Ruby Findings

I’ve been wanting to write a few web based applications for my iPhone for a while to satisfy a couple of needs. Rails was, of course, my first choice for a back end so I started looking around for a plugin to help with the styling of the web pages so they could take advantage of the iPhone’s WebKit tools.

I first found iUI toolkit. iUI is pretty much a bare bones kit that looks like it will work with just about any web service that will produce HTML. While iUI is definitely workable on rails, it isn’t the plugin for which I was looking. Continuing my search I finally came across web developer, and runner-up in the Bill Gates Look-a-like contest, Noel Rappin’s tank_engine plugin.

tank_engine is a standard rails plugin that provides a subclass of ActiveController and a Helper for producing Views that provide an iPhone like experience. Noel recommends using jRails with tank_engine. The plugin provides some basic output methods via the Helper for rendering toolbars, buttons, lists, rows, links, etc.

I came up with a basic Controller and View to give tank_engine a whirl:

welcome_controller.rb:

class WelcomeController < ApplicationController

  # test_mode => true forces all requests to be considered as
  # coming from an iPhone.  Otherwise the tank_engine Controller
  # will look at the request to see if an iPhone is on the other side
  # or not.
  acts_as_iphone_controller :test_mode => true

  # tank_engine renders lists using an Array of objects.  It expects
  # the objects to expose a caption and url method.  tank_engine
  # provides a ListModel class, but I have not used it yet.
  class ListItem
    def initialize( num )
      @num = num
    end

    def caption
      "Item #{@num.to_s}"
    end

    def url
      "/welcome/#{@num.to_s}"
    end
  end

  # welcome#index
  def index
    @list = Array.new
    for i in 1..5 do
      @list.push( ListItem.new( i ) )
    end

    respond_to do |format|
      format.html        # use index.erb
      format.iphone    # use index.iphone.erb
    end
  end
end

welcome/index.iphone.erb:

<%=
  l = { :caption => 'Home', :url => "/welcome", :html_options => {} }
  r = { :back => true, :caption => 'Back', :url => "/", :html_options => {} }
  te_navigation_bar( r, "Test.app", l )
%>
<%= te_list @list %>

This code generates a single page with a titlebar at the top and a list with five rows.

All things considered, this is pretty straight forward. I’m going work on one of my mini-projects and give tank_engine a better work out. If everything works out, I’ll provide a more complex example.

Time to upgrade your ruby installs. This advisory came out yesterday regarding 5 CVE’s impacting every current ruby release.

Officially impacted versions: 1.8 series

• 1.8.4 and all prior versions
• 1.8.5-p230 and all prior versions
• 1.8.6-p229 and all prior versions
• 1.8.7-p21 and all prior versions

1.9 series

• 1.9.0-1 and all prior versions

Read the advisory for remediation information. Matasano also has a great writeup on the advisory here. Wonder what it would take to blow out the rails params array with this (I’ll leave that to the professionals, I’d rather just patch it and move on right now). Scary stuff!

Update Per comments on the Ruby on Rails blog post you will break your rails install if you upgrade to 1.8.6-p230. And 1.8.7 is only compatible with Rails 2.1. You might want to test out the latest ruby with your app on a dev site before blindly upgrading your production ruby install.

If you want to put a little laugh back into the day, read Zed Shaw’s rant. And yes, there is actually some good info there, it’s worth a read.

"ActsAsSecure adds an ability to store ActiveRecord model's fields encrypted in a DB. When a model is marked with acts_as_secure, the :binary type fields are recognized as needed to be stored encrypted. The plugin does before_save/after_save/after_find encryption/decryption thus making it transparent for a code using secured models.

The plugin supports a master key approach as well as individual records encryption keys. It does not contain any crypto provider but allows to plug in any external one as long as it supports encrypt/decrypt methods."

http://revolutiononrails.blogspot.com/2007/04/plugin-release-actsassecure.html

The site has some other goodies too.

Sometimes you run across neat and interesting libraries when you are reading up on something completely different. Case in point, via another blog, I stumbled on Reliable Messaging with Ruby. This looks to solve a problem I haven’t yet run into, but I know I’ll find a use for it in the future (maybe for a game I’m slowly working on, or a work project). As of today, there haven’t been any commits to the project for two years, but it’s entirely possible there are no bugs (except for the one I found below) and the author considers it feature complete.

Current feature list:

• Simple API.
• Transction processing.
• Disk-based and MySQL message stores.
• Best effort, repeated and once-only delivery semantics.
• Priority queues, message expiration, dead-letter queue.
• Message selectors.
• Local and remote queue managers using DRb.

$ sudo gem install reliable-msg -y

$ sudo queues install disk foo
Created queues configuration file: /Library/Ruby/Gems/1.8/gems/reliable-msg-1.1.0/queues.cfg

$ sudo queues manager start
Loaded queues configuration from: /Library/Ruby/Gems/1.8/gems/reliable-msg-1.1.0/queues.cfg
Using message store: disk
Accepting requests at: druby://localhost:6438

@drb_server = DRb::DRbServer.new drb_uri, self, :tcp_acl=>ACL.new(drb["acl"].split(" "), ACL::ALLOW_DENY)

@drb_server = DRb::DRbServer.new drb_uri, self, :tcp_acl=>ACL.new(drb["acl"].split(" "), ACL::DENY_ALLOW)

$ ruby q.rb
Local: Hello queue master
Queue: Hello queue master

require 'rubygems'
require 'reliable-msg'

world = String.new "Hello queue master"
queue = ReliableMsg::Queue.new 'my-queue'
queue.put world
msg = queue.get
puts "Local: #{world}"
puts "Queue: #{msg.object}"

I’ve read a bunch of conflicting advice on how to use active record models defined in a Rails application from outside Rails.

The following is the result of experimenting with others’ advice plus my own digging around:

require 'rubygems'
require 'active_record'
require '/path/to/rails/config/environment'

This should allow you to use your Rails models just like you would in a Rails controller:

#!/usr/local/bin/ruby

require 'rubygems'
require 'active_record'
require '/var/www/railsapp/config/environment'

m = MyModel.new
m.find_all.each { |row|
  puts row.some_column
}

This is specific to rails 1.2 as I believe Edge Rails has this built in.

There’s been some amount of debate on various blogs on whether packaging up gems in your Rails application is a good choice. In my case, I decided that for me, the deployment convenience (a single application on a single server) far outweighs the maintenance aspects.

I found the ‘gems’ plugin over at techno-weenie.net that does exactly what I want with little effort. It’s a standard script/plugin install and installs a rake task (rake gems:freeze) which takes an argument of the gem you want to freeze. From the README

$ rake gems:freeze GEM=tzinfo

installs the tzinfo gem in vendor/tzinfo-x.y.z (where x.y.z is the version of tzinfo that was frozen). If needed, you can freeze a specific gem version with:

$ rake gems:freeze GEM=tzinfo VERSION=0.1.2

I’m trying to make more and better use out of TextMate for my rails development and have been bitching about having to find the code a rails backtrace points to when my apps blow up. Enter the footnotes plugin. This plugin will give you some links in the footer of your page that allow you to go directly to the controller, view, layout, stylesheets, javascripts, etc in TextMate. It also hyperlinks your rails backtraces so you can go direct to the line of code that’s erroring out.

Note the underlined lines in this backtrace - those are hyperlinks.

To install the plugin just run this command from your RAILS_ROOT.

script/plugin install http://macromates.com/svn/Bundles/trunk/Bundles/Ruby%20on%20Rails.tmbundle/Support/plugins/footnotes

Here’s a quick run-down on the development of multiple initialize methods for Ruby classes: Multiple Initialize Methods.

The author looks at the subject from a domain language idiom perspective. I used the information to provide multiple creation interfaces for a class.

Quick example:

Class Archive
  def Archive.create( archive_name )
    return self.new( archive_name, :create )
  end

  def Archive.open( archive_name )
    return self.new( archive_name, :open )
  end

  def initialize( archive_name, mode )
    # do interesting stuff
  end
end

arch = Archive.open("some_existing_file")
arch = Archive.create("some_new_file")

While working on a rails app a couple days ago, I found myself needing to implement a tabbed interface. I hacked it together, but meant to go back to it later and clean it up. I stumbled upon the tabnav plugin in the meantime. Haven’t had the time to try it out, but based on reading it’s examples and a few blog entries here and there about it, I think it’ll solve my problem very nicely.

Found this nice little rake task to setup your rails app in a new subversion repository over at DZone Snippets the other day.

desc "Configure Subversion for Rails"
task :configure_for_svn do
  system "svn remove log/*"
  system "svn commit -m 'removing all log files from subversion'"
  system 'svn propset svn:ignore "*.log" log/'
  system "svn update log/"
  system "svn commit -m 'Ignoring all files in /log/ ending in .log'"
  system 'svn propset svn:ignore "*.db" db/'
  system "svn update db/"
  system "svn commit -m 'Ignoring all files in /db/ ending in .db'"
  system "svn move config/database.yml config/database.example"
  system "svn commit -m 'Moving database.yml to database.example to provide a template for anyone who checks out the code'"
  system 'svn propset svn:ignore "database.yml" config/'
  system "svn update config/"
  system "svn commit -m 'Ignoring database.yml'"
  system "svn remove tmp/*"
  system "svn commit -m 'Removing /tmp/ folder'"
  system 'svn propset svn:ignore "*" tmp/'
end

desc "Add new files to subversion"
task :add_new_files do
   system "svn status | grep '^\?' | sed -e 's/? *//' | sed -e 's/ /\ /g' | xargs svn add"
end

desc "shortcut for adding new files"
task :add => [ :add_new_files ]