Rails 4 in 30'

1.

WHAT’S NEW RAILS 4 IN 30’ Monday, October 29, 12

2.

Monday, October 29, 12

3.


4.

▪ Migration ▪ Ruby 1.9.3 ▪ Strong Parameters ▪ Declarative
ETags ▪ Cache Digests ▪ Turbolinks ▪ ActiveSupport::Queue ▪ Async Mailers ▪ Routing Concerns ▪ ActionController::Live ▪ Security ▪ Other features AGENDA Monday, October 29, 12

5.

MIGRATION Monday, October 29, 12

6.

3.0.X ➡ 3.1.X ➡ 3.2.X Monday, October 29, 12

7.

IN EACH STEP ... Monday, October 29, 12

8.

TESTS COVERAGE QA Monday, October 29, 12

9.

DEPRECATIONS Monday, October 29, 12

10.

▪ Active Resource ▪ AR Observers ▪ AR Session Store
▪ AMo Mass Assignment Sanitizer ▪ Hash Based Finders ▪ ﬁnd_all_* / ﬁnd_last_* ▪ Action Caching ▪ Page Caching AVAILABLE AS GEMS Monday, October 29, 12

11.

VENDOR/PLUGINS WAS REMOVED Monday, October 29, 12

12.

USE RAILS GUIDES Monday, October 29, 12

13.


14.


15.

▪ YARV ▪ Fastest VM ▪ Bytecode interpreter ▪ Lazy
Sweep GC (tuneable) ▪ Native Threads ▪ Better strategy for GIL / GVL ▪ Encodings RUBY 1.9.3 Monday, October 29, 12

16.

FEATURES Monday, October 29, 12

17.

STRONG PARAMETERS Monday, October 29, 12

18.

ActiveRecord::Schema.define(version: 20121010233758) do create_table "users", force: true do |t|
t.string "username" t.string "password" t.boolean "admin" t.datetime "created_at" t.datetime "updated_at" end end # ... user = User.new params[:user] MASS ASSIGNMENT Monday, October 29, 12

19.

ActiveRecord::Schema.define(version: 20121010233758) do create_table "users", force: true do |t|
t.string "username" t.string "password" t.boolean "admin" t.datetime "created_at" t.datetime "updated_at" end end # ... user = User.new params[:user] MASS ASSIGNMENT Monday, October 29, 12

20.

RA ILS 3.2 # app/models/user.rb class User < ActiveRecord::Base; end
# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end # raises ActiveModel::MassAssignmentSecurity::Error MASS ASSIGNMENT Monday, October 29, 12

21.

# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end # raises ActiveModel::ForbiddenAttributesError MASS ASSIGNMENT Monday, October 29, 12

22.

RA ILS 3.2 # app/models/user.rb class User < ActiveRecord::Base
attr_accessible :username, :password end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end MASS ASSIGNMENT Monday, October 29, 12

23.

RA ILS 3.2 # app/models/user.rb class User < ActiveRecord::Base
attr_accessible :username, :password end # app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params[:user] redirect_to @user end end MASS ASSIGNMENT Monday, October 29, 12

24.

# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params.require(:user). permit(:username, :password) redirect_to @user end end STRONG PARAMETERS Monday, October 29, 12

25.

# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! params.require(:user). permit(:username, :password) redirect_to @user end end STRONG PARAMETERS Monday, October 29, 12

26.

# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! user_params redirect_to @user end private def user_params params.require(:user).permit(:username, :password) end end STRONG PARAMETERS Monday, October 29, 12

27.

# app/controllers/users_controller.rb class UsersController < ApplicationController def create @user = User.create! user_params redirect_to @user end private def user_params params.require(:user).permit(:username, :password) end end STRONG PARAMETERS Monday, October 29, 12

28.

RA ILS 4.0 curl http://localhost:3000/users -‐d "user[username]=spastorino&user[admin]=true& authenticity_token=mm89V7LxLMRJoMJcnP6SIxnxg19RzcO56hdqbDZNmVo ="
-‐-‐cookie cookie STRONG PARAMETERS Monday, October 29, 12

29.

RA ILS 4.0 curl http://localhost:3000/users -‐d "user[username]=spastorino&user[admin]=true& authenticity_token=mm89V7LxLMRJoMJcnP6SIxnxg19RzcO56hdqbDZNmVo ="
-‐-‐cookie cookie STRONG PARAMETERS Monday, October 29, 12

30.

RA ILS 4.0 user = User.find_by_username('spastorino') user.admin? => false STRONG
PARAMETERS Monday, October 29, 12

31.

RA ILS 4.0 user = User.find_by_username('spastorino') user.admin? => false user.update_attributes(username:
'santiago', admin: true) => true STRONG PARAMETERS Monday, October 29, 12

32.

RA ILS 4.0 user = User.find_by_username('spastorino') user.admin? => false user.update_attributes(username:
'santiago', admin: true) => true user.admin? => true STRONG PARAMETERS Monday, October 29, 12

33.

HTTPS://GITHUB.COM/RAILS/STRONG_PARAMETERS Monday, October 29, 12

34.

DECLARATIVE ETAGS Monday, October 29, 12

35.

RA ILS 3.2 class TodolistsController < ApplicationController def show
@todolist = Todolist.find(params[:id]) fresh_when etag: @todolist end end DECLARATIVE ETAGS Monday, October 29, 12

36.

RA ILS 4.0 class TodolistsController < ApplicationController etag {
current_user.try :admin } def show @todolist = Todolist.find(params[:id]) fresh_when etag: @todolist end end DECLARATIVE ETAGS Monday, October 29, 12

37.

RA ILS 4.0 class TodolistsController < ApplicationController etag {
current_user.try :admin } etag { @project.try :cache_key } def show @todolist = Todolist.find(params[:id]) fresh_when etag: @todolist end end DECLARATIVE ETAGS Monday, October 29, 12

38.

HTTPS://GITHUB.COM/RAILS/ETAGGER Monday, October 29, 12

39.

CACHE DIGESTS Monday, October 29, 12

40.

RA ILS 3.2 # projects/show.html.erb <% cache [ "v5", project
] do %> All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %> <%= todolist.name %>: <%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %> <%= todo.name %> <% end %> CACHING VIEWS Monday, October 29, 12

41.


42.


43.


44.


45.

] do %> All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v3", todolist ] do %> <%= todolist.name %>: <%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache [ "v1", todo ] do %> <li><%= todo.name %></li> <% end %> CACHING VIEWS Monday, October 29, 12

46.


47.


48.

] do %> All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache [ "v4", todolist ] do %> <%= todolist.name %>: <ul><%= render todolist.todos %></ul> <% end %> # todos/_todo.html.erb <% cache [ "v2", todo ] do %> <li><%= todo.name %></li> <% end %> CACHING VIEWS Monday, October 29, 12

49.


50.


51.

RA ILS 4.0 # projects/show.html.erb <% cache project do %>
All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache todolist do %> <%= todolist.name %>: <%= render todolist.todos %> <% end %> # todos/_todo.html.erb <% cache todo do %> <%= todo.name %> <% end %> CACHE DIGESTS Monday, October 29, 12

52.

RA ILS 4.0 # projects/show.html.erb <% cache project do %>
All my todo lists: <%= render project.todolists %> <% end %> # todolists/_todolist.html.erb <% cache todolist do %> <%= todolist.name %>: <ul><%= render todolist.todos %></ul> <% end %> # todos/_todo.html.erb <% cache todo do %> <li><%= todo.name %></li> <% end %> CACHE DIGESTS Monday, October 29, 12

53.

CRITICISMS Monday, October 29, 12

54.

HTTPS://GITHUB.COM/RAILS/CACHE_DIGESTS Monday, October 29, 12

55.

TURBOLINKS Monday, October 29, 12

56.

FOLLOW LINKS WITHOUT RELOADING THE WHOLE PAGE Monday, October 29,
12

57.

DOESN’T DOWNLOAD JS & CSS Monday, October 29, 12

58.

DOESN’T DOWNLOAD JS & CSS NOT A REAL GAIN IF
YOU USE CACHING Monday, October 29, 12

59.

DOESN’T RE-COMPILE Monday, October 29, 12

60.

DOESN’T RE-COMPILE ONLY V8 Monday, October 29, 12

61.


62.

DOESN’T RE- EVALUATE Monday, October 29, 12

63.

CONSIDERATIONS Monday, October 29, 12

64.

HTTPS://GITHUB.COM/RAILS/TURBOLINKS Monday, October 29, 12

65.

ACTIVESUPPORT::QUEUE Monday, October 29, 12

66.

RA ILS 4.0 Rails.queue.push Job.new job = Rails.queue.pop job.run AS::QUEUE

67.

RA ILS 4.0 # config/application.rb # Default Synchronous config.queue =
ActiveSupport::SynchronousQueue.new # Default Threaded config.queue = ActiveSupport::Queue.new # Resque Queue config.queue = Resque::Rails::Queue.new # Sidekiq Queue config.queue = Sidekiq::Client::Queue.new AS::QUEUE Monday, October 29, 12

68.

ASYNC MAILERS Monday, October 29, 12

69.

RA ILS 3.2 class UsersController < ActionController::Base def create
@user = User.new params[:user] if @user.save UserMailer.welcome_email(@user).deliver end respond_with @user end end MAILERS Monday, October 29, 12

70.

RA ILS 4.0 class UsersController < ActionController::Base def create
@user = User.new params[:user] if @user.save UserMailer.welcome_email(@user).deliver end respond_with @user end end ASYNC MAILERS Monday, October 29, 12

71.

ROUTING CONCERNS Monday, October 29, 12

72.

RA ILS 3.2 # config/routes.rb Myapp::Application.routes.draw do resources :messages
do resources :comments end resources :forwards do resources :comments end resources :uploads do resources :comments end resources :documents do resources :comments end resources :todos do resources :comments end ROUTING CONCERNS Monday, October 29, 12

73.

RA ILS 4.0 # config/routes.rb Myapp::Application.routes.draw do concern :commentable
do resources :comments end resources :messages, concerns: :commentable resources :forwards, concerns: :commentable resources :uploads, concerns: :commentable resources :documents, concerns: :commentable resources :todos, concerns: :commentable end ROUTING CONCERNS Monday, October 29, 12

74.

ACTIONCONTROLLER::LIVE Monday, October 29, 12

75.

RA ILS 4.0 class MyController < ActionController::Base end AC::LIVE Monday,
October 29, 12

76.

RA ILS 4.0 class MyController < ActionController::Base include ActionController::Live
end AC::LIVE Monday, October 29, 12

77.

RA ILS 4.0 class MyController < ActionController::Base include ActionController::Live
def index 100.times { response.stream.write "hi\n" } response.stream.close end end AC::LIVE Monday, October 29, 12

78.

HTTP://TENDERLOVEMAKING.COM/2012/07/30/ IS-IT-LIVE.HTML Monday, October 29, 12

79.

SECURITY Monday, October 29, 12

80.

▪ match doesn’t catch all SECURITY Monday, October 29, 12

81.

▪ match doesn’t catch all ▪ ej. match ‘/follow’ SECURITY

82.

▪ match doesn’t catch all ▪ ej. match ‘/follow’ ▪
escape_html_entities_in_json = true SECURITY Monday, October 29, 12

83.

escape_html_entities_in_json = true ▪ var posts = #{ @posts.to_json } SECURITY Monday, October 29, 12

84.

escape_html_entities_in_json = true ▪ var posts = #{ @posts.to_json } ▪ X-Frame-Options: SAMEORIGIN SECURITY Monday, October 29, 12

85.

escape_html_entities_in_json = true ▪ var posts = #{ @posts.to_json } ▪ X-Frame-Options: SAMEORIGIN ▪ X-Xss-Protection: 1; mode=block SECURITY Monday, October 29, 12

86.

escape_html_entities_in_json = true ▪ var posts = #{ @posts.to_json } ▪ X-Frame-Options: SAMEORIGIN ▪ X-Xss-Protection: 1; mode=block ▪ X-Content-Type-Options: nosniff SECURITY Monday, October 29, 12

87.

▪ threadsafe! by default ▪ ActiveRecord::Model ▪ ActiveModel::Model ▪ ActiveRecord::Relation
▪ Schema cache dump ▪ Dalli ▪ PATCH verb ▪ Friendly errors ▪ Default test directories have changed OTHER FEATURES Monday, October 29, 12

88.

WE ❤ OSS Monday, October 29, 12

89.

WHEN IS RAILS 4 GOING TO BE RELEASED? Monday, October
29, 12

90.

@SPASTORINO Monday, October 29, 12

91.

THANK YOU! Monday, October 29, 12

92.

QUESTIONS? Monday, October 29, 12

Rails 4 in 30'

Rails 4 in 30'

Want more?

Transcript