amoose / coaster-app Goto Github PK
View Code? Open in Web Editor NEWMakes riding the coaster a breeze
Home Page: https://coaster.herokuapp.com
Makes riding the coaster a breeze
Home Page: https://coaster.herokuapp.com
The last step for maintaining consistency is to enable rubocop to run in Travis CI and return error exit status when there are violations.
Needs a complete revamp!
Security issue from Hakiri: Specially crafted requests can be used to determine whether a file exists on the filesystem that is outside an application
Geolocations persist after Stations/Users are destroyed, which is a huge problem since we're gathering stations near the user by the station's geolocation.
I've been getting this error in the chrome console: 'Cannot read property "lat" of null'
Apparently some User geolocations aren't getting geocoded:
#<Geolocation:0x007fbfecc91e78
id: 12,
latitude: nil,
longitude: nil,
address: "98.176.195.218",
geocodeable_id: 4,
geocodeable_type: "User",
created_at: Fri, 08 Jul 2016 18:43:48 PDT -07:00,
updated_at: Fri, 08 Jul 2016 18:43:48 PDT -07:00,
accuracy: 9,
gmaps: nil>
def departing(date=Date.today)
self.trains.each do |train|
[] << train if train.departs?(date)
end
end
Even if train.departs?(date)
returns false, the train is added to the array!
Our application needs to be migrated to the latest Heroku stack for compatibility with our CI/CD pipeline.
Debugger seems to recognize a Station's trains but no list is displayed.
After a quick pry session I found that the @trains array isn't getting loaded with anything.
secret_token.rb has been pushed to git many times.
We need to update the token and add this file to .gitignore
https://s3.amazonaws.com/archive.travis-ci.org/jobs/137864487/log.txt?deansi=true
Failures:
1) UsersController POST create with permitted params creates a user
�[31mFailure/Error: �[0m�[32mif�[0m @current_user �[32mand�[0m @current_user.ip_address != request.remote_ip �[32mand�[0m @current_user.geolocation.updated_at < �[1;34m1�[0m.hour.ago�[0m
�[31m�[0m
�[31mNoMethodError:�[0m
�[31m undefined method `<' for nil:NilClass�[0m
�[36m# ./app/helpers/sessions_helper.rb:9:in `current_user='�[0m
�[36m# ./app/helpers/sessions_helper.rb:4:in `sign_in'�[0m
�[36m# ./app/controllers/users_controller.rb:22:in `create'�[0m
�[36m# ./spec/controllers/users_controller_spec.rb:34:in `block (5 levels) in <top (required)>'�[0m
�[36m# ./spec/controllers/users_controller_spec.rb:33:in `block (4 levels) in <top (required)>'�[0m
Finished in 52.3 seconds (files took 2.09 seconds to load)
�[31m29 examples, 1 failure�[0m
Failed examples:
�[31mrspec ./spec/controllers/users_controller_spec.rb:32�[0m �[36m# UsersController POST create with permitted params creates a user�[0m
Coverage report generated for RSpec to /home/travis/build/amoose/coaster-app/coverage. 241 / 373 LOC (64.61%) covered.
/home/travis/.rvm/rubies/ruby-2.3.1/bin/ruby -I/home/travis/build/amoose/coaster-app/vendor/bundle/ruby/2.3.0/gems/rspec-core-3.4.4/lib:/home/travis/build/amoose/coaster-app/vendor/bundle/ruby/2.3.0/gems/rspec-support-3.4.1/lib /home/travis/build/amoose/coaster-app/vendor/bundle/ruby/2.3.0/gems/rspec-core-3.4.4/exe/rspec --pattern spec/\*\*\{,/\*/\*\*\}/\*_spec.rb failed
travis_time:end:02cd8604:start=1466011796807600553,finish=1466011853345264833,duration=56537664280
�[0K
�[31;1mThe command "bundle exec rake" exited with 1
We need specs to ensure that all is well with our app. Rspec to the rescue!
Started GET "/users/8/update_geolocation?latitude=32.7565455&longitude=-117.11758259999999" for ::1 at 2016-06-21 21:28:11 -0700
ActionController::RoutingError (No route matches [GET] "/users/8/update_geolocation")
There isn't much documentation for gmaps4rails v1, and it seems that the Gmaps API has changed since 2011 😆 , so an upgrade appears to be in order!
Security issue from Hakiri: Session secret should not be included in version control in config/initializers/secret_token.rb
Update the application setup using bin/setup
and update instructions in README
Geocoder isn't able to detect our location in development.
missing partial 'sign_in'
Once upon a time, I found a programatic method for importing train data.. implement it! ✨
Show nearest station schedule at first visit
Either prompt or add a nice UI element for enabling geolocating in the browser
Depending on the accuracy, show the nearest station or stations
We also need to ensure that the user is signed in and that the user can only update their own geolocation.
Security issue from Hakiri: In the scenario where an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the href or action to
Security issue from Hakiri: protect_from_forgery should be configured with 'with: :exception' in app/controllers/application_controller.rb
Tests are barking:
"NoMethodError: undefined method `attr_accessible' for #Class:0x007fd2c0065938"
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.