Group items tagged

allowing your schema and changes to be database independent.

each migration as being a new 'version' of the database

each migration modifies it to add or remove tables, columns, or entries

roll this migration back, it will remove the table

timestamps macro adds two columns, created_at and updated_at

On databases that support transactions with statements that change the schema, migrations are wrapped in a transaction

reversible

use up and down instead of change

Migrations are stored as files in the db/migrate directory, one for each migration class.

a UTC timestamp identifying

Rails uses this timestamp to determine which migration should be run and in what order

"AddXXXToYYY" or "RemoveXXXFromYYY"

use a Ruby DSL

column type as references

part_number:string:index

a migration to remove a column

"CreateXXX"

change_column_null

AddUserRefToProducts

:references

produce join tables if JoinTable is part of the name

CreateJoinTable

The model and scaffold generators will create migrations appropriate for adding a new model.

enclosed by curly braces and follow the field type

create_table

By default, create_table will create a primary key called id

add an index on the new column

when using MySQL, the default is ENGINE=InnoDB

create_join_table creates an HABTM (has and belongs to many) join table

create_join_table also accepts a block

change_table, used for changing existing tables

remove

rename

add_column

change_column

remove_column

change_column_default

place an SQL fragment in the :options option.

limit

precision

scale

polymorphic

default

index

add_foreign_key

use the old style of migration using up and down methods instead of the change method.

.connection.execute

remove_column is reversible if you supply the column type as the third argument

Complex migrations may require processing that Active Record doesn't know how to reverse

reversible

Using reversible will ensure that the instructions are executed in the right order too.

add_column add_foreign_key add_index add_reference add_timestamps change_column_default (must supply a :from and :to option) change_column_null create_join_table create_table disable_extension drop_join_table drop_table (must supply a block) enable_extension remove_column (must supply a type) remove_foreign_key (must supply a second table) remove_index remove_reference remove_timestamps rename_column rename_index rename_table

:column_options option

have the option :null set to false by default

By default, the name of the join table comes from the union of the first two arguments provided to create_join_table

If the column names can not be derived from the table names, you can use the :column and :primary_key options.

figure out the column name

foreign key for a specific column

foreign key by name

should use reversible or write the up and down methods instead of using the change method

If your migration is irreversible, you should raise ActiveRecord::IrreversibleMigration from your down method.

DontUseConstraintForZipcodeValidationMigration

rails db:migrate

specify a target version

all migrations up to and including 20080906120000

run the down method on all the migrations down to, but not including, 20080906120000

rails db:rollback

db:migrate:redo task is a shortcut for doing a rollback and then migrating back up again

STEP parameter

db:setup task will create the database, load the schema and initialize it with the seed data

db:reset task will drop the database and set it up again. This is functionally equivalent to rails db:drop db:setup.

run a specific migration up or down, the db:migrate:up and db:migrate:down

the RAILS_ENV environment variable

db:migrate VERBOSE=false will suppress all output.

must rollback the migration (for example with bin/rails db:rollback), edit your migration and then run rails db:migrate to run the corrected version.

editing existing migrations is not a good idea.

revert method can be helpful when writing a new migration to undo previous migrations in whole or in part

require_relative

revert

Schema Files for

Schema files are also useful if you want a quick look at what attributes an Active Record object has

annotate_models gem automatically adds and updates comments at the top of each model summarizing the schema if you desire that functionality.

database-independent

multiple databases

you can execute custom SQL statements, the schema dumper cannot reconstitute those statements from the database

db:structure:dump

set in config/application.rb by the config.active_record.schema_format setting, which may be either :sql or :ruby.

check them into source control.

db/schema.rb contains the current version number of the database

Validations such as validates :foreign_key, uniqueness: true are one way in which models can enforce data integrity

The :dependent option on associations allows models to automatically destroy child objects when the parent is destroyed.

Migrations can also be used to add or modify data

Initial

To add initial data after a database is created, Rails has a built-in 'seeds' feature that makes the process quick and easy.

db/seeds.rb

rails db:seed

存取資料庫是一種相對很慢的I/O的操作：每一條SQL query都得耗上時間、執行回傳的結果也會被轉成ActiveRecord物件全部放進記憶體

如果需要撈出全部的資料做處理，強烈建議最好不要用all方法，因為這樣會把全部的資料一次放進記憶體中，如果資料有成千上萬筆的話，效能就墜毀了。

.find_each( :batch_size => 100 )

.find_in_batches( :batch_size => 100 )

在Transaction交易範圍內的SQL效能會加快，因為最後只需要COMMIT一次即可

Elasticsearch全文搜尋引擎和elasticsearch-rails gem

QueryReviewer這個套件透過SQL EXPLAIN分析SQL query的效率

必要時可以採用逆正規化的設計。犧牲空間，增加修改的麻煩，但是讓讀取這事件變得更快更簡單。

將成本轉嫁到寫入，而最佳化了讀取時間

在效能還沒有造成問題前，就為了優化效能而修改程式和架構，只會讓程式更混亂不好維護

當效能還不會造成問題時，程式的維護性比考慮效能重要

會拖慢整體效能的程式，只佔全部程式的一小部分而已，所以我們只最佳化會造成問題的程式。

善用分析工具找效能瓶頸，最佳化前需要測量，最佳化後也要測量比較。

rack-mini-profiler在頁面的左上角顯示花了多少時間，並且提供報表，推薦安裝

如果是不需要權限控管的靜態檔案，可以直接放在public目錄下讓使用者下載。

Web伺服器得先安裝好x_sendfile功能

如果要讓你的Assets例如CSS, JavaScript, Images也讓使用者透過CDN下載，只要修改config/environments/production.rb的config.action_controller.asset_host為CDN網址即可。

有時候「執行速度較快」的程式碼不代表好維護、好除錯的程式碼

Ruby不是萬能，有時候直接呼叫外部程式是最快的作法

reflect_on_association

add the business logic

Covering Edge Cases

in leveraging regular Ruby classes and object oriented design patterns to build a simple, robust and scaleable authorization system

map to the name of a particular controller action

In the generated ApplicationPolicy, the model object is called record.

record

authorize

authorize would have done something like this: raise "not authorized" unless PostPolicy.new(current_user, @post).update?

pass a second argument to authorize if the name of the permission you want to check doesn't match the action name.

you can chain it

authorize returns the object passed to it

the policy method in both the view and controller.

have some kind of view listing records which a particular user has access to

ActiveRecord::Relation

Instances of this class respond to the method resolve, which should return some kind of result which can be iterated over.

scope.where(published: true)

use this class from your controller via the policy_scope method:

PostPolicy::Scope.new(current_user, Post).resolve

policy_scope(@user.posts).each

This method will raise an exception if authorize has not yet been called.

verify_policy_scoped to your controller. This will raise an exception in the vein of verify_authorized. However, it tracks if policy_scope is used instead of authorize

need to conditionally bypass verification, you can use skip_authorization

skip_policy_scope

Having a mechanism that ensures authorization happens allows developers to thoroughly test authorization scenarios as units on the policy objects themselves.

Pundit doesn't do anything you couldn't have easily done yourself. It's a very small library, it just provides a few neat helpers.

all of the policy and scope classes are just plain Ruby classes

rails g pundit:policy post

define a filter that redirects unauthenticated users to the login page

fail more gracefully

raise Pundit::NotAuthorizedError, "must be logged in" unless user

having rails handle them as a 403 error and serving a 403 error page.

config.action_dispatch.rescue_responses["Pundit::NotAuthorizedError"] = :forbidden

with I18n to generate error messages

retrieve a policy for a record outside the controller or view

define a method in your controller called pundit_user

Pundit strongly encourages you to model your application in such a way that the only context you need for authorization is a user object and a domain model that you want to check authorization for.

Pundit does not allow you to pass additional arguments to policies

set up a permitted_attributes method in your policy

policy(@post).permitted_attributes

permitted_attributes(@post)

Pundit provides a convenient helper method

permit different attributes based on the current action,

If you have defined an action-specific method on your policy for the current action, the permitted_attributes helper will call it instead of calling permitted_attributes on your controller

If you don't have an instance for the first argument to authorize, then you can pass the class

It is not some kind of failsafe mechanism or authorization mechanism.

Pundit will work just fine without using verify_authorized and verify_policy_scoped

declare examples using the it method

an example group is a class in which the block passed to describe is evaluated

The blocks passed to it are evaluated in the context of an instance of that class

nested groups using the describe or context methods

can declare example groups using either describe or context

can declare examples within a group using any of it, specify, or example

Nearly anything that can be declared within an example group can be declared within a shared example group.

shared_context and include_context.

When a class is passed to describe, you can access it from an example using the described_class method

rspec-core stores a metadata hash with every example and group

Example groups are defined by a describe or context block, which is eagerly evaluated when the spec file is loaded

Examples -- typically defined by an it block -- and any other blocks with per-example semantics -- such as a before(:example) hook -- are evaluated in the context of an instance of the example group class to which the example belongs.

can overwrite the default label by passing it to the input method

configure the html of any of them

disable labels, hints or error

add a hint, an error, or even a placeholder

add an inline label

pass any html attribute straight to the input, by using the :input_html option

use the :defaults option in simple_form_fo

Simple Form generates a wrapper div around your label and input by default, you can pass any html attribute to that wrapper as well using the :wrapper_html option,

By default all inputs are required

the required property of any input can be overwritten

lets you overwrite the default input type it creates

can also render boolean attributes using as: :select to show a dropdown.

give the :disabled option to Simple Form, and it'll automatically mark the wrapper as disabled with a CSS class

Any extra option passed to these methods will be rendered as html option.

use label, hint, input_field, error and full_error helpers

to strip away all the div wrappers around the <input> field

is to use f.input_field

changing boolean_style from default value :nested to :inline

overriding the :collection option

Collections can be arrays or ranges, and when a :collection is given the :select input will be rendered by default

label_method

value_method

Both of these options also accept lambda/procs

define a to_label method on your model as Simple Form will search for and use :to_label as a :label_method first if it is found

create grouped collection selects, that will use the html optgroup tags

Grouped collection inputs accept the same :label_method and :value_method options

group_method

group_label_method

configured with a default value to be used on the site through the SimpleForm.country_priority and SimpleForm.time_zone_priority helpers.

association

association

render a :select input for choosing the :company, and another :select input with :multiple option for the :roles

all options available to :select, :radio_buttons and :check_boxes are also available to association

f.input

f.select

create a <button> element

simple_fields_for

Creates a collection of radio inputs with labels associated

Creates a collection of checkboxes with labels associated

collection_radio_buttons

collection_check_boxes

associations in your model

Role.all

the html element you will get for each attribute according to its database definition

redefine existing Simple Form inputs by creating a new class with the same name

Simple Form uses all power of I18n API to lookup labels, hints, prompts and placeholders

specify defaults for all models under the 'defaults' key

Simple Form will always look for a default attribute translation under the "defaults" key if no specific is found inside the model key

Simple Form will fallback to default human_attribute_name from Rails when no other translation is found for labels.

Simple Form will only do the lookup for options if you give a collection composed of symbols only.

"Add %{model}"

translations for labels, hints and placeholders for a namespaced model, e.g. Admin::User, should be placed under admin_user, not under admin/user

configure how your components will be rendered using the wrappers API

optional

unless_blank

By default, Simple Form will generate input field types and attributes that are supported in HTML5

The HTML5 extensions include the new field types such as email, number, search, url, tel, and the new attributes such as required, autofocus, maxlength, min, max, step.

If you want to have all other HTML 5 features, such as the new field types, you can disable only the browser validation

add novalidate to a specific form by setting the option on the form itself

the Simple Form configuration file

passing the html5 option

as: :date, html5: true

A pom.xml file contains everything needed to describe your Java project.

Java source code is to be meant to live in the "/src/main/java" folder

Maven will put compiled Java classes into the "target/classes" folder

Maven will also build a .jar or .war file, depending on your project, that lives in the "target" folder.

Maven has the concept of a build lifecycle, which is made up of different phases.

clean is not part of Maven’s default lifecycle, you end up with commands like mvn clean install or mvn clean package. Install or package will trigger all preceding phases, but you need to specify clean in addition.

Maven will always download your project dependencies into your local maven repository first and then reference them for your build.

local repositories (in your user’s home directory: ~/.m2/)

clean: deletes the /target folder.

mvn clean package

mvn clean install

package: Converts your .java source code into a .jar/.war file and puts it into the /target folder.

install: First, it does a package(!). Then it takes that .jar/.war file and puts it into your local Maven repository, which lives in ~/.m2/repository.

calling 'mvn install' would be enough if Maven was smart enough to do reliable, incremental builds.

developers got it ingrained to always call 'mvn clean install' (even though this increases build time a lot in bigger projects).

make sure that Maven always tries to download the latest snapshot dependency versions