...nicer to read, but has horrible security implications in some versions of Ruby on Rails. Affected versions Version Affected? Remedy 2.3.18 yes Use chain_safely workaround 3.0.20 no
Use Rails LTS 3.2 with hardened configuration 4.0.x ??? ??? 4.2.3 no Example When you chain two scopes with hash conditions on the same attribute, the second scope will overwrite...
When an object is created / updated, various callbacks are executed in this order: before_validation after_validation before_save
The change_column method for rails migrations support casting with a custom SQL statement. This allows us to change a column type and keep the former content as the new...
Just like Ruby Gems tag their version releases to the corresponding Git commit, it can be helpful to track production...
Most of our applications use CarrierWave for file uploads. CarrierWave has an integrated processing mechanism for different file versions with...
Middleman is a static page generator that brings many of the goodies that Rails developers are used to. Out of the box, Middleman brings Haml, Sass, helpers etc. However, it...
...to do even better. This card is a list of improvement hints for a Rails developer. Gemfile Remove tzinfo-data and wdm unless you're on Windows. Add these gems...
...to configure omniauth-multi-provider to support multiple SAML identity providers for a single Rails app: To solve this, the omniauth-multi-provider gem acts as a dynamic wrapper around...
...to some path methods generated by your routes. Even though you could technically include Rails.application.routes.url_helpers, this may include way too many methods and even overwrite some class methods in...
...advised to only make the desired methods available: class Project delegate :url_helpers, to: 'Rails.application.routes' def project_path url_helpers.project_path(self) end
By default most exceptions in Rails will render a 500 error page and will create a new issue in your error monitoring. There are some built-in rules in Rails...
Code snippet tested with Rails 2.3 def index # ... if request.xhr? html = render_to_string(:partial => "list", :layout => false) respond_to do |format| format.html { render :text => html } format.json { render :json => {:html...
...this card might help. If you call render_to_string within the format.json block, Rails will only look for an index.json template, but not for an index.erb template...
Modern IRB has time measurement built in. measure # Enable measure :off # Disable Custom Should your version of IRB not offer...
...or a carnivore. Don't use self when defining scopes as class methods In Rails 2 and 5 (not 3, not sure about 4) there is one caveat you should...
...Do this instead: def self.suitable_for(user) if user.vegetarian? without_meat else all # for Rails 2 use `scoped({})` instead of `all` end end Note how we're returning #all instead...
Since Rails 7+ you can use ComparisonValidator for validations like greater_than, less_than, etc. on dates, numerics or strings. Example We have a model for booking a...
...before or equal to the start date') unless end_date.after?(start_date) end end Since Rails 7+ we can use the ComparisonValidator for these use cases. class TripBooking < ApplicationRecord validates :start...
...registered constants and the file references during the boot. Therefore you need to add Rails.autoloaders.log! at the end of your config/application.rb file. You could also run bin/rails zeitwerk:check for...
...script like this in lib/scripts/. But this folder is excluded by purpose from the Rails autoloading path and a Sidekiq worker will not find the required classes when invoked. So...
...take care of choosing the right class names to avoid wrong lookups caused by Rails autoloading mechanism. Part B Replace all paperclip code with carrierwave logic. Copy many parts from...
For Rails models where only one of multiple attributes may be filled out at the same time, there is no built-in validation. I've seen different solutions in the...
Sometimes, the rails dev server doesn't terminate properly. This can for example happen when the dev server runs in a RubyMine terminal. When this happens, the old dev server...
...eager-loading, and also if there is too much eager-loading. strict_loading in Rails 6.1+ forces developers to explicitly load associations on individual records, for a single association, for...
Since Rails 6.1+ you can use .compact_blank or .compact_blank! to remove blank values from collections (e.g. arrays). Remove nil values from an array ['foo', nil].compact...
Remove blank values from collections Array array = [1, "", nil, 2, " ", [], {}, false, true] # Any Rails version array.reject(&:blank?) # => [1, 2, true] # Since Rails 6.1+ array.compact_blank # => [1, 2, true]
Testing your responses in Rails allows to parse the body depending on the response MIME type with parsed_body. get '/posts.json' response.parsed_body # => [{'id' => 42, 'title' => 'Title'}, ...]
...drop JSON.parse(response.body) and replace it with parsed_body. There also exists a cop Rails/ResponseParsedBody that you can enable via rubocop-rails...
Within development and test environments, Rails is usually configured to show a detailed debug page instead of 404s. However, there might be some cases where you expect a 404 and...
...be used as a light-weight version of integration tests here.) In this case, Rails will replace the 404 page that you want to test for with its debug page...
...generates HTML. You can chain as many preprocessors as you want. When you deploy, Rails runs assets:precompile which precompiles all assets into static files that live in public/assets. This...
Webpacker is Rails' way of integrating Webpack, and version 4 has been released just a few days ago, allowing us to use Webpack 4. I successfully upgraded an existing real...
...are notes on everything that I encountered. Note that we prefer not using the Rails asset pipeline at all and serving all assets through Webpack for the sake of consistency...
Note: Instead of using the method in this card, you probably want to use ActiveType's nested attributes which is...