docs/14-gotchas.md in activeadmin-1.0.0 vs docs/14-gotchas.md in activeadmin-1.1.0

- old
+ new

@@ -1,41 +1,47 @@ --- redirect_from: /docs/14-gotchas.html --- -#Gotchas +# Gotchas + ## Security ### Spreadsheet applications vulnerable to unescaped CSV data -If your CSV export includes untrusted data provided by your users, it's possible that they could include an executable formula that could call arbitrary commands on your computer. See [#4256](https://github.com/activeadmin/activeadmin/issues/4256) for more details. +If your CSV export includes untrusted data provided by your users, it's possible +that they could include an executable formula that could call arbitrary commands +on your computer. See +[#4256](https://github.com/activeadmin/activeadmin/issues/4256) for more +details. ## Session Commits & Asset Pipeline -When configuring the asset pipeline ensure that the asset prefix -(`config.assets.prefix`) is not the same as the namespace of ActiveAdmin -(default namespace is `/admin`). If they are the same Sprockets will prevent the -session from being committed. Flash messages won't work and you will be unable to +When configuring the asset pipeline ensure that the asset prefix +(`config.assets.prefix`) is not the same as the namespace of ActiveAdmin +(default namespace is `/admin`). If they are the same Sprockets will prevent the +session from being committed. Flash messages won't work and you will be unable to use the session for storing anything. -For more information see the following post: -[http://www.intridea.com/blog/2013/3/20/rails-assets-prefix-may-disable-your-session](http://www.intridea.com/blog/2013/3/20/rails-assets-prefix-may-disable-your-session) +For more information see [the following +post](http://www.intridea.com/blog/2013/3/20/rails-assets-prefix-may-disable-your-session). ## Helpers There are two known gotchas with helpers. This hopefully will help you to find a solution. ### Helpers are not reloading in development -This is a known and still open [issue](https://github.com/activeadmin/activeadmin/issues/697) -the only way is to restart your server each time you change a helper. +This is a known and still open +[issue](https://github.com/activeadmin/activeadmin/issues/697) the only way is +to restart your server each time you change a helper. ### Helper maybe not included by default -If you use `config.action_controller.include_all_helpers = false` in your application config, -you need to include it by hand. +If you use `config.action_controller.include_all_helpers = false` in your +application config, you need to include it by hand. #### Solutions ##### First use a monkey patch @@ -60,27 +66,31 @@ end ``` ## CSS -In order to avoid the override of your application style with the Active Admin one, you can do one of these things: -* You can properly move the generated file `active_admin.scss` from `app/assets/stylesheets` to `vendor/assets/stylesheets`. -* You can remove all `require_tree` commands from your root level css files, where the `active_admin.scss` is in the tree. +In order to avoid the override of your application style with the Active Admin +one, you can do one of these things: +* You can properly move the generated file `active_admin.scss` from + `app/assets/stylesheets` to `vendor/assets/stylesheets`. +* You can remove all `require_tree` commands from your root level css files, + where the `active_admin.scss` is in the tree. + ## Conflicts ### With gems that provides a `search` class method on a model -If a gem defines a `search` class method on a model, this can result in conflicts +If a gem defines a `search` class method on a model, this can result in conflicts with the same method provided by `ransack` (a dependency of ActiveAdmin). -Each of this conflicts need to solved is a different way. Some solutions are +Each of this conflicts need to solved is a different way. Some solutions are listed below. #### `tire`, `retire` and `elasticsearch-rails` -This conflict can be solved, by using explicitly the `search` method of `tire`, +This conflict can be solved, by using explicitly the `search` method of `tire`, `retire` or `elasticsearch-rails`: ##### For `tire` and `retire` ```ruby @@ -99,21 +109,30 @@ YourModel.solr_search ``` ### Rails 5 scaffold generators -Active Admin requires the `inherited_resources` gem which may break scaffolding under Rails 5 as it replaces the default scaffold generator. The solution is to configure the default controller in `config/application.rb` as outlined in [activeadmin/inherited_resources#195](https://github.com/activeadmin/inherited_resources/issues/195) +Active Admin requires the `inherited_resources` gem which may break scaffolding +under Rails 5 as it replaces the default scaffold generator. The solution is to +configure the default controller in `config/application.rb` as outlined in +[activeadmin/inherited_resources#195](https://github.com/activeadmin/inherited_resources/issues/195) -``` +```ruby module SampleApp class Application < Rails::Application ... config.app_generators.scaffold_controller = :scaffold_controller ... end end ``` - ## Authentication & Application Controller -The `ActiveAdmin::BaseController` inherits from the `ApplicationController`. Any authentication method(s) specified in the `ApplicationController` callbacks will be called instead of the authentication method in the active admin config file. For example, if the ApplicationController has a callback `before_action :custom_authentication_method` and the config file's authentication method is `config.authentication_method = :authenticate_active_admin_user`, then `custom_authentication_method` will be called instead of `authenticate_active_admin_user`. +The `ActiveAdmin::BaseController` inherits from the `ApplicationController`. Any +authentication method(s) specified in the `ApplicationController` callbacks will +be called instead of the authentication method in the active admin config file. +For example, if the ApplicationController has a callback `before_action +:custom_authentication_method` and the config file's authentication method is +`config.authentication_method = :authenticate_active_admin_user`, then +`custom_authentication_method` will be called instead of +`authenticate_active_admin_user`.