From 2926ed6407cf31cc1b97e77f8205fe4221572337 Mon Sep 17 00:00:00 2001 From: Alexandre Narbonne Date: Wed, 20 Jul 2022 10:39:45 +0200 Subject: [PATCH 1/2] Update attributes guard documentation with attribute_name parameter --- _site/guides/concepts/resources.html | 9 +++++++-- guides/concepts/resources.md | 7 ++++++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/_site/guides/concepts/resources.html b/_site/guides/concepts/resources.html index 482bcbe..dff1578 100644 --- a/_site/guides/concepts/resources.html +++ b/_site/guides/concepts/resources.html @@ -231,12 +231,17 @@

end

When guarding the :readable flag, the method can optionally accept the -model instance being serialized as an argument:

+model instance and the of the attribute being serialized as arguments:

attribute :name, :string, readable: :allowed?
+attribute :age, :integer, readable: :attribute_allowed?
 
 def allowed?(model_instance)
   model_instance.internal == false
+end
+
+def attribute_allowed?(model_instance, attribute_name)
+  PolicyChecker.new(model_instance).attribute_readable?(attribute_name)
 end

@@ -1337,7 +1342,7 @@

class Employee < ApplicationRecord
   has_many :team_memberships
-  has_many :teams, through :team_memberships
+  has_many :teams, through: :team_memberships
 end
 
 class TeamMembership < ApplicationRecord
diff --git a/guides/concepts/resources.md b/guides/concepts/resources.md
index 07ed336..1eee684 100644
--- a/guides/concepts/resources.md
+++ b/guides/concepts/resources.md
@@ -113,14 +113,19 @@ end
 {% endhighlight %}
 
 When guarding the `:readable` flag, the method can optionally accept the
-model instance being serialized as an argument:
+model instance and the of the attribute being serialized as arguments:
 
 {% highlight ruby %}
 attribute :name, :string, readable: :allowed?
+attribute :age, :integer, readable: :attribute_allowed?
 
 def allowed?(model_instance)
   model_instance.internal == false
 end
+
+def attribute_allowed?(model_instance, attribute_name)
+  PolicyChecker.new(model_instance).attribute_readable?(attribute_name)
+end
 {% endhighlight %}
 
 {% include h.html tag="h4" text="2.2 Default Behavior" a="default-behavior" %}

From b7bb98434bb811db505068860a355b44f4998cbf Mon Sep 17 00:00:00 2001
From: Alexandre Narbonne 
Date: Wed, 20 Jul 2022 13:49:43 +0200
Subject: [PATCH 2/2] fix typo in my previous message and add documentation for
 default behavior

---
 _site/guides/concepts/resources.html | 12 +++++++++++-
 guides/concepts/resources.md         | 14 +++++++++++++-
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/_site/guides/concepts/resources.html b/_site/guides/concepts/resources.html
index dff1578..2927044 100644
--- a/_site/guides/concepts/resources.html
+++ b/_site/guides/concepts/resources.html
@@ -231,7 +231,7 @@ 
 end

When guarding the :readable flag, the method can optionally accept the -model instance and the of the attribute being serialized as arguments:

+model instance and the name of the attribute being serialized as arguments:

attribute :name, :string, readable: :allowed?
 attribute :age, :integer, readable: :attribute_allowed?
@@ -261,6 +261,16 @@ 
 self.attributes_sortable_by_default = false # default true
 self.attributes_schema_by_default = false # default true

As for resource defined guards, you can pass a symbol to guard the +behavior globally. This can be used to globally delegate access control to a +dedicated system.

+ +

self.attributes_readable_by_default = :attribute_readable? # default true
+
+def attribute_readable?(model_instance, attribute_name)
+  PolicyChecker.new(model_instance).attribute_readable?(attribute_name)
+end

diff --git a/guides/concepts/resources.md b/guides/concepts/resources.md index 1eee684..ad9cdf2 100644 --- a/guides/concepts/resources.md +++ b/guides/concepts/resources.md @@ -113,7 +113,7 @@ end {% endhighlight %} When guarding the `:readable` flag, the method can optionally accept the -model instance and the of the attribute being serialized as arguments: +model instance and the name of the attribute being serialized as arguments: {% highlight ruby %} attribute :name, :string, readable: :allowed? @@ -142,6 +142,18 @@ self.attributes_sortable_by_default = false # default true self.attributes_schema_by_default = false # default true {% endhighlight %} +As for resource defined guards, you can pass a symbol to guard the +behavior globally. This can be used to globally delegate access control to a +dedicated system. + +{% highlight ruby %} +self.attributes_readable_by_default = :attribute_readable? # default true + +def attribute_readable?(model_instance, attribute_name) + PolicyChecker.new(model_instance).attribute_readable?(attribute_name) +end +{% endhighlight %} + {% include h.html tag="h4" text="2.3 Customizing Display" a="customizing-display" %} Pass a block to `attribute` to customize display: pFad - Phonifier reborn

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies:

`end`

`self.attributes_sortable_by_default = false # default true self.attributes_schema_by_default = false # default true`

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.