Ruby on Rails Love-In

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Ruby on Rails Love-In

«‹›178 »

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

I never really realized how big security risk file uploads are. MIME type sniffing, arbitrary Content-Type, Content-Disposition: inline and the like make it almost impossible to make serving user-uploaded files secure in a cross-browser manner unless you're extremely careful. Especially if you're serving the files from the same domain.

Smol fucked around with this message at 15:37 on May 24, 2013

# ? May 24, 2013 15:31

Adbot: ADBOT LOVES YOU

# ? May 15, 2024 14:25

A MIRACLE: Sep 17, 2007; All right. It's Saturday night; I have no date, a two-liter bottle of Shasta and my all-Rush mix-tape... Let's rock.

What does `|=` actually do in ruby? I can't find any info on it other than that it's an operator, and performs assignment.

# ? May 24, 2013 16:07

manero: Jan 30, 2006

A MIRACLE posted:

What does `|=` actually do in ruby? I can't find any info on it other than that it's an operator, and performs assignment.

It's actually '||=', and it's the conditional assignment operator - you commonly see it in lazy computation of values:

code:

def foo
  @foo ||= compute_foo
end

def compute_foo
  # do something here
end

If @foo is set, then it just returns it. Otherwise, if it's nil, it will be set to the value that compute_foo returns, and that value will be returned. It's pretty useful!

# ? May 24, 2013 16:12

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

Assuming that you mean '||=', 'x ||= y' is equivalent to 'x || x = y'.

# ? May 24, 2013 16:17

A MIRACLE: Sep 17, 2007; All right. It's Saturday night; I have no date, a two-liter bottle of Shasta and my all-Rush mix-tape... Let's rock.

No, I literally mean the `|=' operator. My friend asked me about it and I didn't know what to tell him.

http://www.tutorialspoint.com/ruby/ruby_operators.htm
They list it at the bottom along with some others I've never seen or used before.

e: looks like some combination of bitwise OR with assignment.

A MIRACLE fucked around with this message at 16:35 on May 24, 2013

# ? May 24, 2013 16:32

Obsurveyor: Jan 10, 2003

A MIRACLE posted:

No, I literally mean the `|=' operator. My friend asked me about it and I didn't know what to tell him.

http://www.tutorialspoint.com/ruby/ruby_operators.htm
They list it at the bottom along with some others I've never seen or used before.

e: looks like some combination of bitwise OR with assignment.

It's the same as writing:

code:

# setup
f = 1

f = f | 2

# f now equals 3

code:

1.9.3p392 :005 > f = 1
 => 1
1.9.3p392 :006 > f |= 2
 => 3
1.9.3p392 :007 > f
 => 3
1.9.3p392 :008 > f = 1
 => 1
1.9.3p392 :009 > f = f | 2
 => 3
1.9.3p392 :010 > f
 => 3

# ? May 24, 2013 17:56

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

More generally, writing an expression like 'x op= y' is equal to 'x = (x op y)', except in the case of conditional operator assignment (||= and &&=), where it means 'x op (x = y)'. The difference is small, but in practice it means that the left-hand side (x in my examples) isn't necessarily assigned to at all.

Smol fucked around with this message at 18:29 on May 24, 2013

# ? May 24, 2013 18:24

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

Smol posted:

I never really realized how big security risk file uploads are. MIME type sniffing, arbitrary Content-Type, Content-Disposition: inline and the like make it almost impossible to make serving user-uploaded files secure in a cross-browser manner unless you're extremely careful. Especially if you're serving the files from the same domain.

Fortunately you can use carrierwave or paperclip to do the hard parts, and if you use S3 instead of the same domain it'll even work well on Heroku.

# ? May 24, 2013 18:56

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

Cocoa Crispies posted:

Fortunately you can use carrierwave or paperclip to do the hard parts, and if you use S3 instead of the same domain it'll even work well on Heroku.

I wish that was that simple. Paperclip has some options to enhance security, but they're not enough. For example, if you allow the users to determine the file extension and display the attachments inline, IE8 users (not sure about IE9+) are open for XSS injection. If the following file served with 'Content-Type: application/pdf' and 'Content-Disposition: inline; filename="originalfilename.html"', IE8 will sniff that it's actually a HTML file, allowing for easy XSS attacks against the careless user who clicks 'Open'. You can even throw a fake PDF header like "%PDF1.3" in the beginning of the file to thwart most MIME type sniffers, while IE will still happily interpret it as a HTML file.

Fortunately IE8+ doesn't upsniff anything served with a image/foo Content-Type, but e.g. application/pdf still works.

code:

<html><body><script>alert('XSS')</script></body></html>

Smol fucked around with this message at 19:38 on May 24, 2013

# ? May 24, 2013 19:36

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

Smol posted:

I wish that was that simple. Paperclip has some options to enhance security, but they're not enough. For example, if you allow the users to determine the file extension and display the attachments inline, IE8 users (not sure about IE9+) are open for XSS injection. If the following file served with 'Content-Type: application/pdf' and 'Content-Disposition: inline; filename="originalfilename.html"', IE8 will sniff that it's actually a HTML file, allowing for easy XSS attacks against the careless user who clicks 'Open'. You can even throw a fake PDF header like "%PDF1.3" in the beginning of the file to thwart most MIME type sniffers, while IE will still happily interpret it as a HTML file.

Fortunately IE8+ doesn't upsniff anything served with a image/foo Content-Type, but e.g. application/pdf still works.
code:
<html><body><script>alert('XSS')</script></body></html>

Putting them on a different domain solves XSS; it's why GitHub moved Pages to github.io, why Dropbox has unprocessed file downloads on dropboxusercontent.com, etc.

Don't let users upload and thumbnail EPS files either.

# ? May 24, 2013 20:05

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

Yep, it's that hard. Makes authenticated downloads quite tricky.

# ? May 25, 2013 01:43

prom candy: Dec 16, 2005; Only I may dance

Can you use send_file for authenticated downloads?

# ? May 25, 2013 07:21

Lexicon: Jul 29, 2003; I had a beer with Stephen Harper once and now I like him.

Can someone point me towards a good overview of the threading model for rails web apps? I'm slightly embarrassed to admit I don't really know how the architecture is set up to deal with concurrent users on an rails app (the ruby side of things that is, not the database).

# ? May 31, 2013 17:07

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

Lexicon posted:

Can someone point me towards a good overview of the threading model for rails web apps? I'm slightly embarrassed to admit I don't really know how the architecture is set up to deal with concurrent users on an rails app (the ruby side of things that is, not the database).

It depends on the app server you use, and if your Rails stack is loading Rack::Lock.

The long version is Unicorn uses multiple UNIX processes to handle parallel requests, Rainbows handles multiple requests in a single process with a variety of configurable techniques, Passenger uses multiple processes, Puma uses threads, and if you're using Webrick in production kill yourself.

# ? May 31, 2013 21:11

KoRMaK: Jul 31, 2012

Cocoa Crispies posted:

It depends on the app server you use, and if your Rails stack is loading Rack::Lock.

The long version is Unicorn uses multiple UNIX processes to handle parallel requests, Rainbows handles multiple requests in a single process with a variety of configurable techniques, Passenger uses multiple processes, Puma uses threads, and if you're using Webrick in production kill yourself.

I can't tell if you are being serious or not. Those names.

# ? May 31, 2013 21:16

Pardot: Jul 25, 2001

I thought ranbows was just unicorn with buffering

# ? May 31, 2013 22:06

Molten Llama: Sep 20, 2006

What the hell is Rainbows?

I think you're thinking of Rainbows!.

# ? May 31, 2013 22:45

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

Pardot posted:

I thought ranbows was just unicorn with buffering

"Combines heavyweight concurrency (worker processes) with lightweight concurrency (Events/Fibers/Actors/Threads), allowing CPU/memory/disk to be scaled independently of client connections. More concurrency models (listed in the TODO) will be supported as we find time for them."

It's not as bad in modern Ruby, but the GC in older Rubies meant that forked processes were more RAM-hungry than they should be in a copy-on-write environment like modern UNIX. Rainbows needs to fork less than Unicorn to handle the same number of clients; the downside is your app has to be threadsafe. I've used it to perform encryption and accounting on uploads between clients and Riak CS, while other parts of the service ran on separate Unicorn machines.

Molten Llama posted:

What the hell is Rainbows?

I think you're thinking of Rainbows!.

I don't negotiate with terrorists and I don't engage in typographic fuckery for the sake of branding.

# ? Jun 1, 2013 05:26

prom candy: Dec 16, 2005; Only I may dance

I'm having some trouble with Passenger and my Googling doesn't seem to be fixing it. Recently I tried to upgrade from 3.0.7 to 3.0.19 on our main servers and I was met with the lovely Red Hat Linux Apache Test Default Page thingy. I immediately downgraded to 3.0.7 and have given up on that.

Today I tried to upgrade from 2.2.8 to 3.0.7 (thinking that 3.0.7 was a version that would work for me) and I ran into the same problem. Again I had to immediately downgrade back to the working version as this brought down some production sites.

Does anyone have any insight into why this might be happening?

# ? Jun 4, 2013 04:25

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

So what did you do, exactly? Ran passenger-install-apache2-module, copy-pasted the new configuration and restarted apache?

Anyhow, apache's error logs will likely tell you something.

# ? Jun 4, 2013 06:48

prom candy: Dec 16, 2005; Only I may dance

That's what I did yeah. Apache's error logs didn't say much but I didn't have a ton of time to test it out. Guess i'll have to try it again tonight while tailing the logs. Doesn't help that I'm behind a load balancer that won't let me connect directly to either server, so I have to do everything twice.

# ? Jun 4, 2013 15:41

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

If you're editing on the server, use curl to test it so you don't have to deal with a balancer.

Last time I set up Apache I edited a config file that wasn't being included or loaded, so double-check that. Make a very obvious syntax error and see if apachectl -t whines about it, and make sure the vhost is being set up right with apachectl -S.

# ? Jun 4, 2013 16:42

Obsurveyor: Jan 10, 2003

You need something like all this:

code:

LoadModule passenger_module /home/ruby/.rvm/gems/ruby-1.9.3-p392/gems/passenger-3.0.19/ext/apache2/mod_passenger.so

PassengerRoot /home/ruby/.rvm/gems/ruby-1.9.3-p392/gems/passenger-3.0.19
PassengerRuby /home/ruby/.rvm/wrappers/ruby-1.9.3-p392/ruby

in your Apache config. Every time Passenger's version number changes, you have to update it(I hate this).

# ? Jun 4, 2013 18:51

Smarmy Coworker: May 10, 2008; by XyloJW

I like Ruby. It's pretty cool. I'm pretty new to Rails, though, and I'm trying to do a thing that I can't figure out.

I want to be able to input some values in a form, and use those fields/values for HTTP GET requests to some other website's API, then display whatever comes back on the page. The part I'm having trouble with is I don't really understand how forms even work!!

I'm reading guides.rubyonrails.org stuff and thinking that I want to be using ActiveRecord callbacks but if someone could clearly describe to me how this stuff works on a fundamental level I would appreciate it.

# ? Jun 5, 2013 15:41

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

ARACHNOTRON posted:

I like Ruby. It's pretty cool. I'm pretty new to Rails, though, and I'm trying to do a thing that I can't figure out.

I want to be able to input some values in a form, and use those fields/values for HTTP GET requests to some other website's API, then display whatever comes back on the page. The part I'm having trouble with is I don't really understand how forms even work!!

I'm reading guides.rubyonrails.org stuff and thinking that I want to be using ActiveRecord callbacks but if someone could clearly describe to me how this stuff works on a fundamental level I would appreciate it.

Form GET and POST elements come in on the params hash. Use the appropriate part of that hash to initialize a model that encapsulates the external API request. Models don't have to be ActiveRecord, you don't have to use form_for (you can just use form_tag), and shipping software counts for more than the perfect little object hierarchy.

# ? Jun 5, 2013 19:01

KoRMaK: Jul 31, 2012

I'm confused. Use Jquery's ajax or better yet add :remote => true to your form and allow the controller to respond to js requests.

# ? Jun 6, 2013 01:47

Smarmy Coworker: May 10, 2008; by XyloJW

Cocoa Crispies posted:

Form GET and POST elements come in on the params hash. Use the appropriate part of that hash to initialize a model that encapsulates the external API request. Models don't have to be ActiveRecord, you don't have to use form_for (you can just use form_tag), and shipping software counts for more than the perfect little object hierarchy.

Thanks for the more concise explanation. I looked into it a little more and wrote up this quickly:

code:

<%= form_tag("http://www.zillow.com/webservice/GetSearchResults.htm", :method => "get") do %>
  <%= label_tag(:'zws-id', "zws-id:") %>
  <%= text_field_tag(:'zws-id') %> <br />
  <%= label_tag(:address, "address:") %>
  <%= text_field_tag(:address) %> <br />
  <%= label_tag(:citystatezip, "city state zip:") %>
  <%= text_field_tag(:citystatezip) %> <br />
  <%= submit_tag("Search") %>
<% end %>

I haven't built up a model or controller for the form yet so I can't process the data and display it but it will take me to the page for the search results at least. I'll read up more on how MVC works for Rails applications.

# ? Jun 6, 2013 16:10

raej: Sep 25, 2003; "Being drunk is the worst feeling of all. Except for all those other feelings."

I'm creating a model method for a user to check if they have a certain relationship based on criteria given.

For example:

code:

def cellaring?(beer, year, size)
    cellared_beers.where(:beer_id=>beer.id).where(:year=>year).where(:size=>size)
  end

Checks if a user has a beer in their cellar with a particular year and size. If there are no matches, it returns Nil. If there is a match, I get something like

=> [#<CellaredBeer id: 143, user_id: 1, beer_id: 1, created_at: "2013-05-23 20:33:51", updated_at: "2013-05-23 20:33:51", year: 2013, size: "750mL", qty: 1>]

The idea is to be able to use this function when someone adds a beer to either update the quantity, or create a new relationship if there is no match.

code:

Cellar (beer, year, size, qty)
If current_user.cellaring? is null
  cellared_beers.create!(beer_id: beer.id, year: year, size: size, qty: qty)
Else
  matched_cellared_beer.qty + qty
  save

The problem I'm running into is the second part. How do I update the qty column on an existing cellared_beer easily?

# ? Jun 6, 2013 20:36

Into The Mild: Mar 4, 2003

I'm trying to make a button to get a user to follow an item using the Socialization gem

https://github.com/cmer/socialization

The markup in the documentation in ruby is

code:

user.follow!(item)

so, in rails console, i can make it work with

code:

user = User.first
item = Item.first

That works fine, however in my view, I want a button to trigger this action.

I'm using in my item#show view

code:

<%= form_for(followitem(follow: @item)) do |f| %>
  <div><%= f.hidden_field :follow %></div>
  <%= f.submit "Follow", class: "btn btn-large btn-primary" %>
<% end %>

and in my item_helper.rb

code:

def followitem(it)
   current_user.follow!(it)
end

Now I'm getting an error back saying that the item is not followable.... Anyone know what I'm doing wrong?

# ? Jun 6, 2013 20:57

prom candy: Dec 16, 2005; Only I may dance

raej posted:

I'm creating a model method for a user to check if they have a certain relationship based on criteria given.

For example:
code:
def cellaring?(beer, year, size)
    cellared_beers.where(:beer_id=>beer.id).where(:year=>year).where(:size=>size)
  end
Checks if a user has a beer in their cellar with a particular year and size. If there are no matches, it returns Nil. If there is a match, I get something like

=> [#<CellaredBeer id: 143, user_id: 1, beer_id: 1, created_at: "2013-05-23 20:33:51", updated_at: "2013-05-23 20:33:51", year: 2013, size: "750mL", qty: 1>]

The idea is to be able to use this function when someone adds a beer to either update the quantity, or create a new relationship if there is no match.
code:
Cellar (beer, year, size, qty)
If current_user.cellaring? is null
  cellared_beers.create!(beer_id: beer.id, year: year, size: size, qty: qty)
Else
  matched_cellared_beer.qty + qty
  save
The problem I'm running into is the second part. How do I update the qty column on an existing cellared_beer easily?

Try this:

code:

cb = current_user.cellared_beers.where(:beer_id=>beer.id, :year=>year, :size=>size).first_or_initialize
cb.qty += qty
cb.save

first_or_initialize returns either the first object that matches or it creates a new one with those settings.

# ? Jun 7, 2013 17:10

raej: Sep 25, 2003; "Being drunk is the worst feeling of all. Except for all those other feelings."

prom candy posted:

Try this:
code:
cb = current_user.cellared_beers.where(:beer_id=>beer.id, :year=>year, :size=>size).first_or_initialize
cb.qty += qty
cb.save
first_or_initialize returns either the first object that matches or it creates a new one with those settings.

EDIT: Upon further testing, it seems to not like it only when qty is nil. If I set cb.qty to a number, += works as it should.

code:

def cellar!(beer, year, size, qty)
    cb = cellared_beers.where(:beer_id=>beer.id, :year=>year, :size=>size).first_or_initialize
    if cb.qty.to_s.empty?
      cb.qty = qty
    else
      cb.qty += qty
    end
    cb.save
  end

In console when I do user = User.first and beer = Beer.first and do a user.cellar!(beer, 2012, "12oz", 5) the functionality is working and I see it either creating a new cellared beer entry with the correct quantity, or updating a matching one. However, when I do a user.cellared_beers right after, I don't see the added or updated cellared_beer.

What am I missing?

Also how, would I call the cellar! function on a beer view with a form?

raej fucked around with this message at 17:56 on Jun 7, 2013

# ? Jun 7, 2013 17:25

UxP: Aug 27, 2007

Mr Man posted:

code:
<%= form_for(followitem(follow: @item)) do |f| %>
  <div><%= f.hidden_field :follow %></div>
  <%= f.submit "Follow", class: "btn btn-large btn-primary" %>
<% end %>
and in my item_helper.rb
code:
def followitem(it)
   current_user.follow!(it)
end
Now I'm getting an error back saying that the item is not followable.... Anyone know what I'm doing wrong?

First off, your form isn't set up right. You're trying to pass in the followitem method as the object you're building a form for, and you're passing in a hash to the followitem method when it's expecting an object marked as 'acts_as_followable' or some poo poo. Take a step back and think about what you're actually trying to do.

Here's two simple rules:

1) you cant pass an object from the client to the server, you can only pass representations and identifiers of that object.
2) you can't run ruby code on the client.

So, this means you need to set up a link that POSTs back an ID of an Item object of which the current user is wanting to follow. Whether you do that by a form and hidden ID, or a simple `link_to "Follow!", follow_item_path(item), :method => :post` with a constrained route is up to you (eg, '/users/4/follow/8'). The goal of this is to just pass the ID of the Item object. Nothing more. Then, in your controller, you need to search for the item with the ID you passed in from the client, and then call the current_user.follow!(item) method using the object you found through ActiveRecord.

This is a good candidate for an Ajax request, which it seems like you're trying to do, but before you even think about that get it working with plain old http request/response.

# ? Jun 7, 2013 17:59

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

UxP posted:

you cant pass an object from the client to the server, you can only pass representations and identifiers of that object.

you can't run ruby code on the client.

before you even think about [AJAX] get it working with plain old http request/response

These are good rules to program by.

Additionally:

Helpers: generate a piece of html for part of a thing (a link as part of an object, a css class for an object, a form field)
Partials: generate a piece of html for an entire semi-complicated thing (a form, a complicated object representation)
Views: generate html for a single screen

Controllers: invoke a model method or two, turn models into view-ready representations

Models: the actual business logic, including finding stuff for complicated controllers, coordinating activities between multiple materialized models, validating form inputs, etc.

# ? Jun 7, 2013 19:28

prom candy: Dec 16, 2005; Only I may dance

raej posted:

EDIT: Upon further testing, it seems to not like it only when qty is nil. If I set cb.qty to a number, += works as it should.
code:
def cellar!(beer, year, size, qty)
    cb = cellared_beers.where(:beer_id=>beer.id, :year=>year, :size=>size).first_or_initialize
    if cb.qty.to_s.empty?
      cb.qty = qty
    else
      cb.qty += qty
    end
    cb.save
  end
In console when I do user = User.first and beer = Beer.first and do a user.cellar!(beer, 2012, "12oz", 5) the functionality is working and I see it either creating a new cellared beer entry with the correct quantity, or updating a matching one. However, when I do a user.cellared_beers right after, I don't see the added or updated cellared_beer.

What am I missing?

Also how, would I call the cellar! function on a beer view with a form?

Are you sure your cellar method is saving the user_id? Try rewriting your code like this. Note that I got rid of that nasty condition for you

code:

def cellar!(beer, year, size, qty)
    cb = cellared_beers.where(:beer_id=>beer.id, :year=>year, :size=>size).first_or_initialize(:user => self)
    cb.qty = cb.qty.to_i + qty
    cb.save
  end

As far as calling cellar! from a form, I'm not sure what exactly you're trying to do. You're basically asking how to build a front-end for this functionality? At that point it might be useful to ask if this code even really belongs in the User model at all. Should the class that's concerned with persisting and authorizing a user really also be responsible for cellaring beers? Maybe the whole thing belongs in a new class.

code:

# Model
class BeerBuyer
  attr_accessor :user, :year, :size, :qty, :beer_id
  
  def initialize(opts = {})
    @user    = opts[:user]
    @beer_id = opts[:beer_id]
    @year    = opts[:year]
    @size    = opts[:size]
  end

  def cellar!(qty)
    cellared_beer.qty = cellared_beer.qty.to_i + qty
    cellared_beer.save! # Calling with a bang will raise validation errors as real errors
  end

  private
    def cellared_beer
      @cellared_beer ||= user.cellared_beers.where(:beer_id => beer_id, :year =>year, :size => size).first_or_initialize(:user => user)
    end
end

# Controller
class BeerBuyersController < ApplicationController
  def new
    @beer_buyer = BeerBuyer.new
  end

  def create
    @beer_buyer = BeerBuyer.new(params[:beer_buyer].merge(:user => current_user))
    @beer_buyer.cellar!(params[:qty])
    redirect_to :whatever
  end
end

# Routes
resources :beer_buyers, :only => [:new, :create]

# Form
= form_for @beer_buyer do |f|
  = f.text_field :year
  = f.text_field :size
  = f.text_field :qty
  = f.submit

At first glance this seems like a hell of a lot more code but what you get is a self contained class with one simple responsibility and a RESTful interface to it. Doing it this way makes it far, far easier to test as well as you can load up and test the BeerBuyer functionality without having to load (or mock) everything that the User class requires, which I imagine is quite a bit. You also don't have to pollute your user or beer controllers with non-RESTful actions.

prom candy fucked around with this message at 19:44 on Jun 7, 2013

# ? Jun 7, 2013 19:41

Into The Mild: Mar 4, 2003

UxP posted:

First off, your form isn't set up right. You're trying to pass in the followitem method as the object you're building a form for, and you're passing in a hash to the followitem method when it's expecting an object marked as 'acts_as_followable' or some poo poo. Take a step back and think about what you're actually trying to do.

Here's two simple rules:

1) you cant pass an object from the client to the server, you can only pass representations and identifiers of that object.
2) you can't run ruby code on the client.

So, this means you need to set up a link that POSTs back an ID of an Item object of which the current user is wanting to follow. Whether you do that by a form and hidden ID, or a simple `link_to "Follow!", follow_item_path(item), :method => :post` with a constrained route is up to you (eg, '/users/4/follow/8'). The goal of this is to just pass the ID of the Item object. Nothing more. Then, in your controller, you need to search for the item with the ID you passed in from the client, and then call the current_user.follow!(item) method using the object you found through ActiveRecord.

This is a good candidate for an Ajax request, which it seems like you're trying to do, but before you even think about that get it working with plain old http request/response.

yeah I want to eventually use this in an Ajax request.. I'm just trying to get a simple http request/response running first

# ? Jun 7, 2013 20:18

DreadCthulhu: Sep 17, 2008; What the fuck is up, Denny's?!

Has anybody here ever tried using all sorts of different SQL constraints on one's schema instead of going the traditional route of letting the model logic try its best to preserve integrity? Has this turned out ok in the end, or did you regret it?

# ? Jun 7, 2013 21:01

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

DreadCthulhu posted:

Has anybody here ever tried using all sorts of different SQL constraints on one's schema instead of going the traditional route of letting the model logic try its best to preserve integrity? Has this turned out ok in the end, or did you regret it?

The only problem with this approach is that you'll get a generic ActiveRecord::StatementInvalid for just about any error in the database. So if you have multiple ways of something going wrong, parsing those exception messages isn't very a robust way to detect the problem.

# ? Jun 7, 2013 21:59

DreadCthulhu: Sep 17, 2008; What the fuck is up, Denny's?!

Smol posted:

The only problem with this approach is that you'll get a generic ActiveRecord::StatementInvalid for just about any error in the database. So if you have multiple ways of something going wrong, parsing those exception messages isn't very a robust way to detect the problem.

Let's say I'm not using ActiveRecord at all but rolling my own statements in a data access layer somewhere.

# ? Jun 7, 2013 22:01

Cocoa Crispies: Jul 20, 2001; Vehicular Manslaughter!; Pillbug

DreadCthulhu posted:

Let's say I'm not using ActiveRecord at all but rolling my own statements in a data access layer somewhere.

Then you can do whatever. ActiveRecord is there to make working with relational databases easy, not possible; that's the job of the `pg` gem.

# ? Jun 8, 2013 02:47

Adbot: ADBOT LOVES YOU

# ? May 15, 2024 14:25

The_Sinful_Youth: Feb 12, 2006; I may wear fancy shirts and rub hot sauce on my nipples to please men, but I am not gay!

I'm building a Google Analytics clone http://easy-analytics.herokuapp.com/ and could use some advice on a fairly complicated thing I'm working on. Essentially, I have Websites which have many Visitors and then many Visitor Sessions and Pageviews through Visitors.

I'm currently working on making a delayed job where I grab all of the data created/updated in hour long blocks and run all of the calculations needed for that hour. That way, then a user checks their analytics, I'll only need to add up hourly stats rather than each individual model. My main issue right now is figuring out how to pull all of the data from the server correctly.

This is my current code:

code:

 data = Website.includes(:pageviews, visitors: [:visitor_sessions], visitor_sessions: [:pageviews]).find(self.id)

Ideally I need to include some sort of where clause like this (but for each of the things I'm including:

code:

.where(created_at: start_date..end_date)

Does anyone have a good idea how to do this.

My other question is about delayed job itself. Is it possible to get these to work on Heroku without going with their paid plan? Any gem I should look into for doing this?

Thank you!

# ? Jun 9, 2013 07:42

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Ruby on Rails Love-In

«‹›178 »