Rails%203%20In%20Action

More documents

Recommendations

Info

Mounting a Rack application with Rails params method by redefining the params method as a private method in your app. Underneath the get you’ll put this: def params hash = env["action_dispatch.request.path_parameters"].merge!(super) HashWithIndifferentAccess.new(hash) end By calling the super method here, you’ll reference the params method in the superclass, Sinatra::Base. You want to access the keys in this hash using either symbols or strings like you can do in your Rails application, so you create a new HashWith- IndifferentAccess object, which is returned by this method. This lets you access your token with either params[:token] or params["token"]. This hash is quite indifferent to its access methods. Let’s switch your root route back to calling p params. When you run your test again, you should see that you finally have both parameters inside the one hash: {:project_id=>"3", "token"=>"ZVSREe1aQjNZ2SrB9e8I"} With these parameters you’ll now be able to find the user based on their token, get a list of projects they have access to, and then attempt to find the project with the id specified. You can do this by putting two calls, a find_user and find_project method, in the before block you already have, using this code: before do headers "Content-Type" => "text/json" find_user find_project end The find_user and find_project methods can be defined underneath the private keyword using this code: private def find_user @user = User.find_by_authentication_token(params[:token]) end def find_project @project = Project.for(@user).find(params[:project_id]) end This code should look fairly familiar: it’s basically identical to the code found in the Api::V1::TicketsController and Api::V1::BaseController classes inside your Rack application. First you find the user based on their token and then generate a scope for all projects that the user is able to view with the Project.for method. With this scope, you can then find the project matching the id passed in through params[:project_id]. You are referencing the models from your Rails application inside your Sinatra application, and there’s nothing special you have to configure to allow this. 531
532 CHAPTER 18 Rack-based applications Because you’re not too concerned with what happens if an invalid params[:project_id] or user token is passed through at the moment, you’ll fix those up after you’ve got this first test passing. With the project now found, you should be able to display a list of tickets in JSON form in your call method. Let’s change your root route to return a list of JSON-ified tickets for this project: get '/' do @project.tickets.to_json end Now your root route should respond with the list of tickets required to have your test pass. Let’s see if this is the case by running bin/rspec spec/api/v3/json/ tickets_spec.rb: 1 example, 0 failures Great, this spec is now passing, which means that your Rack application is now serving a base for version 3 of your API. By making this a Rack application, you can serve requests in a more lightweight fashion than you could within Rails. But you don’t have basic error checking in place yet if a user isn’t found matching a token or if a person can’t find a project. So before you move on, let’s quickly add tests for these two issues. 18.3.4 Basic error checking You’ll open spec/api/v3/json/tickets_spec.rb and add two tests inside the describe block in a new context block, as shown in the following listing. Listing 18.9 spec/api/v3/json/tickets_spec.rb context "unsuccessful requests" do it "doesn't pass through a token" do get url last_response.status.should eql(401) last_response.body.should eql("Token is invalid.") end it "cannot access a project that they don't have permission to" do user.permissions.delete_all get url, :token => token last_response.status.should eql(404) end end In the first test you make a request without passing through a token, which should result in a 401 (unauthorized) status and a message telling you the “Token is invalid.” In the second test, you use the delete_all association method to remove all permissions for the user and then attempt to request tickets in a project that the user no longer has access to. This should result in the response being a 404 response, which means your API will deny all knowledge of that project and its tickets.
Page 1 and 2:
IN ACTION Ryan Bigg Yehuda Katz MAN
Page 4 and 5:
Rails 3 in Action RYAN BIGG YEHUDA
Page 6:
1 ■ Ruby on Rails, the framework
Page 9 and 10:
viii 3 4 5 6 CONTENTS Developing a
Page 11 and 12:
x 9 10 CONTENTS 8.5 Restricting wri
Page 13 and 14:
xii 13 14 CONTENTS 12.2 Subscribing
Page 15 and 16:
xiv 18 CONTENTS 17.4 Setting up a t
Page 17 and 18:
xvi PREFACE cover. It also takes a
Page 19 and 20:
xviii ACKNOWLEDGMENTS gnarly ePub R
Page 21 and 22:
xx about this book Ruby on Rails is
Page 23 and 24:
xxii ABOUT THIS BOOK By chapter 16,
Page 25 and 26:
about the cover illustration The fi
Page 27 and 28:
2 CHAPTER 1 Ruby on Rails, the fram
Page 29 and 30:
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
10 CHAPTER 1 Ruby on Rails, the fra
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
Page 47 and 48:
Page 49 and 50:
24 CHAPTER 2 Testing saves your bac
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
Page 67 and 68:
Page 69 and 70:
This chapter covers � Building th
Page 71 and 72:
46 CHAPTER 3 Developing a real Rail
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Page 91 and 92:
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
Page 105 and 106:
Page 107 and 108:
Page 109 and 110:
84 CHAPTER 4 Oh CRUD! 4.1.1 Writing
Page 111 and 112:
86 CHAPTER 4 Oh CRUD! Aha! You’re
Page 113 and 114:
88 CHAPTER 4 Oh CRUD! 4.2 Editing p
Page 115 and 116:
90 CHAPTER 4 Oh CRUD! 4.2.2 The upd
Page 117 and 118:
92 CHAPTER 4 Oh CRUD! 4.3.1 Writing
Page 119 and 120:
94 CHAPTER 4 Oh CRUD! Figure 4.1 Ac
Page 121 and 122:
96 CHAPTER 4 Oh CRUD! F When the te
Page 123 and 124:
98 CHAPTER 4 Oh CRUD! functionality
Page 125 and 126:
100 CHAPTER 5 Nested resources New
Page 127 and 128:
102 CHAPTER 5 Nested resources an e
Page 129 and 130:
104 CHAPTER 5 Nested resources 5.1.
Page 131 and 132:
106 CHAPTER 5 Nested resources Then
Page 133 and 134:
108 CHAPTER 5 Nested resources Grea
Page 135 and 136:
110 CHAPTER 5 Nested resources see
Page 137 and 138:
112 CHAPTER 5 Nested resources The
Page 139 and 140:
114 CHAPTER 5 Nested resources Agai
Page 141 and 142:
116 CHAPTER 5 Nested resources show
Page 143 and 144:
118 CHAPTER 6 Authentication and ba
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
This chapter covers � Adding an a
Page 163 and 164:
138 CHAPTER 7 Basic access control
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
Page 187 and 188:
Page 189 and 190:
This chapter covers � Expanding w
Page 191 and 192:
166 CHAPTER 8 More authorization Un
Page 193 and 194:
168 CHAPTER 8 More authorization pe
Page 195 and 196:
170 CHAPTER 8 More authorization Th
Page 197 and 198:
172 CHAPTER 8 More authorization ..
Page 199 and 200:
Page 201 and 202:
176 CHAPTER 8 More authorization 8.
Page 203 and 204:
178 CHAPTER 8 More authorization Re
Page 205 and 206:
180 CHAPTER 8 More authorization Cr
Page 207 and 208:
Page 209 and 210:
184 CHAPTER 8 More authorization De
Page 211 and 212:
186 CHAPTER 8 More authorization De
Page 213 and 214:
188 CHAPTER 8 More authorization To
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
194 CHAPTER 8 More authorization Yo
Page 221 and 222:
196 CHAPTER 8 More authorization cu
Page 223 and 224:
198 CHAPTER 8 More authorization
Page 225 and 226:
Page 227 and 228:
202 CHAPTER 8 More authorization Li
Page 229 and 230:
204 CHAPTER 8 More authorization
Page 231 and 232:
206 CHAPTER 8 More authorization Si
Page 233 and 234:
208 CHAPTER 8 More authorization Li
Page 235 and 236:
Page 237 and 238:
212 CHAPTER 8 More authorization 45
Page 239 and 240:
214 CHAPTER 9 File uploading By pro
Page 241 and 242:
216 CHAPTER 9 File uploading that t
Page 243 and 244:
218 CHAPTER 9 File uploading remove
Page 245 and 246:
220 CHAPTER 9 File uploading This f
Page 247 and 248:
222 CHAPTER 9 File uploading asset
Page 249 and 250:
224 CHAPTER 9 File uploading 9.2.2
Page 251 and 252:
226 CHAPTER 9 File uploading you ha
Page 253 and 254:
228 CHAPTER 9 File uploading sign_i
Page 255 and 256:
230 CHAPTER 9 File uploading When y
Page 257 and 258:
232 CHAPTER 9 File uploading You co
Page 259 and 260:
234 CHAPTER 9 File uploading The /a
Page 261 and 262:
236 CHAPTER 9 File uploading When y
Page 263 and 264:
238 CHAPTER 9 File uploading Open a
Page 265 and 266:
240 CHAPTER 9 File uploading This i
Page 267 and 268:
242 CHAPTER 9 File uploading After
Page 269 and 270:
244 CHAPTER 10 Tracking state used,
Page 271 and 272:
246 CHAPTER 10 Tracking state group
Page 273 and 274:
248 CHAPTER 10 Tracking state Listi
Page 275 and 276:
250 CHAPTER 10 Tracking state end @
Page 277 and 278:
252 CHAPTER 10 Tracking state With
Page 279 and 280:
254 CHAPTER 10 Tracking state which
Page 281 and 282:
256 CHAPTER 10 Tracking state The f
Page 283 and 284:
258 CHAPTER 10 Tracking state class
Page 285 and 286:
Page 287 and 288:
Page 289 and 290:
264 CHAPTER 10 Tracking state Good,
Page 291 and 292:
266 CHAPTER 10 Tracking state You c
Page 293 and 294:
268 CHAPTER 10 Tracking state You h
Page 295 and 296:
270 CHAPTER 10 Tracking state You
Page 297 and 298:
Page 299 and 300:
Page 301 and 302:
276 CHAPTER 10 Tracking state def m
Page 303 and 304:
278 CHAPTER 10 Tracking state 10.5
Page 305 and 306:
280 CHAPTER 10 Tracking state 33 of
Page 307 and 308:
282 CHAPTER 10 Tracking state 10.5.
Page 309 and 310:
284 CHAPTER 10 Tracking state it "c
Page 311 and 312:
This chapter covers � Tagging spe
Page 313 and 314:
288 CHAPTER 11 Tagging And I press
Page 315 and 316:
290 CHAPTER 11 Tagging To define th
Page 317 and 318:
292 CHAPTER 11 Tagging 11.2 Adding
Page 319 and 320:
294 CHAPTER 11 Tagging 11.2.2 Fixin
Page 321 and 322:
296 CHAPTER 11 Tagging Because the
Page 323 and 324:
298 CHAPTER 11 Tagging ment from th
Page 325 and 326:
300 CHAPTER 11 Tagging true, :url
Page 327 and 328:
302 CHAPTER 11 Tagging get there pr
Page 329 and 330:
304 CHAPTER 11 Tagging And I follow
Page 331 and 332:
306 CHAPTER 11 Tagging The :from op
Page 333 and 334:
308 CHAPTER 11 Tagging This is beca
Page 335 and 336:
310 CHAPTER 11 Tagging into this:
Page 337 and 338:
This chapter covers � Sending ema
Page 339 and 340:
314 CHAPTER 12 Sending email To tes
Page 341 and 342:
316 CHAPTER 12 Sending email Let’
Page 343 and 344:
318 CHAPTER 12 Sending email Now th
Page 345 and 346:
320 CHAPTER 12 Sending email the em
Page 347 and 348:
322 CHAPTER 12 Sending email Great
Page 349 and 350:
324 CHAPTER 12 Sending email messag
Page 351 and 352:
326 CHAPTER 12 Sending email A B cr
Page 353 and 354:
328 CHAPTER 12 Sending email Next,
Page 355 and 356:
330 CHAPTER 12 Sending email As usu
Page 357 and 358:
332 CHAPTER 12 Sending email When y
Page 359 and 360:
334 CHAPTER 12 Sending email applic
Page 361 and 362:
336 CHAPTER 12 Sending email Listin
Page 363 and 364:
338 CHAPTER 12 Sending email To ins
Page 365 and 366:
340 CHAPTER 12 Sending email 12.4 R
Page 367 and 368:
342 CHAPTER 12 Sending email 12.4.2
Page 369 and 370:
344 CHAPTER 12 Sending email When y
Page 371 and 372:
346 CHAPTER 12 Sending email By sen
Page 373 and 374:
348 CHAPTER 13 Designing an API One
Page 375 and 376:
350 CHAPTER 13 Designing an API cri
Page 377 and 378:
352 CHAPTER 13 Designing an API RSp
Page 379 and 380:
354 CHAPTER 13 Designing an API ] }
Page 381 and 382:
356 CHAPTER 13 Designing an API In
Page 383 and 384:
358 CHAPTER 13 Designing an API Boo
Page 385 and 386:
360 CHAPTER 13 Designing an API 13.
Page 387 and 388:
362 CHAPTER 13 Designing an API Thi
Page 389 and 390:
364 CHAPTER 13 Designing an API err
Page 391 and 392:
366 CHAPTER 13 Designing an API To
Page 393 and 394:
Page 395 and 396:
Page 397 and 398:
372 CHAPTER 13 Designing an API @pr
Page 399 and 400:
374 CHAPTER 13 Designing an API The
Page 401 and 402:
376 CHAPTER 13 Designing an API Lis
Page 403 and 404:
378 CHAPTER 13 Designing an API You
Page 405 and 406:
Page 407 and 408:
382 CHAPTER 13 Designing an API you
Page 409 and 410:
384 CHAPTER 13 Designing an API git
Page 411 and 412:
386 CHAPTER 14 Deployment done. Thi
Page 413 and 414:
388 CHAPTER 14 Deployment useradd -
Page 415 and 416:
390 CHAPTER 14 Deployment rvm group
Page 417 and 418:
392 CHAPTER 14 Deployment To be as
Page 419 and 420:
394 CHAPTER 14 Deployment service s
Page 421 and 422:
396 CHAPTER 14 Deployment 14.5.1 De
Page 423 and 424:
398 CHAPTER 14 Deployment The final
Page 425 and 426:
400 CHAPTER 14 Deployment With the
Page 427 and 428:
402 CHAPTER 14 Deployment executing
Page 429 and 430:
404 CHAPTER 14 Deployment The first
Page 431 and 432:
406 CHAPTER 14 Deployment You can e
Page 433 and 434:
408 CHAPTER 14 Deployment Once Rail
Page 435 and 436:
410 CHAPTER 14 Deployment This mean
Page 437 and 438:
This chapter covers � Authenticat
Page 439 and 440:
414 CHAPTER 15 Alternative authenti
Page 441 and 442:
Page 443 and 444:
Page 445 and 446:
Page 447 and 448:
Page 449 and 450:
Page 451 and 452:
Page 453 and 454:
Page 455 and 456:
Page 457 and 458:
Page 459 and 460:
This chapter covers � Implementin
Page 461 and 462:
436 CHAPTER 16 Basic performance en
Page 463 and 464:
Page 465 and 466:
Page 467 and 468:
Page 469 and 470:
Page 471 and 472:
Page 473 and 474:
Page 475 and 476:
Page 477 and 478:
Page 479 and 480:
Page 481 and 482:
Page 483 and 484:
Page 485 and 486:
Page 487 and 488:
Page 489 and 490:
Page 491 and 492:
Page 493 and 494:
This chapter covers � The importa
Page 495 and 496:
470 CHAPTER 17 Engines copy over as
Page 497 and 498:
472 CHAPTER 17 Engines With that sa
Page 499 and 500:
474 CHAPTER 17 Engines Obviously, y
Page 501 and 502:
476 CHAPTER 17 Engines This file’
Page 503 and 504:
478 CHAPTER 17 Engines 2. Goes thro
Page 505 and 506: 480 CHAPTER 17 Engines This is real
Page 507 and 508: 482 CHAPTER 17 Engines s.add_develo
Page 509 and 510: 484 CHAPTER 17 Engines The click_li
Page 511 and 512: 486 CHAPTER 17 Engines This code ha
Page 513 and 514: 488 CHAPTER 17 Engines You’re mis
Page 515 and 516: 490 CHAPTER 17 Engines NOTE We’re
Page 517 and 518: 492 CHAPTER 17 Engines 17.5.8 Showi
Page 519 and 520: 494 CHAPTER 17 Engines Listing 17.9
Page 521 and 522: 496 CHAPTER 17 Engines Note that th
Page 523 and 524: 498 CHAPTER 17 Engines your applica
Page 525 and 526: 500 CHAPTER 17 Engines 17.7.2 A fak
Page 527 and 528: 502 CHAPTER 17 Engines forem_user;
Page 529 and 530: 504 CHAPTER 17 Engines You don’t
Page 531 and 532: 506 CHAPTER 17 Engines This is the
Page 533 and 534: 508 CHAPTER 17 Engines Because you
Page 535 and 536: 510 CHAPTER 17 Engines Listing 17.1
Page 537 and 538: 512 CHAPTER 17 Engines 17.8 Releasi
Page 539 and 540: 514 CHAPTER 17 Engines This task ac
Page 541 and 542: This chapter covers � Building a
Page 543 and 544: 518 CHAPTER 18 Rack-based applicati
Page 555: 530 CHAPTER 18 Rack-based applicati
Page 567 and 568: 542 APPENDIX A Why Rails? it helps
Page 569 and 570: 544 APPENDIX A Why Rails? with thei
Page 571 and 572: 546 appendix B Tidbits This appendi
Page 573 and 574: 548 APPENDIX B Tidbits You should g
Page 576 and 577: Special characters and numbers $ fu
Page 578 and 579: authentication (continued) OAuth, 4
Page 580 and 581: CSRF (cross-site request forgery) a
Page 582 and 583: find_or_create_for_twitter method,
Page 584 and 585: last_post method, 510 last_ticket m
Page 586 and 587: Project.for method, 531 projects, 5
Page 588 and 589: searching by state, 305-309 testing
Page 590 and 591: toggle_watching_button method, 330
Page 592: WEB DEVELOPMENT/RUBY R ails Rails 3
show all

Rails%203%20In%20Action

Create successful ePaper yourself

Delete template?

Save as template?