One of the many advantages of writing a project using Ruby on Rails is having the access to Ruby’s unparalleled ecosystem. It comprises of a seemingly endless number of libraries, or as we rubyists call them – gems, for every purpose imaginable. Need a comprehensive private messaging system? Check out Mailboxer. Want to prettify those logs? Lograge can help with that. Always dreamt of travelling in time? Grab Timecop and brace yourself – one wrong turn and you might end up in problems.
There seems to be a ready-made solution to almost every problem you can think of. "There's a gem for that" echoes through the halls of Ruby forums, chats and Facebook groups. You'd be a fool not to tap into this vastness of great resources! That said, you'd be a bigger fool to recklessly add dependencies to your project without having a proper think first.
When It Is Worth Choosing a Gem
Imagine, if you will, that you're in a situation when the time is of the essence. You're trying to beat your competitors in the emerging market with your earth-shattering product. As usual, budget and time are scarce resources, and you can’t really develop a customised solution for your problem. You don't need to ship the best possible version of your product, rather the best possible version given the time and budget constraints.
Prototype/Proof of Concept/MVP/Tight Schedule
A perfect use case for the Spree framework. Out of the box, you have a functional e-shop, with an advanced admin panel section and a basic ERP system. Introducing this enormous dependency has its cost though, which you’ll have to pay with blood, sweat, tears and a couple of burnt out developers. You might be willing to pay the price since it’s still in the nebulous future.
Or maybe you're creating a new social network: a Facebook-killer for cats, full of moving red dots and catnip growing tutorials. Having a penchant for plotting and scheming, cats need a private messaging system. Add one line to your Gemfile and BANG! Enter Mailboxer, a complete solution for email-like communication. You'll probably have a hard time integrating it with real-time chat later on but, at least for now, the cats are happy.
Perhaps you've already built your shiny app. It's clever and sleek, and the velociraptors, who are the target user base, are quickly growing fond of it. Who would have thought raptors were crazy about second-hand rollerblades and ice skates? Well, you have. Anyway, you decide you need more control over what's happening in your application. You need an admin panel. ActiveAdmin to the rescue! A minute later, you have a working tool that allows you to create/update/delete all the domain's data conveniently via your browser. Surely, no one will ever need to extend it in any way, so the ease of customisation isn't really that important.
Some of the gems are tiny and focus solely on solving one particular problem, and they do it well. Adding them usually has no negative consequences, as they don't add bloat and are probably better than what you'd write yourself.
You crave that top spot on Google’s search result list. You know SEO is the answer, and you decide you need better urls then /cats/666/posts/3. If only you could make it look a bit... friendlier? Friendly_id will do that for you. It has a small footprint, its implementation isn't overly complex and it solves only one problem. /tales-of-the-red-dot-catcher looks much better!
You're plagued by the fear of everything going down the drainpipe the moment you delete even the tiniest bit of your data. Even reading about it turns you into an uncontrollably trembling ball of anxiety. Relax, you're just paranoid. Luckily, there's a cure for that - Paranoia will make sure you never really delete any data beyond recovery.
In a completely different scenario, your model needs to display List-like properties and behaviours. You want the collection to be ordered, and you also need to easily check and change the position of its elements. Acts_as_list will provide all that!
There are cases where using an existing and battle-tested solution is a must and security is certainly one of them. Authentication and authorisation are notorious for being hard to get right, the consequences of which are reported regularly. Just google "hacked" and set the filter to "past week", if you don't believe me. Stick to the popular solutions and you should be fine.
Devise is the de facto standard when it comes to user authentication, 99% of the time it's what you want to use in your project. For that sweet oauth logins you can use Omniauth, while Pundit/CanCanCan can help you on the authorisation front.
Hope you’ve found my article useful. In the next one, I’ll tell you how to choose the right gem. If you have any thoughts on when it’s useful to choose a gem, please share them in the comments below.