Agile Web Development with Rails, Edition 5

10.3 Iteration E3: Finishing the Cart 10.1 Iteration E1: Creating a Smarter Cart

10.2 Iteration E2: Handling Errors

Log errors and show them on the screen.

Rescue error: log, flash, and redirect.

edit app/controllers/carts_controller.rb
class CartsController < ApplicationController
  before_action :set_cart, only: [:show, :edit, :update, :destroy]
  rescue_from ActiveRecord::RecordNotFound, with: :invalid_cart
  # GET /carts
  # ...
  private
  # ...
 
    def invalid_cart
      logger.error "Attempt to access invalid cart #{params[:id]}"
      redirect_to store_index_url, notice: 'Invalid cart'
    end
end

Reproduce the error.

get /carts/wibble
You are being redirected.
get http://localhost:3000/
The Pragmatic Bookshelf

Your Pragmatic Catalog

  • Rails, Angular, Postgres, and Bootstrap

    Powerful, Effective, and Efficient Full-Stack Web Development As a Rails developer, you care about user experience and performance, but you also want simple and maintainable code. Achieve all that by embracing the full stack of web development, from styling with Bootstrap, building an interactive user interface with AngularJS, to storing data quickly and reliably in PostgreSQL. Take a holistic view of full-stack development to create usable, high-performing applications, and learn to use these technologies effectively in a Ruby on Rails environment.

    $45.00
  • Ruby Performance Optimization

    Why Ruby Is Slow, and How to Fix It You don’t have to accept slow Ruby or Rails performance. In this comprehensive guide to Ruby optimization, you’ll learn how to write faster Ruby code—but that’s just the beginning. See exactly what makes Ruby and Rails code slow, and how to fix it. Alex Dymo will guide you through perils of memory and CPU optimization, profiling, measuring, performance testing, garbage collection, and tuning. You’ll find that all those “hard” things aren’t so difficult after all, and your code will run orders of magnitude faster.

    $46.00
  • Seven Mobile Apps in Seven Weeks

    Native Apps, Multiple Platforms Answer the question “Can we build this for ALL the devices?” with a resounding YES. This book will help you get there with a real-world introduction to seven platforms, whether you’re new to mobile or an experienced developer needing to expand your options. Plus, you’ll find out which cross-platform solution makes the most sense for your needs.

    $26.00

Inspect the log.

tail -25 log/development.log
  Cart Load (0.1ms)  SELECT  "carts".* FROM "carts" WHERE "carts"."id" = ? LIMIT ?  [["id", 0], ["LIMIT", 1]]
Completed 404 Not Found in 1ms (ActiveRecord: 0.1ms)
 
 
 
ActiveRecord::RecordNotFound (Couldn't find Cart with 'id'=wibble):
 
app/controllers/carts_controller.rb:67:in `set_cart'
Started GET "/carts/wibble" for 127.0.0.1 at 2017-11-13 09:41:20 -0500
Processing by CartsController#show as HTML
  Parameters: {"id"=>"wibble"}
  Cart Load (0.1ms)  SELECT  "carts".* FROM "carts" WHERE "carts"."id" = ? LIMIT ?  [["id", 0], ["LIMIT", 1]]
Attempt to access invalid cart wibble
Redirected to http://localhost:3000/
Completed 302 Found in 4ms (ActiveRecord: 0.7ms)
 
 
Started GET "/" for 127.0.0.1 at 2017-11-13 09:41:20 -0500
Processing by StoreController#index as HTML
  Rendering store/index.html.erb within layouts/application
  Product Load (0.2ms)  SELECT "products".* FROM "products" ORDER BY "products"."title" ASC
  Rendered store/index.html.erb within layouts/application (8.8ms)
Completed 200 OK in 36ms (Views: 33.3ms | ActiveRecord: 0.5ms)
 
 

Limit access to product_id

edit app/controllers/line_items_controller.rb
    # Never trust parameters from the scary internet, only allow the white
    # list through.
    def line_item_params
      params.require(:line_item).permit(:product_id)
    end
rails test:controllers
Run options: --seed 30520
 
# Running:
 
.......................
 
Finished in 0.400870s, 57.3752 runs/s, 87.3100 assertions/s.
23 runs, 35 assertions, 0 failures, 0 errors, 0 skips

Inspect the log.

grep -B 8 -A 7 "Unpermitted parameter" log/test.log
-----------------------------------------------------
LineItemsControllerTest: test_should_update_line_item
-----------------------------------------------------
  LineItem Load (0.1ms)  SELECT  "line_items".* FROM "line_items" WHERE "line_items"."id" = ? LIMIT ?  [["id", 980190962], ["LIMIT", 1]]
Started PATCH "/line_items/980190962" for 127.0.0.1 at 2017-11-13 09:41:21 -0500
Processing by LineItemsController#update as HTML
  Parameters: {"line_item"=>{"cart_id"=>"980190962", "product_id"=>"298486374"}, "id"=>"980190962"}
  LineItem Load (0.0ms)  SELECT  "line_items".* FROM "line_items" WHERE "line_items"."id" = ? LIMIT ?  [["id", 980190962], ["LIMIT", 1]]
Unpermitted parameter: :cart_id
   (0.0ms)  SAVEPOINT active_record_1
  Product Load (0.0ms)  SELECT  "products".* FROM "products" WHERE "products"."id" = ? LIMIT ?  [["id", 298486374], ["LIMIT", 1]]
  Cart Load (0.0ms)  SELECT  "carts".* FROM "carts" WHERE "carts"."id" = ? LIMIT ?  [["id", 980190962], ["LIMIT", 1]]
   (0.0ms)  RELEASE SAVEPOINT active_record_1
Redirected to http://www.example.com/line_items/980190962
Completed 302 Found in 2ms (ActiveRecord: 0.2ms)
   (0.0ms)  rollback transaction
edit test/controllers/line_items_controller_test.rb
  test "should update line_item" do
    patch line_item_url(@line_item),
      params: { line_item: { product_id: @line_item.product_id } }
    assert_redirected_to line_item_url(@line_item)
  end
rake log:clear LOGS=test
rails test:controllers
Run options: --seed 6182
 
# Running:
 
.......................
 
Finished in 0.362378s, 63.4696 runs/s, 96.5842 assertions/s.
23 runs, 35 assertions, 0 failures, 0 errors, 0 skips
grep "Unpermitted parameters" log/test.log | wc -l
0

10.3 Iteration E3: Finishing the Cart 10.1 Iteration E1: Creating a Smarter Cart