Index [nostarch.com]Capistrano, 178, 230–237 configuration, 232–233 database setup, 233–234...
Transcript of Index [nostarch.com]Capistrano, 178, 230–237 configuration, 232–233 database setup, 233–234...
Numbers and Symbols404.html file, 24422.html file, 24500.html file, 24&& (and) operator, 9–10@, for instance variables, 15\ (backslash), for special characters, 6: (colon), for symbols, 7{ } (curly braces)
for blocks, 13for hashes, 8
:: (double-colon) operator, 91" (double-quotes), for strings, 6== (equal) operator, 9! (exclamation mark), at end of
method name, 7=> (hash rocket), 8–9> (greater than) operator, 9< (less than) operator, 9
and inheritance, 17<< operator, 8<=> operator, 92<%= %> tag, 58<% %> tag, 58–59<%# %> tag, for comments, 59% (modulus) operator, 5!= (not equal) operator, 9|| (or) operator, 9–10||= (conditional assignment) operator, 10+ operator, to add arrays, 8? (question mark), at end of
method name, 7[ ] (square brackets), for array, 7–8_ (underscore), in partial names, 67| (vertical pipe), 13
AAccessor class, defining, 101Active Record, 30, 106–121
cache_key method, 187calculations, 35query conditions, 34–35relation, 32
ActiveRecord::Base, inheriting from, 110ActiveRecord::RecordNotFound exception,
32, 41ActiveSupport::Cache::FileStore cache
store, 186ActiveSupport::Cache::MemoryStore cache
store, 186ActiveSupport::TestCase module, 143Ada, 3add command (Git), 77alert class, 131alert-danger class, 132alert message, 132alert-success class, 132all method, 32Amazon Elastic Compute Cloud
(Amazon EC2), 224Amazon Web Services (AWS), 224–225ancestors class method, 95–96and (&&) operator, 9–10anonymous users, restricting page access,
125, 136Apache
disabling default site, 237installing, 226–228
API controllers, 212–213api module, 219API requests
adding route for, 211authentication credentials for, 209
APIs (application programming interfaces), 51
creating, 211–222token-based authentication, 216–222
api_token string, 216app/assets directory, 65, 177
application.css file, 65, 124, 176–177application.js file, 66, 124javascripts directory, 176stylesheets directory, 176
app/controllers directoryapi/posts_controller.rb file, 212, 257api/text_posts_controller.rb file, 219application_controller.rb file, 135,
171, 218
I n d e x
260 Index
app/controllers directory (continued)comments_controller.rb file, 248,
253–254destroy action in, 244
image_post_controller.rb file, 165, 250–251
ImagePostsController methods, 252posts_controller.rb file, 48, 125, 256
index action, 184logger statement, 198PostsController, 253
sessions_controller.rb file, 256text_posts_controller.rb file, 158, 159,
164–165users_controller.rb file, 129, 156, 250
app/helpers directory, 61application_helper.rb file, 61posts_helper.rb module, 61
application, view for, 22ApplicationController class, 136–137
authentication method in, 218ApplicationHelper module, 61, 90application programming interface.
See API (application programming interface)
application.rb file, 24application server, for Ruby on Rails,
226–227app/models directory
comment.rb file, 189adding validation, 241
ext_post.rb file, checking for body text, 118–119
image_post.rb file, 118post.rb file, 29subscription.rb file, 113user.rb file, 114, 129, 143
has_many association, 119app/views directory, 58
comments/_comment.html.erb file, 248, 253, 255
image_posts/edit.html.erb file, 165image_posts/_form.html.erb file, 251image_posts/_image_post.html.erb file,
126, 188, 192, 248ImagePost partial, 249
image_posts/new.html.erb file, 251layouts/application.html.erb file, 64,
136, 171, 196, 250, 258updating, 243
link_posts/_link_post.html.erb file, 256posts/index.html.erb file, 58, 62, 125, 159
will_paginate call, 184posts/show.html.erb file, 58, 68, 127
sessions/new.html.erb file, for login form, 133–134
text_posts/edit.html.erb file, 165text_posts/_form.html.erb file, 158text_posts/_text_post.html.erb file, 126,
165, 248, 255comment count in, 187–188TextPost partial, 249
users/new.html.erb file, 130–131users/show.html.erb file, 155, 156
apt-get system, for software install, 225–226
arrays, 7–8for all keys in hash, 9returning first and last entries in, 32
ASC order, for retrieving posts, 34as_json method, 213–214assertions, 146–147
controller test, 150–152in testing, 143
asset pipeline, 65, 176–179asset precompilation, 178–179debug mode, 177–178manifests, 176–177viewing search path list, 177
assets, in Rails application, 65assets:clobber rake task, 178assets directory, 23, 24assigns hash, 150associations, 39–42
adding, 40belongs_to methods, 41–42defining, 113generating model, 39has_many methods, 40–41has_many :through, 109–110many-to-many, 107–110polymorphic, 111–112self join, 106–107specifying in advance, 183testing, 115–116touch option, 189
attr_accessor method, 16, 90, 100–101attributes of object, displaying, 198authenticated user, for
TextPostsController, 158authenticate_or_request_with_http_token
method, 218authenticate_user! method, 136, 250authenticating over SSH (secure shell), 81authentication, 123–140
vs. authorization, 163–164of current user, 125with GitHub API, 209–211
Index 261
log in, 132–135of requests, 218–219token-based, 216–222of user, 136–137
authenticity_token token, 171authorization attacks, 163–165author migration, 37average method, 35AWS (Amazon Web Services), 224–225
Bbackslash (\), for special characters, 6BasicObject class, 96bcrypt gem, 128, 249BCrypt::Password.create method, 144before_action :authenticate_token!
method, 219before_action :authenticate_user!
method, 248before_action method (Rails), 48, 136belongs_to association, 106, 107, 111–112,
113, 247belongs_to methods, 41–42belongs_to statement, 40between? method, 92bin directory, 20, 23
bundle install command, 124, 128, 199cap production deploy command, 258rails console command, 247, 249rails generate command, 153rails server command, 57rake db:migrate command, 129, 216rake log:clear command, 197rake routes command, 211rake test command, 142rake test:models command, 149
--binstubs option, for bundler, 231block of code, 13blog posts, adding comments, 39body element (HTML), 64Booleans, 9–10Bootstrap, 124
form-group class, 131panel component, 126styles for links, 157
bootstrap_sass gem, 124branch command (Git), 79branching, 11BrightBox, 225build-essential package, 229build tools, installing, 229bundle command, 25–26, 82, 229bundle install command, 20, 235
Bundler tool, 25flags in, 82
business logic, 22byebug gem, 199
Ccached_comment_count method, 188cache_key method, 187, 189, 190cache keys, 187, 255cache store, 185
Rails support of, 186caching, 185–192
enabling, 186fragment, 189–191issues, 191–192low-level, 187–189
calc method, 93callbacks, eliminating, 147–148canceling current operation, 4cannot_feature! method, 245Capfile, 232Capistrano, 178, 230–237
configuration, 232–233database setup, 233–234deployment, 235secrets setup, 234setup, 231–232virtual host, 236–237
capistrano-rails gem, 231Cascading Style Sheets (CSS)
asset pipeline and, 176including in application, 124lists of application use, 65
casefor constants, 10for variables, 11
cd command, 20centralized version control systems, 76change_column method, 37change method, 36changes, pushing or pulling, 76checkout command (Git), 79, 80child model, 106classes, 15–18
adding new methods, 16ancestors, 95–96assigning method calls to another, 94creating instance of, 16as instance of other class, 96–97methods, 96
class_eval method, 100–102class methods, 17class statement, 15
262 Index
client error, 4xx status codes for, 208cloud application platform. See Heroku
cloud application platformcode
block, 13executing inside debugger, 203optimization, 180–185
CoffeeScript, 176, 180:collection option, 67–68collections, 67–68colon (:), for symbols, 7columns in database, adding, 37combining strings, 6comment model, 120, 247comment_params method, 55, 242comments
adding, 54–55adding to blog posts, 39belongs_to methods, 41–42form, 72–73has_many methods, 40–41show page for, 254showing, 68–69
CommentsController#create method, 72commit command (Git), 77–78commit message, 77Comparable module, 92Concurrent Version System (CVS), 76conditional assignment (||=) operator, 10conditional statements, 11–12
for Edit button, 191–192config.action_controller.perform_caching
setting, 186config.assets.debug setting, 178config directory, 23
deploy/production.rb file, 233deploy.rb file, 232–233environments/development.rb file, 178,
186, 192routes.rb file, 45, 46, 156, 171
logout route, 254secrets.yml file, 234
console command, 26constants, 10continue command (debugger), 203control flow, 11–13, 58–59controllers, 23, 43–56
actions, 48–54API, 212–213helpers for, 47–48parameters, 49–50response formats, 51–52testing, 150–152
controls on forms, helper methods for, 69–70
convention over configuration, 21cookies, 52
secret key for, 234cookies hash, 150count method, 35create action, 44
controller test for, 151POST request for, 151
create command, in Heroku, 83create comment action, controller for, 54created_at field, 28create_join_table method, 109create method, 31, 53
for login form, 134in SessionsController, 181–182
createuser command, for PostgreSQL, 228cross-site request forgery (CSRF), 64,
170–171token, 221
cross-site scripting (XSS), 167–169CRUD functions, 31, 44CSRF (cross-site request forgery), 64,
170–171token, 221
csrf_meta_tags method, 66–67csrf-token meta tag, 66CSS. See Cascading Style Sheets (CSS)Curl, 208–209, 220–221, 257
to check index action output, 215testing API, 212for testing token-based
authentication, 209curly braces ({ })
for blocks, 13for hashes, 8
current userauthentication, 125identifying, 135–136using, 137–139
current_user method, 135–136, 219output of, 196
custom routes, 46CVS (Concurrent Version System), 76
Ddata, testing, 39database
adding columns, 37adding records, 31CRUD functions, 31, 44current state, 36HTTP verbs for actions, 44retrieving posts from, 48
Index 263
database migrations, 24, 28, 35–37and application deployment, 83for creating table, 113preventing creation of, 118updating db/schema.rb with, 142
database queries, reducing, 180–183database.yml file, 24data model, 106
advanced, 106–112for social networking service, 112
data types, 5–11arrays, 7–8Booleans, 9–10hashes, 8–9numbers, 5strings, 6–7symbols, 7
dbconsole command, 26db directory, 24
migrate directory, 35schema.rb file, 36
db:rollback statement, 36debugger method, 200, 256debugging, 195–204
commands, 200–204Rails logger for, 197–199
debug helper, 196–197:debug log level, 197debug mode, 177–178def_delegators method, 95define_method method, 99–100def statement, 14delegation, 94delete method, 150DELETE request, 44, 46, 60delete_via_redirect method, 152deleting records, 33–34dependent: :destroy option, 117deploy:check task, 235deployment, 75–85, 223–237
Capistrano, 230–237virtual private servers, 224–230
DESC order, for retrieving posts, 34destroy action, 44, 253destroy method, 33–34, 53–54, 247
for user_id, 134development environment,
debug mode, 178development.log file, 24development.rb file, 23diff command (Git), 78–79digital signature, 81directives, in manifest files, 176direct manipulation, 30
directorycreating for Ruby on Rails, 227–228for Rails project, 20
display command (debugger), 202–203distributed version control system, 76div element, class="container", 124division, math operation, 5doctype (HTML5), 64documentation
for Bootstrap, 124from gems, 229
document root, for Virtual Host, 236do, end pair, for adding block, 45Don’t Repeat Yourself (DRY), 22do statement, 13double-colon (::) operator, 91double-quotes ("), for strings, 6DRY (Don’t Repeat Yourself), 22duck typing, 98–99duplication, eliminating, 147–148
Eeach method, 12–13, 58eager loading, 183edit action, 44, 49Edit button, conditional statement for,
191–192Eiffel, 3Element class, instance methods of, 246elements
adding to array end, 8of web pages, 64
else statement, 11elsif statement, 11email address
of current user, 125storing, 128
Embedded Ruby (ERB), 22, 57, 58–59comments, 59
Employee model, defining associations in, 107
empty? method, 6–7end statement, 13, 14, 90environments directory, 23equal (==) operator, 9ERB (Embedded Ruby), 22, 57, 58–59
comments, 59error_explanation div element, 70–71error messages
code for displaying, 70–71files for, 24
errors array, 39errors method, 242
264 Index
/etc/apache2/sites-available directory, 236–237
eval command (debugger), 203exclamation mark (!), at end of
method name, 7:exclusion validation, 38exit command, 4, 30extend statement, 94
Ffavcon.ico file, 25features, enabling and checking for,
99–100fetch method, 187Fibonacci sequence, 93–94Fielding, Roy, 43field_with_errors class, 71file.open method, passing block to, 13file.read method, 18file.split method, 18find_by method, 219find method, 32, 164first method, 32fixtures, 144–146, 156flags, in Bundler, 82flash hash, 150flash messages, 52
displaying, 131–132floating-point math, 5flow between pages, testing, 152follow action, safety from
CSRF attacks, 171following? method, 114following! method, 115follow_redirect! method, 152foreign key, 106
in migration file, 108for loop, 12–13form builder object, 71form_for method, 71, 72forms, 69–72
for comments, 72–73form_tag, 134Forwardable module, 94–95Fowler, Martin, Patterns of Enterprise
Application Architecture, 30fragment caching, 185, 189–191friendly_date helper method, 61full-stack web framework, 19functional tests, 150
Ggarbage collection, optimization, 175gem command, 25, 229Gemfile
adding debugger gem, 199updating for Heroku, 81–83
gems, 20, 258bcrypt, 128bootstrap_sass, 124byebug, 199capistrano-rails, 231directories in asset pipeline
searches, 177documentation from, 229installing, 229–230jbuilder, 214–216updating installed, 124, 128, 199will_paginate, 184
generate_api_token method, 217generate command, 26get method, 150GET request, 44, 46, 60
and state change, 170test issuing, 151
getter methods, 16get_via_redirect method, 152git add command, 77git branch command, 79git checkout command, 79, 80git commit command, 77–78git diff command, 78–79git --help command, 78GitHub, 84
account, 244pushing code to, 234–235
GitHub API, 205, 206–207authentication with, 209–211token generation, 209–210
git log command, 77git pull command, 80git push command, 80, 83git remote add command, 80git status command, 78, 79Git version control system, 75
basic usage, 77–80branches, 79–80getting started, 76–77remotes, 80repository, creating, 234–235setup, 76staging area of, 77
greater than (>) operator, 9greet method, 15–16
Index 265
HHansson, David Heinemeier, 19hashed version of password, 128hashes, 8–9
for commit, 77iteration over, 13
hash rocket (=>), 8–9has_many association, 106, 107, 112, 116, 143has_many :leaders association, 137has_many method, 40has_many :through association, 109–110, 117has_secure_password method, 128, 143head element (HTML), 64head method, 150help command, for debugger, 201--help command (Git), 78helpers, 22, 59–61
adding methods, 61for controllers, 47–48controller test, 150integration, 152methods for form controls, 69–70
helpers directory, 23Heroku cloud application platform, 75,
81–84deploying application, 83–84Gemfile update for, 81–83
heroku run command, 83Heroku Toolbelt, installing, xxi, 81hex method, 217home page
root route setting for application, 47timeline for, 137
HTML, partials for shared code, 67–69HTML5 field types, helper
methods for, 72HTML page
Rails layout for, 64Ruby code and, 22
HTTP, 207–209status codes, 207–208
HTTP verbs, 60for database actions, 44
Iidentifiers, symbols as, 7id field, 28
retrieving record by, 32if statement, 11, 250ImagePost
editing, 165fixture files for, 145–146validation test, 149
image_post_params method, 250–251image_tag helper, 126img-responsive class (Bootstrap), 126include statement, for methods, 91–92:inclusion validation, 38index action, 44, 48, 125, 212index for array, 8index page
for post model, 125for posts, 61–63
indices, creating for foreign keys, 109inheritance, 17–18
in Ruby, 91single-table, 110–111
initialize statement, 15injection attacks, 165–169insecure direct object reference, 164inspect method, 198installing
Apache, 226–228build tools, 229gems, 229–230Heroku Toolbelt, xxi, 81PostgreSQL, 228–229Rails, xxi–xxiii, 230Ruby, xxi–xxiv, 225–226
instance, 224of class, creating, 16
instance methods, 17instance_methods method, 96instance_of? method, 97instance variables
accessing, 16assigning value to, 15
instantiating objects, 31integer division, 5integration tests, 152–154Interactive Ruby interpreter (IRB), 4Internal Server Error code, 208introspection, 97IRB (Interactive Ruby interpreter), 4irb command, 4is_a? method, 97is-a relationship, 17:is validation, 38iteration, 12–13
JJavaScript
asset pipeline and, 176events, 180including in application, 124list of files in use, 65
javascript_include_tag method, 66
266 Index
JavaScript Object Notation (JSON), 22, 51, 207
customizing output, 213–216messages, 205
jbuilder gem, 214–216join table, 113
creating, 109for many_to_many association, 107–109
jq (JSON processor), 212–213JSON (JavaScript Object Notation), 22,
51, 207customizing output, 213–216messages, 205
json.array! method, 215json.extract! method, 215
KKernel class, 96keys method, 9key-value pairs, 8
Llabel helper, 71last method, 32layouts for views, 64–67leader_ids method, 137leaders method, 116length method, 6:length validation, 38less than (<) operator, 9lib/assets directory, 177lib directory, 24libpq-dev package, 229limit method, 34link_to helper, 59Lisp, 3list command (debugger), 201–202local variables, 202log directory, 24
development.log file, 197test.log file, 145
logger (Rails), 197–199log in, 132–135
custom routes for, 46implementing, 133–135
logout, custom routes for, 46low-level caching, 185, 187–189
Mmailers directory, 23manifests, 65, 176–177many-to-many associations, 107–110
margins, for page, 124master branch, 79Math module, 91math operations, in IRB, 5Matsumoto, Yukihiro, 3maximum method, 35:maximum validation, 38memcached server, 186memoization, 92Memoize module, calc method, 93Mercurial, 76merge method, 9metaprogramming, 89, 99–104method_missing method, 102–104methods, 14–15, 96
include statement for, 91–92passing named parameters to, 9
migration files, rails generate command to create empty, 108
migrations, 35–37. See also database migrations
minimum method, 35:minimum validation, 38MiniTest framework, 141, 146mistakes. See debuggingmixins, modules as, 91–95mkdir command, 20models, 29–42
adding validations to, 118relationship between two of same
type, 106testing, 148–149
model-view-controller (MVC), 22module Api statement, 212module keyword, 90modules, 17–18, 89, 90–95
as mixins, 91–95as namespaces, 91
modulus (%) operator, 5MVC (model-view-controller), 22MySQL, 228
NN + 1 Queries, 182–183named parameters, passing to method, 9names
for modules, 90for partials, 67for templates, 58
namespaces, modules as, 91namespace :api block, 211nano editor, 236nested resources, 45
Index 267
network communications, Curl for, 208–209
new action, 44, 49controller test for, 151
New Image Post form, button linking to, 251–252
newlines, in strings, 6new method, 17
for login form, 134new post form, 51
params from, 53from Rails scaffold generator, 69–70
next command (debugger), 203nil, 4
from [] method, 8from accessing nonexistent key, 8for method definition, 14
NoMethodError exception, 96, 98, 102not equal (!=) operator, 9“not” form, of assertions, 146notice message, 132not operator, 12NOT operator, 100number helpers, 60–61numbers, 5number_to_currency method, 60number_to_human method, 60number_to_human_size method, 60number_to_percentage method, 61
OObject class, 96object_id method, 7objects
instantiating, 31state of, 15
odd numbers, 5offset method, 34one-to-many relationships, 39one-way hash, 128open-source software,
collaborating on, 84Open Web Application Security Project
(OWASP), 172operation, canceling current, 4optimization
asset pipeline, 176–179built-in features, 176–180of code, 180–185garbage collection, 175
or (||) operator, 9–10order clause, for timelines, 138order method, 34output tag (<%= %>), 58
output to screen, 4OWASP (Open Web Application Security
Project), 172
PPaas (Platform as a Service), 81page rendering, speed of, 185paginate method, 184pagination, and optimization, 183–185parameters, 49–50
for methods, 14–15passing named, to method, 9
params, from new post form, 53params hash, 49–50
:text_post key in, 160parent model, 106partials, 67–69password attribute, checking for, 143password_confirmation attribute,
checking for, 143password digest, 128passwords
authentication, 181–182hashed version, 128
patch method, 150PATCH request, 44, 60patch_via_redirect method, 152path helpers, 47Patterns of Enterprise Application Architecture
(Fowler), 30PDF format, 51percentages, 61performance. See also optimization
caching and, 185–192of Ruby on Rails, 175–192
Perl, 3Personal Package Archive (PPA), 225pg (PostgreSQL gem), 82
installing, 230Phusion Passenger, 226–227pipe character (|), 13plaintext files, reading in Ruby, 18Platform as a Service (PaaS), 81pluralize helper method, 188polymorphic associations, 111–112@post, [email protected], 72post.comments.find method, 41PostController, logger statement, 198post fixtures, 145–146PostgreSQL, installing, 228–229PostgreSQL database server, 82PostgreSQL gem (pg), 82post_id field, 39
268 Index
Post index view, 127post method, 150post model, 29–30, 117–119
index and show pages for, 125post_params method, 50post:references option, 39POST request, 44, 46, 51
adding repository with, 210–211posts
authorization to edit, 164index page, 61–63updating when comment is added, 189user’s ability to add, 157–161
PostsController, respond_to method, 211PostsHelper module, 61posts table, 30
adding string column to, 37posts_url, 52post_via_redirect method, 152, 153PPA (Personal Package Archive), 225predicate method, 114prepend statement, 92–94:presence validation, 38presence validation, for email field, 129<pre> tags, for debug helper output, 196pretty-printing
JSON data, 212–213in Ruby, 245
printing Ruby code, 203print messages, by log levels, 198privileges, of users, 164production environment
asset precompilation, 178–179default log level, 197–198
production.rb file, 23programmer, ERB comments for notes, 59prompt, 4
return to working, 4protect_from_forgery method, 171, 221–222public/assets directory, 178public directory, 24public key, 81pull command (Git), 80pulling changes to server, 76push command (Git), 80, 83pushing changes to server, 76push method, 95put method, 150puts method, 4put_via_redirect method, 152
QQueries, N + 1, 182–183query_by_attribute method, 102–103
question mark (?), at end of method name, 7
quit command (IRB), 4quotation marks, for strings, 6
RRails, 19
architecture, 22–23commands, 25–26confirming install, 19installing, xxi–xxiii, 230principles, 21–22scaffolding, 27–28testing in, 142–148
rails_12factor gem, for Heroku, 82Rails application
assets in, 65first, 20–21modules in, 89structure, 23–25
Rails.application.config.assets.paths setting, 177
Rails.cache.fetch method, 187, 188rails command, 26Rails console
launching, 247starting, 30
Rails counter cache, 189Rails development environment,
preparing, 142rails generate command, 28Rails generator, 37
for controller for comments, 54new post form from, 69–70
Rails logger, 197–199levels, 197–198
rails new command, 26, 244directory structure created by, 23
rails scaffold command, 245rails server command, 20, 72rake command, 24, 27, 36
to precompile assets, 178rake db:migrate command, 83random-number generator, 217read-eval-print loop (REPL), 4read operation, 32–33ready function (jQuery), 180records
adding to database, 31counting, 35deleting, 33–34updating, 33
red-green-refactor, 154redirect? helper method, 152
Index 269
redirection, vs. rendering view, 50–51redirect_to method, 51refactoring code, 25reflection, 97regular expressions, 103remainder, 5remote add command (Git), 80remote repository, making local copy, 79remove_column method, 37rename_column method, 37render action method, 51render command
for form partial, 158partials and, 67
rendering view, vs. redirection, 50–51repetition, avoiding, 22REPL (read-eval-print loop), 4repository, 75Representational State Transfer (REST),
43–44require directive, 176require_self directive, 66, 176require_tree directive, 176, 177require_tree . statement, 66resource route, 45resources :user sessions statement, 46respond_to :json method, 219respond_to method, 53, 211respond_to? method, 98respond_to_missing? method, 103–104respond_with method, 212REST (Representational State Transfer),
43–44restricted resources, 46return statement, 14reverse of subscription, 116–117robots.txt file, 25root route, 47route for sign-up page, 129routes.rb file, 24routing, 45–48
custom routes, 46root route, 47
Ruby, 3installing, xxi–xxiv, 225–226interactive, 4
Ruby object model, 89, 95–97Ruby on Rails, 19
application server for, 226–227creating directory for, 227–228performance, 175–192resources on, 258
Ruby Toolbox, 258
SSass, 176schema, 36schema_migrations database table, 36schema.rb file, 24screen, output to, 4secret key, for cookies, 234SECRET_KEY_BASE environment variable, 236SecureRandom class, 217secure shell (SSH), authenticating
over, 81security, 163–173
authorization attacks, 163–165cross-site request forgery (CSRF),
170–171cross-site scripting (XSS), 167–169injection attacks, 165–169
seeds.rb file, 24self join associations, 106–107server. See also virtual private servers
error status codes, 208launching, 20
session hash, 150sessions, 132–133set_post method, 48–49setter methods, 16setup method, 147, 149short circuit operators, 10show action, 44, 48, 125show method, 23show page
for comments, 254for post model, 125for users, 154
sign-up form, adding, 130–131sign-up page, adding route for, 129sign-up process, for users, 128–132single inheritance, 17single-table inheritance, 110–111size method, 95sleep method, 190slice, in array, 8Smalltalk, 3snake case, 11snapshot, by Git, 77social networking application, 112–120
comment model, 120data model for, 112 post models, 117–119user model, 112–117
software install, apt-get system for, 225–226
270 Index
spaces between words, 6special characters, in strings, 6SQL
commands, 31examining output, 181–182injection attack, 166–167program optimization and, 180–183
SQLite database, 24square brackets ([ ]), for array, 7SSH (secure shell), authenticating
over, 81stages in Capistrano, for application
deployment, 230staging area, of Git, 77state of application, 22status codes, HTTP, 207–208status command (Git), 78, 79step command (debugger), 203stepping into application, 199strings, 6–7Strong Parameters, 50, 53, 55stylesheet_link_tag method, 65–66submit helper, 72subscription, model to represent, 113subscriptions table, 114Subversion, 76sum method, 35symbols, 7
Ttabs, in strings, 6tasks directory, 24TDD (test-driven development), 25
adding features with, 154–161teardown method, 147templates, in ERB, 58test case, 143test directory, 25
controllers/posts_controller_test.rb file, 152
controllers/text_posts_controller_test.rb file, 157–158, 159
controllers/users_controller_test.rb file, 151, 154–155
fixtures/posts.yml file, 145–146fixtures/users.yml file, 144integration/user_flow_test.rb file, 153models/user_test.rb file, 142–143, 145test_helper.rb script, 25
test-driven development (TDD), 25adding features with, 154–161
testing, 141–162API with Curl, 212associations, 115–116
controllers, 150–152data, 39helpers, 47integration, 152–154models, 148–149in Rails, 142–148using fixtures, 144–146
test log, 145test.rb file, 23text field, helper for creating, 71–72text post
button for creating new, 159edit view for, 165update method for, 164–165
TextPost
creating posts of, 157–161fixture files for, 145–146validation test, 149
TextPost partialconditional statement for Edit button,
191–192link to edit section, 165
text post partial, editing, 248text_post_params method, 159, 220therubyracer gem, 230timeline, for home page, 137timeline_user_ids method, 137tmp directory, 25token-based authentication, 209, 216–222tokens
for current session, 66generating, 216–218for request authentication, 218–219
Torvalds, Linus, 76touch option, for associations, 189touch tmp/restart.txt command, 233t.references :author statement, 108–109Tumblr, 112turbolinks, 179–180
UUbuntu Linux 14.04 LTS, 224Ubuntu Linux setup, 225–230underscore (_), in partial names, 67undisplay command (debugger), 203:uniqueness validation, 38uniqueness validation, for email field, 129unique words, 18unit tests, 148unless statement, 12update action, 44update method, 33, 51, 53
for text posts, 164–165
Index 271
updated_at field, 28updating records, 33URL helpers, 47, 59–60URLs
and mapping actions to verbs, 45validation, 118
User associations, 114User.authenticate method, vulnerability to
SQL injection, 166User class, creating instance of, 246user fixtures, 144–145user_id in session, storing, 132–133user interface. See viewsuser model
api_token string, 216for social networking application,
112–117user:references option, 118users
action for creating new, 129–130authentication of, 136–137privileges of, 164sign-up process, 128–132
Vvalidation, 38–39
adding to app/models/comment.rb file, 241
adding to model, 118valid? method, 39valid user, 143values method, 9values of object, displaying, 198var command (debugger), 202variables, 10–11
examining values, 202initiating only if nil, 10
var instance command, 202VCS (version control system), 75vendor/assets directory, 177vendor directory, 25version control system (VCS), 75vertical pipe (|), 13views, 22, 57–74
caching parts of, 189layouts, 64–67
view templates, creating, 125virtual host, 236–237virtual private servers, 224–230
Amazon AWS setup, 224–225Ubuntu Linux setup, 225–230
Wweb APIs, 205–222web browser, JSON output on, 213weblog, creating, 20web pages
elements, 64title of, 258
WEBrick server, 20web servers, 226–228where method, 32–33, 103will_paginate gem, 184--without production option, for
bundler, 231words, counting in file, 18write_with_time method, 99
XXML, 22, 51X-RateLimit-Limit, for GitHub API
requests, 209XSS (cross-site scripting), 167–169
YYAML, 144, 196
dashes and dots for start and end, 197yield statement, 67, 124
Zzero index, for array, 8