And now for something completely different. For a private project, I’m trying out ruby on rails. Here’s a link and brain dump of stuff I did.

Start on Get Ruby on Rails in no time. I’m working on my Debian jessie (testing) machine, where I already have rbenv installed, so I just create a new directory rails, which will contain my rails gemset.

Inside I can install rails and create a new application as directed. Of course, the rails server does not start as advertised. ExecJS is pining for a JS runtime, takes no prisoners and aborts everything with a stacktrace.

$ sudo aptitude install nodejs

Thank you, Debian!

The server works now, and the default main page loads explaining that it works. Nice. I commit everything to a new git repo to be able to see what will happen with the project. Since the initial instructions on this page show the right direction, but no detail, I follow the link to the Rails Guides where I start with the Getting Started with Rails tour. The first sections can be skipped, as the server is already running. The interesting part begins with actually creating the first controller with rails generate controller. It automatically inserts a default route into the configuration. Commit. Enabling it as the default route for / is explained next. Commit. RoR is talking to me.


Now the meat of the framework is revealed. Resources are the CRUD-able contents of the new app. I start with the ever popular “people” resource and add a default resource route and an empty controller. Commit.

Browsing through the new files, I notice that rails has helpfully created empty test harnesses for me. I configure the repo for travis-ci. Commit. As there is only a single default test, the build passes with flying colors for ruby 2.1 and ruby 1.9. JRuby chokes on the native sqlite extension. As JRuby is not my primary target, I just disable it again. I will need to have some coverage testing set up too.

Get on with it!

Following the guide, I create the first empty controller action.

Note: something in this project makes ruby use gem references in stack traces instead of mile-long paths. Very nice.

Time passes. Documentation is read. Code is written.

Nice, RoR seems to have learned some lessons: there is a built-in POST params validator. No global_vars fiasco here. Instead it just doesn’t work. I spend some time reading more on strong parameters which uses slightly different method call (required instead of require). This doesn’t work either. No stacktrace too. Hmm. Welcome to the real world.

The official documentation uses require consistently, so I go with that. Even copy and pasting the example from the Action Controller overview (which coincidentally matches my model) doesn’t help. Still no proper stacktrace or other hint. Except that there is a “Full Trace” link, right below the error message on the rendered 500 error page. D’oh!. I dive into the underlying source. Glossing over the active_model/forbidden_attributes_protection.rb file, which actually throws the error doesn’t help much.

Another look at the code and guide finally reveals the problem: the new person_params method must be used to access the params. There is no magic to inject that call into the execution. I’m a little disappointed but I can live with that. Commit.

The next piece is loading the new record from the database and creating a view for it. Commit.

The guide now covers some basic things like programmatic linking to actions and paths, model validation, updating and deleting resources. I’m starting to gloss over things as I’m running out of time for now. Doesn’t help.

Finally, I look into authentication/authorization solutions for rails. Built-in is a single-user basic http authorization, which is not very helpful for my use-case. The guide recommends Devise or Authlogic. Devise is a full blown MVC engine while Authlogic has no successful build on travis since adding the travis badge back in April. I’ve also looked at The Foreman’s Authentication stuff, but they have coded up a complete custom AAA framework. I’m still undecided between going the manual route, implementing authorization in custom code while delegating authorization to the container or using Authlogic, which looks much more rails-like than Devise. This will need more experimentation.

Enough for today, I know rails!


  • coverage tests
  • code climate
  • add license