Tag: Rails Development

Benefits Of Ruby On Rails Application Development

Posted on by Jay

Ruby on rails has been one of the tops most popular and advanced server-side web frameworks for a few years.

But still, some investors ask why we suggest Ruby on rails to develop their web application since all other frameworks and languages are available.

And obviously, they do not have any clue about it, it’s sure.

When you think a bit about it, it does seem there right is to ask as he/she the person who is investing to build the object and is going to use it as well.

So before I embark on the discussion of the benefits of using Ruby on Rails, let me explain first what Ruby on Rails actually is.

What is Ruby on Rails:

Ruby is a dynamic; fully object-oriented scripting language created back in 1995. Using HTML, JavaScript, and CSS developers can build an architecturally clean, and high-quality web application.

During the building of Basecamp in 2005, David Heinemeier Hansson (DHH) envisioned a controlling library over the Ruby programming language, thus originating the rails framework.

Later he made it extensible and flexible and uprooted with the open-source market.

And the framework was further improved and makes the breakthrough for web application development.

The Key principle of RoR development is “Convention over Configuration”.

It means the developer does not need to spend much time to configure the files in order to set up where are Rails comes with a set of convection that helps to speed up the development process.

From the management point of view, Ruby on rails community supports an iterative development method knows as Agile Development.

This Method encourages a collaborative and flexible approach which well appropriate for the web app development with fast-changing necessities.

Ruby on Rails Latest VersionsSource: Rubygems[.]org

Over the years Ruby on Rails has been upgrading its version (Currently: 6.0.0.beta3 – March 13, 2019) and gained a huge following.

I think this is enough for the introduction. Now Let’s see the advantages of using this framework on web application development.

Advantages of using RoR:

The RoR framework follows the 3 major designing ethics which endorse the simplicity in building a complex system.

  • MVC (Model View Controller) Architecture
  • Conventions over Configurations Model
  • DRY (Don’t Repeat Yourself)

Along with, other benefits of ruby on rails are:

Simplicity:

With simple and readable syntax helps ruby programmers to execute more in less code. So, both developers and investors can view each development and quick learning progresses on the project.

The framework has the inbuilt solutions to the variety of problems that a web developer commonly faced. In case of any customized function that you need to employ, there is a gem available in the RubyGems.

If not, still the developer can find an expert from the Ruby community who can come up with the solution.

The set rules and prototypes of RoR facilitate further web application development. So, the developer does not need to waste his/her time on searching the appropriate structure for the application.

Faster development:

The experts quote Ruby on Rails minimize 20-40% website development time as compared to the other popular frameworks.

And it can be made possible due to the object-oriented nature of Ruby such as the bend code base, modular design, wide-ranging open-source code developed by the Rails community, and a wide range of pre-built plugin solutions for feature development.

Also, the developer can access the various pre-built modules which can take standard and non-standard components from a “garage’ and integrate them into the product.

The same components can be reused as well.

Moreover, the framework offers an option of integrated testing in the process of the coding which saves both time and efforts of the developer.

Easy to maintain and update:

Well, RoR is known for its predictability and stability. The programmer can modify or change the existing codes and can add new functionality with ease.

It means, if you want to upgrade your existing application, the rails convection will help to make it possible in lesser time without any complexity. This is more valuable for bigger projects.  

Also, the substitution of the development team would not be an issue if you use RoR for your application.

Cost-effective:

For investors, Ruby on Rails is the perfect saving prospects. As I already have mentioned above, the development process is up to 20-40% lesser developed under the Ruby platform. As a result, it will cut your cost.

As it is an open-source platform, it can be used by any individual or corporation. And supports open-source Linux and many free web servers. So, you do not need to buy any license.

And seeing as the entire development procedure and code updates are executed faster, investors lean to spend fewer budgets on the development of their web applications.

Quality product:

By the help of high-quality libraries, the developer built a hassle-free web application instead of writing boilerplate code each time.

It leads to concentrate on determining the application development and building a better product for you.

Same time, RoR also endorses testing automation, which helps to deliver better-performing software.

Being friendly to web designers in terms of structuring, RoR also facilitates web apps and sites more appealing.

Fit to every Industry:

From the years, the community of Ruby has been focusing on web development.

However, the use of RoR for various purposes has grown like e-commerce, content management system, mobile application backend, Fintech, market place social networks, etc.

Industries are using RoR platform.Source: Valuecoders Image

While the framework is flexible and can easily configure to any form of business and products, the demand for use of RoR has also has been increased among business owners. You might be thinking about how you can hire a Ruby on Rail developer and how much it may cost.

Industries can use these benefits at most:

Ruby on Rails is the best option to choose for the long term and dynamic projects. If you plan to build a general-purpose app or you need a business-critical solution, Ruby programming is the better option for you too.

Here I have mentioned some other industries that can get the most benefit out of Ruby on Rails:

  •     Social Media and Networking
  •     Beauty & Fashion Website Design
  •     Blogs & Widgets
  •     eCommerce Application Development
  •     Real Estate
  •     Healthcare
  •     Sports & Fitness
  •     Retail
  •     CRM

Conclusion

The overall conclusion is, it is excellent over time and performance which can absorb the changes, easy to collaborate, and can produce the best quality product for you.

As a web development company, Andolasoft has been working on Ruby on Rails framework from the last 11+ years and more than 250+ Rails projects have been delivered successfully.

Want to build your application on Ruby on Rail?Let’s Discuss!

Ruby On Rails Integration Testing With Minitest And Capybara

Posted on by Jay

Hi Guys! I am back again with one more article about ruby on rails.

I hope this is the right time to share one of my technical stuffs on ruby on rails after sharing PHP and Mobile stuffs.

Minitest And Capybara: Integration Testing Demystified

In this article, I am going to share my own experience and ideas of ruby on rails integration testing using Minitest and Capybara and tell you the process how it serves as one of the most preferred alternative for controller test.

Never miss an update from us. Join 10,000+ marketers and leaders.

A lot of you must have heard about Capybara but still for those who are new to this –

Capybara:

Capybara is an acceptance test framework used for web applications and supports developers in integration testing of Ruby on Rails applications with Minitest.

So, let’s get into the details about Capybara, Minitest and Integration Testing

Minitest:

Minitest is the default and a complete testing suite for Ruby application, which supports ancillary test-driven development (TDD), behavior-driven development (BDD), mocking, and benchmarking for fast, clean and reliable test results.

Whereas, Capybara is the acceptance test framework for web applications and frequently used for end-to-end testing in Rails Applications.

Rails developer can suggest user on web page and Capybara provides API to interact with web page.

Integration Testing: 

Integration Testing are used to test the most important workflows of applications and test different fragments of application together while unit testing inspects the individual part of the application work.

Before sharing the real process how to use Capybara with Minitest for integration testing of your Ruby on Rails applications, let me tell you the prerequisites of this testing process.

Ruby version 2.3.3, Rails version 5.0.0.1,
Minitest version 5.10.1, and Capybara version 2.11.1 are required for the smooth operation and you can use gem install rails to get started.

Setup

You can set up a new Rails application.

rails new integration-testing-minitest

We’ll need to add Capybara to our – Gemfile

in the group test.

[code language=”php”]# Gemfile

group :test do
gem ‘minitest-rails-capybara’
end
[/code]

Also need to load Capybara in order to use it in our tests.

[code language=”php”]
# test/test_helper.rb

ENV[‘RAILS_ENV’] ||= ‘test’
requireFile.expand_path(‘../../config/environment’, __FILE__)
require ‘rails/test_help’
require "minitest/rails/capybara"

[/code]

Now, that you have everything set up, let’s see the integration tests with an example application.

Running the scaffold generator to create posts.

[code language=”php”]
rails generate scaffold Post title:string body:text
[/code]

Next we need to migrate the database.

[code language=”php”]
rake db:migrate
== 20161214213527 CreatePosts: migrating ======================================
— create_table(:posts)
-> 0.0020s
== 20161214213527 CreatePosts: migrated (0.0024s) =============================
rake
# Running:
…….
[/code]

You can also issue

[code language=”php”]rails server[/code]

at the command line and navigate to http://localhost:3000/posts to check the result.

Integration Tests

 Let’s create our first integration test.

[code language=”php”]
# test/fixtures/posts.yml

one:
title: Post Title One
body: Post body one.

two:
title: Post Title Two
body: Post body two.
[/code]

Here’s our first integration test.

[code language=”php”]
# test/integration/post_flow_test.rb

require ‘test_helper’

classPostFlowTest> Capybara::Rails::TestCase
def setup
@one = posts :one
@two = posts :two
end

test ‘post index’ do
visitposts_path

assertpage.has_content?(@one.title)
assertpage.has_content?(@two.title)
end
end
[/code]

All you need to do here is – to run all your tests again to make sure they all pass

[code language=”php”]
rake
# Running:
……..
Finished in 0.515325s, 15.5242 runs/s, 21.3458 assertions/s.

8 runs, 11 assertions, 0 failures, 0 errors, 0 skips
[/code]

Now, let’s move on to something a bit more complicated, and test if you can write a new post and submit it. Place it below other test in your integration test for posts.

[code language=”php”]
# test/integration/post_flow_test.rb

test ‘writing a new post’ do
visitposts_path

click_on ‘New Post’

fill_in ‘Title’, with: ‘Test Title’
fill_in ‘Body’,  with: ‘Test Body’

click_on ‘Create Post’

assert_current_pathpost_path(Post.last)
assertpage.has_content?(‘Test Title’)
assertpage.has_content?(‘Test Body’)
end
end
[/code]

Run the tests again to make sure everything passes.

[code language=”php”]
rake

# Running:

………

Finished in 0.551475s, 16.3199 runs/s, 23.5731 assertions/s.

9 runs, 13 assertions, 0 failures, 0 errors, 0 skips
[/code]

Now, we have one last feature to add, the email alert to an admin email once a post has been submitted. Let’s start by adding a new test for writing a new post and checking if an admin notice email was sent.

[code language=”php”]
# test/integration/post_flow_test.rb

require ‘test_helper’

classPostFlowTest> Capybara::Rails::TestCase
includeActiveJob::TestHelper

def setup
@one = posts :one
@two = posts :two
end

test ‘post index’ do
visitposts_path

assertpage.has_content?(@one.title)
assertpage.has_content?(@two.title)
end

test ‘writing a new post’ do
write_new_post

latest_post = Post.last

assert_current_pathpost_path(latest_post)
assertpage.has_content?(‘Test Title’)
assertpage.has_content?(‘Test Body’)
end

test ‘writing a new post’ do
write_new_post

latest_post = Post.last

assert_current_pathpost_path(latest_post)
assertpage.has_content?(‘Test Title’)
assertpage.has_content?(‘Test Body’)
end

test ‘writing a new post sends admin notice’ do
perform_enqueued_jobs do
write_new_post

last_post = Post.last
mail      = ActionMailer::Base.deliveries.last

assert_equal ‘admin@example.com’, mail[‘to’].to_s
assert_equal ‘New post added’, mail.subject
end
end

private

defwrite_new_post
visitposts_path

click_on ‘New Post’

fill_in ‘Title’, with: ‘Test Title’
fill_in ‘Body’,  with: ‘Test Body’

click_on ‘Create Post’
end
end
[/code]

Let’s create the mailer first:

[code language=”php”]
rails generate mailer PostMailer
[/code]

This should set up the mailer – Time to add our admin notice email to it:

[code language=”php”]
# app/mailers/post_mailer.rb

classPostMailer> ApplicationMailer
defadmin_notice(post)
@post = post
mail to: ‘admin@example.com’, subject: ‘New post added’
end
end
[/code]

We also need the corresponding views:

[code language=”php”]
%# app/views/post_mailer/admin_notice.html.erb %>

A new post has been added! Here’s the post:

<%= @post.title %>
<%= simple_format @post.body %>

<%# app/views/post_mailer/admin_notice.text.erb %>

A new post has been added! Here’s the post:

Title: <%= @post.title %>
<%= @post.body %>
[/code]

We’ll skip the tests for this mailer to keep this tutorial from getting too long. All you have to do now is call the mailer from the controller after a post has been created.

[code language=”php”]
# app/controllers/posts_controller.rb


# POST /posts
# POST /posts.json
def create
@post = Post.new(post_params)

respond_to do |format|
if @post.save
PostMailer.admin_notice(@post).deliver_later

format.html { redirect_to @post, notice: ‘Post was successfully created.’ }
format.json{ render :show, status: :created, location: @post }
else
format.html { render :new }
format.json{ renderjson: @post.errors, status: :unprocessable_entity }
end
end
end

[/code]

We added only one line there to call the mailer. Now, let’s run the tests again and see if they pass.

[code language=”php”]
rake

# Running:

……….

Finished in 0.975611s, 10.2500 runs/s, 15.3750 assertions/s.

10 runs, 15 assertions, 0 failures, 0 errors, 0 skips
[/code]

All the tests should pass, and now you have an application that is integration-tested end-to-end with Minitest and Capybara.

Coming To An End of The Lesson

I’ve worked with the team at Andolasoft on multiple websites. They are professional, responsive, & easy to work with. I’ve had great experiences & would recommend their services to anyone.

Ruthie Miller, Sr. Mktg. Specialist

Salesforce, Houston, Texas

LEARN MORE

I am sure this article will give you a clear idea about ruby on rails application integration testing using Minitest and Capybara. Share your thoughts with comments if I have missed anything or if you want to know more.

Closures In Ruby: Lambdas & Procs

Posted on by Jay

Ruby handles Closures in a rather unique way, with Lambdas & Procs being two of the most powerful features.

A Closure basically has the following properties:

  • Can be passed around like an object
  • Remembers values of all the variables that were in scope.
  • Accesses the variables when called, even if they may no longer be in scope.

In Ruby, Closures are supported through Procs and Lambdas.

How Are These Objects Different?

The basic difference is in terms of returning the objects and argument passing. Lambdas check the number of arguments, while Procs don’t.

Here’s the code snippet for Lambdas:

[code language=”html”]
myblock = lambda { |p| puts p }
$> myblock.call(5)
#output: 5
$> myblock.call
#output: ArgumentError: wrong number of arguments (0 for 1)
[/code]

But, in case of Procs:

[code language=”html”]
proc= Proc.new { |p| puts p }
$> proc.call(5)
#output: 5
$> proc.call
#output: returns nil
$> proc.call(5,4,3)
#output: prints out 5 and forgets about the extra arguments
[/code]

Lambdas and procs treat the ‘return’ keyword differently. Here’s an example that uses Lambdas:

[code language=”html”]
def sample_method
lambda { return "Return me from the block here" }.call
return "Returning from the calling method"
end
$> puts sample_method
[/code]

Output: Returning from the calling method

Here’s another example using Proc.new:

[code language=”html”]
def my_method
Proc.new { return "Return me from the block here" }.call
return "Returning from the calling method"
end
$>puts my_method
[/code]

Output: Return me from the block here.

Did I miss anything out? Please share your thoughts at info@andolasoft.com.

I would also appreciate it, if you leave your suggestions/feedback below.

SQL Injection (SQLi): How To Fix It In Ruby On Rails

Posted on by Jay

What is SQL Injection Vulnerability?

SQL injection is vulnerability where an attacker can manipulate some value used in an unsafe way inside a SQL query. The bug allows SQL injection through dynamic finder methods, leading to data leaks, data loss & other unpleasant outcomes.

Let’s consider the following code to get customer information by email:

[code language=”html”]
Customer.where("email = #{user_data}").first
[/code]

Since the attacker has full control over ‘user_data’, they can insert whatever they like in the ‘where query’. For example:

[code language=”html”]
user_data = “email@somedomain.com; DROP TABLE customers;”
[/code]

The above ‘user_data’ with ‘where query’ will be executed separately as two SQL commands in the database, like this:

[code language=”html”]
SELECT * FORM customers WHERE email=’someone@example.com; DROP TABLE customers;–‘
[/code]

This results in complete data loss from customers table. Apart from data loss, the attackers can get useful information from your database using SQL injection.

Never miss an update from us. Join 10,000+ marketers and leaders.

Here is a sample code where User is being searched by the username:

[code language=”html”]
User.where("username = #{user_data}").first
[/code]

The attacker inserts the following text as ‘user_data’:

[code language=”html”]
user_data = "” or admin=’t’–"
[/code]

The above ‘user_data’ with ‘where query’ works like this:

  • The first part of the ‘user_data’ ‘# returns empty result set as the username is blank.
  • The second part, admin=’t’ fetches admin information from the table.
  • The last part — is a SQL comment to cancel all further command execution.

With this, all information about the admin is now in the attacker’s hands which might lead to serious problems.

Preventing SQL Injection Vulnerability

The best way to find out if an application is vulnerable to injection is to check whether the entire use of interpreters clearly segregates not-to-be trusted data from the command/query. In SQL calls, all the variables should bind with the prepared statements and stored procedures, whereas the dynamic queries should be avoided to prevent SQL vulnerabilities.

ActiveRecord & some other ORMs have all the facilities for parameterising queries. Here are some of the frequently used unsafe queries and safer ways to fix them:

Single Parameter Queries

# Unsafe Query

[code language=”html”]
Post.where("post_title = ‘#{post_title}’")
Post.where("post_title = ‘%{post_title}’" % { post_title: post_title })
[/code]

# Safe Query

[code language=”html”]
Post.where(post_title: post_title)
Post.where("post_title = ?", post_title)
Post.where("post_title = :post_title", post_title: post_title)
[/code]

Compounding Queries

# Unsafe Query

[code language=”html”]
def unsafe_query
query = []
query << "post_title = #{post_title}" if condition1
query << "author = #{author}" if condition2
Post.where(query.join(‘ and ‘))
end
[/code]

# Safe Query

[code language=”html”]
def safe_query
Post.all.tap do |query|
query.where(post_title: post_title) if condition1
query.where(author: author) if condition2
end
end
[/code]

Like Query

# Unsafe Query

[code language=”html”]
Post.where("post_title LIKE ‘%#{post_title}%’")
[/code]

# Safe Query

[code language=”html”]
Post.where("post_title LIKE ?", "%#{post_title}%")
[/code]

Conclusion

From the above mentioned Unsafe vs Safe illustrations, it’s clear that if there is a surrounding quote to the query, it’s vulnerable to SQL Injection. Thanks to clever methods, this is hardly a problem in most Rails applications now-a-days. However, this is a very common but devastating attack in the world of web apps.

Hence, it’s important to understand the problem & fix it as described above.

If you’re worried about the security of your Ruby on Rails App, we would be happy to help you. If you’re planning to start something new on RoR, get in touch with us. We’ll convert your ideas into app.

Module In Ruby And Its Usages In Rails

Posted on by Jay

Ruby is an Object Oriented Programming (OOP) language. This programming language based upon various components such as classes, object, variables etc. Ruby also provides a nice building block for applications, and which is known as module. A module is a collection of methods and constants. It defines a namespace in which other methods and constant can’t step on your methods and constants.

Purpose of a Module:

Ruby module is a component to regroup similar things. Ruby methods, classes and constants can be grouped by similarity with the help of modules.

Here is the Two benefits provide by the modules

  • Ruby provide ‘namespace’, and which basically helps to prevent name clashes.
  • Ruby’s ‘mixin’ facility is implemented with the help of modules.

The basic syntax of module is:

[code language=”html”]
module Identifier
statement1
statement2
………..
End
[/code]

Uses:

Ruby module mainly functions as a namespace. It lets us define various methods for the actions that will perform. When a method defined inside a module does not clash with other methods that are written anywhere else, though they’re having the same names.

Module constants are named like class constants with an initial uppercase letter. This are module methods, and also defined like class methods.

Here is an example.

[code language=”html”]
module MyModule
def method
puts “hello”
end
end
[/code]

To access the methods and constants inside a module in a class include key word is used.

[code language=”html”]
class Customer < ActiveRecord::Base
include MyModule
end
[/code]

To use the method that is defined inside a module, specify the module name followed by a dot and then the method name.

Ruby Mixins and Ruby Modules:

Ruby is purely an OOP language. But it does not support multiple inheritances directly, which is handled beautifully by Modules. They provide a facility called ‘mixin’ that eliminates the requirement of multiple inheritance. In Ruby when ‘mixins’ are called and used in proper manner they provide high degree of versatility functionality.

Never miss an update from us. Join 10,000+ marketers and leaders.

A module ‘mixin’ generally consists of several lines of codes to set up conditions where the module can mix in with a class or classes to improve the functionality of the class or itself too. Here is an example of a module ‘mixin’.

[code language=”html”]
module A
def a1
end
def a2
end
end

module B
def b1
end
def b2
end
end

class MyClass
include A
include B
def s1
end
end

obj = Objet.new
obj.a1
obj.a2
obj.b1
obj.b2
obj.s1
[/code]

Here module A and B consist of two methods individually. They are included in the classMyClass. Now MyClass can access all the four methods a1, a2, b1, b2. So it can be said that Myclass inherits from multiple modules. Thus multiple inheritances are implemented with the help of module’s ‘mixin’ facility.

Conclusion:

Modules don’t have any direct analogy in any mainstream programming language. They are used mostly in Ruby language. They are one of the key features making Ruby’s design beautiful. With the facility of ‘namespacing’ and ‘mixin’ modules make Ruby more flexible Object Oriented Programming language. They also make the application highly secure as classes and their objects inherit from modules and modules are having ‘mixins’.

Planning something with RoR? We would love to get in touch with you.

Why Ruby is Getting Popular Among Languages?

Posted on by Jay

Ruby is an object-oriented programming language, and it tries to keep things simple to boost productivity. Yukihiro Matsumoto from Japan has design this Framework in the year 1995. With time, Ruby has gained a wide reputation in the Internet World and adopted by many programmers. It is also known as a developer’s best friend. With Ruby on Rails Framework, more efficient and fast web applications are developed and the numbers are increasing. The latest stable release is version 2.2.2.

The developer considers the advantages and extra features of this language when choosing this programming language. As being Opensource, developer can modify the codes and share it with others. The Framework has a rich library support which is very helpful in optimizing the code.

Never miss an update from us. Join 10,000+ marketers and leaders.

Ruby is a High Level Programming language and it uses a strong abstraction of a computer. Its syntax is more like a natural language which is very easy to understand.

It’s Your Turn To Make Things Better With Ruby

Ruby on Rails is now hot in the market as it does provide the most productive way to build Web based apps. Minimizes the code, adding effective time management as it’s the most crucial perspective in today’s market.

At Andolasoft, we help you to build custom software that can help your business differentiate itself from others and provide a deep competitive advantage through data collection, visualization, and distribution at the edges of your organization. Ruby on Rails makes these type of software development economical.

The facts we have shown above would have made you aware and upgrade your knowledge about The Language. We are sure this article will be of help.

We welcome your comments. Please Visit Andolasoft’s Ruby on Rails Service for more information and details. You can also write to us at info@andolasoft.com. Send us your inputs in under the comments section below and don’t forget to share with your family ‘n’ friends!