I'm wondering what is DBI, what is it used for and is there such thing as "DBI database"
Related
I'm new to RoR and jumping into a big RoR project. The project uses a bunch of gems. In fact, the Gemfile.lock file, including dependencies, is 460 lines long. I was told the project went through several different developers, and that there may be a lot of cruft in there.
Is there any way to generate a list of what each gem does? It's not exactly intuitive, especially with names like "capybara" and "cocaine" and "raindrops."
Is there any simple process to determine which gems are required?
You really shouldn't stress too much about what's in the Gemfile.lock at first, just the Gemfile.
To get gem details, I just whipped this little script up to dump summaries of all the gems in your current bundle:
require 'yaml'
gems = `bundle list`
names = gems.scan(/^\s+\*\s+([\w-]+)\s+\(.*\)\s*$/).flatten
names.each do |name|
summary = YAML.parse(`gem spec #{name} summary`).root.value rescue '???'
puts "#{name}: #{summary}"
end
Save it to a file and run it on the command line like so:
ruby whatever-you-saved-it-as.rb
For a project of mine, I got this:
actionmailer: Email composition, delivery, and receiving framework (part of Rails).
actionpack: Web-flow and rendering framework putting the VC in MVC (part of Rails).
actionview: Rendering framework putting the V in MVC (part of Rails).
activemodel: A toolkit for building modeling frameworks (part of Rails).
activerecord: Object-relational mapper framework (part of Rails).
activesupport: A toolkit of support libraries and Ruby core extensions extracted from the Rails framework.
addressable: URI Implementation
annotate: Annotates Rails Models, routes, fixtures, and others based on the database schema.
arel: Arel is a SQL AST manager for Ruby
ast: A library for working with Abstract Syntax Trees.
astrolabe: An object-oriented AST extension for Parser
awesome_print: Pretty print Ruby objects with proper indentation and colors
...
Kinda neat actually.
Assuming that each gem has a meaningful description, you can run something like this from the Rails console:
Gem.loaded_specs.values.map { |g| "#{g.name}: #{g.summary}" }
The dynamic nature of Ruby makes it hard to find unused gems automatically (e.g. through code analysis). However, you can try to remove gems one by one. If your project's test suite passes without a given gem, it is certainly a strong sign that it might be safe to remove it.
I have run a static code analysis tool (brakeman) on a rails app and it has reported some SQL Injection vulnerabilities which I suspect may be false positives. The offending lines look like this:
#things_controller.rb
def index
Thing.select(params[:columns]).where(params[:conditions])
end
I can't figure a way to exploit this, but it does seem rather open-ended, is this safe enough (this controller requires admin access anyway) or can it be exploited?
Ruby is 2.0.0-p247,
Rails is 4.0.0
While rails has some built-in filters for special characters, this is definitely vulnerable:
http://guides.rubyonrails.org/security.html#sql-injection
If you want to test it yourself, run a full scan with sqlmap using the url of this action with a conditions GET parameter
I am trying to rename a database using MongoMapper in ruby.
Is it possible to do the same?
any alternative hack to accomplish the same?
As noted in the other stack overflow question mentioned above, MongoDB doesn't actually have the ability to rename a database. You can however, copy then delete but be aware this will cause indexes to be rebuilt. You wouldn't want to do this for a large data set.
The mongo-ruby-driver (as well as most 10gen drivers) has the ability to execute any MongoDB command through a call to the DB#command method on any DB object instance.
In the Ruby driver you would do the following:
require 'mongo'
client = Mongo::MongoClient.new
db = client.db('admin')
db.command({:copydb => 1, :fromdb => oldname, :todb => newname})
client.drop_database(oldname)
Update: In newer versions of MongoDB there is a JS shell helper for db.rename() which does exactly what the ruby code above does.
function (newName) {
if(newName == this.getName() || newName.length === 0)
return;
this.copyDatabase(this.getName(), newName, "localhost");
this.dropDatabase();
db = this.getSiblingDB(newName);
}
In addition to that, there is the following feature request ticket for making db.rename() a first class command. Please feel free to upvote this feature.
https://jira.mongodb.org/browse/SERVER-701
I need to manage transaction isolation level on a per-transaction basis in a way portable across databases (SQLite, PostgreSQL, MySQL at least).
I know I can do it manually, like that:
User.connection.execute('SET SESSION TRANSACTION ISOLATION LEVEL SERIALIZABLE')
...but I would expect something like:
User.isolation_level( :serializable ) do
# ...
end
This functionality is supported by ActiveRecord itself:
MyRecord.transaction(isolation: :read_committed) do
# do your transaction work
end
It supports the ANSI SQL isolation levels:
:read_uncommitted
:read_committed
:repeatable_read
:serializable
This method is available since Rails 4, it was unavailable when the OP asked the question. But for any decently modern Rails application this should be the way to go.
There was no gem available so I developed one (MIT): https://github.com/qertoip/transaction_isolation
Looks Rails4 would have the feature out of box:
https://github.com/rails/rails/commit/392eeecc11a291e406db927a18b75f41b2658253
can we load seed data when start cucumber?
Please support me a way.
You could use Factory Girl to in your cucumber tests to setup your 'stuff'
Background:
A car exists
Scenario: I drive a car
Given I am in a car
And I have keys in the ignition
When I turn the keys
...
Then you'll create the car in your step definitions, with something like
#car = Factory.create(:car)
I prefer this approach:
https://github.com/cucumber/cucumber/wiki/fixtures
I'm not opening the fixtures vs factories debate, of course, just saying that I've yet to see a case where files of data (seed, or otherwise) cease to be useful.
Once yaml fixtures are defined, they can be instantiated procedurally via Fixtures.create_fixtures per above, or set up as rake tasks.
They're just plain files, not code intended to have side effects - I have more confidence letting non-technical people add their data to fixtures files (esp. CSV).