BlogPlatform-intern-project

BlogPlatform

A modern, full-featured Ruby on Rails web application for creating and managing blog content. Built with Rails conventions, security best practices, and a focus on maintainability.

🚀 Features

• User Authentication & Authorization
  • Secure user registration and login with Devise
  • Role-based access control using CanCanCan
  • Password validation and security best practices
  • Email confirmation and password reset functionality
• Blog Management
  • Create, read, update, and delete blog posts (CRUD operations)
  • Rich text editor with Action Text
  • Draft and publish functionality with state management
  • Post categorization and tagging system
  • Image uploads with Active Storage
• User Experience
  • Responsive design with Bootstrap integration
  • Server-side rendering for optimal SEO
  • Flash messages and error handling
  • Pagination with Kaminari gem
  • Search functionality with Ransack
• Social Features
  • Nested comment system with threading
  • User profiles with avatar uploads
  • Author pages and post attribution
  • Like/favorite functionality
• Administrative Tools
  • Admin dashboard with ActiveAdmin
  • User management and role assignment
  • Content moderation tools
  • Basic analytics and reporting

📋 Setup Instructions

Prerequisites

• Ruby 3.1.0 or higher
• Rails 7.0 or higher
• PostgreSQL 12+ (or SQLite for development)
• Node.js 16+ and Yarn (for asset compilation)
• ImageMagick (for image processing)

Installation

1. Clone the repository

   git clone https://github.com/your-username/blogpage.git
   cd blogpage
   

2. Install Ruby dependencies

   bundle install
   

3. Install JavaScript dependencies

   yarn install
   

4. Environment Configuration

   # Copy environment template
   cp .env.example .env
   

   Update .env with your configuration:

   # Database
   DATABASE_URL=postgresql://username:password@localhost/blogpage_development
      
   # Rails
   RAILS_ENV=development
   SECRET_KEY_BASE=your_secret_key_base_here
      
   # Email (for Devise)
   SMTP_HOST=smtp.gmail.com
   SMTP_PORT=587
   SMTP_USERNAME=your-email@gmail.com
   SMTP_PASSWORD=your-app-password
      
   # File Storage (for production)
   AWS_ACCESS_KEY_ID=your_aws_access_key
   AWS_SECRET_ACCESS_KEY=your_aws_secret_key
   AWS_REGION=us-east-1
   AWS_BUCKET=your-s3-bucket-name
   

5. Database Setup

   # Create and migrate database
   rails db:create
   rails db:migrate
      
   # Seed with sample data (optional)
   rails db:seed
   

6. Precompile assets (for production)

   rails assets:precompile
   

7. Start the application

   # Development mode
   rails server or bin/rails server
      
   # Or with specific port
   rails server -p 3000
   

8. Access the application
   • Open your browser and navigate to http://localhost:3000
   • Admin panel available at http://localhost:3000/admin

🏗️ Design Decisions

Technology Stack

• Framework: Ruby on Rails 7.0+ with Hotwire for modern interactions
• Database: PostgreSQL for production, SQLite for development
• Authentication: Devise gem for comprehensive user management
• Authorization: CanCanCan for role-based permissions
• Frontend: ERB templates with Stimulus JS and Turbo
• Styling: Bootstrap 5 with custom SCSS

Rails Conventions & Patterns

• RESTful Routes: Following Rails routing conventions
• MVC Architecture: Clear separation with Rails’ built-in structure
• Active Record: ORM for database interactions with associations
• Concerns: Shared modules for DRY code organization
• Service Objects: For complex business logic extraction

Key Gems & Dependencies

# Authentication & Authorization
gem 'devise'                    # User authentication
gem 'cancancan'                # Authorization framework
gem 'rolify'                   # Role management

# Content & UI
gem 'image_processing'         # Image variants with Active Storage
gem 'bootsnap'                # Boot-time performance
gem 'sassc-rails'             # Sass compilation
gem 'kaminari'                # Pagination

# Admin & Search
gem 'activeadmin'             # Admin interface
gem 'ransack'                 # Search functionality

# Development & Testing
gem 'rspec-rails'             # BDD testing framework
gem 'factory_bot_rails'       # Test data generation
gem 'capybara'                # Integration testing

Security Implementations

• CSRF protection enabled by default
• Strong parameters for mass assignment protection
• SQL injection prevention with Active Record
• XSS protection with Rails’ built-in sanitization
• Brakeman for security vulnerability scanning

Performance Optimizations

• Database indexing on frequently queried columns
• Eager loading to prevent N+1 queries
• Fragment caching for expensive view renders
• Asset pipeline optimization with Sprockets
• CDN integration for static assets

Rails-Specific Features

• Action Text: Rich text content with embedded attachments
• Active Storage: File uploads with cloud storage support
• Action Cable: Real-time features (comments, notifications)
• Active Job: Background job processing with Sidekiq
• Rails Credentials: Encrypted secrets management

🧪 Test User Credentials

For testing and demonstration purposes, use these pre-seeded accounts:

Role	Email	Password	Abilities
Super Admin	admin (username)	password123	Full system access, user management
User	user@gmail.com	user123	Read posts, comment, profile

🛠️ Development

Available Rails Commands

rails server   or bin/rails server               # Start development server
rails console               # Interactive Rails console
rails generate              # Generate Rails components
rails db:migrate            # Run pending migrations
rails db:rollback           # Rollback last migration
rails routes                # Show all application routes
rails assets:precompile     # Compile assets for production

Testing Framework

# Run all tests
bundle exec rspec

# Run specific test files
bundle exec rspec spec/models/
bundle exec rspec spec/controllers/

# Run with coverage
COVERAGE=true bundle exec rspec

# Feature tests with Capybara
bundle exec rspec spec/features/

Code Quality Tools

# Ruby linting
bundle exec rubocop

# Security scanning
bundle exec brakeman

# Dependency vulnerability check
bundle exec bundle-audit

Production Environment Setup

1. Set RAILS_ENV=production
2. Configure production database
3. Set up Redis for Action Cable and caching
4. Configure email delivery service
5. Set up background job processing with Sidekiq
6. Configure SSL and security headers

Docker Deployment

# Dockerfile included for containerized deployment
docker build -t blogpage .
docker run -p 3000:3000 blogpage

🧪 Testing

Model Testing

# spec/models/post_spec.rb
RSpec.describe Post, type: :model do
  it { should belong_to(:user) }
  it { should validate_presence_of(:title) }
  it { should validate_presence_of(:content) }
end

Controller Testing

# spec/controllers/posts_controller_spec.rb
RSpec.describe PostsController, type: :controller do
  describe "GET #index" do
    it "returns a success response" do
      get :index
      expect(response).to be_successful
    end
  end
end

Feature Testing

# spec/features/user_creates_post_spec.rb
RSpec.feature "User creates post", type: :feature do
  scenario "successfully creates a new post" do
    visit new_post_path
    fill_in "Title", with: "My New Post"
    click_button "Create Post"
    expect(page).to have_content("Post was successfully created")
  end
end

Built with 💎 Ruby on Rails