verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add hidden property support to models

This commit is contained in:
Ritchie Martori 2014-03-21 12:53:04 -07:00
parent c521b3c386
commit 5b50a99eb3
4 changed files with 40 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/models/model.js
View File

@ -200,6 +200,22 @@ Model._getAccessTypeForMethod = function(method) {
} }
} }
var superToJSON = Model.prototype.toJSON;
Model.prototype.toJSON = function toJSON() {
var Model = this.constructor;
var obj = superToJSON.apply(this, arguments);
var settings = Model.definition && Model.definition.settings;
var hiddenProperties = settings && settings.hidden;
if(Array.isArray(hiddenProperties)) {
for(var i = 0; i < hiddenProperties.length; i++) {
delete obj[hiddenProperties[i]];
}
}
return obj;
}
// setup the initial model // setup the initial model
Model.setup(); Model.setup();

1
lib/models/user.js
View File

@ -49,6 +49,7 @@ var properties = {
}; };
var options = { var options = {
hidden: ['password'],
acls: [ acls: [
{ {
principalType: ACL.ROLE, principalType: ACL.ROLE,

6
test/access-control.integration.js
View File

@ -55,6 +55,7 @@ describe('access control - integration', function () {
return '/api/accessTokens/' + this.randomToken.id; return '/api/accessTokens/' + this.randomToken.id;
} }
}); });
*/
describe('/users', function () { describe('/users', function () {
@ -94,6 +95,10 @@ describe('access control - integration', function () {
}); });
lt.describe.whenCalledRemotely('GET', '/api/users/:id', function() { lt.describe.whenCalledRemotely('GET', '/api/users/:id', function() {
lt.it.shouldBeAllowed(); lt.it.shouldBeAllowed();
it('should not include a password', function() {
var user = this.res.body;
assert.equal(user.password, undefined);
});
}); });
lt.describe.whenCalledRemotely('PUT', '/api/users/:id', function() { lt.describe.whenCalledRemotely('PUT', '/api/users/:id', function() {
lt.it.shouldBeAllowed(); lt.it.shouldBeAllowed();
@ -136,7 +141,6 @@ describe('access control - integration', function () {
return '/api/banks/' + this.bank.id; return '/api/banks/' + this.bank.id;
} }
}); });
*/
describe('/accounts', function () { describe('/accounts', function () {
lt.beforeEach.givenModel('account'); lt.beforeEach.givenModel('account');

24
test/hidden-properties.test.js
View File

@ -4,15 +4,27 @@ describe('hidden properties', function () {
beforeEach(function (done) { beforeEach(function (done) {
var app = this.app = loopback(); var app = this.app = loopback();
var Product = this.Product = app.model('product', { var Product = this.Product = app.model('product', {
properties: { options: {hidden: ['secret']},
secret: {}
},
dataSource: loopback.memory() dataSource: loopback.memory()
}); });
app.listen(done); app.use(loopback.rest());
Product.create(
{name: 'pencil', secret: 'secret'},
done
);
}); });
it('should hide a property remotely', function () { it('should hide a property remotely', function (done) {
request(this.app)
.get('/products')
.expect('Content-Type', /json/)
.expect(200)
.end(function(err, res){
if(err) return done(err);
var product = res.body[0];
assert.equal(product.secret, undefined);
done();
});
}); });
}); });