Beginners – redpanthers.co / Red Panthers - Experts in Ruby on Rails, System Design and Vue.js Mon, 23 Oct 2017 04:33:07 +0000 en-US hourly 1 https://wordpress.org/?v=5.2.7 Getting start with React Native /getting-start-with-react-native/ Mon, 23 Oct 2017 04:33:07 +0000 https://redpanthers.co/?p=3660 ]]> React Native lets you build mobile apps using only JavaScript. A React Native app is a real mobile app. It uses the same design as React, letting you compose a rich mobile UI from declarative components.

Installation

Using Create React Native App we can start building a new React Native application easily. It allows you to start a project without installing or configuring any tools to build native code – no Xcode or Android Studio installation required. Assuming that you have Node installed, you can use npm to install the create-react-native-app command-line utility: 
$ npm install -g create-react-native-app
Try creating a new project:- 
$ npm i -g create-react-native-app
$ create-react-native-app my-project
$ cd my-project
$ npm start
This will start a development server for you, and print a QR code in your terminal. To run your app, Install the Expo client app on your iOS or Android phone and connect to the same wireless network as your computer. Using the Expo app, scan the QR code from your terminal to open your project.

Basic App

In the App.js file you can see:- 
import React, { Component } from 'react';
import { StyleSheet, Text, View } from 'react-native';
export default class App extends Component {
  render() {
    return (
      <Text>Hello world!</Text>
    );
  }
}
importfromclassextends, and the () => syntax in the example above are all ES2015 (also known as ES6)  features. The unusual thing in this code example is.<Text>Hello world!</Text> This is JSX – a syntax for embedding XML within JavaScript. <Text> is a built-in component that just displays some text. This code is defining, App a new Component . Anything you see on the screen is some sort of component. A component can be pretty simple – the only thing that’s required is a render function which returns some JSX to render. You can also write style in App.js file. 
const styles = StyleSheet.create({
  container: {
    flex: 1,
    backgroundColor: '#4286f4',
    alignItems: 'center',
    justifyContent: 'center',
  },
});
To modify your app, you can edit App.js file. The application should reload automatically once you save your changes.

Create React Native App

Create React Native App makes it really easy to run your React Native app on a physical device without setting up a development environment. If you want to run your app on the iOS Simulator or an Android Virtual Device, please refer to the instructions for building projects with native code to learn how to install Xcode and set up your Android development environment. Once you’ve set these up, you can launch your app on an Android Virtual Device by running, npm run android or on the iOS Simulator by running npm run ios (macOS only).

Pros

  • JavaScript − You can use the existing JavaScript knowledge to build native mobile apps.
  • Community − The community around React and React Native is large, and you will be able to find any answer you need.
  • Code sharing − You can share most of your code on different platforms.

Cons

  • Native Components − If you want to create a native functionality which is not created yet, you will need to write some platform specific code.
React Native is focused solely on building a mobile UI. Compared with JavaScript frameworks like AngularJS or MeteorJS, React Native is UI-focused, making it more like a JavaScript library than a framework. The resulting UI is highly responsive and feels fluid thanks to asynchronous JavaScript interactions with the native environment. This means the app will have quicker load times than a typical hybrid app, and a smoother feel.

Reference

https://facebook.github.io/react-native/blog/2017/03/13/introducing-create-react-native-app.html https://facebook.github.io/react-native/docs/tutorial.html#content]]>

]]> Observer Design Pattern in Ruby /observer-design-pattern-ruby/ Mon, 16 Oct 2017 10:24:44 +0000 https://redpanthers.co/?p=1264 ]]> model-view-controller architectural pattern. In a traditional MVC ( Model-View-Controller ) architecture, a model is a subject and a view is an observer. A view is notified when a model changes and responds accordingly. When the subject sends observers detailed information about what has changed, indiscriminately, this is known as the push model of the Observer pattern. When a subject sends only minimal information to its observers must ask for details explicitly, this is known as the pull model of the Observer pattern. Observer Design Pattern Ruby provides a simple mechanism to implement this design pattern using the Observable module. In this mechanism, the Notifier class uses the Observable module, which provides the methods for managing the associated observer objects. The observable object must:
  • assert that it has #changed
  • call #notify_observers
An observer subscribes to updates using #add_observer, which also specifies the method called via notify observers. The default method for notify observers is update.

Public Instance Methods

Instance methods are methods that are called on an instance of a class. We can use the below methods while using Observer instances.
  • add_observer(observer, func=:update)

Adds observer as an observer on this object, so that it will receive notifications.

  • changed(state=true)

Set the changed state of this object. Notifications will be sent only if the changed state is true.

  • changed?()

Returns true if this object’s state has been changed since the last notify_observers call.

  • count_observers()

Return the number of observers associated with this object.

  • delete_observer(observer)

Remove observer as an observer on this object so that it will no longer receive notifications.

  • delete_observers()

Remove all observers associated with this object.

  • notify_observers(*arg)
Notify observers of a change in state if this object’s changed state is true.

How it works

First, we have to create a basic structure of the Notifier class which will act as an Observer. The update() method is the callback that the Observable module will use when notifying changes to the observer, and the method name needs to be update(). Let’s take an example of an application which keeps track of the bike mileage and reminds us of when we need to take the vehicle in for a scheduled bike service. 
require 'observer'
class Bike
  include Observable
  attr_reader :mileage,:service
  def initialize(mileage =0, service = 3000)
    @mileage,@service = mileage, service
    add_observer(Notifier.new)
  end
  def log(miles)
    @mileage += miles
    notify_observers(self, miles)
  end
end
Next, write the update method in Notifier class 
class Notifier
  def update(bike, miles)
    puts "The bike has logged #{miles} miles, totaling #{bike.mileage} miles traveled."
    puts "The bike needs to be taken in for a service!" if bike.service <= bike.mileage
  end
end

By running the code we can see

bike = Bike.new(2300, 3000)
bike.log(100)
=> "The bike has logged 100 miles, totaling 2400 miles traveled."
bike.log(600)
=> "The bike has logged 300 miles, totaling 3000 miles traveled."
=> "The bike needs to be taken in for service!"

First, we create an instance of the Bike class with 2300 miles, and we set that it needs to be taken for service when it reaches 3000 miles.

I hope this example helps you understand ruby observer design pattern better.

Let me know in comments if you have any doubts or any implementation issues you have been facing recently. Thanks for reading!

References

]]>

]]> Getting started with Angular 4 /getting-started-with-angular-4/ Tue, 19 Sep 2017 11:42:19 +0000 https://redpanthers.co/?p=3253 ]]> Angular is a most popular platform for building applications with the web. Angular empowers developers to build applications that live on the web, mobile, or the desktop. The AngularCLI is a command line interface tool that can create a project, add files, and perform a variety of ongoing development tasks such as testing, bundling, and deployment. As compared to the older versions of Angular, there are many new things added to the list. Not only new features but also some twists are there that enhance old features. Forget Angular 3, Google jumps straight to Angular 4 after Angular 2. Angular4 applications are much faster and less space consuming.  Angular4 is compatible with TypeScript’s newer versions 2.1 and 2.2. Components are the basic building blocks of your application. Every component has an associated template, style sheet, and a class with logic.

Prerequisites

1. NodeJS ( 6.x.x or greater ) 2. npm (3.x.x or greater )

Installation

1. You have to install AngularCLI globally. 
npm install -g @angular/cli
2. Create a new project. 
ng new my-app
3. To serve the application, get into the project repo and run : 
cd my-app
ng serve --open
For launching our server and for rebuilding our app when there are any changes we are using “ng serve”. When using “–open” or “–o”, it will open in “http://localhost:4200/” automatically.

And that’s it!

Your basic app is ready!

What’s New In Angular 4

Router ParamMap

In the previous versions, we were using a simple key-value object for storing route parameters. But in Angular4, it is possible to query a so-called ParamMap in the router, that is a request for the route- and query parameter assigned to a route. 
class MyComponent {
 sessionId: Observable<string>;
 constructor(private route: ActivatedRoute) {}
 ngOnInit() {
   this.sessionId = this.route
     .queryParams
     .map(params => params['session_id'] || 'None');
 }
}
Now, we can run them as simple method calls (parameterMap.get(‘parameter-name’)). 
class MyComponent {
 sessionId: Observable<string>;
 constructor(private route: ActivatedRoute) {}
 ngOnInit() {
   this.sessionId = this.route
     .queryParamMap
     .map(paramMap => paramMap.get('session_id') || 'None');
 }
}
The parameters are also available as a map. This brings advantage in terms of type security. The old key-value structure is unsafe since it can take all possible values. In the map, the parameter value is either string or array of strings depending upon the method used. Hence it is safe.

Animation Package

All the functions of animation were provided in @angular/core module. So it was always there with our application even if we didn’t use it and many unnecessary bundles were created. To avoid this, these functions have been put into its own packages.  So that this extra code will not end up in your production bundles if you didn’t use that. We can add animations ourselves in the main NgModule by importing BrowserAnimationsModule from @angular/platform-browser/animations.

Improved *ngIf and *ngFor

It’s now also possible to use an else syntax in your templates. In the else-case, a separately referenced template is used in place of the element marked with *ngIf. Another addition to the template syntax is the as keyword, to simplify the let syntax. We can store the result in a variable of the template so that we can use it in the element.

TypeScript 2.1 & 2.2 compatibility

Version 4 is compatible with these new versions of TypeScript. This will improve the speed of ngc and give better type checking in your application.

Universal

With Angular Universal, we can do the server side rendering. It was maintained by the community until now, but after this release, it’s now an official Angular project.

Conclusion

The new release brings some good features and a really great improvement of the generated code size, for the price of very few breaking changes that should not impact you a lot and also makes the migration quite smooth. So Angular 4 is here and it’s time to learn one of the most popular and powerful javascript frameworks.

References

https://angular.io/ https://jaxenter.com/angular-4-top-features-133165.html https://coursetro.com/courses/12/Learn-Angular-4-from-Scratch Happy Coding!!]]>

]]> Rails Generators /rails-generators/ Mon, 18 Sep 2017 17:27:20 +0000 https://redpanthers.co/?p=1441 ]]> rails generate(or rails g) by itself gives a list of available generators: 
$ rails generate
Usage: rails generate GENERATOR [args] [options]
...........
Rails:
assets
channel
controller
generator
helper
integration_test
jbuilder
job
mailer
migration
model
resource
responders_controller
scaffold
scaffold_controller
task
.............
The main generators that rails offers are:
  • controller: The Rails controller coordinates the interaction between the user, the views, and the model.
  • helper: Code in helpers is included in the corresponding view. We can move big loops, method calls or other logic into a method in the helper.
  • mailer: It allows for sending and receiving emails from and to your application.
  • migration: Rails Migration allows you to use Ruby to define changes to your database schema.
  • model: It is Ruby class that talk to the database, store and validate data, perform the business logic.
  • scaffold: It refers to the auto-generation of a simple set of a model, views and controller usually for a single table.
Following is the list of options, which can be used along with generators:

-h, [–help] # Print generator’s options and usage -p, [–pretend] # Run but do not make any changes -f, [–force] # Overwrite files that already exist -s, [–skip] # Skip files that already exist -q, [–quiet] # Suppress status output

Generators

You can create different generators by running rails g in the terminal. Let’s have a look at each of them.
  • rails generate model ModellName

It generates the model and the associated database table. For example, we can add a new model to the app called User with fields name and age as,

Eg:  rails g model User name: string age: integer

  • rails generate controller ListController show edit

It generates controller. It is used if you are creating static views or non-CRUD related features. Let’s create a user controller that will manage the data flow and view for each users.

Eg:  rails g controller users

  • rails generate scaffold ModelName ControllerName

Generates Scaffold. Let’s create a scaffold User with edit and view actions.

Eg:  rails g scaffold User edit view

  • rails generate migration AddNewTable

Generates Table to migrate. We can create migration for adding a table as

Eg:  rails g migration User

  • rails generate plugin PluginName

Generates Plugin.

Eg:  rails g plugin rails_plugin

  • rails generate integration_test TestName

Generates Integration Test.

Eg:  rails generate integration_test User

  • rails generate session_migration

Generates Session Migration.

Creating Generators with Generators

Generators themselves have a generator: 
$ rails generate generator initializer
 create lib/generators/initializer
 create lib/generators/initializer/initializer_generator.rb
 create lib/generators/initializer/USAGE
 create lib/generators/initializer/templates
This is the generator just created: 
class InitializerGenerator < Rails::Generators::NamedBase
  source_root File.expand_path("../templates", __FILE__)
end

First, notice that we are inheriting from Rails::Generators::NamedBase instead of Rails::Generators::Base. This means that our generator expects at least one argument, which will be the name of the initializer.

Customizing Rails generators

We can customize it in, config/application.rb 
config.generators do |g|
  g.orm :active_record
  g.template_engine :erb
  g.test_framework :test_unit, fixture: false
  g.stylesheets false
  g.javascripts false
end
So by doing the above steps will stop generating stylesheet, JavaScript, and test fixture files. We can avoid generation of unwanted files from doing these steps. I hope this article help you in some way to know about rails generators.

References

]]>

]]> Getting Started with Vue.js /getting-started-vuejs/ Mon, 28 Aug 2017 12:54:43 +0000 https://redpanthers.co/?p=2011 ]]> Vue.js

What is Vue.js?

Vue.js is yet another JavaScript framework getting popular considering its simplicity praised a lot these days. There are a lot of JavaScript frameworks among which React and Angular are popular among web developers. Vue.js pronounced as “view.js”  is a much flexible and less opinionated framework than Angular. It’s similar to React but much simpler. Vue.js gives you more freedom in designing your app, unlike Angular. So that you are not forced to do everything in their way. It can be adapted very easily to your existing application. You don’t need to know JSX, unlike React. All you have to do is to drop the link into your HTML page header and you are up and ready.

Overview

This is the basic folder structure.

– index.html

This is the main HTML template for your application. You can link your static assets inside the head tag while your processed assets will be auto injected in the body.

– src/router/index.js

This is the file which initiates vue-router with the given components.

– src/App.vue

This is the application’s main Vue.js component which is basically just a wrapper for vue-router.

– src/main.js

This is the application entry file where you initiate your Vue.js application with a router, store and the main App.vue component.

– src/components/Hello.vue

This file represents a sample Vue.js component which will be used by the vue-router. Please note that Hello module’s state is being used in here.

Getting Started

The simplest way is to include this in your file. You can also download the Vue file and add it in a script tag, or else install it with NPM. It also provides an official CLI called the Vue-cli. You can find more details in the Vue.js Installation Guide. Let’s compare simple JavaScript with a VueJS instance. This is what we do when we want to manipulate the text for some element. For the last couple of years, I was writing code like this for a living. But what if the ‘.element’ get renamed. Your whole JS will break. The binding is broken. We can overcome this in Vue. The Vue instance referenced to an element ‘.app’. This is the entry point. Even if the class of the span object is changed it won’t affect the message being displayed.Vue.js also supports Loops, Two-way binding, Components,  Event Listeners like React. If you want to learnVue.js there’s no better document than the Vue.js  Guide. You can see a demo Here.

Why Vue.js?

Let’s talk about why we can use Vue.js.  Both React and Vue.js use Virtual DOM and the use of components. But in React if a component’s state is changed. It re-renders the entire component sub-tree. In Vue.js, the component’s dependencies are automatically tracked during render, so the system knows which component needs to be changed when the state is changed. Unlike React you don’t need to write everything in JavaScript. Vue.js supports the use of both JSX and Template rendering. If the HTML is valid, then it is a valid Vue template. We can give access to CSS within a single-file-component by adding a ‘scoped’ attribute to the style tag which scopes CSS only for that particular component. Comparing Vue with AngularJS, both have similar syntax. But Vue is much simpler in terms of API and design. There are many opinions to structure an Angular application but Vue is a more flexible, modular solution by setting up web pack template. In Vue, we use one-way data-flow between components that make the flow of data easier but in angular, it’s two-way binding between scopes. There are a lot of confusions between directives and components in Angular but in Vue, components are self-contained units with own view and data logic and directives are used for DOM manipulations only. Vue doesn’t use dirty checking so it’s much easier to optimize and has better performance. Since there are a lot of watchers in Angular, when anything in scope changes, all the watchers should re-evaluate again. So Angular becomes slow. Vue.js performs better than EmberJs since it automatically batches updates but in Ember, we need to manually manage run loops. For computed properties in Ember, we have to declare it manually and need to wrap everything in Ember Objects. But in Vue, it’s in Javascript Objects and fully automatic.

Advantages

1. Simplicity

Vue has a good combination of structure and simplicity. Adding Vue.js to your web project can be very simple. It needs external libraries, but tend to use it with or without jQuery. The code is easily understandable about the working of Vue code.

2. Reactivity

The variables in Vue.js are reactive. At each point, when the variables change, it will automatically inform their peers. Data properties, like message in this example, are reactive, that is they will trigger a re-render if changed.  The v-html attribute will render HTML templates. You can see the demo here.

3. Focus

Vue.js is mainly used for building user interfaces and this is achieved by a library that does not have any influence from the frameworks out there already. Supporting libraries are integrated with Vue.

4. Flexibility

Vue.js comes with perfect balance to write quickly and run straight from the browser. With that said, it is extremely good if you would like to create any practical app using with ES6, separate component files, JSX, building, routing etc. For example, if you have a preferred method for writing your templates, Vue lets you do it in any of these ways:
  • Write your template in an HTML file
  • Write your template in a string in a Javascript file
  • Use JSX in a Javascript file
  • Make your template in pure Javascript using virtual nodes
This flexibility makes it easy to switch to Vue.

5. Components

Actually, this is where Vue’s flexibility system is built, so that components can be small and are reusable parts of UI. This isn’t any special because the of JavaScript frameworks are built with this concept. Which will render, So, the components can be used in templates as elements.

 6. Copying competitors

Vue has been able to copy what works in other frameworks and avoid what doesn’t. Vue’s state management library Vuex has inspiration from Elm. Along with this, Vue’s components get the similarities with Polymer’s customer elements. Vue is now rocking a virtual DOM like React.

Conclusion

Vue.js is a progressively-adoptable Javascript framework which is focussed on view layer. It is easy to integrate with other applications. The main feature of Vue is Components. Vue uses HTML based templates which can compile into Virtual DOM render functions. In Vue, we can also directly write render functions using JSX.Vue.js is much simpler, flexible and has better performance than other frameworks.

References

https://vuejs.org/ https://github.com/vuejs/vue https://medium.com/@brett.marshall/vue-js-the-real-angular-2-0-62744490cb99]]>

]]> to_json vs as_json in Rails API /to_json-vs-as_json-in-rails-api/ /to_json-vs-as_json-in-rails-api/#comments Wed, 14 Jun 2017 10:58:30 +0000 https://redpanthers.co/?p=2694 ]]> to_json in Rails API Let’s discuss how we started out building our APIs using ‘to_json’. to_json will return JSON string representing the hash. Option are passed to each element. In to_json without any option,  the returned JSON string will include all the model attributes 
user = User.find(1)
user.to_json
to_json had some great options of ActiveRecord objects. We could just tell the method to only render certain attributes, or to include association or method calls. We had:
  • only – Only show column names in the output as specified in the list 
    user.to_json(:only => [ :id, :email ])
  • except – Show all column names except the ones specified in the list 
    user.to_json(:except => [:id, :username])
to_json works fine and seamlessly ok, as long as the database schema is deeply coupled with the API output.When it takes the next level where we want to render a certain attribute in json it start to break. 
render :json => { :sucess => true,
  :user => @user.to_json(:only => [:name]) }
This will start to generate a bit load to controllers. Such methods of generating json don’t feel quite right and begin to break down. This is because the to_json is interested in ‘serializing’ a database object while most of the developers try to put relevant representation for their API. Anytime to_json is called on an object, as_json is invoked to create the data structure, and then that hash is encoded as a JSON string using ActiveSupport::json.encode. This happens for all types: Object, Numeric, Data, String etc. Now the creation of the json is separated from the rendering of the json.  as_json is used to create the structure of the json as a Hash, and the rendering of that hash into JSON string is left up-to ActiveSupport::json.encode.

as_json in Rails API

as_json Returns a hash representing the model. Like in to_json, option are passed to each element in as_json. The option include_root_in_json controls the top-level behavior of as_json. If true, as_json will emit a single root node named after the object’s type. The default value for include_root_in_json option is false. This behavior can also be achieved by setting the :root  option to true. 
user.as_json(root: true)
In as_json without any option, the returned HASH will include all the model attributes 
user = User.find(1)
user.as_json
The :only and :except options can be used to limit the attributes included, and work similar to the attributes method. 
user.as_json(:only => [ :id, :email ])
user.as_json(:except => [:id, :username])
Default as_json will create a hash which includes all the model attributes. We normally override the as_json to create custom JSON structure. 
def as_json(options={})
 { :email => self.email }
end
As we were going through this we also came across a method called from_json. So we decided to write about it as well

from_json in Rails API

from_json will sets the model attributes from a JSON string. The default value for include_root option is false. We can change it to ‘true’ if the given JSON string includes a single root node. 
json = { user: { email: 'adone@gmail.com', username: 'adone'} }.to_json
user = User.new
user.from_json(json, true)
user.email                 #=> "adone@gmail.com"
user.username              #=> "adone"
Do not call to_json directly, and let the render take it, in controllers. Incase of custom structured or multi level JSON structure override as_json in the model or call as_json. Using as_json will help to worry one less.

References

]]>

]]> /to_json-vs-as_json-in-rails-api/feed/ 3 Setup your rails application with one command /setup-rails-application-one-command/ Tue, 13 Jun 2017 14:59:33 +0000 https://redpanthers.co/?p=2155 ]]> bundle bundle exec rails db:create bundle exec rails s We can create a script and run it to setup our application since Rails 4.2 a bin/setup file is generated by default. Here is the example of setup script. 
#!/usr/bin/env ruby
require 'pathname'
require 'fileutils'
include FileUtils
# path to your application root.
APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
def system!(*args)
  system(*args) || abort("\n== Command #{args} failed ==")
end
chdir APP_ROOT do
  # This script is a starting point to setup your application.
  # Add necessary setup steps to this file.
  puts '== Installing dependencies =='
  system! 'gem install bundler --conservative'
  system('bundle check') || system!('bundle install')
  # puts "\n== Copying sample files =="
  # unless File.exist?('config/database.yml')
  #   cp 'config/database.yml.sample', 'config/database.yml'
  # end
  puts "\n== Preparing database =="
  system! 'bin/rails db:setup'
  puts "\n== Removing old logs and tempfiles =="
  system! 'bin/rails log:clear tmp:clear'
  puts "\n== Restarting application server =="
  system! 'bin/rails restart'
end
Setup script sets your rails application for development environment instantly.  This is helpful when a new developer trying to set up your application or when setting up an application on a new machine. We should keep the setup script updated. Let’s understand the setup script step by step and modify according to our requirements. First setup basic required library and path of our application in APP_ROOT 
#!/usr/bin/env ruby
require 'pathname'
require 'fileutils'
include FileUtils
APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
Now system! method here execute the commands passed to it and shows the backtrace of error in case of command fails. 
def system!(*args)
  system(*args) || abort("\n== Command #{args} failed ==")
end
system will execute the given rails command and abort will stop script execution and will show us the backtrace of failed command, we can modify it if we don’t want to stop the execution of the script and get some custom error messages. 
def system!(*args)
  system(*args) || puts "#{args} -> FAILED TO EXCECUTE"
end
In the below snippet of the script, we are going to our application root and performing operations. 
chdir APP_ROOT do
  puts '== Installing dependencies =='
  system! 'gem install bundler --conservative'
  system('bundle check') || system!('bundle install')
  puts "\n== Preparing database =="
  system! 'bin/rails db:setup'
  puts "\n== Removing old logs and tempfiles =="
  system! 'bin/rails log:clear tmp:clear'
  puts "\n== Restarting application server =="
  system! 'bin/rails restart'
end
To create config file if not already exist, modify your script as 
   puts "== Copying sample files =="
   unless File.exist?('config/database.yml')
     cp 'config/database.yml.sample', 'config/database.yml'
   end
]]>

]]> Authorization with Pundit gem /authorization-with-pundit-gem/ /authorization-with-pundit-gem/#comments Mon, 12 Jun 2017 10:55:09 +0000 https://redpanthers.co/?p=2636 ]]> Who are you?) and Authorization (are you supposed to be here?). Authentication verifies the user’s identity while authorization verifies whether that user has access rights on certain resources to perform actions on them. Two popular gems for authorization in the rails world are CanCanCan and Pundit, we at Red Panthers prefers pundit over CanCanCan we get to write Pure Ruby Objects and keep the logic for each part separate. The gem CanCanCan isolates (encourages) all authorization logic into a single class. It is a drawback when the complexity of application increases. Pundit gem provides object oriented design patterns to build our own authorization system that meets project’s requirements. It enables us to keep the models and controllers free from authorization code and allows to keep the resource logic separately. This flexibility and simplicity of Pundit gem help to use it with ease.

To start with Pundit

Add Pundit gem to your gem file and run bundle install. 
gem 'pundit'
Integrate Pundit to Rails application by adding the following line to ApplicationController. 
include Pundit
If you run the Pundit’s generator as below, it will generate app/policies folder which contains application_policy.rb by default. 
rails g pundit:install
Then restart the Rails server. Base class policy looks like 
#app/policies/application_policy.rb
class ApplicationPolicy
  attr_reader :user, :record
  def initialize(user, record)
    @user = user
    @record = record
  end
  #............
  def destroy?
    false
  end
  def scope
    Pundit.policy_scope!(user, record.class)
  end
  class Scope
    attr_reader :user, :scope
    def initialize(user, scope)
      @user = user
      @scope = scope
    end
    def resolve
      scope
    end
  end
end

Create policies

Policy classes are the core of Pundit. In the app/policies folder, we can write our own policies. Each policy is a Ruby class. Each policy class should be named after a model they belong to, followed by the word Policy. For example, use CollectionPolicy for Collection model. Pundit can also be used without an associated model. Pundit uses the current_user method to get the first argument in initialize method in ApplicationPolicy. But if current_user is not the method that should be invoked by Pundit, simply define a method in your controller. 
def pundit_user
  User.find_by_other_means
end
Logically, Pundit can be used outside controllers, for example, in custom services or in views. Consider the following example. In User model, 
class User < ApplicationRecord  
  has_many :collections, dependent: :destroy
end
In Collection model, 
class Collection < ApplicationRecord  
  belongs_to :user
end
A collection should be able to be deleted only by the user who created it. So, let’s start by creating a new file collection_policy.rb in app/policies  that will store our policies that are specific to collections. In this file, we define a class that inherits from the ApplicationPolicy class and we will integrate delete method for managing permissions for the delete action . 
#app/policies/collection_policy.rb
class CollectionPolicy < ApplicationPolicy
  def destroy?
    record.user == user
  end
end
In our CollectionPolicy class we are overriding the delete? method originally declared in the ApplicationPolicy. There it simply returns false. We can override the methods in ApplicationPolicy class with our unique requirements since it’s intended to give a structure only. 
record.user == user
This states that, the only user that should be able to delete a collection is the user that created it. We can refactor this into their own method since it’s a better approach if other authorized users are needed to be added in future so that changes can be made easily in a single method instead of having to make the same changes in multiple places. This is very explicit, clearly describing the intent of the program flow. Definitely, we won’t be wondering, from where these record and user attributes are coming from. In ApplicationPolicy class we can see that they are set as read only attributes representing the object that we are adding authorization to, such as collection in our app and then the user. This is an instance of Pundit providing easy access to the items that we want to add authorization. If we add another policy class like CollectionPolicy then also we will be able to use very similar code like we are working with collections. Now let’s move to CollectionsController . By using Pundit policies, a proper permission structure can be integrated to the delete action, which earlier had no protection from unauthorized HTTP requests. 
class CollectionsController < ApplicationController
  protect_from_forgery
  def create
    Collections::Create.call(collection_params, current_user)
    redirect_to root_url
  end
  def destroy
    collection = Collection.find(params[:id])
    authorize(collection, :destroy?)
    Collections::Delete.call(collection, current_user)
    redirect_to root_url
  end
  private
  def collection_params
    params.require(:collection).permit(:name)
  end
end
The authorize method automatically assumes that Collection will have a corresponding CollectionPolicy class, and instantiates this class. It should call destroy? method on this instance of the policy. Passing a second argument to authorize method is optional here. It infers from the action name that it should call destroy? method on this instance of the policy. But second argument should be passed if it doesn’t match the action name.

Policy without a corresponding model

We can create ‘headless’ policies that are not tied to any specific model. Such policies can be retrieved by passing a symbol. 
# app/policies/website_policy.rb
class WebsitePolicy < Struct.new(:user, :website)
  # ...
end
# In controllers
authorize :website, :show?
# In views
<% if policy(:website).show? %>
  <%= link_to 'Website', website_path %>
<% end %>
Here a model or class named Website doesn’t exist. So WebsitePolicy is retrieved by passing a symbol. This is a headless policy.

Pundit scopes

In application_policy.rb, there is a scope class defined. It implements a method called resolve for filtering. We can inherit it from a base class and implement our own resolve method. In this example a scope is setup to allow users to view websites only if they have a link through collections. Let’s consider three models: User, Website, and Collection Collection belongs to User. In WebsitePolicy, 
class Scope < Scope
  def resolve
    if user.admin?
      scope.all
    else
      scope.where(:company_id => user.collections.select(:website_id))
    end
  end
end
In the websites_controller, 
def index
  @websites = policy_scope(Website.includes(:company).all)
  authorize @websites
end
Now we see only the websites where we have a collection.

Exception handling

By default, Pundit raises an exception when users attempt to access that which they are not authorized to. This situation can be handled in ApplicationController. 
class ApplicationController < ActionController::Base
  include Pundit
  protect_from_forgery with: :exception
  rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
  def user_not_authorized
    flash[:alert] = 'You are not authorized to perform this action.'
    redirect_back(fallback_location: root_path)
 end
end
We need to rescue the Pundit::NotAuthorizedError exception with a suitable method that tells how to handle it.

Why Pundit?

  • Well suited to the service oriented architecture that’s popular for large Rails applications
  • Keep controllers skinny
  • Pundit policy objects are lightweight, adding authorization logic without as much overhead as CanCanCan
  • Emphasizes object-oriented design with discrete Ruby objects providing specialized services
Therefore, as an application grows in complexity it’s always better to prefer Pundit for authorization.

References

 ]]>

]]> /authorization-with-pundit-gem/feed/ 6 Taking screenshots of webpages using Ruby /screenshots-using-ruby/ /screenshots-using-ruby/#comments Mon, 01 May 2017 10:48:00 +0000 https://redpanthers.co/?p=2373 ]]>
  • PhantomJS
  • Screencap gem
  • Webshot gem
    • Screencap and webshot are gems in Ruby that depends on a tool called PhantomJS. It is basically a web browser without a user interface, primarily used for testing websites. Such type of browsers are generally referred to as headless browsers,

    Screenshots with PhantomJS

    PhantomJS is quite easy to install and is multiplatform, available on major operating systems. 
    gem install phantomjs
    To start, our script must require a reference to the webpage module then use it to create an instance: 
    var instance = require('webpage').create();
    Use the instance.open() method and pass it the arguments, the url of the webpage that we want to capture screenshot. 
    instance.open('http://redpanthers.co/', function() {
instance.render('screenshot-phantom.png');
phantom.exit();
});
    instance.render() method captures the screenshot and saves it to the file specified in the argument. Run the script as, 
    phantomjs filename.js
    Screenshot is saved in the  directory where we run the script. Now what we have above is all JavaScript, but to use the phantom JS in our rails application we have gems that provide us with an easy interface to acheive the same.

    Screencap gem

    The gem ‘screencap’ is introduced in Ruby to make screenshot capture easy. However, the gem depends on  ‘PhantomJS’, so we need to have PhantomJS installed on machine to capture screenshots with screencap gem. But screencap does not work with PhantomJS 2.1.1, which is the latest version. So we need to install version 1.9.8 
    gem install phantomjs -v 1.9.8
    check version 
    phantomjs --version
    To install screencap gem in your application, add this line to gemfile 
    gem 'screencap'
    Or install it as 
    gem install screencap

    Usage

    To capture screenshot with screencap 
    require 'screencap'
screenshot = Screencap::Fetcher.new(<url>)
image = screenshot.fetch
    • Fetcher class accepts url of the website to take screenshot.
    • Screenshot is taken when fetch method is called.
    • Also, fetch method supports various optional parameters to specify the area to capture the screenshot.
    • We can specify where to store the screenshot captured, as shown below.
    image = obj.fetch(
 output: '~/folder/file-name.png',
 # dimensions for taking screenshot of specific area
  width: 1024,
 height: 768
 )

    Example

    require 'screencap'
screenshot = Screencap::Fetcher.new('http://redpanthers.co/')
image = screenshot.fetch(output: '~/screencap/screencap.png',
                                   width: 300,
                                  height: 500)
    Our screenshot is captured in screencap.png

    Webshot gem

    Webshot is another gem introduced in ruby to capture screenshots, also depends on PhantomJS. For better experience, use latest version of PhantomJS. Webshot works with latest version of PhantomJS while screencap gem does not. Install PhantomJS latest version. To install webshot in your application, 
    gem 'webshot'
    Or install as 
    gem install webshot

    Usage

    require 'webshot'
screenshot = Webshot::Screenshot.instance
screenshot.capture "https://github.com/", "image.png", width: 1024, height: 800
    Provide url of the web page and file name where screenshot to be saved. Height and width can be given as optional parameters for taking screenshot with specified dimensions. Above code captures github’s home page in file image.png In all the above methods, we capture screenshots of a particular web page by passing its url. Also we can infer that screencap gem, even though efficiently takes screenshots, does not work for latest version of PhantomJS. This was an issue encountered while working with gem screencap as installing PhantomJS without specifying the version would install the latest version by default. So, choose gem webshot if you want to go ahead with the latest version of PhantomJS.

    References

    ]]>

    ]]>     /screenshots-using-ruby/feed/ 2     Difference between Date, Time and DateTime /time-date-datetime/ /time-date-datetime/#comments Wed, 05 Apr 2017 10:23:42 +0000 https://redpanthers.co/?p=1094 ]]> Date When you need a string format of year, month and day, you have to go through Date class.
    • Has date attributes only (year, month, day)
    • Based on integer whole-day intervals from an arbitrary “day zero”
    • Can handle date arithmetic in units of whole days
    • Date object is created with ::new, ::jd, ::ordinal, ::commercial, ::parse, ::strptime, ::today, Time#to_date etc.
    • Takes 4 bytes to store.
    Eg: 
    $ require 'date'
$ Date.new(2001,2,3)
  Date: 2001-02-03
$ Date.jd(2451944)
  Date: 2001-02-03 ...
$ Date.ordinal(2001,34)
  Date: 2001-02-03 ...
$ Date.commercial(2001,5,6)
  Date: 2001-02-03 ...
$ Date.parse('2001-02-03')
  Date: 2001-02-03 ...
$ Date.strptime('03-02-2001', '%d-%m-%Y')
  Date: 2001-02-03 ...
$ Time.new(2001,2,3).to_date
  Date: 2001-02-03 ...
$ Date.today
  "Mon, 02 Jan 2017"

    Time

    If you need both date and time values, we can make use of Time class.
    • Has date and time attributes (year, month, day, hour, min, sec, subsec)
    • Can handle negative times before unix time
    • Can handle time arithmetic in units of seconds
    Eg: 
    $ require 'time'
$ Time.now
   2015-12-08 10:26:40 -0200
$ time = Time.new
  Components of a Time
$ time.year    # => Year of the date
$ time.month   # => Month of the date (1 to 12)
$ time.day     # => Day of the date (1 to 31 )
$ time.wday    # => 0: Day of week: 0 is Sunday
$ time.yday    # => 365: Day of year
$ time.hour    # => 23: 24-hour clock
$ time.min     # => 59
$ time.sec     # => 59
$ time.usec    # => 999999: microseconds
$ time.zone    # => "UTC": timezone name
    Also rails provide a really good time class called ActiveSupport::TimeWithZone. It contains all the features the Time class have, plus many improvements, such as the support for configurable time zones.

    DateTime

    • Has date and time attributes (year, month, day, hour, min, sec)
    • It  is formatted as YYYY-MM-DD HH:MM:SS
    • Based on fractions of whole-day intervals from an arbitrary “day zero” (-4712-01-01)
    • Can handle date arithmetic in units of whole days or fractions
    • Takes 8 bytes to store, and has a precision of .001 seconds.
      • A four-byte integer packed as YYYY×10000 + MM×100 + DD
      • A four-byte integer packed as HH×10000 + MM×100 + SS
    • Valid ranges go from the year 1000 to the year 9999
    • It is created with ::new, ::jd, ::ordinal, ::commercial, ::parse, ::strptime, ::now, Time#to_datetime etc.
    Eg: 
    $ require 'date'
$ DateTime.new(2001,2,3,4,5,6)
  DateTime: 2001-02-03T04:05:06+00:00 ...

    Let’s see the Differences among all of them which makes them unique.

    • Date use rational and a “day zero” for storage. But Time doesn’t. So Time is faster.
    • Date field is populated with a literal date and does not concern itself with time zones so this can cause trouble if it is not expressed in the user’s local time. A DateTime can always be converted to a user’s local time if required.
    • Time used to track changes to records and update every time when the record is changed. DateTime used to store a specific and static value which is not affected by any changes in records.
    • Time internally converted current time zone to UTC for storage, and during retrieval converted back to the current time zone. DateTime can not do this.
    • Time affected by different TIME ZONE related setting. Datetime is constant.
    • Ruby’s Time class implements a proleptic Gregorian calendar and has no concept of calendar reform. This problem can be overcome using DateTime class.
    Now since we know so many facets of Date, Time and DateTime , we can use them in a much better manner in future at our time of needs. Happy Coding in Ruby!

    References

     ]]>

    ]]>     /time-date-datetime/feed/ 3