All blog articles by Varun Lalan

By default, regular expression matching is greedy, which means they try to match as many matches as possible in a given string.

Lets see an example considering HTML snippet - <p>Hello</p><span>Awesome</span><p>World</p>. Our task is to extract first p tag. i.e pattern matching should return <p>Hello</p>.

Immediate solution is to write regex - /<p>.*<\/p>/. But it would match the whole string.


The reason it matches whole string...

Read complete blog post

Almost all Ruby on Rails developers might come across scenario where they need to add a new column with a default value to one of the database tables. Most of us (including me) would write following migration statement -

add_column :table_name, :column_name, :boolean, default: false

This is a good practice but would cause downtime if the table has large number of records. It took 3 secs when I ran the migration for a table having 50k records.

-- add_column(:table_name, :column_name,...

Read complete blog post

Sometimes you’ll want to refer to your image assets from inside of your JavaScript or CoffeeScript files. We have nice rails helpers that would allow us to do so but we need to append .erb to every .js or .coffee file we want to reference images.

I didn’t like it that way, because ERB inside of CoffeeScript looks odd and having the file end with .erb messes up syntax highlighting.

A way around this is by adding following piece of code (not the beautiful one) to one single file that ends on ...

Read complete blog post

Cordova File Transfer plugin allows you to transfer / upload photos from mobile to server. You generally need a file with path for transferring / uploading files via File Transfer plugin.

More information on how to use Cordova File transfer plugin can be found here.

This plugin won't help much when we have a Base64 image (usually a drawing or signature drawn on canvas). To upload such images we can do:

  1. take your base64.
  2. write it to a file.
  3. then just use file transfer plugin to upload it to...

Read complete blog post

Varun Lalan

Active Admin is a great plugin that helps us to get administration functions with elegant and simple interface up and live quickly without much of a hassle or efforts. One can also make use of various customisations as per their need with very little effort.

In this article, I will be explaining how we can add custom search bar in Active Admin. Adding custom search bar is not as easy and straight forward as other Active Admin customisations. I will be making use of jQuery to do this.

Here, I...

Read complete blog post

Varun Lalan

Sometimes we need to show different text based on some count. Like for example:

if box_count == 0
 message = "No boxes present"
elsif box_count == 1
 message = "Only 1 box present"
 message = "There are #{box_count} boxes"

You can refactor this to make use of i18n locales power. In en.yml you can do -

 zero: No boxes present
 one: Only 1 box present
 other: There are %{count}...

Read complete blog post

Varun Lalan

In one of the feature, we had to import xlsx which was exported from sqlite database dump. The rows had few image names which was uploaded to sftp server. We had to upload those to images on S3.

Importing xlsx row data was simple but the challenge was how to upload images from sftp server to S3. This is where net-sftp gem came to our rescue (though its not managed anymore).

To get this working, we need 4 things: host, username and password using which we are going to login to sftp server and...

Read complete blog post

Many times websites get hit by unreliable sources which can mainly be automated scripts that continuously hits a web url which can cause DOS(Denial of Service) attack.

In Rails, we are handle such types of attacks by restricting the requests at Rack level. Rack is a middleware which can serve as "a way to filter a request and response".

For this, we can use rack-attack.


Rack::Attack.blacklist('allow2ban rapid send_verification_code') do |req|
 if && req.path ==...

Read complete blog post

Varun Lalan

Rails 3.1 and above has an awesome feature of prepared_statements. The basic idea behind prepared statements is to compile SQL statements once and cached for it future use. In other words - The benefit to prepared statements is that the database does not have to compile a query plan for every piece of SQL sent to it, potentially saving a lot of time.

Checkout an excellent blog(blog) to know more on prepared_statements.

Recently, I had to get raw sql from AR object so that I can pass it to...

Read complete blog post

Varun Lalan

Recently I added few integration tests in my projects using Capybara and Selenium webdriver and ran into banging my head against inconsistencies with test database. I create some records in test DB which were completely invisible to Selenium-driven browser-based tests.

The problem is: the tests are being wrapped in database transactions, so any code running outside the actual test process (like, say, a server process servicing a Selenium-driven browser request) does not see the database...

Read complete blog post

Varun Lalan

For displaying flash messages and other informative messages, we generally use Internationalization (I18n) in rails.

Sometimes we also need to write similar messages again in javascript/coffeescripts which can be difficult to manage if these message changes. And also it doesnt follow the concept of DRY.

To follow DRY, we need to make rails locales available in javascript.

One way to do it is to declare a global variable and have all locales saved to it as Javascript Object.

This is what we...

Read complete blog post

Varun Lalan

Please find attached pdf file for Coding Standards.

Also, refer following git repo for all Ruby idoms:

Gem you should consider for refactoring and code formatting:

  1. rubocop

  2. cane

  3. rails_best_practices

For code complexity use flog gem. Refer post here for more details.

Happy Refactoring :)

Read complete blog post

Varun Lalan

In most of our apps, we probably need to execute few background tasks more often, like every 10 minutes, once a week, etc. For scheduling these jobs, we need a scheduler that can re-run these tasks on specified intervals.

There are few schedulers like whenever, resque-scheduler, rufus-scheduler, etc that can do the job. However, these gems are not compatible Sidekiq and with apps deployed on Heroku.

There are 2 ways to make it work on Heroku.

1/ Using Heroku Scheduler addon.


i) Create...

Read complete blog post

In liquor, we needed SEO friendly Menu urls like /brandy/cognac. For this, we added a generic route /:parent/:child/:grandchild at the bottom of routes.rb.

With this approach, there was an issue with invalid urls like /this/is/wrong being redirected to specified controller action.

To fix this, we used Menu names to generate specific urls. But the routes would become invalid if Admin changes the menu name.

So we needed a way to reload routes once the menu is updated.

I found a hack mentioned...

Read complete blog post

Code Climate is a great web-tool to check code complexity, duplications and security vulnerabilities. Internally, code climate uses Flog to calculate code complexity and BrakeMan for security vulnerabilities. But it checks only when we commit code to Git.

We can check code complexity and security issues before committing to git.

For code complexity:

1) install flog

gem install flog

2) Goto project root path and run command:

find path_of_file -name *.rb | xargs flog

For example: find...

Read complete blog post

We all are aware that clicking any link that sends AJAX call doesn't change the url with the href of the link clicked. As the browsers history is not also updated, back button too will not work.

One alternative is to use PJAX that updates the url and browsers history thus enabling back button.

What if we don't what to use PJAX?

There is way of manipulate browsers history to reflect updated url and enable back button. This technique is used by Github in its file browser. When we click on...

Read complete blog post

Devise is an authentication solution for Rails. It makes use of Warden which is Rack based authentication framework.

Steps to integrate Devise:

1) Include devise gem in your gemfile.

 gem "devise"

2) Run bundle install to install it.

3) Generally, all the login related details are kept in User model. You are free to use any model name as per your needs. Here User model is used as an example. Generate User model using devise generator command:

 rails generate devise User

Read complete blog post

Varun Lalan

Files uploaded on S3 are not encrypted. To make them secure, we either need to encrypt the file at client's end then upload or configure S3 settings to encrypt the files after upload. i.e Server Side Encryption.

Amazon S3 Server Side Encryption (SSE) employs AES-256, an encryption standard that provides a considerably high level of protection.

To allow SSE for S3, just include following code in headers while uploading file:

'x-amz-server-side-encryption' = 'AES256'

To check, login to S3 and...

Read complete blog post

Varun Lalan

In rspec, we need to make http call for our test to pass. In this case, we are actually making http request which is not a best practice while we are executing tests.

The best way is to fake http request with the actual expected response without making actually going to that url.

For faking http request in ruby, we have couple of gems namely FakeWeb and WebMock.



1) Include 'fakeweb' in your Gemfile under test group only.

2) require it in spec helper.

3) use it in specs


Read complete blog post