MarkUs Blog

MarkUs Developers Blog About Their Project

Fall 2014 Project List

without comments

There was a lot of work done on MarkUs this summer. (Thanks David, Lawrence, Eugene, Ealona, Su, Mark, and Angelo!)  The strange thing about getting lots done is that it is more obvious what needs to be done next, so I have a long list of potential projects for the fall.

1. React tables for spreadsheets, repo browser, and refactoring #1696 (large)
This summer Lawrence made some major changes to how tables are implemented in MarkUs. The biggest change was to use the React JS library to implement the tables. This got rid of a lot of Prototype code, and made it possible to do better sorting and filtering on the tables. Two tables remain to be converted: the repo browser and the spreadsheet. There is also some refactoring work to do, now that we know better how React works. Also, there is some remaining styling work for the new tables.

2. Get rid of the rest of Prototype #1496 (small)
We have slowly been removing all the Prototype code, and replacing it with JQuery. Aside from the tables that still need to be converted to use React, there are still a few places where Prototype has not been fully replaced. This would be a good project for a student with an interest in learning (more) Javascript/JQuery.

3. Git backend #1698 (large)
MarkUs stores student submitted files in subversion. Instructors have the option allowing students to submit files through the web interface, or may disable the web interface and require that students use subversion directly to submit their work. One repo is created per student or per group, if groups are allowed. Each assignment is a directory in a repo, and MarkUs tries to reuse repos where possible.
We are in the process of adding support to store student submissions in git repos, while at the same time maintaining support for subversion. Because git and subversion have quite different models, this task is more involved that it first appears. Much work has been done on this in the past; new students will spend some time reviewing the existing progress for this feature.

4. Refactor the Admin Dashboard #1668
Reloading the graphs takes too long and isn’t really necessary (medium)
The Dashboard view has graphs that show the mark distribution for each assignment. They take some time to load and aren’t really that useful to the administrators. It is nice to get some summary information, but we need to rethink what the best summary data is to display and how to do it. This will be partially a UI design project since we need to rethink the purpose of the dashboard view and what information is most useful to display.

5. Rails 4.0 upgrade (medium?)
Mark Rada began the work of upgrading from Rails 3 to Rails 4 this summer. He did some great work on strong parameters, but there are other parts of the upgrade process that still need work. This project would be a great one for students with some understanding of Rails, and have an interest in how the Rails framework works.

6. PDFs – is there a better library to use? (research: small; implementation: large)
Students may submit PDF files. MarkUs converts theses files to jpegs (using Ghostscript) so that the images are a fixed size to facilitate annotation. It is time to do some research to see if better options are available. The goal is to maintain support for annotating PDF files without needing to convert the files. Actually switching to a new PDF option will probably require multiple terms/students.

7. Rspec tests (large, but an ongoing effort)
This summer saw a major effort to change to Rspec tests. Ealona and Su wrote a guide to writing Rspec tests, and have done a fair bit of work implementing some Rspec tests. A goal of this term is to have everyone on the team write some Rspec tests. It will be a good way to really learn what the models and controllers are supposed to do, and will move the project forward. We plan to set aside a few hours at the sprint for writing tests. There are some outstanding Github issues related to missing tests that can easily be closed with some work.

8. Tagging student submissions #886 #325 (medium?)
This is a feature request that we hope will satisfy several use cases. Instructors and TAs have asked for a way to flag assignments to bring them to someone’s attention. TAs have also asked for a way to categorize the submissions so that they can do a quick first pass over them. The ability for adding general tags to student submissions will hopefully solve a number of these kinds of issues.

9. Summary page of all the marks for all students (smallish)
There is currently no view that combines marks from all of the different assignments and spreadsheets. This table would look a lot like the Submissions table or the Summaries table, but would have one column for each assignment and spreadsheet. A new feature would be a way for the administrator to specify a weighting for each piece of work to produce a total. (Good for someone not familiar with Rails.)

10 MathJax support for annotations? #285 (medium?)
It would be nice to be able to use math symbols in annotations. The MathJax library seems to be what we want, and some work has been done on this.

11. UX Refresh of the submissions table (Includes #75) (medium)
We haven’t taken a serious look at what is in the submission table for a long time. For example, we probably don’t need the “can begin grading” field. We would also like to be able to show the grader(s) for each group.

12. Section due dates don’t work #1676 (small)
Some courses would like to have a different due date for each section. This feature seems to have numerous problems with it. There is also a proposal to change the UI for how sections are added.

Written by Markus

September 2nd, 2014 at 6:50 pm

Say Goodbye to the n+1 Query Problem

without comments

With the declarative power of Rails’ ActiveRecord, it’s very easy to write code that are prone to performance bottleneck, such as an issue commonly known as the n+1 query problem.

Consider the following simplified MarkUs models:

class Grouping < ActiveRecord::Base
  has_many :ta_memberships
  has_many :tas, through: :ta_memberships
end

class TaMembership < Membership
  belongs_to :ta
  belongs_to :grouping
end

class Ta < User
  has_many :ta_memberships
  has_many :groupings, through: :ta_memberships
end

TaMembership is a join model between Ta and Grouping that represents the assignment of a TA to a grouping so that the TA has the permission to mark students in the grouping.

A view may have a table of groupings and need to display all the TAs assigned to each grouping (in ERB), as in this (overly-simplified) example:

<% Grouping.find_each do |grouping| %>
  <span class='ta'><%= grouping.tas %></span>
<% end %>

This all looks good until we inspect the query log and find that such a simply snippet of code generated a lot of SQL queries:

SELECT * FROM groupings

SELECT * FROM tas JOIN ta_memberships ON ta_memberships.ta_id = tas.id WHERE ta_memberships.grouping_id = 1

SELECT * FROM tas JOIN ta_memberships ON ta_memberships.ta_id = tas.id WHERE ta_memberships.grouping_id = 2

SELECT * FROM tas JOIN ta_memberships ON ta_memberships.ta_id = tas.id WHERE ta_memberships.grouping_id = 3

SELECT * FROM tas JOIN ta_memberships ON ta_memberships.ta_id = tas.id WHERE ta_memberships.grouping_id = 4

...

SELECT * FROM tas JOIN ta_memberships ON ta_memberships.ta_id = tas.id WHERE ta_memberships.grouping_id = 42

This is because ActiveRecord lazily loads associations by default, i.e., the association model is only loaded (through a SQL query to the database) when the attribute is accessed the first time. In the above example, an initial query is issued to get a list of Grouping models. Then, for each Grouping instance, the tas attribute is accessed, generating another SQL query to get the associated model instance. This results in a total of n+1 queries, where n is the number of groupings, hence the name the problem. In a networked production environment, the round-trip cost of issuing a database query is a significant overhead due to network delays. Therefore, in general, having n queries perform poorly compared to having only one (or some constant number of) queries that achieve the same.

In this case, the performance can be improved by avoiding the n+1 queries and use only a few. In Rails, this can be achieved using eager loading of associations.

<% Grouping.includes(:tas).find_each do |grouping| %>
  <span class='ta'><%= grouping.tas %></span>
<% end %>

By using includes, Rails takes care of the eager loading of the tas association and issues only two queries:

SELECT * FROM groupings

SELECT * FROM tas JOIN ta_memberships ON ta_memberships.ta_id = tas.id WHERE ta_memberships.grouping_id in (1, 2, 3, 4, ..., 42)

Just like the where and joins method, The includes method can handle nested associations as well:

Grouping.includes(ta_memberships: [{ ta: :groupings }, :grouping])

Note that while the nested association can be loaded, sometimes it’s redundant and causes too much overhead when the nesting level gets too deep. In the above snippet, grouping.ta_memberships is a collection of TaMembership instances, where each instance has a ta association, and each one has a collection of Grouping instances. All these eagerly-loaded instances already form a pretty large and complex structure — Large structure causes memory bottlenecks. Think about whether there is any redundancy in the eagerly loaded model instances and whether you can re-organize the view or controller to simplify the structure.

Normally the use cases of includes are in the controllers, in which the model instances are eagerly loaded and passed to the view (the above examples where the includes calls are in the view are only for demonstration purposes). However, when multiple controllers are using the same set of eagerly loaded associations, consider writing a scope for the model (in Rails 4):

class Grouping
  scope :with_tas, -> { includes(:tas) }
end

Or the Rails 3 way:

class Grouping
  def self.with_tas
    Grouping.includes(:tas)
  end
end

MarkUs still has quite a few instances of the n+1 query problem at the time of writing. With the help of bullet, we can track the the remaining evil n+1 queries in the system.

Bulk operation — “n query problem”

The n+1 query problem occurs most likely when reading the database (i.e., doing SQL SELECT statements). A related problem, I call it “the n query problem” may occur when doing bulk operations such as INSERT, UPDATE and DELETE statements.

For example, the problem occurs when doing something like the following:

groupings.each do |grouping|
  grouping.some_attribute = foo
  grouping.tas.clear
  grouping.save!
end

This generates n UPDATE statements and n INSERT statements. These can normally be reduced to just one single query.

Bulk creation

Use activerecord-import. This is by far the most DBMS-independent gem for ActiveRecord bulk creation. ActiveRecord’s create method actually supports bulk creation, but it depends on the underlying database driver for Ruby to do the actual bulk creation. At the time of writing, the PostgreSQL driver pg still doesn’t support bulk creation.

For a sample usage, refer to Grouping.assign_tas.

Bulk update and bulk deletion

Use update_all and delete_all.

For a sample usage, refer to Grouping.unassign_tas.

Written by Su Zhang

August 20th, 2014 at 5:58 pm

Rails 4 Upgrade Notes

without comments

The Upgrading to Rails 4 guide is a good first step to understanding what needs to be changed. Rails’ own Upgrading Guide also has a list of things to pay attention to. Neither guide is a superset of the other, and I have had to look elsewhere to solve a few of the upgrading issues.

Here is a short list of the upgrading tasks that I could not back port which caused varying amounts of trouble:

 


 

Gemfile

You will want to look more closely at the versions that the first guide suggests. In most cases a newer maintenance release of a gem are available and should be selected instead.

One exception to this is the sass-rails gem. It will need to be set to version 4.0.1. Why? Because MarkUs needs a newer version of Sass. Sass 3.3.x is required because Sass 3.2.x fails to parse MarkUs scss code. Though it does not appear to make sense, the older sass-rails gem had a looser version specification for sass, and so by rolling back sass-rails to 4.0.1 we allow bundler to choose a newer version of sass itself.

When removing strong_parameters from the Gemfile, do not add the protected_attributes gem for backwards compatibility. MarkUs has already been upgraded to use strong parameters. Since strong_parameters is part of Rails 4, it should not be listed in the Gemfile.

Lastly, the minitest gem should be removed. Ralis 4 depends on minitest itself; it is best to avoid conflicting version requirements.

 


 

Routes

The catch-all route should get changed to work via :all HTTP verbs if possible:

https://github.com/MarkUsProject/Markus/blob/d0d76012350901cf4059d012fc4da575881ca876/config/routes.rb#L338

 


 

Configuration

In config/application.rb:20 “config.action_view.javascript_expansions” should be deleted. And then you will need to update the the “javascript_include_tag :defaults” line in  app/views/layouts/no_menu_header.html.erb to use the ‘application’ (with quotes) instead of :defaults.

Written by Mark Rada

August 14th, 2014 at 6:58 am

Using Gitolite

without comments

We are in the process of implementing a git backend for MarkUs, and authentication/authorization on the repos is a big question.

It seems obvious that gitolite is the right choice for authorization, and because I’m planning to use it for courses as well, I thought I would write down what I have learned.  I still have to try it out, so I may have some of the details wrong.

The repos will be managed under a separate userid that I’ll call markus-git.  I suspect it should be a separate userid than the one that the application runs under, for safety. Only the markus-git user has file permissions on the repos, and users do not need any shell access.

I should also point out that if students are only accessing MarkUs through the web interface, then none of the rest of this is relevant to them.

Users will have to register a public key with gitolite, and we’ll want to automate this process so that it doesn’t require human intervention.  Then they can make a request like the following.

git clone markus-git@markus.cdf.toronto.edu:c2reidka.git

How does it work?

Gitolite sets things up so that when the ssh command is run, it first forces an authorization check. It uses the public key to create a message that only the private key on the client can interpret. If the client sends back the correct response, then the user will be granted access to the appropriate repos.

The gitolite-admin repo is cloned by the administrators (and will include the markus process). It contains the public keys as well as a configuration file conf/gitolite.conf that contains all of the access control information for the repos.

The nice thing about using the ssh approach is that there is no additional server to worry about.

One of the headaches we will have to resolve is how to handle students who have problems with their key pairs, and need to update their keys.

Written by Karen Reid

August 1st, 2014 at 12:42 pm

Carpentry in React

without comments

React is a JavaScript library for building user interfaces. It’s used heavily in production in both Facebook and Instagram (Facebook created React), and in my opinion is an awesome tool for building front-end interfaces.

The work I’m currently doing on MarkUs involves re-implementing, using React, the sortable, searchable, and filterable tables used for listing users and managing groups, graders, and submissions. This is a prime target because 1) the previous tables used a library that depended on Prototype, which we are trying to move away from, 2) these tables can be really slow, since the html for each row is rendered in the backend individually, and 3) the previous tables became messy enough (_boot.js.erb files and construct_xxx_table_row methods) to warrant a rewrite. Also because 4) React is awesome. So let’s go into how React works.

React, at its core, is a library for creating components: functional, reusable, and composable web views. It also manages to let you do this in an extremely simple fashion.

Each component has two objects: this.props and this.state. Props are generally for holding immutable data, while state holds mutable data. In a sortable table, for example, the titles of the columns would go into props and the currently sorted column and sort direction would go into the state. A component then defines a render method that is functionally pure; that is, given the same props and state, the output will always be the same. The render method also cannot cause any side effects.

Now, when React detects a state change of any kind, it’ll quickly re-render diffs for the new DOM based on the render method. Managing state suddenly got a lot easier.

Here’s an example from MarkUs: StudentsTable, which is the React component that defines the listing of students in the Users view. StudentsTable has two pieces of state: students, which is the array of student data that will be used to fill the table, and selected_students, which is an array of student ids that represent the selected students (duh) for doing actions on.

The render method then defines some column and filter objects (based on an ad hoc protocol; column objects have boolean attributes such as sortable and searchable while filter objects define a test for each object). Then it returns a div (really a React DOM object: React uses a virtual DOM) containing two other components: an ActionBox and a Table.

Here’s some demo code for StudentsTable:

StudentsTable = React.createClass({
  getInitialState: function() {
  // Sets this.state.students to
  // what the backend returns
  jQuery.ajax({
    method: 'GET',
    url: ...
    dataType: ...
    success: ...
    });
  },
  render: function() {
    // this stuff could and maybe should actually be moved to props
    var columns = [
      { id: "user_name", sortable: true, searchable: true },
      { id: "first_name" , sortable: true, searchable: true }
      ...
    ];
    var filters = [
      { name: 'all', func: function(student) { return student; } },
      { name: 'active', func: function(student) { return student.active; } },
      ...
    ];
    return (
      <div>
        <StudentsActionBox selected_students={this.state.selected_students}
                           onChange={this.refresh} />
        <Table data={this.state.students} columns={columns} filters={filters} />
      </div>
    }
});

Now, StudentsTable will pass down selected_students to ActionBox, which will receive it as props. This may be a little confusing since selected_students was in state originally, but it doesn’t matter. ActionBox doesn’t know, and ActionBox doesn’t care. Its render function should account for both state and props, and in fact it helps to think of selected_students as immutable, since what ActionBox really needs to be worrying about are things like the dropdowns and the grace credits input and managing that stuff.

We can see that the data flow is kept one-way: StudentsTable, as the parent of the ActionBox, doesn’t know about the state of the ActionBox, nor does it care. If you really needed to know something, like when StudentsTable should request new data, you can create a hook by passing down the refresh method as a prop and have ActionBox call it whenever it needs to. But in general, it’s best to keep upward data flow as minimal as possible.

The base Table is its own component with its own subcomponents like TableFilter, TableSearch, and TableHeader which may or may not have their own subcomponents. But these parts all work in the same way; they’re just smaller parts. This way, React makes reasoning about a specific level in the view hierarchy a lot simpler since everything is compartmentalized and data flows only one way. Consider implementing the same thing in jQuery or Prototype: it would probably require a crazy amount of reasoning about state (of which the size is huge — blame combinatorial explosion) and DOM manipulation.

In conclusion: React is dope. Its power comes from its means of combination and abstraction (sup Sussman). Check it out here.

Written by Lawrence Wu

June 16th, 2014 at 10:25 am

Rails 4 Strong Parameters

with one comment

A long time ago the developers of Rails wanted a simple API for creating new instances of model objects. What they came up looks something like this:

User.new({ user_name: ‘markus’, last_name: ‘Us’, first_name: ‘Mark’, grace_credits: 5, section_id: 2, type: ‘Student’ })

 

This form of initialization, with a hash, is referred to as mass assignment. Using a hash as input to the constructor made the initialization process very flexible and it was used for seeding the database and creating mock objects for testing.

The problem with having something as nice as mass assignment is that it ended up being used for everything. It became (too) common for controller code to be written that would initialize an object by taking input straight from web forms:

def create
    # Default attributes: role = TA or role = STUDENT
    # params[:user] is a hash of values passed to the controller
    # by the HTML form with the help of ActiveView::Helper::
    @user = Student.new(params[:user])
    if @user.save
      flash[:success] = I18n.t(‘students.create.success’,
                               :user_name => @user.user_name)
      redirect_to :action => ‘index’ # Redirect
    else
      @sections = Section.all(:order => ‘name’)
      flash[:error] = I18n.t(‘students.create.error’)
      render :new
    end
  end

 

Or, at least you hoped the params were coming from a web form, and that the person filling in the web form didn’t add some extra data you weren’t expecting. In reality, a malicious user could construct their own POST request to the server and create a new user that had administrative powers. This actually happened to Github a couple of years ago.

This kind of exploit is a text book example of incomplete mediation. Checking the validity of user input on the client side does little to make the app secure. An attacker has full control of the client and can manipulate input to the server in any conceivable way. User side checking may be valuable for user experience reasons, but the checks must also be performed again on the server where we have control. More information on the principles of security for protecting computer information can be found here.

Shortly after the Github/Rails issue, the Rails core team wanted safe defaults for new projects. At the time, the existing Rails solution for this issue was to declare model attributes as being mass assignable or not mass assignable. In code, you would declare attributes as attr_accessible (whitelist) or attr_protected (blacklist), and these declarations would be used to maintain a whitelist of attributes which could be set using mass assignment. However, whitelisting was not enabled by default, and so in Rails 3.2.8, all new apps included the following configuration:

config.active_record.whitelist_attributes = true

Which caused all models to start with an empty whitelist. Mass assignable attributes had to be explicitly listed with attr_accessible. Safety by default was implemented, but it came at the cost of being able to use mass assignability for legitimate purposes. The Rails security guide from that era includes more details on the whitelist configuration and how to work with its limitations.

The problem with having all models disallow mass assignability was that programmers would have to go to more trouble to seed databases, generate mock objects, etc. Possibly for this reason, MarkUs never turned on default whitelists.

The logic was that the whitelists would stop incomplete mediation attacks from anywhere that models are created. However, these attacks come from user input, which is first handled (on the server side) by controllers. So, performing sanitization checks in the controller would limit the impact of the whitelists to where it mattered.

During Rails 4 development, the core team removed attr_accessible and the entire mechanism for whitelisting attributes in model classes. The new solution, strong_parameters, enforces attribute whitelists on the input params before passing the data along to the model constructor. Since strong_parameters does not directly affect model code, it is once again easy to use mass assignment for internal machinery and trusted scripts.

MarkUs predates Rails 3.2.8, and the whitelist default was never turned on during the upgrade to Rails 3.2. MarkUs does use attr_accessible in a couple of places, and avoids using mass assignment for input coming from students. However, the example controller code above (that demonstrates the incomplete mediation flaw) comes straight from the MarkUs code base as it exists today. The example is actually fairly safe because it requires an authorized admin to make the POST in the first place, but nonetheless demonstrates unsafe practices.

I think that current strategy for handling student input entirely without mass assignment is the best strategy from a security perspective. This would also make the upgrade to strong_parameters painless.

It is not recommended to switch to strong_parameters and perform the Rails 4 upgrade at the same time. However, strong_parameters is available for Rails 3.2 as a back port and we can migrate to it before the upgrade to Rails 4. I think it would be best to switch to strong_parameters right away and move away from using mass assignment when the input comes from the client side.

A blog post demonstrating how strong_parameters works can can be found here. The API documentation for strong_parameters can be found here.

Written by Mark Rada

June 11th, 2014 at 11:53 am

Status Report for May 1st

without comments

Alex:

This week: Worked on final paper for facebook. Started working on our presentation.
Next week: Last week of our  semester and we will focus on our presentation.

Christopher:

This Week: Fix Bug# 1412, preparing for presentation, write final report for the class and Facebook
Next Week: Our semester ends at Wednesday so we will prepare for the presentation.

Ope:

This week: Course related material
  • Writing Final Reports
  •  Preparing for Presentation
Next week:
  • Update Help System text (if provided by Karen)
  • Push Help System changes to Upstream (Need to determine best approach)
  • Continue with Course related material
Note: Final day of classes is next Wednesday.

Rafael:

This week:  Fixed the compatibility bug between Rugged and Ruby by upgrading Ruby from 1.9.2 to 2.0. Continue to study the svn code in order to implement the git version of it.

Next week: Find out what Tiago and Zach are working on and help them with it.

 

Written by Rafael Soares Padilha

May 6th, 2014 at 9:26 am

Status Report for April 24th

without comments

Cornell Team:

Next week:

Look at other possible bugs we could fix in 1 week. Prepare for our final presentation for the class.

Alex:

Completed the wiki page for the help system, which describes the details about how to add new help boxes and embedded documentation to new pages.

Christopher:

We worked on issue #1412. We still need to figure out whether the link is what we want for every users (admin, TA and students).

Ope:

Worked on issue #1412. Fixed the url generated for links in the assignment drop down menu. The links are now directing the user to the appropriate page. Will create pull request once testing is completed. Worked with Alex on the Wiki page.

Rafael:

Working with Zach and Tiago on the git back-end. I got stuck on a bug with Rugged and ruby… maybe I’ll need to reinstal it and update my ruby to a newer version. Going to work on that during the weekend.

Zach

Upgraded ruby from 1.9 to 2.0. Created commit for time-based functions (which are still under consideration for their implementation).

 

Written by Alexander Kittelberger

April 28th, 2014 at 7:58 am

Status Report for April 17th

without comments

Cornell Team:

Next week:

We’ll start working on the wiki page for Help System and start working on issue # 1412

Alex:

Continued working on the help system with Chris and Ope. Finished up the majority of the pages with placeholder text.

Christopher:

We finish the help system structure and textboxes. We will send the screenshot by the meeting on Friday.

Ope:

Worked on finishing the help system structure. Worked on screenshots to be provided to Karen (Target: Friday).

 

Zach:
This Week: Rafael, Tiago, and myself started an active discussion on the git backend. I implemented some of the time-based functions for review.

Roadblocks: Ruby. I have had to upgrade my ruby version as 1.9.2 was causing error sometimes.

Next Week: Get ready for my UCOSP presentation and resolve the ruby issues

Rafael:

Started working with Zach and Tiago on the gitbackend. Installed everything and now  studying the svn code and the rugged and gitolite libs.

 

Written by Alexander Kittelberger

April 19th, 2014 at 4:51 pm

Status Report for April 10

without comments

Zach Munro-Cape

This Week: Started staging my commit for a clean pull request

Road Blocks: git specific commands to untangle my current repo
Next Week: Meet up with Rafael and Tiago to discuss our approach on the git backend

Jeremy Winter

-Finished issue #1402

-Finished tagging system specs

Cornell Team:

Current Week:

- work on the help system on several pages and style. We decide that we will use 2 style of help text box depending on the pages.  Finished 5 pages.

Next Week:

- continue working on the help system on other pages.

Alex

-continued work on the help system

-implemented the ability to add both tooltips and larger big boxes for embedded documentation

Christopher:

- worked on help-system

- change the style of the help textbox and add 2 styles of boxes (large box on the right and tooltip boxes)

- add another style of help icon for title.

Ope

- Worked with Alex and Chris on new designs for the Help system

- Fixed a minor bug on the help system implementation on the Assignment page that caused the help messages to be rendered incorrectly on other pages using the same form, besides ‘Add Assignment’. Help system implementation now moved to form level for this content.

Tiago 

This Week: Started studying gitbackend code, solved issues 1324 and 1388

Road Blocks: The integration between gitolite gem and rugged gem.
Next Week: I’m still studying gitolite server and rugged and how to change svn code to make it work
Also meet up with Rafael and Zach to discuss our approach on the git backend. I’m wrinting a document to help this implementation, but for the moment is in portuguese and local, as long as I make it work, I’ll update the blog

 

Written by Christopher Jonathan

April 11th, 2014 at 3:04 pm