require "loofah"
class HtmlSanitizer
ALLOWED_TAGS = %w[p br a strong em ul ol li blockquote code pre h2 h3].freeze
ALLOWED_ATTRS = %w[href title].freeze
SAFE_SCHEMES = %w[http https mailto].freeze
class ExternalApiClient
def fetch_user_data(user_id)
ActiveSupport::Notifications.instrument(
'api.external_service',
service: 'user_service',
operation: 'fetch_user',
class ActivityPanelController < ApplicationController
def show
@project = Project.find(params[:project_id])
@events = @project.events.order(created_at: :desc).limit(50)
latest = @events.maximum(:updated_at)
class Comment < ApplicationRecord
belongs_to :post
belongs_to :author, class_name: 'User'
# Automatically broadcast changes to all subscribers of this post
after_create_commit -> { broadcast_append_to post, target: "comments" }
class UserNotificationJob < ApplicationJob
queue_as :default
# Retry up to 5 times with exponential backoff
retry_on StandardError, wait: :exponentially_longer, attempts: 5
class DashboardWidget < ApplicationRecord
broadcasts_refreshes
end
module Webhooks
class StripeController < ApplicationController
skip_before_action :verify_authenticity_token
def create
payload = request.body.read
production:
primary:
adapter: postgresql
database: app_production
username: app
password: <%= ENV["PRIMARY_DB_PASSWORD"] %>
class AddSoftDeleteToDocuments < ActiveRecord::Migration[7.0]
disable_ddl_transaction!
def change
add_column :documents, :marked_for_deletion_at, :datetime, null: true
module MyApp
class Application < Rails::Application
config.load_defaults 6.1
# API-only mode
config.api_only = true
secret = ROTP::Base32.random
current_user.update!(otp_secret: secret)
totp = ROTP::TOTP.new(secret, issuer: 'CodeSnips')
provisioning_uri = totp.provisioning_uri(current_user.email)
require 'rails_helper'
RSpec.describe 'Tasks', type: :request do
it 'renders turbo stream on create' do
post tasks_path,
params: { task: { title: 'New task' } },