Sunday, January 27, 2008

Rails Lessons Learned the Hard Way

Things I've learned the hard way in Rails:
  • Layouts run inside views, not the other way round. Set an instance variable in app/views/monkeys/show.html.erb and it will be defined in app/views/layouts/monkey.html.erb but not vice versa.
    • set instance vars in view
      @foo_val = find_foo_val
    • pass variables to partials using
      <%= render :partial => "root/license", :locals => { :foo => @foo_val } -%>
    • use the instance var freely in the layout; it will take the value defined in the view
  • Dump an object for bobo debugging through the console or log:
    $stderr.puts tag_list.to_yaml
  • In a migration, if you define a unique index on an attribute, make sure both the index AND attribute are :unique => true, or else you'll get no uniqueness validation from Rails:
    
   create_table  :monkeys do |t|
     # set :unique here
     t.string :name, :default => "", :null => false, :unique => true
   end
   # if you have :unique here
   add_index :datasets, [:name], :name => :name,  :unique => true
  • If you scaffold a User or other object with private data, MAKE SURE you strip out fields you don't want a user setting or viewing:
    • Set attr_accessible, which controls data coming *in* -- prevents someone setting an attribute by stuffing in a form value.
    • In each view (.html.erb &c) and render method (to_xml), strip out fields you don't want anyone to see using the :only => [:ok_to_see, :this_too] parameter.
    • Set filter_parameter_logging, which controls what goes into your logs. (Logs should of course be outside the public purview, but 'Defense in Depth' is ever our creed.)
    Using the the restful-authentication generator as an example:
    • In the model, whitelist fields the user is allowed to set (this excludes things like confirmation code or usergroup):
      attr_accessible :login, :email, :password, :password_confirmation
    • In the controller file, whitelist only the fields you wish to xml serialize:
      format.xml { render :xml => @user.to_xml(:only => [:first_name, :last_name]) }
    • Obviously,In the show.html.erb and edit.html.erb strip out fields that shouldn't be seen.
    • In the model file, blacklist fields from the logs:
      filter_parameter_logging :password, :salt, "activation-code"
  • I won't even tell you how often this happens to me: If you edit or install code in a plugin, restart the server.

Labels: , , , , , , , , , , , , , , , ,

Posted by flip at 1/27/2008 07:42:00 PM | | Comments | links to this post

Saturday, September 1, 2007

as3mathlib (formerly WIS math libraries)

I've just imported the WIS mathematics library -- an excellent collection of mathematics routines -- onto Google Code. (You'll find the Actionscript 2 version of the library at its original site)

This library carries a BSD-ish license and includes support for

  • Geometric Objects and Intersection calculations
  • Integral and Differential equation calculations
  • Bezier, Quadric, Polynomial, Complex, Vector and Matrix calculations
  • Symbolic expression parsing

I'm converting the library to Actionscript 3 from Actionscript 2 as time and necessity allow. (That's converting as in getting it to work, and converting as in getting it to be object/pattern oriented). Right now it builds without errors and only a few warnings, but I haven't applied any of the unit tests or checked it for correctness or compatibility.

If you see the value of updating this well-thought out collection of functions, please get in touch and I will add you as a developer. The code is quite modular: it will be straigforward to take modest chunks and get them working independently. I wrote the original author and maintainer, who responded "By all means, continue in the evolution/integration of my library to support AS3" -- but please let me know of any other efforts to update this code, or if a similar or superior math library exists, so that I don't waste my time :).

Email me [flip at the mrflip with the dot and the com] or comment on this post if you'd like to pitch in!

Labels: , , , , , , , , , , , , , , , ,

Posted by flip at 9/01/2007 02:49:00 AM | | Comments | links to this post

Wednesday, July 25, 2007

Emacs modes for Flex

  • Emacs modes for Flex:
    • XML: nXML-mode for Emacs from James Clark Using Emacs for XML documents
    • Actionscript: actionscript-mode.el for editing actionscript files in emacs.
    • At least right now it seems you want this xml mode and this actionscript-mode.el.
    • Then, add 
      (setq auto-mode-alist (append (list
 '("\\.as\\'"   . actionscript-mode)
 '("\\.\\(xml\\|xsl\\|rng\\|xhtml\\|mxml\\)\\'" . nxml-mode)
 ;; add more modes here
 ) auto-mode-alist))

;;
;; ------------------ Magic for XML Mode ----------------
;;

(setq nxml-mode-hook
    '(lambda ()
 (setq tab-width        2
       indent-tabs-mode nil)
       (set-variable 'nxml-child-indent     2)
       (set-variable 'nxml-attribute-indent 2)
       ))
    • You can use M-x customize-group RET nxml-highlighting-faces RET to fix your colors the way you like 'em.
  • Setting up asdoc to work within Flex Builder:
    • First, install ant support (Ant is an offshoot of apache and is like Makefile only more betterer.)
    • Then set up a build.xml in your docs/ directory to build the documentation set.
    • I had to modify mine a bit: I added <property name="Templates.dir" location="${FlexSDK.dir}/asdoc/templates/"/> <arg line='-templates-path ${Templates.dir}'/>
    • I also linked the flex home to a no-funny-characters dir: 
          ln -s "/Applications/Applications/Adobe Flex Builder 2" /work/ProgramStores/Flex
   cd /work/ProgramStores/Flex
   ln -s "Flex SDK 2" FlexSDK
      Then I exported the location for the asdoc file: 
          export FLEX_HOME=/work/ProgramStores/Flex/FlexSDK
      or else I got the error message: 
          Exception in thread "main" java.lang.NoClassDefFoundError: Flex

Labels: , , , , , , ,

Posted by flip at 7/25/2007 04:51:00 AM | | Comments | links to this post