How to Prevent My Users to Read My Ruby Code

Ruby is there a way to stop the user from calling a function/procedure through case before they have accessed a different function/procedure?

All of your application's functionality depends on whether the album data has been read. You are no doubt storing this data as an object in memory referenced by some variable.

$album_data = File.read 'album.txt'

You can test whether this data is present in order to determine whether the file data has been read:

if $album_data.nil?
  # ask user for album file
else
  # show album user interface
end

There is no need for a separate flag. The mere presence of the data in memory serves as a flag already.

How do I prevent a form from being resubmitted too quickly in a rails application?

Try this:

class CommentsController < ApplicationController
before_filter :post_check        
def record_post_time
  cookies[:last_post_at] = Time.now.to_i
end
def last_post_time
  Time.at((cookies[:last_post_at].to_i rescue 0))       
end    
MIN_POST_TIME = 2.minutes    
def post_check
  return true if  (Time.now - last_post_time) > MIN_POST_TIME
  flash[:notice] = "Too many comments makes you a busy cat!"
  @message = Message.find(params[:message_id])
  redirect_to(@message)
  return false
end
def create
  @comment = Comment.new(params[:comment])
  if @comment.save
    record_post_time
  else
  end
end

def update
  @comment = Comment.find(parms[:id])
  if @comment.update_attributes(params[:comment]))
    record_post_time
  else
  end
end    
end

How do I reduce the nex lines of Ruby code?

Heads up, this is just a general suggestion on how to use a bit of Ruby meta-programming to get out of the tangle of having to declare a long method full of case business logic. It won't fit perfectly and will need to extra work to do, for instance, the "quit" logic.

Also. I'll reiterate what's been said in one of the direct answers to the post. Your case solution is VERY clear. It's good code and we shouldn't jump into messier thing just to comply to the all-mighty gods of the ruby stylesheet guidelines. Just because a method is under 10 lines, it doesn't make it automatically better than an 11 (or... hell 40) lines one.

Now...

Here's a meta-programming suggestion...

You can define a hash on a constant to hold the variables needed for the business logic:

ROUTES = [
  { action: :add,  controller: :meals, description: "Add a meal" },
  { action: :list, controller: :meals, description: "List all meals" },
  { action: :add,  controller: :customers, description: "Add a customers" },
  { action: :list, controller: :customers, description: "List all customers" },
]

You can then create a method that dispatches the user to the correct controller action using the hash info:

def dispatch(action_index)
  route_action     = ROUTES[action_index][:action]
  route_controller = ROUTES[action_index][:controller]
  instance_variable_get("@#{route_controller}_controller").send(route_action)
end

It's very easy with the hash to iterate over it to display the route descriptions:

def display_options
  ROUTES.each_with_index do |route, index|
    puts "#{index + 1}. #{route[:description]}"
  end
end

You can at some point in your code dispatch the user to the relevant controller action with dispatch(gets.chomp.to_i - 1).

Cool thing about the hash is that you can always add more routes to it by just adding a single line.

How can I read a password from the command line in Ruby?

To answer my own question, and for the benefit of anyone else who would like to know, there is a Ruby gem called HighLine that you need.

require 'rubygems'
require 'highline/import'

def get_password(prompt="Enter Password")
   ask(prompt) {|q| q.echo = false}
end

thePassword = get_password()

rails use counts in different views

Add the has_many :through association for user:

class User < ActiveRecord::Base
  ...
  has_many :lists
  has_many :wishes, :through => :lists
end

and then you can use

@user.wishes.count

Ruby on Rails: How to stop users changing url to view another user's page?

Assuming than your Order model has some concept of "who owns this order," usually via an integer column called something like user_id, you can check to see if session[:customer_id] is equal to order.user_id (or whatever you call it).

You will generally keep this authorization code in your controllers.

class OrdersController
  ...

  def show
    @order = Order.find params[:id]
    unless session[:customer_id] == @order.user_id
      flash[:notice] = "You don't have access to that order!"
      redirect_to customers_path(session[:customer_id])
      return
    end
  end

  ...
end

As your application gets more complicated, you might look into authorization gems like CanCan to handle this logic.

How to pass more one code block to a function in Ruby?

You can pass only one block at once but blocks are actually Proc instances and you can pass as many instances you wish as parameters.

def mymethod(proc1, proc2, &block)
  proc1.call
  yield if block_given?
  proc2.call
end

mymethod(Proc.new {}, Proc.new {}) do
  # ...
end

However, it rarely makes sense.

Restricting url manipulation to return other user records

The simplest solution would be to check in the show method if the Log to display really belongs to the logged in user:

def show
  @log = Log.find(params[:id])
  unless @log.user_id == current_user.id
    flash[:error] = "unauthorized"
    redirect_to :index
  end
end

But you will soon have some more things you want to restrict access to, so you should look for an authentication plugin which allows to define the access rights in a declarative manner. Maybe this one: https://github.com/be9/acl9