ruby on rails kickstart 103 & 104
TRANSCRIPT
![Page 1: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/1.jpg)
Ruby on Rails#103 Scaffold and modify scaffold
![Page 2: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/2.jpg)
ScaffoldRuby on Rails magic
![Page 3: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/3.jpg)
Getting started1. Ruby on Rails command
2. Generate an article scaffold
• MVC pattern
3. Synchornize database schema
• ORM
4. Modify scaffold
![Page 4: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/4.jpg)
Ruby on Rails Commandrails generate scaffold scaffold_name field1_name:field1_type \ field2_name:field2_type ... fieldN_name:fieldN_type
• Replace scaffold_name with actual scaffold names
• Replace field1_name to fieldN_name with actual field names
![Page 5: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/5.jpg)
Ruby on Rails command (Cont.)field1_type to fieldN_type needs to be a valid data type
source: https://ihower.tw/rails4/migrations.html#section
![Page 6: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/6.jpg)
Generate an article scaffoldrails generate scaffold article title:string body:text
The command generates...
• a controller handles requests from clients and transfer data between models and views
• a model with one string field called title and one text field body called article
• a form for create and update articles and several views to list articles and to display single article
![Page 7: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/7.jpg)
Controller? Model? View?What the hell are they?
![Page 8: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/8.jpg)
MVC pattern
![Page 9: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/9.jpg)
Models and views DO NOT directly exchange data
Remember this till the Apocalypse
![Page 10: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/10.jpg)
Synchronize database schemarake db:migrate
• rake runs scripts called Rakefile. Rakefile holds a bundle of commands related to Ruby on Rails but not part of Ruby on Rails
• db:migrate: synchronize database schema, as known as database migration
• tmp:clear: clean temporary files
![Page 11: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/11.jpg)
Why bothered?In PHP
$title = mysql_real_escape_string($_POST['title']);$body = mysql_real_escape_string($_POST['body']);$sql = "INSERT INTO `articles` (`title`, `body`)" . " VALUES ('{$title}', '{$body}')";mysql_query($sql);
![Page 12: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/12.jpg)
SucksJust one SQL injection can
make your system upside down
ONE SQL INJECTION!
![Page 13: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/13.jpg)
Don't botherIn Ruby on Rails# params[:article] = {# title: 'Article title',# body: 'Article body'# }
article = Article.new(params[:article])article.save
ORM saves the day
![Page 14: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/14.jpg)
ORMObject Relational Mapping
![Page 15: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/15.jpg)
ORM (Cont.)• Object Relational Mapping
• Object stands for objects in Ruby on Rails
• Relational stands for relational database system, such as MySQL, PostgreSQL, Microsoft SQL Server...etc.
• Mapping stands for the procedure transfer data structure into table row
![Page 16: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/16.jpg)
Start web serverIf you forget how to do so,
feel free to take a look on #101
![Page 17: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/17.jpg)
Open browserhttps://[your-cloud9-preview-url]/articles
If you see this, you got it
![Page 18: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/18.jpg)
Just one command...fulfills fundamental needs
![Page 19: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/19.jpg)
Modify scaffoldAdd / Remove a field
Nobody is perfect
![Page 20: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/20.jpg)
Add a field1. Modify model
1. Create a database migration
2. Synchronize database schema
2. Modify the controller
3. Modify views
![Page 21: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/21.jpg)
Create a database migrationrails generate migration \ add_author_to_articles author:string
• Replace author with field name you want to add
• Replace articles with plural form of model
• Replace string with valid data type from the table mentioned before
![Page 22: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/22.jpg)
Synchronize database schemarake db:migrate
![Page 23: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/23.jpg)
Modify the controller# Only allow a trusted parameter "white list" through.def article_params params.require(:article).permit(:title, :body, :author)end
• Append :author to the list of white list
![Page 24: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/24.jpg)
Mass-assignment Vulnerability
Github hack Rails
![Page 25: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/25.jpg)
Strong parameterOnly allow values of known keysto be assigned to the ORM object
![Page 26: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/26.jpg)
Modify views1. index view2. show view3. _form partial
![Page 27: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/27.jpg)
index view... <td><%= article.body %></td> <td><%= article.author %></td> <td><%= link_to 'Show', article %></td>...
![Page 28: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/28.jpg)
show view...</p>
<p> <strong>Author:</strong> <%= @article.author %></p>
<%= link_to 'Edit', edit_article_path(@article) %> |...
![Page 29: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/29.jpg)
_form partial... <%= f.input :body %> <%= f.input :author %> </div>...
![Page 30: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/30.jpg)
FiveCount of files you edited for adding a field
![Page 31: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/31.jpg)
Ruby on Rails magic
![Page 32: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/32.jpg)
Remove a field from scaffold1. Create a database migration
2. Synchronize database schema
3. Modify the controller
4. Modify views
![Page 33: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/33.jpg)
Database migrationAny changes related to database,
including adding or removing fields
![Page 34: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/34.jpg)
Create a database migrationrails generate migration remove_body_from_articles
• Replace author with field name in the model
![Page 35: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/35.jpg)
Synchronize database schemaThat's all I can say
![Page 36: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/36.jpg)
Modify the controllerReverse procedure against adding fields
![Page 37: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/37.jpg)
Modify viewsReverse procedure against adding fields
![Page 38: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/38.jpg)
End of Ruby on Rails #103
![Page 39: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/39.jpg)
Ruby on Rails#104 Dig into MVC
![Page 40: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/40.jpg)
Review
![Page 41: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/41.jpg)
Controller1. Receive requests
2. Fetch raw or processed data from models
3. Inject data into views
![Page 42: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/42.jpg)
Controller (Cont.)class SomeController < ApplicationController ... def action_name ... end ...end
![Page 43: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/43.jpg)
Controller (Cont.)1. One controller has many actions
2. Each action has its own purpose
3. Actions are isolated to each other
4. One action takes care of one request
![Page 44: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/44.jpg)
Model1. Query rows from database
2. Process data
3. Write data into database
![Page 45: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/45.jpg)
Model (Cont.)class Person
def full_name first_name + last_name end
end
![Page 46: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/46.jpg)
Model (Cont.)1. Model DOES NOT hold fields, schema DOES
2. Model is a class
3. In ORM, fields would be mapped as properties in object, thus we can manipulate them via methods
![Page 47: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/47.jpg)
Model (Cont.)• HumanBeing : Model
• Person : Object
• People : Iterable object (a.k.a. array) of objects
![Page 48: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/48.jpg)
Model (Cont.)@all_people = HumanBeing.all
@adults = HumanBeing.where('age >= ?', 20)
@person = HumanBeing.find_by(identity: 'A123456789')
![Page 49: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/49.jpg)
Views1. Build HTML documents
2. Respond to clients
![Page 50: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/50.jpg)
Views (Cont.)Full name: <%= @person.full_name %>
Where does @ point to?
![Page 51: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/51.jpg)
Views (Cont.)1. Symbol @ points to corresponding controller in views
2. DO NOT conduct complicated calculations or property access in views
3. Views should have only if and each statements
![Page 52: Ruby on Rails Kickstart 103 & 104](https://reader031.vdocuments.mx/reader031/viewer/2022012917/588922e61a28ab77528b58ef/html5/thumbnails/52.jpg)
Homework1. Create a scaffold from scratch
2. Add a field to the scaffold
3. Remove a existing field from the scaffold