Idea To App!

How far are you for project 1?

  1. 0-30%
  2. 30-60%
  3. 60-90%
  4. 90-100%

You know

how to make...

  • Static pages
  • Models
  • Migrations
  • Seeds
  • Controllers
  • Views

Which of these lines in routes.rb will hit the 'obtain' method in the ItemsController when the '/items/1/obtain' URI is hit?

  1. get 'obtain', to: 'items/obtain'

  2. get ':id/obtain', to: 'obtain'
  3. member { get :obtain }
  4. get '/items/1/obtain', to: 'items#obtain'
resources :items do
end

Which route will allow this form to render in pokemons/new.html.erb?

Assume @pokemon = Pokemon.new
  1. post '/pokemons', to: 'pokemons#create', as: :pokemons
  2. get '/pokemons/new', to: 'pokemons#new', as: :pokemons
  3. patch '/pokemons', to: 'pokemons#create', as: :pokemons
  4. post '/pokemons/new', to: 'pokemons#new', as: :new_pokemon
​= simple_form_for @pokemon do |f|
  = f.input :name
  = f.button :submit

Routes and forms???

= simple_form_for @pokemon do |f|
  ...

= simple_form_for @pokemon,
    url: pokemons_path(@pokemon), method: :post
    do |f| ...

is equal to...

Post to pokemons_path (new resource) or patch to pokemon_path (updating resource) behind the scenes.

resources :pokemons does all this already!

Now...

We turn an idea into an app from start to finish!

Next Week...

  • More app development
  • More git/github for final project

Quitter!

Introducing...

Quitter

  • Twitter for quitters

Idea

  1. People can post about what they are quitting
  2. Admins moderate posts to make sure they are appropriate

For the future!

What do we need?

  • Easiest to think about models first

 

  • User model
    • Name, email
    • Needs authentication (sound familiar?)
    • has many Quits
  • Quit model
    • Text
    • belongs to User

Roadmap

Step 1

User/Post models

Step 2

User auth

Step 3

Validations + Associations

Which of these will not cause an error?

  1. Visiting '/users' in the browser
  2. User.create! name: 'Sam', email: 'sam@sam.com'
  3. Quit.create text: ''
  4. User.quits.create! text: 'I am a quitter.'

Roadmap

Step 4

Seeds, Routes

User Show, Index

Step 5

Edit, Update Quit

Step 6

New, Create Quit

Whew...

What are major security flaws with this app currently?

  1. Users can edit each other's quits
  2. Users can delete other people's quits
  3. A nonuser of the site can transfer quits from one User to another
  4. A nonuser of the site can create quits for himself
  1. (a), (b) only
  2. (a), (c) only
  3. (a) only
  4. All of the choices are security flaws

No Authorization!

  • So anyone can do anything they want :(

 

  • Think about how you could limit the tasks a user can do

 

  • Will see again when we create admins!

Logistics

  • Project 1 due next Friday (10/30) at 11:59pm!
  • Project 2 Spec released the weekend afterward
    • Find a group of up to 2-4 people!
    • Will be making a fairly complex Rails app based on an idea of your own

 

The end.