It's August 19th, Why Day, where we take some crazy idea too far. My contribution is donotwant, a gem that disables several core ActiveRecord methods.
ActiveRecord ships with several methods that skip validations, callbacks, or both. For example,
decrement_counter all skip one or both of these, but no two skip the same set.
I've found that even experienced Rails developers often don't know this or can't remember which methods skip what. That scares the crap out of me. Ideally, I'd like to see the syntax for calling these methods indicate their danger. But, there's a much more immediate solution: just disable the methods!
donotwant redefines the dangerous methods in ActiveRecord to raise errors when you call them:
>> User.delete 5 DoNotWant::NotSafe: User.delete isn't safe because it skips callbacks
But it's also smart, and will let gems (including Rails itself) call the original methods. This prevents it from breaking third party code, while still preventing your app from doing anything dangerous.
You can find it on GitHub or
gem install it. As of today's release (0.0.1),
require 'do_not_want' will monkey patch the changes onto ActiveRecord::Base. Simply adding it to your Gemfile and running your test suite will probably result in many new errors, as donotwant rejects your attempts to call unsafe methods.
Whether you actually want that or not is another question, of course!