search

PLUS-POSTECH / Owl

Exploit management tool for attack and defense hacking competitions
Apache License 2.0
7 stars 2 forks source link

Implement friendly UI #60

Open KSAlpha opened 5 years ago

KSAlpha commented 5 years ago
Qwaz commented 5 years ago

In last year's DEF CON, ultimately none of our team member except Owl dev team wanted to learn how to use Owl :/

Qwaz commented 5 years ago

For this reason, I demand a decent GUI for Soma. Possible technical stacks that I can imagine of are:

  1. Keep tarpc, build a Desktop GUI with conrod, azul, or some Qt binding library.
  2. Replace tarpc with a webserver, build a web-based GUI 2-1. Webserver choices: actix-web, rocket, or something else 2-2. Protocol choices: RESTful or GraphQL 2-2. Client-side choices: React or Yew

In any of this situation, I think the current database stack with PostgreSQL + Diesel is fine to use. If we are not gonna keep tarpc, this decision will affect #58 and #44.

KSAlpha commented 5 years ago

In terms of refactoring step, first one is a better choice. It will relatively require a smaller rework on the code. However, building a destop GUI will be a very hard work. Also, it should target nightly until the 1.37 release (i.e., async/await stabilization).

In terms of reusability, second one seems to be a better choice. This is a very efficient design choice which is also used in Docker. Also, we can target stable right now. But, it will result in bigger rewrite of the code.

I am in favor of the second one. What do you think?

Qwaz commented 5 years ago

I'm also in favor of the 2nd choice in long-term perspective. I'm especially interested in GraphQL approach, because the protocol looks that it can automagically cover a lot of our manual CLI command implementation.

Also, we may want to reconsider whether Rust is the right tool for web-based approach or not. Rust was the best possible choice when we were making RPC-based CLI tool. However, it may not be the best tool to develop a database backed webserver. Diesel felt good, but it feels like it requires too much boilerplate.

(I'm retracting this opinion)

In any of this situation, I think the current database stack with PostgreSQL + Diesel is fine to use.

KSAlpha commented 5 years ago

Also, we may want to reconsider whether Rust is the right tool for web-based approach or not.

Good point. However, I think Rust is not that bad even if we use web framework. If you want to change the programming language, I would like to suggest C# or F# as candidates. Also, I want to avoid Python.

Qwaz commented 5 years ago

Also, I want to avoid Python.

I presume that you also want to avoid JS, right?

I'm not saying that Rust would be bad for this task; I'm wondering Rust might not be the best. Maybe I just want a more easier ORM like Django ORM than Diesel.

KSAlpha commented 5 years ago

I'm wondering Rust might not be the best. Maybe I just want a more easier ORM like Django ORM than Diesel.

Well, you are right. In terms of database interface, Rust has a big disadvantage as we have to control most of the work (e.g., manual migration files, complex type structure of diesel-rs).

So, what would you like to do?

  1. Keep Rust as a project programming language Rocket, Iron, actix-web (or other web framework) and Diesel as an ORM
  2. Switch to .NET Family language (C#, F#) ASP.NET Core (or other web framework) and EF Core as an ORM
  3. Switch to Python Django (or other web framework) and Django ORM as an ORM
  4. Switch to something else
Qwaz commented 5 years ago

I need more time to properly explore possible choices, but thus far this one looks very interesting: https://github.com/prisma/prisma

Introduction video: https://youtu.be/nKmjKKyK5vc

It supports TypeScript, Flow, JavaScript, and Go client. This "client" term here is a little tricky, as the program that we would write is a "Prisma Client" but a "Web Server". TypeScript would be the most comfortable option for me, but I'm open to the other options.

There is a feature request for Rust client, but there is not much progress.

Qwaz commented 5 years ago

This "client" term here is a little tricky, as the program that we would write is a "Prisma Client" but a "Web Server".

It seems that we can skip the "webserver" part and build a web-based UI that talks to Prisma Server directly.

Qwaz commented 5 years ago

Oh wait, even in that case, we need a task runner on the server side.

KSAlpha commented 5 years ago

I need more time to properly explore possible choices, but thus far this one looks very interesting: https://github.com/prisma/prisma

Interesting project...

KSAlpha commented 5 years ago

We consented to rewrite the whole project into another platform. Which means we have a high probability to move from Rust to another programming language.

Candidates are:

  1. Web server powered by TypeScript, Prisma as an ORM.
  2. Web server powered by C#, EF Core as an ORM.
  3. Web server powered by Rust, Diesel as an ORM.

We had a research on each candidate and the first one is considered as the strongest option.

After deciding the finalist, we will completely reorganize open issues and PRs. If we lose Rust, all related issues and PRs will be closed and replaced with a new design plans.