Appendix C

Source Code

This appendix contains three things.

•Full listings for the files we created, and the generated files that we modified, for the final Depot application.

•The source for an e-mail exception notifier starts on page 511.

•A cross-reference listing for all the code samples in the book starts on page 512. All code is available for download from our website at http://pragmaticprogrammer.com/titles/railscode.html.

C.1 The Full Depot Application

Database Files

depot_final/config/database.yml:

adapter: mysql

database: depot_development

host: localhost username:

password:

test:

adapter: mysql database: depot_test

host: localhost username:

password:

production: adapter: mysql

database: depot_development

host: localhost username:

password:

Prepared exclusively for Rida Al Barazi

/* password = 'secret' */

insert into users values(null, 'dave', 'e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4');

#

#Also establishes Cart, LineItem, and User as models. This

#is necessary because these classes appear in sessions and

#hence have to be preloaded

class ApplicationController < ActionController::Base

model :cart model :line_item

private

# Set the notice if a parameter is given, then redirect back

THE FULL DEPOT APPLICATION 488

# to the current controller's +index+ action

#The #authorize method is used as a <tt>before_hook</tt> in

#controllers that contain administration actions. If the

#session does not contain a valid user, the method

#redirects to the LoginController.login.

redirect_to(:controller => "login", :action => "login") end

end end

depot_final/app/controllers/admin_controller.rb:

@product = Product.find(@params[:id]) end

#Initiate the creation of a new product.

#The work is completed in #create.

def new

@product = Product.new end

#Get information on a new product and

#attempt to create a row in the database. def create

@product = Product.new(@params[:product])

if @product.save

flash['notice'] = 'Product was successfully created.' redirect_to :action => 'list'

else

render_action 'new' end

end

# Initiate the editing of an existing product.

THE FULL DEPOT APPLICATION 489

# The work is completed in #update. def edit

@product = Product.find(@params[:id]) end

#Update an existing product based on values

#from the form.

def update

@product = Product.find(@params[:id])

if @product.update_attributes(@params[:product]) flash['notice'] = 'Product was successfully updated.' redirect_to :action => 'show', :id => @product

else

render_action 'edit' end

end

# Destroy a particular product. def destroy

Product.find(@params[:id]).destroy redirect_to :action => 'list'

end

#Ship a number of products. This action normally dispatches

#back to itself. Each time it first looks for orders that

#the user has marked to be shipped and ships them. It then

#displays an updated list of orders still awaiting shipping.

#The view contains a checkbox for each pending order. If the

#user selects the checkbox to ship the product with id 123, then

#this method will see <tt>things_to_ship[123]</tt> set to "yes". def ship

count = 0

if things_to_ship = params[:to_be_shipped]

count = do_shipping(things_to_ship) if count > 0

count_text = pluralize(count, "order") flash.now[:notice] = "#{count_text} marked as shipped"

end end

@pending_orders = Order.pending_shipping end

private

def do_shipping(things_to_ship) count = 0

things_to_ship.each do |order_id, do_it| if do_it == "yes"

order = Order.find(order_id) order.mark_as_shipped

order.save count += 1

end end count

end

def pluralize(count, noun) case count

when 0: "No #{noun.pluralize}" when 1: "One #{noun}"

else "#{count} #{noun.pluralize}" end

end end

THE FULL DEPOT APPLICATION 490

depot_final/app/controllers/login_controller.rb:

##login action, which is used to log in administrative users.

#It also contains the #add_user, #list_users, and #delete_user

#actions, used to maintain the users table in the database.

#

#The LoginController shares a layout with AdminController

#See also: User

class LoginController < ApplicationController

layout "admin"

#You must be logged in to use all functions except #login before_filter :authorize, :except => :login

#The default action displays a status page.

def index

@total_orders = Order.count @pending_orders = Order.count_pending

end

#Display the login form and wait for user to

#enter a name and password. We then validate

#these, adding the user object to the session

#if they authorize.

def login

if request.get? session[:user_id] = nil @user = User.new

else

@user = User.new(params[:user]) logged_in_user = @user.try_to_login

if logged_in_user

session[:user_id] = logged_in_user.id redirect_to(:action => "index")

else

flash[:notice] = "Invalid user/password combination" end

end end

# Add a new user to the database. def add_user

if request.get? @user = User.new

else

@user = User.new(params[:user]) if @user.save

redirect_to_index("User #{@user.name} created") end

end end

#Delete the user with the given ID from the database.

#The model raises an exception if we attempt to delete

#the last user.

def delete_user id = params[:id]

if id && user = User.find(id) begin

user.destroy

flash[:notice] = "User #{user.name} deleted" rescue

THE FULL DEPOT APPLICATION 491

flash[:notice] = "Can't delete that user" end

end

redirect_to(:action => :list_users) end

# List all the users. def list_users

@all_users = User.find(:all) end

#Log out by clearing the user entry in the session. We then

#redirect to the #login action.

def logout session[:user_id] = nil

flash[:notice] = "Logged out" redirect_to(:action => "login")

end end

depot_final/app/controllers/store_controller.rb:

class StoreController < ApplicationController before_filter :find_cart, :except => :index

# Display the catalog, a list of all salable products. def index

@products = Product.salable_items end

# Add the given product to the current cart. def add_to_cart

product = Product.find(params[:id]) @cart.add_product(product)

redirect_to(:action => 'display_cart') rescue

logger.error("Attempt to access invalid product #{params[:id]}") redirect_to_index('Invalid product')

end

#Display the contents of the cart. If the cart is

#empty, display a notice and return to the

#catalog instead.

def display_cart @items = @cart.items if @items.empty?

redirect_to_index("Your cart is currently empty") end

if params[:context] == :checkout render(:layout => false)

end end

# Remove all items from the cart def empty_cart

@cart.empty!

redirect_to_index('Your cart is now empty') end

THE FULL DEPOT APPLICATION 492

#Prompt the user for their contact details and payment method,

#The checkout procedure is completed by the #save_order method. def checkout

@items = @cart.items if @items.empty?

redirect_to_index("There's nothing in your cart!") else

@order = Order.new end

end

#Called from checkout view, we convert a cart into an order

#and save it in the database.

def save_order

@order = Order.new(params[:order]) @order.line_items << @cart.items if @order.save

@cart.empty!

redirect_to_index('Thank you for your order.') else

render(:action => 'checkout') end

end

private

#Save a cart object in the @cart variable. If we already

#have one cached in the session, use it, otherwise create

#a new one and add it to the session

def find_cart

@cart = (session[:cart] ||= Cart.new) end

end

Models

depot_final/app/models/cart.rb:

#total price. Adding a product to the cart will either add a

#new entry to the list or increase the quantity of an existing

#item in the list. In both cases the total price will

#be updated.

#

#Class Cart is a model but does not represent information

#stored in the database. It therefore does not inherit from

#ActiveRecord::Base.

class Cart

#An array of LineItem objects attr_reader :items

#The total price of everything added to this cart attr_reader :total_price

#Create a new shopping cart. Delegates this work to #empty!

def initialize empty!

end

#Add a product to our list of items. If an item already

#exists for that product, increase the quantity

#for that item rather than adding a new item.

def add_product(product)

item = @items.find {|i| i.product_id == product.id}

THE FULL DEPOT APPLICATION 493

if item item.quantity += 1

else

item = LineItem.for_product(product) @items << item

end

@total_price += product.price end

#Empty the cart by resetting the list of items

#and zeroing the current total price.

def empty! @items = []

@total_price = 0.0 end

end

depot_final/app/models/line_item.rb:

belongs_to :product belongs_to :order

# Return a new LineItem given a Product. def self.for_product(product)

item = self.new item.quantity = 1

item.unit_price = product.price item

end end

depot_final/app/models/order.rb:

has_many :line_items

#A list of the types of payments we accept. The key is

#the text displayed in the selection list, and the

#value is the string that goes into the database.

PAYMENT_TYPES = [

].freeze

validates_presence_of :name, :email, :address, :pay_type

#Return a count of all orders pending shipping. def self.count_pending

count("shipped_at is null") end

#Return all orders pending shipping.

def self.pending_shipping

find(:all, :conditions => "shipped_at is null") end

# The shipped_at column is +NULL+ for

#Return a list of products we can sell (which means they have to be

#available). Show the most recently available first.

def self.salable_items find(:all,

:conditions => "date_available <= now()",

errors.add(:price, "should be positive") unless price.nil? || price > 0.0 end

end

#A User is used to validate administrative staff. The class is

#complicated by the fact that on the application side it

#deals with plain-text passwords, but in the database it uses

#SHA1-hashed passwords.

class User < ActiveRecord::Base

#The plain-text password, which is not stored

#in the database

attr_accessor :password

#We never allow the hashed password to be

#set from a form

attr_accessible :name, :password

validates_uniqueness_of :name validates_presence_of :name, :password

#Return the User with the given name and

#plain-text password

def self.login(name, password)

hashed_password = hash_password(password || "") STDERR.puts hashed_password

find(:first,

:conditions => ["name = ? and hashed_password = ?", name, hashed_password])

end

THE FULL DEPOT APPLICATION 495

#Log in if the name and password (after hashing)

#match the database, or if the name matches

#an entry in the database with no password

def try_to_login

User.login(self.name, self.password) || User.find_by_name_and_hashed_password(name, "")

end

#When a new User is created, it initially has a

#plain-text password. We convert this to an SHA1 hash

#before saving the user in the database.

def before_create

self.hashed_password = User.hash_password(self.password) end

before_destroy :dont_destroy_dave

# Don't delete 'dave' from the database def dont_destroy_dave

raise "Can't destroy dave" if self.name == 'dave' end

#Clear out the plain-text password once we've

#saved this row. This stops it being made available

#in the session

def after_create @password = nil

end

private

def self.hash_password(password) Digest::SHA1.hexdigest(password)

end end

Views

depot_final/app/views/layouts/admin.rhtml:

<head>

<title>ADMINISTER Pragprog Books Online Store</title>

<%= stylesheet_link_tag "scaffold", "depot", "admin", :media => "all" %>

</head> <body>

<div id="banner">

<%= @page_title || "Administer Bookshelf" %>

</div>

<div id="columns"> <div id="side">

<% if session[:user_id] -%>

THE FULL DEPOT APPLICATION 496

<% end -%>

</div>

<div id="main">

<% if flash[:notice] -%>

<div id="notice"><%= flash[:notice] %></div> <% end -%>

<%= @content_for_layout %>

<div id="banner">

<img src="/images/logo.png"/>

<%= @page_title || "Pragmatic Bookshelf" %>

</div>

<div id="columns"> <div id="side">

<a href="http://www....">Home</a><br />

<a href="http://www..../faq">Questions</a><br /> <a href="http://www..../news">News</a><br />

<a href="http://www..../contact">Contact</a><br />

</div>

<div id="main">

<% if @flash[:notice] -%>

<div id="notice"><%= @flash[:notice] %></div> <% end -%>

<%= @content_for_layout %>

:confirm => "Are you sure?" %>

</td> </tr>

<% end %>

</table>

<%= if @product_pages.current.previous

link_to("Previous page", { :page => @product_pages.current.previous })

end

%>

<%= if @product_pages.current.next

link_to("Next page", { :page => @product_pages.current.next })

</tr> <tr>

<td>Password:</td>

<td><%= password_field("user", "password") %></td>

</tr>

<tr> <td></td>

<td><input type="submit" value=" LOGIN " /></td>

</tr> </table>

<%= end_form_tag %>

<table cellpadding="10" cellspacing="0">

<tr class="carttitle">

<td rowspan="2">Qty</td>

<td rowspan="2">Description</td> <td colspan="2">Price</td>

</tr>

<tr class="carttitle">

<td>Each</td> <td>Total</td>

</tr> <%

for item in @items product = item.product

-%>

require 'test/unit'

require 'active_record/fixtures'

require 'action_controller/test_process' require 'action_web_service/test_invoke' require 'breakpoint'

def create_fixtures(*table_names) Fixtures.create_fixtures(File.dirname(__FILE__) + "/fixtures", table_names)

end

Test::Unit::TestCase.fixture_path = File.dirname(__FILE__) + "/fixtures/" def assert_salable(product)

Test Data

depot_testing/test/fixtures/products.yml:

THE FULL DEPOT APPLICATION 502

depot_testing/test/fixtures/categories_products.yml:

product_id: 1 category_id: 1

version_control_categorized_as_history: product_id: 1

category_id: 2

automation_categorized_as_programming: product_id: 2

category_id: 1

automation_categorized_as_leisure: product_id: 2

category_id: 3

depot_testing/test/fixtures/orders.yml:

id: 1 name: Fred

email: fred@flintstones.com address: 123 Rockpile Circle pay_type: check

depot_testing/test/fixtures/users.yml:

id: 1 name: fred

hashed_password: <%= Digest::SHA1.hexdigest('abracadabra') %>

def test_add_unique_products @cart.add_product @version_control_book @cart.add_product @automation_book

assert_equal @version_control_book.price + @automation_book.price, @cart.total_price

assert_equal 2, @cart.items.size end

def test_add_duplicate_product @cart.add_product @version_control_book @cart.add_product @version_control_book

assert_equal 2*@version_control_book.price, @cart.total_price assert_equal 1, @cart.items.size

end

end

class ProductTest < Test::Unit::TestCase fixtures :products

def setup

@product = Product.find(1) end

# Replace this with your real tests. def test_truth

assert_kind_of Product, @product end

def test_create

assert_kind_of Product, @product assert_equal 1, @product.id

assert_equal "Pragmatic Version Control", @product.title assert_equal "How to use version control", @product.description assert_equal "http://.../sk_svn_small.jpg", @product.image_url assert_equal 29.95, @product.price

assert_equal "2005-01-26 00:00:00", @product.date_available_before_type_cast

end

def test_update

assert_equal 29.95, @product.price @product.price = 99.99

assert @product.save, @product.errors.full_messages.join("; ") @product.reload

assert_equal 99.99, @product.price end

def test_destroy @product.destroy

assert_raise(ActiveRecord::RecordNotFound) { Product.find(@product.id) } end

def test_validate

assert_equal 29.95, @product.price @product.price = 0.00

assert !@product.save

assert_equal 1, @product.errors.count

assert_equal "should be positive", @product.errors.on(:price) end

def test_read_with_hash assert_kind_of Product, @product

vc_book = @products["version_control_book"] assert_equal vc_book["id"], @product.id assert_equal vc_book["title"], @product.title

assert_equal vc_book["description"], @product.description assert_equal vc_book["image_url"], @product.image_url assert_equal vc_book["price"], @product.price

assert_equal vc_book["date_available"], @product.date_available_before_type_cast end

def test_read_with_fixture_variable assert_kind_of Product, @product

assert_equal @version_control_book.id, @product.id assert_equal @version_control_book.title, @product.title

assert_equal @version_control_book.description, @product.description assert_equal @version_control_book.image_url, @product.image_url assert_equal @version_control_book.price, @product.price

assert_equal @version_control_book.date_available, @product.date_available end

THE FULL DEPOT APPLICATION 504

def test_salable_items

items = Product.salable_items assert_equal 2, items.length

assert items[0].date_available <= Time.now assert items[1].date_available <= Time.now assert !items.include?(@future_proof_book)

end

def test_salable_items_using_custom_assert items = Product.salable_items assert_equal 2, items.length assert_salable items[0]

assert_salable items[1] assert_not_salable @future_proof_book

end

end

depot_testing/test/unit/product_txn_test.rb:

class ProductTest < Test::Unit::TestCase

self.use_transactional_fixtures = true

fixtures :products

def test_destroy_product assert_not_nil @version_control_book @version_control_book.destroy

end

def test_product_still_there assert_not_nil @version_control_book

end

end

Functional Tests

depot_testing/test/functional/login_controller_test.rb:

# Replace this with your real tests.

def test_truth assert true

end

#This test won't pass! def test_index

get :index assert_response :success

end

def test_index_without_user

class SearchControllerTest < Test::Unit::TestCase fixtures :products

def setup

@controller = SearchController.new

@request = ActionController::TestRequest.new @response = ActionController::TestResponse.new

end

def test_search

get :search, :query => "version control" assert_response :success

assert_equal "Found 1 product(s).", flash[:notice] assert_template "search/results"

products = assigns(:products) assert_not_nil products assert_equal 1, products.size

assert_equal "Pragmatic Version Control", products[0].title assert_tag :tag => "div",

:attributes => { :class => "results" }, :children => { :count => 1,

:only => { :tag => "div",

:attributes => { :class => "catalogentry" }}}

end end

# Reraise errors caught by the controller.

class StoreController; def rescue_action(e) raise e end; end class StoreControllerTest < Test::Unit::TestCase

fixtures :products, :orders

def setup

@controller = StoreController.new

@request = ActionController::TestRequest.new @response = ActionController::TestResponse.new

end

def teardown LineItem.delete_all

end

def test_index get :index

assert_response :success

assert_equal 2, assigns(:products).size assert_template "store/index"

end

def test_add_to_cart

get :add_to_cart, :id => @version_control_book.id cart = session[:cart]

assert_equal @version_control_book.price, cart.total_price assert_redirected_to :action => 'display_cart' follow_redirect

assert_equal 1, assigns(:items).size assert_template "store/display_cart"

end

def test_add_to_cart_invalid_product get :add_to_cart, :id => '-1' assert_redirected_to :action => 'index'

assert_equal "Invalid product", flash[:notice] end

def test_checkout test_add_to_cart get :checkout

assert_response :success assert_not_nil assigns(:order) assert_template "store/checkout"

end

def test_save_invalid_order test_add_to_cart

post :save_order, :order => {:name => 'fred', :email => nil} assert_response :success

assert_template "store/checkout"

assert_tag :tag => "div", :attributes => { :class => "fieldWithErrors" } assert_equal 1, session[:cart].items.size

end

def test_save_valid_order test_add_to_cart

assert_equal 1, session[:cart].items.size assert_equal 1, Order.count

post :save_order, :order => @valid_order_for_fred.attributes assert_redirected_to :action => 'index'

assert_equal "Thank you for your order.", flash[:notice]

THE FULL DEPOT APPLICATION 507

follow_redirect assert_template "store/index"

assert_equal 0, session[:cart].items.size assert_equal 2, Order.find_all.size

end

def test_assert_tags_many_options test_add_to_cart

get :save_order, :order => {:name => 'fred', :email => nil}

assert_tag :tag => "html"

assert_tag :content => "Pragprog Books Online Store" assert_tag :tag => "head", :parent => { :tag => "html" } assert_tag :tag => "html", :child => { :tag => "head" }

elapsedSeconds = Benchmark::realtime do

Fixtures.create_fixtures(File.dirname(__FILE__) +

"/../fixtures/performance", "orders") assert_equal(HOW_MANY, Order.find_all.size)

1.upto(HOW_MANY) do |id| order = Order.find(id)

THE FULL DEPOT APPLICATION 508

get :save_order, :order => order.attributes assert_redirected_to :action => 'index' assert_equal("Thank you for your order.", flash[:notice])

end

end

assert elapsedSeconds < 8.0, "Actually took #{elapsedSeconds} seconds"

end end

CSS Files

depot_final/public/stylesheets/admin.css:

background: #ecc; color: #822;

}

#columns { background: #411;

}

#side { background: #411;

}

#side a { color: #fdd;

}

#side a:hover { background: #411;

}

/* order shipping screen */

.olheader {

font: bold large sans-serif; color: #411;

margin-bottom: 2ex;

}

.olnamebox, .olitembox { padding-bottom: 3ex; padding-right: 3em; border-top: 1px dotted #411;

}

.olname { font-weight: bold;

}

.oladdress { font-size: smaller; white-space: pre;

}

.olitemqty { font-size: smaller; font-weight: bold;

}

.olitemqty:after { content: " x ";

}

.olitemtitle {

background: #9c9; padding-top: 10px; padding-bottom: 10px; border-bottom: 2px solid;

font: small-caps 40px/40px "Times New Roman", serif; color: #282;

text-align: center;

}

#banner img { float: left;

}

#columns { background: #141;

}

#main { margin-left: 7em; padding-top: 4ex; padding-left: 2em; background: white;

}

#side { float: left;

padding-top: 1em; padding-left: 1em; padding-bottom: 1em; width: 6em; background: #141;

}

#notice {

border: 2px solid red; padding: 1em; margin-bottom: 2em; background-color: #f0f0f0;

font: bold smaller sans-serif;

}

THE FULL DEPOT APPLICATION 510

a{

text-decoration: none; font: smaller sans-serif;

}

a.addtocart { padding-left: 1em; padding-right: 1em; color: #141; background: #cec; font-weight: bold;

}

a.addtocart:hover { color: #000; background: #eec;

}

#side a { color: #ada;

font: smaller sans-serif;

}

#side a:hover { color: #fff;

}

/**** styles for the catalog ***/

/* === Use the Holly Hack to fix layout bugs in IE on Windows === */

/* Hide from IE-mac \*/

* html .catalogentry { height: 1%; } /* End hide from IE-mac */

.catalogentry { padding: 1ex 0ex;

}

.catalogentry img { float: left; margin-right: 2em;

}

.catalogentry h3 { font: larger bold; color: #282; margin-top: 0ex; margin-bottom: 0.5ex;

}

.catalogentry p {

font: smaller sans-serif; margin-bottom: .5ex;

}

.catalogprice { padding-right: 4em;

}

/* Shoppng cart screen */

.carttitle { background: #282; color: #dfd;

font: bold smaller sans-serif; text-align: center;

}

.carttitle TD {

SAMPLE SYSTEM NOTIFIER 511

padding-top: 0px; padding-bottom: 0px;

}

#cartmenu { float: right;

border-left: 1px dotted #282;

}

#totalcell { font-weight: bold;

border-top: 1px solid #282; border-bottom: 2px solid #282; text-align: right;

}

.separator {

border-bottom: 1px dotted #282; clear: both;

}

C.2 Sample System Notifier

The following is a modified version of the code used by the Basecamp application to e-mail its maintainers when an exception occurs. We show how to hook this into the application on page 451.

notifier/app/models/system_notifier.rb:

end private

def sanitize_backtrace(trace)

re = Regexp.new(/^#{Regexp.escape(rails_root)}/) trace.map do |line|

Pathname.new(line.gsub(re, "[RAILS_ROOT]")).cleanpath.to_s end

end