You are previewing Advanced Rails.
O'Reilly logo
Advanced Rails

Book Description

Ready to go to the next level with Rails? From examining the partsof Ruby that make this framework possible to deploying large Railsapplications, Advanced Rails offers you an in-depth lookat techniques for dealing with databases, security, performance,web services and much more.Chapters in this book help you understand not only the tricks andtechniques used within the Rails framework itself, but also how tomake use of ideas borrowed from other programming paradigms.Advanced Rails pays particular attention to buildingapplications that scale -- whether "scale" means handling moreusers, or working with a bigger and more complex database. You'llfind plenty of examples and code samples that explain:

  • Aspects of Ruby that are often confusing or misunderstood

  • Metaprogramming

  • How to develop Rails plug-ins

  • Different database management systems

  • Advanced database features, including triggers, rules, andstored procedures

  • How to connect to multiple databases

  • When to use the Active Support library for generic, reusablefunctions

  • Security principles for web application design, and securityissues endemic to the Web

  • When and when not to optimize performance

  • Why version control and issue tracking systems are essential toany large or long-lived Rails project

  • Advanced Rails also gives you a look at REST fordeveloping web services, ways to incorporate and extend Rails, howto use internationalization, and many other topics. If you're juststarting out with rails, or merely experimenting with theframework, this book is not for you. But if you want to improveyour skills with Rails through advanced techniques, this book isessential.

    Table of Contents

    1. Advanced Rails
      1. SPECIAL OFFER: Upgrade this ebook with O’Reilly
      2. Preface
        1. Prerequisites
        2. Conventions Used in This Book
        3. Using Code Examples
        4. How to Contact Us
        5. Safari® Books Online
        6. Acknowledgments
      3. 1. Foundational Techniques
        1. What Is Metaprogramming?
          1. Don't Repeat Yourself
          2. Caveats
          3. Bottom-Up Programming
        2. Ruby Foundations
          1. Classes and Modules
          2. Method Lookup
            1. The rules
            2. Class inheritance
            3. Class instantiation
            4. Including modules
            5. The singleton class
            6. Singleton classes of class objects
            7. Method missing
          3. Metaid
          4. Variable Lookup
          5. Blocks, Methods, and Procs
            1. Blocks to Procs and Procs to blocks
            2. Closures
        3. Metaprogramming Techniques
          1. Delaying Method Lookup Until Runtime
          2. Generative Programming: Writing Code On-the-Fly
          3. Continuations
          4. Bindings
          5. Introspection and ObjectSpace: Examining Data and Methods at Runtime
            1. ObjectSpace
          6. Delegation with Proxy Classes
            1. DelegateClass and Forwardable
          7. Monkeypatching
          8. Disadvantages of monkeypatching
          9. Adding Functionality to Existing Methods
            1. Subclassing
            2. Aspect-oriented programming
            3. Method chaining
          10. Modulization
        4. Functional Programming
          1. Higher-Order Functions
          2. Enumerable
            1. Predicates
            2. Filters
            3. Transformers
            4. Aggregators
            5. Other
          3. Enumerator
        5. Examples
          1. Runtime Feature Changes
          2. Rails Routing Code
        6. Further Reading
      4. 2. ActiveSupport and RailTies
        1. Ruby You May Have Missed
          1. Array
          2. Dir
          3. Enumerable
          4. File
          5. Hash
          6. Kernel
          7. Module
          8. Proc
          9. String
        2. How to Read Code
          1. How to Locate Code
          2. Reading the Call Stack
          3. Debugging Ruby and Rails
            1. Debugging Rails with ruby-debug
          4. Where to Start
            1. Pick something interesting
            2. Start at the top
          5. Read the Tests
          6. Stay Current
        3. ActiveSupport
          1. Dependencies
          2. Deprecation
            1. Deprecated instance variables
          3. Inflector
          4. JSON
          5. Whiny Nil
        4. Core Extensions
          1. Array
            1. Conversions
            2. Grouping
            3. Option processing
            4. Random selection
          2. Blank
          3. Class Attribute Accessors
          4. Class Inheritable Attributes
          5. Date and Time
            1. Conversions
            2. Conversions from Numeric
            3. Time calculations
          6. Enumerable
          7. Exception
          8. File
          9. Float
          10. Hash
            1. Conversions
            2. Option processing
            3. HashWithIndifferentAccess
          11. Integer
          12. Kernel
            1. Daemonize
            2. Reporting
          13. Module
            1. Aliasing
            2. Delegation
            3. Introspection
          14. Numeric Conversions
          15. Object
            1. instance_exec
            2. Miscellaneous methods
          16. Range
          17. String
            1. Inflector
            2. String i18n
            3. Miscellaneous methods
          18. Symbol#to_proc
          19. TimeZone
        5. RailTies
          1. Rails Configuration
          2. Application Initialization in 20 Easy Steps
          3. Request Dispatch
        6. Further Reading
      5. 3. Rails Plugins
        1. About Plugins
          1. Plugin Loading
          2. Installing Rails Plugins
            1. RaPT
            2. Piston
            3. Decentralized version control
        2. Writing Plugins
        3. Plugin Examples
          1. Account Location
          2. SSL Requirement
          3. HTTP Authentication
        4. Testing Plugins
          1. Testing Plugin Database Dependencies
        5. Further Reading
      6. 4. Database
        1. Database Management Systems
          1. PostgreSQL
          2. MySQL
          3. SQLite
          4. Microsoft SQL Server
          5. Oracle
        2. Large/Binary Objects
          1. Database Storage
            1. PostgreSQL
            2. MySQL
            3. Oracle
          2. Filesystem Storage
          3. Sending Data with X-Sendfile
            1. Web server configuration
          4. Serving Static Files
          5. Managing Uploads in Rails
            1. Attachment plugins
            2. Rolling your own
            3. Upload progress
        3. Advanced Database Features
          1. Application Versus Integration Databases
          2. Constraints
          3. Composite Keys
          4. Triggers, Rules, and Stored Procedures
          5. Examples
            1. Large object deletion
            2. Data partitioning
        4. Connecting to Multiple Databases
          1. Magic Multi-Connections
        5. Caching
        6. Load Balancing and High Availability
          1. MySQL
            1. Replication
            2. MySQL cluster
          2. PostgreSQL
            1. High availability: Warm standby
            2. Master-slave replication: Slony-I
            3. Multimaster replication: PGCluster
          3. Oracle
          4. Microsoft SQL Server
        7. LDAP
          1. ActiveLDAP
          2. Authenticating with LDAP
        8. Further Reading
      7. 5. Security
        1. Application Issues
          1. Authentication
            1. Password hashing in Rails
          2. Don't Trust the Client
            1. Form processing
            2. Hidden form fields
            3. Client-side validation
            4. Cookies
            5. Double-check everything
          3. Secure Fallback
          4. Avoid Security Through Obscurity
          5. Secure Your Error Messages
          6. Whitelist, Don't Blacklist
        2. Web Issues
          1. Rails Sessions
            1. Cookie-based sessions
          2. Cross-Site Scripting
            1. Mitigation
            2. Whitelisting
          3. Cross-Site Request Forgery
            1. CSRF mitigation
          4. Canonicalization: What's in a Name?
        3. SQL Injection
        4. Ruby's Environment
          1. Using the Shell
          2. Object Tainting
        5. Further Reading
      8. 6. Performance
        1. Measurement Tools
          1. Black-Box Analysis
            1. Statistics: The least you need to know
            2. Black-box analysis with httperf
          2. Code Timing
          3. Rails Analyzer Tools
            1. Production log analyzer
            2. Action profiler
            3. Rails Analyzer Tools
        2. Rails Optimization Example
          1. Profiling an Action
          2. Optimizing and Reprofiling
          3. Benchmarking
            1. Running the benchmark
            2. Interpreting the results
        3. ActiveRecord Performance
          1. Diving into SQL
          2. 1+N Problem
          3. Indexing
            1. Foreign key indexes
            2. Other indexes
            3. Full-text indexing
            4. Spatial indexes
            5. Updating index statistics
          4. Database Performance Measurement
            1. Examining the query plan
        4. Architectural Scalability
          1. Sessions
            1. ActiveRecordStore
            2. MemCacheStore
            3. CookieStore
            4. Session management
          2. Caching
            1. Page caching
            2. Action caching
            3. Fragment caching
            4. Cache sweepers
        5. Other Systems
          1. Choosing the Right Tool
            1. Leveraging external programs
            2. Writing inline C code
          2. ActionMailer
        6. Further Reading
      9. 7. REST, Resources, and Web Services
        1. What Is REST?
          1. Verbs
          2. GET
          3. PUT
          4. DELETE
          5. POST
          6. Resources
            1. Name opacity
          7. Representations and Content Types
            1. Selecting a representation
          8. Statelessness
            1. HTTP state
            2. Why statelessness?
            3. Resourceful session state: An example
            4. Authentication
        2. Benefits of a RESTful Architecture
          1. Conceptual Simplicity
          2. Caching and Scalability
          3. Robustness to Change
          4. Uniformity
        3. RESTful Rails
          1. RESTful Routing
          2. Resource-Based Named Routes
            1. Custom resource routes
            2. Nested resource routes
            3. Singleton resource routes
          3. ActionView Support
            1. Method emulation
          4. Content Types
          5. HTTP Caching
            1. Custom caching
          6. HTTP Response Status Codes
          7. ActiveResource: Consuming RESTful Services
          8. Action Web Service
        4. Case Study: Amazon S3
          1. Concepts and Terminology
          2. Authentication
            1. Alternative authentication options
          3. Architecture and Operations
          4. S3 Clients and Servers
        5. Further Reading
      10. 8. i18n and L10n
        1. Locale
        2. Character Encodings
          1. ASCII
            1. Extended ASCII
            2. Problems with ASCII
        3. Unicode
          1. Unicode Transformation Formats
        4. Rails and Unicode
          1. Multilingualization in Ruby 1.9
          2. ActiveSupport::Multibyte
          3. Unicode Normalization
          4. Filtering UTF-8 Input
          5. Storing UTF-8
            1. MySQL
            2. PostgreSQL
          6. Serving UTF-8
          7. Character Set Conversion
            1. JavaScript URI encoding and UTF-8
        5. Rails L10n
          1. Interface/Resource Translation
            1. gettext
            2. Gibberish
            3. Globalize
          2. Locale-Specific Settings
          3. Model Translation
          4. Globalize Example: An Address Book
            1. Localizing the address book
        6. Further Reading
      11. 9. Incorporating and Extending Rails
        1. Replacing Rails Components
          1. Replacing ActiveRecord
            1. DataMapper
            2. Ambition
            3. Og
          2. Alternative Template Engines
            1. Markaby
            2. Liquid
            3. Haml
        2. Incorporating Rails Components
          1. ActiveRecord
            1. ETL operations
            2. Schema operations
            3. Standalone data store
            4. Other Ruby applications
          2. ActionMailer
            1. Custom Rake tasks
            2. Receiving email
        3. Contributing to Rails
          1. Contributing Patches
          2. Rails Unit Tests
        4. Further Reading
      12. 10. Large Projects
        1. Version Control
          1. Centralized Version Control
            1. CVS
            2. Subversion
          2. Decentralized Version Control
          3. Branching and Merging
            1. Subversion branching and merging
            2. Mercurial branching and merging
          4. Database Migrations
        2. Issue Tracking
        3. Project Structure
          1. Subversion Configuration
            1. Importing existing applications
          2. Subversion Externals and Piston
          3. Rails Version
          4. Environment Initialization
          5. Including Gems
          6. Multi-Application Projects
        4. Rails Deployment
          1. Shared-Nothing Scalability
          2. Front End Web Server
            1. Asset hosts for static files
          3. Application Server
          4. Capistrano
          5. Vlad the Deployer
          6. Continuous Integration
        5. Further Reading
      13. Index
      14. About the Author
      15. Colophon
      16. SPECIAL OFFER: Upgrade this ebook with O’Reilly