Rails 4 Notes

From Wiki
Revision as of 19:15, 22 January 2015 by Scott (talk | contribs)
Jump to navigation Jump to search

Transition to Production

Secret Key

Not needed for development, but needed for production.

  • run rake secret to create a giant random number
  • add this line to /etc/default/nginx:
export SECRET_KEY_BASE=bcd25705f5c39e...
  • run "chmod 600 /etc/default/nginx" to keep the secret secret.

Compile Assets

You will need to manually compile your assets before going into production: 

rake assets:precompile


Lessons that I've learned before

  • <%= form_for ... %> instead of <% form_for ... %>
  • Chrome won't let you POST a form to local test instance, only GET. Firefox is OK.

New lessons

Routes

Routes need to be explicit (like a white list) to enhance security. 

get 'tasks' => 'task#index'
get 'chart/:server/:type' => 'stat#chart'
get 'tasks/download_request' => 'task#download_request'
post 'tasks/download_request' => 'task#download_request'

Can also use resources.

Strong parameters

Makes Action Controller parameters forbidden to be used in Active Model mass assignment until they have been whitelisted. http://edgeapi.rubyonrails.org/classes/ActionController/StrongParameters.html

jQuery

rails generate jquery:install

asset pipeline

add this to get javascript: 

<%= javascript_include_tag "application" %>

add this to get css: 

<%= stylesheet_link_tag "application" %>

view helpers

View helper functions that return raw html need to add an html_safe to their output. For example: 

def blank
    return "&nbsp;"
end

becomes 

def blank
    return "&nbsp;".html_safe
end
Retrieved from "https://wiki.scott5.org/index.php?title=Rails_4_Notes&oldid=1477"