Rails 4 in 30' - Speaker Deck

Rails 4 in 30'

by Santiago Pastorino

Slide 1

Slide 1 text

WHAT’S NEW RAILS 4 IN 30’ Monday, October 29, 12

Slide 2

Slide 2 text

Monday, October 29, 12

Slide 3

Slide 3 text

Monday, October 29, 12

Slide 4

Slide 4 text

■ Migration ■ Ruby 1.9.3 ■ Strong Parameters ■ Declarative ETags ■ Cache Digests ■ Turbolinks ■ ActiveSupport::Queue ■ Async Mailers ■ Routing Concerns ■ ActionController::Live ■ Security ■ Other features AGENDA Monday, October 29, 12

Slide 5

Slide 5 text

MIGRATION Monday, October 29, 12

Slide 6

Slide 6 text

3.0.X ➡ 3.1.X ➡ 3.2.X Monday, October 29, 12

Slide 7

Slide 7 text

IN EACH STEP ... Monday, October 29, 12

Slide 8

Slide 8 text

TESTS COVERAGE QA Monday, October 29, 12

Slide 9

Slide 9 text

DEPRECATIONS Monday, October 29, 12

Slide 10

Slide 10 text

■ Active Resource ■ AR Observers ■ AR Session Store ■ AMo Mass Assignment Sanitizer ■ Hash Based Finders ■ ﬁnd_all_* / ﬁnd_last_* ■ Action Caching ■ Page Caching AVAILABLE AS GEMS Monday, October 29, 12

Slide 11

Slide 11 text

VENDOR/PLUGINS WAS REMOVED Monday, October 29, 12

Slide 12

Slide 12 text

USE RAILS GUIDES Monday, October 29, 12

Slide 13

Slide 13 text

Monday, October 29, 12

Slide 14

Slide 14 text

Monday, October 29, 12

Slide 15

Slide 15 text

■ YARV ■ Fastest VM ■ Bytecode interpreter ■ Lazy Sweep GC (tuneable) ■ Native Threads ■ Better strategy for GIL / GVL ■ Encodings RUBY 1.9.3 Monday, October 29, 12

Slide 16

Slide 16 text

FEATURES Monday, October 29, 12

Slide 17

Slide 17 text

STRONG PARAMETERS Monday, October 29, 12

Slide 18

Slide 18 text

ActiveRecord::Schema.define(version: 20121010233758) do create_table "users", force: true do |t| t.string "username" t.string "password" t.boolean "admin" t.datetime "created_at" t.datetime "updated_at" end end # ... user = User.new params[:user] MASS ASSIGNMENT Monday, October 29, 12

Slide 19

Slide 19 text

Slide 20

Slide 20 text

RA ILS 3.2 # app/models/user.rb class User < ActiveRecord::Base; end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end # raises ActiveModel::MassAssignmentSecurity::Error MASS ASSIGNMENT Monday, October 29, 12

Slide 21

Slide 21 text

RA ILS 4.0 # app/models/user.rb class User < ActiveRecord::Base; end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end # raises ActiveModel::ForbiddenAttributesError MASS ASSIGNMENT Monday, October 29, 12

Slide 22

Slide 22 text

RA ILS 3.2 # app/models/user.rb class User < ActiveRecord::Base attr_accessible :username, :password end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end MASS ASSIGNMENT Monday, October 29, 12

Slide 23

Slide 23 text

Slide 24

Slide 24 text

RA ILS 4.0 # app/models/user.rb class User < ActiveRecord::Base; end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params.require(:user). permit(:username, :password) redirect_to @user end end STRONG PARAMETERS Monday, October 29, 12

Slide 25

Slide 25 text

RA ILS 4.0 # app/models/user.rb class User < ActiveRecord::Base; end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params.require(:user). permit(:username, :password) redirect_to @user end end STRONG PARAMETERS Monday, October 29, 12

Slide 26

Slide 26 text

RA ILS 4.0 # app/models/user.rb class User < ActiveRecord::Base; end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! user_params redirect_to @user end private def user_params params.require(:user).permit(:username, :password) end end STRONG PARAMETERS Monday, October 29, 12

Slide 27

Slide 27 text

RA ILS 4.0 # app/models/user.rb class User < ActiveRecord::Base; end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! user_params redirect_to @user end private def user_params params.require(:user).permit(:username, :password) end end STRONG PARAMETERS Monday, October 29, 12

Slide 28

Slide 28 text

RA ILS 4.0 curl http://localhost:3000/users -‐d "user[username]=spastorino&user[admin]=true& authenticity_token=mm89V7LxLMRJoMJcnP6SIxnxg19RzcO56hdqbDZNmVo =" -‐-‐cookie cookie STRONG PARAMETERS Monday, October 29, 12

Slide 29

Slide 29 text

Slide 30

Slide 30 text

RA ILS 4.0 user = User.find_by_username('spastorino') user.admin? => false STRONG PARAMETERS Monday, October 29, 12

Slide 31

Slide 31 text

RA ILS 4.0 user = User.find_by_username('spastorino') user.admin? => false user.update_attributes(username: 'santiago', admin: true) => true STRONG PARAMETERS Monday, October 29, 12

Slide 32

Slide 32 text

RA ILS 4.0 user = User.find_by_username('spastorino') user.admin? => false user.update_attributes(username: 'santiago', admin: true) => true user.admin? => true STRONG PARAMETERS Monday, October 29, 12

Slide 33

Slide 33 text

HTTPS://GITHUB.COM/RAILS/STRONG_PARAMETERS Monday, October 29, 12

Slide 34

Slide 34 text

DECLARATIVE ETAGS Monday, October 29, 12

Slide 35

Slide 35 text

RA ILS 3.2 class TodolistsController < ApplicationController def show @todolist = Todolist.find(params[:id]) fresh_when etag: @todolist end end DECLARATIVE ETAGS Monday, October 29, 12

Slide 36

Slide 36 text

RA ILS 4.0 class TodolistsController < ApplicationController etag { current_user.try :admin } def show @todolist = Todolist.find(params[:id]) fresh_when etag: @todolist end end DECLARATIVE ETAGS Monday, October 29, 12

Slide 37

Slide 37 text

RA ILS 4.0 class TodolistsController < ApplicationController etag { current_user.try :admin } etag { @project.try :cache_key } def show @todolist = Todolist.find(params[:id]) fresh_when etag: @todolist end end DECLARATIVE ETAGS Monday, October 29, 12

Slide 38

Slide 38 text

HTTPS://GITHUB.COM/RAILS/ETAGGER Monday, October 29, 12

Slide 39

Slide 39 text

CACHE DIGESTS Monday, October 29, 12

Slide 40

Slide 40 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 41

Slide 41 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 42

Slide 42 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 43

Slide 43 text

Monday, October 29, 12

Slide 44

Slide 44 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 45

Slide 45 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 46

Slide 46 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v2", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 47

Slide 47 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v2", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 48

Slide 48 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v4", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v2", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 49

Slide 49 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v4", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v2", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 50

Slide 50 text

RA ILS 3.2 # projects/show.html.erb <% cache [ "v6", project ] do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v4", todolist ] do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v2", todo ] do %>

<%= todo.name %>

<% end %> CACHING VIEWS Monday, October 29, 12

Slide 51

Slide 51 text

RA ILS 4.0 # projects/show.html.erb <% cache project do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache todolist do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache todo do %>

<%= todo.name %>

<% end %> CACHE DIGESTS Monday, October 29, 12

Slide 52

Slide 52 text

RA ILS 4.0 # projects/show.html.erb <% cache project do %>

All my todo lists:

<%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache todolist do %>

<%= todolist.name %>:

<%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache todo do %>

<%= todo.name %>

<% end %> CACHE DIGESTS Monday, October 29, 12

Slide 53

Slide 53 text

CRITICISMS Monday, October 29, 12

Slide 54

Slide 54 text

HTTPS://GITHUB.COM/RAILS/CACHE_DIGESTS Monday, October 29, 12

Slide 55

Slide 55 text

TURBOLINKS Monday, October 29, 12

Slide 56

Slide 56 text

FOLLOW LINKS WITHOUT RELOADING THE WHOLE PAGE Monday, October 29, 12

Slide 57

Slide 57 text

DOESN’T DOWNLOAD JS & CSS Monday, October 29, 12

Slide 58

Slide 58 text

DOESN’T DOWNLOAD JS & CSS NOT A REAL GAIN IF YOU USE CACHING Monday, October 29, 12

Slide 59

Slide 59 text

DOESN’T RE-COMPILE Monday, October 29, 12

Slide 60

Slide 60 text

DOESN’T RE-COMPILE ONLY V8 Monday, October 29, 12

Slide 61

Slide 61 text

Monday, October 29, 12

Slide 62

Slide 62 text

DOESN’T RE- EVALUATE Monday, October 29, 12

Slide 63

Slide 63 text

CONSIDERATIONS Monday, October 29, 12

Slide 64

Slide 64 text

HTTPS://GITHUB.COM/RAILS/TURBOLINKS Monday, October 29, 12

Slide 65

Slide 65 text

ACTIVESUPPORT::QUEUE Monday, October 29, 12

Slide 66

Slide 66 text

RA ILS 4.0 Rails.queue.push Job.new job = Rails.queue.pop job.run AS::QUEUE Monday, October 29, 12

Slide 67

Slide 67 text

RA ILS 4.0 # config/application.rb # Default Synchronous config.queue = ActiveSupport::SynchronousQueue.new # Default Threaded config.queue = ActiveSupport::Queue.new # Resque Queue config.queue = Resque::Rails::Queue.new # Sidekiq Queue config.queue = Sidekiq::Client::Queue.new AS::QUEUE Monday, October 29, 12

Slide 68

Slide 68 text

ASYNC MAILERS Monday, October 29, 12

Slide 69

Slide 69 text

RA ILS 3.2 class UsersController < ActionController::Base def create @user = User.new params[:user] if @user.save UserMailer.welcome_email(@user).deliver end respond_with @user end end MAILERS Monday, October 29, 12

Slide 70

Slide 70 text

RA ILS 4.0 class UsersController < ActionController::Base def create @user = User.new params[:user] if @user.save UserMailer.welcome_email(@user).deliver end respond_with @user end end ASYNC MAILERS Monday, October 29, 12

Slide 71

Slide 71 text

ROUTING CONCERNS Monday, October 29, 12

Slide 72

Slide 72 text

RA ILS 3.2 # config/routes.rb Myapp::Application.routes.draw do resources :messages do resources :comments end resources :forwards do resources :comments end resources :uploads do resources :comments end resources :documents do resources :comments end resources :todos do resources :comments end ROUTING CONCERNS Monday, October 29, 12

Slide 73

Slide 73 text

RA ILS 4.0 # config/routes.rb Myapp::Application.routes.draw do concern :commentable do resources :comments end resources :messages, concerns: :commentable resources :forwards, concerns: :commentable resources :uploads, concerns: :commentable resources :documents, concerns: :commentable resources :todos, concerns: :commentable end ROUTING CONCERNS Monday, October 29, 12

Slide 74

Slide 74 text

ACTIONCONTROLLER::LIVE Monday, October 29, 12

Slide 75

Slide 75 text

RA ILS 4.0 class MyController < ActionController::Base end AC::LIVE Monday, October 29, 12

Slide 76

Slide 76 text

RA ILS 4.0 class MyController < ActionController::Base include ActionController::Live end AC::LIVE Monday, October 29, 12

Slide 77

Slide 77 text

RA ILS 4.0 class MyController < ActionController::Base include ActionController::Live def index 100.times { response.stream.write "hi\n" } response.stream.close end end AC::LIVE Monday, October 29, 12

Slide 78

Slide 78 text

HTTP://TENDERLOVEMAKING.COM/2012/07/30/ IS-IT-LIVE.HTML Monday, October 29, 12

Slide 79

Slide 79 text

SECURITY Monday, October 29, 12

Slide 80

Slide 80 text

■ match doesn’t catch all SECURITY Monday, October 29, 12

Slide 81

Slide 81 text

■ match doesn’t catch all ■ ej. match ‘/follow’ SECURITY Monday, October 29, 12

Slide 82

Slide 82 text

■ match doesn’t catch all ■ ej. match ‘/follow’ ■ escape_html_entities_in_json = true SECURITY Monday, October 29, 12

Slide 83

Slide 83 text

■ match doesn’t catch all ■ ej. match ‘/follow’ ■ escape_html_entities_in_json = true ■ var posts = #{ @posts.to_json } SECURITY Monday, October 29, 12

Slide 84

Slide 84 text

■ match doesn’t catch all ■ ej. match ‘/follow’ ■ escape_html_entities_in_json = true ■ var posts = #{ @posts.to_json } ■ X-Frame-Options: SAMEORIGIN SECURITY Monday, October 29, 12

Slide 85

Slide 85 text

■ match doesn’t catch all ■ ej. match ‘/follow’ ■ escape_html_entities_in_json = true ■ var posts = #{ @posts.to_json } ■ X-Frame-Options: SAMEORIGIN ■ X-Xss-Protection: 1; mode=block SECURITY Monday, October 29, 12

Slide 86

Slide 86 text

Slide 87

Slide 87 text

■ threadsafe! by default ■ ActiveRecord::Model ■ ActiveModel::Model ■ ActiveRecord::Relation ■ Schema cache dump ■ Dalli ■ PATCH verb ■ Friendly errors ■ Default test directories have changed OTHER FEATURES Monday, October 29, 12