Table of Contents

Copyright

Brief Table of Contents

Table of Contents

Preface

Acknowledgments

About this Book

About the Authors

About the Cover Illustration

Chapter 1. Ruby on Rails, the framework

1.1. What is Ruby on Rails?

1.1.1. Benefits

1.1.2. Common terms

1.1.3. Rails in the wild

1.2. Developing your first application

1.2.1. Installing Rails

1.2.2. Generating an application

1.2.3. Starting the application

1.2.4. Scaffolding

1.2.5. Migrations

1.2.6. Viewing and creating purchases

1.2.7. Validations

1.2.8. Showing off

1.2.9. Routing

1.2.10. Updating

1.2.11. Deleting

1.3. Summary

Chapter 2. Testing saves your bacon

2.1. Test- and behavior-driven development

2.2. Test-driven development

2.2.1. Why test?

2.2.2. Writing your first test

2.2.3. Saving bacon

2.3. Behavior-driven development

2.3.1. RSpec

2.3.2. Cucumber

2.4. Summary

Chapter 3. Developing a real Rails application

3.1. Application setup

3.1.1. The application story

3.1.2. Version control

3.1.3. The Gemfile and generators

3.1.4. Database configuration

3.1.5. Applying a stylesheet

3.2. First steps

3.2.1. Creating projects

3.2.2. RESTful routing

3.2.3. Committing changes

3.2.4. Setting a page title

3.2.5. Validations

3.3. Summary

Chapter 4. Oh CRUD!

4.1. Viewing projects

4.1.1. Writing a feature

4.1.2. The Factory Girl

4.1.3. Adding a link to a project

4.2. Editing projects

4.2.1. The edit action

4.2.2. The update action

4.3. Deleting projects

4.3.1. Writing a feature

4.3.2. Adding a destroy action

4.3.3. Looking for what isn’t there

4.4. Summary

Chapter 5. Nested resources

5.1. Creating tickets

5.1.1. Nested routing helpers

5.1.2. Creating a tickets controller

5.1.3. Defining a has_many association

5.1.4. Creating tickets within a project

5.1.5. Finding tickets scoped by project

5.1.6. Ticket validations

5.2. Viewing tickets

5.2.1. Listing tickets

5.2.2. Culling tickets

5.3. Editing tickets

5.3.1. Adding the edit action

5.3.2. Adding the update action

5.4. Deleting tickets

5.5. Summary

Chapter 6. Authentication and basic authorization

6.1. What Devise does

6.1.1. Installing Devise

6.2. User signup

6.3. Confirmation link sign-in

6.3.1. Testing email

6.3.2. Confirming confirmation

6.4. Form sign-in

6.5. Linking tickets to users

6.5.1. Attributing tickets to users

6.5.2. We broke something!

6.5.3. Fixing the Viewing Tickets feature

6.5.4. Fixing the Editing Tickets feature

6.5.5. Fixing the Deleting Tickets feature

6.6. Summary

Chapter 7. Basic access control

7.1. Projects can be created only by admins

7.2. Adding the admin field to the users table

7.3. Restricting actions to admins only

7.3.1. Fixing three more broken scenarios

7.3.2. Hiding the New Project link

7.3.3. Hiding the edit and delete links

7.4. Namespace routing

7.5. Namespace-based CRUD

7.5.1. Adding a namespace root

7.5.2. The index action

7.5.3. The new action

7.5.4. The create action

7.6. Creating admin users

7.7. Editing users

7.7.1. The show action

7.7.2. The edit and update actions

7.8. Deleting users

7.8.1. Ensuring you can’t delete yourself

7.9. Summary

Chapter 8. More authorization

8.1. Restricting read access

8.2. Restricting by scope

8.3. Fixing what you broke

8.3.1. Fixing Editing Projects

8.3.2. Fixing the four failing features

8.3.3. One more thing

8.3.4. Fixing Signing Up

8.4. Blocking access to tickets

8.4.1. Locking out the bad guys

8.5. Restricting write access

8.5.1. Rewriting a feature

8.5.2. Blocking creation

8.5.3. What is CanCan?

8.5.4. Adding abilities

8.6. Restricting update access

8.6.1. No updating for you!

8.6.2. Authorizing editing

8.7. Restricting delete access

8.7.1. Enforcing destroy protection

8.7.2. Hiding links based on permission

8.8. Assigning permissions

8.8.1. Viewing projects

8.8.2. And the rest

8.9. Seed data

8.10. Summary

Chapter 9. File uploading

9.1. Attaching a file

9.1.1. A feature featuring files

9.1.2. Enter stage right, Paperclip

9.1.3. Using Paperclip

9.2. Attaching many files

9.2.1. Two more files

9.2.2. Using nested attributes

9.3. Serving files through a controller

9.3.1. Protecting files

9.3.2. Showing your assets

9.3.3. Public assets

9.3.4. Privatizing assets

9.4. Using JavaScript

9.4.1. JavaScript testing

9.4.2. Introducing jQuery

9.4.3. Adding more files with JavaScript

9.4.4. Responding to an asynchronous request

9.4.5. Sending parameters for an asynchronous request

9.5. Summary

Chapter 10. Tracking state

10.1. Leaving a comment

10.1.1. Where’s the ticket?

10.1.2. The comment form

10.1.3. The comment model

10.1.4. The comments controller

10.2. Changing a ticket’s state

10.2.1. Creating the State model

10.2.2. Selecting states

10.2.3. Callbacks

10.2.4. Seeding states

10.2.5. Fixing creating comments

10.3. Tracking changes

10.3.1. Ch-ch-changes

10.3.2. Another c-c-callback

10.3.3. Displaying changes

10.3.4. Show me the page

10.3.5. Automatic escaping saves your bacon

10.3.6. Styling states

10.4. Managing states

10.4.1. Adding additional states

10.4.2. Defining a default state

10.5. Locking down states

10.5.1. Hiding a select box

10.5.2. Bestowing changing state permissions

10.5.3. Hacking a form

10.5.4. Ignoring a parameter

10.6. Summary

Chapter 11. Tagging

11.1. Creating tags

11.1.1. Creating tags feature

11.1.2. Using text_field_tag

11.1.3. Showing tags

11.1.4. Defining the tags association

11.1.5. The Tag model

11.1.6. Displaying a ticket’s tags

11.2. Adding more tags

11.2.1. Adding tags through a comment

11.2.2. Fixing the CommentsController spec

11.3. Tag restriction

11.3.1. Testing tag restriction

11.3.2. Tags are allowed, for some

11.4. Deleting a tag

11.4.1. Testing tag deletion

11.4.2. Adding a link to delete the tag

11.4.3. Actually removing a tag

11.5. Finding tags

11.5.1. Testing search

11.5.2. Searching by state with Searcher

11.5.3. Searching by state

11.5.4. Search, but without the search

11.6. Summary

Chapter 12. Sending email

12.1. Sending ticket notifications

12.1.1. Automatically watching a ticket

12.1.2. Using observers

12.1.3. Defining the watchers association

12.1.4. Introducing Action Mailer

12.1.5. An Action Mailer template

12.1.6. Delivering HTML emails

12.2. Subscribing to updates

12.2.1. Testing comment subscription

12.2.2. Automatically adding a user to a watchlist

12.2.3. Unsubscribing from ticket notifications

12.3. Real-world email

12.3.1. Testing real-world email

12.3.2. Configuring Action Mailer

12.3.3. Connecting to Gmail

12.4. Receiving emails

12.4.1. Setting a reply-to address

12.4.2. Receiving a reply

12.5. Summary

Chapter 13. Designing an API

13.1. The projects API

13.1.1. Your first API

13.1.2. Serving an API

13.1.3. API authentication

13.1.4. Error reporting

13.1.5. Serving XML

13.1.6. Creating projects

13.1.7. Restricting access to only admins

13.1.8. A single project

13.1.9. No project for you!

13.1.10. Updating a project

13.1.11. Exterminate!

13.2. Beginning the tickets API

13.3. Rate limiting

13.3.1. One request, two request, three request, four

13.3.2. No more, thanks!

13.3.3. Back to zero

13.4. Versioning an API

13.4.1. Creating a new version

13.5. Summary

Chapter 14. Deployment

14.1. Server setup

14.1.1. Setting up a server using VirtualBox

14.1.2. Installing the base

14.2. RVM and Ruby

14.2.1. Installing RVM

14.2.2. Installing Ruby

14.3. Creating a user for the app

14.3.1. Key-based authentication

14.3.2. Disabling password authentication

14.4. The database server

14.4.1. Creating a database and user

14.4.2. Ident authentication

14.5. Deploy away!

14.5.1. Deploy keys

14.5.2. Configuring Capistrano

14.5.3. Setting up the deploy environment

14.5.4. Deploying the application

14.5.5. Bundling gems

14.5.6. Choosing a database

14.6. Serving requests

14.6.1. Installing Passenger

14.6.2. An init script

14.7. Summary

Chapter 15. Alternative authentication

15.1. How OAuth works

15.2. Twitter authentication

15.2.1. Setting up OmniAuth

15.2.2. Registering an application with Twitter

15.2.3. Setting up an OmniAuth testing environment

15.2.4. Testing Twitter sign-in

15.3. GitHub authentication

15.3.1. Registering and testing GitHub auth

15.4. Summary

Chapter 16. Basic performance enhancements

16.1. Pagination

16.1.1. Introducing Kaminari

16.1.2. Paginating an interface

16.1.3. Paginating an API

16.2. Database query enhancements

16.2.1. Eager loading

16.2.2. Database indexes

16.3. Page and action caching

16.3.1. Caching a page

16.3.2. Caching an action

16.3.3. Cache sweepers

16.3.4. Client-side caching

16.3.5. Caching page fragments

16.4. Background workers

16.5. Summary

Chapter 17. Engines

17.1. A brief history of engines

17.2. Why engines are useful

17.3. Brand-new engine

17.3.1. Creating an engine

17.3.2. The layout of an engine

17.3.3. Engine routing

17.4. Setting up a testing environment

17.4.1. Removing Test::Unit

17.4.2. Installing RSpec and Capybara

17.5. Writing your first engine feature

17.5.1. Your first Capybara test

17.5.2. Setting up routes

17.5.3. The topics controller

17.5.4. The index action

17.5.5. The new action

17.5.6. The create action

17.5.7. The show action

17.5.8. Showing an association count

17.6. Adding more posts to topics

17.7. Classes outside your control

17.7.1. Engine configuration

17.7.2. A fake User model

17.7.3. Authenticating topics

17.7.4. Adding authorship to topics

17.7.5. Post authentication

17.7.6. Showing the last post

17.8. Releasing as a gem

17.9. Integrating with an application

17.10. Summary

Chapter 18. Rack-based applications

18.1. Building Rack applications

18.1.1. A basic Rack application

18.2. Building bigger Rack applications

18.2.1. You’re breaking up

18.2.2. Running a combined Rack application

18.3. Mounting a Rack application with Rails

18.3.1. Mounting Heartbeat

18.3.2. Introducing Sinatra

18.3.3. The API, by Sinatra

18.3.4. Basic error checking

18.4. Middleware

18.4.1. Middleware in Rails

18.4.2. Investigating ActionDispatch::Static

18.4.3. Crafting middleware

18.5. Summary

Appendix A. Why Rails?

A.1 Reason #1: the sense of community

A.2 Reason #2: the speed and ease of development

A.3 Reason #3: RubyGems

A.4 Reason #4: emphasis on testing

Appendix B. Tidbits

B.1 Prettying URLs

B.2 Attribute change tracking

Index

List of Figures

List of Tables

List of Listings