Rails 4 in 30'

WHAT’S NEW RAILS 4 IN 30’ Monday, October 29, 12

Monday, October 29, 12

▪ Migration ▪ Ruby 1.9.3 ▪ Strong Parameters ▪ Declarative
ETags ▪ Cache Digests ▪ Turbolinks ▪ ActiveSupport::Queue ▪ Async Mailers ▪ Routing Concerns ▪ ActionController::Live ▪ Security ▪ Other features AGENDA Monday, October 29, 12

MIGRATION Monday, October 29, 12

3.0.X ➡ 3.1.X ➡ 3.2.X Monday, October 29, 12

IN EACH STEP ... Monday, October 29, 12

TESTS COVERAGE QA Monday, October 29, 12

DEPRECATIONS Monday, October 29, 12

▪ Active Resource ▪ AR Observers ▪ AR Session Store
▪ AMo Mass Assignment Sanitizer ▪ Hash Based Finders ▪ ﬁnd_all_* / ﬁnd_last_* ▪ Action Caching ▪ Page Caching AVAILABLE AS GEMS Monday, October 29, 12

VENDOR/PLUGINS WAS REMOVED Monday, October 29, 12

USE RAILS GUIDES Monday, October 29, 12

▪ YARV ▪ Fastest VM ▪ Bytecode interpreter ▪ Lazy
Sweep GC (tuneable) ▪ Native Threads ▪ Better strategy for GIL / GVL ▪ Encodings RUBY 1.9.3 Monday, October 29, 12

FEATURES Monday, October 29, 12

STRONG PARAMETERS Monday, October 29, 12

ActiveRecord::Schema.define(version: 20121010233758) do create_table "users", force: true do |t|
t.string "username" t.string "password" t.boolean "admin" t.datetime "created_at" t.datetime "updated_at" end end # ... user = User.new params[:user] MASS ASSIGNMENT Monday, October 29, 12

RA ILS 3.2 # app/models/user.rb class User < ActiveRecord::Base; end
# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end # raises ActiveModel::MassAssignmentSecurity::Error MASS ASSIGNMENT Monday, October 29, 12

# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end # raises ActiveModel::ForbiddenAttributesError MASS ASSIGNMENT Monday, October 29, 12

RA ILS 3.2 # app/models/user.rb class User < ActiveRecord::Base
attr_accessible :username, :password end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end MASS ASSIGNMENT Monday, October 29, 12

# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params.require(:user). permit(:username, :password) redirect_to @user end end STRONG PARAMETERS Monday, October 29, 12

# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! user_params redirect_to @user end private def user_params params.require(:user).permit(:username, :password) end end STRONG PARAMETERS Monday, October 29, 12

RA ILS 4.0 curl http://localhost:3000/users -‐d "user[username]=spastorino&user[admin]=true& authenticity_token=mm89V7LxLMRJoMJcnP6SIxnxg19RzcO56hdqbDZNmVo ="
-‐-‐cookie cookie STRONG PARAMETERS Monday, October 29, 12

RA ILS 4.0 user = User.find_by_username('spastorino') user.admin? => false STRONG
PARAMETERS Monday, October 29, 12

RA ILS 4.0 user = User.find_by_username('spastorino') user.admin? => false user.update_attributes(username:
'santiago', admin: true) => true STRONG PARAMETERS Monday, October 29, 12

RA ILS 4.0 user = User.find_by_username('spastorino') user.admin? => false user.update_attributes(username:
'santiago', admin: true) => true user.admin? => true STRONG PARAMETERS Monday, October 29, 12

HTTPS://GITHUB.COM/RAILS/STRONG_PARAMETERS Monday, October 29, 12

DECLARATIVE ETAGS Monday, October 29, 12

RA ILS 3.2 class TodolistsController < ApplicationController def show
@todolist = Todolist.find(params[:id]) fresh_when etag: @todolist end end DECLARATIVE ETAGS Monday, October 29, 12

RA ILS 4.0 class TodolistsController < ApplicationController etag {
current_user.try :admin } def show @todolist = Todolist.find(params[:id]) fresh_when etag: @todolist end end DECLARATIVE ETAGS Monday, October 29, 12

RA ILS 4.0 class TodolistsController < ApplicationController etag {
current_user.try :admin } etag { @project.try :cache_key } def show @todolist = Todolist.find(params[:id]) fresh_when etag: @todolist end end DECLARATIVE ETAGS Monday, October 29, 12

HTTPS://GITHUB.COM/RAILS/ETAGGER Monday, October 29, 12

CACHE DIGESTS Monday, October 29, 12

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project
] do %> All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %> <%= todolist.name %>: <%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %> <%= todo.name %> <% end %> CACHING VIEWS Monday, October 29, 12

] do %> All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %> <%= todolist.name %>: <%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %> <%= todo.name %> <% end %> CACHING VIEWS Monday, October 29, 12

] do %> All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %> <%= todolist.name %>: <%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %> <li><%= todo.name %></li> <% end %> CACHING VIEWS Monday, October 29, 12

] do %> All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %> <%= todolist.name %>: <%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v2", todo ] do %> <li><%= todo.name %></li> <% end %> CACHING VIEWS Monday, October 29, 12

] do %> All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v4", todolist ] do %> <%= todolist.name %>: <ul><%= render todolist.todos %></ul> <% end %> # todos/_todo.html.erb <% cache [ "v2", todo ] do %> <li><%= todo.name %></li> <% end %> CACHING VIEWS Monday, October 29, 12

RA ILS 4.0 # projects/show.html.erb <% cache project do %>
All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache todolist do %> <%= todolist.name %>: <%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache todo do %> <%= todo.name %> <% end %> CACHE DIGESTS Monday, October 29, 12

RA ILS 4.0 # projects/show.html.erb <% cache project do %>
All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache todolist do %> <%= todolist.name %>: <ul><%= render todolist.todos %></ul> <% end %> # todos/_todo.html.erb <% cache todo do %> <li><%= todo.name %></li> <% end %> CACHE DIGESTS Monday, October 29, 12

CRITICISMS Monday, October 29, 12

HTTPS://GITHUB.COM/RAILS/CACHE_DIGESTS Monday, October 29, 12

TURBOLINKS Monday, October 29, 12

FOLLOW LINKS WITHOUT RELOADING THE WHOLE PAGE Monday, October 29,
12

DOESN’T DOWNLOAD JS & CSS Monday, October 29, 12

DOESN’T DOWNLOAD JS & CSS NOT A REAL GAIN IF
YOU USE CACHING Monday, October 29, 12

DOESN’T RE-COMPILE Monday, October 29, 12

DOESN’T RE-COMPILE ONLY V8 Monday, October 29, 12

DOESN’T RE- EVALUATE Monday, October 29, 12

CONSIDERATIONS Monday, October 29, 12

HTTPS://GITHUB.COM/RAILS/TURBOLINKS Monday, October 29, 12

ACTIVESUPPORT::QUEUE Monday, October 29, 12

RA ILS 4.0 Rails.queue.push Job.new job = Rails.queue.pop job.run AS::QUEUE

RA ILS 4.0 # config/application.rb # Default Synchronous config.queue =
ActiveSupport::SynchronousQueue.new # Default Threaded config.queue = ActiveSupport::Queue.new # Resque Queue config.queue = Resque::Rails::Queue.new # Sidekiq Queue config.queue = Sidekiq::Client::Queue.new AS::QUEUE Monday, October 29, 12

ASYNC MAILERS Monday, October 29, 12

RA ILS 3.2 class UsersController < ActionController::Base def create
@user = User.new params[:user] if @user.save UserMailer.welcome_email(@user).deliver end respond_with @user end end MAILERS Monday, October 29, 12

RA ILS 4.0 class UsersController < ActionController::Base def create
@user = User.new params[:user] if @user.save UserMailer.welcome_email(@user).deliver end respond_with @user end end ASYNC MAILERS Monday, October 29, 12

ROUTING CONCERNS Monday, October 29, 12

RA ILS 3.2 # config/routes.rb Myapp::Application.routes.draw do resources :messages
do resources :comments end resources :forwards do resources :comments end resources :uploads do resources :comments end resources :documents do resources :comments end resources :todos do resources :comments end ROUTING CONCERNS Monday, October 29, 12

RA ILS 4.0 # config/routes.rb Myapp::Application.routes.draw do concern :commentable
do resources :comments end resources :messages, concerns: :commentable resources :forwards, concerns: :commentable resources :uploads, concerns: :commentable resources :documents, concerns: :commentable resources :todos, concerns: :commentable end ROUTING CONCERNS Monday, October 29, 12

ACTIONCONTROLLER::LIVE Monday, October 29, 12

RA ILS 4.0 class MyController < ActionController::Base end AC::LIVE Monday,
October 29, 12

RA ILS 4.0 class MyController < ActionController::Base include ActionController::Live
end AC::LIVE Monday, October 29, 12

RA ILS 4.0 class MyController < ActionController::Base include ActionController::Live
def index 100.times { response.stream.write "hi\n" } response.stream.close end end AC::LIVE Monday, October 29, 12

HTTP://TENDERLOVEMAKING.COM/2012/07/30/ IS-IT-LIVE.HTML Monday, October 29, 12

SECURITY Monday, October 29, 12

▪ match doesn’t catch all SECURITY Monday, October 29, 12

▪ match doesn’t catch all ▪ ej. match ‘/follow’ SECURITY

▪ match doesn’t catch all ▪ ej. match ‘/follow’ ▪
escape_html_entities_in_json = true SECURITY Monday, October 29, 12

escape_html_entities_in_json = true ▪ var posts = #{ @posts.to_json } SECURITY Monday, October 29, 12

escape_html_entities_in_json = true ▪ var posts = #{ @posts.to_json } ▪ X-Frame-Options: SAMEORIGIN SECURITY Monday, October 29, 12

escape_html_entities_in_json = true ▪ var posts = #{ @posts.to_json } ▪ X-Frame-Options: SAMEORIGIN ▪ X-Xss-Protection: 1; mode=block SECURITY Monday, October 29, 12

escape_html_entities_in_json = true ▪ var posts = #{ @posts.to_json } ▪ X-Frame-Options: SAMEORIGIN ▪ X-Xss-Protection: 1; mode=block ▪ X-Content-Type-Options: nosniff SECURITY Monday, October 29, 12

▪ threadsafe! by default ▪ ActiveRecord::Model ▪ ActiveModel::Model ▪ ActiveRecord::Relation
▪ Schema cache dump ▪ Dalli ▪ PATCH verb ▪ Friendly errors ▪ Default test directories have changed OTHER FEATURES Monday, October 29, 12

WE ❤ OSS Monday, October 29, 12

WHEN IS RAILS 4 GOING TO BE RELEASED? Monday, October
29, 12

@SPASTORINO Monday, October 29, 12

THANK YOU! Monday, October 29, 12

QUESTIONS? Monday, October 29, 12

Rails 4 in 30'

Rails 4 in 30'

More Decks by Santiago Pastorino

Other Decks in Programming

Featured

Transcript