Idea To App!

Hackathon:

Design For Good

This Saturday, starting at 4 PM

ending on Sunday at noon

Located in the Woz

Prizes for best beginner hacks too!

bitly.com/hack-dfg

How far are you for project 1?

  1. 0-30%
  2. 30-60%
  3. 60-90%
  4. 90-100%

You know

how to make...

  • Static pages
  • Models
  • Migrations
  • Seeds
  • Controllers
  • Views

Which of these lines in routes.rb will hit the 'obtain' method in the ItemsController when the '/items/obtain/1' URI is hit?

  1. get 'obtain', to: '/items/obtain/'
  2. get 'items/obtain/1', to: 'obtain'
  3. get '/items/obtain/:id', to: 'items#obtain'
  4. get '/items/obtain/1', to: 'items/obtain'

Which will allow this form to render in pokemons/new.html.erb?

Assume @pokemon = Pokemon.new
  1. post '/pokemons', to: 'pokemons#create', as: :pokemons
  2. get '/pokemons/new', to: 'pokemons#new', as: :pokemons
  3. patch '/pokemons', to: 'pokemons#create', as: :pokemons
  4. post '/pokemons/new', to: 'pokemons#new', as: :new_pokemon
​<%= simple_form_for @pokemon do |f| %>
  <%= f.input :name %>
  <%= f.button :submit %>
<% end %>

Routes and forms???

​<%= simple_form_for @pokemon do |f| %>
  ...
<% end %>

<%= simple_form_for @pokemon,
   url: pokemons_path(@pokemon), method: :post
   do |f| %> ...

is equal to...

Post to pokemons_path (new resource) or patch to pokemon_path (updating resource) behind the scenes.

resources :pokemons does all this already!

Now...

We turn an idea into an app from start to finish!

Later...

We teach more git/github during class

Quitter!

Introducing...

Quitter

  • Twitter for quitters

Idea

  1. People can post about what they are quitting
  2. Admins moderate posts to make sure they are appropriate

For next time!

What do we need?

  • Easiest to think about models first

 

  • User model
    • Name, email
    • Needs authentication (sound familiar?)
    • has many Quits
  • Quit model
    • Text
    • belongs to User

Roadmap

Step 1

User/Post models

Step 2

User auth

Step 3

Validations + Associations

Which of these will not cause an error?

  1. Visiting '/users' in the browser
  2. User.create! name: 'Sam', email: 'sam@sam.com'
  3. Quit.create text: ''
  4. User.quits.create! text: 'I am a quitter.'

Roadmap

Step 4

Seeds, Routes

User Show, Index

Step 5

Edit, Update Quit

Step 6

New, Create Quit

Whew...

What are major security flaws with this app currently?

  1. Users can edit each other's quits
  2. Users can delete other people's quits
  3. A nonuser of the site can transfer quits from one User to another
  4. A nonuser of the site can create quits for himself
  1. (a), (b) only
  2. (a), (c) only
  3. (a) only
  4. All of the choices are security flaws

No Authorization!

  • So anyone can do anything they want :(

 

  • Think about how you could limit the tasks a user can do

 

  • Will see again when we create admins!

Logistics

  • Project 1 Due Sunday at 11:59pm!
  • Project 2 Spec released this weekend
    • Find a group of up to 4 people!
    • Will be making a fairly complex Rails app based on your own ideas

 

It's Lab Time.