Cover image for Advanced Rails

Book description

Ready to go to the next level with Rails? From examining the parts of Ruby that make this framework possible to deploying large Rails applications, Advanced Rails offers you an in-depth look at techniques for dealing with databases, security, performance, web services and much more. Chapters in this book help you understand not only the tricks and techniques used within the Rails framework itself, but also how to make use of ideas borrowed from other programming paradigms. Advanced Rails pays particular attention to building applications that scale -- whether "scale" means handling more users, or working with a bigger and more complex database. You'll find plenty of examples and code samples that explain:

  • Aspects of Ruby that are often confusing or misunderstood

  • Metaprogramming

  • How to develop Rails plug-ins

  • Different database management systems

  • Advanced database features, including triggers, rules, and stored procedures

  • How to connect to multiple databases

  • When to use the Active Support library for generic, reusable functions

  • Security principles for web application design, and security issues endemic to the Web

  • When and when not to optimize performance

  • Why version control and issue tracking systems are essential to any large or long-lived Rails project

Advanced Rails also gives you a look at REST for developing web services, ways to incorporate and extend Rails, how to use internationalization, and many other topics. If you're just starting out with rails, or merely experimenting with the framework, this book is not for you. But if you want to improve your skills with Rails through advanced techniques, this book is essential.

Table of Contents

  1. Advanced Rails
    1. SPECIAL OFFER: Upgrade this ebook with O’Reilly
    2. Preface
      1. Prerequisites
      2. Conventions Used in This Book
      3. Using Code Examples
      4. How to Contact Us
      5. Safari® Books Online
      6. Acknowledgments
    3. 1. Foundational Techniques
      1. What Is Metaprogramming?
        1. Don't Repeat Yourself
        2. Caveats
        3. Bottom-Up Programming
      2. Ruby Foundations
        1. Classes and Modules
        2. Method Lookup
          1. The rules
          2. Class inheritance
          3. Class instantiation
          4. Including modules
          5. The singleton class
          6. Singleton classes of class objects
          7. Method missing
        3. Metaid
        4. Variable Lookup
        5. Blocks, Methods, and Procs
          1. Blocks to Procs and Procs to blocks
          2. Closures
      3. Metaprogramming Techniques
        1. Delaying Method Lookup Until Runtime
        2. Generative Programming: Writing Code On-the-Fly
        3. Continuations
        4. Bindings
        5. Introspection and ObjectSpace: Examining Data and Methods at Runtime
          1. ObjectSpace
        6. Delegation with Proxy Classes
          1. DelegateClass and Forwardable
        7. Monkeypatching
        8. Disadvantages of monkeypatching
        9. Adding Functionality to Existing Methods
          1. Subclassing
          2. Aspect-oriented programming
          3. Method chaining
        10. Modulization
      4. Functional Programming
        1. Higher-Order Functions
        2. Enumerable
          1. Predicates
          2. Filters
          3. Transformers
          4. Aggregators
          5. Other
        3. Enumerator
      5. Examples
        1. Runtime Feature Changes
        2. Rails Routing Code
      6. Further Reading
    4. 2. ActiveSupport and RailTies
      1. Ruby You May Have Missed
        1. Array
        2. Dir
        3. Enumerable
        4. File
        5. Hash
        6. Kernel
        7. Module
        8. Proc
        9. String
      2. How to Read Code
        1. How to Locate Code
        2. Reading the Call Stack
        3. Debugging Ruby and Rails
          1. Debugging Rails with ruby-debug
        4. Where to Start
          1. Pick something interesting
          2. Start at the top
        5. Read the Tests
        6. Stay Current
      3. ActiveSupport
        1. Dependencies
        2. Deprecation
          1. Deprecated instance variables
        3. Inflector
        4. JSON
        5. Whiny Nil
      4. Core Extensions
        1. Array
          1. Conversions
          2. Grouping
          3. Option processing
          4. Random selection
        2. Blank
        3. Class Attribute Accessors
        4. Class Inheritable Attributes
        5. Date and Time
          1. Conversions
          2. Conversions from Numeric
          3. Time calculations
        6. Enumerable
        7. Exception
        8. File
        9. Float
        10. Hash
          1. Conversions
          2. Option processing
          3. HashWithIndifferentAccess
        11. Integer
        12. Kernel
          1. Daemonize
          2. Reporting
        13. Module
          1. Aliasing
          2. Delegation
          3. Introspection
        14. Numeric Conversions
        15. Object
          1. instance_exec
          2. Miscellaneous methods
        16. Range
        17. String
          1. Inflector
          2. String i18n
          3. Miscellaneous methods
        18. Symbol#to_proc
        19. TimeZone
      5. RailTies
        1. Rails Configuration
        2. Application Initialization in 20 Easy Steps
        3. Request Dispatch
      6. Further Reading
    5. 3. Rails Plugins
      1. About Plugins
        1. Plugin Loading
        2. Installing Rails Plugins
          1. RaPT
          2. Piston
          3. Decentralized version control
      2. Writing Plugins
      3. Plugin Examples
        1. Account Location
        2. SSL Requirement
        3. HTTP Authentication
      4. Testing Plugins
        1. Testing Plugin Database Dependencies
      5. Further Reading
    6. 4. Database
      1. Database Management Systems
        1. PostgreSQL
        2. MySQL
        3. SQLite
        4. Microsoft SQL Server
        5. Oracle
      2. Large/Binary Objects
        1. Database Storage
          1. PostgreSQL
          2. MySQL
          3. Oracle
        2. Filesystem Storage
        3. Sending Data with X-Sendfile
          1. Web server configuration
        4. Serving Static Files
        5. Managing Uploads in Rails
          1. Attachment plugins
          2. Rolling your own
          3. Upload progress
      3. Advanced Database Features
        1. Application Versus Integration Databases
        2. Constraints
        3. Composite Keys
        4. Triggers, Rules, and Stored Procedures
        5. Examples
          1. Large object deletion
          2. Data partitioning
      4. Connecting to Multiple Databases
        1. Magic Multi-Connections
      5. Caching
      6. Load Balancing and High Availability
        1. MySQL
          1. Replication
          2. MySQL cluster
        2. PostgreSQL
          1. High availability: Warm standby
          2. Master-slave replication: Slony-I
          3. Multimaster replication: PGCluster
        3. Oracle
        4. Microsoft SQL Server
      7. LDAP
        1. ActiveLDAP
        2. Authenticating with LDAP
      8. Further Reading
    7. 5. Security
      1. Application Issues
        1. Authentication
          1. Password hashing in Rails
        2. Don't Trust the Client
          1. Form processing
          2. Hidden form fields
          3. Client-side validation
          4. Cookies
          5. Double-check everything
        3. Secure Fallback
        4. Avoid Security Through Obscurity
        5. Secure Your Error Messages
        6. Whitelist, Don't Blacklist
      2. Web Issues
        1. Rails Sessions
          1. Cookie-based sessions
        2. Cross-Site Scripting
          1. Mitigation
          2. Whitelisting
        3. Cross-Site Request Forgery
          1. CSRF mitigation
        4. Canonicalization: What's in a Name?
      3. SQL Injection
      4. Ruby's Environment
        1. Using the Shell
        2. Object Tainting
      5. Further Reading
    8. 6. Performance
      1. Measurement Tools
        1. Black-Box Analysis
          1. Statistics: The least you need to know
          2. Black-box analysis with httperf
        2. Code Timing
        3. Rails Analyzer Tools
          1. Production log analyzer
          2. Action profiler
          3. Rails Analyzer Tools
      2. Rails Optimization Example
        1. Profiling an Action
        2. Optimizing and Reprofiling
        3. Benchmarking
          1. Running the benchmark
          2. Interpreting the results
      3. ActiveRecord Performance
        1. Diving into SQL
        2. 1+N Problem
        3. Indexing
          1. Foreign key indexes
          2. Other indexes
          3. Full-text indexing
          4. Spatial indexes
          5. Updating index statistics
        4. Database Performance Measurement
          1. Examining the query plan
      4. Architectural Scalability
        1. Sessions
          1. ActiveRecordStore
          2. MemCacheStore
          3. CookieStore
          4. Session management
        2. Caching
          1. Page caching
          2. Action caching
          3. Fragment caching
          4. Cache sweepers
      5. Other Systems
        1. Choosing the Right Tool
          1. Leveraging external programs
          2. Writing inline C code
        2. ActionMailer
      6. Further Reading
    9. 7. REST, Resources, and Web Services
      1. What Is REST?
        1. Verbs
        2. GET
        3. PUT
        4. DELETE
        5. POST
        6. Resources
          1. Name opacity
        7. Representations and Content Types
          1. Selecting a representation
        8. Statelessness
          1. HTTP state
          2. Why statelessness?
          3. Resourceful session state: An example
          4. Authentication
      2. Benefits of a RESTful Architecture
        1. Conceptual Simplicity
        2. Caching and Scalability
        3. Robustness to Change
        4. Uniformity
      3. RESTful Rails
        1. RESTful Routing
        2. Resource-Based Named Routes
          1. Custom resource routes
          2. Nested resource routes
          3. Singleton resource routes
        3. ActionView Support
          1. Method emulation
        4. Content Types
        5. HTTP Caching
          1. Custom caching
        6. HTTP Response Status Codes
        7. ActiveResource: Consuming RESTful Services
        8. Action Web Service
      4. Case Study: Amazon S3
        1. Concepts and Terminology
        2. Authentication
          1. Alternative authentication options
        3. Architecture and Operations
        4. S3 Clients and Servers
      5. Further Reading
    10. 8. i18n and L10n
      1. Locale
      2. Character Encodings
        1. ASCII
          1. Extended ASCII
          2. Problems with ASCII
      3. Unicode
        1. Unicode Transformation Formats
      4. Rails and Unicode
        1. Multilingualization in Ruby 1.9
        2. ActiveSupport::Multibyte
        3. Unicode Normalization
        4. Filtering UTF-8 Input
        5. Storing UTF-8
          1. MySQL
          2. PostgreSQL
        6. Serving UTF-8
        7. Character Set Conversion
          1. JavaScript URI encoding and UTF-8
      5. Rails L10n
        1. Interface/Resource Translation
          1. gettext
          2. Gibberish
          3. Globalize
        2. Locale-Specific Settings
        3. Model Translation
        4. Globalize Example: An Address Book
          1. Localizing the address book
      6. Further Reading
    11. 9. Incorporating and Extending Rails
      1. Replacing Rails Components
        1. Replacing ActiveRecord
          1. DataMapper
          2. Ambition
          3. Og
        2. Alternative Template Engines
          1. Markaby
          2. Liquid
          3. Haml
      2. Incorporating Rails Components
        1. ActiveRecord
          1. ETL operations
          2. Schema operations
          3. Standalone data store
          4. Other Ruby applications
        2. ActionMailer
          1. Custom Rake tasks
          2. Receiving email
      3. Contributing to Rails
        1. Contributing Patches
        2. Rails Unit Tests
      4. Further Reading
    12. 10. Large Projects
      1. Version Control
        1. Centralized Version Control
          1. CVS
          2. Subversion
        2. Decentralized Version Control
        3. Branching and Merging
          1. Subversion branching and merging
          2. Mercurial branching and merging
        4. Database Migrations
      2. Issue Tracking
      3. Project Structure
        1. Subversion Configuration
          1. Importing existing applications
        2. Subversion Externals and Piston
        3. Rails Version
        4. Environment Initialization
        5. Including Gems
        6. Multi-Application Projects
      4. Rails Deployment
        1. Shared-Nothing Scalability
        2. Front End Web Server
          1. Asset hosts for static files
        3. Application Server
        4. Capistrano
        5. Vlad the Deployer
        6. Continuous Integration
      5. Further Reading
    13. Index
    14. About the Author
    15. Colophon
    16. SPECIAL OFFER: Upgrade this ebook with O’Reilly