Numbers and Symbols404.html file, 24422.html file, 24500.html file, 24&& (and) operator, 9–10@, for instance variables, 15\ (backslash), for special characters, 6: (colon), for symbols, 7{ } (curly braces)

for blocks, 13for hashes, 8

:: (double-colon) operator, 91" (double-quotes), for strings, 6== (equal) operator, 9! (exclamation mark), at end of

method name, 7=> (hash rocket), 8–9> (greater than) operator, 9< (less than) operator, 9

and inheritance, 17<< operator, 8<=> operator, 92<%= %> tag, 58<% %> tag, 58–59<%# %> tag, for comments, 59% (modulus) operator, 5!= (not equal) operator, 9|| (or) operator, 9–10||= (conditional assignment) operator, 10+ operator, to add arrays, 8? (question mark), at end of

method name, 7[ ] (square brackets), for array, 7–8_ (underscore), in partial names, 67| (vertical pipe), 13

AAccessor class, defining, 101Active Record, 30, 106–121

cache_key method, 187calculations, 35query conditions, 34–35relation, 32

ActiveRecord::Base, inheriting from, 110ActiveRecord::RecordNotFound exception,

32, 41ActiveSupport::Cache::FileStore cache

store, 186ActiveSupport::Cache::MemoryStore cache

store, 186ActiveSupport::TestCase module, 143Ada, 3add command (Git), 77alert class, 131alert-danger class, 132alert message, 132alert-success class, 132all method, 32Amazon Elastic Compute Cloud

(Amazon EC2), 224Amazon Web Services (AWS), 224–225ancestors class method, 95–96and (&&) operator, 9–10anonymous users, restricting page access,

125, 136Apache

disabling default site, 237installing, 226–228

API controllers, 212–213api module, 219API requests

adding route for, 211authentication credentials for, 209

APIs (application programming interfaces), 51

creating, 211–222token-based authentication, 216–222

api_token string, 216app/assets directory, 65, 177

application.css file, 65, 124, 176–177application.js file, 66, 124javascripts directory, 176stylesheets directory, 176

app/controllers directoryapi/posts_controller.rb file, 212, 257api/text_posts_controller.rb file, 219application_controller.rb file, 135,

171, 218

I n d e x

260 Index

app/controllers directory (continued)comments_controller.rb file, 248,

253–254destroy action in, 244

image_post_controller.rb file, 165, 250–251

ImagePostsController methods, 252posts_controller.rb file, 48, 125, 256

index action, 184logger statement, 198PostsController, 253

sessions_controller.rb file, 256text_posts_controller.rb file, 158, 159,

164–165users_controller.rb file, 129, 156, 250

app/helpers directory, 61application_helper.rb file, 61posts_helper.rb module, 61

application, view for, 22ApplicationController class, 136–137

authentication method in, 218ApplicationHelper module, 61, 90application programming interface.

See API (application programming interface)

application.rb file, 24application server, for Ruby on Rails,

226–227app/models directory

comment.rb file, 189adding validation, 241

ext_post.rb file, checking for body text, 118–119

image_post.rb file, 118post.rb file, 29subscription.rb file, 113user.rb file, 114, 129, 143

has_many association, 119app/views directory, 58

comments/_comment.html.erb file, 248, 253, 255

image_posts/edit.html.erb file, 165image_posts/_form.html.erb file, 251image_posts/_image_post.html.erb file,

126, 188, 192, 248ImagePost partial, 249

image_posts/new.html.erb file, 251layouts/application.html.erb file, 64,

136, 171, 196, 250, 258updating, 243

link_posts/_link_post.html.erb file, 256posts/index.html.erb file, 58, 62, 125, 159

will_paginate call, 184posts/show.html.erb file, 58, 68, 127

sessions/new.html.erb file, for login form, 133–134

text_posts/edit.html.erb file, 165text_posts/_form.html.erb file, 158text_posts/_text_post.html.erb file, 126,

165, 248, 255comment count in, 187–188TextPost partial, 249

users/new.html.erb file, 130–131users/show.html.erb file, 155, 156

apt-get system, for software install, 225–226

arrays, 7–8for all keys in hash, 9returning first and last entries in, 32

ASC order, for retrieving posts, 34as_json method, 213–214assertions, 146–147

controller test, 150–152in testing, 143

asset pipeline, 65, 176–179asset precompilation, 178–179debug mode, 177–178manifests, 176–177viewing search path list, 177

assets, in Rails application, 65assets:clobber rake task, 178assets directory, 23, 24assigns hash, 150associations, 39–42

adding, 40belongs_to methods, 41–42defining, 113generating model, 39has_many methods, 40–41has_many :through, 109–110many-to-many, 107–110polymorphic, 111–112self join, 106–107specifying in advance, 183testing, 115–116touch option, 189

attr_accessor method, 16, 90, 100–101attributes of object, displaying, 198authenticated user, for

TextPostsController, 158authenticate_or_request_with_http_token

method, 218authenticate_user! method, 136, 250authenticating over SSH (secure shell), 81authentication, 123–140

vs. authorization, 163–164of current user, 125with GitHub API, 209–211

Index 261

log in, 132–135of requests, 218–219token-based, 216–222of user, 136–137

authenticity_token token, 171authorization attacks, 163–165author migration, 37average method, 35AWS (Amazon Web Services), 224–225

Bbackslash (\), for special characters, 6BasicObject class, 96bcrypt gem, 128, 249BCrypt::Password.create method, 144before_action :authenticate_token!

method, 219before_action :authenticate_user!

method, 248before_action method (Rails), 48, 136belongs_to association, 106, 107, 111–112,

113, 247belongs_to methods, 41–42belongs_to statement, 40between? method, 92bin directory, 20, 23

bundle install command, 124, 128, 199cap production deploy command, 258rails console command, 247, 249rails generate command, 153rails server command, 57rake db:migrate command, 129, 216rake log:clear command, 197rake routes command, 211rake test command, 142rake test:models command, 149

--binstubs option, for bundler, 231block of code, 13blog posts, adding comments, 39body element (HTML), 64Booleans, 9–10Bootstrap, 124

form-group class, 131panel component, 126styles for links, 157

bootstrap_sass gem, 124branch command (Git), 79branching, 11BrightBox, 225build-essential package, 229build tools, installing, 229bundle command, 25–26, 82, 229bundle install command, 20, 235

Bundler tool, 25flags in, 82

business logic, 22byebug gem, 199

Ccached_comment_count method, 188cache_key method, 187, 189, 190cache keys, 187, 255cache store, 185

Rails support of, 186caching, 185–192

enabling, 186fragment, 189–191issues, 191–192low-level, 187–189

calc method, 93callbacks, eliminating, 147–148canceling current operation, 4cannot_feature! method, 245Capfile, 232Capistrano, 178, 230–237

configuration, 232–233database setup, 233–234deployment, 235secrets setup, 234setup, 231–232virtual host, 236–237

capistrano-rails gem, 231Cascading Style Sheets (CSS)

asset pipeline and, 176including in application, 124lists of application use, 65

casefor constants, 10for variables, 11

cd command, 20centralized version control systems, 76change_column method, 37change method, 36changes, pushing or pulling, 76checkout command (Git), 79, 80child model, 106classes, 15–18

adding new methods, 16ancestors, 95–96assigning method calls to another, 94creating instance of, 16as instance of other class, 96–97methods, 96

class_eval method, 100–102class methods, 17class statement, 15

262 Index

client error, 4xx status codes for, 208cloud application platform. See Heroku

cloud application platformcode

block, 13executing inside debugger, 203optimization, 180–185

CoffeeScript, 176, 180:collection option, 67–68collections, 67–68colon (:), for symbols, 7columns in database, adding, 37combining strings, 6comment model, 120, 247comment_params method, 55, 242comments

adding, 54–55adding to blog posts, 39belongs_to methods, 41–42form, 72–73has_many methods, 40–41show page for, 254showing, 68–69

CommentsController#create method, 72commit command (Git), 77–78commit message, 77Comparable module, 92Concurrent Version System (CVS), 76conditional assignment (||=) operator, 10conditional statements, 11–12

for Edit button, 191–192config.action_controller.perform_caching

setting, 186config.assets.debug setting, 178config directory, 23

deploy/production.rb file, 233deploy.rb file, 232–233environments/development.rb file, 178,

186, 192routes.rb file, 45, 46, 156, 171

logout route, 254secrets.yml file, 234

console command, 26constants, 10continue command (debugger), 203control flow, 11–13, 58–59controllers, 23, 43–56

actions, 48–54API, 212–213helpers for, 47–48parameters, 49–50response formats, 51–52testing, 150–152

controls on forms, helper methods for, 69–70

convention over configuration, 21cookies, 52

secret key for, 234cookies hash, 150count method, 35create action, 44

controller test for, 151POST request for, 151

create command, in Heroku, 83create comment action, controller for, 54created_at field, 28create_join_table method, 109create method, 31, 53

for login form, 134in SessionsController, 181–182

createuser command, for PostgreSQL, 228cross-site request forgery (CSRF), 64,

170–171token, 221

cross-site scripting (XSS), 167–169CRUD functions, 31, 44CSRF (cross-site request forgery), 64,

170–171token, 221

csrf_meta_tags method, 66–67csrf-token meta tag, 66CSS. See Cascading Style Sheets (CSS)Curl, 208–209, 220–221, 257

to check index action output, 215testing API, 212for testing token-based

authentication, 209curly braces ({ })

for blocks, 13for hashes, 8

current userauthentication, 125identifying, 135–136using, 137–139

current_user method, 135–136, 219output of, 196

custom routes, 46CVS (Concurrent Version System), 76

Ddata, testing, 39database

adding columns, 37adding records, 31CRUD functions, 31, 44current state, 36HTTP verbs for actions, 44retrieving posts from, 48

Index 263

database migrations, 24, 28, 35–37and application deployment, 83for creating table, 113preventing creation of, 118updating db/schema.rb with, 142

database queries, reducing, 180–183database.yml file, 24data model, 106

advanced, 106–112for social networking service, 112

data types, 5–11arrays, 7–8Booleans, 9–10hashes, 8–9numbers, 5strings, 6–7symbols, 7

dbconsole command, 26db directory, 24

migrate directory, 35schema.rb file, 36

db:rollback statement, 36debugger method, 200, 256debugging, 195–204

commands, 200–204Rails logger for, 197–199

debug helper, 196–197:debug log level, 197debug mode, 177–178def_delegators method, 95define_method method, 99–100def statement, 14delegation, 94delete method, 150DELETE request, 44, 46, 60delete_via_redirect method, 152deleting records, 33–34dependent: :destroy option, 117deploy:check task, 235deployment, 75–85, 223–237

Capistrano, 230–237virtual private servers, 224–230

DESC order, for retrieving posts, 34destroy action, 44, 253destroy method, 33–34, 53–54, 247

for user_id, 134development environment,

debug mode, 178development.log file, 24development.rb file, 23diff command (Git), 78–79digital signature, 81directives, in manifest files, 176direct manipulation, 30

directorycreating for Ruby on Rails, 227–228for Rails project, 20

display command (debugger), 202–203distributed version control system, 76div element, class="container", 124division, math operation, 5doctype (HTML5), 64documentation

for Bootstrap, 124from gems, 229

document root, for Virtual Host, 236do, end pair, for adding block, 45Don’t Repeat Yourself (DRY), 22do statement, 13double-colon (::) operator, 91double-quotes ("), for strings, 6DRY (Don’t Repeat Yourself), 22duck typing, 98–99duplication, eliminating, 147–148

Eeach method, 12–13, 58eager loading, 183edit action, 44, 49Edit button, conditional statement for,

191–192Eiffel, 3Element class, instance methods of, 246elements

adding to array end, 8of web pages, 64

else statement, 11elsif statement, 11email address

of current user, 125storing, 128

Embedded Ruby (ERB), 22, 57, 58–59comments, 59

Employee model, defining associations in, 107

empty? method, 6–7end statement, 13, 14, 90environments directory, 23equal (==) operator, 9ERB (Embedded Ruby), 22, 57, 58–59

comments, 59error_explanation div element, 70–71error messages

code for displaying, 70–71files for, 24

errors array, 39errors method, 242

264 Index

/etc/apache2/sites-available directory, 236–237

eval command (debugger), 203exclamation mark (!), at end of

method name, 7:exclusion validation, 38exit command, 4, 30extend statement, 94

Ffavcon.ico file, 25features, enabling and checking for,

99–100fetch method, 187Fibonacci sequence, 93–94Fielding, Roy, 43field_with_errors class, 71file.open method, passing block to, 13file.read method, 18file.split method, 18find_by method, 219find method, 32, 164first method, 32fixtures, 144–146, 156flags, in Bundler, 82flash hash, 150flash messages, 52

displaying, 131–132floating-point math, 5flow between pages, testing, 152follow action, safety from

CSRF attacks, 171following? method, 114following! method, 115follow_redirect! method, 152foreign key, 106

in migration file, 108for loop, 12–13form builder object, 71form_for method, 71, 72forms, 69–72

for comments, 72–73form_tag, 134Forwardable module, 94–95Fowler, Martin, Patterns of Enterprise

Application Architecture, 30fragment caching, 185, 189–191friendly_date helper method, 61full-stack web framework, 19functional tests, 150

Ggarbage collection, optimization, 175gem command, 25, 229Gemfile

adding debugger gem, 199updating for Heroku, 81–83

gems, 20, 258bcrypt, 128bootstrap_sass, 124byebug, 199capistrano-rails, 231directories in asset pipeline

searches, 177documentation from, 229installing, 229–230jbuilder, 214–216updating installed, 124, 128, 199will_paginate, 184

generate_api_token method, 217generate command, 26get method, 150GET request, 44, 46, 60

and state change, 170test issuing, 151

getter methods, 16get_via_redirect method, 152git add command, 77git branch command, 79git checkout command, 79, 80git commit command, 77–78git diff command, 78–79git --help command, 78GitHub, 84

account, 244pushing code to, 234–235

GitHub API, 205, 206–207authentication with, 209–211token generation, 209–210

git log command, 77git pull command, 80git push command, 80, 83git remote add command, 80git status command, 78, 79Git version control system, 75

basic usage, 77–80branches, 79–80getting started, 76–77remotes, 80repository, creating, 234–235setup, 76staging area of, 77

greater than (>) operator, 9greet method, 15–16

Index 265

HHansson, David Heinemeier, 19hashed version of password, 128hashes, 8–9

for commit, 77iteration over, 13

hash rocket (=>), 8–9has_many association, 106, 107, 112, 116, 143has_many :leaders association, 137has_many method, 40has_many :through association, 109–110, 117has_secure_password method, 128, 143head element (HTML), 64head method, 150help command, for debugger, 201--help command (Git), 78helpers, 22, 59–61

adding methods, 61for controllers, 47–48controller test, 150integration, 152methods for form controls, 69–70

helpers directory, 23Heroku cloud application platform, 75,

81–84deploying application, 83–84Gemfile update for, 81–83

heroku run command, 83Heroku Toolbelt, installing, xxi, 81hex method, 217home page

root route setting for application, 47timeline for, 137

HTML, partials for shared code, 67–69HTML5 field types, helper

methods for, 72HTML page

Rails layout for, 64Ruby code and, 22

HTTP, 207–209status codes, 207–208

HTTP verbs, 60for database actions, 44

Iidentifiers, symbols as, 7id field, 28

retrieving record by, 32if statement, 11, 250ImagePost

editing, 165fixture files for, 145–146validation test, 149

image_post_params method, 250–251image_tag helper, 126img-responsive class (Bootstrap), 126include statement, for methods, 91–92:inclusion validation, 38index action, 44, 48, 125, 212index for array, 8index page

for post model, 125for posts, 61–63

indices, creating for foreign keys, 109inheritance, 17–18

in Ruby, 91single-table, 110–111

initialize statement, 15injection attacks, 165–169insecure direct object reference, 164inspect method, 198installing

Apache, 226–228build tools, 229gems, 229–230Heroku Toolbelt, xxi, 81PostgreSQL, 228–229Rails, xxi–xxiii, 230Ruby, xxi–xxiv, 225–226

instance, 224of class, creating, 16

instance methods, 17instance_methods method, 96instance_of? method, 97instance variables

accessing, 16assigning value to, 15

instantiating objects, 31integer division, 5integration tests, 152–154Interactive Ruby interpreter (IRB), 4Internal Server Error code, 208introspection, 97IRB (Interactive Ruby interpreter), 4irb command, 4is_a? method, 97is-a relationship, 17:is validation, 38iteration, 12–13

JJavaScript

asset pipeline and, 176events, 180including in application, 124list of files in use, 65

javascript_include_tag method, 66

266 Index

JavaScript Object Notation (JSON), 22, 51, 207

customizing output, 213–216messages, 205

jbuilder gem, 214–216join table, 113

creating, 109for many_to_many association, 107–109

jq (JSON processor), 212–213JSON (JavaScript Object Notation), 22,

51, 207customizing output, 213–216messages, 205

json.array! method, 215json.extract! method, 215

KKernel class, 96keys method, 9key-value pairs, 8

Llabel helper, 71last method, 32layouts for views, 64–67leader_ids method, 137leaders method, 116length method, 6:length validation, 38less than (<) operator, 9lib/assets directory, 177lib directory, 24libpq-dev package, 229limit method, 34link_to helper, 59Lisp, 3list command (debugger), 201–202local variables, 202log directory, 24

development.log file, 197test.log file, 145

logger (Rails), 197–199log in, 132–135

custom routes for, 46implementing, 133–135

logout, custom routes for, 46low-level caching, 185, 187–189

Mmailers directory, 23manifests, 65, 176–177many-to-many associations, 107–110

margins, for page, 124master branch, 79Math module, 91math operations, in IRB, 5Matsumoto, Yukihiro, 3maximum method, 35:maximum validation, 38memcached server, 186memoization, 92Memoize module, calc method, 93Mercurial, 76merge method, 9metaprogramming, 89, 99–104method_missing method, 102–104methods, 14–15, 96

include statement for, 91–92passing named parameters to, 9

migration files, rails generate command to create empty, 108

migrations, 35–37. See also database migrations

minimum method, 35:minimum validation, 38MiniTest framework, 141, 146mistakes. See debuggingmixins, modules as, 91–95mkdir command, 20models, 29–42

adding validations to, 118relationship between two of same

type, 106testing, 148–149

model-view-controller (MVC), 22module Api statement, 212module keyword, 90modules, 17–18, 89, 90–95

as mixins, 91–95as namespaces, 91

modulus (%) operator, 5MVC (model-view-controller), 22MySQL, 228

NN + 1 Queries, 182–183named parameters, passing to method, 9names

for modules, 90for partials, 67for templates, 58

namespaces, modules as, 91namespace :api block, 211nano editor, 236nested resources, 45

Index 267

network communications, Curl for, 208–209

new action, 44, 49controller test for, 151

New Image Post form, button linking to, 251–252

newlines, in strings, 6new method, 17

for login form, 134new post form, 51

params from, 53from Rails scaffold generator, 69–70

next command (debugger), 203nil, 4

from [] method, 8from accessing nonexistent key, 8for method definition, 14

NoMethodError exception, 96, 98, 102not equal (!=) operator, 9“not” form, of assertions, 146notice message, 132not operator, 12NOT operator, 100number helpers, 60–61numbers, 5number_to_currency method, 60number_to_human method, 60number_to_human_size method, 60number_to_percentage method, 61

OObject class, 96object_id method, 7objects

instantiating, 31state of, 15

odd numbers, 5offset method, 34one-to-many relationships, 39one-way hash, 128open-source software,

collaborating on, 84Open Web Application Security Project

(OWASP), 172operation, canceling current, 4optimization

asset pipeline, 176–179built-in features, 176–180of code, 180–185garbage collection, 175

or (||) operator, 9–10order clause, for timelines, 138order method, 34output tag (<%= %>), 58

output to screen, 4OWASP (Open Web Application Security

Project), 172

PPaas (Platform as a Service), 81page rendering, speed of, 185paginate method, 184pagination, and optimization, 183–185parameters, 49–50

for methods, 14–15passing named, to method, 9

params, from new post form, 53params hash, 49–50

:text_post key in, 160parent model, 106partials, 67–69password attribute, checking for, 143password_confirmation attribute,

checking for, 143password digest, 128passwords

authentication, 181–182hashed version, 128

patch method, 150PATCH request, 44, 60patch_via_redirect method, 152path helpers, 47Patterns of Enterprise Application Architecture

(Fowler), 30PDF format, 51percentages, 61performance. See also optimization

caching and, 185–192of Ruby on Rails, 175–192

Perl, 3Personal Package Archive (PPA), 225pg (PostgreSQL gem), 82

installing, 230Phusion Passenger, 226–227pipe character (|), 13plaintext files, reading in Ruby, 18Platform as a Service (PaaS), 81pluralize helper method, 188polymorphic associations, 111–112@post, 72@post.comments.build, 72post.comments.find method, 41PostController, logger statement, 198post fixtures, 145–146PostgreSQL, installing, 228–229PostgreSQL database server, 82PostgreSQL gem (pg), 82post_id field, 39

268 Index

Post index view, 127post method, 150post model, 29–30, 117–119

index and show pages for, 125post_params method, 50post:references option, 39POST request, 44, 46, 51

adding repository with, 210–211posts

authorization to edit, 164index page, 61–63updating when comment is added, 189user’s ability to add, 157–161

PostsController, respond_to method, 211PostsHelper module, 61posts table, 30

adding string column to, 37posts_url, 52post_via_redirect method, 152, 153PPA (Personal Package Archive), 225predicate method, 114prepend statement, 92–94:presence validation, 38presence validation, for email field, 129<pre> tags, for debug helper output, 196pretty-printing

JSON data, 212–213in Ruby, 245

printing Ruby code, 203print messages, by log levels, 198privileges, of users, 164production environment

asset precompilation, 178–179default log level, 197–198

production.rb file, 23programmer, ERB comments for notes, 59prompt, 4

return to working, 4protect_from_forgery method, 171, 221–222public/assets directory, 178public directory, 24public key, 81pull command (Git), 80pulling changes to server, 76push command (Git), 80, 83pushing changes to server, 76push method, 95put method, 150puts method, 4put_via_redirect method, 152

QQueries, N + 1, 182–183query_by_attribute method, 102–103

question mark (?), at end of method name, 7

quit command (IRB), 4quotation marks, for strings, 6

RRails, 19

architecture, 22–23commands, 25–26confirming install, 19installing, xxi–xxiii, 230principles, 21–22scaffolding, 27–28testing in, 142–148

rails_12factor gem, for Heroku, 82Rails application

assets in, 65first, 20–21modules in, 89structure, 23–25

Rails.application.config.assets.paths setting, 177

Rails.cache.fetch method, 187, 188rails command, 26Rails console

launching, 247starting, 30

Rails counter cache, 189Rails development environment,

preparing, 142rails generate command, 28Rails generator, 37

for controller for comments, 54new post form from, 69–70

Rails logger, 197–199levels, 197–198

rails new command, 26, 244directory structure created by, 23

rails scaffold command, 245rails server command, 20, 72rake command, 24, 27, 36

to precompile assets, 178rake db:migrate command, 83random-number generator, 217read-eval-print loop (REPL), 4read operation, 32–33ready function (jQuery), 180records

adding to database, 31counting, 35deleting, 33–34updating, 33

red-green-refactor, 154redirect? helper method, 152

Index 269

redirection, vs. rendering view, 50–51redirect_to method, 51refactoring code, 25reflection, 97regular expressions, 103remainder, 5remote add command (Git), 80remote repository, making local copy, 79remove_column method, 37rename_column method, 37render action method, 51render command

for form partial, 158partials and, 67

rendering view, vs. redirection, 50–51repetition, avoiding, 22REPL (read-eval-print loop), 4repository, 75Representational State Transfer (REST),

43–44require directive, 176require_self directive, 66, 176require_tree directive, 176, 177require_tree . statement, 66resource route, 45resources :user sessions statement, 46respond_to :json method, 219respond_to method, 53, 211respond_to? method, 98respond_to_missing? method, 103–104respond_with method, 212REST (Representational State Transfer),

43–44restricted resources, 46return statement, 14reverse of subscription, 116–117robots.txt file, 25root route, 47route for sign-up page, 129routes.rb file, 24routing, 45–48

custom routes, 46root route, 47

Ruby, 3installing, xxi–xxiv, 225–226interactive, 4

Ruby object model, 89, 95–97Ruby on Rails, 19

application server for, 226–227creating directory for, 227–228performance, 175–192resources on, 258

Ruby Toolbox, 258

SSass, 176schema, 36schema_migrations database table, 36schema.rb file, 24screen, output to, 4secret key, for cookies, 234SECRET_KEY_BASE environment variable, 236SecureRandom class, 217secure shell (SSH), authenticating

over, 81security, 163–173

authorization attacks, 163–165cross-site request forgery (CSRF),

170–171cross-site scripting (XSS), 167–169injection attacks, 165–169

seeds.rb file, 24self join associations, 106–107server. See also virtual private servers

error status codes, 208launching, 20

session hash, 150sessions, 132–133set_post method, 48–49setter methods, 16setup method, 147, 149short circuit operators, 10show action, 44, 48, 125show method, 23show page

for comments, 254for post model, 125for users, 154

sign-up form, adding, 130–131sign-up page, adding route for, 129sign-up process, for users, 128–132single inheritance, 17single-table inheritance, 110–111size method, 95sleep method, 190slice, in array, 8Smalltalk, 3snake case, 11snapshot, by Git, 77social networking application, 112–120

comment model, 120data model for, 112 post models, 117–119user model, 112–117

software install, apt-get system for, 225–226

270 Index

spaces between words, 6special characters, in strings, 6SQL

commands, 31examining output, 181–182injection attack, 166–167program optimization and, 180–183

SQLite database, 24square brackets ([ ]), for array, 7SSH (secure shell), authenticating

over, 81stages in Capistrano, for application

deployment, 230staging area, of Git, 77state of application, 22status codes, HTTP, 207–208status command (Git), 78, 79step command (debugger), 203stepping into application, 199strings, 6–7Strong Parameters, 50, 53, 55stylesheet_link_tag method, 65–66submit helper, 72subscription, model to represent, 113subscriptions table, 114Subversion, 76sum method, 35symbols, 7

Ttabs, in strings, 6tasks directory, 24TDD (test-driven development), 25

adding features with, 154–161teardown method, 147templates, in ERB, 58test case, 143test directory, 25

controllers/posts_controller_test.rb file, 152

controllers/text_posts_controller_test.rb file, 157–158, 159

controllers/users_controller_test.rb file, 151, 154–155

fixtures/posts.yml file, 145–146fixtures/users.yml file, 144integration/user_flow_test.rb file, 153models/user_test.rb file, 142–143, 145test_helper.rb script, 25

test-driven development (TDD), 25adding features with, 154–161

testing, 141–162API with Curl, 212associations, 115–116

controllers, 150–152data, 39helpers, 47integration, 152–154models, 148–149in Rails, 142–148using fixtures, 144–146

test log, 145test.rb file, 23text field, helper for creating, 71–72text post

button for creating new, 159edit view for, 165update method for, 164–165

TextPost

creating posts of, 157–161fixture files for, 145–146validation test, 149

TextPost partialconditional statement for Edit button,

191–192link to edit section, 165

text post partial, editing, 248text_post_params method, 159, 220therubyracer gem, 230timeline, for home page, 137timeline_user_ids method, 137tmp directory, 25token-based authentication, 209, 216–222tokens

for current session, 66generating, 216–218for request authentication, 218–219

Torvalds, Linus, 76touch option, for associations, 189touch tmp/restart.txt command, 233t.references :author statement, 108–109Tumblr, 112turbolinks, 179–180

UUbuntu Linux 14.04 LTS, 224Ubuntu Linux setup, 225–230underscore (_), in partial names, 67undisplay command (debugger), 203:uniqueness validation, 38uniqueness validation, for email field, 129unique words, 18unit tests, 148unless statement, 12update action, 44update method, 33, 51, 53

for text posts, 164–165

Index 271

updated_at field, 28updating records, 33URL helpers, 47, 59–60URLs

and mapping actions to verbs, 45validation, 118

User associations, 114User.authenticate method, vulnerability to

SQL injection, 166User class, creating instance of, 246user fixtures, 144–145user_id in session, storing, 132–133user interface. See viewsuser model

api_token string, 216for social networking application,

112–117user:references option, 118users

action for creating new, 129–130authentication of, 136–137privileges of, 164sign-up process, 128–132

Vvalidation, 38–39

adding to app/models/comment.rb file, 241

adding to model, 118valid? method, 39valid user, 143values method, 9values of object, displaying, 198var command (debugger), 202variables, 10–11

examining values, 202initiating only if nil, 10

var instance command, 202VCS (version control system), 75vendor/assets directory, 177vendor directory, 25version control system (VCS), 75vertical pipe (|), 13views, 22, 57–74

caching parts of, 189layouts, 64–67

view templates, creating, 125virtual host, 236–237virtual private servers, 224–230

Amazon AWS setup, 224–225Ubuntu Linux setup, 225–230

Wweb APIs, 205–222web browser, JSON output on, 213weblog, creating, 20web pages

elements, 64title of, 258

WEBrick server, 20web servers, 226–228where method, 32–33, 103will_paginate gem, 184--without production option, for

bundler, 231words, counting in file, 18write_with_time method, 99

XXML, 22, 51X-RateLimit-Limit, for GitHub API

requests, 209XSS (cross-site scripting), 167–169

YYAML, 144, 196

dashes and dots for start and end, 197yield statement, 67, 124

Zzero index, for array, 8