Custom post using angular rails resource - ruby-on-rails

Hi I'm using rails and angularjs with the angularrailsresource gem. I need to do a custom post request to a rails resource I have defined called 'Comment'. I tried using the $post method like this:
Comment.$post('some_method', {comment_id: comment.id, username: username, type: 'mention'}).then(function(result){
console.log(result);
});
and it makes a request but it always makes it under the root of the page I'm on. So I want to make a request to '/comments/', but it tries to make a request to '/patients/some_method' and if I do this:
Comment.$post('comments/do_stuff', {comment_id: comment.id, username: username, type: 'mention'}).then(function(result){
console.log(result);
});
it will try to post to 'patients/comments/some_method', or whatever else the root of the page I'm on is. Is there a way to tell it to post directly to the resource and not through the the url context that I am currently on? Thank you for your help.

You have to use the path with a / before it, otherwise it will trigger the action using the relative path. Try this:
Comment.$post('/comments/do_stuff' ....
Notice the / before comments.

Related

Rails route params in angular

I'm playing around with angular in my rails app. This is not a single page app, i'm just using angular in a few places. I'm having a hard time getting route params from the uri to use in my resources.
For instance, say I'm on the page /users/1/posts/2. How do I get both user_id and id(for post)?
Thanks.
You could configure your angular app to pass the params to the controller your using for that page.
I would make a routes.js file doing something like:
App.config(['$routeProvider', function($routeProvider){
$routeProvider
.when('/your-route', {
controller: 'yourNGController',
resolve: {
params: ['$route', function($route){
params = {user_id: $route.current.params.user_id}
params.merge({post_id: $route.current.params.post_id})
return params
}]
}
})
}])
Then in your controller - "yourNGController' inject 'params' that you resolved in your route. That should get your the info you need into the controller.
If using newer versions of angular you may also need to include the angular-route.js as $routeProvider was removed from the core angular components.
I ended up just using ui-routes which makes this problem a whole lot easier.
I had a similair issue, and it is linked here: Passing Rails ID to Angular
I consider this solution a bit of a hack, so am interested in better approaches.

can i use ruby on rails get and post for the same method?

I'm new to web development in general and ruby on rails in specific. I'm working on developing a web interface where i'm using a 'Get' and 'Post' requests on the same method. When i use a get method and send parameters (like username and password), they are being visible in the url. Hence, below is what i did.
form1.html.erb
<%= form_for :modify, :method => "post", :url => {:action => "method2"} do |f|%>
#code here to input username and password
<%=end%>
in my routes.rb i wrote the following routes to the method2:
post 'controller/method2'
get 'controller/method2'
When i enter username and password and click on submit, it is finding the post 'method2' and executing the code in the controller, and displaying method2.html.erb as there is a get request for the same method and also there is a view for method2.
However, i suspect this is not the right way to do it. I do not want the password to be visible. I came to know that i have two options, store the password in a session or send a post request. I do not want to store in session as it is not safe. When i write a post method the page expires when the user tries to come back. To prevent either of these happening, i used the same action in controller as post and get and now i do not see any parameters visible in the url.
Please let me know if this is not the right way to do
If you want a solid method for manipulating user & password, I recommend you go through the Ruby on Rails tutorial, it's an excellent tutorial and it will learn you the basics to start with Rails programming, including a safe username/password use.
Alternatively, you can use Devise, which is a very popular gem for this purpose.
I would not try to implement a secure user/password system without really knowing what you are doing...
In your controller you should have this :
render 'controller/method2'
And you should have a file in this path :
app/views/controller/method2.html.erb
You don't need to have two routes.

Facebook app: within Canvas, Facebook treats GETs as POSTs?

In my Rails FB app, when running in the canvas, if I go to "/users", instead of GETting the index page, it POSTs and creates a new user.
That only happens when I try to access the URL directly. When I use the "List of users" link on the app, it works as expected.
Why is that?
that's just how FB does it. They post data with each query as well.
Facebook sends everything as POST which brakes RESTful routes. There is a way to fix it though. If incoming POST request contains signed_request parameter you can assume it was converted from GET to POST by Facebook.
Rack::Facebook::MethodFix middleware fixes the problem automagically. You can use it with something like:
# Basic usage
use Rack::Facebook::MethodFix
# Also validate signed_request
use Rack::Facebook::MethodFix, :secret_id => "c561df165eacdd6e32672c9eaee10318"
# Do not apply request method fix to admin urls.
use Rack::Facebook::MethodFix, :exclude => proc { |env| env["PATH_INFO"].match(/^\/admin/) }
or if you are using Rails then
config.middleware.use Rack::Facebook::MethodFix

Figuring out facebook iFrame clients

I am in the process of building a facebook app that works through iFrame with Ruby On Rails.
My App does serve multiple clients, web, mobile, and facebook. And depending the type of client the UI renders different kind of views.
When the user connects to my app using the facebook page tab, I do get enough information (in params collection) to identify the user came from facebook. Based on that I can customize the views to fit into the iFrame.
But for subsequent requests, because they happens through iframe, there is nothing that tells this is a facebook request (as far as I can tell unless there is something in the headers which I dont know of).
I tried setting a cookie during the first request and that worked great. But the problem is when the user requested my app directly from another browser tab (not through facebook) the cookie was still present and the user ended up seeing the facebook(ised) UI, instead of Normal UI.
Anyone has a solution to this?
I recommend using a different route for Facebook tabs. So if your regular URLs look like this:
/foobar
Then you may want to use something like this for Facebook, by adding the "/fb" prefix (or similar) to your Facebook app's tab or canvas URL:
/fb/foobar
In your routes.rb, you can then pass a parameter to indicate that the user is viewing the page on Facebook, such as "channel=facebook" or "facebook=true".
Your routes.rb might look something like this:
scope 'fb', :channel => 'facebook' do
# ... your routes ...
end
scope :channel => 'web' do
# ... your routes ...
end
With these routes, each request originating from Facebook will automatically have a "channel=facebook" parameter. Of course, you'd still be responsible for making sure to generate the appropriate URLs within your app. You could add :as => 'facebook' and :as => web to the scopes above and use this to generate URLs using dedicated helpers (e.g. facebook_foobar_url, web_foobar_url). But the best way to do this depends a lot on the complexity of your app.
Alternatively, you could also use default_url_options in your controller to add a "channel=facebook" or "facebook=true" parameter to every generated URL if you detect that the current request originated from Facebook (either from the existence of a signed_request or from channel/facebook param you added). Note that this method is deprecated in Rails 3, and I'm not quite sure what (if any) the official replacement is in Rails 3.1 or 3.2.
I needed to solve this with the least amount of intrusion into the existing code.
And am posting my solution here for the benefit of anyone looking to solve similar problem.
I have a unique layout for facebook and this was invoked during the first request (like I mentioned above, the initial request posted from facebook tab has facebook params).
To make sure there was facebook param for subsequent requests, inside the facebook layout, I bound all the form submission and anchor click events to a method that would add a hidden form element and query string param respectively.
this is how the client side code looks like:
<script type="text/javascript">
$(document).ready(function() {
$('form').submit(function(e) {
$('<input>').attr({
type: 'hidden',
id: 'fb_param',
name: 'fb_param',
value: 'true'
}).appendTo($(this));
return true;
});
$('a').click(function(e) {
var newUrl = $(this).attr("href");
if (newUrl.indexOf("?") != -1) {
newUrl = newUrl + '&fb_param=true';
} else {
newUrl = newUrl + '?fb_param=true';
}
$(this).attr("href", newUrl);
return true;
});
});
</script>
Now to handle the server side redirects (typical when you update a resource etc), needed to extend the redirect_to method like so:
/app/conntrollers/application_controller.rb
class ApplicationController < ActionController::Base
def redirect_to(options = {}, response_status = {})
if params[:fb_param] == 'true'
if options
if options.is_a?(Hash)
options["fb_param"] = "true"
else
if options.include? "?"
options = "#{options}&fb_param=true"
else
options = "#{options}?fb_param=true"
end
end
end
end
super
end
end

How do you send a request with the "DELETE" HTTP verb?

I'd like to create a link in a view within a Rails application that does this...
DELETE /sessions
How would I do that.
Added complication:
The "session" resource has no model because it represents a user login session. CREATE means the user logs in, DESTROY means logs out.
That's why there's no ID param in the URI.
I'm trying to implement a "log out" link in the UI.
Correct, browsers don't actually support sending delete requests. The accepted convention of many web frameworks is to send a _method parameter set to 'DELETE', and use a POST request.
Here's an example in Rails:
<%= link_to 'log out', session_path, :method => :delete %>
You may want to have a look at Restful Authentication.
I don't know about Rails specifically, but I frequently build web pages which send DELETE (and PUT) requests, using Javascript. I just use XmlHttpRequest objects to send the request.
For example, if you use jQuery:
have a link that looks like this:
<a class="delete" href="/path/to/my/resource">delete</a>
And run this Javascript:
$(function(){
$('a.delete').click(function(){
$.ajax(
{
url: this.getAttribute('href'),
type: 'DELETE',
async: false,
complete: function(response, status) {
if (status == 'success')
alert('success!')
else
alert('Error: the service responded with: ' + response.status + '\n' + response.responseText)
}
}
)
return false
})
})
I wrote this example mostly from memory, but I'm pretty sure it'll work....
Correct me if I'm wrong, but I believe you can only send POST and GET requests with a browser (in HTML).
Rails' built in method for links will generate something like this:
Logout
If you don't want to use the Rails' built in method (i.e. don't want the rel="nofollow", which prevents search engine crawlers from following the link), you can also manually write the link and add the data-method attribute, like so:
Logout
Browsers can only send GET/POST requests, so this will send a normal GET request to your Rails server. Rails will interpret and route this as a DESTROY/DELETE request, and calls the appropriate action.

Resources