How can I use a bingInt (as string) as a parameter? - ruby-on-rails

So I'm creating a system where a visitor can ask my client for a music composition. The user starts to fill a form with details and such, and when he submits it, it's not yet sent to my client. However, he can get an estimation of the price, and modify his demand if he wants to. After that, He still can submit it one last time, and this time, the estimation is sent.
I don't want to use the default id as a parameter because it would be way too simple to 'parse' other estimations if the url looks ends with /3 or /4. You'd just have to try a few URLs and if it's your lucky day, you'd get to "hack" an estimation that isn't yours. I'm planning to use a cron job to delete these estimations after a while, but I don't want to take any risk.
To avoid that, I decided to use the visitor's session_id as a parameter, on which I removed every alphabetic characters, but still saved as a string in my MySQL 5.7 database so that ActiveRecord would be ok with that. I also changed my routes accordingly, and the result is supposed to be something like
localhost:3000/devis/4724565224204064191099 # Devis means 'quotation' in french
However, when I try to get to this route, I get the following error:
ActiveRecord::RecordNotFound (Couldn't find Devi with an out of range value for 'id')
Here is the relevant part of my controller:
devis_controller.rb
# ...
def create
#devi = Devi.new(devi_params)
respond_to do |format|
#devi.status = 'created'
#devi.session_id = session.id.gsub(/[^\d]/, '').to_s # How I store my parameter
# Latest record returns '4724565224204064191099'
if #devi.save
format.html { redirect_to #devi, notice: 'Devi was successfully created.' }
format.json { render :show, status: :created, location: #devi }
else
format.html { render :new }
format.json { render json: #devi.errors, status: :unprocessable_entity }
end
end
end
# ...
private
def set_devi
#devi = Devi.find(params[:session_id].to_s) # Tried '.to_s', didn't work
end
And here are my routes:
# 'index' and 'destroy' don't exist
resources :devis, only: %i(create update)
get '/devis/nouveau', to: 'devis#new', as: :devis_new
get '/devis/:session_id', to: 'devis#show', as: :devis_show
get '/devis/editer/:session_id', to: 'devis#edit', as: :devis_edit
My question is the following: is there a way to present the :session_id as a string to my controller's params? Or do I have a better option?
Thank you

I think session_id is a int at database, and then is where you should do the change.
change the type of session_id to string and ActiveRecord map session_id as string from then on

Related

Update attachment Rails Active Storage

I have a React frontend backed by a Rails API and I am sending photos to Cloudinary through Active Storage. My settings are standard: I have an Event model with the method has_one_attached :photo, and the POST endpoint '/api/v1/events' is served by the 'Events#create' method with simply #event = Event.new(event_params). I also save an additional column 'url' in the 'events' table in order to display it back whenever needed (and I get it with #event.photo.url (a warning says that 'service_url' is said to be depreciated). I can fetch it (browser's fetch api) and use it in React. That works.
When I edit my form and submit the form with a new photo, then I have to adapt the PATCH query with the following events#update method. I followed the Rails guides that says you should purge and create_and_upload!.
def update
#event = Event.find(params[:id])
logger.debug "..................BEFORE : ..#{#event.to_json}"
if event_params[:photo] || #event.url
#event.photo.purge
#event.url = nil
end
if #event.update(event_params)
if event_params[:photo]
ActiveStorage::Blob.create_and_upload!(
io: File.open(event_params[:photo].tempfile),
filename: event_params[:photo].original_filename,
content_type:event_params[:photo].content_type
)
#event.url = #event.photo.url
end
logger.debug "................AFTER :.. #{#event.to_json}"
render json: {status: :ok}
else
render json: {errors: #event.errors.full_messages},
status: :unprocessable_entity, notice:"not authorized"
end
end
My logs show that this produces an url but no url is sent to React. If I modify other fields in this form, I get the update back in React from Rails. However, the link isn't sent: url: null.
I don't even use Active Job, but used 6.03 and even updated to 6.1. Anyone experienced this?
FI, the params hash contains the following:
"photo"=>#<ActionDispatch::Http::UploadedFile:0x00007fd938f1ecf8 #tempfile=#<Tempfile:/var/folders/11/whcyvzvx3w54zb0n1r0929200000gn/T/RackMultipart20200714-79173-t9s624.svg>, #original_filename="Rafting.svg", #content_type="image/svg+xml", #headers="Content-Disposition: form-data; name=\"event[photo]\"; filename=\"Rafting.svg\"\r\nContent-Type: image/svg+xml\r\n">}
In case of any interest, I found an answer on how to update Active Storage. My model is Event with a column url that contains a Cloudinary link, and the attached active storage object is named photo). Then on a PATCH, firstly purge if needed and then just update the event.url column with the method .url (formerly .service_url) doing:
event.update(url: event.photo.url)
def update
event = Event.find(params[:id])
# purge if a link already exists and the params contain a new picture
if event_params[:photo] && event.url
event.photo.purge
end
if event.update(event_params)
if event_params[:photo]
event.update(url: event.photo.url)
end
render json: event, status: :ok
else
render json: {errors: event.errors.full_messages},
status: :unprocessable_entity, notice:"not authorized"
end
end
The Rails guides seem misleading..

Add children to parent from form constructed via ajax Rails 4

I have the following form:
When the user selects a product from the dropdown, a ajax is triggered to find the inventory of the single product to append the details to a table.
The user can attach a product detail to the order.
Finally I get something like that:
{"utf8"=>"✓", "authenticity_token"=>"xmlzMouWp0QGUnpKeawQ8OCPJ/GlF2bp0kn97ra2Qyb7TgsCkXmJEGD1l/oZitn+VPVJRc8x79/kTUtgbbDr0A==", "order"=>{"customer_search"=>"", "customer_id"=>"2", "product_search"=>"", "order_detail"=>[{"product_id"=>"10", "product_detail_id"=>"13", "price_id"=>"12"}, {"product_id"=>"1", "product_detail_id"=>"8", "price_id"=>"11"}], "subtotal"=>"111990", "tax"=>"0", "comission"=>"0", "total"=>"111990"}, "product_list"=>"1", "button"=>""}
My code to create the order is working, but I can not add the details.
Orders controller
def create
# Creates the order removing the order details from the hash
#order = Order.create(order_params.except!(:order_detail))
# Set all the details into an empty array
order_details_attributes = order_params[:order_detail]
order_details_attributes.each do |order_detail_attributes|
# Fill the params with order_id and creates the detail
order_detail_attributes["order_id"] = #order.id
#order_detail = OrderDetail.create(order_detail_attributes)
end
respond_to do |format|
if #order.save
format.html { redirect_to #order, notice: 'Order was successfully created.' }
format.json { render :show, status: :created, location: #order }
else
format.html { render :new }
format.json { render json: #order.errors, status: :unprocessable_entity }
end
end
end
def order_params
params.require(:order).permit(:customer_id, :subtotal, :tax, :comission, :total, :invoice, :shipping_id, :order_detail, order_details_attributes: [:product_id, :product_detail_id, :price_id])
end
I'm getting this error:
undefined method `delete' for nil:NilClass
order_details_attributes = order_params[:order].delete(:order_detail)
What could be bad? I really need help :(
Thanks!!
order_params doesn't have key :order, it only has keys you specified in permit method when defined order_params. Actually, you don't need to manually create children records, as Rails can do this automatically. Check this out: http://api.rubyonrails.org/classes/ActiveRecord/NestedAttributes/ClassMethods.html
You just need to add accepts_nested_attributes_for :order_details in Order model, fill order_details_attributes param when creating an order (currently you fill order_detail, you need to fix you form for it to be order_details_attributes, because this is one of Rails conventions, or you can use fields_for helper for this). Then you just create Order in standard way, like #order = Order.new(order_params) and #order.save, and you'll get order and order details created together.
This is a really messy thing in Rails. I can only recommend you to read the link I posted and use Google to find some tutorials.
As to the error you get:
undefined method `delete' for nil:NilClass
There is no :order key in order_params. It is in params, but not in order_params, because you called require(:order). So order_params returns only the keys you specified in permit method. But :order_detail will be empty, as you didn't describe it as an array with certain keys (like you did for order_details_attributes).
So, your problem is that you tried to implement nested attributes, but you pass :order_detail instead of :order_details_attributes (hm, but you still have it in strong params) and try to create children relations manually. Don't do this, just use what Rails provides to you.
There are 2 ways:
You continue to use order_detail param. In this case you need to change order_params in controller to look like so:
params.require(:order).permit(:customer_id, :subtotal, :tax, :comission, :total, :invoice, :shipping_id, order_detail: [:product_id, :product_detail_id, :price_id])
(just replace order_details_attributes with order_detail)
Then instead of
order_details_attributes = order_params[:order].delete(:order_detail)
you do
order_details_attributes = order_params[:order_detail]
(you don't need delete here as order_params is a method that returns a hash)
And leave rest controller code as it is now. And you don't need nested attributes, as you don't use it (bad way).
You fully use nested attributes. I described in a comment below how to do this. You also need to tweak you jquery code to generate order_details_attributes instead of order_detail.

What's the difference between using render instead of respond_with/to in a Rails API?

I am building a simple rails tutorial on how to build APIs for some students and I am building it without the respond_to and respond_with because I just want to see if I can build an api without using a gem. This is what I have and my tests pass:
controller:
class Api::V1::SuyasController < ApplicationController
def index
render json: Suya.all
end
def create
render json: Suya.create(suyas_params)
end
private
def suyas_params
params.require(:suya).permit(:meat, :spicy)
end
end
routes:
Rails.application.routes.draw do
namespace :api do
namespace :v1 do
resources :vendors
resources :suyas
end
end
end
tests:
require 'test_helper'
class Api::V1::SuyasControllerTest < ActionController::TestCase
test "index can get all the suyas" do
Suya.create(meat: "beef", spicy: true)
Suya.create(meat: "kidney", spicy: false)
get :index
suyas = JSON.parse(response.body)
assert_equal "beef", suyas[0]["meat"]
assert_equal true, suyas[0]["spicy"]
assert_equal "kidney", suyas[1]["meat"]
assert_equal false, suyas[1]["spicy"]
end
test "create can create a suya" do
assert_difference("Suya.count", 1) do
create_params = { suya: { meat: "beefy", spicy: true }, format: :json }
post :create, create_params
suya = JSON.parse(response.body)
assert_equal "beefy", suya["meat"]
assert_equal true, suya["spicy"]
end
end
end
What's the difference between using render vs respond_with? I can't find any answers. Is there even something that I am doing wrong? Why are there two ways to create APIs (respond_to/respond_with AND this way?)
-Jeff
render is part of Rails and it just renders whatever you say in whatever format you say. Typically a view, possibly a string, possibly a file.
A pretty low-level function that renders whatever you say making a few assumptions per conventions, like where to look for a view.
respond_to is a micro-DSL that allows you to respond differently to different formats being requested.
I. e. in a block with |format| call to format.json requires a block that will be executed on requests for JSON, otherwise will be a no-op (no operation). Also, if respond_to didn't execute any block, it responds with a generic 406 Not Acceptable (server cannot respond in any format acceptable by the client).
While it is possible to do if request.json?, it's not so readable and needs to explicitly specify when to respond with 406.
respond_with, formerly part of Rails, now (since 4.2) in a separate gem responders (for a reason), takes an object and uses it to construct a response (making a lot of assumptions, all of them can be given at controller declaration).
It makes code much shorter in typical use cases (i. e. some APIs). In not-so-typical use cases it can be customized to suit your needs. In highly unusual use cases it's of no use.
I may be overly simplifying things, it's a general overview.
There are two things :)..render and respond_to.
Render is used to create a full response and sends it back to the browser.
So render is used in respond_to ,to make your action very responsive for every call whether it can be js/ajax call,full page load(html),json(to show autosearch dropdown,tokens) or xml.So if i want my method to work and respond to every calls from client,i will use the below block in my action.
respond_to do |format|
format.html { redirect_to(person_list_url) }
format.js {render "show_person_details"}
format.xml { render :xml => #people.to_xml }
format.json { render json: #people}
end
above controller will work on every scenario,such as js/html/json and xml without getting 403 Forbidden error which we get usually get when a js call is made to action having only format.html and not format.js
HOPE IT HELPS
I think the answer is that render only allows me to respond with JSON, whereas if I use respond_to and respond_with, I can respond in more than just one manner? Is that all?

How can I query active record models in context of a nested route, DRY style

I like my controller to use all ids that the request URL contains without making the controller route specific.
My route:
...
resources :users do
resources :properties
end
...
My controller are the standard scaffold controllers. Lets look at the index method:
def index
properties = Properties.all
respond_to do |format|
format.json { render json: properties }
end
end
def show
#property = Property.find(params[:id])
respond_to do |format|
format.json { render json: property }
end
end
Problems with a route like /users/10/properties is that it doesn't pickup the user_id of 10 and is not using it to create the query. Its querying all properties instead of the subset.
I also makes modifying the url trivial to view other users properties, simply toy with the "id", no need to find a match "user_id" + "id" since "user_id" is ignored.
Of course I can express that explicitly in the code, but that would make it route specific. I like to use the controller in the context of a non nested route as well.
Is there a standard recipe to handle that? Like looking at all parameters that end with "_id"?
Check out https://github.com/josevalim/inherited_resources
It will help you with this (and much more)
Otherwise you'd need to, in your index action check if the query param is there and if it is, query on that param (Properties.where(user_id: params[:user_id] )

Give a detailed illustration of how the MVC works in Rails, and how the controller communicates with forms etc?

Perhaps this can even become a Community Wiki, but I would love a detailed description of how the controller works - or rather, how I can get it to do what I want it to do.
I understand the general structure of MVC and how the model stores the db structure, and the controller interacts with the db and passes info to the view.
However, I am puzzled (on a fundamental level) about how to accomplish simple tasks using my controller. I know that if I want to create a new record for a model/object, I just do object = Object.new(:name => "Object Name") in the Rails console.
But how on earth would I do that in the CRUD elements of the controller and why?
Please use a simple example - e.g. showing a user the balance of their bank account (I know there are many complexities surrounding this, but ignore them for the sake of this explanation). What would the model look like (just include: Name, Address, Transaction Type (Deposits/Withdrawals), Balance).
What would a view look like? What would the controller look like? Any choices you make (like using a form) please explain them. Why would you use a form, as opposed to a drop down menu and (in layman terms) how does the form or drop down menu interact with the controller? How do I get the info captured there to the db and why am I doing it that way?
I know this sounds like a lot to ask, but I have done RailsTutorial.org, watched many Railscasts, read the Rails guides, and read many other tutorials and still have some basic gaps in my understanding of the way Rails works and why.
Thanks in advance.
I don't know how much more help I can be, but I understand your pain having just come to rails myself. The article recommended by ghoppe, "Skinny Controller, Fat Model" explains the function of Ms Vs & Cs nicely. Seeing as that does not fully answer your question I will try to explain the mechanics of each structure.
Model
class Account < ActiveRecord::Base
belongs_to :user
validates_presence_of :address
def name # Account does not have a name field, but User does so I will make a name method for Account and feed it name of the user it belongs to.
user = self.user # Account gets the user method with the <belongs_to :user> association
# note: Rails expects Accounts to have a user_id field so it can perform the "magic" to associate Accounts with Users
if user.name
return user.name
else
return nil
end
end
end
The model describes your object. Like an object in any OOP language you want to put all of your object logic here. This includes the rails helpers for association(has_one, belongs_to, ...) and validation, as well as any other method or library you want the object to be able use throughout your Models Views and Controllers.
Controller
class AccountsController < ApplicationController
before_filter :name, :only => :edit, :destroy # #account.name will be executed before the edit or destroy method(action) can be invoked on #account. If the user who has the account has a name the action will execute.
def index # This is a RESTful action and is mapped by Rails by default to an HTTP GET request. Rails expects an index.html.erb or index.haml.erb or index.something in the Accounts view to map this action to.
#accounts = Account.all # #accounts is an instance variable and will be accessible in the view this action is mapped to.
end
def show
#account = Account.find(params[:id]) # params[:id] is passed to the controller from the view. The params hash is the primary tool form moving data from a form or URL into a controller. Anytime you click on the link_to the show or edit action of an object Rails will put that objects id in the params hash and call the appropriate action in that objects controller. If you click the show link on an account it will call this action. Now the instance variable in the view show.html.erb will hold a single account instead of an array
end
def new
#account = Account.new # This initializes a new account with all the fields set to blank unless you specified a default in your migration. This account has not been save to the db yet. It is ready for a user to fill in.
respond_to do |format| # Rails can automatically respond differently to different client request. If a client i.e browser wants HTML rails responds with HTML. If a client e.g. an API want XML Rails responds with XML.
format.html # new.html.erb #
format.xml { render :xml => #account }
end
end
def edit
#account = Account.find(params[:id]) # Same as show, but mapped to a different view
end
def create # Finally we have a POST. All the prior actions were GETs, but now we are saving some data to the db.
#account = Account.new(params[:account]) # The :account key is special. It is a hash of hashes. It is populated by the form fields in new.html.erb. To access a specific field such as address we say <params[:account][:address]> and whatever the user entered in the address field in the View is at out fingers in the Controller.
respond_to do |format|
if #account.save # If the validations pass and the account gets saved redirect to the show page of the new record, otherwise refresh/render the new page (hopefully showing what error caused the record to fail to save).
format.html { redirect_to(#account, :notice => 'Account was successfully created.') }
format.xml { render :xml => #account, :status => :created, :location => #account }
else
format.html { render :action => "new" }
format.xml { render :xml => #account.errors, :status => :unprocessable_entity }
end
end
end
def update # This is another of the seven RESTful Rails actions and results in a PUT request because you are updating an existing record
#account = Account.find(params[:id])
respond_to do |format|
if #account.update_attributes(params[:account])
format.js # Rails can also respond with JavaScript. Look up UJS. Rails 3 has made large improvements here.
format.html { redirect_to(#account, :notice => 'Account was successfully updated.') }
format.xml { head :ok }
else
format.js
format.html { render :action => "edit" }
format.xml { render :xml => #account.errors, :status => :unprocessable_entity }
end
end
end
def destroy # This results in a DELETE
#account = Account.find(params[:id])
#account.destroy # destroy is a more thourough delete and will check the options of this records associations and destroy the associated objects as well if they are dependant on this object. The option <:dependant => :destroy> is not set for this object's only association: User. The user this account belongs to will therefore survive the destruction of this account.
respond_to do |format|
format.html { redirect_to(accounts_url) }
format.xml { head :ok }
end
end
end
View
Hopefully you can draw your own logic from here. The view is designed to render information passed as instance vars from a controller to a client: browser, api, smart phone. As well as to pass information from a client to the controller via the params hash. No complicated logic should get performed in a view even though a view with erb has the capability to execute any ruby code.
If an example view would also be helpful I am happy to oblige.
The best description of what the controller is:
http://edgeguides.rubyonrails.org/action_controller_overview.html
http://edgeguides.rubyonrails.org/routing.html
The controller doesn't communicate with the Database. The controller talks to the model, which then communicate with the database.
When I was starting I found very useful to use scaffolding and just looking at what was created.
Do this:
rails generate scaffold Post name:string title:string content:text
Examine all files under the app/ folder. Examine the file config/routes
Then comment here your specific questions.
At first, I thought this question was far too broad, along the lines of "how do I program?" But after reading your comments, I see what you're getting at. You don't quite grasp how MVC works in Rails and are wondering where your code goes.
What you should strive for is a Skinny Controller and a Fat Model. Keep logic out of views. So in your example, you calculate the account balance in the Model, and pass that information along (using the controller) to the view.
For a concise explanation for beginners with sample code, I recommend this article over here.

Resources