INDEX Numbers and Symbols ActiveRecord::Base, inheriting from, 110 ActiveRecord::RecordNotFound exception, 404.html file, 24 32, 41 422.html file, 24 ActiveSupport::Cache::FileStore cache 500.html file, 24 store, 186 && (and) operator, 9–10 ActiveSupport::Cache::MemoryStore cache @, for instance variables, 15 store, 186 \ (backslash), for special characters, 6 ActiveSupport::TestCase module, 143 : (colon), for symbols, 7 Ada, 3 { } (curly braces) add command (Git), 77 for blocks, 13 alert class, 131 for hashes, 8 alert-danger class, 132 :: (double-colon) operator, 91 alert message, 132 " (double-quotes), for strings, 6 alert-success class, 132 == (equal) operator, 9 all method, 32 ! (exclamation mark), at end of Amazon Elastic Compute Cloud method name, 7 (Amazon EC2), 224 => (hash rocket), 8–9 Amazon Web Services (AWS), 224–225 > (greater than) operator, 9 ancestors class method, 95–96 < (less than) operator, 9 and (&&) operator, 9–10 and inheritance, 17 anonymous users, restricting page access, << operator, 8 125, 136 <=> operator, 92 Apache <%= %> tag, 58 disabling default site, 237 <% %> tag, 58–59 installing, 226–228 <%# %> tag, for comments, 59 API controllers, 212–213 % (modulus) operator, 5 api module, 219 != (not equal) operator, 9 API requests || (or) operator, 9–10 adding route for, 211 ||= (conditional assignment) operator, 10 authentication credentials for, 209 + operator, to add arrays, 8 APIs (application programming ? (question mark), at end of interfaces), 51 method name, 7 creating, 211–222 [ ] (square brackets), for array, 7–8 token-based authentication, 216–222 _ (underscore), in partial names, 67 api_token string, 216 | (vertical pipe), 13 app/assets directory, 65, 177 application.css file, 65, 124, 176–177 A application.js file, 66, 124 javascripts directory, 176 Accessor class, defining, 101 stylesheets directory, 176 Active Record, 30, 106–121 app/controllers directory cache_key method, 187 api/posts_controller.rb file, 212, 257 calculations, 35 api/text_posts_controller.rb file, 219 query conditions, 34–35 application_controller.rb file, 135, relation, 32 171, 218 app/controllers directory (continued) sessions/new.html.erb file, for login comments_controller.rb file, 248, form, 133–134 253–254 text_posts/edit.html.erb file, 165 destroy action in, 244 text_posts/_form.html.erb file, 158 image_post_controller.rb file, 165, text_posts/_text_post.html.erb file, 126, 250–251 165, 248, 255 ImagePostsController methods, 252 comment count in, 187–188 posts_controller.rb file, 48, 125, 256 TextPost partial, 249 index action, 184 users/new.html.erb file, 130–131 logger statement, 198 users/show.html.erb file, 155, 156 PostsController, 253 apt-get system, for software install, sessions_controller.rb file, 256 225–226 text_posts_controller.rb file, 158, 159, arrays, 7–8 164–165 for all keys in hash, 9 users_controller.rb file, 129, 156, 250 returning first and last entries in, 32 app/helpers directory, 61 ASC order, for retrieving posts, 34 application_helper.rb file, 61 as_json method, 213–214 posts_helper.rb module, 61 assertions, 146 –147 application, view for, 22 controller test, 150–152 ApplicationController class, 136–137 in testing, 143 authentication method in, 218 asset pipeline, 65, 176–179 ApplicationHelper module, 61, 90 asset precompilation, 178–179 application programming interface. debug mode, 177–178 See API (application manifests, 176–177 programming interface) viewing search path list, 177 application.rb file, 24 assets, in Rails application, 65 application server, for Ruby on Rails, assets:clobber rake task, 178 226–227 assets directory, 23, 24 app/models directory assigns hash, 150 comment.rb file, 189 associations, 39–42 adding validation, 241 adding, 40 ext_post.rb file, checking for body text, belongs_to methods, 41–42 118–119 defining, 113 image_post.rb file, 118 generating model, 39 post.rb file, 29 has_many methods, 40–41 subscription.rb file, 113 has_many :through, 109–110 user.rb file, 114, 129, 143 many-to-many, 107–110 has_many association, 119 polymorphic, 111–112 app/views directory, 58 self join, 106–107 comments/_comment.html.erb file, 248, specifying in advance, 183 253, 255 testing, 115–116 image_posts/edit.html.erb file, 165 touch option, 189 image_posts/_form.html.erb file, 251 attr_accessor method, 16, 90, 100–101 image_posts/_image_post.html.erb file, attributes of object, displaying, 198 126, 188, 192, 248 authenticated user, for ImagePost partial, 249 TextPostsController, 158 image_posts/new.html.erb file, 251 authenticate_or_request_with_http_token layouts/application.html.erb file, 64, method, 218 136, 171, 196, 250, 258 authenticate_user! method, 136, 250 updating, 243 authenticating over SSH (secure shell), 81 link_posts/_link_post.html.erb file, 256 authentication, 123–140 posts/index.html.erb file, 58, 62, 125, 159 vs. authorization, 163–164 will_paginate call, 184 of current user, 125 posts/show.html.erb file, 58, 68, 127 with GitHub API, 209–211 260 Index log in, 132–135 Bundler tool, 25 of requests, 218–219 flags in, 82 token-based, 216–222 business logic, 22 of user, 136–137 byebug gem, 199 authenticity_token token, 171 authorization attacks, 163–165 author migration, 37 C average method, 35 cached_comment_count method, 188 AWS (Amazon Web Services), 224–225 cache_key method, 187, 189, 190 cache keys, 187, 255 cache store, 185 B Rails support of, 186 backslash (\), for special characters, 6 caching, 185–192 BasicObject class, 96 enabling, 186 bcrypt gem, 128, 249 fragment, 189–191 BCrypt::Password.create method, 144 issues, 191–192 before_action :authenticate_token! low-level, 187–189 method, 219 calc method, 93 before_action :authenticate_user! callbacks, eliminating, 147–148 method, 248 canceling current operation, 4 before_action method (Rails), 48, 136 cannot_feature! method, 245 belongs_to association, 106, 107, 111–112, Capfile, 232 113, 247 Capistrano, 178, 230–237 belongs_to methods, 41–42 configuration, 232–233 belongs_to statement, 40 database setup, 233–234 between? method, 92 deployment, 235 bin directory, 20, 23 secrets setup, 234 bundle install command, 124, 128, 199 setup, 231–232 cap production deploy command, 258 virtual host, 236–237 rails console command, 247, 249 capistrano-rails gem, 231 rails generate command, 153 Cascading Style Sheets (CSS) rails server command, 57 asset pipeline and, 176 rake db:migrate command, 129, 216 including in application, 124 rake log:clear command, 197 lists of application use, 65 rake routes command, 211 case rake test command, 142 for constants, 10 rake test:models command, 149 for variables, 11 --binstubs option, for bundler, 231 cd command, 20 block of code, 13 centralized version control systems, 76 blog posts, adding comments, 39 change_column method, 37 body element (HTML), 64 change method, 36 Booleans, 9–10 changes, pushing or pulling, 76 Bootstrap, 124 checkout command (Git), 79, 80 form-group class, 131 child model, 106 panel component, 126 classes, 15–18 styles for links, 157 adding new methods, 16 bootstrap_sass gem, 124 ancestors, 95–96 branch command (Git), 79 assigning method calls to another, 94 branching, 11 creating instance of, 16 BrightBox, 225 as instance of other class, 96–97 build-essential package, 229 methods, 96 build tools, installing, 229 class_eval method, 100–102 bundle command, 25–26, 82, 229 class methods, 17 bundle install command, 20, 235 class statement, 15 Index 261 client error, 4xx status codes for, 208 convention over configuration, 21 cloud application platform. See Heroku cookies, 52 cloud application platform secret key for, 234 code cookies hash, 150 block, 13 count method, 35 executing inside debugger, 203 create action, 44 optimization, 180–185 controller test for, 151 CoffeeScript, 176, 180 POST request for, 151 :collection option, 67–68 create command, in Heroku, 83 collections, 67–68 create comment action, controller for, 54 colon (:), for symbols, 7 created_at field, 28 columns in database, adding, 37 create_join_table method, 109 combining strings, 6 create method, 31, 53 comment model, 120, 247 for login form, 134 comment_params method, 55, 242 in SessionsController, 181–182 comments createuser command, for PostgreSQL, 228 adding, 54–55 cross-site request forgery (CSRF), 64, adding to blog posts, 39 170 –171 belongs_to methods, 41–42 token, 221 form, 72–73 cross-site scripting (XSS), 167–169 has_many methods, 40–41 CRUD functions, 31, 44 show page for, 254 CSRF (cross-site request forgery), 64, showing, 68–69 170 –171 CommentsController#create method, 72 token, 221 commit command (Git), 77–78 csrf_meta_tags method, 66–67 commit message, 77 csrf-token meta tag, 66 Comparable module, 92 CSS. See Cascading Style Sheets (CSS) Concurrent Version System (CVS), 76 Curl, 208–209, 220–221, 257 conditional assignment (||= ) operator, 10 to check index action output, 215 conditional statements, 11–12 testing API, 212 for Edit button, 191–192 for testing token-based config.action_controller.perform_caching authentication, 209 setting, 186 curly braces ({ }) config.assets.debug setting, 178 for blocks, 13 config directory, 23 for hashes, 8 deploy/production.rb file, 233 current user deploy.rb file, 232–233 authentication, 125 environments/development.rb file, 178, identifying, 135–136 186, 192 using, 137–139 routes.rb file, 45, 46, 156, 171 current_user method, 135–136, 219 logout route, 254 output of, 196 secrets.yml file, 234 custom routes, 46 console command, 26 CVS (Concurrent Version System), 76 constants, 10 continue command (debugger), 203 control flow, 11–13,