Hi Peter,
Your suggestion will work fine. Thank you. I was hoping there would be
a way to do this within ActiveModel or ActiveRecord because I also
want to do this the other way around: I would like to render some
javascript in which can dynamically define these attributes. I'll have
to do that with some kind of model variable or method.
Jaap Haagmans
On 10 jul, 18:37, Peter De Berdt <peter.de.be...@pandora.be> wrote:
> Overwriting the "as_json" method in your model should work too I
> think. Best way to to it IMO if it's just one model you want to change
> the to_json behavior on.
>
> def as_json(options={})
> options[:except] ||= [:some, :fields, :here]
> super(options)
> end
>
> On 10 Jul 2011, at 17:35, Everaldo Gomes wrote:
>
>
>
>
>
>
>
>
>
> > I think you could use inheritance to extend ActiveRecord::Base and
> > then you could overwrite the to_json method.
>
> > There you could write the rules for default excluded column names.
>
> > Then, your Models should extend your inherited class.
>
> > I don't know if this work, it's just an idea.
>
> > Best Regards,
>
> > Everaldo
>
> > On Sun, Jul 10, 2011 at 12:01 PM, jhaagmans
> > <jaap.haagm...@gmail.com> wrote:
> > Hi,
>
> > I'd like to get your thoughts on something. We're developing an
> > application that relies heavily RESTful JSON requests.
>
> > Because I want to keep the code as clean as possible, I want to be
> > able to return the JSON for a user using @user.to_json. Which works
> > fine, but it also includes the crypted_password data and the
> > persistence_token, among other things.
>
> > What I do now to prevent this from happening is including an :except
> > option for the to_json method in my controller for these sensitive
> > columns, but I'd like to know whether there is a way to specify the
> > excluded columns somewhere in the model to prevent serialization of
> > these attributes.
>
> > If that's possible I'd also like to know whether there's a way to
> > check for this prevention so that we can dynamically generate relevant
> > column names (for example).
>
> Best regards
>
> Peter De Berdt
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to
rubyonrails-talk+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
