Ruby on Rails Tutorial Michael Hartl

Review to one of the most popular Ruby on Rails tutorial
22 June 2017   6335
Ruby

A dynamic, open source programming language with a focus on simplicity and productivity.
 

Ruby on Rails

Ruby on Rails (RoR) - a framework written in the Ruby programming language.

When you will start to learn RoR, one of the first book that will be recommended to you is a Ruby on Rails Tutorial by Michael Hartl. This is one of the most popular newbie’s Ruby guide. At the moment, it has 6 editions and translated to many languages. It consists of 14 chapters and 744 pages. Thru these pages, Michael will teach you how to develop custom web applications, using the popular Ruby on Rails framework. It will also focus on the general principles of web development.

Ruby on Rails Tutorial by Michael Hartl
Ruby on Rails Tutorial by Michael Hartl

Author

Michael Hartl is former Y Combinator alumni, he has a Ph.D. degree in theoretical physics and he was teaching at Caltech. His book guides you through building a Twitter clone in Rails. This is the only Rails book that does test-driven development the whole time. This approach is highly recommended by the experts.

Michael Hartl
Michael Hartl

By including Git, GitHub, and Heroku in the demo examples, the author really gives you a feel for what it’s like to do a real-life project. The tutorial code examples are not isolated.

Book targeting

The book is targeted to a Rails newcomer, not a pro web developer, but general programming skills are needed. Author assume that you are a beginner, so, he will introduce whole Rails ecosystem to you. So, some time will be spent to install version control system called Git and text editors for coding.

What's inside

Inside Ruby on Rails Tutorial
Inside Ruby on Rails Tutorial

Building a Twitter clone by this book will be in a “hard way”, without a gem for user authentication. So, you will be involved in building different models (user, micropost and session), creating partials, passing information between different classes and handling errors.

A micro-blogging app is used to slowly, step-by-step walk through the different Rails features. The tutorial also explains some of the “magic” that goes on under the covers that Rails provides for you.  

Whole book is like a perfectly written program, modular, without any bugs or “empty code”. Author specify the exact versions of every gem, Rails and databases that are used. The book has zero errors, so, every time you will have a bug, it is an issue on your end.

True coder's habits

Usage of GitHub, Heroku, branching makes you feel like you are working on a real-life project, being a “real coder”. Number of gems, used in a test project is not very big, only the most common were used. Most of the things are made by hands.

Book is focused on testing. It starts from RSpec unit tests, then integration tests. TDD approach is followed for a long time where the tests come before the code, a practice that is commonly used by the coders. It will help you to create a good coder habits like running tests before and after merging a branch and refactor your code to reduce duplicates and increase application’s stability.  

Here is a good quote from the book:

If you ask five Rails developers how to test any given piece of code, you’ll get about fifteen different answers—but they’ll all agree that you should definitely be writing tests.
 

Michael Hartl
Ruby on Rails Tutorial

Also, Tutorial teaches you how to use Terminal properly. You will learn how to set up a sublime text shortcut, how to navigate file structures, create files and other shortcuts that will help you. Terminal will be your program associated with programming and technical expertise.

Conclusion

Ruby on Rails tutorial is a long course and it needs assiduity and diligence. But you can learn a lot from it.

It covers everything someone new to developing Ruby on Rails applications could need. It’s a good fit for people new to web development and new to Rails.

Ready to master Rails? Get this book. 

Ruby and Rails to Get New Updates

Six vulnerabilities in the RubyGems package management system are now fixed and three in Rails framework
14 March 2019   622

There are corrective versions of the Ruby 2.6.2 and 2.5.4 programming language, which eliminate six vulnerabilities in the RubyGems package management system:

  • CVE-2019-8324: the ability to execute code when installing an untested package (an attacker can place the code on the gemspec and this code will be executed via a call to eval to ensure_loadable_spec at the verification stage before installation);
  • CVE-2019-8320: the ability to delete directories through manipulations with symbolic links when unpacking tar files;
  • CVE-2019-8321: the ability to substitute escape sequences through the handler Gem :: UserInteraction # verbose;
  • CVE-2019-8322: the ability to substitute escape sequences through the command "gem owner";
  • CVE-2019-8323: Ability to substitute escape sequences in the API handler (Gem :: GemcutterUtilities # with_response);
  • CVE-2019-8325: The ability to substitute escape sequences through error handlers (Gem :: CommandManager # run calls alert_error without escaping characters).

In addition, an update was provided to the Rails 4.2.11.1, 5.0.7.2, 5.1.6.2, 5.2.2 framework. and 6.0.0.beta3 with the elimination of three vulnerabilities:

  • CVE-2019-5420 - potentially allows you to remotely execute your code on the server, when Rails is running in Development Mode. If there is information about the attacked application, you can predict the automatically generated mode token for developers, knowledge of which allows you to achieve the execution of your code;
  • CVE-2019-5418 is a vulnerability in the Action View that allows you to get the contents of arbitrary files from the server's file system by sending a specially crafted HTTP Accept header if the code in the "render file:" handler is present.
  • CVE-2019-5419 - DoS-vulnerability in Action View (MODULE / COMPONENT), allowing to achieve 100% load on the CPU through manipulations with the contents of the HTTP-header Accept;