Hi,
I’d like to get your thoughts on something. We’re developing an
application that relies heavily RESTful JSON requests.
Because I want to keep the code as clean as possible, I want to be
able to return the JSON for a user using @user.to_json. Which works
fine, but it also includes the crypted_password data and the
persistence_token, among other things.
What I do now to prevent this from happening is including an :except
option for the to_json method in my controller for these sensitive
columns, but I’d like to know whether there is a way to specify the
excluded columns somewhere in the model to prevent serialization of
these attributes.
If that’s possible I’d also like to know whether there’s a way to
check for this prevention so that we can dynamically generate relevant
column names (for example).
Kind regards,
Jaap H.
Hi!
I think you could use inheritance to extend ActiveRecord::Base and then
you
could overwrite the to_json method.
There you could write the rules for default excluded column names.
Then, your Models should extend your inherited class.
I don’t know if this work, it’s just an idea.
Best Regards,
Everaldo
Overwriting the “as_json” method in your model should work too I
think. Best way to to it IMO if it’s just one model you want to change
the to_json behavior on.
def as_json(options={})
options[:except] ||= [:some, :fields, :here]
super(options)
end
On 10 Jul 2011, at 17:35, Everaldo G. wrote:
able to return the JSON for a user using @user.to_json. Which works
check for this prevention so that we can dynamically generate relevant
column names (for example).
Best regards
Peter De Berdt
I liked the Peter’s suggestion.
And I found this link in google, because I was curious about the as_json
method:
Best Regards,
Everaldo
On Sun, Jul 10, 2011 at 1:37 PM, Peter De Berdt
Hi All,
I’m starting a Rails 3.1 app. Two tests which involve invalid models are
failing and I don’t understand why. The tests are the stock tests
generated by the rails rspec generator. I’m new to RSpec so I’m probably
missing something obvious. I’d appreciate some guidance.
**Leigh
=========
rails g rspec:install
rake test:prepare
rake spec
Rake spec produces:
Failures:
- JobsController create action should render new template when model
is invalid
Failure/Error: response.should render_template(:new)
Expected block to return true value.
./spec/controllers/jobs_controller_spec.rb:25:in `block (2
levels) in <top (required)>’
- JobsController update action should render edit template when model
is invalid
Failure/Error: response.should render_template(:edit)
Expected block to return true value.
./spec/controllers/jobs_controller_spec.rb:42:in `block (2
levels) in <top (required)>’
Finished in 0.53822 seconds
10 examples, 2 failures
Controller specs:
it “create action should render new template when model is invalid” do
Job.any_instance.stubs(:valid?).returns(false)
post :create
response.should render_template(:new)
end
it “update action should render edit template when model is invalid”
do
Job.any_instance.stubs(:valid?).returns(false)
put :update, :id => Job.first
response.should render_template(:edit)
end
JobsController methods:
def create
@job = Job.new(params[:job])
if @job.save
redirect_to @job, :notice => “Successfully created
“#{@job.description.chomp}”.”
else
render :action => ‘new’
end
end
def update
@job = Job.find(params[:id])
if @job.update_attributes(params[:job])
redirect_to @job, :notice => “Successfully updated
“#{@job.description.chomp}”.”
else
render :action => ‘edit’
end
end
gem list rspec:
rspec (2.6.0)
rspec-core (2.6.4, 2.6.3)
rspec-expectations (2.6.0)
rspec-mocks (2.6.0)
rspec-rails (2.6.1, 2.6.0)
Gemfile extract:
gem ‘rails’, ‘>= 3.1.0.rc4’
group :development, :test do
gem ‘turn’, :require => false
gem ‘rspec-rails’, ‘>= 2.6.1’
gem ‘cucumber-rails’
gem ‘capybara’
gem ‘database_cleaner’
end
Hi Peter,
Your suggestion will work fine. Thank you. I was hoping there would be
a way to do this within ActiveModel or ActiveRecord because I also
want to do this the other way around: I would like to render some
javascript in which can dynamically define these attributes. I’ll have
to do that with some kind of model variable or method.
Jaap H.
On Sun, Jul 10, 2011 at 10:33 AM, Leigh D.
[email protected]wrote:
Failure/Error: response.should render_template(:new)
Finished in 0.53822 seconds
10 examples, 2 failures
Leigh, you’re controller spec appear to be missing a call to the
following:
render_views
Thus, you’ll need to add this line inside the first describe block of
the
jobs_controller_spec.rb.
Good luck,
-Conrad
On Jul 10, 2011, at 4:47 PM, Leigh D. wrote:
render_views
Leigh, Conrad,
Without render_views, an empty stub template is rendered, so unless
you’re adding specs for content in the template, you shouldn’t need
render_views for the generated specs to pass as/is.
The following script results in passing specs for me (ruby 1.9.2 and
1.8.7 with clean gemsets in rvm, Mac OS X):
gem install rails -v 3.1.0.rc4
rails new example
cd example
echo ‘gem “rspec-rails”, “~> 2.6.0”, :group => [:development, :test]’ >>
Gemfile
bundle install
rails generate rspec:install
rails generate scaffold jobs
rake db:migrate
rake db:test:prepare
rspec spec/controllers
What environment are you working in?
Cheers,
David