verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #217 from strongloop/feature/hidden-properties 

Feature/hidden properties
This commit is contained in:
Ritchie Martori 2014-03-31 12:04:49 -07:00
parent 51d3ff892a a08b047fab
commit 5f81fad921
7 changed files with 61 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/application.js
View File

@ -90,8 +90,10 @@ app.disuse = function (route) {
* *
* @param {String} modelName The name of the model to define * @param {String} modelName The name of the model to define
* @options {Object} config The model's configuration * @options {Object} config The model's configuration
* @property {String} dataSource The `DataSource` to attach the model to * @property {String|DataSource} dataSource The `DataSource` to attach the model to
* @property {Object} [options] an object containing `Model` options * @property {Object} [options] an object containing `Model` options
* @property {ACL[]} [options.acls] an array of `ACL` definitions
* @property {String[]} [options.hidden] **experimental** an array of properties to hide when accessed remotely
* @property {Object} [properties] object defining the `Model` properties in [LoopBack Definition Language](http://docs.strongloop.com/loopback-datasource-juggler/#loopback-definition-language) * @property {Object} [properties] object defining the `Model` properties in [LoopBack Definition Language](http://docs.strongloop.com/loopback-datasource-juggler/#loopback-definition-language)
* @end * @end
* @returns {ModelConstructor} the model class * @returns {ModelConstructor} the model class
@ -545,7 +547,11 @@ function dataSourcesFromConfig(config) {
function modelFromConfig(name, config, app) { function modelFromConfig(name, config, app) {
var ModelCtor = require('./loopback').createModel(name, config.properties, config.options); var ModelCtor = require('./loopback').createModel(name, config.properties, config.options);
var dataSource = app.dataSources[config.dataSource]; var dataSource = config.dataSource;
if(typeof dataSource === 'string') {
dataSource = app.dataSources[dataSource];
}
assert(isDataSource(dataSource), name + ' is referencing a dataSource that does not exist: "'+ config.dataSource +'"'); assert(isDataSource(dataSource), name + ' is referencing a dataSource that does not exist: "'+ config.dataSource +'"');

16
lib/models/model.js
View File

@ -200,6 +200,22 @@ Model._getAccessTypeForMethod = function(method) {
} }
} }
var superToJSON = Model.prototype.toJSON;
Model.prototype.toJSON = function toJSON() {
var Model = this.constructor;
var obj = superToJSON.apply(this, arguments);
var settings = Model.definition && Model.definition.settings;
var hiddenProperties = settings && settings.hidden;
if(Array.isArray(hiddenProperties)) {
for(var i = 0; i < hiddenProperties.length; i++) {
delete obj[hiddenProperties[i]];
}
}
return obj;
}
// setup the initial model // setup the initial model
Model.setup(); Model.setup();

1
lib/models/user.js
View File

@ -49,6 +49,7 @@ var properties = {
}; };
var options = { var options = {
hidden: ['password'],
acls: [ acls: [
{ {
principalType: ACL.ROLE, principalType: ACL.ROLE,

6
test/access-control.integration.js
View File

@ -55,6 +55,7 @@ describe('access control - integration', function () {
return '/api/accessTokens/' + this.randomToken.id; return '/api/accessTokens/' + this.randomToken.id;
} }
}); });
*/
describe('/users', function () { describe('/users', function () {
@ -94,6 +95,10 @@ describe('access control - integration', function () {
}); });
lt.describe.whenCalledRemotely('GET', '/api/users/:id', function() { lt.describe.whenCalledRemotely('GET', '/api/users/:id', function() {
lt.it.shouldBeAllowed(); lt.it.shouldBeAllowed();
it('should not include a password', function() {
var user = this.res.body;
assert.equal(user.password, undefined);
});
}); });
lt.describe.whenCalledRemotely('PUT', '/api/users/:id', function() { lt.describe.whenCalledRemotely('PUT', '/api/users/:id', function() {
lt.it.shouldBeAllowed(); lt.it.shouldBeAllowed();
@ -136,7 +141,6 @@ describe('access control - integration', function () {
return '/api/banks/' + this.bank.id; return '/api/banks/' + this.bank.id;
} }
}); });
*/
describe('/accounts', function () { describe('/accounts', function () {
lt.beforeEach.givenModel('account'); lt.beforeEach.givenModel('account');

30
test/hidden-properties.test.js Normal file
View File

@ -0,0 +1,30 @@
var loopback = require('../');
describe('hidden properties', function () {
beforeEach(function (done) {
var app = this.app = loopback();
var Product = this.Product = app.model('product', {
options: {hidden: ['secret']},
dataSource: loopback.memory()
});
app.use(loopback.rest());
Product.create(
{name: 'pencil', secret: 'secret'},
done
);
});
it('should hide a property remotely', function (done) {
request(this.app)
.get('/products')
.expect('Content-Type', /json/)
.expect(200)
.end(function(err, res){
if(err) return done(err);
var product = res.body[0];
assert.equal(product.secret, undefined);
done();
});
});
});

77
test/model.test.js
View File

@ -624,81 +624,4 @@ describe('Model', function() {
assert.equal(model, acl); assert.equal(model, acl);
}); });
}); });
// describe('Model.hasAndBelongsToMany()', function() {
// it("TODO: implement / document", function(done) {
// /* example -
//
// */
// done(new Error('test not implemented'));
// });
// });
// describe('Model.remoteMethods()', function() {
// it("Return a list of enabled remote methods", function() {
// app.model(User);
// User.remoteMethods(); // ['save', ...]
// });
// });
// describe('Model.availableMethods()', function() {
// it("Returns the currently available api of a model as well as descriptions of any modified behavior or methods from attached data sources", function(done) {
// /* example -
// User.attachTo(oracle);
// console.log(User.availableMethods());
//
// {
// 'User.all': {
// accepts: [{arg: 'filter', type: 'object', description: '...'}],
// returns: [{arg: 'users', type: ['User']}]
// },
// 'User.find': {
// accepts: [{arg: 'id', type: 'any'}],
// returns: [{arg: 'items', type: 'User'}]
// },
// ...
// }
// var oracle = loopback.createDataSource({
// connector: 'oracle',
// host: '111.22.333.44',
// database: 'MYDB',
// username: 'username',
// password: 'password'
// });
//
// */
// done(new Error('test not implemented'));
// });
// });
// describe('Model.before(name, fn)', function(){
// it('Run a function before a method is called', function() {
// // User.before('save', function(user, next) {
// // console.log('about to save', user);
// //
// // next();
// // });
// //
// // User.before('delete', function(user, next) {
// // // prevent all delete calls
// // next(new Error('deleting is disabled'));
// // });
// // User.beforeRemote('save', function(ctx, user, next) {
// // if(ctx.user.id === user.id) {
// // next();
// // } else {
// // next(new Error('must be logged in to update'))
// // }
// // });
//
// throw new Error('not implemented');
// });
// });
//
// describe('Model.after(name, fn)', function(){
// it('Run a function after a method is called', function() {
//
// throw new Error('not implemented');
// });
// });
}); });

3
test/remoting.integration.js
View File

@ -66,5 +66,4 @@ describe('remoting - integration', function () {
}); });
}); });
}) });
;