effective_resources 0.8.10 → 0.8.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7c8bdc84abf94942e54c5007aedf0d5ed6258473
-  data.tar.gz: b4cee9fb014e4a40ba1cdbba3d1caee1e45cf084
+  metadata.gz: 085758676d246a9dd5d66beaafb5cdaf9590e25d
+  data.tar.gz: d9e777683dbe93f7e8aa8729f88f9731ad5b09ae
 SHA512:
-  metadata.gz: eefe5e914263f9fe5da1c41362d1c67b7289db996a19b86b5cc51edb67848ab07cdfcfa3ce049c7a38d3b85b2fcfd2901c9d6a7eba51aa31de8e0141ab975f56
-  data.tar.gz: 0b37485ef2faca4106f55b81cac1fb8966854c75f9fa8faf31ca1ca8d05d2e8f7b3ba3634ee34ed3a3c2403ea33f5c98475c27759138def3dd7cf7001540d8bd
+  metadata.gz: 730e4cecbdbfd7ee0fac449657e90d37bf40417c45ec4ab24519f50fb48588b2bf8c3e73eea0a355a70d0d793c3e301ee28e2b7ca53a2a6ff15d2438a809e7a5
+  data.tar.gz: b95e549ee16faaceb680920bd3261109ac2a9cbf2b80c1b3eeda41e069657e6056aa2efd1150b7a0471dba359ebbb748126cfcb1bce5fa6a92325aba2190d9cd

data/README.md

@@ -173,6 +173,16 @@ to render just the `Save` button, with appropriate data-disable, title, etc.
 
   = effective_submit(f) do
     = f.save 'Will be appended'
+```
+
+### acts_as_tokened
+
+Quickly adds rails 5 `has_secure_token` to your model, along with some `Post.find()` enhancements to work with tokens instead of IDs.
+
+This prevents enumeration of this resource.
+
+Make sure to create a string `token` field on your model, then just declare `acts_as_tokened`.  There are no options.
+
 
 ## License
 

data/app/models/concerns/acts_as_tokened.rb

@@ -0,0 +1,44 @@
+# ActsAsTokened
+#
+# Implements rails 5 has_secure_token
+# Extends the find() method to work with tokens instead of ids. Prevents enumeration of this resource.
+
+module ActsAsTokened
+  extend ActiveSupport::Concern
+
+  module ActiveRecord
+    def acts_as_tokened(options = nil)
+      raise 'must respond to token' unless new().respond_to?(:token)
+
+      include ::ActsAsTokened
+    end
+  end
+
+  included do
+    has_secure_token
+
+    extend FinderMethods
+  end
+
+  module ClassMethods
+    def relation
+      super.tap { |relation| relation.extend(FinderMethods) }
+    end
+  end
+
+  module FinderMethods
+    def find(*args)
+      return super unless args.length == 1
+      return super if block_given?
+
+      find_by_token(args.first) || raise(::ActiveRecord::RecordNotFound.new("Couldn't find #{name} with 'token'=#{args.first}"))
+    end
+  end
+
+  # Instance Methods
+  def to_param
+    token
+  end
+
+end
+

data/lib/effective_resources/engine.rb

@@ -16,5 +16,12 @@ module EffectiveResources
       end
     end
 
+    # Include acts_as_addressable concern and allow any ActiveRecord object to call it
+    initializer 'effective_resources.active_record' do |app|
+      ActiveSupport.on_load :active_record do
+        ActiveRecord::Base.extend(ActsAsTokened::ActiveRecord)
+      end
+    end
+
   end
 end

data/lib/effective_resources/version.rb

@@ -1,3 +1,3 @@
 module EffectiveResources
-  VERSION = '0.8.10'.freeze
+  VERSION = '0.8.11'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: effective_resources
 version: !ruby/object:Gem::Version
-  version: 0.8.10
+  version: 0.8.11
 platform: ruby
 authors:
 - Code and Effect
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-05-08 00:00:00.000000000 Z
+date: 2018-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -38,6 +38,7 @@ files:
 - app/controllers/concerns/effective/crud_controller.rb
 - app/controllers/concerns/effective/flash_messages.rb
 - app/helpers/effective_resources_helper.rb
+- app/models/concerns/acts_as_tokened.rb
 - app/models/effective/access_denied.rb
 - app/models/effective/attribute.rb
 - app/models/effective/code_reader.rb