articles Rails 4.1 - My favourite changes

07 Mar 2014
#ruby #rails #rails 4
Are you eager to elevate your security skills and safeguard your applications against cyber threats? I created a Rails Security course is designed specifically for developers like you who aim to build robust, secure Rails applications!
Buy my course: Security for Rails Developers.
Rails 4.1 is coming out soon and I'd like to summarize which new features I like the most.

Spring Application Preloader

Spring preloads your application which makes your test runs a lot faster. Rails 4.1 generates the binstubs with spring so when you call `rails` or `rake` spring will handle the call. If you want to run a command without spring you can do so by using `bundle rails` or `bundle rake`. Another change I'd like to mention here is two new rake task to run the tests: 
rake test:all
rake test:all:db
The first command merges your different types of test(model, controller, integration, mailer) and runs them. It also does not reset your db so your tests should run faster. The second one does the same except it resets the db between the test.

config/secrets.yml

You may have used [figaro](https://github.com/laserlemon/figaro) before to keep the sensitive data out of your repo but from now on Rails provides a built-in solution to this problem. Rails 4.1 generates a secret.yml in the config folder and you can store api keys, etc in it. The syntax as follows: 
development:
  secret_key_base: 3b7cd727ee24e8444053437c36cc66c3
  some_api_key: SOMEKEY
If you want to access these in your application you can do so by calling `Rails.application.secrets.some_api_key`.

Action Pack Variants

Mobiles and Tablets are widely used these days and from Rails 4.1 we can easily separate the templates for the different clients. You need to set the variant in your controller: 
case request.user_agent
when /iPad/
  request.variant = :tablet
when /iPhone|Android/ # far from complete. just for the sake of example
  request.variant = :phone
end
And in your `respond_to` block you can render a separate view: 
respond_to do |format|
  format.html do |html|
    html.tablet # renders app/views/projects/show.html+tablet.erb
    html.phone { extra_setup_if_needs; render ... }
  end
end

Active Record enums

With this extension to ActiceRecord you can declare an enum field in your model and Rails will handle the mapping of integer values in the database column to human friendly values in your code. 
class Conversation < ActiveRecord::Base
  enum status: [ :active, :archived ]
end
It also defines handy utility methods: 
conversation.active?  # to see if the record is active
conversation.active!  # to set the record active
It also makes easy to implement a simple state machine. I am already using this feature in production and it works like a charm.

CSRF protection from remote `script` tags

I use RJS to update parts of the applications via ajax and as homakov pointed out in the past this was vulnerable to CSRF. To fix the security issue Rails will use CSRF protection if the request is not xhr.

Added Numeric#in_milliseconds

In the past I always wrote `x * 1000` to convert timestamps I used on the client-side but now this is handled by this syntax sugar.

These are the changes I like the most but you can find an exhaustive list of changes in the changelog, thanks to Yves and Godfrey.

Or follow me on Twitter

Related posts