Rails scaffold data types
Contact me at LinkedIn  RailsZilla at Facebook  RailsZilla at twitter   google +1  Contact me at Xing  connect me at github

Rails scaffold data types

Posted in Rails

If you work with a scaffold it can happen to anybody to forget the datatypes. Here is a cheat sheet for all the Rails 4 (ActiveRecord migration) datatypes at a glance: 12345678910111213    :binary     :boolean     :date     :datetime     :decimal     :float     :integer     :primary_key […]

Ruby on Rails Database Indexes

Posted in Rails

Handy hint for better database performance in Ruby on Rails: Always add DB index in your Migration! By default, rails does not add indexes automatically for foreign key, you should add indexes by yourself. If you want to speed up your performance, I suggest to add an index for – foreign key – columns that […]

Tags: , , , , , ,

Generate polymorphic URL in Rails

Posted in Rails

In this example, I want to explain a best practice for Polymorphic URLs in Rails. I will show really bad things here as an illustrative example. Don’t worry, we will refactor the code later ;-) Let us assume that we have three models, Post, News and Comment. In most cases, a post has many comments […]

Tags: , , ,

ActiveAdmin with http authentication

Posted in Rails

Ever asked yourself how to use HTTP Basic authentication with ActiveAdmin? There are several reasons to use HTTP Basic authentication for your backend. I needed a solution which can be recycled wherever I need a HTTP Basic authentication. I only wanted a central place for User and Password and I wanted just one call wherever […]

Tags: , , , , , ,

Why the Rails default_scope is a bad thing

Posted in Rails

Activerecord provides default_scope to set a default scope for all operations on the model. I was never a friend of using default_scope, even when many friends used it in their projects. At the first look, it looks convenient but will lead to a headache very soon. We should avoid using it and here is why: […]

Tags: ,

Ruby on Rails Security Checklist

Posted in Rails

When ever we create a project, the same issue is our pain in the ass … I talk about Security which is somehow dull and seems to be boring. I have done a simple checklist for a quick review of your code, which is divided in three simple steps: model, view and of course controller. […]

Tags: , , ,

Rails Security – Clickjacking

Posted in Rails

Note: This exploit is fixed in Rails 4 Our exploit today is clickjacking which is also called “UI redress attacks”. With clickjacking you can take an unexpected action for your victim by rendering the target site in an invisible frame. As an example, an attacker may trick users into taking undesired actions like making a […]

Tags: , , , ,

Security issue – symbol DoS vulnerability in ActiveRecord

Posted in Rails

There is a symbol DoS vulnerability in Active Record. When a hash is provided as the find value for a query, the keys of the hash may be converted to symbols. Have a look at this example: 1User.where(:name => { ‘foo’ => ‘bar’ }) When you write this small piece of code, the string ‘foo’ […]

Tags: , , ,

rails – uninitialized constant dashboardcontroller

Posted in Rails

This is a quick hint: If you play with ActiveAdmin and get the error: “uninitialized constant dashboardcontroller” open your routes.rb in your /config-folder. Now look for: 1root :to => ‘your_controller#index’ You have to be sure, that your root definition is before 12devise_for :admin_users, ActiveAdmin::Devise.config   ActiveAdmin.routes(self) So your routes.rb could look like 12345YOUR_APP::Application.routes.draw do   […]

Tags: , ,

Ruby 2.0 encoding is utf-8

Posted in Rails, Ruby

As I wrote in my article about Encoding, Ruby methods dealing with encodings return or accept Encoding instances as arguments (when a method accepts an Encoding instance as an argument, it can be passed an Encoding name or alias instead). Normally, the default script encoding is Encoding::US-ASCII, but it can be changed by a magic […]

Copyright © 2011-2017  - RailsZilla – Ruby on Rails tutorials, tips and tricks All rights reserved. | Imprint | Privacy