Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
Edouard
@inouire_twitter
Hi @unleashy , I just tried to upgrade my version of Hanami from 1.3.2 to 1.3.3 and this is what is causing the error. 1.3.2 works fine
unleashy
@unleashy
ah, thank you! seems there was a regression then?
Edouard
@inouire_twitter
Seems like it, yeah.
Edouard
@inouire_twitter
@jodosha issue created :point_right: hanami/hanami#1015
unleashy
@unleashy
okay, regressing to hanami 1.3.2 didn't work for me, but! regressing the tilt gem to 2.0.9 worked
Edouard
@inouire_twitter
OOOh
unleashy
@unleashy
I think 2.0.10 inadvertently broke something with hanami
Edouard
@inouire_twitter
good to know :thumbsup:
unleashy
@unleashy
rtomayko/tilt@dbb4df9 this commit, I believe
alex jamz
@alexjamz_gitlab
tilt 2.0.10? Same here...
unleashy
@unleashy
yeah it's def on tilt's side. rtomayko/tilt#347
too bad
Stephann Vasconcelos
@stephannv

Hello guys. How hanami handles routes with subdomains? I'm working on a project with a subdomain per client and I didn't figure out how to handle this using Hanami. In Rails I found some references:

# application_controller.rb
class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  before_action :ensure_subdomain

  def current_blog
    @current_blog ||= Blog.find_by(subdomain: request.subdomain)
  end
  helper_method :current_blog

  private

  def ensure_subdomain
    redirect_to root_url(subdomain: :www) unless current_blog.present?
  end
end

# routes.rb
Rails.application.routes.draw do
  constraints(SubdomainRoutes) do
    resources :blogs, only: [:new]
    root 'welcome#index'
  end

  constraints(!SubdomainRoutes) do
    resources :blogs, except: [:index, :new] do
      resources :posts
    end
    root 'blogs#show'
  end
end

# subdomain_routes.rb
class SubdomainRoutes
  def self.matches? request
    case request.subdomain
    when '', 'www'
      true
    else
      false
    end
  end
end

Source: https://www.driftingruby.com/episodes/working-with-subdomains

Kai Kuchenbecker
@kaikuchn
@stephannv I'd suggest to have your reverse proxy rewrite the subdomain to a distinct path, that way your app can be agnostic of the domain.
It is possible to mount different apps on different hosts in Hanami, but I don't know if you can route to different targets in the same app depending on the host.
Kai Kuchenbecker
@kaikuchn
Under the hood hanami uses the http_router gem, i think it's possible to just add host: "www.blabla.org" to your route, if it's not the http_router gem also allows for customizations via extend_route. So you could probably also go that way..
Stephann Vasconcelos
@stephannv
Thanks, @kaikuchn
I will research more about this topic
unleashy
@unleashy
hi y'all, i have a question. is it good practice to use defined? to check if an exposure is available or not? or should i use something else?
Kai Kuchenbecker
@kaikuchn
Best if to have the exposure always available. Maybe use the NullObject pattern. Let me rephrase that: Have you considered making your exposures always available? Maybe use the NullObject pattern.
I personally try to never have more than one exposure, similarly how I would avoid using more than one instance variable in a rails controller.
David Dawson
@DangerDawson
I have another security question, has anyone used Rack::Attack with multiple apps? I am struggling to get this working with trying to define app specific rules, they seem to get applied globally
David Dawson
@DangerDawson
Also am I right in thinking that the template does no escaping? it is all handled at the view layer? e.g. <%= user.last_name %> will not be escaped?
David Dawson
@DangerDawson
https://github.com/hanami/view#security
Answers my question quite nicely
unleashy
@unleashy
@kaikuchn thank you, that makes total sense!
Tsehau Chao
@jodeci

Hi, I’m trying to do some basic timezone stuff but my google-fu is failing me.
What I want to achieve:

  1. set default timezone for application (say UTC+8)
  2. user input: 2019-01-01 20:00
  3. entity saved as 2019-01-01 12:00:00 UTC
  4. template displays time as 2019-01-01 20:00:00 UTC+8

3 & 4 works right out of the box, but I’m lost at 1 & 2. The closest thing I found was:

# config/initializers/sequel.rb
Sequel.application_timezone = :local

But everything is still saved as 2019-01-01 20:00:00 UTC. Timezones are hard :p

Kai Kuchenbecker
@kaikuchn
I don't think it's a good idea to have sequel handle that. It's like the very furthest point from your users input.
I'd instead suggest to handle the user input that comes without a timezone as if it would specify your default timezone.
If there are many places where user input can happen, then extract that handling into a little PORO that does the magic for you.
There's probably nothing that does out of the box what you want, but I may be mistaken. If so, others please feel free to chime in.
Tsehau Chao
@jodeci
Hmm. Interesting that app wide time zone configuration doesn’t come with the box. I might be biased though (worked on a Rails app with heavy timezone focus recently)
Luca Guidi
@jodosha
:mega: Released hanami-utils v1.3.4 and hanami-view v1.3.2 https://twitter.com/hanamirb/status/1177498984551612416
Edouard
@inouire_twitter
:thumbsup:
Kai Kuchenbecker
@kaikuchn

Well first of all, there is not ActiveSupport::TimeWithZone equivalent in Hanami. So if you need complex time zone stuff - and basic Ruby is really lacking there - you'll need to pull in a Gem for that.
tzinfo has recently improved the interfaces/usability of it's classes, but I haven't checked that out yet. A couple years ago when I was working a lot with time zones I wrote my own gem because ActiveSupport::TimeWithZone had some nasty bugs and while I liked the interface had many design decisions I did not like, plus it was difficult to get JUST time with zone and not all the rest.

I still regularly update that gem whenever there's a new tzinfo release, but I consider it "done". It focuses on correctness and ease of use over speed though.

But there is a gazillion other gems out there, any of which may do what you need. And if you don't have complex timezone needs, I'd suggest to stick with plain ruby as long as comfortably possible.

Oliynyk Taras
@tarnonero
Hello everyone ! I'm having a little trouble with running a hanami application
this is the error:KeyError: key not found: "DATABASE_URL"
alex jamz
@alexjamz_gitlab
use export DATABASE_URL="postgresql://localhost/hanami_app_development"
and hanami db prepare
Oliynyk Taras
@tarnonero
Ok, but the postgres wants the password..So any suggestions there ?
Kai Kuchenbecker
@kaikuchn
you can just add it to the url
just like with basic auth, i.e., postgresql://postgres:SuperStrongPassword@localhost/hanami_app_development
where postgres is the user name
David Dawson
@DangerDawson

What is the recommended way to prevent accidently exposing a XSS vulnerabilities in a view template? The hanami doc’s reccomend either explicitly providing methods for the template in the view e.g. 

 def user_name
      user.name
 end

Or escaping the whole object before sending it to the template

 def user
      _escape locals[:user]
 end

Although this does not prevent accidentaly calling user.name in the view, or in the case of the _escape escaping the assoications of the object e.g. user.notes

Another option is to just turn auto-escaping on at the template engine level e.g.Haml::Template.options[:escape_html] = true
Although this goes against Hanami conventions ?
David Dawson
@DangerDawson
Ah, hanami/assets#36 answers the question why auto-escaping is not turned on at the template level
Arvy Petil
@alnpetil
Hi guys, has anyone tried using the light-service gem (https://github.com/adomokos/light-service) with Hanami?
image.png
I've included it and activesupport (since it's looking for it when I run tests) and now I'm getting that error which I'm not familiar with
Kai Kuchenbecker
@kaikuchn
Does the error go away if you don't include activesupport and/or light-service?
The constant in question recently came up when there was some issue with tilt (see rtomayko/tilt#347), so that's also making me a little suspicious. If you're using hanami-utils 1.3.4 maybe the changed lookup has some side-effects? If you're not using 1.3.4 try upgrading to it.