# unauthenticated do # as :user do # root to: 'devise/registrations#new' # end # end

# authenticated :user, lambda {|u| u.role == "admin"} do # root to: "admin/dashboard#show", as: :user_root # end

There is no request.env in functional tests because the functional tests are supposed to remain at the controller level.

This is a Rails change of behaviour and Rails is not going back.

class LoggedInConstraint def self.matches?(request) request.env['warden'].authenticate? end end

class AuthConstraint def initialize(&block) @block = block || ->(_) { true } end def matches?(req) user = current_user(req) user.present? && @block.call(user) end def current_user(req) User.find_by_id(session[:user_id]) end end This is a flexible approach to defining route access based on any desired variable (roles, auth, etc...)

scope module: 'authenticated', constraints: AuthConstraint.new { |user| user.present? } do # Management dashboard root 'dashboards#index' end root 'home#index'

authenticated :user do root 'calendars#index', as: :authenticated_root end unauthenticated :user do root 'pages#home', as: :unauthenticated_root end

You can also specify constraints as a lambda:

Meh... as I said earlier, I think using Webpack is the recommended way now. Another issue is there is no way to generate source maps in production.

But last I have seen comments from DHH, he considered webpack(er) recommended for JS, but Sprockets still the preferred solution for (S)CSS.

I agree about lack of maintenance. It's probably because people use more and more Webpack.

we want source maps in production (like DHH)

After waiting years for sprockets to support this we were very happy to see that sprockets 4 officially added support (thanks ), but then when trying to upgrade we noticed there's actually no way to use it in production... (without brittle hacks mentioned above).

Rails still encourages you to dump all validation errors at the top of a form, which is lulzy in this age of touchy UX

Run the complete unit with a certain input set, and test the side-effects. This differs to the Rails Way™ testing style, where smaller units of code, such as a specific validation or a callback, are tested in complete isolation. While that might look tempting and clean, it will create a test environment that is not identical to what happens in production.

Responders don't use valid? to check for errors in models to figure out if the request was successful or not, and relies on your controllers to call save or create to trigger the validations.

Instead of dealing with a mix of before_filters, Rack-middlewares, controller code and callbacks, an endpoint is just another activity and allows to be customized with the well-established Trailblazer mechanics.

The legendary cfp-app will become a Rails-to-TRB refactoring tutorial.

To make it short: we returned to the Rails Way™, lowering our heads in shame, and adhere to the Rails file and class naming structure for operations.

While Trailblazer offers you abstraction layers for all aspects of Ruby On Rails, it does not missionize you. Wherever you want, you may fall back to the "Rails Way" with fat models, monolithic controllers, global helpers, etc. This is not a bad thing, but allows you to step-wise introduce Trailblazer's encapsulation in your app without having to rewrite it.

By default, hashes remove any keys that aren't given as nested filters. To allow all hash keys, set strip: false. In general we don't recommend doing this, but it's sometimes necessary.

ActiveInteraction type checks your inputs. Often you'll want more than that. For instance, you may want an input to be a string with at least one non-whitespace character. Instead of writing your own validation for that, you can use validations from ActiveModel. These validations aren't provided by ActiveInteraction. They're from ActiveModel. You can also use any custom validations you wrote yourself in your interactions.

Since we're using an interaction, we don't need strong parameters. The interaction will ignore any inputs that weren't defined by filters. So you can forget about params.require and params.permit because interactions handle that for you.

Note that it's perfectly fine to add errors during execution. Not all errors have to come from type checking or validation.

with ActiveForm-Rails, validations is the responsability of the form and not of the models. There is no need to synchronize errors from the form to the models and vice versa.

I agre with your concern. I realy prefer to do this : form.assign_attributes(hash) if form.valid? my_service.update(form) #render something else #render somthing else end It looks more like a normal controller.

My only concern with this approach is that if someone calls #valid? on the form object afterwards, it would under the hood currently delete the existing errors on the form object and revalidate. The could have unexpected side effects where the errors added by the models passed in or the service called will be lost.

My concern with this approach is still that it's somewhat brittle with the current implementation of valid? because whilst valid? appears to be a predicate and should have no side effects, this is not the case and could remove the errors applied by one of the steps above.

By explicitly defining the form layout using ::property there is no more need for protecting from unwanted input. strong_parameter or attr_accessible become obsolete. Reform will simply ignore undefined incoming parameters.

Some developers found work arounds by using virtual attributes to # skip validators

Any attribute in the list will be allowed, and any defined as attr_{accessor,reader,writer} will not be populated when passed in as params. This means we no longer need to use strong_params in the controllers because the form has a clear definition of what it expects and protects us by design.

@conference_form.submit(conference_params)

    @conference_form = ConferenceForm.new(conference)
    @conference_form.submit(conference_params)

    if @conference_form.save

If you include ActiveModel::Validations you can write the same validators as you would with ActiveRecord. However, in this case, our form is just a collection of Contact objects, which are ActiveRecord and have their own validations. When I save the ContactListForm, it attempts to save all the contacts. In doing so, each contact has its error_messages available.

Of course our object doesn't have any contacts yet, so our controller will need to make sure that the form has at least one fields_for block to render by giving it one on initialization

config.action_mailer.register_preview_interceptor :css_inline_styler

Previewing You can create a controller that gets the email and then renders the body from it.

In short, I think the idea of public methods being actions works just fine as an api.

You can use the match method with the :via option to match multiple verbs at once:

I was confused as to why there is a dual system running on, there might be reasons for that but let's fix this situation by only using Webpacker to generate our assets.

Kiosk provides APIs for integrating WordPress content into a Rails

<html lang="<%= I18n.locale %>">

def svelte_compontent(name, props) content_tag(:div, nil, id: "svelte-#{name.dasherize}-root", 'data-props': props.to_json) end

Ruby is the programming language used in Translation Proxy. For Sarah, Object Oriented Design “done the Ruby way” is so enjoyable and is the part of her work that she likes most.

RAILS_ENV determines which Webpacker YAML settings are used and NODE_ENV determines which webpack configuration is used.

This finally brings us to the use case for NODE_ENV=test: JavaScript unit testing By this I mean executing tests, written in JavaScript, against your application JavaScript code within a Node.js process.

You can also just throw<% yield :javascript_packs %>somewhere in your layout, and use<%= content_for :javascript_packs do %><%= javascript_pack_tag 'visitor' %><% end %>

(Note that you rarely want to deal with Time.now, or Date.today, in order to honor the application time zone please always use Time.current and Date.current.)

The best way to do this is create a new Rails environment, profile.rb.

Actually, thats the one thing I’ve always thought Middleman got better than Rails: instead of eg, calling ‘render :admin’ in the general layout, you would ‘wrap_layout :application’ inside the specific (admin) one. It’s much more ergonomic this way.

I ran in to what I thought was this issue, but I was using fragment caching. Since the partial was not executed again, the content_for was not called. content_for could be written differently to handle this.

As mentioned in StateMachines::Machine#state, you can define behaviors, like validations, that only execute for certain states. One important caveat here is that, due to a constraint in ActiveRecord's validation framework, custom validators will not work as expected when defined to run in multiple states.

For Rails 5, note that protect_from_forgery is no longer prepended to the before_action chain, so if you have set authenticate_user before protect_from_forgery, your request will result in "Can't verify CSRF token authenticity." To resolve this, either change the order in which you call them, or use protect_from_forgery prepend: true.

Rails also adds a test method that takes a test name and a block. It generates a normal Minitest::Unit test with method names prefixed with test_. So you don't have to worry about naming the methods, and you can write something like:

The translated model name, translated attribute name, and value are always available for interpolation as model, attribute and value respectively.

There are few ways to build forms with objects that don't inherit from Active Record, as follows:

the /rails/info/properties page

If you ever need to work with external translators, it’s a bit of a pain sending both your YML files and a bunch of views like index.en.html.erb. For one thing, you need some code to find all those files and send them, and put them back after receiving the translations. For another, your translator must respect the markup and code of the template, and know not to translate them. And if you want to use tools like WebTranslateIt, it’s easier to stick to YML.

Action View has the ability to render different templates depending on the current locale.For example, suppose you have an ArticlesController with a show action. By default, calling this action will render app/views/articles/show.html.erb. But if you set I18n.locale = :de, then app/views/articles/show.de.html.erb will be rendered instead. If the localized template isn't present, the undecorated version will be used. This means you're not required to provide localized views for all cases, but they will be preferred and used if available.

ActionController and ActionMailer default include AbstractController::Rendering directly or indirectly (ActionController::Metal::Rendering). AbstractController::Rendering uses ActionView as default library for its template rendering engine and includes AbstractController::ViewPaths and an instance of I18n proxy to find localized views. To learn more i'd like to refer to the ActionPack source code on github. To get to the point. ActionView allows you to use localisation in your templates: See Rails guide: Action View Overview , Chapter Localized views.

For several reasons the Simple backend shipped with Active Support only does the "simplest thing that could possibly work" for Ruby on Rails3 ... which means that it is only guaranteed to work for English and, as a side effect, languages that are very similar to English. Also, the simple backend is only capable of reading translations but cannot dynamically store them to any format.That does not mean you're stuck with these limitations, though. The Ruby I18n gem makes it very easy to exchange the Simple backend implementation with something else that fits better for your needs, by passing a backend instance to the I18n.backend= setter.

it comes down to opportunities for code reuse. Will your system re-use more code if you use WordPress and its very usable admin area, myriad of available plugins and themes? Or can you re-use more code by harnessing the object-oriented design, DSLs and good software development practices mecca that is Ruby, Rails and the available libraries and tools?

The :shallow_prefix option adds the specified parameter to the named route helpers:

You can also specify the :shallow option in the parent resource, in which case all of the nested resources will be shallow:

The shallow method of the DSL creates a scope inside of which every nesting is shallow. This generates the same routes as the previous example:

If you need more advanced React-integration, like server rendering, redux, or react-router, see shakacode/react_on_rails, react-rails, and webpacker-react.

This gem also includes a responders controller generator, so your scaffold can be customized to use respond_with instead of default respond_to blocks. From 2.1, you need to explicitly opt-in to use this generator by adding the following to your config/application.rb: config.app_generators.scaffold_controller :responders_controller

Responders don't use valid? to check for errors in models to figure out if the request was successful or not, and relies on your controllers to call save or create to trigger the validations.

Arguably, the rails-team's choice of raising ArgumentError instead of validation error is correct in the sense that we have full control over what options a user can select from a radio buttons group, or can select over a select field, so if a programmer happens to add a new radio button that has a typo for its value, then it is good to raise an error as it is an application error, and not a user error. However, for APIs, this will not work because we do not have any control anymore on what values get sent to the server.

liberal_enum :kind

When the controller creates the user, instead of adding a validation error to the record, it raises an exception. How to avoid this?

I really dislike the reasoning as stated in the issue listed above. Since the value is coming over the wire, it should be treated the same as a freetext input where the expectation is to validate in the model and not the controller. This is especially true in APIs where the developers have even less of a say as far as expected input coming from form data (for example).

In case anyone wants a hack, here is what I came up with.

But now the first line throws an exception ArgumentError: '0' is not a valid audience