These are chat archives for dry-rb/chat

18th
Nov 2016
Andy Holland
@AMHOL
Nov 18 2016 00:51
OMG Gitter looks awful
Lucas Hosseini
@beauby
Nov 18 2016 00:52
@AMHOL It already looked quite as bad before :p
Andy Holland
@AMHOL
Nov 18 2016 00:52
lol
Not like this
This is REALLY bad
Selection_012.png
Lucas Hosseini
@beauby
Nov 18 2016 00:54
Yeah I know
Lucas Hosseini
@beauby
Nov 18 2016 00:59
Not sure it’s much better
The links colors look really bad in the dark theme
Andy Holland
@AMHOL
Nov 18 2016 00:59
It's a lot better IMO, still ugly tho
Lucas Hosseini
@beauby
Nov 18 2016 01:00
Can’t they use an actual color scheme like salarized?
Andy Holland
@AMHOL
Nov 18 2016 01:00
Yeah, I told them it looks awful in GitterHQ
That would be nice
I felt like this before
Lucas Hosseini
@beauby
Nov 18 2016 01:03
haha yeah
Daniel Gollahon
@dgollahon
Nov 18 2016 02:14
In dry-validation, is there a way to specify high level rules that depend on whether or not a key is provided?
In the example from http://dry-rb.org/gems/dry-validation/high-level-rules/ there's something that says "when barcode is filled, make sure job_num and sample_num are nil"
what I would like to do is effectively the same thing, but instead of saying "they are nil" i want to say "they are not provided at all"
Another way of phrasing what i'd like to do is have two attributes be optional but be provided together--never one without the other.
Christopher Dennl-Ortega Arrieta
@cdennl
Nov 18 2016 08:06
@dgollahon somethin like: (prop1.filled? > prop2.filled?) & (prop2.filled? > prop1.filled?)
or (prop1.filled? & prop2.filled?) | (prop1.none? & prop2.none?)
Jérémie Horhant
@Titinux
Nov 18 2016 08:08
Hi everyone. I have a small project that run with roda but it's not very well organised. I want to try to rebuid it with dry-web to see what it can brings to me but I can't find any documentation on dry-web. All other gems are documented on dry-rb.org but nothing for dry-web. Do you have any examples, blog articles, docs on how to start with dry-web ?
Tim Riley
@timriley
Nov 18 2016 09:53
@Titinux sorry, we don't have docs for that yet. We're still figuring some things out. Anyway, I hope to have some docs in place by February. In the meantime, there are two things I can suggest: (1) install the dry-web-roda gem and then generate a new project via the dry-web-roda new my_app_name CLI command, and then inspect what is created for you. (2) check out icelab/berg on github for a real-world project built like this, so you can see something working in full.
Sergey Kukunin
@Kukunin
Nov 18 2016 10:50
is it possible to use nested mapper in my mapper? Is embedded for this? Can I pass object of mapper?
Jérémie Horhant
@Titinux
Nov 18 2016 13:25
@timriley Thanks for the tips.
Sascha Korth
@skorth
Nov 18 2016 15:43
Hey there, someone using Dry::Struct/Dry::Validation to build form objects with Rails? For example within a Controller i would do the following: MyForm.new(foo_params). This would result in a deprecated warning. So, i have to use MyForm.new(foo_params.to_unsafe_h). This sounds 'unsave' and sql-injections came to my mind. Do i have to make sure that my Form object cleans bad things up?
Nikita Shilnikov
@flash-gordon
Nov 18 2016 16:02
@skorth by calling to_unsafe_h you bypass strong parameters, that's why it's called "unsafe". dry-v replaces strong parameters, so it's OK. But you shouldn't call to_unsafe_h if you haven't dry-v's schema for data. Also dry-validation doesn't add anything to protection from SQL injections, you should never interpolate "foreign" data into your queries
Sascha Korth
@skorth
Nov 18 2016 16:07
@flash-gordon Hey! With dry-v you mean dry-validation or?
@flash-gordon My code looks like this example http://cucumbersome.net/2016/09/06/rails-form-objects-with-dry-rb.html. Calling the Form Object like MyForm.new(params)gives me deprecated warnings cause it calls .to_h (which is deprecated) on params.
Nikita Shilnikov
@flash-gordon
Nov 18 2016 16:20
@skorth yes, dry-validation == dry-v
@skorth re warnings, yeah, that's why I'm saying using to_unsafe_hwith dry-v is OK, though it's ugly, I know
it's probably a good idea to post this question to discuss.dry-rb.org so everyone will be able to find it :)
Sascha Korth
@skorth
Nov 18 2016 16:28
Ok, if i understand it right something like MyActiveRecordObject.create(MyForm.new(foo_params.to_unsafe_h).to_hash) could be a problem.
If i don't cleanup the resulting hash beforehand.
Nikita Shilnikov
@flash-gordon
Nov 18 2016 16:36
@skorth wrong :) When you're using AR you're don't inlining anything by hand into a query, so it's safe because AR escapes values before using them in SQL (or uses bind variables the DB supports them, but that's another story). What I mean basically is that you mustn't write something like User.where("name = '#{ name }'") where name is a string obtained from a request/form. Instead you always do it like this User.where('name = ?', name)
Sascha Korth
@skorth
Nov 18 2016 16:44
@flash-gordon Ahhh your right, its AR that escapes, and not strong_params. My fault! Thanks for that.
Daniel Gollahon
@dgollahon
Nov 18 2016 20:10
@cdennl: thanks. at first I was thinking something like that wouldn't work, but it turns out I made i provided symbols to the rule when i needed to provide an array of strings (since my input keys are strings). after fixing that, your strategy works. :)
Christopher Dennl-Ortega Arrieta
@cdennl
Nov 18 2016 20:57
@dgollahon fine :)