175 RSpec in depth [2d]

Built-in matchers

Get an overview of all the matchers that are built into RSpec Archive .

Play with some of these matchers in your MovieDB tests.

The benefits of using better matchers

Which of the following two lines is better? Why?

expect(array).to include(5)
expect(array.include?(5)).to eq(true)

Custom matchers

Write a [custom matcher](https://relishapp.com/rspec/rspec-expectations/docs/custom-matchers/define-a-...

180 Personal productivity [1d]

As developers we are dealing with many tasks every week. We need a system to organize ourselves.


After completing this card you should have:

  • A to-do list that you maintain every day. Many of us use Holly Archive , but a todo.txt on your desktop or any other tool is fine, too.
  • A habit of tracking any incoming task. We can never forget a task that a colleague or customer gives us.
  • A habit of splitting any kind of task or project into actionable first steps.
  • A habit of fully completing tasks to clea...

185 Our process [2d]

makandra's development process

Learn about our process:

The squares represent the state of the story in Pivotal Tracker.

In particular you should understand:

  • Why do we have a process?
  • What is a story?
  • What metrics does our process optimize for?
  • How to divide large requirements into stories. When is a story too small, when is it too large?
  • The lifecycle of a story
  • How to write a story

Story format

186 Linux basics [1d]



Basic commands

Experiment and do something useful with the following commands. You might need to use tldr or Goog...

187 Exception notifications [0.5d]

190 Pagination [0.5d]


  • Understand why we use pagination
  • Understand some pros and cons of replacing pagination with "infinite scrolling"


  • Create 7500 movies in MovieDB (hint: Doing it in a single transaction is much faster). Load the movies index and measure how long it renders.
  • Use the will_paginate gem to add pagination to MovieDB's list of movies. How long does the movies index render now?
  • Inspect the HTML generated by will_paginate. Customize the style so it matches the look of your MovieDB.
  • `tail -f log/develop...

200 Migrations [2d]


205 Basic file uploads and image versions [2d]


  • Learn to treat files as an ActiveRecord attribute type, like :string or :integer



In MovieDB, al...

215 Browser automation with Capybara and Selenium WebDriver [2d]

We use Selenium WebDriver Archive integrated with Cucumber/Capybara for full-stack integration testing.

Try and use it

Your forked MovieDB should already include a feature that uses a real browser. Add the @javascript tag to your other features to test it yourself.

When you run your cucumber feature now with NO_HEADLESS=1 geordi cucumber, you should see a browser opening. Get someone to help you if this does not work.

Some of your features might now fail. You might find solutions below:

Making ...

224 Advanced git [2d]


  • Understand the differences between git diff and git diff --staged (or git diff --cached)
  • Understand the difference between git reset and git reset --hard
  • Use git add -p
  • Use git checkout -p
    • Note you can also rollback partial changes from the line gutter in RubyMine.
  • Use git rebase
  • Use git rebase --onto.
  • Use git rebase -i
    • Understand what it means for pushing to a remote, and for working with your c...

225 Event bubbling and delegation [1.5d]


You have the following HTML structure:

<div class='some-class'>...</div>

<div class='container'>
  <div class='my-target'>...</div>
  <div class='my-target'>...</div>
  <div class='my-target'>...</div>

<div class='other-class'>...</div>

If you want to run Javascript code whenever someone clicks on a <div class='my-target'>...</div>, you can do this in three different ways:

function code(event) {
  alert("Someone clicked on .my-target!");

document.addEventListener('click', function(event) {

230 Unobtrusive JavaScript components [3d]


A common task in web applications is to add client-side JavaScript behavior to existing HTML elements.

For instance, in Working with the DOM you built a movie counter script that's used like this:


<!-- Clicking shows the number of <tr> elements above -->
<button class="movie-counter">Count movies</button>

Your implementation probably looked like this:


235 Cookies and Rails Sessions [1d]


  • What is a Cookie? Google it if you do not know.
  • How are cookies transferred between your browser and the server?
    • Open the development tools in your browser for this page. Can you find the cookies your browser stores for makandracards?
    • In the network tab, can you see how the cookies are transferred to or from the server?
    • Can you log yourself out by manipulating a cookie? Can you log yourself back in?
  • Understand what domains mean to cookies
    • Can cookies be shared between domains?
    • Between subdomains?
  • How...

237 Web application security [4d]

Web security basics

Einf├╝hrung in die Web Security ­čçę­čç¬ Archive provides essentials for the topic of this card.

Read following chapters:

  • (1) Security Principles
  • (3.3) Sessions and Cookies
  • (3.5) Same-Origin-Policy
  • (4.2) Angriffsfl├Ąche / Attack Surface
  • (4.3) Speicherung von Passw├Ârtern
  • (6) Kryptographische Grundlagen
  • (7) Authentifikation
  • (8) Authorization
  • (9) Session Management
    • Ohne (9.4) JSON Web Tokens
  • (10) Federation / Single-Sign on
  • (11) Serverseitige Angriffe
  • (12) Clie...

240 Authentication [3d]

Authentication is all about being able to verify the identity of a user in the context of our application.

While you could roll out a custom authentication solution, this would likely expose you to the various risks of "homegrown crypto". In practice we are using popular authentication libraries like clearance Archive or devise Archive for this task.


  • Read the article [Rails Authentication from Scratch](https://stevepolito.design/blog/rails-authentication-fro...

245 Authorization [2.5d]


Understand how Consul and assignable_values can be used to implement arbitrary authorization systems.

Exercise: Read code

  • In Cards, users can be given deck-specific read/write access. Play around in the cards UI to see that functionality.
  • H...

247 Nested forms [2d]


  • Understand how nested attributes appear in the params.
  • See how the Rails form helpers encode the names of nested inputs.
  • Understand how the record and all of its nested attributes are saved in a transaction. That means the entire structure is saved or not.