What’s new in rails 4.0?
Strong Parameters
Mass assignment restriction has been moved from model to controller level. Ealier we used attr_accessible and attr_protected methods in model for mass assignment security, These are been removed and moved to the protected_attributes gem.
In the new implementation, passing params directly to the mass assignment methods like create will raise a ActiveModel::ForbiddenAttributesError, instead of passing params directly to the create method in the controller, we pass a private method which permits the accessible attributes.
class PeopleController < ActionController::Base
# Using “Person.create(params[:person])” would raise an
# ActiveModel::ForbiddenAttributes exception because it’d
# be using mass assignment without an explicit permit step.
# This is the recommended form:
def create
Person.create(person_params)
end
# This will pass with flying colors as long as there’s a person key in the
# parameters, otherwise it’ll raise an ActionController::MissingParameter
# exception, which will get caught by ActionController::Base and turned
# into a 400 Bad Request reply.
def update
redirect_to current_account.people.find(params[:id]).tap { |person|
person.update!(person_params)
}
end
private
# Using a private method to encapsulate the permissible parameters is
# just a good pattern since you’ll be able to reuse the same permit
# list between create and update. Also, you can specialize this method
# with per-user checking of permissible attributes.
def person_params
params.require(:person).permit(:name, :age)
end
end
Turbolinks
Turbolinks is a gem that is included by default in rails 4.0. This gem make your application feel faster to the user using javascript (i.e AJAX Request) to replace the html body of new pages instead of relying on full page load with which the browser don’t have to reparse your js or css on every page load.
Russian Doll Caching
Russian Doll Caching is a mechanism of using nested fragment caches to have maximum cache hits to boost up the performance.
For example: If we have parent fragment and many child fragments under it, Changing the parent fragment will expire only the parent fragment and the child fragments will be still served from the cache. If the child fragment is changed the changed child fragment and its parent fragment will be expired.
One main advantage is cache_digests gem is included by default in rails 4.0 which avoids the use of version in fragment caching and instead generate a MD5 hash key based on the template content, which means if the template content changes the cache gets expired.
ActionController::Live
Live is a special module included in ActionController class. It enables Rails to open and close a stream explicitly. Mix this module in to your controller, and all actions in that controller will be able to stream data to the client as it’s written.
PATCH
The HTTP method PUT means resource creation or replacement at some given URL. For example say you have uploaded a file and you want to replace that with a new file that’s where PUT comes in to picture. As per http standards PUT is not for partial updates. PATCH is the new http verb added in rails 4.0 for partial updates
When you call id on nil object
Earlier i.e before ruby 1.9.3 when you call id on nil a weird error message was displayed ‘Called id for nil which would mistakenly be 4. If you really want id of nil use object_id. This is because earlier calling id on any object would return the object_id, but this is not the case any more in ruby 1.9.3 and above. To get the object_id you need to explicitly call the object_id method on object. Hence the new error message when you attempt to call id on nil object is undefined method id for nil class.
Extraction of features to gems
Hash-based & Dynamic finder methods
Mass assignment protection in Active Record models
ActiveRecord::SessionStore
Active Record Observers
Active Resource
Action Caching
Page Caching
Sprockets
Performance tests
Strong Parameters
Mass assignment restriction has been moved from model to controller level. Ealier we used attr_accessible and attr_protected methods in model for mass assignment security, These are been removed and moved to the protected_attributes gem.
In the new implementation, passing params directly to the mass assignment methods like create will raise a ActiveModel::ForbiddenAttributesError, instead of passing params directly to the create method in the controller, we pass a private method which permits the accessible attributes.
class PeopleController < ActionController::Base
# Using “Person.create(params[:person])” would raise an
# ActiveModel::ForbiddenAttributes exception because it’d
# be using mass assignment without an explicit permit step.
# This is the recommended form:
def create
Person.create(person_params)
end
# This will pass with flying colors as long as there’s a person key in the
# parameters, otherwise it’ll raise an ActionController::MissingParameter
# exception, which will get caught by ActionController::Base and turned
# into a 400 Bad Request reply.
def update
redirect_to current_account.people.find(params[:id]).tap { |person|
person.update!(person_params)
}
end
private
# Using a private method to encapsulate the permissible parameters is
# just a good pattern since you’ll be able to reuse the same permit
# list between create and update. Also, you can specialize this method
# with per-user checking of permissible attributes.
def person_params
params.require(:person).permit(:name, :age)
end
end
Turbolinks
Turbolinks is a gem that is included by default in rails 4.0. This gem make your application feel faster to the user using javascript (i.e AJAX Request) to replace the html body of new pages instead of relying on full page load with which the browser don’t have to reparse your js or css on every page load.
Russian Doll Caching
Russian Doll Caching is a mechanism of using nested fragment caches to have maximum cache hits to boost up the performance.
For example: If we have parent fragment and many child fragments under it, Changing the parent fragment will expire only the parent fragment and the child fragments will be still served from the cache. If the child fragment is changed the changed child fragment and its parent fragment will be expired.
One main advantage is cache_digests gem is included by default in rails 4.0 which avoids the use of version in fragment caching and instead generate a MD5 hash key based on the template content, which means if the template content changes the cache gets expired.
ActionController::Live
Live is a special module included in ActionController class. It enables Rails to open and close a stream explicitly. Mix this module in to your controller, and all actions in that controller will be able to stream data to the client as it’s written.
PATCH
The HTTP method PUT means resource creation or replacement at some given URL. For example say you have uploaded a file and you want to replace that with a new file that’s where PUT comes in to picture. As per http standards PUT is not for partial updates. PATCH is the new http verb added in rails 4.0 for partial updates
When you call id on nil object
Earlier i.e before ruby 1.9.3 when you call id on nil a weird error message was displayed ‘Called id for nil which would mistakenly be 4. If you really want id of nil use object_id. This is because earlier calling id on any object would return the object_id, but this is not the case any more in ruby 1.9.3 and above. To get the object_id you need to explicitly call the object_id method on object. Hence the new error message when you attempt to call id on nil object is undefined method id for nil class.
Extraction of features to gems
Hash-based & Dynamic finder methods
Mass assignment protection in Active Record models
ActiveRecord::SessionStore
Active Record Observers
Active Resource
Action Caching
Page Caching
Sprockets
Performance tests
Comments
Post a Comment