Rails 4 Notes: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| (8 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
== Transition to Production == | |||
=== Secret Key === | |||
Not needed for development, but needed for production. | |||
* run <code>rake secret</code> to create a giant random number | |||
* add this line to <code>/etc/default/nginx</code>: | |||
<pre> | |||
export SECRET_KEY_BASE=bcd25705f5c39e... | |||
</pre> | |||
* run "<code>chmod 600 /etc/default/nginx</code>" to keep the secret secret. | |||
=== Compile Passenger Native Support === | |||
<pre> | |||
passenger-config build-native-support | |||
</pre> | |||
=== Compile Assets === | |||
You will need to manually compile your assets before going into production: | |||
<pre> | |||
rake assets:precompile | |||
</pre> | |||
== Lessons that I've learned before == | == Lessons that I've learned before == | ||
| Line 10: | Line 32: | ||
<pre> | <pre> | ||
get 'tasks' => 'task#index' | get 'tasks' => 'task#index' | ||
get ' | get 'chart/:server/:type' => 'stat#chart' | ||
get 'tasks/download_request' => 'task#download_request' | get 'tasks/download_request' => 'task#download_request' | ||
post 'tasks/download_request' => 'task#download_request' | post 'tasks/download_request' => 'task#download_request' | ||
</pre> | </pre> | ||
Can also use resources. | |||
=== Strong parameters === | === Strong parameters === | ||
Makes Action Controller parameters forbidden to be used in Active Model mass assignment until they have been whitelisted. | |||
http://edgeapi.rubyonrails.org/classes/ActionController/StrongParameters.html | http://edgeapi.rubyonrails.org/classes/ActionController/StrongParameters.html | ||
| Line 27: | Line 51: | ||
<pre> | <pre> | ||
<%= javascript_include_tag "application" %> | <%= javascript_include_tag "application" %> | ||
</pre> | |||
add this to get css: | |||
<pre> | |||
<%= stylesheet_link_tag "application" %> | |||
</pre> | |||
=== view helpers === | |||
View helper functions that return raw html need to add an <code>html_safe</code> to their output. For example: | |||
<pre> | |||
def blank | |||
return "&nbsp;" | |||
end | |||
</pre> | |||
becomes | |||
<pre> | |||
def blank | |||
return "&nbsp;".html_safe | |||
end | |||
</pre> | </pre> | ||
Latest revision as of 18:05, 3 June 2015
Transition to Production
Secret Key
Not needed for development, but needed for production.
- run
rake secretto create a giant random number - add this line to
/etc/default/nginx:
export SECRET_KEY_BASE=bcd25705f5c39e...
- run "
chmod 600 /etc/default/nginx" to keep the secret secret.
Compile Passenger Native Support
passenger-config build-native-support
Compile Assets
You will need to manually compile your assets before going into production:
rake assets:precompile
Lessons that I've learned before
<%= form_for ... %>instead of<% form_for ... %>- Chrome won't let you POST a form to local test instance, only GET. Firefox is OK.
New lessons
Routes
Routes need to be explicit (like a white list) to enhance security.
get 'tasks' => 'task#index' get 'chart/:server/:type' => 'stat#chart' get 'tasks/download_request' => 'task#download_request' post 'tasks/download_request' => 'task#download_request'
Can also use resources.
Strong parameters
Makes Action Controller parameters forbidden to be used in Active Model mass assignment until they have been whitelisted. http://edgeapi.rubyonrails.org/classes/ActionController/StrongParameters.html
jQuery
rails generate jquery:install
asset pipeline
add this to get javascript:
<%= javascript_include_tag "application" %>
add this to get css:
<%= stylesheet_link_tag "application" %>
view helpers
View helper functions that return raw html need to add an html_safe to their output. For example:
def blank
return " "
end
becomes
def blank
return " ".html_safe
end