|
edit: n/m
|
# ? Mar 28, 2013 04:11 |
|
|
# ? May 15, 2024 11:55 |
|
Was Rails 4.0 delayed by all the security fixes? For some reason I thought it was supposed to be out by now.
|
# ? Mar 28, 2013 04:53 |
|
Sub Par posted:Were I operating in the database, I would just Do the expression index, it's the best solution to your problem. I have raw sql in my migrations all the time cause rails migrations are pretty limiting. You just have to make sure your query also downcases with the same expression and postgres will use the index. I am very interested in understanding why because you're not operating the database you think you can't do this. Is there something we could have improved so you would have just done this right off?
|
# ? Mar 28, 2013 05:06 |
|
Siguy posted:Was Rails 4.0 delayed by all the security fixes? For some reason I thought it was supposed to be out by now. No. It's only been a month and 2 days since beta1 was released. Release candidates will still be some months out.
|
# ? Mar 28, 2013 05:55 |
|
Pardot posted:I am very interested in understanding why because you're not operating the database you think you can't do this. Is there something we could have improved so you would have just done this right off? I'm just very new to rails but 95% of my day job involves writing SQL. As a result, I'm very familiar and comfortable doing things directly in the database. I would like to just be able to (and maybe I can and just don't know?) do code:
And to the other poster who suggested having my users log in with email address, that's what they do. But there are public-facing aspects to the app that need to be attached to a name, and I don't want them to have to expose their email address in that way, thus the username. And it would drive me insane if I signed up as "Sub Par" and the app listed me as "SUB PAR" or "sub par". Sub Par fucked around with this message at 15:49 on Mar 28, 2013 |
# ? Mar 28, 2013 15:30 |
|
Sub Par posted:I'm just very new to rails but 95% of my day job involves writing SQL. As a result, I'm very familiar and comfortable doing things directly in the database. I would like to just be able to (and maybe I can and just don't know?) do Ugh the rails db console. Just use `heroku run pg:psql`. psql is fuckin awesome. If you're new to postgres check out my coworker's post http://www.craigkerstiens.com/2013/02/13/How-I-Work-With-Postgres/ You can change collations on heroku postgres, but I'm not sure if case sensitive is one. You can see collations with \dOS in psql And it's okay to push changes into the database, that's what they're for. I do that poo poo all the time. Postgres is fantastic and limiting yourself to the small bit that rails exposes is criminal.
|
# ? Mar 28, 2013 16:16 |
|
Yeah I've done (limited) work with Postgres in the past and I've been impressed. I'm excited for Rails 4 to directly expose some of the other datatypes. Anyway thanks for all that, it will surely come in handy!
|
# ? Mar 28, 2013 16:19 |
|
You may also want to check out the PG Power gem: https://github.com/TMXCredit/pg_power It adds some of this functionality to migrations in a more migration-y way, along with a bunch of other stuff that is "missing" from Rails migrations.
|
# ? Mar 28, 2013 18:31 |
|
asveepay posted:You may also want to check out the PG Power gem: https://github.com/TMXCredit/pg_power Aat work I'm trying to wrap web views around a legacy PG database with a ton of schemas and this will come in super handy for migrations for test data. This only lets you use schemas in migrations, though; but what's best practice for actually using schemas in ActiveRecord models? I was using code:
|
# ? Mar 28, 2013 19:16 |
|
Speaking of Postgres, be ready to upgrade it next week.
|
# ? Mar 28, 2013 22:36 |
|
Ruby-specific question, not so much Rails. What's my best option as far as running my ruby scripts from (g)vim while I'm editing them? Is alt-tabbing back and forth the best I can do, or is :!ruby % good enough for most people?
|
# ? Mar 28, 2013 22:56 |
|
DreadCthulhu posted:Ruby-specific question, not so much Rails. What's my best option as far as running my ruby scripts from (g)vim while I'm editing them? Is alt-tabbing back and forth the best I can do, or is :!ruby % good enough for most people? If I'm coding in a terminal window, I'll generally suspend vim with Ctrl-Z, run, and then `fg` back into vim. But these days I spend almost all my time in Sublime Text 2, so Cmd-Tab it is.
|
# ? Mar 28, 2013 22:59 |
|
DreadCthulhu posted:Ruby-specific question, not so much Rails. What's my best option as far as running my ruby scripts from (g)vim while I'm editing them? Is alt-tabbing back and forth the best I can do, or is :!ruby % good enough for most people? Map that to <leader>-r
|
# ? Mar 28, 2013 23:21 |
|
DreadCthulhu posted:Ruby-specific question, not so much Rails. What's my best option as far as running my ruby scripts from (g)vim while I'm editing them? Is alt-tabbing back and forth the best I can do, or is :!ruby % good enough for most people? If you want to get fancy use something like guard to trigger execution when you save.
|
# ? Mar 28, 2013 23:27 |
|
Smol posted:Speaking of Postgres, be ready to upgrade it next week. It's been a week since a Rails security patch, I'm sure I'll get to install the updated Postgres along with Rails 3.2.14
|
# ? Mar 29, 2013 01:13 |
|
kitten smoothie posted:This only lets you use schemas in migrations, though; but what's best practice for actually using schemas in ActiveRecord models? I was using This is how we do it at work, I'm not sure there's another option really.
|
# ? Mar 29, 2013 16:33 |
|
asveepay posted:This is how we do it at work, I'm not sure there's another option really. What about setting :schema_search_path in config/database.yml? I haven't done much with schemas lately, but the option is there: Rails API posted::schema_search_path - An optional schema search path for the connection given as a string of comma-separated schema names. This is backward-compatible with the :schema_order option. That might be enough to make it work, if everything is in the same schema.
|
# ? Mar 29, 2013 16:48 |
|
This database has the same table name appearing in several of the schemas so setting the search path wouldn't work for me in that instance. I guess self.table_name it is. It works fine but I felt like it's a goofy hack to define it like that. No goofier than the underling database though.
|
# ? Mar 29, 2013 17:04 |
|
DreadCthulhu posted:Ruby-specific question, not so much Rails. What's my best option as far as running my ruby scripts from (g)vim while I'm editing them? Is alt-tabbing back and forth the best I can do, or is :!ruby % good enough for most people? Screen/Tmux. I have 'tail -f log/development.log' in one screen, then vim, then 'rails console'...
|
# ? Mar 29, 2013 19:52 |
|
At the moment I think it has something to do with precompiling the assets. I have dug through the docs & googled it to death, but no solutions yet. Of course on my local machine it works great... I can run rake assets:precompile just fine, and so can heroku if I choose not to do it locally. I just keep getting 404's for my js & css. Could this possibly have something to do with the browser gem? Found the dev article for rails 4 Oh My Science fucked around with this message at 17:56 on Mar 30, 2013 |
# ? Mar 30, 2013 09:40 |
|
I've been working with Rails for a few years now, but up until this point, all my applications have been pretty self-contained. I'm currently writing my first iPhone app and I have a handful of questions about using Rails as an iOS app's back-end. In a nutshell, I'm using a Rails app to save each user's unique device ID (device token) to a Devices table. Then, I use that unique ID to send custom notifications to users' devices via Urban Airship. The notifications are based on what items they've decided to "favorite" inside the iOS app. In my Rails app, I've disabled "protect_from_forgery". That allows the iOS app to transmit data from the user's iPhone to my Rails app via unencrypted POST requests. So a properly constructed URL POSTed by anyone, anywhere can create records in my database -- which I understand is pretty stupid security-wise. I have disabled UPDATE and DESTROY on those requests, so someone can't do something destructive like wipe out my database. And, there is no user-facing way to access all the stored data on my app. If I leave things this way, with data being sent "in the clear" with no authentication, what kinds of problems/security issues does this open me up to? Are there any simple things I can do to make my Rails app somewhat more secure? With this level of basic functionality, do I even need my rails app to be secure? The worst thing someone could do is create bogus records in my database, which I can't think of a way that could be exploited to any worthwhile use. Am I being naive? I'm guessing yes. EDIT: I've set it up this way for two main reasons: 1. simplicity and 2. I don't want iOS users to have to create a login and password to be able to receive notifications on their device -- Kind of like how Google Field Trip works. plasticbugs fucked around with this message at 22:35 on Mar 31, 2013 |
# ? Mar 31, 2013 22:32 |
|
At the very least use https. As a first pass that probably also has security holes, I'd have the app store an api key that is used for authentication. On first use of the ios app, it would see that it doesn't have one and request one from your server, 'creating an account' as it were at that point.
|
# ? Mar 31, 2013 22:42 |
|
Pardot posted:At the very least use https. As a first pass that probably also has security holes, I'd have the app store an api key that is used for authentication. On first use of the ios app, it would see that it doesn't have one and request one from your server, 'creating an account' as it were at that point. I wasn't sure where to begin, but I do now. Thanks for the help. I think this is worth implementing.
|
# ? Apr 1, 2013 02:26 |
|
Pardot posted:At the very least use https. As a first pass that probably also has security holes, I'd have the app store an api key that is used for authentication. On first use of the ios app, it would see that it doesn't have one and request one from your server, 'creating an account' as it were at that point.
|
# ? Apr 1, 2013 04:05 |
|
Misogynist posted:What happens if the device is wiped and loses its API key? You would need a transparent way to reset or redownload the key, which brings you back to square one if you're not using any other authentication factors. The nice thing is, the iOS device has a unique device_token which I can associate with an API key on my server. Correct me if I'm wrong but I should be able to do a quick check to see if the device has a saved API key. If it doesn't, the device can connect to my rails server and transmit its device_token. If the device_token exists in my Rails database, I should be able to respond to the device with the previously generated API key. Do I have that right?
|
# ? Apr 1, 2013 06:45 |
|
Generate a random token on the iOS side, put it in an iCloud key/value, and use that in the Authorization header (think OAuth2) with your rails app. That way if the user ruins their phone or gets an iPad they can still use their same account.
|
# ? Apr 1, 2013 13:20 |
|
Cocoa Crispies posted:Generate a random token on the iOS side, put it in an iCloud key/value, and use that in the Authorization header (think OAuth2) with your rails app. That way if the user ruins their phone or gets an iPad they can still use their same account. This is a great idea.
|
# ? Apr 1, 2013 13:40 |
|
Cocoa Crispies posted:Generate a random token on the iOS side, put it in an iCloud key/value, and use that in the Authorization header (think OAuth2) with your rails app. That way if the user ruins their phone or gets an iPad they can still use their same account. I'm going to put this on my wishlist. I'm still trying to wrap my head around passing tokens and keys back and forth between requests without doing it insecurely. I would use Devise, but I don't think it will allow me to create a login-less authentication system. I may have to write all this backend logic myself, which is a little scary.
|
# ? Apr 3, 2013 00:35 |
|
plasticbugs posted:I've been working with Rails for a few years now, but up until this point, all my applications have been pretty self-contained. I'm currently writing my first iPhone app and I have a handful of questions about using Rails as an iOS app's back-end. You might also want to checkout the Helios project which was released today.
|
# ? Apr 3, 2013 02:51 |
|
Anveo posted:You might also want to checkout the Helios project which was released today. I did see that today on HackerNews and it looks slick! I already have a Rails app that's playing nice with Core Data and handles syncing pretty well. Still, I'm probably going to start another project with Helios to see if I can possibly simplify my life and then maybe adapt my current project based to Helios. Especially considering that my app relies heavily on Urban Airship for notifications based on the user's preferences.
|
# ? Apr 3, 2013 05:47 |
|
Smol posted:Speaking of Postgres, be ready to upgrade it next week. I couldn't say anything until it was publicly released, but it is now, and it's bad, and if you run your own postgres you should update now: http://www.postgresql.org/support/security/faq/2013-04-04/ http://www.postgresql.org/about/news/1456/
|
# ? Apr 4, 2013 17:22 |
|
Ruby code:
edit: Nevermind - calling the block with &my_block, not &:my_block did the job. Lexicon fucked around with this message at 02:10 on Apr 7, 2013 |
# ? Apr 7, 2013 02:03 |
|
Lexicon posted:
I know you figured it out, but the proc passing syntax is something that kinda hung me up for a while, and still catches me off-guard. The only time I can remember seeing `&:symbol` syntax is the Ruby code:
Ruby code:
http://pragdave.pragprog.com/pragdave/2005/11/symbolto_proc.html http://blog.jayfields.com/2007/01/ruby-invoking-method-with.html UxP fucked around with this message at 19:02 on Apr 7, 2013 |
# ? Apr 7, 2013 18:59 |
|
^^^ Thanks for the response. I'm actually really comfortable with the &:method syntax, as I use it all the time with Array#map, etc. The proc / block / lambda distinction has always been a bit tricky for me though... slowly getting closer and closer to fully understanding it I think
|
# ? Apr 8, 2013 00:34 |
|
This is killing me: I have a file upload in a modal that I want to submit via js but once I add the file to the form the form submits as HTML and not js. I've been tryin to find and explanation of what is going on but nothing really explains this process beyond "magic iframe" I've tred watching the form event listeners and I are no change between the modal submitting with or without a file. Can someone point me to a guide or even a debugging tip for how to see what is going on? E: screw it, I'll use someone else solution https://github.com/JangoSteve/remotipart worked in like less than a minute. I guess if I want to know what is going on I can explore its code KoRMaK fucked around with this message at 20:43 on Apr 10, 2013 |
# ? Apr 10, 2013 19:54 |
|
Does anyone have fixtures working with multiple databases? My models, migrations and tests are working great with DbCharmer, but I can't figure out how to pull my fixture data in properly. I'd rather not use a factory/AR-based method of populating my tables, since it's a lot slower than I'd like. Halp?
|
# ? Apr 11, 2013 02:19 |
|
Question #2: When using single-table inheritance, what's the simplest way of shoving all the derived models into a namespace in such a way that ActiveRecord will actually pick them up?
|
# ? Apr 11, 2013 14:15 |
|
STI in rails is setup at the model layer. All you need is a type column on the base class, and that your child model classes actually inherit from the base class (which will inherit from active record).
|
# ? Apr 12, 2013 21:40 |
|
Kallikrates posted:STI in rails is setup at the model layer. All you need is a type column on the base class, and that your child model classes actually inherit from the base class (which will inherit from active record). Record Record::A Record::CNAME Record::TXT ... Each of these has the exact same fields, but I'd like to use different model validations for each record type. With AR's default behavior, I need top-level classes like: Record A CNAME TXT ... or it won't work, because AR doesn't know to prefix the class by default. Is it possible to get it to look in the Record namespace automatically when the Record automatically becomes() a subtype on instantiation? The schema of PowerDNS is such that I'm not able to store the fully-qualified class name in the DB (and I wouldn't want to anyway). Vulture Culture fucked around with this message at 21:57 on Apr 12, 2013 |
# ? Apr 12, 2013 21:52 |
|
|
# ? May 15, 2024 11:55 |
|
Did you put the subclasses to a subfolder e.g. app/models/record/a.rb?
|
# ? Apr 12, 2013 23:30 |