25 Real Life Tips In Ruby on Rails Development

25 REAL LIFE TIPS IN RUBY ON RAILS DEVELOPMENT Nicolas Jacobeus @jacobeus

THE F*CK IS THIS? • Real life ideas from real life apps • Aim: elegant, secure, maintainable apps • Production code • Tips, not rules

LET’S START 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 54321

a x nt sy 1. CROSS THE CHANNEL • Only code in english • Pay attention to the speling, but also to the meaning • IT = information technology

x 2. AVOID AWKWARD a nt sy SILENCES • Forbid trailing whitespaces • Forbid useless empty lines • Forbid space/tabs mixes • Why: • There are people who care • Nobody likes useless/noisy diff ﬁles

3. {{SOME STUPID WORD ch ar PLAY ON REST}} • Use REST everywhere, by default • Only difﬁcult in some cases • Links from email (always GET) • Interaction without other tools (payment gateways, etc.)

ch ar 4. ORGANIZE YOUR APP • Don’t be afraid to enhance the Rails directory structure • Tellrails about it in conﬁg/environment.rb

ch ar 5. KICK RJS OUT • RJS = Javascript written in Ruby and sent asynchronously • XMLHttpRequest (XHR) is for sending data asynchronously • Keep the behaviour in your behaviour (JS) ﬁles

6. CONSIDER PRESENTERS ch ar AND CONDUCTORS • Presenter • layer between the controller and the view • holds all the presentation stuff related to your model (formatted currency/dates, etc.) • Conductor • layer between the model and the controller • handles multi-model forms

ls 7. UNDERSTAND MODEL e od m HOOKS • before_validation: forprocessing user-submitted data before validating it (ex.: lowercase domain name etc.) • before_save: for saving computed stuff in the model (like timestamps, hashes, ...) • after_save: for updating related models • Never call save/update in a hook!

els od m 8. ORGANIZE YOUR MODELS • Keep consistent in the way you code your models • I’m used to this order: • behavior-related stuff (usually from plugins like acts_as_...) • relationships (belongs_to/has_many) and named_scopes • validations • hooks • attributes-related stuff • methods grouped by aspect (authentication, messaging, ...)

els od m 9. OBSERVE BY ASPECT • Observers can manage multiple models • Make one observer per purpose, for example • notiﬁcation observer • mail observer • referral observer

s 10. DON’T CALL THE DB w vie FROM YOUR VIEWS • MVC : no call to the model layer from views • All dynamic data should be deﬁned in controller variables @users_count vs. @users.count • Why: • Separation of concerns / loose coupling • Unit testing

s w vie 11. CONSIDER HAML/SASS • More concise than vanilla HTML/CSS • Prevents you from invalid markup • HTML5-compatible

s er lp he 12. HELP YOUR VIEWS • Use helpers for • repeated chunks of view code (will DRY your views) • presentation logic like ﬁrst_tab_is_active? (will make your code more readable) • You can also use helper_method if you need the logic in controllers as well

s er 13. USE THE BEST lp he LANGUAGE FOR EACH TASK • Generate HTML in HTML (or Haml ;-)) • Avoid content_tags in helpers, rather call partials • Easier for html slicers to understand

s er lp he 14. HELP BY ASPECT • Rails generate by default one helper per controller • Erase them all and use aspect-oriented helpers • links_helper • menu_helper • avatar_helper

s er lp he 15. USE CLEVER LINK HELPERS • You often have presentation logic which depends on the context • Example: a link to a proﬁle page in a social network • is it you ? / one of your friends ? / someone else ? • create link_to_user which will point to the good controller

rs lle 16. MINIMIZE INTERACTIONS ro nt co BETWEEN C AND M • Only call a model once in each controller method (besides save/update) • Why: • Separation of concerns (prevents inconsistency if several controllers deal with the same models) • Keep all the logic related to the model in one place

rs lle ro nt co 17. SKINNY C, FAT M • Put all business logic in your model • The role of the controller layer is to • get user input and send it to the model layer • send the answer back to the user

rs lle 18. KEEP CONSISTENT ro nt co CONTROLLERS • Try to keep the same order in your REST methods • I’mused to INCSEUD (typical workﬂow) index / new / create / show / edit / update / destroy

e as 19. AVOID DATA IN abt da MIGRATIONS • There’s a rake db:seed task for your “kickstart” data • For demo/dev data, create your own rake tasks • Exception: refactoring-related migrations sometimes need data

e as 20. PAY ATTENTION TO abt da RDBMS DATATYPES • Length of ﬁelds • Varchar vs. char vs. text • Integer rather than ﬂoat for currency

y rit 21. XSS-PROTECT cu se YOUR TEXT FIELDS • XSS = cross-site scripting • Protect all your text ﬁelds which are manipulated by the user • xss_terminate plugin • Don’t protect serialized ﬁelds

y rit 22. PROTECT YOUR FIELDS cu se FROM MASS-ASSIGNMENT • @user.update_attributes(params[:user]) # { :admin => true } • Users can forge form submission (with cURL, etc.) • Put an empty attr_accessible clause in each model upon creation, and add “safe” ﬁelds one by one

y rit cu se 23. SCOPE BY DEFAULT • In your controllers, scope every request to the current user • current_user.messages.ﬁnd(params[:id]) • current_user.messages.build(params[:message]) • Even in methods where it’s not necessary (like new), for consistency

y plo 24. DEPLOY WITH GREAT de TOOLS • What works well for us (for the moment!): • Ruby Enterprise Edition + nginx + Capistrano + GitHub • Heroku

isc m 25. USE RUBY • In case you didn’t know, Rails is based on it. • Embrace functional programming thing.select {|t| t.valid?}.map {|t| t.stuff}.ﬂatten.uniq • Don’t be afraid of meta-programming, it can help you! • Create domain-speciﬁc languages for your app • Generate groups of similar methods at once

THANKS This is the last slide, ‘cause my talk is over.

http://rubyrailsandwindows.blogspot.com	40
http://www.slideshare.net	33
http://mydeveloperdays.blogspot.com	22
http://drixenol.posterous.com	13
http://drixenol.tumblr.com	5
http://rubyrailsandwindows.blogspot.com.au	3
http://fredbaa.com	3
http://teamco-anthill.blogspot.com	2
http://a0.twimg.com	1
http://rubyrailsandwindows.blogspot.in	1
http://mydeveloperdays.blogspot.fr	1
http://posterous.com	1
http://drixenol.com	1

25 Real Life Tips In Ruby on Rails Development

by Belighted on Feb 10, 2010

Accessibility

Categories

Tags

Upload Details

Usage Rights

13 Embeds 126

Statistics

25 Real Life Tips In Ruby on Rails Development — Presentation Transcript