nimmy – redpanthers.co / Red Panthers - Experts in Ruby on Rails, System Design and Vue.js Sun, 06 Sep 2020 06:59:15 +0000 en-US hourly 1 https://wordpress.org/?v=5.2.7 Building a Multitenant application with Apartment gem /building-a-multitenant-application-with-apartment-gem/ Mon, 29 Apr 2019 11:28:12 +0000 https://redpanthers.co/?p=4025 ]]> Single tenancy Every customer is having their own software instance and DB and it serves for only one customer. Here, the software can be customized to meet the specific customer requirements as it is independent.

Multi-tenancy

Multitenancy implements a shared architecture where a single instance of the software application serves multiple customers. We call each customer as a tenant. Multitenancy ensures data isolation for each client. A multitenant app is easier to maintain and is economical. The core principle in multitenancy architecture approach is often misunderstood with multi-instance architectures. In multitenancy architecture, it is the single instance of the application which is being shared between multiple tenants. Hence, multi-instance architectures aren’t the same as multi-tenant architectures.

Advantages

  • Shared infrastructure lead to lower costs by sharing same power resources and software across its clients.
  • In single-tenant applications, you have to manage different sets for each client while in multitenant applications you have to monitor and provide administration for a single platform only.
  • Entire system becomes more scalable
  • Upgrading the software version and installation becomes easier for multitenant applications.
  • Easier to add new clients.
  • Configuration can be changed without touching codebase.
  • Easy maintenance

Multi-tenancy on the database layer or model layer

Multitenancy can be done on the database layer or model layer. Both solutions have pros and cons. The concept of multitenancy on database layer is creating for each user a new database or schema which is the best method to avoid data leaking to another tenant. But some applications have architecture constraints where only one database can exist in the application. The concept of multi-tenancy on the model layer is faster and easier to implement based on ActiveRecord default scopes, but also riskier. In one database, each customer is connected with his own tenanted models by the foreign key. A bug in the application can cause irreversible data leaks from one tenant to another. The two most popular Ruby Gems which allow for creating multi-tenancy in Rails are: It’s impossible to conclude a universally best solution for multi-tenancy, but Apartment gem seems most reasonable to use when we use Postgres schemas. In this blog post, we are gonna use Apartment gem to implement multitenancy in Rails application.

Using Apartment gem

Apartment gem provides tools to handle multiple tenants in our Rails application. It has a simple installation process and it basically creates tenants and to each tenant, the gem will automatically assign a new isolated schema and the creation of isolated database instances is also possible with Apartment.

Let’s create a new Rails app

rails new blog-post -d postgresql

cd blog-post

bundle exec rake db:create

Adding the Apartment gem to your Gemfile

Now open up the Gemfile in your rails app and add,

gem 'apartment'

Now generate the apartment config file,

bundle exec rails g apartment:install

This will create a config/initializers/apartment.rb file as the configuration file for us. There is a bunch of configuration stuff to use.

Create the model

For example usage, we will be creating models author and post.

bundle exec rails g model user name

bundle exec rails g model article content
Here users play the role of tenants and articles will be tenanted data. Each user must have a separate schema in Postgres database. We assume that user’s name is a valid Postgres schema name. We have to add a unique constraint to it. In the users table migration file, 
class CreateUsers < ActiveRecord::Migration[5.1]
  def change
    create_table :users do |t|
      t.string :name, null: false
    end
    add_index :users, :name, unique: true
  end
end
Also, add validation in app/models/user.rb: 
validates :name, presence: true, uniqueness: true
Then run migration: 
bundle exec rails db:migrate
In Apartment gem, each tenant should be created and deleted when the new author is created and removed. Adding Apartment methods calls in app/models/user.rb : 
class User < ApplicationRecord
  validates :name, presence: true, uniqueness: true
  after_create do |user|
    Apartment::Tenant.create(user.name)
  end
  after_destroy do |user|
    Apartment::Tenant.drop(user.name)
  end
end
This will automatically create a tenant whenever a user is created by taking the value of name field in the User model (create a Postgres schema for new the user) and remove from the database it when the user is deleted.

Specify common models

In any multitenant application, some models will be common for all the tenants and some will be tenant-specific models. In our example, Article model will belong to a tenant and the User model will be excluded from it and remain in the global (public) namespace. So we need to specify it in config/initializers/apartment.rb: 
--------------------------
Apartment.configure do |config|
# Add any models that you do not want to be multi-tenanted, but remain in the global (public) namespace.
# A typical example would be a Customer or Tenant model that stores each Tenant's information.
config.excluded_models = %w{ User }
--------------------------
Now, we have the User model as the common model.

Specify tenant names

Apartment gem needs to specify tenant names and assign them accordingly to run migrations for them and create proper tables in Postgresql schemas. In our case, we have to modify only one uncommented option below the excluded models line that we have added in the previous section in config/initializers/apartment.rb to: 
config.tenant_names = lambda { User.pluck(:name) }

Specify a middleware

To tell the application to work with subdomains,  ensure that the following line at the end of the apartment.rb file is left uncommented. 
Rails.application.config.middleware.use Apartment::Elevators::Subdomain

See it works

Finally, see how multi-tenancy in the Apartment gem works by creating two users in Rails console. 
User.create (name: 'Angel')
User.create (name: 'Sam')
This will create users and also two schemas with articles table for both of them. By default, we are in the public schema. In order to switch to a different schema we use a special Apartment method: 
Apartment::Tenant.switch!('Angel')
This will set current apartment to user named Angel. Creating some posts for this user in this tenant: 
Article.create(content: "Angel’s article")
Article.all
=> #<ActiveRecord::Relation [#<Article id: 1, content: "Angel’s article",
created_at: "2018-01-09 09:30:15", updated_at: "2018-01-09 09:30:15">]>
Now switch to the second user and show all articles: 
Apartment::Tenant.switch!('Sam')
Article.all
=> #<ActiveRecord::Relation []>
We get an empty result, see multitenancy working:) By the way, showing all users: 
User.all
=> #<ActiveRecord::Relation [#<User id: 1, name: "Angel">, #<User id: 2, name: "Sam">]>
As the User model is excluded from multi-tenancy it can be seen globally. The public schema has its own articles table, so user’s posts will not be visible in this schema. More information can be found on Github gem page, like the built-in ability of Apartment gem to switch tenants per HTTP request.

References

]]>

]]> What's new in Ruby 2.5 /whats-new-ruby-2-5/ Mon, 25 Dec 2017 08:08:56 +0000 https://redpanthers.co/?p=4219 ]]>

  • Added `Hash#transform_keys` method

    • Ruby 2.4 added the transform_values method, 2.5 completes it by adding transform_keys thus make it a perfect pair. Hash#transform_keys can change keys according to the return value of a block: 
    hash = { a: 1, b: 2 }
=> {:a=>1, :b=>2}
hash.transform_keys { |k| k.to_s }
=> {"a"=>1, "b"=>2}
hash
=> {:a=>1, :b=>2}
    transform_keys! is a destructive version: 
    hash = { a: 1, b: 2 }
=> {:a=>1, :b=>2}
hash.transform_keys! { |k| k.to_s } 
=> {"a"=>1, "b"=>2}
hash
=> {"a"=>1, "b"=>2}
    We know how many times we had to manipulate the keys of a hash. transform_keys is gonna be a game changer and going to be very compelling to be used in your legacy app. The destructive version is a just silver lining to this.

    • Array#prepend and Array#append

    Ruby 2.5 brings home two new aliases which are so much better than the two of the most used operations in the language. `Array#prepend` and `Array#append` are more programmer friendly than the conventional `Array#unshift` and `Array#push`. Ruby IS THE language which focuses on the programmers’ happiness primarily after all. 
    >> a = ["hello"]
=> ["hello"]
>> a.append "world"
=> ["hello", "world"]
>> a.prepend "Hi"
=> ["Hi", "hello", "world"]

    • Added yield_self method

    This method yields the receiver to the given block and returns the output of the last statement in the block which is somewhat similar to the tap method.The only difference is the value that is returned.yield_self method returns the output of the block but tap method returns the receiver itself. 
    "Hello".yield_self { |obj| obj + " World"}
=> "Hello World"
"Hello".tap { |obj| obj + " World" }
 => "Hello"

    • rescue/else/ensure are allowed inside do/end blocks without begin/end

    We could omit the begin/end and not need the extra wrapper for rescue/else/ensure clauses in Ruby 2.5 
    [1].each do |n|
  n / 0
rescue
  # rescue
else
  # else
ensure
  # ensure
end

    • String#delete_prefix/delete_suffix

    In Ruby 2.4 we used chomp method to remove the suffix ‘world’ from ‘HelloWorld’ and to remove prefix there is no corresponding method for chomp. The solution was to resort to a sub which is using the regular expression for such a simple task. Ruby 2.5 added new methods to take care of such tasks. Now in order to delete prefix, we can use delete_prefix and to delete suffix we could use chomp. But the method names don’t seem good. So for symmetry delete_suffix was added. 
    'HelloWorld'.delete_prefix('Hello')
=> "World" 
'HelloWorld'.delete_suffix('World')
=> "Hello"

    • Ruby 2.5 has removed top-level constant lookup

    Consider the following code in Ruby 2.4. 
    class Book;
end
class Seller;
end
 
Book::Seller
    This code works with a warning. The top-level constants are defined under Object class, and Ruby tries to look up the superclass of Book class, and eventually finds Seller under the Object class which is a superclass of Book class. But in Ruby 2.5, Ruby won’t look up superclass. So the previous code fails with an error. 
    Book::Seller
#=> NameError: uninitialized constant Book::Seller
#   Did you mean?  Seller
    Ruby 2.5 throws an error if it is unable to find constant in the specified scope.

    • New method to ERB to allow assigning the local variables from a hash

    In Ruby 2.4, we had to do hacks like following to assign local variables to ERB template. 
    require 'erb'
require 'ostruct'
 
namespace = OpenStruct.new(a: 10, b: 3)
template = 'Result: <%= a * b %>'
ERB.new(template).result(namespace.instance_eval { binding })
#=> "Result: 30"
    ERB could allow a hash instead of a binding for processing the template in Ruby 2.5 such that we could avoid hacks as above. To allow assigning the local variables from a hash we can use result_with_hash method. 
    require 'erb'
result = 'Result: <%= a * b %>'
ERB.new(result).result_with_hash(a: 10, b: 3)
#=> "Result: 30"

    • Dir.children and Dir.each_child

    ls -a command will list all files including hidden files (files with names beginning with a dot). Dir.entries  method present in Ruby 2.4 returns this output in an array. 
    Dir.entries("/home")
=> ["..", "user", "."]
    Another method Dir.foreach  iterates and yields each value from the output of ls -a command to the block. 
    Dir.foreach("/home") { |child| puts child }
..
user
.
    The output includes the directives for the current directory and parent directory which are “.” and “..”. When we want to have access only to the children files and directories, we do not need the [“.”, “..”] subarray. To overcome such issues, Ruby 2.5 introduced Dir.children. It returns the output of ls -a command without the directives for current and parent directories. 
    Dir.children("/home")
=> ["user"]
    We can use Dir.each_child method to avoid yielding current and parent directory directives while iterating. 
    Dir.each_child("/home") { |child| puts child }
user

    • Imported features from ActiveSupport library

    Over the past few years, Ruby has been merging the best features from the ActiveSupport library, into the core language. In Ruby 2.5 version, Hash#sliceHash#slice!, Hash#except, Hash#except! are such methods continuing the trend, imported from ActiveSupport. The ActiveSupport library comes bundled with the popular Ruby on Rails framework, but can also be used in isolation. It provides many extensions to Ruby’s core classes. 
    {a: 1, b: 2, c: 3}.slice(:a, :b)
#=> {:a=>1, :b=>2}
      One of the notable feature in 2.5 release was bundler packed with ruby core, but it is posponed due to some issues, See the commit

    Further changes

    NEWS for Ruby 2.5.0  news page can be referred to find other news and changes on Ruby 2.5

    References

     ]]>

    ]]>         Getting started with Faraday gem /getting-started-faraday-gem/ Thu, 16 Nov 2017 17:54:51 +0000 https://redpanthers.co/?p=4033 ]]> Client libraries help in reducing the amount of code for the application developer who is using the API, whether a REST API or any other. By adding a set of code to the application, it provides the basic things an application needs to do in order to interact with the API. This is what a client library does. Also, it may handle user authentication and authorization.

    Client libraries are developed by API developer or the community.

    There are several HTTP client libraries in Ruby such as:

    Among them, the favorite of mine is Faraday gem. Faraday has adapters for popular libraries like Net::HTTP. It is simple, flexible and supports multiple backends and embraces the concept of Rack middleware when processing the request/response cycle. Also, it’s possible to customize its behavior with middleware. We will use a connection object to start with Faraday as it’s more flexible way than a simple getrequest.

    conn = Faraday.new
response = conn.get 'http://localhost:3000/tasks'

    Using this connection object, we make HTTP requests.

    params = {:title => 'Faraday gem', :created_by => 'blog'}
conn.post('http://localhost:3000/tasks',params)

    This will POST  title = ‘Faraday gem’  and created by = ‘blog’ to http://localhost:3000/tasks. All HTTP verb methods can take an optional block that will yield aFaraday::Request object.

     conn.post do |req|
   req.url '/tasks'
   req.headers['Content-Type'] = 'application/json'
   req.body = '{"some": "content"}'
 end

    Authentication

    Basic and Token authentication are handled by Faraday::Request::BasicAuthentication and Faraday::Request::TokenAuthentication respectively. These can be added as middleware manually or through the helper methods.

    conn.basic_auth('username', 'password')
conn.token_auth('token')

    Proxies

    To specify an HTTP proxy:

    Faraday.new(:proxy => 'http://proxy.example.com:80/')

    Using a different HTTP Adapter

    Faraday provides an interface between our code and adapter. Sometimes we may want to use features that are not covered in Faraday’s interface. In such cases, we can have access to features specific to any of the adapters supported by Faraday, by passing a block when specifying the adapter to customize it. For example, you can switch to the HTTPClient adapter as below

     conn = Faraday.new do |builder|
   builder.adapter :httpclient do |client| # yields HTTPClient
     client.keep_alive_timeout = 20
   end
 end

    Like this, we can switch to any of the supported adapters. The block parameters will change based on the adapters we are using.

    Faraday::Connection object middlewares

    Faraday::Connection object has a list of middlewares, just like a Rack app. Faraday middlewares are passed as an env hash. It has request and response information.

    conn = Faraday.new
conn.builder
=> #<Faraday::RackBuilder:0x0000000155d1f0 @handlers=[Faraday::Request::UrlEncoded,
   #Faraday::Adapter::NetHttp]>

    Faraday::Builder is similar to Rack::Builder. A new Faraday::Connectionobject is initialized. It has middlewares Faraday::Request::UrlEncoded in front of an adapter Faraday::Adapter::NetHttp.  Like a Rack application, the adapter at the end of the builder chain is what actually executes the request. Middlewares are grouped into request middlewares, response middlewares, and adapters.

    Faraday.new do |builder|
  builder.request :retry
  builder.request :basic_authentication, 'login', 'pass'
  builder.response :logger
  builder.adapter :net_http
end

    Advanced Middleware Usage

    The order in which middleware is stacked in Faraday is like in Rack. The first middleware on the list wraps all others, while the last middleware is the innermost one, so that’s usually the adapter.

    conn = Faraday.new(:url => 'https://redpanthers.co/') do |builder|
  # POST/PUT params encoders:
  builder.request :multipart
  builder.request :url_encoded
  builder.adapter :net_http
end

    Middlewares stack is manipulated by the Faraday::Builder instance. Each Faraday::Connection instance has a Faraday::Builder instance.

    conn = Faraday.new
conn.builder.swap(1, Faraday::Adapter::HTTPClient)
# replace adapter
conn.builder.insert(0, MyCustomMiddleware)
# add middleware to beginning
conn.builder.delete(MyCustomMiddleware)

    Writing middleware

    Middlewares are classes that respond to call. When middleware is executing, it’s passed as an env hash that has request and response information. Middleware wrap the request/response cycle. The general interface for a middleware is:

    class CustomizedMiddleware
  def call(env)
    # do something with the request
    @app.call(env).on_complete do |env|
    # do something with the response
    end
  end
end

    All processing of the response should be done in the on-complete block. This enables middleware to work in parallel mode when many requests are occurring at the same time. After the on_complete block, env[:response] is filled in. Faraday::Response instance will be available only after `on_complete`.
    faraday-middleware  is a collection of various Faraday middlewares for Faraday-based API wrappers.
    For testing middleware, Faraday::Adapter::Test is an HTTP adapter middleware that lets you to fake responses.

    References

    ]]>

    ]]>         Get into Sentiment Analysis with Ruby /get-into-sentiment-analysis-with-ruby/ Thu, 21 Sep 2017 13:46:35 +0000 https://redpanthers.co/?p=3497 ]]> Why should I care The contemporary business world is a place where huge success and failure sit side by side. In traditional market research, business spends a huge amount to analyze customer’s opinions through continuous surveys and consultants. But nowadays social media empowers business a lot. Most the existing and potential customers are generating a treasure trove of data through Twitter, Facebook, LinkedIn and so on. Sentiment analysis is a powerful tool for mining the gold beneath the social media landslide. The goal of sentiment analysis is to identify the opinions expressed in a text.

    It seems easy, right?

    1. I’m happy to watch a new movie
    2. I hate war
    Since happy is a positive word and hate is negative, we know the sentiments in each sentence. This is the most simple situation. But what if a text contains two opinion words and one sentiment? If we assign +1 to positive word and -1 to negative word,
    • I’m happy and excited to be going to watch a new movie
    The above sentence is positive +2
    • I hate war and the violence it makes
    The text contains two negative words so it is negative -2 Now, let’s consider a text with mixed polarity. That’s, two opinion words and two sentiments What we learned is adding +1 and -1 equals 0 but here it doesn’t mean that the text is necessarily neutral.
    • Ice cream shops are doing great even when the weather is bad
    The statement is positive about ice cream shops but negative about weather condition. In general, we will say that this is a positive statement about ice cream shops. We wouldn’t say this is neutral.

    When SA turns hard

    Sometimes it’s not possible to identify the opinion by just analyzing the polarity of words. Language usage and sarcasm are some of the reasons why sentiment analysis turns hard. It’s tough to analyze mixed sentiments in a text. Sometimes it’s difficult to classify sarcastic statements as positive or negative. As a human being, we can understand what sarcasm is and how it actually makes sense. If you put this into a neural network or any machine learning framework that come up with a simple classifier to just understand the sentiment, this would fail miserably. Another point to be considered is local dialects. If you train any neural network on data about local dialects, it would invariably not understand what is trying to say. Because some of the words in local dialects may not have any sense and its tough to train anything and everything. So if you have a pre-trained model doing some sort of test on these data and then, it would completely fail. This is one of the reasons why it’s important to understand the local culture and some companies are setting up local data centers, where local sentiment is captured. Natural language has a lot of ambiguity. From the above examples, it’s clear that words make sense contextually in natural language which humans can comprehend and distinguish easily, but machines can’t. This makes Natural Language Processing one of the most difficult and interesting tasks in AI.

    Using Natural Language Processing

    • Spell check and grammar check
    • Predictive text
    • Auto summarization
    • Machine translation
    • Sentiment analysis

    Some common approaches to sentiment analysis

    Various methods in Machine learning and Natural Language Processing for sentiment analysis. Some of the most effective approaches we have today rely on the human-in-the-loop-approach: learning from the user feedback. The combination of machine-driven classification enhanced by human-in-the-loop approach increases acceptable accuracy than pure Machine Learning based systems.

    Tools & Libraries

    Python’s scientific calculation libraries such as SciPy, NumPy have strong support from the academic world. It’s a very well established library that was chosen for its expressiveness, ease-of-use.

    We too have tools……

    Much of the data that machine learning algorithms need for NLP tasks such as sentiment analysis, spam filtering all come from the web. Ruby has a web framework that is quite popular and generates massive amounts of data. While it doesn’t have the same vast academic network that Python or R has, it does have tools and has the added benefit of being easy to learn and comprehend.

    Sentimental gem

    https://github.com/7compass/sentimental Sentimental gem was introduced for simple sentiment analysis with Ruby. It implements a lexicon-based approach to extract sentiments, where the overall contextual sentiment orientation is the sum of sentiment orientation of each word(tokens). The overall sentiment of a sentence is output as positive, negative or neutral. It uses a dictionary consisting of pre-tagged lexicons. The input text is converted to tokens by the Tokenizer and is then matched for the pre-tagged lexicons in the dictionary. To classify sentiments we can set a threshold value. Values greater than the threshold is considered as positive and less than that is considered negative. The default threshold is 0.0. If a sentence has a score of 0, it is deemed “neutral”. 
    gem install sentimental
    Consider the following example 
     require "sentimental"
 analyzer = Sentimental.new
 analyzer.load_defaults
 sentiment = analyzer.sentiment 'Be the reason someone smiles today'
 score = analyzer.score 'Be the reason someone smiles today'
 puts sentiment, score
    It outputs 
    positive
0.225
    It works well for a simple sentence. Consider another example with mixed polarity. But, consider another example with mixed polarity. 
     require "sentimental"
 analyzer = Sentimental.new
 analyzer.load_defaults
 sentiment = analyzer.sentiment 'Icecream shops are doing good even at bad weather'
 score = analyzer.score 'Icecream shops are doing good even at bad weather'
 puts sentiment, score
    We get the output as 
    negative
-0.4194
    We expect a positive result here, but it failed. The overall score is determined by the sum of the scores of each opinion words. In its lexical dictionary, good is assigned a score 0.6394, bad is assigned -0.5588, and the token weather is assigned a score of -0.5. Hence the overall sentiment scores -0.4194. The gem was found to work well for simple sentences, but failed to give accurate results for sentences with mixed polarity.

    Sentimentalizer gem

    https://github.com/malavbhavsar/sentimentalizer Implements sentiment analysis in Ruby with machine learning. It’s basically training a model to use in the application. Machine learning based analysis gains more interest of researchers due to its adaptability and accuracy. It overcomes the limitation of the lexical approach of performance degradation and works well even when the dictionary size grows rapidly. 
     gem install sentimentalizer
    We need to train the engine in order to use it. 
     require "sentimentalizer"
 Sentimentalizer.setup
 class Analyzer
   def initialize
     Sentimentalizer.setup
   end
   sentiment = Sentimentalizer.analyze('I love Ruby', true)
   puts sentiment
 end
    This outputs as 
     Training analyser with +ve sentiment
 +ve sentiment training complete
 Training analyser with -ve sentiment
 -ve sentiment training complete
 {"text":"I love Ruby","probability":0.8568115588520226,"sentiment":":)"}
    Overall sentiment is positive which is indicated as 🙂 But this method faces challenges in designing classifier, availability of training data, the correct interpretation of a new phrase which is not in the training dataset.

    Classifying with Bayesian and SVM classifiers

    Basically, sentiment analysis is the classification of text. Ankusa, Eluka, Classifier, and Hoatzin are some Bayesian and SVM classifiers that can be used for sentiment analysis. Among them, Hoatzin, Classifier, and Eluka use LibSVM, a library for Support Vector Machine. Simple models work best for all. The gem Ankusa provides Naive Bayes classifier which provides more accuracy than Baseline but less than gem Eluka which implements SVM classifier.

    When we need more…

    JRuby

    Ruby is a very expressive language with excellent string processing capabilities. Also, there are excellent Java libraries for NLP and JVM is a high-performance platform with true multi-threading capabilities. JRuby allows us to leverage well-established, mature Java libraries from within your Ruby code.

    Sentiment Analysis using Tensorflow Ruby API

    https://github.com/somaticio/tensorflow.rb TensorFlow is an extraordinary open source software library for numerical computation using data flow graphs developed by researchers working on the Google Brain Team within Google’s Machine Intelligence research organization for conducting machine learning and deep neural networks research. Even though Tensorflow seems to be an overkill for simpler tasks, certainly it would be an alternate and more efficient way to analyze tweets if you have rich and high volume data. It helps to create your own sentiment classifiers to understand the large amounts of natural language in the world. In this article, we discussed the various approaches towards sentiment analysis which is a part of Natural Language Processing. We have seen that sentiment extraction and analysis can be done using supervised or unsupervised learning, sentiment lexicon-based approach or a mix of these and any of these methods can be implemented in Ruby.  

    Reference

    ]]>

    ]]>         Refactoring in Rails /refactoring-in-rails/ /refactoring-in-rails/#comments Wed, 20 Sep 2017 15:31:09 +0000 https://redpanthers.co/?p=3038 ]]> convention over configuration. Putting too much logic in the controller will eventually violate the single responsibility principle making future changes to the codebase difficult and error-prone. Refactoring the code helps for quality, clarity, and maintainability.

    When should we refactor?

    Tests usually run faster with well-isolated code. Slow running tests indicate the need of more sophisticated design. For example, each class should be concerned about one unique functionality. Also, models and controllers with too many lines of code needed to be refactored to make code DRY and clean. We can use best approaches of Object Oriented Programming to achieve this. Consider the following example of a controller where the whole logic for creation and deletion is concentrated. 
    class WebsitesController < ApplicationController
  def create
    create_website
    find_or_create_user
    fetch_rank
    redirect_to root_url
  end
  def destroy
    .........
  end
.............
  private
  def create_website
    @website = website.first_or_create
    CollectionWebsite.create(collection_id: collection_id, website_id: website.id)
    @website.fetch_meta_description
  end
  def find_or_create_user
    site_urls = user.websites.map(&:url)
    websites_count = user.websites.count
    user.update!(sites: site_urls, site_number: websites_count)
  end
  def fetch_rank
    return if website.alexaranks.any?
    FetchRankJob.perform_later(website)
  end
 end
     

    Moving a big controller’s action to service objects

    To achieve the new design, keep controllers as thin as possible and always call service objects. Controllers are a good place to have the HTTP routing, parameters parsing, authentication, calling the right service, exception catching, response formatting, and returning the right HTTP status code. A service object’s job is to hold the code for a particular bit of business logic. Calling services from controllers result in many classes each of which serves a single purpose. This helps to achieve more isolation between objects. Another important thing is that service objects should be well named to show what an application does. Extracting code from controllers/models to service objects would support single responsibility principle, which leads to better design and better unit tests. The above example can be rewritten by calling separate services for creating and deleting as shown below. This considerably reduces the number of lines of code in the controller and provides more clarity on the tasks performed. 
    class WebsitesController < ApplicationController
  def create
    Websites::Create.call(website_params, current_user)
    redirect_to root_url
  end
  ..........
  def destroy
    Websites::Delete.call(website_params, current_user)
    redirect_to root_url
  end
  ..........
  private
  def website_params
    params.require(:website).permit(:url, :collection_id)
  end
end
    Now WebsitesController looks cleaner. Service objects are callable from anywhere, like from controllers as well as other service objects, DelayedJob / Rescue / Sidekiq Jobs, Rake tasks, console, etc. In app/services folder, we create services for each controller’s actions. Prefer subdirectories for business-logic heavy domains.  For example, the file app/services/websites/create.rb will define Websites::Create while app/services/websites/delete.rb will define Websites::Delete. 
    module Websites
  class Create
    # From the controller, use it like this:
    # Websites::Create.call(params, user)
    def self.call(params, user)
      new(params, user).call
    end
    def initialize(params, user)
      @params = params
      @user = user
      @website = Website.where(url: params[:website][:url])
    end
    def call
      create_website
      find_or_create_user
      fetch_rank
    end
    private
    attr_reader :params, :user, :website
    def create_website
      @website = website.first_or_create
      CollectionWebsite.create(collection_id: collection_id, website_id: website.id)
      @website.fetch_meta_description
    end
    def find_or_create_user
      site_urls = user.websites.map(&:url)
      websites_count = user.websites.count
      user.update!(sites: site_urls, site_number: websites_count)
    end
    def fetch_rank
      return if website.alexaranks.any?
      FetchRankJob.perform_later(website)
    end
  end
end
    Designing the class for a service object is relatively straightforward, since it needs no special gems and relies on the software design skills only. When the action is complex or needs to interact with an external service, service objects are really beneficial.

    While refactoring, at each step we have to make sure that none of our tests failed.

    Partials and helpers

    Partials and helpers are the standard methods to extract reusable functionality. For larger HTML code, partials can be used to split into smaller logic parts. Partials are used for side-menu, header etc. When developing an application for the first time, I did notice the app/helpers directory but couldn’t find any use at that time. Generally, helpers are used for chunks of ruby code with minimal HTML or generating simple HTML from parameters. For example,  Once started using it, found it efficient in scenarios where we want to extract some complexity out of view and also if we want to reuse it or want to avoid it one day. This refers mostly to cases like conditionals or calculations. Consider something like this in the view: 
    <% if @user && @user.post.present? %>
  <%= @user.post %>
<% end %>
    If put it in a helper, 
    module SiteHelper
  def user_post(user)
    user.post if user && user.post.present?
  end
end
    And then in the view code, call the helper method and pass it the user as an argument. 
    <%= user_post(@user) %>
    Views are in charge of displaying information only. They are not responsible for deciding what to display. The concept of object-oriented programming paved the way for design patterns and refactoring patterns such as service objects and also decorators and presenters. Decorator patterns enable us to attach additional responsibilities to an object dynamically, without affecting other objects of same class. A presenter is a type of subpattern of the decorator pattern. The main difference between them is how they extract logic out of the view. Presenters are very close to the view layer, while decorators are some more broad concept. Anyway, try to avoid helpers and concerns as much as possible, if you want to make objects easier to test, then Plain Ruby Objects are easier to test than helpers and concerns which are tied to Rails. The presenter pattern also has the problem of making things harder to test. Because of this, I prefer to use a mix of POROs (Plain Old Ruby objects) and helpers if can’t avoid having them. Always keep the minimum amount of code in helpers and move as much logic as possible into POROs. It’s the same with concerns – try to avoid them maximum, but it’s being used in larger code bases.  

    References

        ]]>

    ]]>     /refactoring-in-rails/feed/ 1     Web Frameworks in Crystal /web-frameworks-crystal/ /web-frameworks-crystal/#comments Thu, 14 Sep 2017 18:16:07 +0000 https://redpanthers.co/?p=3199 ]]> Features
    • Native WebSocket support
    • Compiles to efficient native code
    • Statically typed => if any errors it will let you know at compile time.
    • Less memory consumption

    Web frameworks in Crystal

    Applications developed using framework are easy to maintain and upgrade at a lower cost. This article lets you get familiar with some of the most popular frameworks of Crystal. Install Crystal to get started. https://crystal-lang.org/docs/installation/index.html Create our Crystal app 
    crystal init app sample-app

    Kemal

    https://github.com/kemalcr/kemal To know the true potential of Crystal, let’s familiarise with Kemal, most popular Crystal framework. It’s a Sinatra inspired framework.

    Install Kemal

    In our app, Open in an editor and add Kemal as a dependency in the shard.yml file. To get dependencies, run 
    shards install
    This will install Kemal. This is similar to adding gems in gem file and bundle install in Rails. In the file sample-app.cr created in the src directory, substitute the following 
    require "kemal"
# Matches GET ""
get "/" do
"Hello World!"
end
Kemal.run
    In the terminal run 
    crystal run src/sample-app.cr
    We can see logs in the terminal as Kemal is ready in localhost. Using WebSockets is quite easy with Kemal. (Will be explaining it in our another blog)

    Amethyst

    https://github.com/crystal-community/amethyst Like Sinatra inspired framework Kemal for crystal, Amethyst is Rails-inspired framework for crystal which is extremely fast and flexible in application development. Installation is similar as Kemal; add as a dependency in the shard.yml file. To start using Amethyst, require it in project code. For fastest and lightweight framework in crystal we could choose Kemal or if interested in something more like Rails rather than speed Amethyst can be a better option. For controllers and to describe routes, Amethyst has a Rails-like approach. After Kemal, Amethyst is the popular framework of Crystal.

    Amber

    https://github.com/Amber-Crystal/amber Amber framework was developed inspired by Kemal, Rails, Django and other popular frameworks. Amber follows the concepts and conventions of these already successful frameworks. It implements MVC pattern, implementing ORM (Object-Relational-Model) in Crystal. To use Amber, after installing crystal, download and install amber In the terminal 
    git clone https://github.com/amber-crystal/amber.git

    cd amber

    shards install

    make
    To create new application in Amber refer to official doc https://amber-crystal.gitbooks.io/amber/content/getting-started/Installation/create-new-app.html To provide an ORM Model in Crystal add the library Granite:: ORM to your project dependencies in the shard.yml file. 
    dependencies:
  granite_orm:
    github: Amber-Crystal/granite-orm
    Amber provides WebSocket support for real-time communication which is very simple, and only requires a Socket, a Channel, and client-side interaction using javascript. Amber is inspired by Kemal, which has inbuilt WebSocket support.

    Kemalyst

    https://github.com/kemalyst/kemalyst Kemalyst is a Crystal lang framework based on Kemal. Kemalyst is also a Rails similar framework like Amber. Following the MVC pattern, Kemalyst supports MySQL, PG, and SQLite. Views are handled via kilt, generic template interface for Crystal. Kemalyst also provides support for WebSockets, jobs to perform background tasks using sidekiq.cr, the simple and efficient job processing for Crystal.

    Raze

    Refer https://github.com/samueleaton/raze for installation which is as simple as Kemal. Raze framework is a modular, light web framework for Crystal. Raze can handle approximately 120,000 requests per second, which is way more than Kemal(90,000 requests per second). Raze implements a middleware-centric design for greater modularity. Putting more logic inside reusable middlewares considerably reduces the need for route blocks. When writing routes in Raze there are two things to be noted:
    • Two matching routes that both having a block is not possible
    For example, this will fail 
    get "/hello*" do |ctx|
  do_something
end
get "/hello/raze" do |ctx|
  "hello, raze"
end
    This is where middleware is used if you want to do something before the second route. If you wanted to add a custom DoSomething middleware to your get “/hello*” route, it’s as simple as the following: 
    get "/hello*", DoSomething.new
    Now, this will work. 
    get "/hello*", DoSomething.new
get "/hello/raze" do |ctx|
  "hello, raze"
end
    • Route ambiguity order
    Raze will make sure that any matching routes are in order from most to least ambiguous. The less specific path must be defined before the more specific path as shown in the above example or else Raze will raise route exceptions.

    Limitations

    Crystal language is relatively new and therefore the community and ecosystem need more time to mature. Crystal lang is currently implemented as a single-threaded process. This means that you probably can’t max out all CPUs of your machine with just a single process. If we need scaling in the future for a real product, then Erlang or Elixir would be a much better choice than Crystal. Compared to Erlang, Golang, and Clojure, Crystal is less concurrent. Also, Crystal not supporting Windows yet is another limitation. But in Windows 10 you can (experimentally) try Crystal using Bash on Ubuntu on Windows, an experimental Bash environment running on Windows.

    Conclusion

    All these frameworks are growing rapidly and expecting further contributions. Yet there are many other frameworks such as Lattice-core, luckyframework which is in the early stages of development. Lattice-core is built on Kemal framework. All of them focusing on speed, modularity, and simplicity. None of Crystal’s frameworks are mature enough to be a full-blown web framework yet. But still, Kemal is my favorite over all other frameworks. There are more companies already using Crystal / Kemal in production now. https://github.com/crystal-lang/crystal/wiki/Used-in-production Kemal is been extremely fast and responsive by using just 1/50 of the resource. Kemal’s superb performance for Websockets and easily extensible middlewares are appreciable. Also, deploying a Kemal app on Heroku is as simple as follows: https://redpanthers.co/deploying-crystal-app-production-using-heroku

    Reference

     ]]>

    ]]>     /web-frameworks-crystal/feed/ 2     Integrating Elm with Rails /integrating-elm-rails/ Wed, 30 Aug 2017 12:51:56 +0000 https://redpanthers.co/?p=3091 ]]> Why Elm? Switching to functional programming languages makes it a better environment for multi-threaded applications. For example, immutability is a powerful functional concept that JavaScript lacks. But in Elm, once created value cannot be changed, thus making a thread-safe environment. Each thread need not worry about other threads when they act on data since these data are represented by immutable objects in Elm. While in other languages it’s hard to catch production errors, Elm offers ‘no run time exceptions’ guarantee.

    Friendly error messages

    Elm has a reputation for great error messages, being statically typed. Consider the following Elm code 
    import Html exposing(..)
view orders =
  div [] (List.mapp viewOrder orders)
viewOrder order =
  span [] (text order.name)
    Here’s an example for an error message after compiling the Elm code: This is what errors look like in the command line 
    --NAMING ERROR-----------------------------------------------------list-mapp.elm
Cannot find variable 'List.mapp' .
6| div [] (List.mapp viewOrder orders)
List does not expose 'mapp' . May be you want one of the following?
List.map
List.any
List.map2
List.map3
    • shows the line number in the code which caused the error
    • shows the actual line of code
    • lists the maximum possibilities for correct code
    If you have a nice editor with Elm language integration, these error messages can be seen as a pop-up when hovering over the line of code which causes the error. This line of code can be identified easily as it will be red underlined. To start with Elm, we don’t have to worry about the huge libraries as in case of other frameworks. Just install Elm CLI and start coding. In a JavaScript application, we are probably putting together some collection of tools as below.
    • React
    • Redux
    • npm/yarn
    • Webpack
    • Immutable.JS
    But Elm addresses these issue by providing all of them built in a single installer. JavaScript languages and browser engines are subjected to constant changes always. It’s not feasible to refactor the application accordingly. Building our application in Elm enables to get more efficient JavaScript code when newer versions of the language are released with compiler updates.

    Start with Elm

    Elm is a delightful language meant for developer happiness. When you write an Elm app, you write a number of modules in separate files and feed those files to Elm compiler. It gets compiled to JavaScript that’s ready to run the program.

    Architecture

    Whenever we write an Elm app this architecture will be following. All Elm apps in practice are structured this way. So, we start by writing an init function, whose job is to generate the initial model for our app. This is the complete model for the current state of the front end as it’s running in the browser. The second function is the view that takes the model and generates the Html interface for your web app. In React like frameworks, it lets you generate a virtual DOM. So every time front end is rendered it will calculate the entire user interface and the framework takes responsibility for efficiently updating the changes in the actual browser. Elm also has its own virtual DOM implementation that is really faster compared to React, Angular etc. As part of our interface, we will declare the events we are interested in. If the user does something like click a button, Elm will send the program a message. So we need to write a third function to handle those messages and that’s the update function. This function will take that message and the program’s existing model and put them together in order to generate the new updated model for the program. Then it feeds to the view function to generate the updated interface. This is how Elm looks like.

    Install on Rails

    Elm is officially supported in Rails 5.1 via the webpacker gem. Be sure to install yarn and Node.js first. Node.js version should be >6.4.0+ Then, to use Webpacker with Elm, 
    rails new elm-on-rails --webpack=elm
    If Rails application is already setup with webpacker, run 
    ./bin/rails webpacker:install:elm
    within the app. If it’s not setup with webpacker, add gem ‘webpacker’ to your gemfile and then install Elm. Navigate to app/javascript/packs directory.  A file named Main.elm that displays “Hello Elm!” text is generated there, along with a companion file hello_elm.js 
    #hello_elm.js
import Elm from './Main'
document.addEventListener('DOMContentLoaded', () => {
const target = document.createElement('div')
document.body.appendChild(target)
Elm.Main.embed(target)
})
    Now, we need a page to display the Elm output. We’ll create a new file app/views/application/index.html.erb in order to render the layout: Use the javascript_pack_tag helper to import hello_elm.js file: 
    <%= javascript_pack_tag "hello_elm" %>
    Add this line in application.html.erb or index.html.erb since hello_elm.js file embeds the output in the current document. Then add a default route 
    #config/routes.rb
get '/', to: 'application#index'
    Before firing up Rails server, do 
    bundle exec rails webpacker:compile
    Then run rails server and you will be seeing the “Hello Elm!” greeting.

    Immutable Data and Pure Functions

    Elm programs are made up of immutable data and pure functions. This contributes to the simplicity of the language. In Ruby, if I say, 
    user.update(params)
    Calling an update method will change that user object in place. The initial value in user object is gone now if we do not have a copy of it before method call. In the same controller, 
    new_hash = hash.merge(params)
    Calling hash.merge doesn’t modify the hash in place but returns a new_hash with updates applied to it. The above examples are two different APIs designed in different ways. This can be confusing to beginners if they find it difficult to understand why different functions work in different ways. But it’s not an issue in Elm as its values are immutable. In Elm, 
    newUser = update params user
    user object can be passed to update function but that can’t change its value; it’s immutable. What we can do is to create a new value with some changes applied to it. Thus, the update function will return the newly updated user. That’s just how all Elm functions work, so there’s little situation of confusion as explained first. The update function we explained in Ruby can have side effects. It brings changes to the database. If a function does nothing but provides the same return value based on its arguments, then only it can be called side-effect-free. The function should not make any impact on anything else; that’s pure function in terms of functional programming. Elm functions cannot have side effects because all Elm functions are pure functions – a strong reason why Elm defined as a functional programming language. The only thing the functions do in Elm is calculating its return value by the arguments that we passed to and constants. They cannot have side effects. The advantage is that we get more predictable programs.

    Elm Platform

    To develop our Elm applications, four tools will be essential.
    • elm-repl
    To quickly execute a small piece of Elm code from the command line without having to create a file. To start using the REPL, execute elm-repl in the terminal.
    • elm-reactor
    Creates a server that will compile your elm code and will be able to see the result directly on the browser. Also, we can set a different port and custom address. 
    elm-reactor -a 0.0.0.0 -p 3000
    • elm-make
    We can use elm-make to translate the Elm code to native files for the web(HTML, CSS, and JavaScript)
    • elm-package
    Tool to install and publish Elm packages. Type elm-package in your command line to make it available, and to install a package: 
    elm-package install <package-name>
    Elm having a solid architecture enables to build our projects with a guarantee that we have things under control even when application increases in complexity.  

    References

     ]]>

    ]]>         Managing threads with Queue and SizedQueue /managing-threads-queue-sizedqueue/ /managing-threads-queue-sizedqueue/#comments Tue, 22 Aug 2017 12:36:00 +0000 https://redpanthers.co/?p=3081 ]]>

    Threads in Ruby

    To make our applications do multiple things faster at the same time, we can use Ruby threads. For a long-running application, re-using a pool of such threads can provide great performance benefits. Thread pool is a way to have a fixed set of threads doing the work, instead of creating new ones each time. Considering a simple program as below, we realize the importance of threads. 
    def add_elements(group)
  sleep(4)
  sum = 0
  group.each do |item|
    sum += item
  end
  sum
end
@group1 = [22, 44, 55]
@group2 = [45, 59, 72]
@group3 = [99, 22, 33]
puts "sum of group1 = #{add_elements(@group1)}"
puts "sum of group2 = #{add_elements(@group2)}"
puts "sum of group3 = #{add_elements(@group3)}"
    You will get the sum of each array as output but the sleep(4) instruction will pause execution for 4 seconds and then continue. Thus, group1 will get the sum after 4 seconds, group2 after 8 seconds and so on, which is not feasible. In such cases, it is more economical to have threads, since we can have the sum of each array calculated independently. Threads allow us to execute different parts of our program independently. For implementing threads, after initializing each array, 
    threads = (1..3).map do |c|
  Thread.new(c) do |c|
    groups = instance_variable_get("@groups#{element}")
    puts "groups#{element} = #{add_element(groups)}"
  end
end
threads.each {|t| t.join}
    The add_element method definition is same but we wrapped method call in a Thread.new block. Now, instead of getting the sum of each array after 4 seconds, 8 seconds and 12 seconds respectively, you will get the sum of all arrays after 4 seconds. This indicates better performance and efficiency which is the power of threads.

    Queue for managing threads

    To safely exchange information between threads, we can use Queue in the standard library. The tasks that are added first in the queue are retrieved first. PUSH and POP are the two main methods in Queue that add and retrieves an item respectively. Consider the following example. To create new queue instance, use the new() method. 
    require 'thread'
queue = Queue.new
Thread.new do
  4.times do |i|
    sleep(2)
    queue << i
    puts "Thread #{i} produced"
  end
end
    5 items are inserted into the queue. Output as follows, 
    Thread 0
Thread 1
Thread 2
Thread 3
    Now, to pop off items from queue, 
    Thread.new do
  4.times do |i|
     sleep(2)
     puts "consumed thread #{queue.pop}"
  end
end
    It produces the following output 
    Thread 0
consumed 0
Thread 1
consumed 1
Thread 2
consumed 2
Thread 3
consumed 3

    Sized queue for fixed-length queue

    The sized queue is useful in situations where the rate of production is higher than consumption. In the following example, 
    require 'thread'
queue = Queue.new
Thread.new do
  10.times do |i|
    sleep(2)
    queue << i
    puts "Thread #{i} produced"
  end
end
Thread.new do
  4.times do |i|
    sleep(2)
    puts "consumed thread #{queue.pop}"
  end
end
    We see, 10 items are produced and 4 items are consumed and remaining accumulate in the queue. This is an issue of memory wastage. Hence we rely on the sized queue. Instead of Queue.new, we use SizedQueue.new(maxvalue). The argument specifies the maximum number of items we allow to put in a queue. Modifying our example, we can save memory space. 
    require 'thread'
queue = SizedQueue.new(4)
Thread.new do
  10.times do |i|
    sleep(2)
    queue << i
    puts "Thread #{i}"
  end
end
Thread.new do
  4.times do |i|
    sleep(2)
    puts "consumed #{queue.pop}"
  end
end
    4 threads are produced and consumed. After that, the maximum limit is checked and push operation is blocked. The maximum value of our sized queue is 4 here, so after that push, the operation is not allowed, even though the loop is for 10 times. Output: 
    Thread 0 produced 
consumed thread 0
Thread 1 produced 
consumed thread 1
Thread 2 produced 
consumed thread 2
Thread 3 produced 
consumed thread 3
Thread 4 produced 
Thread 5 produced 
Thread 6 produced 
Thread 7 produced
      To conclude, we can say that while Queue can be used to safely exchange information between threads, SizedQueue helps to overcome the problem with the queue as mentioned above.

    References

     ]]>

    ]]>     /managing-threads-queue-sizedqueue/feed/ 3     Authorization with Pundit gem /authorization-with-pundit-gem/ /authorization-with-pundit-gem/#comments Mon, 12 Jun 2017 10:55:09 +0000 https://redpanthers.co/?p=2636 ]]> Who are you?) and Authorization (are you supposed to be here?). Authentication verifies the user’s identity while authorization verifies whether that user has access rights on certain resources to perform actions on them. Two popular gems for authorization in the rails world are CanCanCan and Pundit, we at Red Panthers prefers pundit over CanCanCan we get to write Pure Ruby Objects and keep the logic for each part separate. The gem CanCanCan isolates (encourages) all authorization logic into a single class. It is a drawback when the complexity of application increases. Pundit gem provides object oriented design patterns to build our own authorization system that meets project’s requirements. It enables us to keep the models and controllers free from authorization code and allows to keep the resource logic separately. This flexibility and simplicity of Pundit gem help to use it with ease.

    To start with Pundit

    Add Pundit gem to your gem file and run bundle install. 
    gem 'pundit'
    Integrate Pundit to Rails application by adding the following line to ApplicationController. 
    include Pundit
    If you run the Pundit’s generator as below, it will generate app/policies folder which contains application_policy.rb by default. 
    rails g pundit:install
    Then restart the Rails server. Base class policy looks like 
    #app/policies/application_policy.rb
class ApplicationPolicy
  attr_reader :user, :record
  def initialize(user, record)
    @user = user
    @record = record
  end
  #............
  def destroy?
    false
  end
  def scope
    Pundit.policy_scope!(user, record.class)
  end
  class Scope
    attr_reader :user, :scope
    def initialize(user, scope)
      @user = user
      @scope = scope
    end
    def resolve
      scope
    end
  end
end

    Create policies

    Policy classes are the core of Pundit. In the app/policies folder, we can write our own policies. Each policy is a Ruby class. Each policy class should be named after a model they belong to, followed by the word Policy. For example, use CollectionPolicy for Collection model. Pundit can also be used without an associated model. Pundit uses the current_user method to get the first argument in initialize method in ApplicationPolicy. But if current_user is not the method that should be invoked by Pundit, simply define a method in your controller. 
    def pundit_user
  User.find_by_other_means
end
    Logically, Pundit can be used outside controllers, for example, in custom services or in views. Consider the following example. In User model, 
    class User < ApplicationRecord  
  has_many :collections, dependent: :destroy
end
    In Collection model, 
    class Collection < ApplicationRecord  
  belongs_to :user
end
    A collection should be able to be deleted only by the user who created it. So, let’s start by creating a new file collection_policy.rb in app/policies  that will store our policies that are specific to collections. In this file, we define a class that inherits from the ApplicationPolicy class and we will integrate delete method for managing permissions for the delete action . 
    #app/policies/collection_policy.rb
class CollectionPolicy < ApplicationPolicy
  def destroy?
    record.user == user
  end
end
    In our CollectionPolicy class we are overriding the delete? method originally declared in the ApplicationPolicy. There it simply returns false. We can override the methods in ApplicationPolicy class with our unique requirements since it’s intended to give a structure only. 
    record.user == user
    This states that, the only user that should be able to delete a collection is the user that created it. We can refactor this into their own method since it’s a better approach if other authorized users are needed to be added in future so that changes can be made easily in a single method instead of having to make the same changes in multiple places. This is very explicit, clearly describing the intent of the program flow. Definitely, we won’t be wondering, from where these record and user attributes are coming from. In ApplicationPolicy class we can see that they are set as read only attributes representing the object that we are adding authorization to, such as collection in our app and then the user. This is an instance of Pundit providing easy access to the items that we want to add authorization. If we add another policy class like CollectionPolicy then also we will be able to use very similar code like we are working with collections. Now let’s move to CollectionsController . By using Pundit policies, a proper permission structure can be integrated to the delete action, which earlier had no protection from unauthorized HTTP requests. 
    class CollectionsController < ApplicationController
  protect_from_forgery
  def create
    Collections::Create.call(collection_params, current_user)
    redirect_to root_url
  end
  def destroy
    collection = Collection.find(params[:id])
    authorize(collection, :destroy?)
    Collections::Delete.call(collection, current_user)
    redirect_to root_url
  end
  private
  def collection_params
    params.require(:collection).permit(:name)
  end
end
    The authorize method automatically assumes that Collection will have a corresponding CollectionPolicy class, and instantiates this class. It should call destroy? method on this instance of the policy. Passing a second argument to authorize method is optional here. It infers from the action name that it should call destroy? method on this instance of the policy. But second argument should be passed if it doesn’t match the action name.

    Policy without a corresponding model

    We can create ‘headless’ policies that are not tied to any specific model. Such policies can be retrieved by passing a symbol. 
    # app/policies/website_policy.rb
class WebsitePolicy < Struct.new(:user, :website)
  # ...
end
    # In controllers
authorize :website, :show?
    # In views
<% if policy(:website).show? %>
  <%= link_to 'Website', website_path %>
<% end %>
    Here a model or class named Website doesn’t exist. So WebsitePolicy is retrieved by passing a symbol. This is a headless policy.

    Pundit scopes

    In application_policy.rb, there is a scope class defined. It implements a method called resolve for filtering. We can inherit it from a base class and implement our own resolve method. In this example a scope is setup to allow users to view websites only if they have a link through collections. Let’s consider three models: User, Website, and Collection Collection belongs to User. In WebsitePolicy, 
    class Scope < Scope
  def resolve
    if user.admin?
      scope.all
    else
      scope.where(:company_id => user.collections.select(:website_id))
    end
  end
end
    In the websites_controller, 
    def index
  @websites = policy_scope(Website.includes(:company).all)
  authorize @websites
end
    Now we see only the websites where we have a collection.

    Exception handling

    By default, Pundit raises an exception when users attempt to access that which they are not authorized to. This situation can be handled in ApplicationController. 
    class ApplicationController < ActionController::Base
  include Pundit
  protect_from_forgery with: :exception
  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
  def user_not_authorized
    flash[:alert] = 'You are not authorized to perform this action.'
    redirect_back(fallback_location: root_path)
 end
end
    We need to rescue the Pundit::NotAuthorizedError exception with a suitable method that tells how to handle it.

    Why Pundit?

    • Well suited to the service oriented architecture that’s popular for large Rails applications
    • Keep controllers skinny
    • Pundit policy objects are lightweight, adding authorization logic without as much overhead as CanCanCan
    • Emphasizes object-oriented design with discrete Ruby objects providing specialized services
    Therefore, as an application grows in complexity it’s always better to prefer Pundit for authorization.

    References

     ]]>

    ]]>     /authorization-with-pundit-gem/feed/ 6     Taking screenshots of webpages using Ruby /screenshots-using-ruby/ /screenshots-using-ruby/#comments Mon, 01 May 2017 10:48:00 +0000 https://redpanthers.co/?p=2373 ]]>
  • PhantomJS
  • Screencap gem
  • Webshot gem
    • Screencap and webshot are gems in Ruby that depends on a tool called PhantomJS. It is basically a web browser without a user interface, primarily used for testing websites. Such type of browsers are generally referred to as headless browsers,

    Screenshots with PhantomJS

    PhantomJS is quite easy to install and is multiplatform, available on major operating systems. 
    gem install phantomjs
    To start, our script must require a reference to the webpage module then use it to create an instance: 
    var instance = require('webpage').create();
    Use the instance.open() method and pass it the arguments, the url of the webpage that we want to capture screenshot. 
    instance.open('http://redpanthers.co/', function() {
instance.render('screenshot-phantom.png');
phantom.exit();
});
    instance.render() method captures the screenshot and saves it to the file specified in the argument. Run the script as, 
    phantomjs filename.js
    Screenshot is saved in the  directory where we run the script. Now what we have above is all JavaScript, but to use the phantom JS in our rails application we have gems that provide us with an easy interface to acheive the same.

    Screencap gem

    The gem ‘screencap’ is introduced in Ruby to make screenshot capture easy. However, the gem depends on  ‘PhantomJS’, so we need to have PhantomJS installed on machine to capture screenshots with screencap gem. But screencap does not work with PhantomJS 2.1.1, which is the latest version. So we need to install version 1.9.8 
    gem install phantomjs -v 1.9.8
    check version 
    phantomjs --version
    To install screencap gem in your application, add this line to gemfile 
    gem 'screencap'
    Or install it as 
    gem install screencap

    Usage

    To capture screenshot with screencap 
    require 'screencap'
screenshot = Screencap::Fetcher.new(<url>)
image = screenshot.fetch
    • Fetcher class accepts url of the website to take screenshot.
    • Screenshot is taken when fetch method is called.
    • Also, fetch method supports various optional parameters to specify the area to capture the screenshot.
    • We can specify where to store the screenshot captured, as shown below.
    image = obj.fetch(
 output: '~/folder/file-name.png',
 # dimensions for taking screenshot of specific area
  width: 1024,
 height: 768
 )

    Example

    require 'screencap'
screenshot = Screencap::Fetcher.new('http://redpanthers.co/')
image = screenshot.fetch(output: '~/screencap/screencap.png',
                                   width: 300,
                                  height: 500)
    Our screenshot is captured in screencap.png

    Webshot gem

    Webshot is another gem introduced in ruby to capture screenshots, also depends on PhantomJS. For better experience, use latest version of PhantomJS. Webshot works with latest version of PhantomJS while screencap gem does not. Install PhantomJS latest version. To install webshot in your application, 
    gem 'webshot'
    Or install as 
    gem install webshot

    Usage

    require 'webshot'
screenshot = Webshot::Screenshot.instance
screenshot.capture "https://github.com/", "image.png", width: 1024, height: 800
    Provide url of the web page and file name where screenshot to be saved. Height and width can be given as optional parameters for taking screenshot with specified dimensions. Above code captures github’s home page in file image.png In all the above methods, we capture screenshots of a particular web page by passing its url. Also we can infer that screencap gem, even though efficiently takes screenshots, does not work for latest version of PhantomJS. This was an issue encountered while working with gem screencap as installing PhantomJS without specifying the version would install the latest version by default. So, choose gem webshot if you want to go ahead with the latest version of PhantomJS.

    References

    ]]>

    ]]>     /screenshots-using-ruby/feed/ 2