9 mars 2021 — active record, rails, ruby, sql, wev development
When a database query cannot be described using Ruby on Rails’ short ActiveRecord syntax, consider building your queries using Arel instead of going for raw SQL strings.
This has the following advantages:
Suite de l’article…
- Escaping by default: this helps not end up with SQL injections. We don’t like those.
- Full names: using
"users"."email" instead of
email in your queries helps you be future-proof by making queries that won’t break when you merge queries together or add columns with conflicting names.
- Composable: Arel expressions allows you to mix SQL commands as Ruby objects.
- Uniform queries: it ensures that the generated SQL always looks the same. For example
"users"."email" ASC instead of
email asc. This makes it easier to search through logs and can help caching mechanisms.