Rails has always included a scaffold script that generates a default controller implementation for you. Unfortunately that generated controller is unnecessarily verbose.
When we take over Rails projects from other teams, we often find that controllers are the unloved child, where annoying glue code has been paved over and over again, negotiating between request and model using implicit and convoluted protocols.
We prefer a different approach. We believe that among all the classes in a Rails project, controllers are some of the hardest to test and understand and should receive special care. It is our belief that:
- Controllers should be short and tidy
- Controllers should receive the same amount of programming discipline as any other class
- Controllers should provide the minimum amount of glue to hand over a request to a model
- Unless there are good reasons against it, controllers should be built against a standard, proven implementation blueprint 99% of the time
Standard implementation (no caching)
Below you can find our standard implementation for a controller that CRUDs an ActiveRecord model or ActiveType Show archive.org snapshot form model.
For this example we will be CRUDing the following model:
class Note < ApplicationRecord
  belongs_to :user
  belongs_to :project
end
A typical controller for this Note model would look like this:
class NotesController < ApplicationController
  def show
    load_note
  end
  def index
    load_notes
  end
  def new
    build_note
  end
  def create
    build_note
    if @note.save
      redirect_to @note
    else
      render 'new', status: :unprocessable_entity
    end  
  end
  def edit
    load_note
    build_note
  end
  def update
    load_note
    build_note
    if @note.save
      redirect_to @note
    else
      render 'edit', status: :unprocessable_entity
    end
  end
  def destroy
    load_note    
    @note.destroy!
    redirect_to :notes
  end
  private
  def load_note
    @note ||= note_scope.find(params[:id])
  end
  def build_note
    @note ||= note_scope.build
    @note.attributes = note_params
  end
  def note_params
    params.require(:note).permit(
      :title,
      :text,
      :published,
    )
  rescue ActionController::ParameterMissing  
    {}
  end
  def note_scope
    # Restrict what the user may access by returning a scope with conditions.
    Note.all
  end
  def load_notes
    @notes ||= note_scope
      .strict_loading                 # Raise an error when accessing an association that is not preloaded.
      .preload(:user, :project)       # Preload associations shown on the index.
      .paginate(page: params[:page])  # Indexes should always be paginated.
      .to_a                           # Convert to array to indicate the end of scope chaining.
  end
end
Explanation
Note a couple of things:
- 
Every controller action reads or changes a single model. Even if an update involves multiple models, 
 the job of finding and changing the involved records should be pushed to an orchestrating model.
 You can do this with nested forms Show archive.org snapshot or skip to the chapter where we talk about form models.
- 
The controller actions are delegating most of their work to shared helper methods like #load_noteor#build_note. This allows us to not repeat ourselves
 and is a great way to adapt the behavior of multiple controller actions by changing a single helper methods (e. g. if you want to place some restriction on
 how objects are created, you probably want to apply the same restriction on how objects are updated). It also facilitates the implementation of
 custom controller actions (e. g.NotesController#search, not visible in the example).
- 
There is a private method #note_scopewhich is used by all member actions (#show,#edit,#updateand#destroy) to load aNotewith the given ID.
 It is also used by#indexto load the list of all notes. Note how at no point does an action talk to theNotemodel directly.
 By having#note_scopeguard access to theNotemodel, we have a central place to control which records this controller can show, list or change.
 This is a great technique to implement authorization schemes with named scopes Show archive.org snapshot or Consul Show archive.org snapshot .
- 
The #indexaction uses the method#load_notesto load a list of notes.#load_notesactivates strict_loading Show archive.org snapshot on the scope.
 This forces to developer address n+1 queries Show archive.org snapshot by preloading all associations used in the index. Using an association that is not preloaded will raise anActiveRecord::StrictLoadingViolationError.
- 
There is a private method #note_paramsthat returns a permitted Show archive.org snapshot attributes hash that can be set through the#updateand#createactions.
- 
When validation errors prevented us from saving a record in #updateand#create, we respond with HTTP code422 Unprocessable Entityinstead of the default200 OK. This is (1) to be a good HTTP citizen and (2) to allow frontend code like detect a failed form submission Show archive.org snapshot .
Standard implementation (with caching)
We can improve the performance of our controllers by having reading actions (#show, #index) set ETag and Last-Modified response headers using 
  #fresh_when
  
    Show archive.org snapshot
  
This prevents unnecessary rendering when the browser cache already has a fresh copy of the content we're about to render. E.g. when we re-visit a site that we visited earlier.
When Rails detects a fresh cache it will not render the view template. Instead it will respond with 304 Not Modified and an empty body.
class NotesController < ApplicationController
  def show
    load_note
    # Build an ETag from all records shown in the view: @note, @note.user and @note.project
    fresh_when expand_etag(@note, :user, :project)
  end
  def index
    load_notes
    fresh_when expand_etag(@notes, :user, :project)
  end
  def new
    build_note
    fresh_when @note
  end
  def create
    build_note
    if @note.save
      redirect_to @note
    else
      render 'new', status: :unprocessable_entity
    end  
  end
  def edit
    load_note
    build_note
    fresh_when @note
  end
  def update
    load_note
    build_note
    if @note.save
      redirect_to @note
    else
      render 'edit', status: :unprocessable_entity
    end
  end
  def destroy
    load_note    
    @note.destroy!
    redirect_to :notes
  end
  private
  def load_note
    @note ||= note_scope.find(params[:id])
  end
  def build_note
    @note ||= note_scope.build
    @note.attributes = note_params
  end
  def note_params
    params.require(:note).permit(
      :title,
      :text,
      :published,
    )
  rescue ActionController::ParameterMissing  
    {}
  end
  def note_scope
    # Restrict what the user may access by returning a scope with conditions.
    Note.all
  end
  def load_notes
    @notes ||= note_scope
      .strict_loading                 # Raise an error when accessing an association that is not preloaded.
      .preload(:user, :project)       # Preload associations shown on the index.
      .paginate(page: params[:page])  # Indexes should always be paginated.
      .to_a                           # Convert to array to indicate the end of scope chaining.
  end
end
This also requires some changes in your ApplicationController:
class ApplicationController < ActionController::Base
  etag { session.id }                                       # Change all ETags after resetting the Rack/Rails session
  etag { flash.to_h }                                       # Produce different ETags when flash messages are set
  etag { current_user }                                     # Change all ETags after logging in or out
  etag { @@revision ||= File.read('REVISION') rescue nil }  # Change all ETags after a new Capistrano release.
  etag { up.target }                                        # Add this when you use Unpoly < 3 and optimize responses for render targets
  etag { I18n.locale }                                      # Ensure different locales lead to different ETags
  private
  # Builds an ETag input from the given records and a list of association names.
  def expand_etag(record_or_records, *associations)
    records = Array.wrap(record_or_records)
    records.map { |record|
      [record, associations.map { |association|
        [association, record.public_send(association)]
      }]
    }.flatten
  end
end