effective_datatables 4.6.2 → 4.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 160c25c1ffac1f7c4bc0047d186733f8d449c32d92a48135ceaddb05550965f6
-  data.tar.gz: cf1f18dc6748482ff5af51e0de2d13babdfca2185fa38f819042e072b98dd375
+  metadata.gz: a4470fed54cce153fddf79984ca733cfe00c3232cff43cce5b20d998b18a2f6b
+  data.tar.gz: 9357498f73ab31c491e28f09e9c6d4619c8960f26764210f04fbe700fa322744
 SHA512:
-  metadata.gz: 7562d2915db7e4b575d92d249334fe243086989551ad783faff17815388095ac11adc321e349dd94b7ee027a4e2a7c3103744b201fab2f898989a180bc455bcc
-  data.tar.gz: f55ea42ec961870daba197a13ef6ead1bac0bc5787204a4468f663efaa1bb5953eb5b5c94c1b76e29d47e4583e142db0ffeb3f924d85a5ebb36d0ec15feaed25
+  metadata.gz: 96329fe58fe84c6594d99048be257d38645f78fa88eeac7a55f712383014295075cd40e2ab38cfbdb592d34e76c9466a98689511b09e49205a5e5fdf442f1409
+  data.tar.gz: d5db73e577df3a97abfe8eff01c81699f65617652b2d2ecf1e712e0e185c908d0d76bf293993020e98bf89f9faf32b9ed318de52551d9ec702df98f2f3b5d750

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2018 Code and Effect Inc.
+Copyright 2019 Code and Effect Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -348,7 +348,7 @@ When initialized with a Hash, that hash is available throughout the entire datat
 
 You can call the attributes from within the datatable as `attributes` or within a partial/view as `@datatable.attributes`.
 
-These attributes are serialized and stored in an encrypted cookie. Objects won't work. Keep it simple.
+These attributes are serialized and stored in an encrypted data attribute. Objects won't work. Keep it simple.
 
 Attributes cannot be changed by search, filter, or state in any way. They're guaranteed to be the same as when first initialized.
 

data/app/assets/javascripts/effective_datatables/initialize.js.coffee

@@ -60,7 +60,7 @@ initializeDataTables = (target) ->
         $table = $(api.table().node())
         $form = $(".effective-datatables-filters[aria-controls='#{$table.attr('id')}']").first()
 
-        params['cookie'] = $table.data('cookie')
+        params['attributes'] = $table.data('attributes')
         params['authenticity_token'] = $table.data('authenticity-token')
 
         if $form.length > 0

data/app/assets/javascripts/effective_datatables/inline_crud.js.coffee

@@ -8,7 +8,7 @@ $(document).on 'ajax:beforeSend', '.dataTables_wrapper .col-actions', (e, xhr, s
 
   return true if ('' + $action.data('inline')) == 'false'
 
-  $params =  $.param({_datatable_id: $table.attr('id'), _datatable_cookie: $table.data('cookie'), _datatable_action: true })
+  $params = $.param({_datatable_id: $table.attr('id'), _datatable_attributes: $table.data('attributes'), _datatable_action: true })
   settings.url += (if settings.url.indexOf('?') == -1 then '?' else '&') + $params
 
   if $action.closest('.effective-datatables-inline-row,table.dataTable').hasClass('effective-datatables-inline-row')
@@ -60,7 +60,7 @@ $(document).on 'ajax:error', '.dataTables_wrapper', (event) ->
 $(document).on 'ajax:beforeSend', '.dataTables_wrapper .col-inline-form', (e, xhr, settings) ->
   $table = $(e.target).closest('table')
 
-  $params =  $.param({_datatable_id: $table.attr('id'), _datatable_cookie: $table.data('cookie') })
+  $params = $.param({_datatable_id: $table.attr('id'), _datatable_attributes: $table.data('attributes') })
   settings.url += (if settings.url.indexOf('?') == -1 then '?' else '&') + $params
 
   true

data/app/assets/javascripts/effective_datatables/reorder.js.coffee

@@ -8,7 +8,7 @@ reorder = (event, diff, edit) ->
   return unless oldNode? && newNode?
 
   url = @context[0].ajax.url.replace('.json', '/reorder.json')
-  data = {'reorder[id]': oldNode.data('reorder-resource'), 'reorder[old]': oldNode.val(), 'reorder[new]': newNode.val(), _datatable_id: $table.attr('id'), _datatable_cookie: $table.data('cookie') }
+  data = {'reorder[id]': oldNode.data('reorder-resource'), 'reorder[old]': oldNode.val(), 'reorder[new]': newNode.val(), attributes: $table.data('attributes') }
 
   @context[0].rowreorder.c.enable = false
 

data/app/controllers/effective/datatables_controller.rb

@@ -5,7 +5,7 @@ module Effective
     # This will respond to both a GET and a POST
     def show
       begin
-        @datatable = EffectiveDatatables.find(params[:id])
+        @datatable = EffectiveDatatables.find(params[:id], params[:attributes])
         @datatable.view = view_context
 
         EffectiveDatatables.authorize!(self, :index, @datatable.collection_class)
@@ -22,7 +22,7 @@ module Effective
 
     def reorder
       begin
-        @datatable = EffectiveDatatables.find(params[:id])
+        @datatable = EffectiveDatatables.find(params[:id], params[:attributes])
         @datatable.view = view_context
 
         EffectiveDatatables.authorize!(self, :index, @datatable.collection_class)

data/app/helpers/effective_datatables_helper.rb

@@ -40,10 +40,10 @@ module EffectiveDatatablesHelper
       id: datatable.to_param,
       class: html_class,
       data: {
+        'attributes' => EffectiveDatatables.encrypt(datatable.attributes),
         'authenticity-token' => form_authenticity_token,
         'bulk-actions' => datatable_bulk_actions(datatable),
         'columns' => datatable_columns(datatable),
-        'cookie' => datatable.cookie_key,
         'display-length' => datatable.display_length,
         'display-order' => datatable_display_order(datatable),
         'display-records' => datatable.to_json[:recordsFiltered],
@@ -93,14 +93,14 @@ module EffectiveDatatablesHelper
   end
 
   def inline_datatable?
-    params[:_datatable_id].present?
+    params[:_datatable_id].present? && params[:_datatable_attributes].present?
   end
 
   def inline_datatable
     return nil unless inline_datatable?
     return @_inline_datatable if @_inline_datatable
 
-    datatable = EffectiveDatatables.find(params[:_datatable_id])
+    datatable = EffectiveDatatables.find(params[:_datatable_id], params[:_datatable_attributes])
     datatable.view = self
 
     EffectiveDatatables.authorize!(self, :index, datatable.collection_class)

data/app/models/effective/datatable.rb

@@ -31,10 +31,10 @@ module Effective
     include Effective::EffectiveDatatable::Resource
     include Effective::EffectiveDatatable::State
 
-    def initialize(view = nil, attributes = {})
+    def initialize(view = nil, attributes = nil) 
       (attributes = view; view = nil) if view.kind_of?(Hash)
 
-      @attributes = initial_attributes(attributes)
+      @attributes = (attributes || {})
       @state = initial_state
 
       @_aggregates = {}
@@ -45,6 +45,7 @@ module Effective
       @_form = {}
       @_scopes = {}
 
+      raise 'expected a hash of arguments' unless @attributes.kind_of?(Hash)
       raise 'collection is defined as a method. Please use the collection do ... end syntax.' unless collection.nil?
       self.view = view if view
     end
@@ -54,14 +55,14 @@ module Effective
       @view = (view.respond_to?(:view_context) ? view.view_context : view)
       raise 'expected view to respond to params' unless @view.respond_to?(:params)
 
-      load_cookie!
-      assert_cookie!
+      assert_attributes!
       load_attributes!
 
       # We need early access to filter and scope, to define defaults from the model first
-      # This means filters do knows about attributes but not about columns.
+      # This means filters do know about attributes but not about columns.
       initialize_filters if respond_to?(:initialize_filters)
       load_filters!
+
       load_state!
 
       # Bulk actions called first so it can add the bulk_actions_col first
@@ -147,7 +148,7 @@ module Effective
     end
 
     def to_param
-      @to_param ||= "#{self.class.name.underscore.parameterize}-#{cookie_param}"
+      @to_param ||= "#{self.class.name.underscore.parameterize}-#{[self.class, attributes].hash.abs.to_s.last(12)}"
     end
 
     def columns

data/app/models/effective/effective_datatable/attributes.rb

@@ -4,17 +4,14 @@ module Effective
 
       private
 
-      def initial_attributes(args)
-        raise "#{self.class.name}.new() expected Hash like arguments" unless args.kind_of?(Hash)
-        args
+      def assert_attributes!
+        if datatables_ajax_request? || datatables_inline_request?
+          raise 'expected attributes to be present' unless attributes.present?
+        end
       end
 
       def load_attributes!
-        if datatables_ajax_request? || datatables_inline_request?
-          @attributes = cookie.delete(:attributes)
-        else
-          @attributes[:_n] ||= view.controller_path.split('/')[0...-1].join('/').presence
-        end
+        @attributes[:_n] ||= view.controller_path.split('/')[0...-1].join('/').presence
       end
 
     end

data/app/models/effective/effective_datatable/cookie.rb

@@ -6,39 +6,21 @@ module Effective
         @cookie
       end
 
-      def cookie_key
-        @cookie_key ||= (
-          if datatables_ajax_request?
-            view.params[:cookie]
-          elsif datatables_inline_request?
-            view.params[:_datatable_cookie]
-          else
-            cookie_param
-          end
-        )
-      end
-
-      # All possible dt cookie keys.  Used to make sure the datatable has a cookie set for this session.
-      def cookie_keys
-        @cookie_keys ||= Array(@dt_cookie).compact.map(&:first)
-      end
-
-      def cookie_param
-        [self.class, attributes].hash.abs.to_s.last(12) # Not guaranteed to be 12 long
-      end
-
       private
 
       def load_cookie!
+        return unless EffectiveDatatables.save_state
+
         @dt_cookie = view.cookies.signed['_effective_dt']
 
         # Load global datatables cookie
         if @dt_cookie.present?
+
           @dt_cookie = Marshal.load(Base64.decode64(@dt_cookie))
           raise 'invalid datatables cookie' unless @dt_cookie.kind_of?(Array)
 
           # Assign individual cookie
-          index = @dt_cookie.rindex { |key, _| key == cookie_key }
+          index = @dt_cookie.rindex { |key, _| key == to_param }
           @cookie = @dt_cookie.delete_at(index) if index
         end
 
@@ -46,18 +28,14 @@ module Effective
         if @cookie.kind_of?(Array)
           @cookie = initial_state.keys.zip(@cookie.second).to_h
         end
-      end
 
-      def assert_cookie!
-        if datatables_ajax_request? || datatables_inline_request?
-          raise 'expected cookie to be present' unless cookie
-          raise 'expected attributes cookie to be present' unless cookie[:attributes]
-        end
       end
 
       def save_cookie!
+        return unless EffectiveDatatables.save_state
+
         @dt_cookie ||= []
-        @dt_cookie << [cookie_key, cookie_payload]
+        @dt_cookie << [to_param, cookie_payload]
 
         while @dt_cookie.to_s.size > EffectiveDatatables.cookie_max_size.to_i
           @dt_cookie.shift((@dt_cookie.length / 3) + 1)
@@ -72,7 +50,7 @@ module Effective
       end
 
       def cookie_payload
-        payload = state.except(:attributes, :visible)
+        payload = state.except(:visible)
 
         # Turn visible into a bitmask.  This is undone in load_columns!
         payload[:vismask] = (
@@ -81,8 +59,7 @@ module Effective
           end
         )
 
-        # Just store the values
-        [attributes] + payload.values
+        payload.values # Just store the values
       end
 
     end

data/app/models/effective/effective_datatable/params.rb

@@ -7,17 +7,13 @@ module Effective
       def datatables_ajax_request?
         return @_datatables_ajax_request unless @_datatables_ajax_request.nil?
 
-        @_datatables_ajax_request = (view.present? && view.params.key?(:draw) && view.params.key?(:columns) && view.params.key?(:cookie))
+        @_datatables_ajax_request = (view.present? && view.params.key?(:draw) && view.params.key?(:columns))
       end
 
       def datatables_inline_request?
         return @_datatables_inline_request unless @_datatables_inline_request.nil?
 
-        @_datatables_inline_request = (
-          view &&
-          view.params[:_datatable_id].to_s.split('-')[0...-1] == to_param.split('-')[0...-1] &&
-          cookie_keys.include?(view.params[:_datatable_cookie])
-        )
+        @_datatables_inline_request = (view.present? && view.params[:_datatable_id].to_s.split('-')[0...-1] == to_param.split('-')[0...-1])
       end
 
       def params

data/app/models/effective/effective_datatable/state.rb

@@ -55,7 +55,6 @@ module Effective
       # This is called first. Our initial state is set.
       def initial_state
         {
-          attributes: {},
           filter: {},
           length: nil,
           order_name: nil,
@@ -89,17 +88,17 @@ module Effective
 
       def load_state!
         if datatables_ajax_request?
+          load_cookie! # but not state.
           load_filter_params!
           load_ajax_state!
         elsif datatables_inline_request?
-          load_cookie_state!
-        elsif cookie.present? && cookie[:params] == params.length && EffectiveDatatables.save_state
-          load_cookie_state!
+          load_filter_params!
         else
-          # Nothing to do for default state
+          load_cookie!
+          load_cookie_state! if cookie.present? && cookie[:params] == cookie_state_params
+          load_filter_params!
         end
-
-        load_filter_params! unless datatables_ajax_request?
+        
         fill_empty_filters!
       end
 
@@ -134,7 +133,7 @@ module Effective
           state[:filter][name] = parse_filter_value(_filters[name], value)
         end
 
-        state[:params] = cookie[:params]
+        state[:params] = cookie[:params] if cookie.present?
       end
 
       def load_cookie_state!
@@ -187,7 +186,7 @@ module Effective
 
         unless datatables_ajax_request?
           search_params.each { |name, value| state[:search][name] = value }
-          state[:params] = params.length
+          state[:params] = cookie_state_params
         end
 
         state[:visible].delete_if { |name, _| columns.key?(name) == false }
@@ -202,6 +201,10 @@ module Effective
         Effective::Attribute.new(filter[:value]).parse(value, name: filter[:name])
       end
 
+      def cookie_state_params
+        params.hash.abs.to_s.last(12)
+      end
+
     end
   end
 end

data/config/effective_datatables.rb

@@ -31,8 +31,7 @@ EffectiveDatatables.setup do |config|
   # Log search/sort information to the console
   config.debug = true
 
-  # If a user has previously visited this page and is returning, use the cookie to restore last session
-  # Irregardless of this setting, effective_datatables still uses a cookie to function
+  # Use a cookie to save and restore state from previous page visits.
   config.save_state = true
 
   # Configure the _effective_dt cookie.

data/lib/effective_datatables.rb

@@ -42,11 +42,12 @@ module EffectiveDatatables
     raise Effective::AccessDenied.new('Access Denied', action, resource) unless authorized?(controller, action, resource)
   end
 
-  def self.find(id)
+  def self.find(id, attributes = nil)
     id = id.to_s.gsub(/-\d+\z/, '').gsub('-', '/')
     klass = (id.classify.safe_constantize || id.classify.pluralize.safe_constantize)
+    attributes = decrypt(attributes) || {}
 
-    klass.try(:new) || raise('unable to find datatable')
+    klass.try(:new, **attributes) || raise('unable to find datatable')
   end
 
   # Locale is coming from view. I think it can be dynamic.
@@ -62,4 +63,23 @@ module EffectiveDatatables
     end
   end
 
+  def self.encrypt(attributes)
+    payload = message_encrypter.encrypt_and_sign(attributes)
+  end
+
+  def self.decrypt(payload)
+    return unless payload.present?
+    return payload if payload.kind_of?(Hash)
+
+    attributes = message_encrypter.decrypt_and_verify(payload)
+
+    raise 'invalid decoded inline payload' unless attributes.kind_of?(Hash)
+
+    attributes
+  end
+
+  def self.message_encrypter
+    ActiveSupport::MessageEncryptor.new(Rails.application.secret_key_base.to_s.first(32))
+  end
+
 end

data/lib/effective_datatables/version.rb

@@ -1,3 +1,3 @@
 module EffectiveDatatables
-  VERSION = '4.6.2'.freeze
+  VERSION = '4.7.0'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_datatables
 version: !ruby/object:Gem::Version
-  version: 4.6.2
+  version: 4.7.0
 platform: ruby
 authors:
 - Code and Effect
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-31 00:00:00.000000000 Z
+date: 2019-06-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails