ruby on rails pitfalls

1,753 views

Published on

published by Robin Lu, Founder of caibangzi.com

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,753
On SlideShare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
65
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide




  • action controller 相关的问题
    Anything you place in the flash will be exposed to the very next action and then cleared out.
  • Anything you place in the flash will be exposed to the very next action and then cleared out.

  • action view相关
  • 在一些有特殊容错特性的浏览器中,比如IE 6.0
    不完整的tag会被拼成一个完整的tag.

  • not safe sanitizer:HTML::FullSanitizer
    safe sanitizer:HTML::WhiteListSanitizer
  • controller + view
    代码来源于Agile Web Development With Rails













  • active record相关

  • when there’s no table lock
  • when there’s no table lock
  • when there’s no table lock
  • when there’s no table lock
  • when there’s no table lock
  • when there’s no table lock





  • 如果conditions是组合而成的,要注意是否有组合内容为空的情况.组合内容为空,conditions不能为空.否则,可能得到完全相反的结果.





  • otherwise, something strange could happen



  • ruby on rails pitfalls

    1. 1. Ruby on Rails Pitfall Or just stupid mistakes we made Robin Lu IN-SRC Studio robinlu@in-src.com RubyConfChina2009
    2. 2. IN-SRC Studio • http://www.in-src.com • Team behind Caibangzi.com • Full stack Ruby On Rails Development • Projects from Pepboys,Vitality, Healthwise...
    3. 3. ‘and’ or ‘&&’ What does this mean? result = func(arg) and render(:text => result)
    4. 4. ‘and’ or ‘&&’ What does this mean? result = func(arg) and render(:text => result) Why not this? result = func(arg) && render(:text => result)
    5. 5. ‘and’ or ‘&&’ What does this mean? result = func(arg) and render(:text => result) Why not this? result = func(arg) && render(:text => result) Be aware of the operator precedence
    6. 6. strip_tags Display user input text without tags What we did:
    7. 7. strip_tags When text = ‘<img title=quot;http://example.com/x.js?quot; src=quot;#quot;’ the page becomes: <p> <img title=quot;http://example.com/x.js?quot; src=quot;#quot; </p>
    8. 8. strip_tags strip_tags is not safe by itself h strip_tags(text)
    9. 9. cache class Blog1Controller < ApplicationController def list unless read_fragment(:action => 'list') @articles = Article.find_recent Controller end end end <% cache do %> <ul> <% for article in @articles -%> <li><p><%= h(article.body) %></p></li> list.html.erb <% end -%> </ul> <% end %>
    10. 10. cache Result: sometime got crash due to uninitialized @articles
    11. 11. cache article list
    12. 12. cache article list check cache
    13. 13. cache article list check cache list
    14. 14. cache article list check cache list render
    15. 15. cache article list article new check cache list render
    16. 16. cache article list article new check cache list expire cache render
    17. 17. cache article list article new check cache list expire cache render
    18. 18. cache article list article new check cache list expire cache render check cache
    19. 19. cache article list article new check cache list expire cache render check cache crashed by non-init @articles
    20. 20. cache Solutions? • defensive: handle the exception • postpone init of @articles • update caches instead of expiring them none of them is perfect
    21. 21. whiny nil
    22. 22. whiny nil Check nil? everywhere?
    23. 23. whiny nil config.whiny_nil = true
    24. 24. validate_uniqueness_of
    25. 25. validate_uniqueness_of We always get errors like this: A ActiveRecord::StatementInvalid occurred in fund#add_watch_fund:  Mysql::Error: Duplicate entry '1234-271' for key 2: INSERT INTO `watch_funds` (`account_id`, `position`, `fund_id`, `created_at`) VALUES(1234, 19, 271, '2009-05-06 19:13:50')
    26. 26. validate_uniqueness_of Process A Process B
    27. 27. validate_uniqueness_of Process A Process B unique?
    28. 28. validate_uniqueness_of Process A Process B unique? select ....
    29. 29. validate_uniqueness_of Process A Process B unique? select .... unique?
    30. 30. validate_uniqueness_of Process A Process B unique? select .... unique? Insert
    31. 31. validate_uniqueness_of Process A Process B unique? select .... unique? Insert Insert
    32. 32. validate_uniqueness_of Process A Process B unique? select .... unique? Insert Insert crash!
    33. 33. validate_uniqueness_of validate_uniqueness_of may not guarantee the uniqueness use your own lock if the uniqueness is critical to you.
    34. 34. conditions Background: • category has many subcategories • subcategory has many posts • post belongs to subcategory we need to select all posts in a category.
    35. 35. conditions What we did: named_scope :in_category, lambda { |cat| conditions = [cat.subcategories.map {|subcat| 'posts.subcategory_id = ?' }.join(quot; OR quot;)] cat.subcategories.each {|subcat| conditions << subcat.id } {:conditions => conditions} }
    36. 36. conditions Result: we get all posts when a category has no subcategories
    37. 37. conditions When category has no subcategory named_scope :in_category, lambda { |cat| conditions = [cat.subcategories.map {|subcat| 'posts.subcategory_id = ?' }.join(quot; OR quot;)] cat.subcategories.each {|subcat| conditions << subcat.id } {:conditions => conditions} }
    38. 38. conditions When you compose conditions, be aware that sometime nothing to compose means the conditions should match nothing, not the conditions should be empty.
    39. 39. before_create set a flag if the author of the post is an admin What we did:
    40. 40. before_create Result: Only post by admin can be saved
    41. 41. before_create All these callbacks are Filters Be careful not to break the filter chain by what you return from the filters!
    42. 42. after_create send a mail whenever a new record is created What we did:
    43. 43. after_create Result: sometime the record save failed but we still get mail notification
    44. 44. after_create before_create begin ... create ... commit after_create all in one transaction all the steps between this should be transactional
    45. 45. after_create What are non-transactional actions? • send a mail • delete a file • expire a cache
    46. 46. after_create • try not put non-transaction actions into transactions. • after_commit • in controller
    47. 47. Thanks!

    ×