My reaction to Brad Ediger's Advanced Rails is a simple "thumbs up." If you are a serious Rails developer, you should read this book. Here's a few tidbits I liked:
- Very nice coverage of ActiveSupport. Developers who learn Rails first, and Ruby later (or never) often do not discover some of the goodies here.
- There is a security reason for HashWithIndifferentAccess. Do you know what it is?
- Nice explanation of how instance_exec works.
- Overview of several real-world approaches to configuration management: Plugins and gems aren't everything -- also covers RaPT, piston, and decentralized version control.
- How to test plugins. While Rails itself makes testing easy, writing tests for a plugin is confusing unless you have a thorough understanding of the Rails environment.
- Enumerator. It's like Enumerable, but tailored to you.
- Using proxy objects to deprecate ivars.
- A broad-ranging chapter on security, including password hashing, securing error messages, whitelisting and blacklisting, session attacks, XSS, CSRF, canonicalization, SQL injection, and tainting.
- Pragmatic ImageMagick. (Try saying that with a straight face.)
- A nice explanation of REST that goes beyond getting started (routes and scaffolds) to some interesting issues (various options for managing ETags).
There is very little not to like:
- The book endorses Ferret. Don't go there.
- Ediger seems to prefer vi to emacs. Sigh. The truth will set you free, my friend.
If you already know a lot of Rails, this book will be a quick read. But I bet you will have at least a half-dozen ah-hah moments, which is a good number. Read it.