- Foreword to the First Edition
- Acknowledgments
- About the Author
- From Zero to Deploy
- Development Environments
- Ruby RubyGems Rails and Git
- The First Application
- rails server
- Model-view-controller MVC
- Version Control with Git
- What Good Does Git Do You
- GitHub
- Branch Edit Commit Merge
- Deploying
- Heroku Setup
- Conclusion
- A Demo App
- Planning the Application
- Modeling Demo Users
- Modeling Demo Microposts
- The Users Resource
- A User Tour
- MVC in Action
- Weaknesses of this Users Resource
- The Microposts Resource
- A Micropost Microtour
- Putting the micro in Microposts
- A User has many Microposts
- Inheritance Hierarchies
- Deploying the Demo App
- Conclusion
- Static Page
- Mostly Static Pages
- Truly Static Pages
- Static Pages with Rails
- Our First Tests
- Test-driven Development
- Adding a Page
- Testing a Title Change
- Passing Title Tests
- Embedded Ruby
- Eliminating Duplication with Layouts
- Conclusion
- Advanced Setup
- Eliminating bundle exec
- Automated Tests with Guard
- Speeding up Tests with Spork
- Tests inside Sublime Text
- Rails-Flavored Ruby
- Strings and Methods
- Objects and Message Passing
- Method Definitions
- Other Data Structures
- Blocks
- Hashes and Symbols
- CSS revisited
- Ruby Classes-Constructors
- Class Inheritance
- Modifying Built-in Classes -A Controller Class
- A User Class
- Conclusion-Exercises
- Adding Some Structure
- Site Navigation
- Bootstrap and Custom CSS
- Partials
- Sass and the Asset Pipeline
- Syntactically Awesome Stylesheets
- Layout Links
- Route Tests
- Rails Routes
- Named Routes
- Pretty RSpec
- User Signup A First Step
- Signup URI
- Conclusion-Exercises
- Modeling Users
- User Model
- Database Migrations
- The Model File
- Creating User Objects
- Finding User Objects
- Updating User Objects
- User Validations
- Validating Presence
- Length Validation-Format Validation
- Uniqueness Validation
- Adding a Secure Password
- An Encrypted Password
- Password and Confirmation
- User Authentication
- User Has Secure Password
- Creating a User
- Conclusion-Exercises
- Showing Users
- Debug and Rails Environments
- A Users Resource
- Testing the User Show Page with Factories
- A Gravatar Image and a Sidebar
- Signup Form
- Tests for User Signup
- Using form for
- The Form HTML
- Signup Failure
- Signup Error Messages
- The Finished Signup Form
- The Flash
- Deploying to Production with SSL
- Conclusion-Exercises
- Sessions and Signin Failure
- Sessions Controller
- Signin Tests
- Signin Form
- Reviewing Form Submission
- Rendering with a Flash Message
- Signin Success
- Remember Me
- A Working sign in Method
- Current User
- Changing the Layout Links
- Signin upon Signup
- Signing Out
- Introduction to Cucumber Optional
- Installation and Setup
- Features and Steps
- Counterpoint RSpec Custom Matchers
- Conclusion-Exercises
- Updating Users
- Edit Form
- Unsuccessful Edits
- Successful Edits
- Authorization
- Requiring Signed-in Users
- Requiring the Right User
- Friendly Forwarding
- Showing All Users
- User Index
- Sample Users
- Pagination
- Partial Refactoring
- Deleting Users-Administrative Users
- The destroy Action
- Conclusion-Exercises
- A Micropost Model
- The Basic Model
- Accessible Attributes and the First Validation
- User Micropost Associations
- Micropost Refinements
- Content Validations
- Showing Microposts
- Augmenting the User Show Page
- Sample Microposts
- Manipulating Microposts
- Access Control
- Creating Microposts
- A Proto-feed
- Destroying Microposts
- Conclusion-Exercises
- Following Users
- The Relationship Model
- A Problem with the Data Model and a Solution
- User Relationship Associations
- Validations
- Followed users
- Followers
- Sample Following Data
- Stats and a Follow Form
- Following and Followers Pages
- A Working Follow Button the Standard Way
- A Working Follow Button with Ajax
- Making the output of find readable in shell
- CRUD Operation-Create
- The Status Feed
- Motivation and Strategy
- A First Feed Implementation
- Subselects
- The New Status Feed
- Conclusion
- Exercises
Ruby On Rails Lesson
Note that the destroy action uses method chaining to combine the find and destroy into one line:
User .find(params [:id ] ).destroy
As constructed, only admins can destroy users through the web, because only admins can see the delete links. Unfortunately, there’s still a terrible security hole: Any sufficiently sophisticated attacker could simply issue DELETE requests directly from the command line to delete any user on the site. To secure the site properly, we also need access control on the destroy action, so our tests should check not only that admins can delete users, but also that other users can’t. The results appear in Listing 9.47. Note that, in analogy with the put method from Listing 9.11, we use delete to issue a DELETE request directly to the specified URI (in this case, the user path, as required by Table 7.1).
Pooja Negi
Skills Ruby On Rails
Qualifications :- High School - SSN high school, College/University - HNBGU, College/University - SRHU,Location :-Ranipokhari,Rishikesh,Uttarakhand,India
Description:- Student
Explore