Ruby on Rails Love-In

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Ruby on Rails Love-In

«‹›178 »

Hefty: Jun 11, 2008

xenilk posted:

Practical Object-Oriented Design in Ruby: An Agile Primer

This is a really good book.

If you're interested in rails I liked http://objectsonrails.com/ a lot. It also has the benefit of being free (or $5 for the ebook).

# ? Mar 12, 2015 07:44

Adbot: ADBOT LOVES YOU

# ? May 9, 2024 20:20

Peristalsis: Apr 5, 2004; Move along.

I have a comment and a question.

We've been developing our main rails app for over a year now, sort of learning stuff as we go along. It's been interesting, sometimes frustrating, and often slow as we find our way through the gems and other tools. The other day, we got a request to do a prototype for a new app. Since we can share some functionality and general formatting, we just made it an extension of our current app to save time (we can split it out when we get actual specs and create a new design, etc.). We still needed to create new models and tables, set up some new screens, etc., but by re-using some of our current infrastructure, and by knowing Rails much better than we did at the beginning of our current app, we were able to put a demo together from design to implementation with about 6-8 person-hours of work. I think this is the first time I've really been able to appreciate and benefit from all the voodoo and shortcuts. I mean, we've been getting faster and better all along, but the difference between this effort and how long it took to really get our first app up and running really threw the speed of the tools and how far we've come into sharp relief.

And now my latest (minor) problem. Actually, it's been this way all along, just not important enough to worry about. The created_at dates in our test-server's objects are all off by 5 hours. (Prod might be the same, but it's harder to tell since we do have users legitimately running scripts late at night.) MySQL returns the correct current time and date if I query for it, the test server's time is correct, and Rails reports the correct time in console, but the created_at dates are clearly not being adjusted for time zone. How can every system report the correct time interactively, but still somehow conspire to get the created_at times wrong? Is there a special setting for row dates somewhere? Should I just try to move the university to England?

# ? Mar 17, 2015 16:54

Chilled Milk: Jun 22, 2003; No one here is alone,
satellites in every home

Peristalsis posted:

I have a comment and a question.

We've been developing our main rails app for over a year now, sort of learning stuff as we go along. It's been interesting, sometimes frustrating, and often slow as we find our way through the gems and other tools. The other day, we got a request to do a prototype for a new app. Since we can share some functionality and general formatting, we just made it an extension of our current app to save time (we can split it out when we get actual specs and create a new design, etc.). We still needed to create new models and tables, set up some new screens, etc., but by re-using some of our current infrastructure, and by knowing Rails much better than we did at the beginning of our current app, we were able to put a demo together from design to implementation with about 6-8 person-hours of work. I think this is the first time I've really been able to appreciate and benefit from all the voodoo and shortcuts. I mean, we've been getting faster and better all along, but the difference between this effort and how long it took to really get our first app up and running really threw the speed of the tools and how far we've come into sharp relief.

And now my latest (minor) problem. Actually, it's been this way all along, just not important enough to worry about. The created_at dates in our test-server's objects are all off by 5 hours. (Prod might be the same, but it's harder to tell since we do have users legitimately running scripts late at night.) MySQL returns the correct current time and date if I query for it, the test server's time is correct, and Rails reports the correct time in console, but the created_at dates are clearly not being adjusted for time zone. How can every system report the correct time interactively, but still somehow conspire to get the created_at times wrong? Is there a special setting for row dates somewhere? Should I just try to move the university to England?

Have you set a time zone? A generated application.rb will have this, fiddle as necessary

code:

    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
    # config.time_zone = 'Central Time (US & Canada)'

# ? Mar 17, 2015 17:10

MasterSlowPoke: Oct 9, 2005; Our courage will pull us through

IIRC AR will still store UTC in the database, but auto convert it when pulling it out.

# ? Mar 17, 2015 17:21

Peristalsis: Apr 5, 2004; Move along.

MasterSlowPoke posted:

IIRC AR will still store UTC in the database, but auto convert it when pulling it out.

D'oh! That's exactly it. I just have to quit looking directly at the db tables, I guess.

# ? Mar 17, 2015 19:26

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

MySQL stores everything in UTC as well. It doesn't have a TIMESTAMP WITH TIME ZONE or equivalent data type.

# ? Mar 17, 2015 19:52

Thalagyrt: Aug 10, 2006

Smol posted:

MySQL stores everything in UTC as well. It doesn't have a TIMESTAMP WITH TIME ZONE or equivalent data type.

Not entirely correct. MySQL stores time without timezone data at all, so saying it stores everything in UTC is incorrect as that would imply that MySQL is aware the timestamps you're storing are UTC, and it would have to be timezone aware for that. Since MySQL doesn't have a timezone aware datatype, best practice is to treat all times as UTC when storing/retrieving, but that doesn't mean that MySQL considers the times UTC. They're just times without any timezone as far as it's concerned.

# ? Mar 17, 2015 20:30

Doghouse: Oct 22, 2004; I was playing Harvest Moon 64 with this kid who lived on my street and my cows were not doing well and I got so raged up and frustrated that my eyes welled up with tears and my friend was like are you crying dude. Are you crying because of the cows. I didn't understand the feeding mechanic.

I have to create a fairly simple ruby on rails application for a class project, and it has a search feature, where you can search a "business" by name or location. Should I just implement it myself or use a Gem? I haven't really used gems before and don't know if it would be more trouble than it is worth here. Basically I want the easiest thing possible, as long as it works and is not too awful.

# ? Mar 18, 2015 21:50

MasterSlowPoke: Oct 9, 2005; Our courage will pull us through

I'd probably just do a really simple scope:

Ruby code:

scope :search, ->(query="") { where("name LIKE '%?%' OR location LIKE '%?%'", query, query)

Unless you need something fancier?

# ? Mar 18, 2015 22:13

xenilk: Apr 17, 2004; ERRYDAY I BE SPLIT-TONING! Honestly, its the only skill I got other than shooting the back of women and calling it "Editorial".

might sound weird by when I implement things like this is create a "search" field in the database which concatenate fields that I want to search.

so I put a before_save instruction in the model:

Ruby code:

  before_save :searchable_field
  
  private
  
    #Concatenate title + content and remove accents
    def searchable_field
       self.search = "#{title} #{content}".mb_chars.normalize(:kd).gsub(/[^\x00-\x7F]/n,'').to_s.downcase
    end

and then when I need to search it (in the controller):

Ruby code:

def search
    @search_item = params[:search][:search_text].mb_chars.normalize(:kd).gsub(/[^\x00-\x7F]/n,'').to_s.downcase
    @search_item.gsub! /\s+/, '%'

    @items = current_user.items.where("search LIKE ?", "%#{@search_item}%")
    respond_to do |format|
      format.js
    end
  end

Edit: That way also makes it easy to search and skip things like accents and be case insensitive

# ? Mar 19, 2015 01:11

hmm yes: Dec 2, 2000; College Slice

The ransack gem will get you a search in under 10 minutes by copy/pasting code from the README. That might be too meta for your assignment, and you might not actually understand what's going on under the hood of the gem. But only you know if that matters or not!

# ? Mar 19, 2015 04:14

prom candy: Dec 16, 2005; Only I may dance

pg_search is a pretty decent gem if you're using postgres.

If you're going to roll your own I like putting search logic into separate service classes, it seems like the kind of thing that doesn't belong in the model to me.

# ? Mar 19, 2015 18:42

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

I don't recommend using postgres' full text search for anything nontrivial. The performance isn't great for many common use cases (e.g. prefix search) and tuning the indexes is bit of a black art. When your search becomes more complicated than selecting a few columns from a relatively small table, just start using ElasticSearch right away. It's faster, more powerful and way easier to maintain.

# ? Mar 19, 2015 18:58

MasterSlowPoke: Oct 9, 2005; Our courage will pull us through

I'm writing some tests for our Cancan implementation, and they're a little repetitive:

Ruby code:

require 'rails_helper'

RSpec.describe Ability, type: :model do
  describe "Board Abilities" do
    let(:ability) { Ability.new(FactoryGirl.build(:board_user)) }

    context "allowed actions" do
      it("can view Users") { expect(ability.can?(:read, User.new)).to be_truthy }
      it("can view Partners") { expect(ability.can?(:read, Partner.new)).to be_truthy }
      it("can view Super Partners") { expect(ability.can?(:read, SuperPartner.new)).to be_truthy }
      it("can view Partner Reports") { expect(ability.can?(:read, PartnerReport.new)).to be_truthy }
      
      it("can see User records") { expect(ability.can?(:records, User)).to be_truthy }
      it("can see Partner records") { expect(ability.can?(:records, Partner)).to be_truthy }
      it("can see SuperPartner records") { expect(ability.can?(:records, SuperPartner)).to be_truthy }
      it("can see Partner Report records") { expect(ability.can?(:records, PartnerReport)).to be_truthy }

      it("can read Anayltics pages") { expect(ability.can?(:manage, :analytic)).to be_truthy }
      it("can view Sales pages") { expect(ability.can?(:manage, :sale)).to be_truthy }
      it("can view Report pages") { expect(ability.can?(:manage, :report)).to be_truthy }
      it("can view Customer Report pages") { expect(ability.can?(:manage, :customer_report)).to be_truthy }
      it("can view Manual Review pages") { expect(ability.can?(:manage, :manual_review)).to be_truthy }
      it("can view Data Quality pages") { expect(ability.can?(:manage, :manual_review)).to be_truthy }
    end

    context "disallowed actions" do
      it("cannot see Business records") { expect(ability.can?(:records, Business)).to be_falsy }
    end
  end
end

What would be a good way to dry this up?

# ? Mar 20, 2015 19:53

Pardot: Jul 25, 2001

You could go and define a custom matcher, or something simple like this

Ruby code:

RSpec.describe Ability, type: :model do
  describe "Board Abilities" do
    let(:ability) { Ability.new(FactoryGirl.build(:board_user)) }

    def can(action, obj)
      expect(ability.can?((action, obj)).to be_truthy }
    end

    def cant(action, obj)
      expect(ability.can?((action, obj)).to be_falsy }
    end
          
    context "allowed actions" do
      it("can view Users")                 { can(:read, User.new)           }
      it("can view Partners")              { can(:read, Partner.new)        }
      it("can view Super Partners")        { can(:read, SuperPartner.new)   }
      it("can view Partner Reports")       { can(:read, PartnerReport.new)  }

      it("can see User records")           { can(:records, User)            }
      it("can see Partner records")        { can(:records, Partner)         }
      it("can see SuperPartner records")   { can(:records, SuperPartner)    }
      it("can see Partner Report records") { can(:records, PartnerReport)   }

      it("can read Anayltics pages")       { can(:manage, :analytic)        }
      it("can view Sales pages")           { can(:manage, :sale)            }
      it("can view Report pages")          { can(:manage, :report)          }
      it("can view Customer Report pages") { can(:manage, :customer_report) }
      it("can view Manual Review pages")   { can(:manage, :manual_review)   }
      it("can view Data Quality pages")    { can(:manage, :manual_review)   }
    end

    context "disallowed actions" do
      it("cannot see Business records")    { cant(:records, Business)       }
    end
  end
end

# ? Mar 20, 2015 22:29

Doghouse: Oct 22, 2004; I was playing Harvest Moon 64 with this kid who lived on my street and my cows were not doing well and I got so raged up and frustrated that my eyes welled up with tears and my friend was like are you crying dude. Are you crying because of the cows. I didn't understand the feeding mechanic.

atastypie posted:

The ransack gem will get you a search in under 10 minutes by copy/pasting code from the README. That might be too meta for your assignment, and you might not actually understand what's going on under the hood of the gem. But only you know if that matters or not!

Wow yeah it took me about 5 minutes to implement a name search. This is awesome, thanks.

# ? Mar 22, 2015 05:33

EVGA Longoria: Dec 25, 2005; Let's go exploring!

Got a fun little Ruby issue, hoping I could get some help:

Ruby code:

file = Tempfile.new('test')

quote:

Errno::ENOENT: No such file or directory @ rb_sysopen - /var/folders/4h/f50mt9v91474cth5kgj3k6pck1rm2l/T/test20150325-23497-v6trq7
from /Users/cewen/.rbenv/versions/2.2.1/lib/ruby/2.2.0/tempfile.rb:136:in `initialize'

The temp folder exists, and is writable. I can open Pry and do a simple recreation of the that part of tempfile code (https://www.omniref.com/ruby/2.2.1/files/lib/tempfile.rb#tab=Docs&line=136) and it works fine.

Ruby code:

[12] pry(main)> Dir::Tmpname.create('test') do |tmpname, n, opts|
[12] pry(main)*   puts tmpname
[12] pry(main)*   mode = File::RDWR|File::CREAT|File::EXCL
[12] pry(main)*   opts[:perm] = 0600
[12] pry(main)*   tmpfile = File.open(tmpname, mode, opts)
[12] pry(main)* end
/var/folders/4h/f50mt9v91474cth5kgj3k6pck1rm2l/T/test20150325-20848-u8mheq
=> "/var/folders/4h/f50mt9v91474cth5kgj3k6pck1rm2l/T/test20150325-20848-u8mheq"
[13] pry(main)> `test -f /var/folders/4h/f50mt9v91474cth5kgj3k6pck1rm2l/T/test20150325-20848-u8mheq && echo "Exists"`
=> "Exists\n"

Any ideas what the hell is going wrong with Tempfile? I've never had this issue before.

Edit: Ended up reinstalling Ruby (because it couldn't do anything with Tempfile) and updating pry-rails and suddenly it works. Will call this a win.

EVGA Longoria fucked around with this message at 18:08 on Mar 25, 2015

# ? Mar 25, 2015 17:12

Doghouse: Oct 22, 2004; I was playing Harvest Moon 64 with this kid who lived on my street and my cows were not doing well and I got so raged up and frustrated that my eyes welled up with tears and my friend was like are you crying dude. Are you crying because of the cows. I didn't understand the feeding mechanic.

So since the last goon recommendation for a rails gem was great, I wanted to ask for another: authentication, meaning basic username password stuff. The professor recommended devise, but the creators say you shouldn't use it if you are a rails beginner. I'm looking for the simplest and easiest solution. Any suggestions?

# ? Mar 27, 2015 23:48

MasterSlowPoke: Oct 9, 2005; Our courage will pull us through

If you want to learn user authentication, follow the relevant chapters (looks like 6-10) in the excellent Rails Tutorial.

If you're not really interested in user auth, use devise. Any solution you throw together without learning the Why's is going to be hopelessly insecure.

Finally, whatever you do, never store plaintext or encrypted passwords.

MasterSlowPoke fucked around with this message at 00:04 on Mar 28, 2015

# ? Mar 27, 2015 23:56

EVGA Longoria: Dec 25, 2005; Let's go exploring!

Doghouse posted:

So since the last goon recommendation for a rails gem was great, I wanted to ask for another: authentication, meaning basic username password stuff. The professor recommended devise, but the creators say you shouldn't use it if you are a rails beginner. I'm looking for the simplest and easiest solution. Any suggestions?

Devise says that because there is no 100% way to do drop in Authorization. If you don't know how authentication/authorization works, you're likely to make mistakes if you just drop Devise in.

Just use Devise for this project, with the understanding that you should read thoroughly. If any part of Devise ever feels magical, read up on what it does (and even read the source code) to better understand it.

MasterSlowPoke posted:

Finally, whatever you do, never store plaintext or encrypted passwords.

To clarify this, you want to store a salted, hashed password. Encryption is 2 way, meaning if i know the secret i can decrypt the stored password into plain text. Hashing is one way, meaning that if i get the stored password, it's not possible to go back to the original plain text.

Salting is the practice of adding a random string to each password pre-hash, to make them unique. That way, if two users have the same password, they have different hashes.

The moral of the password story is, Just Use BCrypt. It's designed for passwords, and takes care of this stuff for you.

# ? Mar 28, 2015 00:33

kayakyakr: Feb 16, 2004; Kayak is true

As an extension of this conversation, I need to create a bearer-type token for dumb API access. The scripts that will use this are generally dumb, scheduled curl scripts so that oauth-style challenge/expiring tokens are not an option. I don't want to store the key on the DB as it would be an unhashed password. I can't hash it and store it because I need to be able to re-display the key through the interface.

My current plan was to make a string of id:hashed_password, encrypt it with my secret key, then display. It has the benefit of invalidating when they change their password. It has the downside of providing a single point of security failure where, if the secret key is compromised, an attacker can decrypt and gain a hashed password.

Any suggestions or thoughts on the drawbacks of my proposed solution?

# ? Mar 28, 2015 05:57

aunt jenkins: Jan 12, 2001

kayakyakr posted:

It has the benefit of invalidating when they change their password.

Dunno the specifics of your situation, maybe that is actually a good idea, but assuming this is something reasonably generic, API tokens shouldn't be invalidated by a user password change - that'd be totally unexpected behavior, IMO.

If possible, just have the client provide a user ID as well as the token, then you can store the token hashed and just compare it, similar to normal auth.

# ? Mar 28, 2015 06:23

kayakyakr: Feb 16, 2004; Kayak is true

aunt jemima posted:

Dunno the specifics of your situation, maybe that is actually a good idea, but assuming this is something reasonably generic, API tokens shouldn't be invalidated by a user password change - that'd be totally unexpected behavior, IMO.

If possible, just have the client provide a user ID as well as the token, then you can store the token hashed and just compare it, similar to normal auth.

Don't want to store a hashed token as I need to be able to display it (can't be a one-time thing). Because of that I'd need to encrypt/decrypt. I was looking for a way to generate it from user data where changes would not unexpectedly change the key. Figured password was something you'd kinda want to change, but I guess not always.

So maybe the best way is to store an encrypted token on the DB and providing a pre-encoded base64 string for basic auth.

# ? Mar 28, 2015 14:40

EVGA Longoria: Dec 25, 2005; Let's go exploring!

kayakyakr posted:

As an extension of this conversation, I need to create a bearer-type token for dumb API access. The scripts that will use this are generally dumb, scheduled curl scripts so that oauth-style challenge/expiring tokens are not an option. I don't want to store the key on the DB as it would be an unhashed password. I can't hash it and store it because I need to be able to re-display the key through the interface.

My current plan was to make a string of id:hashed_password, encrypt it with my secret key, then display. It has the benefit of invalidating when they change their password. It has the downside of providing a single point of security failure where, if the secret key is compromised, an attacker can decrypt and gain a hashed password.

Any suggestions or thoughts on the drawbacks of my proposed solution?

Pick some combination of static data for an account and hash it. Maybe ID + email address + something not public. Doesn't need to be stored, since the same data will return the same hash.

If you need to make it displayable, it's going to be a reduction in security however you do it.

Most OAuth implementations seem to store the User ID and a hashed Secret, but they only display the hash the first time you create it.

# ? Mar 30, 2015 14:51

kayakyakr: Feb 16, 2004; Kayak is true

EVGA Longoria posted:

Pick some combination of static data for an account and hash it. Maybe ID + email address + something not public. Doesn't need to be stored, since the same data will return the same hash.

If you need to make it displayable, it's going to be a reduction in security however you do it.

Most OAuth implementations seem to store the User ID and a hashed Secret, but they only display the hash the first time you create it.

I went with that: UID and hashed Secret. I'm just giving out a Bearer token, not a full OAuth handshake, and if they lose it, they have to regenerate it.

e: gonna use https://github.com/lynndylanhurley/devise_token_auth eventually for my larger startup. They've got the full OAuth 2.0 type flow.

# ? Mar 30, 2015 15:03

EVGA Longoria: Dec 25, 2005; Let's go exploring!

kayakyakr posted:

I went with that: UID and hashed Secret. I'm just giving out a Bearer token, not a full OAuth handshake, and if they lose it, they have to regenerate it.

e: gonna use https://github.com/lynndylanhurley/devise_token_auth eventually for my larger startup. They've got the full OAuth 2.0 type flow.

Is there some reason they can't make a Client Credentials OAuth request with UID and hashed Secret and use that? It's pretty much what this was designed for.

Hadn't seen that OAuth implementation, I usually use Doorkeeper for mine. Might look into that.

# ? Mar 30, 2015 15:09

Gmaz: Apr 3, 2011; New DLC for Aoe2 is out: Dynasties of India

Does anyone have experience with Heroku and diferrent locale settings for different parts of site?

My code basically looks like this, and it works locally but on Heroku it just stays on the default locale.

code:

def set_locale
    if some_condition
      I18n.locale = :en
    else
      I18n.locale = params[:locale] || I18n.default_locale
    end
end

# ? Mar 30, 2015 15:52

kayakyakr: Feb 16, 2004; Kayak is true

EVGA Longoria posted:

Is there some reason they can't make a Client Credentials OAuth request with UID and hashed Secret and use that? It's pretty much what this was designed for.

Hadn't seen that OAuth implementation, I usually use Doorkeeper for mine. Might look into that.

Common usage is via dumb scripts via curl. It's gotta be a one-step authentication process.

# ? Mar 30, 2015 16:33

MasterSlowPoke: Oct 9, 2005; Our courage will pull us through

Thought there was a CI thread but I can't find one. Does anyone know if theres a way to configure Jenkins to post a generated web page? My testing generates a coverage report using simplecov, and I'd like to be able to access it on the CI server as well. It's not hugely important, but it'd be nice if it's possible.

edit: Found this plugin for posting Rcov files.

MasterSlowPoke fucked around with this message at 16:51 on Mar 31, 2015

# ? Mar 31, 2015 16:24

EVGA Longoria: Dec 25, 2005; Let's go exploring!

kayakyakr posted:

Common usage is via dumb scripts via curl. It's gotta be a one-step authentication process.

When you say dumb scripts via curl you mean like a single command running curl? It's not too hard to run 2 curl commands in a bash script, but if you're not in charge of those scripts i understand the whole "Requirements forcing me to do bad things" part.

Just for curiousity, what are you using to generate that bearer token? Most of the ones I'm aware of store the access token unhashed in the DB, so I'd be interested if there's one that doesn't.

MasterSlowPoke posted:

Thought there was a CI thread but I can't find one. Does anyone know if theres a way to configure Jenkins to post a generated web page? My testing generates a coverage report using simplecov, and I'd like to be able to access it on the CI server as well. It's not hugely important, but it'd be nice if it's possible.

edit: Found this plugin for posting Rcov files.

Have you tried CodeClimate? How does it compare? We use CC here and it's ok, but if there's better test coverage I could look into, that'd be great.

# ? Mar 31, 2015 17:08

Bhodi: Dec 9, 2007; Oh, it's just a cat.; Pillbug

MasterSlowPoke posted:

Thought there was a CI thread but I can't find one. Does anyone know if theres a way to configure Jenkins to post a generated web page? My testing generates a coverage report using simplecov, and I'd like to be able to access it on the CI server as well. It's not hugely important, but it'd be nice if it's possible.

edit: Found this plugin for posting Rcov files.

For future reference, it's here: http://forums.somethingawful.com/showthread.php?threadid=3695559

# ? Mar 31, 2015 17:16

MasterSlowPoke: Oct 9, 2005; Our courage will pull us through

EVGA Longoria posted:

Have you tried CodeClimate? How does it compare? We use CC here and it's ok, but if there's better test coverage I could look into, that'd be great.

I've not. I'm still rather new at Rails and testing in particular. Where I'm working we had no tests when I started - the codebase is mostly just 400 line controller methods. I went with Simplecov just because it was recommended in some tutorial.

I don't like that SimpleCov only provides reports for files called in the tests - there are a lot of models and such that I haven't gotten to yet, and I'd just like to see them so I could eventually check them off. If I wasn't working with a legacy code base that wouldn't be such an issue.

# ? Mar 31, 2015 18:30

Pardot: Jul 25, 2001

EVGA Longoria posted:

When you say dumb scripts via curl you mean like a single command running curl? It's not too hard to run 2 curl commands in a bash script, but if you're not in charge of those scripts i understand the whole "Requirements forcing me to do bad things" part.

Just for curiousity, what are you using to generate that bearer token? Most of the ones I'm aware of store the access token unhashed in the DB, so I'd be interested if there's one that doesn't.

Have you tried CodeClimate? How does it compare? We use CC here and it's ok, but if there's better test coverage I could look into, that'd be great.

code climate. They auto F sinatra files, and contacted them several times, and I've even gone so far as to find the small patch they need to apply to their fork of flog to make that not happen and they just don't give a gently caress.

# ? Mar 31, 2015 18:55

kayakyakr: Feb 16, 2004; Kayak is true

EVGA Longoria posted:

When you say dumb scripts via curl you mean like a single command running curl? It's not too hard to run 2 curl commands in a bash script, but if you're not in charge of those scripts i understand the whole "Requirements forcing me to do bad things" part.

Yeah, that. I mean, I could probably do it as a 2-part process, but I really, really don't want to write scripts for that. Trying to set up the API to be present and as simple as possible considering that I'm already out of hours to work on it.

EVGA Longoria posted:

Just for curiousity, what are you using to generate that bearer token? Most of the ones I'm aware of store the access token unhashed in the DB, so I'd be interested if there's one that doesn't.

Nah, the Bearer token is really just the user id + unhashed api token wrapped up in base64. It's exactly what Basic Auth would be if I was doing a 2-step auth/bearer. Felt that calling it a bearer token was more in line with how it was being used.

# ? Mar 31, 2015 19:37

EVGA Longoria: Dec 25, 2005; Let's go exploring!

Pardot posted:

code climate. They auto F sinatra files, and contacted them several times, and I've even gone so far as to find the small patch they need to apply to their fork of flog to make that not happen and they just don't give a gently caress.

I've got a Sinatra app with good grades. The 2 Ds are got legitimately complicated files that should probably be refactored - the rest are As. Maybe they've improved it in the last 6 months?

MasterSlowPoke posted:

I've not. I'm still rather new at Rails and testing in particular. Where I'm working we had no tests when I started - the codebase is mostly just 400 line controller methods. I went with Simplecov just because it was recommended in some tutorial.

I don't like that SimpleCov only provides reports for files called in the tests - there are a lot of models and such that I haven't gotten to yet, and I'd just like to see them so I could eventually check them off. If I wasn't working with a legacy code base that wouldn't be such an issue.

Code climate does code smells (generally just an indication to refactor), plus test coverage. It does JS too, though I've had a lot of trouble getting that to actually report from Travis.

# ? Mar 31, 2015 23:49

Pardot: Jul 25, 2001

EVGA Longoria posted:

I've got a Sinatra app with good grades. The 2 Ds are got legitimately complicated files that should probably be refactored - the rest are As. Maybe they've improved it in the last 6 months?

You got my hopes up only to dash them. Just checked and "definition outside of methods" is still there on sinatra files, since it counts all the blocks all together, instead of as separate methods.

# ? Apr 1, 2015 02:01

Peristalsis: Apr 5, 2004; Move along.

Is app code read or compiled during rake db:setup?

We're setting up a new test server for a specific branch of our code, and when the IT guy runs rake db:setup, he gets the error

ActiveRecord::StatementInvalid: Mysql2::Error: Table 'test_app.system_settings' doesn't exist: SHOW FULL FIELDS FROM `system_settings`

There are multiple code changes involving that table (system_settings), including at least one new rake task, but I can't understand why any code is being checked before schema.rb finishes executing. The def of the table in question isn't missing from schema.rb or anything, and I don't see any typos anywhere. Googling shows this can be an issue from the factory girl gem, but we're not using that (i.e. it's not in our gemfile, and I don't even know what it does).

We got past it by switching to the previous branch in SVN, then running rake db:setup (which worked), then switching back to the later branch and running migrations. But, I'd like to figure out what's wrong and fix it so it doesn't fester under the surface just waiting for a really bad time to come up again.

Peristalsis fucked around with this message at 17:52 on Apr 2, 2015

# ? Apr 2, 2015 17:19

EVGA Longoria: Dec 25, 2005; Let's go exploring!

Pardot posted:

You got my hopes up only to dash them. Just checked and "definition outside of methods" is still there on sinatra files, since it counts all the blocks all together, instead of as separate methods.

Put the code inside a method.

Ruby code:

      get '/:keywords' do
        home(keywords: parse_param(params[:keywords]))
      end

You still get dinged for it, but not as much as having 300 lines inside there. I have A ranks there, if you actually care about that.

# ? Apr 2, 2015 17:27

Smol: Jun 1, 2011; Stat rosa pristina nomine, nomina nuda tenemus.

Why would you write worse code to appease a broken static analyzer?

# ? Apr 2, 2015 17:31

Adbot: ADBOT LOVES YOU

# ? May 9, 2024 20:20

EVGA Longoria: Dec 25, 2005; Let's go exploring!

Smol posted:

Why would you write worse code to appease a broken static analyzer?

Why would you care what that static analyzer says about one edge case enough to not use it at all?

Also, in my case, there was a pretty good reason to do it the way it's done.

# ? Apr 3, 2015 01:32

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Ruby on Rails Love-In

«‹›178 »