Harsh Umaretiya

Okay. I'm, uh, basically locate I'm basically located in. I have completed my from ADIT, uh, in the information and technology. I have more than 4.3 years of experience with the Ruby on this. I have started the services company where I was working as a software developer, and I, uh, at the time, I was working as an intern. And after completing 3 to 6 months of internship, I also entered, uh, organization department. I have very good interest in cybersecurity domain as well, and I have completed certified ethical hacking, uh, certificate, uh, as well. I'm doing, uh, penetration testing and bug bounty hunting in my free time with, uh, related to Ruby on Rails. Uh, I have, uh, more time for 15 to 20 projects as a freelancer and as I implementing few functionality with, uh, some, uh, coders with, uh, pet programming as well. So yeah. And I work with the service based companies and product based companies as well, and I have developed 2 to 3 products in the Fintech, uh, Fintech industry, and one is a hospital, uh, management software, and 1 and 2 are, uh, 2 projects in the nonprofit organization. So, yeah, basically, I have worked with, uh, I'm, uh, working as a senior software developer, and I'm managing team of 2 to 3, uh, to be on this developer and, uh, 2 UI developers in my current organization. Yes.

Okay. So here, yeah, we can directly use the MVC components, like, when we are requesting anything from the, uh, HAX part. So we can confirm with the form, uh, form fill and adding the remote through and, uh, every necessary steps. And from there, we can identify to the controller, like, it is, uh, request dot x h r is present. Like, the request is confirm, uh, getting in the extra chart format or more. If it is XHR format, then we can test it like it is a j x call, and we can redirect or render, uh, we can render a new, uh, partial for that. So yeah. And from the controller, we can also, like from the request or path, we get all the parameters and everything. So from that, we can directly check. And according to that, we can update our logic and, uh, show the different, uh, logic in the controller.

Okay. So in the JavaScript, the callbacks, so there are many, uh, callbacks in JavaScript, uh, so we can directly, uh, like, if there are on click, uh, there will be the on over, on pop up, and every callback we can use, and the ejects part as well. So when whenever, uh, we are writing HTML or HTML or HTML or HTML or the admin files at at that time, we, uh, to conclude this JavaScript JavaScript, uh, callbacks. And we can perform according to, like, if, uh, someone is on we are doing submitting form on plate, then we, uh, perform the Ajax call at the time and, uh, directly calling the controller action. And from that, we are able to render in the success part. We will show the what in which ID or in which class we want to show that particular result and everything. So, yeah, we can directly handle, uh, this whole kind of plus from the Ajax part and in the HTML ODLB file.

So in multitenant, uh, okay. So, uh, multitenant application, there are few gem b as Ruby is providing, like, multi, uh, tenant gem, and there is, uh, 1 or 2 gems which, uh, Ruby on this is providing. So there, we can directly check with the, like, from, uh, which domain other data is coming and for which domain we are going to display. So according to that, we saw that in the database table. And for that, uh, each tenant, there will be a different domain, and there, uh, there will be the different, uh, database, uh, association. So from that, we can, uh, check, like, when user is logged in. We can check into the database, like, from which, uh, this user is, uh, coming from which tenant. So from that, uh, we can identify the particular tenant's complete record and association according to that particular users. And from that, we can redirect to that, uh, different domain or, uh, particular, uh, like, which organization he is logged in. So we can directly redirect from that. So, mainly, we have to score, uh, the core functionalities to the, uh, the related to association in the database.

I'm not gonna save screwable super503 service, and I will create a in Rails application hosted AWS. Okay. So here, firstly, we can check with the AWS service configuration are, uh, come, uh, like, uh, working fine with the, uh, like, it's a correct or not. And we even also check, like, what's the response we are getting from AWS in our rel rels application when we are calling the API. And we can check that the token says, well, if it is, uh, correct or not. And, uh, after that, if there, uh, if there is any 503, we check with the permissions as well. Like, if the permission is still incorrect or not or it is correct, then we can check with the AWS server configuration. Like, it is, uh, uh, it is not, uh, like, it is not giving, uh, any configuration error in the server base, uh, server side or not. So that's, uh, how we can check with, like, 503, uh, service unavailable error in the range.

Okay. So in the 3rd party, we can use with the CDN as well, or we can directly download the 3rd party JavaScript files and, uh, store it in our lib file, or there is a JavaScript folder there also. We can store these, uh, files. And from there, we can directly include, uh, that complete file, uh, like, the the JavaScript include tag, and we can just, uh, tell we have to list all this file and in the JavaScript dot r b file. Yeah. So in the, uh, app assets, uh, app, uh, app assets folder, there is a file where we have to include, uh, like, making that require this complete JavaScript files, uh, like, require JavaScript x, y, zed, uh, and other files we have to require, and we can use the require all as well. So this will, uh, require all this, uh, JavaScript file into red 6 application. And JavaScript include type will be able to write the application. So it will include all these JavaScript files. We can write in in a lib file, or we can use it as a plug in as well. So we can, uh, like, download this complete JavaScript folder, and we can use it there.

In the following red score, the correction issue in the Okay. So, yeah, we here before action, if you want to perform any action or if you want to validate or verify anything, that is, uh, like, we for a particular action, uh, we have to check if it is correct or not or something is true or not. So at the time, we are using them before action or we want to perform anything before that action happened, then we are using them before action, uh, before action period. So here, first one is a required admin only on new and create. So here, it's not required to take, like, uh, required admin. We can directly check-in there, like, uh, we can remove this, uh, before action for the requirement and directly put that into redirect to root path unless current user is admin. So if current user is admin, then, uh, it will redirect to the root path. But here, I think condition is false because, uh, if here, it should be if, uh, is not admin, current user admin, it will give the false, then it will redirect to the root path. And here, find user. So user don't find, uh, here, it will find the user before, uh, so require admin only new and creates. Only new and create action will require the admin. And index new and create action, uh, we so according to this index new and create, uh, except all of this, uh, they will be we don't need the user. So only update, and so we need the user. Yeah. So that's I'm not thinking any issues. We can remove the required admin and directly put this condition to the new one, create file as well, and, uh, find user, accept. Or here, you can in the find user, we can write the only. So it will, uh, like, even if it is a complex code, then it will reduce the complexity because we have to write. If you are writing more than 15 to 20 methods, do you have to write here index, new, explicit, and everything you have to write in itself. So you can directly enrich, uh, in particular, uh, method we are going to use the find user method. So you can we can, uh, remove the ex expect accept, and, uh, we can use it here only.

That will be called as handle errors during service execution. Spend what this call does and how it could actually fail to handle. So here, uh, it's a begin and rescue block. So service dot execute service service error. If we are getting any service error, then we are getting an e dot message. So here, it will, uh, give that message, like, with the error message. And service would execute, and the issue e puts an, uh, unexpected error cert according occurred, e dot message and raise. So here in race, I think we have to write anything like, uh, what's for this, uh, it is raising error. And in ports also, we can use the race so we can identify, like, what's the error we are getting and how we are handling this.

Okay. So, firstly, in the object oriented program principles, there are multiple, uh, principles. They are present. Uh, we can start with the observer. Uh, we can, uh, check with multi tenant, uh, hierarchies. Uh, we can check with the what what can I say? Inheritance. Uh, we can say single table inheritance. And like this, we can use, uh, every, uh, ops object to, uh, modify the real service object. So here, we are doing like, if there are any services, uh, we have created a shared services structure. All services association or data is that or logic is replicating more than 2 to 3 times or, like, everywhere. So we can use the right concept, uh, using the ops object. So inheritance will be used there. And if there are a large date, uh, there are some function we can, uh, do with a single line, then they can and sketchulate that complete thing into a single line, and we can write in the model, uh, as a, like, as a flitter, or we can write as a validation method, or we can use it as a scope as well. So we can encapsulate that complete logic into a single line, uh, using Procon Lambda so we can use it. And for the self-service object, we can say, uh, we can create a separate scopes and, uh, methods in the model level, and we can use it in our different different services using the inheritance. Or, uh, if there are, uh, like, the one service, uh, we have a service, which is calling, though, PayPal, or any other services, then we create authorizers and service and include that, uh, base service into that every service. So for that, it will conclude the it will include that complete method, and we can directly call it from there. So it's like inheritance and, uh, encapsulations. We are using the objects everywhere, so objective is also coming. Yeah.

Oh, I don't have that much idea on AWS Lambda server. So yeah.

Okay. So here, we can use the in the rest API, we can use the, uh, JWT token. And, uh, from that auto authentication and authorization, we have to pass that JWT token and secure token. We can pass in the header so we can identify both token as present in our database or not for that particular user. And for that particular user, we can check the access as well. Like, this, uh, particular user has this access to write or treat the data. And from that, we can pass into the, uh, rest API, uh, restful APIs like this. And, uh, yeah, we can, uh, like, encrypt those data. And from the, uh, server side, like, from the client side, like, the, uh, JavaScript frame, but we can, uh, decrypt we can pass that encryption key, uh, encryption and decryption key, and they will decrypt the data. And from that, like, uh, from we can, uh, add one more layer that user can't see the complete data from the Rails API as well. So we will encrypt the complete data, and we'll pass that encrypted response to the client side. And from client side, they have a decryption key so they can decrypt the data. We can, uh, also pass with the JWT token. So, yeah, it's, like, complete authentication and authorization will work there.