book

Polished Ruby Programming

by Jeremy Evans

July 2021

Intermediate to advanced

434 pages

8h 36m

English

Packt Publishing

Read now

Unlock full access

ContributorsAbout the reviewers
Who this book is forWhat this book coversTo get the most out of this bookDownload the example code filesConventions usedGet in touchReviews
Technical requirementsLearning when to use core classesBest uses for true, false, and nil objectsDifferent numeric types for different needsUnderstanding how symbols differ from stringsLearning how best to use arrays, hashes, and setsImplementing an in-memory databaseWorking with Struct – one of the underappreciated core classes SummaryQuestionsFurther reading
Technical requirementsLearning when to create a custom classHandling trade-offs in SOLID designThe single-responsibility principleThe open-closed principleThe Liskov substitution principleThe interface segregation principleThe dependency inversion principleDeciding on larger classes or more classesLearning when to use custom data structuresSummaryQuestions
Technical requirementsUsing Ruby's favorite variable type – the local variableIncreasing performance by adding local variablesAvoiding unsafe optimizationsHandling scope gate issuesNaming considerations with local variablesLearning how best to use instance variablesIncreasing performance with instance variablesHandling scope issues with instance variablesNaming considerations for instance variablesUnderstanding how constants are just a type of variableHandling scope issues with constantsVisibility differences between constants and class instance variablesNaming considerations with constantsReplacing class variablesReplacing class variables with constantsReplacing class variables with class instance variables using the superclass lookup approachReplacing class variables with class instance variables using the copy to subclass approachAvoiding global variables, most of the timeSummaryQuestionsFurther reading
Technical requirementsUnderstanding that there are no class methods, only instance methodsNaming methodsSpecial method namesUsing the many types of method argumentsPositional argumentsOptional positional argumentsRest argumentsKeyword argumentsBlock argumentsLearning about the importance of method visibilityFixing visibility mistakesHandling delegationDelegating to other objectsSummaryQuestions
Technical requirementsHandling errors with return valuesHandling errors with exceptionsConsidering performance when using exceptionsRetrying transient errorsUnderstanding more advanced retryingBreaking circuitsDesigning exception class hierarchiesUsing core exception classesSummaryQuestions
Technical requirementsRecognizing different perspectives of code formattingLearning how syntactic consistency affects maintainabilityEnforcing consistency with RuboCopUnderstanding the consequences of using arbitrary limitsChecking basic code formatting with RubyRealizing the actual importance of code formattingSummaryQuestions

Technical requirementsFocusing on the user experienceLibrary namingLibrary first impressionsThe simplest possible interfaceDetermining the appropriate size for your libraryHandling complexity trade-offs during method designFewer but more complex methodsSummaryQuestions
Technical requirementsUsing Ruby's extensibility featuresDesigning plugin systemsDesigning a basic plugin systemHandling changes to classesPlugin modifications to classesSupporting plugin dependenciesMaking plugin loading easierHandling subclasses in plugin systemsConfiguring pluginsUnderstanding globally frozen, locally mutable designSummaryQuestions
Technical requirementsLearning the pros and cons of abstractionEliminating redundancyUnderstanding different ways of metaprogramming methodsUsing method_missing judiciouslySummaryQuestions
Technical requirementsDesigning your DSLConfiguration DSLsDSLs for making specific changesDSLs for reducing the verbosity of codeLibraries implemented as DSLsImplementing your DSLLearning when to use a DSLSummaryQuestions
Technical requirementsUnderstanding why testing is so critical in RubyLearning different approaches to testingConsidering test complexityUnderstanding the many levels of testingRealizing that 100% coverage means nothingSummaryQuestions
Technical requirementsConsidering reasons to refactorLearning about the refactoring processImplementing the most common Ruby refactoring techniquesExtracting a methodExtracting a classRefactoring to add featuresRemoving features properlyRemoving methodsRemoving constantsSummaryQuestions
Technical requirementsLearning about the many design patterns that are built into RubyThe object pool design patternThe prototype design patternThe private class data design patternThe proxy design patternHandling cases where there can be only oneDealing with nothingVisiting objectsAdapting and strategizingSummaryQuestions
Technical requirementsUnderstanding that you probably don't need to optimize codeProfiling first, optimizing secondUnderstanding that no code is faster than no codeHandling code where everything is slowSummaryQuestions
Technical requirementsLearning why database design is so importantDeciding on a database to useUnderstanding the most important database design principlesConsiderations when denormalizing your database designOther database design principlesTreating the database as not just dumb storageChoosing the model layerHandling database and model errorsSummaryFurther readingQuestions
Technical requirementsChoosing between client-side and server-side designDeciding on a web frameworkRuby on RailsSinatraGrapeRodaDesigning URL pathsStructuring with monoliths, microservices, and island chainsSummaryQuestions
Technical requirementsUnderstanding that most security issues in Ruby web applications are high levelNever trust inputPerforming access control at the highest level possibleAvoiding injectionScript injectionSQL injectionCode injectionApproaching high-security environmentsLimiting database accessInternal firewallingRandomizing memory layoutsLimiting filesystem accessLimiting system call accessSummaryQuestions
Chapter 1Chapter 2Chapter 3Chapter 4Chapter 5Chapter 6Chapter 7Chapter 8Chapter 9Chapter 10Chapter 11Chapter 12Chapter 13Chapter 14Chapter 15Chapter 16Chapter 17
Other Books You May EnjoyPackt is searching for authors like youLeave a review - let other readers know what you think

Content preview from Polished Ruby Programming

Chapter 17: Robust Web Application Security

Security is one of the most important considerations when developing a web application. In this chapter, you'll learn about techniques for avoiding common security issues in web applications. Then, you'll learn how to leverage the advanced security techniques provided by the operating system and database to increase the difficulty of attacks, minimize the attack surface, and mitigate damage in the case of a successful attack.

In this chapter, we will cover the following topics: