Re: [Rails-core] find_by inconsistent return message

2015-02-09 Thread John Mileham 
What about the security ramifications of logging potentially sensitive
information?  IDs can be sensitive, but often far less than other fields.
There are legitimate use cases for using find_by on values that you'd
prefer not to be logged or known by the end user.  Making
more-informative error presentation
code the responsibility of the application would seem like a good way for
the developer to vet their own code and decide what level of logging or
return value would be appropriate.

-john

On Monday, February 9, 2015, Ryan Bigg  wrote:

> I think that sounds reasonable. Please submit a PR.
>
>
>
> On 9 Feb 2015, at 03:07, Иван Бишевац  > wrote:
>
> User.find(1)
> for no record with gives:
>
> def test_error_message
>   begin
> User.find(1)
>   rescue ActiveRecord::RecordNotFound => e
> message = e.message
>   end
>
>   assert_equal message, "Couldn't find User with 'id'=1"
> end
>
>
> I expected same behavior wiht find_by! method but it doesn't give so
> descriptive message.
> For example expected behavior should be:
>
> def test_error_message_for_find_by!
>   begin
> User.find_by(first_name: 'foo', last_name: 'bar')
>   rescue ActiveRecord::RecordNotFound => e
> message = e.message
>   end
>
>   assert_equal message, "Couldn't find User with 'first_name'='foo' and
> 'last_name'='bar'"
> end
>
> but it doesn't work like this instead e.message is just general "Couldn't
> find User".
>
> My use case is that I have API and on application_controller level I
> defined rescue from:
>
> ApplicationController < ActionController::Base
>   rescue_from ActiveRecord::RecordNotFound, with: :record_not_found
>
>   def record_not_found(exception)
> render json: { errors: [exception.message] }, status: 404
>   end
> end
>
> But in first case clients of API could guess what's error. But on second
> example couldn't .
>
> If maintainers agree I can submit pull request to change behavior.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ruby on Rails: Core" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to rubyonrails-core+unsubscr...@googlegroups.com
> 
> .
> To post to this group, send email to rubyonrails-core@googlegroups.com
> .
> Visit this group at http://groups.google.com/group/rubyonrails-core.
> For more options, visit https://groups.google.com/d/optout.
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ruby on Rails: Core" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to rubyonrails-core+unsubscr...@googlegroups.com
> 
> .
> To post to this group, send email to rubyonrails-core@googlegroups.com
> .
> Visit this group at http://groups.google.com/group/rubyonrails-core.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups "Ruby 
on Rails: Core" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to rubyonrails-core+unsubscr...@googlegroups.com.
To post to this group, send email to rubyonrails-core@googlegroups.com.
Visit this group at http://groups.google.com/group/rubyonrails-core.
For more options, visit https://groups.google.com/d/optout.

Re: [Rails-core] find_by inconsistent return message

2015-02-09 Thread Matt Jones 

On Feb 8, 2015, at 11:07 AM, Иван Бишевац  wrote:

> User.find(1)
> for no record with gives:
> 
> def test_error_message
>   begin
> User.find(1)
>   rescue ActiveRecord::RecordNotFound => e
> message = e.message
>   end
> 
>   assert_equal message, "Couldn't find User with 'id'=1"
> end
> 
> 
> I expected same behavior wiht find_by! method but it doesn't give so 
> descriptive message.
> For example expected behavior should be:
> 
> def test_error_message_for_find_by!
>   begin
> User.find_by(first_name: 'foo', last_name: 'bar')
>   rescue ActiveRecord::RecordNotFound => e
> message = e.message
>   end
> 
>   assert_equal message, "Couldn't find User with 'first_name'='foo' and 
> 'last_name'='bar'"
> end
> 
> but it doesn't work like this instead e.message is just general "Couldn't 
> find User”.

See also discussion on this PR:

https://github.com/rails/rails/pull/15791

and the related issue:

https://github.com/rails/rails/issues/15792

—Matt Jones

-- 
You received this message because you are subscribed to the Google Groups "Ruby 
on Rails: Core" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to rubyonrails-core+unsubscr...@googlegroups.com.
To post to this group, send email to rubyonrails-core@googlegroups.com.
Visit this group at http://groups.google.com/group/rubyonrails-core.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: Message signed with OpenPGP using GPGMail

[Rails-core] ActiveJob allow passing options to underlying library

2015-02-09 Thread John Negron 
ActiveJob is a great addition to Rails. Many supported backends like 
DelayedJob support other options than what is being passed into the enqueue 
adapter methods. It would be great if the "set" method could delegate 
options into the queue adapters. 

For example, DelayedJob has priority set at the job level and setting the 
priority could be done without named queues and other background workers.

Are there any plans for that or would the group be open to a pull request 
for it?

thanks
John

-- 
You received this message because you are subscribed to the Google Groups "Ruby 
on Rails: Core" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to rubyonrails-core+unsubscr...@googlegroups.com.
To post to this group, send email to rubyonrails-core@googlegroups.com.
Visit this group at http://groups.google.com/group/rubyonrails-core.
For more options, visit https://groups.google.com/d/optout.