those who risked entering that wild market, gained so much for so little work invovled.

• Spirit

  The most important tip of them all, keep your spirit up.

  If you start loosing it, take a day or two off, recharge your spirit and continue working, if you fall, get up, and no matter what others say YOU WILL FALL A LOT and only when you learn to get up and get back in the game, you will truly capture the essence of success.

Authentasaurus … the long awaited tutorial !! [part 1]

So my co-workers have been harassing me to write this tutorial for ages and today i decided it was time to get back writing for my blog other than writing for other blogs :P

So what is Authentasaurus?

For code junkies

Authentasaurus is a Ruby on Rails plugin for restful authentication and authorization locally and remotely.

For normal people

I am pretty sure that you are not remotely interested in any geeky topic, so scram (but not for too long :) I do write in other topics from time to time :D)

So now that we have filtered out the nasty end-users, let me dive into more details.

Why another restful authentication and authorization plugin?

Writing plugins is always a good practice for learning the ins and outs of frameworks, and for that reason I started Authentasaurus.
Back then there were few good plugins touching that topic such as the all famous and gr8 AuthLogic, but none was up to my needs and mash’s needs; It was either authentication or authorization which meant more plugins and different syntaxes (I actually checked the web for the plural of syntax :D), also It meant less successful plugin updates for those that depend on AuthLogic and so the idea of Authentasaurus became more logical.

What’s different about Authentasaurus?

While Authentasaurus still follows the same rules restful authentication plugins do, It differs than most in 3 main things:

1. It is a rails engine, which means less chaos in your code directories
2. It works for local authentication and remote authentication (for stuff like single sign-in solutions but that is a whole other topic that I will cover in the near future in shaa’ allah - if god wills -)
3. While role based authorization is good for most applications, I found that it is less powerful than good old permissions authorization; so I merged both into group-permission authorization for the power of permissions and the flexibility of roles

As a Rails engine

When I first started building Authentasaurus it was a generator plugin, meaning it would stub out all the necessary models, controllers, views and migrations needed for authentication and authorization in your code directories.

This had two problems, almost every time we needed to update the plugin for security fixes or simply update the relations in the main models we had to either edit them manually in all the projects or destroy the generated files and generate them again; this was so error prune and redundant.
The second problem we had was the excess chaos that the files created after generation, It was confusing and sometimes very useless (for times that we only needed authentication but not authorization).

Engines solved both problems; now that the files are not located in your application directory updating the plugin was as easy as changing the version in your configuration file (if you are using the gem) or replacing the old plugin with the new one in your vendor directory. Also that meant that you can use Authentasaurus without having to place the it’s files to mess your directories in your application.
Of course this came to a cost, the plugin was less customizable as an engine and we had to develop an api for customizing it outside the plugin in your application; of course the awesomness of Ruby was in aid and let us create a consistent DSL for extending Authentasaurus that I will cover in later tutorials, having that DSL in hand allowed us to convert Authentasaurus into a modular plugin too which means you get only what you need out of it rather than the whole package.

Local and Remote authentication

With “Single sign-in solutions” becoming more and more needed, we were tired to constantly write an API each time we needed to integrate an application with our central data server.
This motivated us to include a remote authentication module in Authentasaurus that can authenticate users between applications and cache their data locally when needed.
I will cover that topic in the near future ISA.

Group-Permission authorization

As I mentioned, role based authorization was just not cutting it in our projects; It was flexible but very dynamic in the DB and that lead to less dynamic code, On the other hand group-permission authorization was as flexible and dynamic in the DB but static in coding; You can actively create groups at runtime and your authorization will still function on that group, this is because Authentasaurus only knows read and write permissions and uses those permissions to authorize group members. Here is an example of a write permission requirement on the create action of pages controller:

class PagesController < ApplicationController
  require_write :create

  def create
    # Your creation code here
  end
end

Conclusion

As you see Authentasaurus is not just another restful authentication and authorization plugin for Rails; it continues where other plugins have stopped, and while it may have a harder name than others, it is as powerful when user correctly.
Even though I am the creator of Authentasaurus, I encourage you to check other options and solutions for authentication and authorization such as AuthLogic, CanCan and Devise, each has its pros and cons but none is better than the other.

Next Part

In the next part I will take you through the basics of setting up and using Authentasaurus in your application isa.