dhh

class Profile < ActiveModel::Aggregator
  aggregate :user
  aggregate :email

  def combine
    user.save
    user.emails.build(email_attributes).save
  end
end

dhh

class Customers::GridCountsController < ApplicationController
  def index
    render json: GridCountsQuery.run(params[:grid_counts])
  end
end

class GridCountsQuery
  class << self
    def run
      query.each_with_object(Hash.new) do |row, grid|

dhh

class UserAuthenticationsController < AuthenticatedController
  def create
    if authenticate
      enroll_promotions
      redirect_to return_path
    else
      redirect_to back_path, error: authentication_error_message
    end
  end
  

dhh

# Option A: I'd start with this
class Micropost < ActiveRecord::Base
  validate :no_profanity

  private
    def no_profanity
      if user.minor? && profanity = profane_words_used_in_content
        errors.add :content, "Profanity: '#{profanity.join(", ")}' not allowed!"
      end
    end

dhh

class TimeEntriesController < ApplicationController
  before_action :set_project, :set_issue

  def create
    @time_entry = container.time_entries.build time_entry_params.merge(user: User.current)

    if @time_entry.save
      respond_to do |format|
        format.html { redirect_back_or_default created_time_entry_url, notice: l(:notice_successful_create) }
        format.api  { render :show, status: :created, location: @time_entry }

dhh

# config/routes.rb
resources :documents do
  scope module: 'documents' do
    resources :versions do
      post :restore, on: :member
    end

    resource :lock
  end
end

dhh

Basecamp was under network attack

The attack detailed below has stopped (for the time being) and almost all network access for almost all customers have been restored. We're keeping this post and the timeline intact for posterity. Unless the attack resumes, we'll post a complete postmortem within 48 hours (so before Wednesday, March 26 at 11:00am central time).

Criminals have laid siege to our networks using what's called a distributed denial-of-service attack (DDoS) starting at 8:46 central time, March 24 2014. The goal is to make Basecamp, and the rest of our services, unavailable by flooding the network with bogus requests, so nothing legitimate can come through. This attack was launched together with a blackmail attempt that sought to have us pay to avoid this assault.

Note that this attack targets the network link between our servers and the internet. All the data is safe and sound, but nobody is able to get to it as long as the attack is being successfully executed. This is like a bunch of people

dhh

class Ticket < ActiveRecord::Base
  belongs_to :grouper
  belongs_to :user

  validate :user_cant_be_blacklisted, on: :confirmation
  validate :user_cant_double_book, on: :confirmation

  validate :grouper_cant_be_full, on: :confirmation
  validate :grouper_cant_have_occurred, on: :confirmation

dhh

# MODEL

class Case < ActiveRecord::Base
  include Eventable
  
  has_many :tasks

  concerning :Assignment do
    def assign_to(new_owner:, details:)
      transaction do

dhh

class GroupersController < ApplicationController::Base
  def create
    @grouper = Grouper.new(leader: current_member)

    if @grouper.save
      ConfirmedGrouperEmails.new(@grouper).deliver
      AssignBarForGrouper.enqueue(@grouper.id)

      redirect_to home_path
    else