Explore
For Enterprise
Join for Free
Log In

Browse
Search
For Enterprise
Log In
Join for Free

Welcome to Module 4: Security and Nested Resources in Action Pack

Loading...

Rails with Active Record and Action Pack

Johns Hopkins University

4.7 (732 ratings) | 18K Students Enrolled

Course 2 of 6 in the Ruby on Rails Web Development Specialization

You already know how to build a basic web application with the Ruby on Rails framework. Perhaps, you have even taken Course 1, "Ruby on Rails: An Introduction" (we highly recommend it) where you relied on external web services to be your “data layer”. But in the back of your mind, you always knew that there would come a time when you would need to roll up your sleeves and learn SQL to be able to interact with your own relational database (RDBMS). But there is an easier way to get started with SQL using the Active Record Object/Relational (ORM) framework. In this course, we will be able to use the Ruby language and the Active Record ORM framework to automate interactions with the database to quickly build the application we want. In Rails with Active Record and Action Pack, we will explore how to interact with relational databases by using Active Record, a Ruby gem, which Rails uses by default for database access. We will then take a look at what role Active Record plays in the overall request-response cycle, when a client (the browser) requests data from the server, as well as how to submit the data to the server. Of course, when accessing data, security is of paramount importance! We will talk about vulnerabilities such as SQL injection, as well as how to secure access to data by authenticating and authorizing users accessing the data. Take this course to build a Ruby on Rails application with Active Record to automate the detailed SQL interactions with our database.

Skills You'll Learn

Authentication, Active Record Pattern, Ruby On Rails

Reviews

4.7 (732 ratings)

5 stars
573 ratings
4 stars
120 ratings
3 stars
22 ratings
2 stars
10 ratings
1 star
7 ratings

YV

Feb 29, 2016

This course continues the Introduction with the same test-driven approach and delicious intensity of the material. Efforts to finish the course will be greatly rewarded.

SJ

Jun 05, 2016

I really liked writing the authentication myself. I've relied on Devise (and will continue using it mostly) but really got an appreciation for what was going on.

From the lesson

Security and Nested Resources in Action Pack

In this module, we will talk about how to deal with nested resources in Rails. We will then talk about securing your app with a username and password combination for authentication purposes and making sure that users are only authorized to make changes to and view their own resources. We will finish off the module by discussing pagination and deploying to Heroku Paas (Platform as a Service).

Welcome to Module 4: Security and Nested Resources in Action Pack4:12

Building an App with Multiple Resources10:03

Nested Resources: Part 18:32

Nested Resources: Part 212:04

Taught By

Kalman Hazins
Adjunct Professor, Graduate Computer Science

Transcript

[MUSIC] Hi and welcome to Module 4. Up until now we have built applications that center around one resource. In Module 4, we're going to build an application that deals with multiple resources. And we'll see how rails handles that as well as nested resources like dependent resources. Where you have one resource dependent on another resource. For example, you have a block post that maybe has comments and obviously comments only make sense in the context of a block post, how do those resources interact together. Also, we haven't talked about how to protect data. So so far we have learned about creating data that's Active Record, the first two modules. We talked about how to expose data a little bit in Module 3. But now, the data is completely exposed, the idea is to secure the data. And the way you secure the data is by using authentication and what authentication does is it provides maybe a user and password to protect the website that you're trying to access and enables authentication to authenticate that the person who is trying to log in and view the data is a person who is authenticated to do so. The next step is, the person might be authenticated. But just because he's authenticated in the system doesn't mean that he is allowed to see everybody's resources. So that's where authorization step, how do we authorize the person to be able to only view his own resources, not everybody else's resources? So we'll talk about authentication and authorization and how it's done in Rails. Including in my discussion about authentication, we'll talk about how browsers handle requests. So when a browser makes a request to a server, and the server responds, usually with some HTML page, and then the browser makes another request, the server has no idea which browser is making the request. The server doesn't remember requests in-between. So we're gonna talk about HTTP sessions and cookies and how Rails handles those things to remember the previous requests that are being made. And thus establishing a secure connection between the client, the browser, and the web server. We'll finish off Module 4 by talking about pagination. And the idea of pagination is that you usually have many, many records that you wanna access. And you obviously don't wanna be accessing all the records at the same, so you wanna paginate between multiple records at a time. [MUSIC] At the end of a module, we're gonna create an application that's gonna be a secure application that will be authenticated, it will be authorized, and it will be an application that you're proud of. We'll deploy it to Heroku, the interesting twist at the end is gonna be that Heroku only understands Post Gres, and this whole time, we'll be building an application using SQLite database engine and we'll see that that switch from SQLite to Post Gres on Heroku is gonna be pretty seemless. So at the end of this course, I'm hoping that you're going to be feeling a much better Rails developer after course one and course two, and you're gonna be ready for course three, which is gonna be about [FOREIGN] and enhancing the skills that you have gained in courses one and two as a Rails developer.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online.

© 2019 Coursera Inc. All rights reserved.

Get it on Google Play

Coursera
About
Leadership
Careers
Catalog
Certificates
MasterTrack™ Certificates
Degrees
For Enterprise
For Government
For Campus

Community
Learners
Partners
Developers
Beta Testers
Translators

Connect
Blog
Facebook
LinkedIn
Twitter
Instagram
YouTube
Tech Blog

More
Terms
Privacy
Help
Accessibility
Press
Contact
Directory
Affiliates