Here I show how three popular state machine gems can be used to clean up a list of boolean/datetime fields. I also show a custom solution which keeps track of the history of events. (12 minutes)

Here I show how to add an announcement message at the top of every page in the application and allow the user to permanently hide it. This is all done test-first and even includes testing the JavaScript behavior. (11 minutes)

PhantomJS allows us to test JavaScript without going through a browser window. Here I show how to do this using Capybara and Poltergeist. I also give some tips on handling database transactions and skipping javascript tests. (10 minutes)

Turbolinks can make your Rails app feel faster by using JavaScript to replace the page content when clicking a link. It will be default in new Rails 4.0 applications, but here I show how to use it in Rails 3 and mention some of the gotchas. (7 minutes)

Active Support makes it easy to work with time zones. Learn how to add a Time Zone select field to a user form and watch out for the gotchas. (7 minutes)

PostgreSQL Schemas can help create a multi-tenant app by keeping data separate at the database layer. Integrating with migrations can be tricky though, so watch this episode for the full details. (11 minutes)

A multi-tenant application can be difficult to implement because the data for each tenant must be completely separate. Here I show how to do this using subdomains and default scopes in Active Record. (12 minutes)

The cache_digests gem (also included in Rails 4) will automatically add a digest to the fragment cache key based on the template. If a template changes the cache will auto-expire. But watch out for the gotchas! (7 minutes)

Keeping passwords and secret tokens in source control is a security risk. Here I show how to move these settings out into a YAML configuration file which can be loaded in as a hash or environment variables. (8 minutes)

This finishes the series on building authorization from scratch by refactoring the permission logic into a DSL, restricting authorization with attributes, and combining with strong_parameters to protect params. (20 minutes)