Category Archives: rails

Using ActiveSupport::Notifications and ActiveSupport::Concern To Create An Audit Trail

In my previous post, I outlined a scenario that needs to be audited for HIPAA compliance – a patient with a list of medications. Every time a medication is added, updated or deleted, an audit record has to be created … Continue reading 

| 2 Comments

Don’t Do Role-Based Authorization Checks; Do Activity-Based Checks

I’ve built a few dozen security mechanisms in my career. Unfortunately, I kept getting it wrong, hence the need to keep building them. Over the years, though, I learned a number of different ways that a security system can be … Continue reading 

| 49 Comments

Embracing Conventions With Namespaced Models And Partials

Six months ago when I started working a contract with Joey Beninghove, I had never done full time rails work. I had played with it a few times and built a few small example apps just to get the hang … Continue reading 

| 3 Comments

Keep Your Demo Data Separate From Your Seed Data

File this under the “duh…” category… I don’t know why this wasn’t obvious. Joey and I have been working on our rather large app for a while now, with a bunch of demo accounts and data added with our seed … Continue reading 

| 1 Comment

Converting A Range And A Value Into A Scaled Value, With A Nice Background Color

I’m working on a web app that receives HL7 formatted medical data through my import utility that I’ve talked about a lot, recently. Once I receive those results, I have to parse them out of the file and then display … Continue reading 

| Leave a comment

A Better Solution For Partial View Controllers

A few days ago, I wrote about using the Cells gem to create an encapsulated segment of my app, with view and controller, etc. Well, this didn’t work out so well after all. Aside form the initial problem of `content_for` … Continue reading 

| Leave a comment

Cleaning Up Rails Helper Methods With A Helper Class: Good Idea, Bad Idea, Or ‘Meh’?

I found myself writing a very ugly helper method in my rails ApplicationHelper module: def render_program_dashboard(patient_program) key = patient_program.program.key content_for :css do stylesheet_link_tag “#{key}/patient_program” end dashboard_instance = nil dashboard_class_name = “#{key.to_s.classify}::ProgramDashboard” begin dashboard_class = dashboard_class_name.constantize dashboard_instance = dashboard_class.new(patient_program) rescue Rails.logger.info … Continue reading 

| Leave a comment

Cells: Partial Controllers And Views For Rails 3

I’ve got a sort-of meta-application that I’m building in Rails 3 for a client. The core of the application is a framework on which we build various “Programs” that a patient can participate in. On the Patient Profile screen, a … Continue reading 

| Leave a comment

Solving Some SSH Issues For Deploying Rails Apps

So you think “The Rails Life” is all unicorns, rainbows and glitter? Yeah. Guess again. Right now it feels more like a glitter cannon shredding a unicorn into a rainbow colored bloody pulp… Joey and I are deploying our rails … Continue reading 

| Leave a comment

Providing Unauthenticated API Access To An Authenticated/Authorized Controller In Rails 3, With Devise And CanCan

My current Ruby on Rails app defaults to every page and controller action in the system requiring authentication. If you’re not logged in, you don’t get to do anything other than see the login page. Once you are logged in, … Continue reading 

| Leave a comment