Book Review: Advanced Rails

My reaction to Brad Ediger's Advanced Rails is a simple "thumbs up." If you are a serious Rails developer, you should read this book. Here's a few tidbits I liked:

  • Very nice coverage of ActiveSupport. Developers who learn Rails first, and Ruby later (or never) often do not discover some of the goodies here.
  • There is a security reason for HashWithIndifferentAccess. Do you know what it is?
  • Nice explanation of how instance_exec works.
  • Overview of several real-world approaches to configuration management: Plugins and gems aren't everything -- also covers RaPT, piston, and decentralized version control.
  • How to test plugins. While Rails itself makes testing easy, writing tests for a plugin is confusing unless you have a thorough understanding of the Rails environment.
  • Enumerator. It's like Enumerable, but tailored to you.
  • Using proxy objects to deprecate ivars.
  • A broad-ranging chapter on security, including password hashing, securing error messages, whitelisting and blacklisting, session attacks, XSS, CSRF, canonicalization, SQL injection, and tainting.
  • Pragmatic ImageMagick. (Try saying that with a straight face.)
  • A nice explanation of REST that goes beyond getting started (routes and scaffolds) to some interesting issues (various options for managing ETags).

There is very little not to like:

  • The book endorses Ferret. Don't go there.
  • Ediger seems to prefer vi to emacs. Sigh. The truth will set you free, my friend.

If you already know a lot of Rails, this book will be a quick read. But I bet you will have at least a half-dozen ah-hah moments, which is a good number. Read it.

Get In Touch