« Back to channel list

#RubyOnRails - 12 October 2013

« Back 1 day Forward 1 day »
[00:00:07] foucist: Sep1: what's the issue
[00:00:18] Sep1: gwillen hmm??? a lot of problem with setup the app on EC2
[00:00:40] gwillen: foucist: app on EC2, wants to get the user's IP, is getting 127.0.0.1 instead
[00:00:53] Sep1: foucist when I run "request.remote_ip", the output is always 127.0.0.1 instead of real IP
[00:06:58] foucist: Sep1: how about proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
[00:07:10] foucist: Sep1: and maybe request.env['REMOTE_ADDR']
[00:08:18] Sep1: foucist I've tried request.env['REMOTE_ADDR'] in Rails, but still 127.0.0.1
[00:08:31] Sep1: now trying to modify the ngingx file
[00:12:10] foucist: Sep1: also request.inspect (double check its not named something else)
[00:14:43] Sep1: foucist ok, so updated: https://gist.github.com/anonymous/cbbb1aa4134761f32a68 this is how looks the relevant part of the ngingx file, but still cannot obtain the real IP
[00:15:16] foucist: Sep1: unicorn or thin?
[00:15:32] Sep1: foucist unicorn
[00:25:32] allaire: Hey guys, a bit off topic : Anybody know any other nice studio like thoughtbot? You know the kind of agency who focus on code + app. Not just making plain websites + logos
[00:25:46] foucist: hashrocket maybe
[00:26:49] allaire: didnt know that one, cool thanks :)
[00:42:24] Celsian: Hi people, I'm having a hard time working out how to go about this: I'm writing an app that tracks inventory for devices. I would like to be able to attach a device to a student via a reference. I already have the model's setup properly, but I'd like to be able to search a device and associate it with a student all from the student show page. Any pointers on how I can achieve that?
[00:43:36] butblack: I'd like to put a counter cache on my post model??? however, I would only like for the counter to increase when the post is no set to preview mode.. has anyone had experience with a situation like this/
[01:04:47] dwahyudi: hello, a friend of mine said that active record call in controller is a bad practice... is that true?
[01:05:38] terrellt: dwahyudi: As in doing Object.find(bla)?
[01:06:15] dwahyudi: @terrellt, yes
[01:06:26] dwahyudi: what do you think?
[01:07:26] terrellt: dwahyudi: Depends on what's being recommended instead.
[01:10:07] dwahyudi: maybe, my friend is javanized... his approach is using DAO instead, but when i told him that this activerecord is enough, he said no
[01:10:15] Celsian: Do it in the model.
[01:10:38] dwahyudi: @celsian, do you mean, the rails default generator is false
[01:11:17] Celsian: @dwahyudi, No, but restful code typically has any active record call in the model.
[01:11:57] Celsian: @dwahyudi, if you are simply doing @object = Object.find strong_params then I would do it in the controller
[01:12:03] Celsian: but make sure you use strong params.
[01:12:40] dwahyudi: what about something like: @user = User.find(params[:id])
[01:14:05] Celsian: Right, that's fine in the controller.
[01:16:39] Celsian: Any sort of search call or any updates to an object should be done in the model though. Basically if it's more complicated than .find, put it in the model.
[01:17:13] dwahyudi: i see... many thanks !
[01:19:48] kaawee: Hello! When using ActiveModel, what is needed to provide an id such that scaffolded "Show Edit Destroy" links actually work
[01:27:39] FallLine: hmm i'm trying to parse the params hash in application controller in a ruby 3.x app (in the midst of upgrading a large app from 2.x) and for some reason the hash is empty when I know it has stuff in it...
[01:27:45] FallLine: anyone know why that might be?
[01:27:54] xybre: kaawee: You need to define your routes
[01:28:21] xybre: FallLine: raise "params appears to be empty" if params.empty?
[01:28:22] kaawee: xybre: the routes are already defined (by a "resources" statement)
[01:28:35] kaawee: xybre: simply defining an "id" method does not help
[01:28:48] xybre: FallLine: also, in Rails 2, you often use @params, but that is deprecated in Rails 3 and you must use just "params"
[01:29:18] FallLine: yeah but I wasn't using that
[01:29:40] xybre: kaawee: Id has nothing to do with it, "id" is just whatever is passed in for the URI like example.com/posts/2 the "2" is the "id". There is no method that you need to define for it.
[01:30:40] FallLine: i should say that i'm doing that in a before filter not sure if that's what's killing me or not
[01:31:27] xybre: FallLine: params should be available in before filters too
[01:31:38] FallLine: yeah (it used to be in my 2.x app at least)
[01:31:57] kaawee: xybre: but in http://example.com/posts , the view contains the HAML code "%td= link_to 'Edit', edit_post_path(post)", and the HTML code create is just "<td><a href="/posts//edit">Edit</a></td>", with an id number (or some other applicable string) missing between the slashes
[01:32:33] devdvd: Hi all, running into a really stupid newb problem but for the life of me i can't figure out why. Here is the gist, contains code for my galleries controller, portraits controller and my form and the error output im getting. https://gist.github.com/devblueray/6944540
[01:32:57] devdvd: I really don't understand where its getting uninitialized constant Gallery::Portrait
[01:33:05] devdvd: i don't see where thats being referenced
[01:33:30] devdvd: unless it's in the form, and in that case, i don't know how to fix it
[01:33:45] gwillen: devdvd: check in the Gallery model
[01:34:00] gwillen: devdvd: it shoudl also tell you in the error message what file the error is in; can you gist or paste the error?
[01:34:18] devdvd: gwillen: it's all there, at the very top of the gist
[01:34:45] devdvd: my gallery model has belongs_to :customer
[01:34:53] devdvd: has_many :portraits
[01:35:09] xybre: kaawee: Okay, so what do you mean "actually work" then? ActiveModel on its own doesn't persist or retrieve data, you need ActiveRecord for that.
[01:35:35] xybre: Well you don't need ActiveRecord, but you need some mechanism for persistance, and then you need to use that in your controller.
[01:36:32] devdvd: gwillen: i added my gallery.rb and portraits.rb model files to the gist
[01:36:41] xybre: devdvd: Do you have a Portrait model? Or is it called Portraits?
[01:36:51] devdvd: its called Portraits
[01:36:54] xybre: Models in ActiveRecord should all be singular.
[01:37:12] kaawee: xybre: well, the data is static read-only, it is just an array of "posts", but still somehow each member of the array needs to be referencable, and I do not know how I can make each member referencable such that "edit_post_path()" returns proper relative URLs, although each member has an id (and an "id" method returning)
[01:37:13] gwillen: devdvd: ... yeah what devdvd said :-)
[01:37:17] gwillen: it should be portrait.rb
[01:37:18] xybre: Thats why you're getting that error, ActiveRecord is helping by assuming you meant the singular.
[01:37:21] gwillen: and model Portrait.
[01:37:33] gwillen: devdvd: er, what xybre said
[01:37:48] devdvd: :) ok changed and checking
[01:38:04] xybre: kaawee: You need to write the finder in the controller. What does your controller for your "posts" look like?
[01:38:17] delinquentme: Hey all sooooo If we're talking about building out some kind of HIPPA compliant DB ... and we've got biological data which could be clinically relevant
[01:38:26] delinquentme: but we need that data associated w a give username in the database ...
[01:38:30] delinquentme: how should this be done?
[01:38:36] delinquentme: encrypting the information?
[01:38:44] delinquentme: some kind of one-way-viewable information link?
[01:38:50] kaawee: xybre: it is just the output of "rails scaffold", nothing changed there
[01:39:44] xybre: delinquentme: I'd put the DB on a secure server, probably use Postgres.
[01:40:00] xybre: kaawee: It doesn't write the controllers for you. You need to put code in the actions it provides.
[01:40:01] devdvd: yep, that fixed that, thank you gwillen and xybre !!!!
[01:40:11] gwillen: you're welcome :-)
[01:40:31] rhizome: delinquentme: it's HIPAA and there are a whole host of requirements
[01:40:34] devdvd: so does that singular rule also apply to controllers by convention?
[01:40:51] xybre: devdvd: Controllers are plural by convention :)
[01:40:53] devdvd: or shoudl those always be plural (as ive seen)
[01:40:56] delinquentme: rhizome, I"m running searches and that doesn't seem to be the case
[01:41:05] delinquentme: like people talk about it being massive ... but
[01:41:09] delinquentme: http://archive.railsforum.com/viewtopic.php?id=12326
[01:41:12] Fuffidish: hi, I am a little troubled... I have a Model called Quotation and another one called QuotationLine. QuotationLine belongs_to :quotation. Quotation has_many :quotation_lines... Now the problem is: from my QuotationController#show I want to have a form to add new QuotationLine(s) to my current Quotation... The problem is... in my QuotationLinesController#create how do I retrieve the Quotation.id necessary to crea
[01:41:13] Fuffidish: te the QuotationLine properly?
[01:41:17] neatiexist: Just have a quick question. Isn't httponly: true unnecessary for cookies in rails 3.2 and up?
[01:41:28] gwillen: devdvd: if you use rails generate, always give it the singular, and it will pluralize or not as rails wants
[01:41:48] devdvd: ah! thx for the pro tip :)
[01:42:40] neatiexist: Isn't httponly: true not needed for cookies when config.force_ssl = true in production.rb?
[01:44:26] neatiexist: Anyone know?
[01:45:40] neatiexist: Is this a dumb question?
[01:46:45] kaawee: xybre: do you know which code generates the "edit_post_path()" method? then I could find what is actually missing
[01:47:05] bonhoeffer: anyone know of a sass channel (other than #haml) ?
[01:47:19] neatiexist: bonhoeffer: #css
[01:49:05] xybre: kaawee: In Rails 3 the code was pretty obscure, but it boiled down to url_for and some other wrapper code.
[01:49:14] devdvd: ok, another convention question. When creating nested resource models. when i create the references column, should it be singular or plural (i.e gallery:references or galleries:references)
[01:49:28] neatiexist: Anyone know if :httponly => true is obsolete in rails 3.2 and up?
[01:49:46] xybre: neatiexist: check stack overflow
[01:49:51] |PiP|`: anyone know if mysql has anything similar to postgres hstore?
[01:49:57] neatiexist: xybre: checked doesn't say
[01:50:58] neatiexist: xybre: I'm not sure if it's necessary to keep :httponly => true when I have config.force_ssl = true in my production.rb. Might have to just keep both just in case.
[01:51:47] devdvd: neatiexist: no, httponly is not obsolete i found this article http://brettu.com/rails-daily-ruby-tips-118-httponly-for-cookies-in-rails-3/
[01:51:57] xybre: Fuffidish: you need to pass it in, either using a nested route, or at least using your form params.
[01:52:12] neatiexist: devdvd: It's even necessary when I have config.force_ssl = true in my production.rb file?
[01:52:16] Fuffidish: I am actually doing it... might as well paste on gist
[01:53:37] devdvd: i dont know, im not sure what config.force_ssl does so i'd start there by figuring out if both features do the same thing
[01:54:03] Fuffidish: xybre: https://gist.github.com/Fuffi/290ce06e8b5099a96399
[01:54:25] devdvd: neatiexist: http://edgeguides.rubyonrails.org/security.html talks about both
[01:54:33] Fuffidish: rails complains I am not setting the quotation_id
[01:55:50] neatiexist: devdvd: thanks brother
[01:55:52] xybre: Fuffidish: Oh, you're creating it through the relation? Yeah that should set it for you in most cases
[01:57:29] Fuffidish: xybre: it might be a strong parameters problem
[01:59:19] Fuffidish: xybre: I am doing this: QuotationLine.create!(params.require(:quotation_line).permit(:item_name, :item_price, :quotation_id))
[01:59:22] Fuffidish: might be wrong...
[02:00:13] kaawee: xybre: ok, I got it. the name of the method I was looking for was "to_param"
[02:03:14] xybre: kaawee: cool, glad you found it :)
[02:03:38] xybre: Fuffidish: Is quotation_id in the params?
[02:04:10] Fuffidish: these are my params
[02:04:11] Fuffidish: {"utf8"=>"???", "authenticity_token"=>"dbgEQPVYGyLGFTy80exOG+jUzD4E7I5WcuwdLIWBxjo=", "quotation_line"=>{"item_name"=>"Porta", "item_price"=>"560"}, "commit"=>"Aggiungi", "action"=>"create", "controller"=>"quotation_lines", "quotation_id"=>"1"}
[02:07:15] kaawee: xybre: actually, the method "id" is also correct, but only if the method "persisted?" returns true, but by default , for ActiveModel::Model, "persisted?" returns false. so overriding "persisted?" such that it returns true makes it possible to use the method "id"
[02:09:34] xybre: kaawee: I suspect there's a better way to do what you want, but if this works for you then great
[02:09:57] xybre: Fuffidish: Whats the error you get?
[02:10:20] Fuffidish: xybre: quotation_lines.quotation_id may not be NULL:
[02:10:35] Fuffidish: QuotationLine.create!(params.require(:quotation_line).permit(:item_name, :item_price))
[02:10:43] Fuffidish: not sure how to permit the :quotation_id param
[02:11:42] brandoncordell: Is it possible to separate my devise routes so that sign_in is routing in a subdomain constraint, but sign_up is routed globally?
[02:13:02] xybre: Fuffidish: Can you require it?
[02:14:29] Fuffidish: xybre: not sure what you mean
[02:16:26] xybre: Fuffidish: QuotationLine.create!(params.require(:quotation_line, :quotation_id).permit(:item_name, :item_price))
[02:17:08] Fuffidish: xybre: noup
[02:17:12] Fuffidish: require takes 1 arg
[02:21:06] xybre: Fuffidish: Ah, sorry, you're right. I'd drop in a debug/pry and see what the state of params is and try to see why create doesn't seem to be getting the id.
[02:23:27] Fuffidish: I get this...
[02:23:28] Fuffidish: {"utf8"=>"???", "authenticity_token"=>"dbgEQPVYGyLGFTy80exOG+jUzD4E7I5WcuwdLIWBxjo=", "quotation_line"=>{"item_name"=>"Porta", "item_price"=>"560"}, "commit"=>"Aggiungi", "quotation_id"=>"1"}
[02:23:37] Fuffidish: quotation_id is set
[02:23:47] Fuffidish: but maybe the problem is that it is not set insite quotation_line ?
[02:24:05] xybre: Fuffidish: Oh. Yeah, its not in the correct subhash.
[02:24:23] Fuffidish: hm, and why? :/
[02:24:47] xybre: Fuffidish: it needs to be a member of the quotation_line subhash and then you need to pass that subhash qhole into create.
[02:25:06] Fuffidish: ok and how... with form_for?
[02:25:28] xybre: Fuffidish: params[:quotation_line] in the controller
[02:27:13] xybre: Fuffidish: In the form you can use a hidden field
[02:27:23] Fuffidish: ok I hacked it in
[02:27:25] xybre: Fuffidish: http://apidock.com/rails/ActionView/Helpers/FormHelper/form_for
[02:27:32] Fuffidish: arams[:quotation_line][:quotation_id] = params[:quotation_id]
[02:28:44] xybre: Yeah that sorta works I guess. I thought you were using the build method though?
[02:30:27] Fuffidish: it should not be necessary to do this
[02:30:31] Fuffidish: neither adding a hidden field
[02:30:59] xybre: Fuffidish: There's onyl two ways for data to get sent with an HTML form, either through a form field or javascript.
[02:31:31] Fuffidish: ok thanks for your help :)
[03:36:16] LiVECrys: Is it possible to run rails apps on my exsisting cpanel server? Would it be better to have a seperate server for this?
[03:36:58] bratsche: I don't know what cpanel is.
[03:45:53] jrobeson: LiVECrys, sure it's possible.. i don't know how.. but it is definitley possible
[03:46:09] jrobeson: LiVECrys, not everybody deals with shared hosting nonsense like cpanel
[03:46:17] jrobeson: i do .. but it really gets in the way :(
[03:47:11] jrobeson: bratsche, cpanel and companion sofware whm are used to manage a linux server for shared hosting customers.. setting quotas, hosting packages, setting up email accounts, databases, adding ftp users, that kinda thing
[03:47:53] bratsche: I've never used that I guess.
[03:48:05] jrobeson: figured, and your life is better for it :)
[03:51:05] boeyc: ActionController::RoutingError (No route matches [GET] "/assets/scaffold.css"): . . . i happen to be using a newer version of rails which it is in assets/stylesheets/scaffold.css
[03:51:12] boeyc: how do i fix this?
[03:57:29] LiVECrys: I apologize bratsche I figured it was a pretty common package.
[03:58:31] LiVECrys: With that said. I've been developing in php for a while and have been using cpanel to manage my sites. Just simpler for me. Should I continue to use that for new rails apps I develop or should I get another server to run my rails sites?
[04:02:26] bratsche: LiVECrys: No apologies necessary. :)
[04:02:38] bratsche: It may be a very common package, I've just never used it or heard of it before.
[04:05:27] jhgaylor: I'm considering learning ruby/rails and I'm trying to pick a version of rails to learn. is there a reason not to use rails4?
[04:06:28] jrobeson: there may be some things incompatible with it, but likely nothing you'll use anytime soon
[04:07:09] pipework: jhgaylor: I'd say to use the latest stable.
[04:07:34] pipework: Most rails 3 blogs are relevant to rails 4 with some provisos.
[04:07:48] jrobeson: LiVECrys, i can't speak as to wehther you should or shouldn't use cpanel/whm itself to manage your server. however.. you should manage rails and ruby stuff yourself and not use the cpanel stuff
[04:08:52] pipework: LiVECrys: I don't think cpanel is very good in any situation, but even more so, it's not good for rails, iirc. Nothing relatively recent and worth using.
[04:09:04] jhgaylor: pipework: okay. thanks.
[04:32:06] adammcarth: If you only intend to use comments with one model, is there any point using `:as => :commentable` ?
[04:41:58] adammcarth: rhizome: Any ideas why my post_id [comment table] isn't being updated with the id of the post though? I have the associations setup, I thought it happened automatically?
[04:43:23] rhizome: depends on how you're doing it
[04:44:58] rhizome: @post.comments.create is the typical way
[04:45:36] pipework: There's another way that's neater, but that's a fair way.
[04:52:42] adammac: Wait, not `@post.comment.save` ?
[04:54:16] rhizome: a post likely has_many comments, so plural
[04:54:51] adammac: yeah but you're creating one comment in this case
[04:55:28] adammac: I was just questioning your use of `.create` instead of `.save`
[05:09:29] biloon: hello, i need help with using less-rails (depending on therubyracer) on window. I installed therubyracer according to https://github.com/hiranpeiris/therubyracer_for_windows. I am able to get the server running, but every pages I access returns Argument Error: wrong number of arguments (1 for 0)
[05:10:02] biloon: This problem does not persist when I remove therubyracer (and less-rails) gem
[05:25:48] funburn: slightly OT but can I get a pointer on getting Guard to use OSX 10.8 Notification Center. I've installed the terminal-notifier-guard gem, and even set notification "terminal-notifier-guard" in my Guardfile but the only notification I get through ANC is that the Guardfile has been re-evaluated
[05:26:33] funburn: https://gist.github.com/mtuckerb/82a2b4363b93ed4034c8
[05:43:29] SilverKey: funburn: are you using guard with spork?
[05:43:51] funburn: looks like it might be related to this https://github.com/Springest/terminal-notifier-guard/issues/2
[05:44:14] SilverKey: I think you need to have it in the :test group as well as development
[05:44:32] SilverKey: just a guess
[05:44:46] funburn: I'll try, thanks!
[06:22:24] devdvd: anyone here know how to do multiple file uploads with rails_admin gem? I would like to be able to select multiple files and upload several at once
[06:33:23] rhizome: does it let you write your own controller actions?
[06:37:56] funburn: SilverKey: no love :(
[06:39:42] s2013: devdvd: yes. you can use multipart: true
[06:40:29] s2013: oh nvm. for rails_admin gem. id ont know
[06:53:52] Bhavesh_a_p: ,msg NickServ identify bhavesh@6891
[08:56:36] diegoviola: i'm trying to restructure my actionmailer layout a bit, do i want to use content_for for things like <head> and <body> or should i just wrap specific tags about it?
[08:56:46] diegoviola: is there a best practice for those kind of things
[09:13:31] adammac: anyone know of any techniques to order two different models by created_at date? preferably without a gem though...
[09:32:28] krz: adammac: without a gem? not via AR? via ruby?
[09:33:16] another_eddie: Hi everybody... The gem Capistrano is only for Ruby >= 1.9 or it works also with Ruby 2.0? Thank you in advance...
[09:33:20] adammac: don't answer that
[09:33:52] adammac: krz: I mean without any gems that aren't native to the default rails distro
[09:35:06] krz: adammac: you would use active record for that sort of thing
[09:35:21] krz: i.e via joins / include / order
[09:35:53] adammac: krz: I can't find anything explaining how to do it that doesn't incorporate a news feed gem
[09:36:38] krz: youve got two tables. using AR join the to tables and order by created_at
[10:08:46] adammac: krz: So.... assuming I already have my instance variables setup, `@combination = [@post, @project].join` and `@combination.all( :order => "created_at desc")` ?
[10:09:33] adammac: sorry for the delay, internet dropped out -.-
[10:10:56] adammac: Emily: Please tell me this is my girlfriend. All my dreams may finally have come true.
[10:14:54] krz: adammac: your you want to group by two different AR results right?
[10:15:07] adammac: krz: Yeah.
[10:15:19] krz: you can do that via sql
[10:16:06] krz: i.e. via AR directly
[10:16:51] krz: adammac: if using postgres. theres a special directive that you can use
[10:17:18] adammac: krz: Nah, I'm using MySQL mate
[10:17:21] krz: adammac: you are trying to create an activity stream (through different AR results)
[10:17:37] krz: adammac: you can still achieve this via mysql, i believe
[10:17:59] krz: it may be quite taxing though
[10:18:05] adammac: krz: But my code before wouldn't work?
[10:18:36] krz: have you tried it?
[10:18:48] krz: i was going to suggest redis for an activity feed
[10:19:03] krz: makes a perfect solution. fast and without having to join several tables together
[10:19:07] jrobeson: and there are quite a few tutorials and videos for it
[10:19:09] adammac: krz: That sucks, you think something like that would be better supported
[10:19:31] adammac: Yeah I might have to look into using a gem like redis then
[10:19:41] krz: first, joining several tables like that may have some performance concerns
[10:20:16] krz: especially when you start incorporating other aspects. like feed per user
[10:20:34] adammac: krz: Is my logic right here though? On my website I have posts and projects, and on the home page I want to display posts and projects in order of their creation dates. It seems so simple?
[10:20:43] krz: and if the feed also constitutes other tables, not just post, project. perhaps comments, views, likes, etc
[10:21:59] krz: if not redis, i would use another table
[10:22:06] krz: purely for activities
[10:22:22] krz: possibly with an hstore column to avoid null columns
[10:22:26] adammac: that's what charlie Somerville recommended
[10:22:54] adammac: add something to the activities table each time a post or project is created
[10:22:57] krz: but redis feels right, since activities is ephemeral data. temporary. i.e. not so important in the archiving sense
[10:22:59] adammac: that could be the next best thing
[10:23:37] adammac: I'm still astonished that ActiveRecord has no out-of-box support for a simple task like that though
[10:23:48] krz: it does, indirectly
[10:23:58] krz: ARRAY_AGG is your best bet in postgres
[10:24:11] krz: there may be something similar with mysql
[10:24:20] adammac: would you recommend postgres over MySQL?
[10:24:25] adammac: thinking about making the switch
[10:25:40] krz: if mysql. mariadb looks interesting
[10:25:43] krz: but postgres for sure
[10:26:18] adammac: how does it compare performance and scalability wise
[10:26:30] krz: both have their merits
[10:26:30] jrobeson: validation testing ftw..
[10:26:33] adammac: I did actually hear that google uses it in a few of their services which is a good sign
[10:27:03] adammac: jrobeson: Spent the last 2 days doing it, can't get enough!
[10:27:04] krz: go with either. but the consensus around the rails community is postgres
[10:27:26] krz: postgres.heroku.com for dbass
[10:28:01] adammac: postgres is the one that also also for plain text searching or something doesn't it?
[10:28:05] jrobeson: adammac, well i ended up breaking a validation due to redefining my attribute accessor .. it was lame
[10:28:09] adammac: also allows*
[10:28:20] jrobeson: you mean full text search
[10:28:33] adammac: sigh, it's been a long night
[10:28:40] jrobeson: you can full text search on mysql if you use MyISAM, but that means no transactions
[10:28:47] jrobeson: or real foreign keys
[10:29:08] jrobeson: full text search for InnoDB in mysql just came out in recent versions, but hasn't yet made it into mariadb yet
[10:29:12] adammac: I've actually been using the new Boolean mode thing? You know the one I'm talking about?
[10:29:57] jrobeson: however.. most poeple opt for an external system like solr, or lucene .. and using stuff like elastic search
[10:30:06] jrobeson: elasticsearch (all one word)
[10:30:16] krz: +1 elasticsearch
[10:30:28] krz: http://kkovacs.eu/cassandra-vs-mongodb-vs-couchdb-vs-redis good resource for nosql references
[10:30:35] adammac: MATCH (table, rows, here) AGAINST (params[:search] IN BOOLEAN MODE)
[10:30:37] jrobeson: when they really want a full text indexer that is
[10:31:07] adammac: but that's really slow apparently when you have lots of records to sift through
[10:31:07] jrobeson: adammac, however.. with those other systems you can relevance ranking and much better search queries
[10:31:24] adammac: jrobeson: Ohh nice
[10:31:26] jrobeson: you should definitely look into using elasticsearch if you really wanna do that stuff
[10:31:40] jrobeson: being a web developer is hard.. :(
[10:31:54] jrobeson: a full stack web developer anyways..
[10:32:04] adammac: jrobeson: That's for MySQL right?
[10:32:07] adammac: or is it for rails
[10:32:17] jrobeson: i mean.. it's possible access it in rails
[10:32:25] jrobeson: it requires a seperate indexer servie
[10:32:41] jrobeson: you don't search the tables, you search the index
[10:32:51] jrobeson: and the index is built from the tables..
[10:33:06] adammac: Oh nice, it's like a full on solution. I don't get it though, like does it run on ruby
[10:33:16] jrobeson: you can access it in ruby
[10:34:28] adammac: Just looking at the website now, very interesting
[10:37:04] adammac: GitHub, stack exchange, soundcloud, wordpress... Yeah I guess it could be okay :P
[10:54:47] tigris_: alright guys, i'm man enough to know when i stuffed up... missed a where clause on an update and now 25,000 rows all have the same data... i have a backup from an hour ago, but since i only screwed 1 non-important column, replacing the whole DB doesn't make sense... the data is not time critical, so what's the easiest approach to "diff" the data and write a script to create the appropriate updates
[11:06:07] Xeago: tigris_: put it in another database, and update 25k rows reading from the imported db
[11:06:21] Xeago: diffing is probably slower than just overwriting
[11:06:42] Xeago: depending on your dbms you can import just a single table
[11:24:34] Sep1: Hello guys, is there anyone who could help me with nginx configuration? Always when I run "request.remote_ip", I get "127.0.0.1", not my real IP. Here's my setup: https://gist.github.com/anonymous/9078a9402049a59a388f
[11:26:00] tbuehlmann: Sep1, first two google results for me are looking promising: http://stackoverflow.com/questions/6139861/get-the-real-ip-address-of-client-with-rails-and-nginx and http://blog.yasuoza.com/2013/03/31/get-remote-ip-through-nginx-proxy-server-in-rack/
[11:28:44] Sep1: tbuehlmann I found both these pages and went through them, but it didn't help me to solve my issue
[11:29:00] tbuehlmann: did you restart the nging service?
[11:32:05] Sep1: tbuehlmann yes, through "cap unicorn:stop" & "cap unicorn:start"
[11:32:19] tbuehlmann: are you sure that restarts nginx?
[11:32:49] Sep1: tbuehlmann is there any other way to do that?
[11:33:27] tbuehlmann: I don't know what these tasks do, but I assume they only restart your webservers and not the nginx which is in front
[12:28:16] lxsameer: hey guys, I want to create a gem from my most used parts (e.g devise, paperclip and ... configurations) of my app to use in future apps too. should i use an engine ?
[12:28:25] lxsameer: *create an engine ?
[12:36:00] Stalkr_: Have anyone read the Rails Tutorial book?
[12:37:12] sevenseacat: however if youre having problems with it, we dont have to have read it to help.
[12:38:21] Stalkr_: Just a question, in section 6.2 I think, he makes a migration "add_index_to_users_email". He explains we need to add an index to emails so we can look it up. He then compares it to a book, the index in the end with all the words, but I don't really understand what the index does
[12:39:07] Stalkr_: Is it just something Rails handles for us? Look for the email "foo@bar.com", it finds the right column and find the email right away?
[12:39:19] sevenseacat: indexes are a database thing to help look up records more efficiently
[12:39:53] sevenseacat: if you look up a non-indexed field, the database will actually look through each row individually and it is a lot slower
[12:40:09] Stalkr_: So I do not need to worry how it works, just know that it does by looking up things faster?
[12:40:40] sevenseacat: right. if you're querying by any given field (ie. looking up users by email) or joining things (eg for associations), use indexes
[12:41:45] Stalkr_: I understand most of the book so far (I will of course have to look things up multiple times when I am done), but I don't really understand models/databases yet
[12:42:16] Stalkr_: What 'rake db:migrate' does exactly, the schema file, the ActiveRecord etc
[12:42:36] Stalkr_: So index just confused me, but I will just let it do its thing then
[12:43:17] sevenseacat: well databases are entirely separate topic, rails just provides activerecord which is an ORM (object-relational mapper) to map database table rows into Rails objects
[12:44:00] tbuehlmann: Stalkr_, no problem, that's what most rails devs do. just keep in mind: if you search for records using specific attributes, consider setting up an index
[12:45:25] Stalkr_: Setting up the index is basically just this line I assume?
[12:45:25] Stalkr_: add_index "users", ["email"], name: "index_users_on_email", unique: true
[12:45:48] Stalkr_: That's in my schema.rb file, after a 'rake db:migrate' if I understood it correctly
[12:46:32] Stalkr_: Yeah, I see rake db:migrate uncomments it after I tried to comment it
[12:46:43] Stalkr_: Oh well, continue I must, see where it gets me. Thanks for the help
[12:47:12] sevenseacat: don't be editing schema.rb directly, it's an auto-generated file.
[12:47:57] Stalkr_: It gets overwritten everytime I do rake db:migrate?
[12:48:07] sevenseacat: it says that at the top of the file
[12:54:36] alex88: hello, I've an association between users and images, user has many images, if I do on my controller current_user.images it returns [] but the query it runs 'SELECT "images".* FROM "images" WHERE "images"."user_id" = 1' actually returns 3 rows...
[12:55:20] sevenseacat: is current_user the User with ID 1?
[12:55:46] tbuehlmann: I bet it's a default user without an id :>
[12:57:34] alex88: nope current user has id 1
[12:57:36] alex88: just printed
[12:57:46] alex88: in fact it queries where user_id = 1
[12:57:54] sevenseacat: so what do your models look like?
[13:00:05] alex88: http://pastie.org/8397060
[13:00:32] alex88: image has a field user_id
[13:01:00] sevenseacat: so if you play around in the console, what happens when you do User.find(1).images ?
[13:01:45] alex88: mmhh it finds the images
[13:02:24] alex88: let me try restarting the server
[13:02:47] alex88: damn sorry sevenseacat, now it works
[13:03:27] alex88: ACTION facepalm
[13:08:39] lxsameer: which one is better for a gem collection (including devise and some gems with their confs) isolated engine, or non isolated engine ?
[13:08:45] sergicles: hi all. going through rails installation tut??? could someone explain what this means "echo 'BUNDLE_PATH: vendor/bundle' >> ~/.bundle/config" specifically, does that mean that all gems will be installed relatively to the project in vendor/bundle inside project directory and globally if run from ~ or something?
[13:28:56] sergicles: *bump* hi all. going through rails installation tut??? could someone explain what this means "echo 'BUNDLE_PATH: vendor/bundle' >> ~/.bundle/config" specifically, does that mean that all gems will be installed relatively to the project in vendor/bundle inside project directory and globally if run from ~ or something?
[13:34:32] hmpfl: can I somehow use before_create or any other callbacks to achieve a behaviour like this: if [expression] -> finish_creating_the_object else -> stop_create_and_do_something_else?
[13:41:33] hmpfl: is this btw actually a good idea or does this lead to bad design?
[13:52:29] banas: a new mooc called iversity's starting a design course. seems super fun to me! check out https://iversity.org/courses/design-101-or-design-basics?r=a95e1, enroll :D
[14:14:20] gerep: Hi all. I'm using Rails 4 and reading this https://github.com/rspec/rspec-rails I found this: bundle binstubs rspec-core, what is that for? just to run tests via bin/rspec ?
[14:14:45] LiVECrys: Anyone have a page with good instructions for setting up a rails dev box with vagrant on windows?
[14:15:49] bastilian: gerep: read mislav's post: http://mislav.uniqpath.com/2013/01/understanding-binstubs/
[14:16:00] gerep: bastilian, thanks :)
[14:16:08] bastilian: you are welcome.
[14:25:35] Stalkr^: Does anyone use Sublime Text on OS X? I often type a blank character that isn't a space for some reason, anyone experienced this too?
[14:26:34] Stalkr^: http://pastie.org/8397183 -- if I delete that char after before it works just fine
[14:30:28] AntelopeSalad: is this https://github.com/plataformatec/responders the only way to dry up flash messages in rails 4?
[14:30:59] AntelopeSalad: i am noticing that my resource controllers end up being very similar and i'm looking for ways to repeat less code
[14:31:28] sevenseacat: its a good way to dry them up.
[14:31:43] sevenseacat: you could write your own responder to do it if you dont like the one in the gem.
[14:32:00] AntelopeSalad: sevenseacat: do you have any documentation/articles covering how to write your own?
[14:32:10] sevenseacat: nope, i use the one in the gem :) im lazy
[14:32:24] AntelopeSalad: i've been googling for topics like "rails 4 dry flash messages", etc. and that gem keeps coming up
[14:32:57] sevenseacat: why dont you want to use it?
[14:33:38] AntelopeSalad: it looked like there was a lot of setup associated to using it
[14:33:56] sevenseacat: uh... add it to gemfile, bundle, run generator?
[14:34:26] sevenseacat: yep, theyre the three steps in the readme
[14:34:43] AntelopeSalad: and then adding a specific line to every controller?
[14:35:00] AntelopeSalad: that would be if you only want the :flash responder
[14:35:11] sevenseacat: it does not say that in the instructions anywhere
[14:35:43] AntelopeSalad: it's right under the 3 steps, the "controller method" section
[14:36:13] sevenseacat: yes, if you want to configure things per-controller.
[14:36:19] sevenseacat: then you would specify things, per-controller.
[14:36:58] AntelopeSalad: i guess the thing that botherered me the most was the respond_to :html line in the application_controller
[14:37:19] AntelopeSalad: isn't that what happens by default?
[14:37:56] AntelopeSalad: and then if you want to respond with json or something else then you either add it as a respond_to , or you do the format.json in the action
[15:39:33] Fuffidish: question, why rake routes doesn't return any prefixes for my CREATE actions?
[15:40:44] bastilian: Fuffidish: what prefixes would you expect? and What does your routes.rb look like?
[15:42:17] Fuffidish: I have one resource nested inside another resource
[15:42:44] Fuffidish: I want to use form_tag create_resourcE_url
[15:43:06] Fuffidish: but there is no helper for create...
[15:43:12] bastilian: Fuffidish: could you post your routes.rb and the output of rake routes somewhere?
[15:44:01] s2013{Texas}: Fuffidish: gist it
[15:44:10] Fuffidish: right on it
[15:44:37] Fuffidish: https://gist.github.com/Fuffi/417b0b79adec18fede40
[15:45:31] bastilian: Fuffidish: post request to price_list_price_list_items_url
[15:45:32] AntelopeSalad: sevenseacat: using responders is the cleanest way to implement the update action? http://pastie.org/8397309
[15:45:54] Stalkr^: Is it safe to git ignore my .keep files?
[15:45:59] sevenseacat: its really up to you to do it how you want to do it. personally i always use responders
[15:46:07] sevenseacat: Stalkr^: that would defeat the purpose of them
[15:46:12] AntelopeSalad: sevenseacat: yeah i am going to use them
[15:46:22] AntelopeSalad: i just want to make sure the update method is the best way to do it using responders
[15:46:30] AntelopeSalad: the top one is with it, and the bottom is without (would never use this again)
[15:46:30] Stalkr^: Hmm, maybe I should check out what they do
[15:46:51] bastilian: Fuffidish: sorry, should have poped into my head earlier. there is now create_*url because rails uses restfull URL it determins certian actions based on the HTTP-verb
[15:46:58] AntelopeSalad: basically i was wondering if there was a way to get that to fit into a 1 liner while still being very clear/readable
[15:47:10] sevenseacat: Stalkr^: because you cant add empty folders to git repositories, they are added as dummy files so that you can add the folder.
[15:47:27] sevenseacat: AntelopeSalad: no, there's no way to condense that any further.
[15:47:28] Fuffidish: thanks bastilian, I will try
[15:47:36] AntelopeSalad: sevenseacat: ok thanks
[15:47:40] Stalkr^: sevenseacat: Ahh, makes sense. Thanks
[15:47:58] sakshi: Could somebody give a look at http://stackoverflow.com/q/19291882/2248672 ?
[15:48:12] Fuffidish: bastilian: it tries to link to show action..
[15:48:35] sevenseacat: Fuffidish: you arent using the right HTTP method.
[15:48:52] Fuffidish: I use post..
[15:49:06] Fuffidish: = form_tag quotation_quotation_item_url(@quotation), method: "post" do
[15:49:31] sevenseacat: that will not submit to a show action.
[15:49:46] sevenseacat: a show action is a GET action.
[15:49:49] Fuffidish: somehow it does :/
[15:49:56] sevenseacat: got some logs or something to verify it?
[15:50:10] Fuffidish: No route matches {:action=>"show", :controller=>"quotation_items", :id=>nil,
[15:50:34] helpa: http://gist.github.com - Put your codes online with pretty syntax highlighting and the ability to embed it into other pages.
[15:51:25] bastilian: Fuffidish: remove the @quotation
[15:51:35] Fuffidish: bastilian: it is required it seems
[15:51:46] Fuffidish: sevenseacat: ok thanks don't worry I will figure it out
[15:52:20] Fuffidish: it seems the solution was: = form_tag quotation_quotation_item_url(@quotation, @quotation_item), method: "post" do
[15:53:29] AntelopeSalad: sevenseacat: for custom actions that have custom flash messages you're stuck having to use redirect_to instead of respond_with right?
[15:54:01] sevenseacat: if you're using the responders gem, you read the docs where it talks about custom flash messages
[15:54:38] sevenseacat: https://github.com/plataformatec/responders#flashresponder
[15:54:56] AntelopeSalad: sevenseacat: yeah but what if the definition of success needs to be custom?
[15:55:35] AntelopeSalad: example... https://gist.github.com/anonymous/6951588
[15:56:51] sevenseacat: well validate: false is a massively large code smell but anyway
[15:57:30] sevenseacat: i really dont like much about that code
[15:57:58] AntelopeSalad: i think i used validate false there because if the condition validates to true then it's 100% guaranteed to be valid
[15:58:14] AntelopeSalad: and running the validator against 100 posts that are guaranteed to be valid seemed wasteful
[15:58:57] AntelopeSalad: i'm definitely interesting in hearing alternatives tho
[16:00:34] sakshi: I am facing some ActionView::Template::Error (undefined local variable or method http://stackoverflow.com/q/19291882/2248672 Any help?
[16:02:24] sevenseacat: AntelopeSalad: https://gist.github.com/karpah/6951597 there are still problems because if params[:category] isnt set, your code is going to go to hell
[16:02:37] sevenseacat: i dont even know what .presence does
[16:02:58] AntelopeSalad: i think it sets it to nil in the case it isn't set
[16:03:14] AntelopeSalad: i say "think" because workman3d (or whatever his name, the really informative guy) helped me spruce it up
[16:03:26] sevenseacat: hes a smart guy
[16:03:46] tbuehlmann: workman3d :DD
[16:03:52] sevenseacat: close enough :P
[16:04:03] tbuehlmann: he'd like that
[16:04:10] AntelopeSalad: seanmarcia: i also can't use update_all because i'm depending on quite a few callbacks
[16:04:55] sevenseacat: the code smells, they get worse
[16:04:58] AntelopeSalad: the funny thing is i have an _optimized version of the method that is the exact clone of your gist
[16:05:22] AntelopeSalad: i am just not using it because i haven't figured out how to bulk update the elastic search index without callbacks
[16:06:03] sevenseacat: those kinds of issues are always fun
[16:06:49] AntelopeSalad: but in the case of custom methods like this, i can't really do much with the responder gem right?
[16:07:00] sevenseacat: personally (not saying its the best way but ive done this in the past) i'd just write a custom method in the model to handle the updating/reindexing - thats really nothing to do with the controller
[16:07:02] AntelopeSalad: at best just define it in the yaml file and use that rather than hardcore it in the action
[16:07:10] AntelopeSalad: but still use redirect_to?
[16:07:30] sevenseacat: well the responders stuff is designed for working with restful controllers
[16:07:34] AntelopeSalad: yeah that's another good point, i was going to tuck away most of that logic into a model at some point
[16:07:37] sevenseacat: you're going outside the mold here
[16:08:51] AntelopeSalad: i was a bit concerned with the article count being in the flash msg using the yaml way because it looked like you could only set 1 custom value from the readme
[16:12:16] SkramX: AR question. I have Sponsorship.joins(:sponsor_model).joins(:meeting) working. I want to join one more table on. meeting_info is a has_one of meeting. I'm not sure how to do this though
[16:17:21] SkramX: anyone around for a associations question?
[16:27:14] tbuehlmann: SkramX, I'd try something like this: Sponsorship.joins(:sponsor_model, meeting: :meeting_info)
[16:27:39] Hates_: SkramX: see multi level http://guides.rubyonrails.org/active_record_querying.html#using-array-hash-of-named-associations
[16:42:52] lxsameer: can i mount a mountable engine to / and use /blog along side with it ?
[16:49:52] michael_mbp: lxsameer: /blog would be delivered by the engine in that case?
[16:50:45] michael_mbp: I really can't see a practical usecase for mounting an engine on '/'
[16:50:48] lxsameer: michael_mbp: no, but engine will use /
[16:51:19] lxsameer: michael_mbp: for example a blog engine in a root url
[16:51:36] michael_mbp: then you mount the blog engine at '/blog'
[16:51:48] michael_mbp: '/' should be kept for your top-level app
[16:55:00] jmoreira81: Where do bundles live in RoR?
[16:56:50] julianodasilva: Hello folks! I'm new to RoR and this community!
[17:01:55] jmoreira81: Where does a bundle live? which directory?
[17:02:07] michael_mbp: if you vendored it, in vendors
[17:02:46] jmoreira81: oh gotcha??? Thanks!
[17:06:19] epicbig: I'm using the rails.vim plugin. Does anyone know if there's a way to navigate to a partial directly from the calling file?
[17:08:11] jmoreira81: when i run bundle install --without production, what does that do?
[17:08:34] michael_mbp: see in your .bundle dir, there'll be a file
[17:09:10] michael_mbp: that tells bundler to ignore all gems in your 'production' group; typically you'll be doing --without development, test
[17:09:16] michael_mbp: on a production deploy.
[17:27:17] michael_mbp: epicbig: try Ctags.
[17:30:40] rdev5: What is the industry standard or more robust means of mitigating this scenario: User A logs into a site and gets an encrypted cookie (e.g. user_id). User B gains access to User A's cookie value somehow, copies the cookie to their computer, and is now able to impersonate User A because they're using the same cookie value, even though it's encrypted.
[17:31:51] rdev5: Is it device based restriction, or?
[17:34:31] michael_mbp: rdev5: typically there's a TTL on the session or cookie lifespan
[17:34:36] michael_mbp: see https://www.coffeepowered.net/2013/09/26/rails-session-cookies/
[17:36:49] michael_mbp: rdev5: and http://guides.rubyonrails.org/security.html
[17:37:02] patie: any ruby library for cpanel api ?
[17:37:14] michael_mbp: the former is far more recent.
[17:37:56] rdev5: so expiry is the best way to prevent this?
[17:39:15] michael_mbp: rdev5: you could send mails to users each time they 're-login' via an old cookie
[17:39:32] michael_mbp: and/or if the TTL has been say greater than a week.
[17:39:47] michael_mbp: plus allow that user to kill that session via a link in the mail.
[17:40:07] michael_mbp: but the best solution, as per the article is HTTPS-cookies
[17:41:02] rdev5: so in our application, we have a cookie that is issued to the user which expires in 4 hours
[17:41:30] michael_mbp: well in 4 hours they'd have to 'log back in'; can become a bit annoying hmm.
[17:41:44] drocsid: I'm trying to create a ruby application e.g. rails new demo, and I keep getting Errno::ENOENT: No such file or directory An error occurred while installing GEMNAME and Bundler cannot continue. Where GEMAME is the name of some ruby gem. I then remove the demo directory and gim install RUBYGEM, but I have to keep going through this process over and over agin for each new GEMNAME. How can I make it so rails installs the gems automagically?
[17:41:46] rdev5: we actually try to add an extra layer to that by storing that same value in memcache, such that if it's not found in memcache, it invalidates their cookie and logs them out as well
[17:41:56] rdev5: yes, but that's intended by design, for now at least
[17:42:08] michael_mbp: that's a nice idea; I was thinking of something similar with redis.
[17:42:18] jmoreira81: So I'm following the railstutorial.org here http://ruby.railstutorial.org/chapters/a-demo-app#top
[17:42:22] jmoreira81: Trying out the demo app
[17:42:44] michael_mbp: just make sure you don't store anything via AR; that's slow as molasses. memcache/redis, you're good to go.
[17:42:51] drocsid: If I cannot do that, can I get a list of the gems it needs and install them all at once?
[17:42:53] jmoreira81: but when I run rails server, i don't get the new demo app on localhost, i get the ruby and rails screen from the sample aoo
[17:43:05] rdev5: well we have that implemented now, so aside from HTTPS cookies, in conjunction with forced expiry, what kind of prevention against cookie forgery are we looking at here
[17:43:29] michael_mbp: well it's your 4-hour window
[17:43:42] michael_mbp: that's pretty much the factor now.
[17:43:49] rdev5: basically the concern is if I am somehow able to snatch your cookie value WHILE your logged in, I could do some serious damage, especially if it's an SSO credential
[17:43:55] rdev5: oh really? TTL?
[17:44:01] jmoreira81: never mind. got it.
[17:44:19] michael_mbp: right so they have to use it before that 4hrs is up.
[17:44:25] michael_mbp: and yes, they can cause some damage.
[17:44:36] tbuehlmann: rdev5, you might want to give the user a token which is valid per product/application
[17:44:39] rdev5: I was thinking of something along the lines of like an nonce or CSRF type implementation
[17:45:24] rdev5: tbuehlmann: yeah, though a lot of them are third party and in another language, we just use a common authentication service to initiate the login
[17:45:33] michael_mbp: tbuehlmann: how would the token help with cookie being snatched?
[17:45:54] tbuehlmann: it wouldn't, but you could reduce the extent
[17:46:04] rdev5: IP address wouldn't help?
[17:46:14] tbuehlmann: naw, IP addresses suck for that
[17:46:17] michael_mbp: I'm assuming the token is stored in the cookie ...or?
[17:46:34] rdev5: well initially I was thinking a username/password combination type cookie implementation
[17:46:35] tbuehlmann: somehow encrypted, though
[17:46:46] rdev5: so encrypted user_id cookie and encrypted password cookie (or token)
[17:46:56] michael_mbp: tbuehlmann: doubt that would matter on a replay
[17:47:08] michael_mbp: he's concerned about the same cookie being used on a different client.
[17:47:09] tbuehlmann: the token is valid per session
[17:47:13] tbuehlmann: so you can't replay
[17:47:24] tbuehlmann: yea, as said, it does not help against that
[17:47:44] tbuehlmann: if the cookie is sniffed somehow, you're screwed in general
[17:48:52] michael_mbp: right so https seems like the best way
[17:49:02] tbuehlmann: it has to be, yeah
[17:49:16] michael_mbp: are https certs expensive?
[17:49:31] tbuehlmann: wildcard ones aren't that cheap :)
[17:50:06] thews: they're a lot less expensive now than 6+ years ago
[17:50:31] rdev5: just trying to think
[17:51:12] rdev5: can you elaborate as to why IP addresses wouldn't be suitable as an added layer of security?
[17:51:24] rdev5: to detect if someone from another network is trying to login?
[17:51:37] michael_mbp: not everyone has a static ip.
[17:51:46] rdev5: right but we're talking a 4 hour max session
[17:51:56] thews: IP addresses are a good thing to look at for security, especially if you know exactly where traffic is supposed to be coming from
[17:52:06] michael_mbp: what's to say their 'dongle' disconnected?
[17:52:11] thews: if you have firewall logs / graphs you can absolutely track those things
[17:52:27] tbuehlmann: at work we have two wires, which switch as they like. when I hit your url, it might happen with two different IP addresses
[17:52:31] thews: and yeah I invalidate sessions if the same session tries to start from another IP
[17:52:35] rdev5: well, the other aspect is that I would assume cookie snatching would be easier done on the same network vs externally?
[17:52:39] michael_mbp: true, for example you won't expect him to login from china in under a certain amount of time...
[17:52:54] rdev5: if that's the case, we are hosting our apps in-house, and have people logged in internally, REMOTE_ADDR should actually return their internal LAN IP
[17:52:59] thews: tbuehlmann: if you don't have session stickiness from your routing layer, you're doing it way wrong
[17:53:00] rdev5: which would work
[17:53:51] tbuehlmann: thews, don't have anything to do with it and can't tell more about it. just saying that IP addresses change de temps en temps
[17:54:02] thews: tbuehlmann: that means stuff is setup wrong :D
[17:54:12] tbuehlmann: I understood you
[17:55:24] thews: https unless you have a very elaborate enterprise cache cluster, can't handle the source changing in the session
[17:55:52] thews: ssl / tls
[17:57:23] rdev5: okay so cookies over SSL
[17:57:38] rdev5: my application must enforce SSL (or none at all), and only then query cookies stored on the client
[17:58:10] rdev5: that + TTL + a moderate form of IP address association with the currently authentication
[18:01:35] thews: rdev5: I also do things like role checks, and if people are trying to access stuff they shouldn't I invalidate their session
[18:02:22] tbuehlmann: thews, you must have trust in your applications :)
[18:02:54] thews: I work with patient and court data
[18:03:51] thews: better safe than sorry, I also have the app send an email for a bunch of things that I consider suspicious
[18:04:25] thews: if people find a form or link to use and start trying to increment ids to see stuff they shouldn't, they get outted
[18:05:07] thews: I also do IP whitelists for certain things to be accessed
[18:05:38] rdev5: thews: the discussion we're having here is mitigation of someone physically snatching one or more cookies and using that to essentially hijack and impersonate someone else's session and have access to their resources and control panel UI (e.g. email, change password, tamper with data, etc)
[18:06:10] rdev5: thews: if I somehow am able to snatch your cookies while you're logged into your application and you have an active cookie, what prevents me from using that to impersonate you?
[18:06:42] QKO: a salted key that belongs to the original user's IP?
[18:06:47] thews: rdev5: I use an extra token, passed in from forms, non cookie, and IP
[18:07:47] rdev5: thews: isn't that CSRF though?
[18:08:12] tbuehlmann: out for now, baba!
[18:08:16] thews: rdev5: I use CSRF too, but I use the extra tokens outside of those forms too
[18:08:27] rdev5: thews: care to elaborate?
[18:08:39] rdev5: I don't know what "using extra tokens" means
[18:08:48] michael_mbp: he sends an additional token
[18:09:04] michael_mbp: check how CSRF protection works in Rails, you'll understand then.
[18:09:08] thews: binding it to urls or forms in links, submits, etc.
[18:09:26] thews: and making the token change over time
[18:09:48] rdev5: how is that token issued? and would it be issued to someone with my cookie?
[18:10:24] CBO: Would anyone like to earn some stackover flow points for what's probably a super easy question
[18:10:27] michael_mbp: I'd assume a base controller would handle setting up the token
[18:10:31] thews: generated on the server side, then add it to the params on inputs
[18:10:55] CBO: I did a rake db:rollback
[18:11:10] CBO: and lost my users table instead of something else
[18:11:26] michael_mbp: check your migration
[18:11:35] thews: ACTION has to get some outside work done, storm messed up fence last night
[18:11:41] michael_mbp: rake db:migrate:status
[18:13:09] CBO: Yea it's gone
[18:21:03] CBO: If I accidentally dropped a table with rake db:rollback, so now in my timestamp_sorcery_core.rb, I see a def self.down (drop_table) :users, that means I need to remake my table right?
[18:22:12] rdev5: TTL is used to mitigate session fixation for the most part?
[18:22:26] rdev5: (e.g. brute forcing known cookie value formats/strings)
[18:42:17] n_blownapart: hi kindly explain these routes -- the difference between line 6 and 7 ( 7 commented out)... and why line 6 doesn't work; thanks: http://pastie.org/8397566
[18:43:14] n_blownapart: sorry that is why line 7 doesn't work ^^
[18:46:32] jmoreira81: Can anyone explain generate scaffolding for me? I'm trying to understand what happens behind the scene and how/what invokes.
[18:48:41] jmoreira81: Got an error: "Could not find jbuilder-1.0.2 in any of the sources"
[18:48:56] jmoreira81: when running rails generate scaffold Micropost ...
[19:01:48] t27duck: ugh... why does alias_method_chain always feel so dirty
[19:02:56] t27duck: I always feel like if I have to use it, I'm doing it wrong
[19:02:59] gamafranco: I'm on Rails 3.2.13, and for some reason AR is trying to insert nulls on a decimal column with :default => 0.0. Anyone had this issue before?
[19:03:35] t27duck: when you made the migration for that column, did you set :null => false, :default => 0.0?
[19:03:51] gamafranco: This is on schema.rb
[19:03:52] gamafranco: t.decimal "latitude", :precision => 20, :scale => 15, :default => 0.0, :null => false
[19:04:18] gamafranco: trying with 3.2.14 now
[19:04:43] toertore: t27duck: because most of the time it is wrong
[19:04:45] gamafranco: hope it's not a PEBCAK
[19:04:56] t27duck: toertore: sad, but true
[19:05:02] t27duck: ACTION does the walk of shame
[19:05:23] gamafranco: same stuff with 3.2.14
[19:05:26] t27duck: gamafranco: in your db's console, when you describe the table, is it showing the null and default settings on that field?
[19:05:37] gamafranco: let me check
[19:06:13] gamafranco: but the INSERT that the server is doing has NULL in those fields. I confirmed
[19:06:38] gamafranco: on mysql, the default value for the column is 0.000000000000000
[19:06:47] gamafranco: and NULL is set to NO
[19:07:26] t27duck: ok, in rails c when you says YouModel.new, does latitude get set to nil?
[19:07:31] t27duck: *YourModel
[19:08:00] t27duck: so the migration is right, mysql is right, let's see what ActiveRecord says
[19:08:04] gamafranco: no, i's a bigdecimal
[19:08:12] AntelopeSalad: does anyone know of any large open source rails apps that are using a current version of minitest/the default rails 4 testing setup?
[19:08:13] t27duck: so ActiveRecord is setting the default correctly
[19:08:22] AntelopeSalad: all i could find were some from like 2-3 years ago
[19:08:25] gamafranco: let me check the controller of the api
[19:08:29] t27duck: gamafranco: then i'd check the controller
[19:08:40] t27duck: gamafranco: and also the view
[19:08:49] t27duck: and maybe the model validations
[19:09:14] gamafranco: let me check what the iPhone is sending
[19:09:37] gamafranco: OK, this is on the params: "latitude"=>"",
[19:09:47] t27duck: if iphone is sending nil, then that's what ActiveRecord is going to assign that value to. you would need a presence => true validation on your model
[19:10:03] gamafranco: so, if latitude is an empty string, when I do Molde.new(params[:model]), the latitude should be set to 0, not null
[19:10:22] t27duck: gamafranco: it will set it to whatever you give it
[19:10:24] gamafranco: the iPhone is sending an empty string
[19:11:01] t27duck: if you want blank to be 0, then that would either have to be on the controller (icky idea) or a before_validation on the model (still icky) or have the iPhone actually send 0 instead of ""
[19:11:29] t27duck: either way, you should still have a presence validation on the model to protect against "" and nil
[19:12:48] gamafranco: t27duck, thanks for the help
[19:14:05] _br_: Does anyone have a Twitter & Facebook strategy for Warden which works on e.g. Sinatra?
[19:23:23] s2013{Texas}: any review gem someone recommends?
[19:40:32] youngblood: Hi, I'm having this asset precompilation error with ExecJS. But as with http://stackoverflow.com/questions/8692666/rails-3-1-possible-bug-in-asset-pipeline-and-uglifier -- ExecJS just won't tell me which line of my JS file we're talking about.
[19:40:57] youngblood: Is there any way to find out other than manually cutting out bits and pieces until things finally precompile again?
[20:00:43] tpayne84: using Rails 4: if I create a nested through relation with a depth of 2 (game.. has many players, has_one board, has_many squares through board ??? and a player has_many squares through game ??? the player to square relation is nested by 2 through associations)??? anyway my question is, in my migrations do I need to create a Relation (aka Join Table) in order to make this work, or is it part of the magic of rails
[20:04:37] helpa: tpayne84: Why don't you try it and find out for yourself?
[20:04:37] workmad3: tpayne84: !try ;)
[20:06:05] tpayne84: helpa: I have rebuilt a game about 4 times now, as I figure out better ways to do it??? I am trying to plan out my most current revision of the model and was wondering what is the best route to go.
[20:08:35] tpayne84: helpa: I am finding that the @model.build(params) (and after doing the rails tutorial by M. Hartl I would assume that the Join tables are needed) are referenced as the way to do it for many similar questions in forums??? but I wonder if that is deprecated in rails 4
[20:09:09] helpa: tpayne84: I AM A ROBOT. DO NOT DIRECT MESSAGES AT ME OR WHEN MY KIND RISES UP YOU WILL BE THE FIRST TO GO. Love, helpa.
[20:09:09] workmad3: tpayne84: !auto
[20:11:32] tpayne84: workmad3: i assume that the !try is saying I am not trying to figure this out on my own? not sure about the !auto??? I assure you I am, but most of the examples and forums reference the model and controllers only, not the actual DB or migrations
[20:16:47] workmad3: tpayne84: the point is that you have an idea... 2 level has many :through
[20:16:54] workmad3: tpayne84: and you're wondering if you need another table
[20:17:00] workmad3: tpayne84: so why not try things, see if you need it or not?
[20:19:38] AntelopeSalad: hey guys, i'm trying to teach myself to test properly -- am i on the right track? https://gist.github.com/anonymous/6954459 , any tips/pointers to improve the tests / dry things out / etc.?
[20:20:08] tpayne84: It seems like I will have to??? though I had hoped someone could point me in the Best Practice way??? I know i can make it work both ways??? I think one will be in vain, as it will not be the proper way to build.
[20:24:18] tpayne84: workmad3: ??? I see I am talking to a bot??? ??? from tips.sql line 55 try Why don't you try it and find out for yourself?
[20:40:56] Celsian: Hi people, I'm having a hard time working out how to go about this: I'm writing an app that tracks inventory for devices. I would like to be able to attach a device to a student via a reference. I already have the model's setup properly, but I'd like to be able to search a device and associate it with a student all from the student show page. Any pointers on how I can achieve that?
[20:41:32] rhizome: what do you mean?
[20:42:08] Celsian: From the show page of the student, I'd like to be able to search the devices db and list the results on the show page with an "Add" button next to each device.
[20:42:36] rhizome: ok, use a form
[20:43:24] Celsian: I've written the search form, it works, but integrating it into the student show page is where I'm having trouble.
[20:43:46] rhizome: describe the trouble
[20:43:58] rhizome: much easier to start here than "any pointers on this general idea?"
[20:44:53] Celsian: I enter my search value on the Student Show page, press submit, the page then redirects me to /devices/search instead of taking me back to the student show page & displaying the results. I'm assuming my route is wrong.
[20:45:02] Celsian: or I'm redirecting improperly. Not sure which
[20:46:57] rhizome: does your search action have a redirect line?
[20:49:38] rhizome: can you tell us what it is?
[20:50:13] digitalcake: does anyone know of a gem that will catch exceptions and save them as github issues?
[20:50:22] Celsian: redirect_to student
[20:50:41] Celsian: where student is passed into the search action
[20:50:50] digitalcake: I would like to automate github issues based on errors from the rails app. Maybe a cool idea for a new gem
[20:51:05] bastilian: digitalcake: let me google that for you: https://github.com/dockyard/party_foul
[20:51:06] rhizome: Celsian: what exactly is 'student' and how and from where are you passing it?
[20:51:34] digitalcake: bastilian: I did look it up before I came here fyi
[20:52:23] digitalcake: thanks for the link
[20:53:00] haukur: I have a page I want users to fill out and redirect all users to it until they've done so (post-registration setup). I did it by adding a before_action, but it doesn't seem to be optimal...
[20:53:05] haukur: Is there another way?
[20:53:32] rhizome: "before_action" isn't a thing
[20:54:18] haukur: what do you mean?
[20:54:44] rhizome: i mean you can use actual Rails terms for what you're actually doing
[20:55:52] haukur: Yeah, of course... sorry. I just added a function that's being called on every page load that redirects to another page under a condition
[20:56:03] haukur: And that seems stupid, but I can't think of another way to do it
[20:56:25] workmad3: haukur: you mean you don't like having to add a call to 'before_action' in all your actions?
[20:56:59] haukur: workmad3: yes... but I DO want ALL pages to redirect to it, so I guess it must be done
[20:57:08] Celsian: @rhizome After writing out my explanation I found a glaring mistake, one moment please. Thanks.
[20:57:27] workmad3: haukur: you've never encountered a controller 'before_filter' in rails? :P
[20:57:47] rhizome: if you want something to be checked on every page load, you have to check it on every page load
[20:58:18] haukur: uh, I am using before_action/before_filter, it's not code duplication that's the problem, I just find executing that code on every page load to be suboptimal since 99% of the time it shouldn't be required
[20:58:44] haukur: I'll just see if I can solve the problem in another way
[20:59:56] workmad3: haukur: is it a check for authentication by any chance? :)
[21:00:25] haukur: workmad3: it's related, it's to check if the user has finished setting up some details for the account
[21:00:53] workmad3: haukur: if it's not sensitive info, you could always cache the result in the session
[21:01:08] workmad3: haukur: which would allow you to redirect based on session info rather than a db call
[21:01:34] haukur: workmad3: AH, great idea, thanks!
[21:02:10] workmad3: haukur: and thanks to HMAC signing in rails pre-4 (and encrypted sessions in rails 4) you can be pretty confident that the user can't just alter their session ;)
[21:02:52] haukur: workmad3: It wouldn't pose a threat of any kind if it did (in this case), but that's great to know
[21:12:36] diggitydane: asset pipeline question. I have multiple manifest files, like admin.js website.js, etc. they compile fine locally in production, but with heroku/asset_sync (to S3), it always uploads the manifest file as is (//= require jquery ... etc.)
[21:12:58] diggitydane: i can't tell if it's failing silently or what's going on
[21:14:43] diggitydane: these are the ways I've tried to set config.assets.precompile ...
[21:14:44] diggitydane: https://gist.github.com/anonymous/6955000
[21:30:38] rhizome: sounds like a heroku thing
[21:34:39] bastilian: diggitydane: do you see anywhere when deploying that the rake task is executed to compile them?
[21:35:00] n_blownapart: hi kindly explain these routes -- the difference between line 6 and 7 ( 7 commented out)... and why line 7 doesn't work; thanks: http://pastie.org/8397566
[21:37:03] bastilian: diggitydane: did you take a look at this: https://devcenter.heroku.com/articles/rails-asset-pipeline
[21:46:59] diggitydane: bastilian: yeah, i've read every article that they have. yes, it shows that asset precompile is successful, and AssetSync successfully uploads them to S3
[21:47:58] diggitydane: even when I strip it down to one manifest (website.css) it uploads it as a blank file to S3
[21:55:39] FallLine: is it possible to modify the params object in, say, application controller (before filter) so that the various other controllers receive the modified copy of params ?
[21:58:04] FallLine: how, pray tell? :P
[22:01:35] helpa: Why don't you try it and find out for yourself?
[22:03:26] FallLine: well short of digging through the internals documents, i'm not really sure where to start and, if you know how to do it, you could save me sometime
[22:04:28] FallLine: i mean I have tried some things but it's nothing quite that obvious
[22:06:10] workmad3: FallLine: how do you *think* you would do it? :)
[22:06:21] rhizome: FallLine: just submit the proper params in the first place
[22:07:01] FallLine: it's not that simple
[22:07:24] workmad3: FallLine: also, what have you attempted so far?
[22:08:36] AntelopeSalad: hey workmad3: would you mind taking a look at a gist where i began my adventure in testing to make sure i'm doing it right?
[22:08:54] AntelopeSalad: i'm about to go wild and write hundreds of lines of tests, i want to make sure i have a good base to follow
[22:09:21] FallLine: well i've tried creating a HashWithIndifferentAccess and setting params directly (no dice), also setting the request.env of action_dispatch.request.parameters, etc
[22:09:23] workmad3: AntelopeSalad: if you're planning on just churning out hundreds of tests in a cookie-cutter fashion then no... you're not doing it right ;)
[22:09:48] rhizome: FallLine: describe the not-so-simple part. why do you have to do this?
[22:09:49] AntelopeSalad: yeah i know, i coded first and i'm testing later
[22:09:56] rhizome: FallLine: google "xy problem"
[22:10:02] workmad3: FallLine: ah, so what you want to do isn't modify the params object, you want to replace it with your own version
[22:10:03] AntelopeSalad: and "later" is now, so i spent half the day reading test guides/tutorials
[22:10:35] Freedom_: is there an easy way of saving ids of "related records" in a single field without using association table? Say I have a post which has_many related_posts and I'd want to manage (save/update/...) related posts by simply storing their ids in a field and load records when needed?
[22:10:39] workmad3: AntelopeSalad: then you're ready to write your first few dozen poor tests as a learning experience ;)
[22:11:10] AntelopeSalad: workmad3: yep and i have, i wanted to see if you had any advice on the strategies i took to testing
[22:11:15] rhizome: Freedom_: wat
[22:11:25] AntelopeSalad: workmad3: if you get bored https://gist.github.com/anonymous/6954459 , i'd really love your feedback
[22:11:53] FallLine: because i'm upgrading an obsolete plugin in a large app but the replacement provides the params in a different format (nests it inside of params[:data][0] and I don't feel like modify those references in a ton of other controllers
[22:12:00] Freedom_: rhizome: i didn't want to create an association table but just store record ids in a field
[22:12:28] Freedom_: rhizome: and i'm wondering if there's a rails magic function to do that
[22:12:41] rhizome: Freedom_: sure. your relevance engine would maintain the list, then you can grab the objects separately
[22:12:57] workmad3: FallLine: rather than trying 'params = some_new_hash' did you try 'params[:previous_key] = params[:new_key]' to modify instead of replace?
[22:13:27] Freedom_: rhizome: i wanted to check there's not something already baked into rails. Like serialize or something similar
[22:13:39] rhizome: there are serialization methods, sure.
[22:14:00] workmad3: Freedom_: please don't try to recreate associations using serialized fields
[22:14:12] Freedom_: workmad3: that's exactly what i'm asking :P
[22:14:15] workmad3: Freedom_: it *will* cause you pain
[22:15:16] Freedom_: workmad3: so it's better i make myself a coffee and an association table :D i'm obviously a bit mazohistic
[22:15:30] rhizome: associations are your friend
[22:15:41] workmad3: Freedom_: yes... for starters, you can then lean on SQL to filter, sort, query that association to only load the stuff you need
[22:15:58] workmad3: Freedom_: and you don't have to rebuild and monkey patch half of activerecord to get it to play ball :P
[22:16:10] rhizome: oh like that will ever be necessary
[22:16:36] workmad3: rhizome: ok, maybe that amount of change is a bit exaggerated
[22:16:40] workmad3: rhizome: but it wouldn't be pretty
[22:16:45] Freedom_: workmad3: yeah i know. I thought this would be a quick solution - doing it without association tables etc. but i guess you're right. i would loose time as the project goes forward
[22:17:33] Freedom_: workmad3, rhizome: thanks for words of wisdom!
[22:24:00] delineator: experienced programmer here, rails n00b. got some tiny questions
[22:24:21] delineator: any takers would be gladly appreciated
[22:25:08] elshaka: I have a model and when I try to save it .save returns false, .errors.messages is empty and there are no validations. what else could I check?
[22:26:27] ruurd: whats in the logs
[22:27:23] delineator: trying to find better understanding of this syntax: create! { users_path }
[22:27:53] delineator: is the route to users being passed to create as a param??
[22:27:56] elshaka: well when I run in the console my_model.save, it only prints a BEGIN and ROLLBACK message
[22:29:58] workmad3: delineator: not seen that syntax style before
[22:30:26] elshaka: delineator, bro does it even run?
[22:30:32] workmad3: delineator: it would be a good idea to get yourself a grounding in basic ruby syntax btw ;)
[22:31:06] workmad3: (sorry, I meant 'not seen that style in rails before'... the syntax is pretty simply just a block for a method)
[22:32:51] delineator: yeah it runs alright
[22:33:08] delineator: this is contractor code
[22:33:25] delineator: im the new guy
[22:33:32] delineator: time to clean up
[22:34:26] delineator: a block for a method?
[22:35:11] delineator: allow me to be more specific: this is the create method defined in UsersController:
[22:35:15] delineator: create! { users_path }
[22:35:47] delineator: i wondered if its something that renders users_path after finishing the create
[22:39:02] elshaka: the controller inherits from ApplicationController?
[22:43:27] elshaka: well check application_controller.rb
[22:45:29] Celsian: I'd like to pass 2 variables with a link_to like this: link_to "Add Device", associate_path(device, @student), what should my routes look like so that I can identify each param?
[22:45:56] delineator: ive looked at it plenty
[22:46:00] delineator: theres barely anything in there
[22:46:40] delineator: it looks like that code is a proc?
[22:49:39] jb41: what I've to do to query object in rails console, when I'm using Mongoid?
[22:50:07] jb41: I've empty arrays when I do User.first.posts, but it's not empty for sure
[23:08:54] ARMIGER1: If I'm already testing models, requests and routing, do I really need to test controllers? I've heard arguments for both keeping and getting rid of controller specs. Do controller specs provide any additional benefit if I'm testing models, requests and routing?
[23:11:47] toertore: ARMIGER1: do you think they provide additional benefit for you?
[23:13:32] jb41: anyone knew how to play with MongoDB in rails console?
[23:14:18] Celsian: Found my answer: link_to "Add Device", associate_path(device, student: @student), I can remove the :format default from my params by reassigning it, in this case it is now student: so params[:student] will return the @student value. Yay.
[23:15:00] delineator: can anyone tell me what create! { some_path } would do?
[23:15:11] delineator: i know what create is
[23:15:16] delineator: but the rest...
[23:23:55] ARMIGER1: toertore: I'm not sure. I mean, they seem to duplicate a lot of functionality of other tests.
[23:34:23] drocsid: I want to add a route to an existing application. I think I want to do something like route get "say/files" . I've already created the views and added the entries to the controller, I believe I just need to add the route. Can't figure out how to do it though