Search Results

Search found 10764 results on 431 pages for 'extending ruby'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 299/431 | < Previous Page | 295 296 297 298 299 300 301 302 303 304 305 306  | Next Page >

  • Storing an encrypted cookie with Rails

    - by J. Pablo Fernández
    I need to store a small piece of data (less than 10 characters) in a cookie in Rails and I need it to be secure. I don't want anybody being able to read that piece of data or injecting their own piece of data (as that would open up the app to many kinds of attacks). I think encrypting the contents of the cookie is the way to go (should I also sign it?). What is the best way to do it? Right now I'm doing this, which looks secure, but many things looked secure to people that knew much more than I about security and then it was discovered it wasn't really secure. I'm saving the secret in this way: encryptor = ActiveSupport::MessageEncryptor.new(Example::Application.config.secret_token) cookies[:secret] = { :value => encryptor.encrypt(secret), :domain => "example.com", :secure => !(Rails.env.test? || Rails.env.development?) } and then I'm reading it like this: encryptor = ActiveSupport::MessageEncryptor.new(Example::Application.config.secret_token) secret = encryptor.decrypt(cookies[:secret]) Is that secure? Any better ways of doing it? Update: I know about Rails' session and how it is secure, both by signing the cookie and by optionally storing the contents of the session server side and I do use the session for what it is for. But my question here is about storing a cookie, a piece of information I do not want in the session but I still need it to be secure.

    Read the article

  • Can't store UTF-8 in RDS despite setting up new Parameter Group using Rails on Heroku

    - by Lail
    I'm setting up a new instance of a Rails(2.3.5) app on Heroku using Amazon RDS as the database. I'd like to use UTF-8 for everything. Since RDS isn't UTF-8 by default, I set up a new Parameter Group and switched the database to use that one, basically per this. Seems to have worked: SHOW VARIABLES LIKE '%character%'; character_set_client utf8 character_set_connection utf8 character_set_database utf8 character_set_filesystem binary character_set_results utf8 character_set_server utf8 character_set_system utf8 character_sets_dir /rdsdbbin/mysql-5.1.50.R3/share/mysql/charsets/ Furthermore, I've successfully setup Heroku to use the RDS database. After rake db:migrate, everything looks good: CREATE TABLE `comments` ( `id` int(11) NOT NULL AUTO_INCREMENT, `commentable_id` int(11) DEFAULT NULL, `parent_id` int(11) DEFAULT NULL, `content` text COLLATE utf8_unicode_ci, `child_count` int(11) DEFAULT '0', `created_at` datetime DEFAULT NULL, `updated_at` datetime DEFAULT NULL, PRIMARY KEY (`id`), KEY `commentable_id` (`commentable_id`), KEY `index_comments_on_community_id` (`community_id`), KEY `parent_id` (`parent_id`) ) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; In the markup, I've included: <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> Also, I've set: production: encoding: utf8 collation: utf8_general_ci ...in the database.yml, though I'm not very confident that anything is being done to honor any of those settings in this case, as Heroku seems to be doing its own config when connecting to RDS. Now, I enter a comment through the form in the app: "Úbe® ƒåiL", but in the database I've got "Úbe® Æ’Ã¥iL" It looks fine when Rails loads it back out of the database and it is rendered to the page, so whatever it is doing one way, it's undoing the other way. If I look at the RDS database in Sequel Pro, it looks fine if I set the encoding to "UTF-8 Unicode via Latin 1". So it seems Latin-1 is sneaking in there somewhere. Somebody must have done this before, right? What am I missing?

    Read the article

  • Need a push in the write direction, to write my first functional test in Rails?

    - by Jason
    Hi, I've read quiet a bit of documentation over the last few days about testing in Rails, I'm sitting down to write my first real test and not 100% sure how to tie what I have learned together to achieve the following functional test (testing a controller) I need to send a GET request to a URL and pass 3 parameters (simple web-service), if the functionality works the keyword "true" is simply returned, otherwise the keyword "false" is returned - its in only value returned & not contained in any , or other tags. The test should assert that if "true" is returned the test is successful. This is probably very simple so apologies for such a non-challenging question. If anyone could point me in the write direction on how I can get started, particularly how I can test the response, I'd be very grateful! Thanks!

    Read the article

  • How to override the attr_protected?

    - by KandadaBoggu
    I have STI implementation as follows: class Automobile < ActiveRecord::Base end class Car < Automobile end class Truck < Automobile end class User < ActiveRecord::Base has_many :automobiles accepts_nested_attributes_for :automobiles end I am creating a list of automobiles for a user. For each automobile, the UI sets the type field and the properties associated with the automobile.While form submission, the type field is ignored as it is a protected attribute. How do I work around this issue? Is there a declarative way to unprotect a protected attribute?

    Read the article

  • Dynamic use of :default_url in Paperclip

    - by dgilperez
    I'm trying to configure Paperclip to provide different missing images based on the instance's category attribute. Every category of the object has its own missing image. This is my first take: EDIT to add full models: class Service < ActiveRecord::Base attr_accessible :logo, :logo_file_name, :logo_content_type, :logo_file_size, :logo_updated_at belongs_to :category, :counter_cache => true has_attached_file :logo, :path => "/:id-:style-:filename", :url => ":s3_eu_url", :default_url => "/logos/:style/#{self.category.name]}.png", :styles => { :large => "600x400>", :medium => "300x200>", :small => "100x75>", :thumb => "60x42>" } end class Category < ActiveRecord::Base attr_accessible nil has_many :services end In my view, image_tag service.logo.url(:thumb) outputs: undefined method `category' for #<Class:0x0000010a731620> Any ideas? EDIT2: A working default_url is :default_url => "/logos/:style/missing.png", SOLUTION: See my own answer below.

    Read the article

  • HMAC URLs instead of login?

    - by Tres
    In implementing my site (a Rails site if it makes any difference), one of my design priorities is to relieve the user of the need to create yet another username and password while still providing useful per-user functionality. The way I am planning to do this is: User enters information on the site. Information is associated with the user via server-side session. User completes entering information, server sends an access URL via e-mail to the user roughly in the form of: http://siteurl/<user identifier>/<signature: HMAC(secret + salt + user identifier)> User clicks URL, site looks up user ID and salt and computes the HMAC with the server-stored secret and authenticates if the computed HMAC and signature match. My question is: is this a reasonably secure way to accomplish what I'm looking to do? Are there common attacks that would render it useless? Is there a compelling reason to abandon my desire to avoid a username/password? Is there a must-read book or article on the subject? Note that I'm not dealing with credit card numbers or anything exceedingly private, but I would still like to keep the information reasonably secure.

    Read the article

  • What is the best way to do scoped finds based on access control rules in Rails?

    - by Rafael Szuminski
    Hi I need to find an elegant solution to scoped finds based on access control rules. Essentially I have the following setup: Users Customers AccessControl - Defines which user has access to another users data Users need to be able to access not just their own customers but also shared customers of other users. Obviously something like a simple association will not work: has_many :customers and neither will this: has_many :customers, :conditions => 'user_id in (1,2,3,4,5)' because the association uses with_scope and the added condition is an AND condition not an OR condition. I also tried overriding the find and method_missing methods with the association extension like this: has_many :customers do def find(*args) #get the user_id and retrieve access conditions based on the id #do a find based on the access conditions and passed args end def method_missing(*args) #get the user_id and retrieve access conditions based on the id #do a find based on the access conditions and passed args end end but the issue is that I don't have access to the user object / parent object inside the extension methods and it just does not work as planned. I also tried default_scope but as posted here before you can't pass a block to a default scope. Anyhow, I know that data segmentation and data access controls have been done before using rails and am wondering if somebody found an elegant way to do it. UPDATE: The AccessControl table has the following layout user_id shared_user_id The customer table has this structure: id account_id user_id first_name last_name Assuming the the following data would be in the AccessControl table: 1 1 1 3 1 4 2 2 2 13 and so on... And the account_id for user 1 is 13 I need to be able to retrieve customers that can be best described with the following sql statement: select * from customers where (account_id = 13 and user_id = null) or (user_id in (1,3,4))

    Read the article

  • How to create a user customizable database (like Zoho creator) in Rails?

    - by martjno
    I'm learning Rails, and the target of my experiments is to realize something similar to Zoho Creator, Flexlist or Mytaskhelper, i.e. an app where the user can create his own database schema and views. What's the best strategy to pursue this? I saw something about the Entity-Attribute-Value but I'm not sure whether it's the best strategy or if there is some support in Rails for it. If there was any tutorial in Rails about a similar project it would be great. Probably it's not the easiest star for learning a new language and framework, but it would be something I really plan to do since a long time.

    Read the article

  • How to map non-REST URLS to REST ones?

    - by Krzysztof Luks
    I have a small rails app that has default scaffold generated routes eg. /stadia/1.xml. However I have to support legacy client app that can't construct such URLs correctly. What I need to do is to map URL in the form: /stadia?id=1?format=xml to /stadia/1.xml Or even something like: /myApp?model=<model_name>?id=<id>?format=xml to /<model_name/<id>.xml Is it possible to craft appropriate route in Rails?

    Read the article

  • Singleton with eager initialization

    - by jesper
    I have class X that takes much time to initialize itself. I want to make that class singleton and force its creation when rails application starts. I've made the singleton: class X @@instance = nil def self.instance if @@instance.nil? @@instance = X.new puts 'CREATING' end return @@instance end private_class_method :new end The problem is that every time I use this class I see 'CREATING' in logs. I've tried to put creation of class in initializers directory but it doesn't work either.

    Read the article

  • rails controller defaults to respond with application/xml in production

    - by Dave Paroulek
    I have a standard contacts_controller.rb with index action that responds as follows: respond_to do |format| format.html format.xml { render :xml => @contacts } end In development, it works as intended: when I browse to http://localhost:3000/contacts, I get an html response. But, when I start the app using capistrano on a remote Ubuntu server and browse to the same url, I get an xml response. If I go to http://remote_host:8000/contacts.html, then I see the html response. If I comment out the format.xml { render :xml => @contacts }, then I see the desired html response. Pretty sure I'm missing something subtle about difference between Rails development and production modes. Any ideas about what I'm overlooking? Thanks, - Dave

    Read the article

  • Get SEO friendly URLS with Rails without mehtod_missing?

    - by tesmar
    Hi all, Currently we are using method_missing to catch for calls to SEO friendly actions in our controllers rather than creating actions for every conceivable value for a variable. What we want are URLS like this: /students/BobSmith and NOT /students/show/342 IS there a cleaner solution than method_missing? Thank you!

    Read the article

  • How does 37signals job preview functionality work?

    - by slythic
    Hi all, I'm interested in getting a preview functionality working similar to how the 37signals job site does: http://jobs.37signals.com. Below are some screen shots of how it works. Step 1. Create your ad http://cl.ly/dfc4761b015c7f43c8ab (URL /jobs/new) Step 2. Preview your ad http://cl.ly/9c4b4041cfea83d8569e (URL /jobs/new/preview) Step 3. Publish your ad http://cl.ly/a58284d90fd380d2c26b (URL /listings/new/purchase?token=5198) So assuming you have Post model where Step 1 usually takes place in the new/create view/actions, how should one continue to Step 2 Preview and then after previewing, proceeding to the Step 3 publishing the post/ad? Do they actually save the ad/post in the database before continuing to Step 2 (Preview) but set a flag (like a boolean field called preview set to true)? It looks like they set a token paramater but I'm not sure what it's used for) I'm interested in this because it seems to go against the CRUD/REST and I thought it would be good to know how it worked. Thanks!

    Read the article

  • Rails problem with Delayed_Job and Active Record

    - by Michael Waxman
    I'm using Delayed_Job to grab a Twitter user's data from the API, but it's not saving it in the model for some reason! Please help! (code below) class BandJob < Struct.new(:band_id, :band_username) #parameter def perform require 'json' require 'open-uri' band = Band.find_by_id(band_id) t = JSON.parse(open("http://twitter.com/users/show/#{band_username}.json").read) band.screen_name = t['screen_name'] band.profile_background_image = t['profile_background_image_url'] band.url = 'http://' + band_username + '.com' band.save! end end To clarify, I'm actually not getting any errors, it's just not saving. Here's what my log looks like: * [JOB] acquiring lock on BandJob [4;36;1mDelayed::Job Update (3.1ms)[0m [0;1mUPDATE "delayed_jobs" SET locked_at = '2009-11-09 18:59:45', locked_by = 'host:dhcp128036151228.central.yale.edu pid:2864' WHERE (id = 10442 and (locked_at is null or locked_at < '2009-11-09 14:59:45') and (run_at <= '2009-11-09 18:59:45')) [0m [4;35;1mBand Load (1.5ms)[0m [0mSELECT * FROM "bands" WHERE ("bands"."id" = 34) LIMIT 1[0m [4;36;1mBand Update (0.6ms)[0m [0;1mUPDATE "bands" SET "updated_at" = '2009-11-09 18:59:45', "profile_background_image" = 'http://a3.twimg.com/profile_background_images/38193417/fbtile4.jpg', "url" = 'http://Coldplay.com', "screen_name" = 'coldplay' WHERE "id" = 34[0m [4;35;1mDelayed::Job Destroy (0.5ms)[0m [0mDELETE FROM "delayed_jobs" WHERE "id" = 10442[0m * [JOB] BandJob completed after 0.5448 1 jobs processed at 1.8011 j/s, 0 failed ... Thanks!

    Read the article

  • Does a rails production.log store indefinitely?

    - by Trip
    If it doesn't, what's the half-life of it? It it does, where can find that information? On my server I found a few logs for each of my releases. But they only date back a few days. Specifically, I am looking for emails that were sent while my mail server was down two weeks ago.

    Read the article

  • How can I abstract out the core functionality of several Rails applications?

    - by hornairs
    I'd like to develop a number of non-trivial Rails applications which all implement a core set of functionality but each have certain particular customizations, extensions, and aesthetic differences. How can I pull the core functionality (models, controllers, helpers, support classes, tests) common to all these systems out in such a way that updating the core will benefit every application based upon it? I've seen Rails Engines but they seem to be too detached, almost too abstracted to be built upon. I can seem them being useful for adding one component to an existing app, for example bolting on a blog engine to your existing e-commerce site. Since engines seem to be mostly self contained, it seems difficult and inconvenient to override their functionality and views while keeping DRY. I've also considered abstracting the code into a gem, but this seems a little odd. Do I make the gem depend on the Rails gems, and the define models & controllers inside it, and then subclass them in my various applications? Or do I define many modules inside the gem that I include in the different spots inside my various applications? How do I test the gem and then test the set of customizations and overridden functionality on top of it? I'm also concerned with how I'll develop the gem and the Rails apps in tandem, can I vendor a git repository of the gem into the app and push from that so I don't have to build a new gem every iteration? Also, are there private gem hosts/can I set my own gem source up? Also, any general suggestions for this kind of undertaking? Abstraction paradigms to adhere to? Required reading? Comments from the wise who have done this before? Thanks!

    Read the article

  • Rails time zones

    - by Bob
    I'm calling an external web service API that returns a timezone as listed in the Olson timezones database (e.g. "America/New_York"). However some of the values the API returned are "US/Pacific", "US/Eastern" and apparently don't match any of the Olson timezones in Rails 2.3.2. Can anyone shed some light on this? Thanks in advance for your help.

    Read the article

  • How to write SQL query as named_scope?

    - by keruilin
    How can I translate the following SQL query into a named_scope? select users.*, sum(total_quantity * total_price) as points_spent from orders join users on users.id = orders.user_id where pay_type = 'points' group by user_id order by points_spent desc Thanks!

    Read the article

  • Creating an AJAX Form for a Polymorphic Object in Rails

    - by Isaac Yerushalmi
    I am trying to create an AJAX form for a polymorphic associated model. I created "Comments" which have a polymorphic association with all objects you can comment on (i.e. user profiles, organization profiles, events, etc). I can currently add comments to objects using a form created by: form_for [@commentable, @comment] do |f| I am trying to make this form via Ajax but I keep getting errors. I've tried at least ten different pieces of code, using remote_form_tag, remote_form_for, etc..with all different options, and nothing works. The comment does not get inserted into the database. Can anyone please tell me how I can make the above form ajax-enabled?

    Read the article

  • Write XML File from a flex application back to a rails Server

    - by Markus
    Hi everybody, I have a XML-file, which I want to send to a rails server. To do so I use the following code: <mx:HTTPService id="dataService" result="resultHandler(event)" resultFormat="e4x"/> In a Function triggered by a save button, I do the following: var params:Object = {}; params["xml_file"] = xmlDoc; dataService.method = "POST"; dataService.url = "http://localhost:3000/containers"; dataService.send(params); Unfortunately there is always the Problem (see below) appearing. If I remove the params var, it runs a GET Request... [RPC Fault faultString="HTTP request error" faultCode="Server.Error.Request" faultDetail="Error: [IOErrorEvent type="ioError" bubbles=false cancelable=false eventPhase=2 text="Error #2032: Stream-Fehler. URL: http://localhost:3000/containers"]. URL: http://localhost:3000/containers"] what could be the problem? Thanks for any hints! Markus

    Read the article

  • How do I deactivate a specific version of gem?

    - by JayX
    Currently I have two versions of rack installed on my computer 1.0.1 and 1.2.1 However, when I tried to push my git to Heroku, it complains You have already activated rack 1.0.1, but your Gemfile requires rack 1.2.1. Consider using bundle exec. (Gem::LoadError) How can I deactivate rack 1.0.1 and activate 1.2.1 instead? (I can't uninstall 1.0.1 since it's under system folder and I don't have the root password)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 295 296 297 298 299 300 301 302 303 304 305 306  | Next Page >