Merge pull request #217 from strongloop/feature/hidden-properties
Feature/hidden properties
This commit is contained in:
Ritchie Martori
commit
5f81fad921
|
|
@ -90,8 +90,10 @@ app.disuse = function (route) {
|
|||
*
|
||||
* @param {String} modelName The name of the model to define
|
||||
* @options {Object} config The model's configuration
|
||||
* @property {String} dataSource The `DataSource` to attach the model to
|
||||
* @property {String|DataSource} dataSource The `DataSource` to attach the model to
|
||||
* @property {Object} [options] an object containing `Model` options
|
||||
* @property {ACL[]} [options.acls] an array of `ACL` definitions
|
||||
* @property {String[]} [options.hidden] **experimental** an array of properties to hide when accessed remotely
|
||||
* @property {Object} [properties] object defining the `Model` properties in [LoopBack Definition Language](http://docs.strongloop.com/loopback-datasource-juggler/#loopback-definition-language)
|
||||
* @end
|
||||
* @returns {ModelConstructor} the model class
|
||||
|
|
@ -545,7 +547,11 @@ function dataSourcesFromConfig(config) {
|
|||
|
||||
function modelFromConfig(name, config, app) {
|
||||
var ModelCtor = require('./loopback').createModel(name, config.properties, config.options);
|
||||
var dataSource = app.dataSources[config.dataSource];
|
||||
var dataSource = config.dataSource;
|
||||
|
||||
if(typeof dataSource === 'string') {
|
||||
dataSource = app.dataSources[dataSource];
|
||||
}
|
||||
|
||||
assert(isDataSource(dataSource), name + ' is referencing a dataSource that does not exist: "'+ config.dataSource +'"');
|
||||
|
||||
|
|
|
|||
|
|
@ -200,6 +200,22 @@ Model._getAccessTypeForMethod = function(method) {
|
|||
}
|
||||
}
|
||||
|
||||
var superToJSON = Model.prototype.toJSON;
|
||||
Model.prototype.toJSON = function toJSON() {
|
||||
var Model = this.constructor;
|
||||
var obj = superToJSON.apply(this, arguments);
|
||||
var settings = Model.definition && Model.definition.settings;
|
||||
var hiddenProperties = settings && settings.hidden;
|
||||
|
||||
if(Array.isArray(hiddenProperties)) {
|
||||
for(var i = 0; i < hiddenProperties.length; i++) {
|
||||
delete obj[hiddenProperties[i]];
|
||||
}
|
||||
}
|
||||
|
||||
return obj;
|
||||
}
|
||||
|
||||
// setup the initial model
|
||||
Model.setup();
|
||||
|
||||
|
|
|
|||
|
|
@ -49,6 +49,7 @@ var properties = {
|
|||
};
|
||||
|
||||
var options = {
|
||||
hidden: ['password'],
|
||||
acls: [
|
||||
{
|
||||
principalType: ACL.ROLE,
|
||||
|
|
|
|||
|
|
@ -55,6 +55,7 @@ describe('access control - integration', function () {
|
|||
return '/api/accessTokens/' + this.randomToken.id;
|
||||
}
|
||||
});
|
||||
*/
|
||||
|
||||
describe('/users', function () {
|
||||
|
||||
|
|
@ -94,6 +95,10 @@ describe('access control - integration', function () {
|
|||
});
|
||||
lt.describe.whenCalledRemotely('GET', '/api/users/:id', function() {
|
||||
lt.it.shouldBeAllowed();
|
||||
it('should not include a password', function() {
|
||||
var user = this.res.body;
|
||||
assert.equal(user.password, undefined);
|
||||
});
|
||||
});
|
||||
lt.describe.whenCalledRemotely('PUT', '/api/users/:id', function() {
|
||||
lt.it.shouldBeAllowed();
|
||||
|
|
@ -136,7 +141,6 @@ describe('access control - integration', function () {
|
|||
return '/api/banks/' + this.bank.id;
|
||||
}
|
||||
});
|
||||
*/
|
||||
|
||||
describe('/accounts', function () {
|
||||
lt.beforeEach.givenModel('account');
|
||||
|
|
|
|||
|
|
@ -0,0 +1,30 @@
|
|||
var loopback = require('../');
|
||||
|
||||
describe('hidden properties', function () {
|
||||
beforeEach(function (done) {
|
||||
var app = this.app = loopback();
|
||||
var Product = this.Product = app.model('product', {
|
||||
options: {hidden: ['secret']},
|
||||
dataSource: loopback.memory()
|
||||
});
|
||||
app.use(loopback.rest());
|
||||
|
||||
Product.create(
|
||||
{name: 'pencil', secret: 'secret'},
|
||||
done
|
||||
);
|
||||
});
|
||||
|
||||
it('should hide a property remotely', function (done) {
|
||||
request(this.app)
|
||||
.get('/products')
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
.end(function(err, res){
|
||||
if(err) return done(err);
|
||||
var product = res.body[0];
|
||||
assert.equal(product.secret, undefined);
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
@ -624,81 +624,4 @@ describe('Model', function() {
|
|||
assert.equal(model, acl);
|
||||
});
|
||||
});
|
||||
|
||||
// describe('Model.hasAndBelongsToMany()', function() {
|
||||
// it("TODO: implement / document", function(done) {
|
||||
// /* example -
|
||||
//
|
||||
// */
|
||||
// done(new Error('test not implemented'));
|
||||
// });
|
||||
// });
|
||||
|
||||
// describe('Model.remoteMethods()', function() {
|
||||
// it("Return a list of enabled remote methods", function() {
|
||||
// app.model(User);
|
||||
// User.remoteMethods(); // ['save', ...]
|
||||
// });
|
||||
// });
|
||||
|
||||
// describe('Model.availableMethods()', function() {
|
||||
// it("Returns the currently available api of a model as well as descriptions of any modified behavior or methods from attached data sources", function(done) {
|
||||
// /* example -
|
||||
// User.attachTo(oracle);
|
||||
// console.log(User.availableMethods());
|
||||
//
|
||||
// {
|
||||
// 'User.all': {
|
||||
// accepts: [{arg: 'filter', type: 'object', description: '...'}],
|
||||
// returns: [{arg: 'users', type: ['User']}]
|
||||
// },
|
||||
// 'User.find': {
|
||||
// accepts: [{arg: 'id', type: 'any'}],
|
||||
// returns: [{arg: 'items', type: 'User'}]
|
||||
// },
|
||||
// ...
|
||||
// }
|
||||
// var oracle = loopback.createDataSource({
|
||||
// connector: 'oracle',
|
||||
// host: '111.22.333.44',
|
||||
// database: 'MYDB',
|
||||
// username: 'username',
|
||||
// password: 'password'
|
||||
// });
|
||||
//
|
||||
// */
|
||||
// done(new Error('test not implemented'));
|
||||
// });
|
||||
// });
|
||||
|
||||
// describe('Model.before(name, fn)', function(){
|
||||
// it('Run a function before a method is called', function() {
|
||||
// // User.before('save', function(user, next) {
|
||||
// // console.log('about to save', user);
|
||||
// //
|
||||
// // next();
|
||||
// // });
|
||||
// //
|
||||
// // User.before('delete', function(user, next) {
|
||||
// // // prevent all delete calls
|
||||
// // next(new Error('deleting is disabled'));
|
||||
// // });
|
||||
// // User.beforeRemote('save', function(ctx, user, next) {
|
||||
// // if(ctx.user.id === user.id) {
|
||||
// // next();
|
||||
// // } else {
|
||||
// // next(new Error('must be logged in to update'))
|
||||
// // }
|
||||
// // });
|
||||
//
|
||||
// throw new Error('not implemented');
|
||||
// });
|
||||
// });
|
||||
//
|
||||
// describe('Model.after(name, fn)', function(){
|
||||
// it('Run a function after a method is called', function() {
|
||||
//
|
||||
// throw new Error('not implemented');
|
||||
// });
|
||||
// });
|
||||
});
|
||||
|
|
|
|||
|
|
@ -66,5 +66,4 @@ describe('remoting - integration', function () {
|
|||
});
|
||||
});
|
||||
|
||||
})
|
||||
;
|
||||
});
|
||||
|
|
|
|||
Loading…
Reference in New Issue