Reno, NV    +1 (800)0 621-0871

Go back

Bugs and Fixes | Development

Courage to View Source Code

  |  September 20, 2012

As mentioned in a previous post I have been reluctant(before) to “dive into” a gem. Before, I always trusted that a gem, especially if it is widely used to have fixed obvious bugs. I have since learned that this is not the case and that we must always look into these gems as much as possible or at least know how they operate.

A recent bug we had was a bit confusing indeed: in Radiant, we were skipping a before filter because one of the features called for unauthenticated users to create a resource(nomination). Since all other actions required an admin, then we just basically added

skip_before_filter :verify_authenticity_token, :only => [:create]
Radiant also has a no_login_required method but we couldn’t figure out how to call it only for create. So we just tried testing it out and it worked.

A couple of weeks later, we received a bug report that in IE9, creating a nomination redirects to the admin login form, which was totally weird since everything works in other browsers(okay, not totally, since it is IE – but it IS a ‘modern’ IE)

Anyway, we double checked our code and found that we left the no_login_required clause commented out on purpose(we usually just delete code that isn’t used). We then decided to just get on with it and look into radiant as to what that notorious no_login_required does. Back when I was still a noob, I would’ve been scared to do a bundle open radiant just because “I wouldn’t understand the code…” – but we’re past that now.

We found out that what no_login_required does is basically just:

skip_before_filter :authenticate
skip_before_filter :authorize
It was pretty simple – just add those two filters and add the :only => [:create] clause on each and we’re done!(quick fix, refactor to override no_login_required to accept arguments/options).

These are the times I am proud that I am not that scared in opening up gems anymore. I don’t trust gems that much anymore that I now do bundle opens regularly to understand more on how something works. It’s the equivalent of fixing your own stuff – fluorescent light not lighting up? Check the bulb first before calling the repair man. It might just be a problem with the bulb or the fuse which could be easily fixed.

Don’t be afraid to jump. Be curious.