hashid-rails 0.7.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ff291b0a3ecd103ccc6af6971f85636cd06e0c3f
-  data.tar.gz: 99cddc687a989d82845d7d928a26d5e8f19b872b
+  metadata.gz: 452d76b6a75d881163fd3f8a5216b458ac1d96fd
+  data.tar.gz: 54201c5c82b115e15c207c7d0c57a8176cb490e7
 SHA512:
-  metadata.gz: 2ba2b51cab4a714ba1d5020095e742bac5569a2d2316282af29e5733d97a0cd723b47009368e08b426fe10378e09824a8448446487dfad0e95bd08be48392dd4
-  data.tar.gz: 851fd6b4a1f66a5baf332ec942852c2811e635888f79aefd7b438e36c0c6622b7f24cb49a547a2000f3acb77e1f7e20846a052f1ec8d7893512f78db88f9a0dc
+  metadata.gz: b604b9ed6b7550f16445847d1f2f93de1af252cc70c1a72c76a2709cb803eda02598e8b0d2102705a109911dcc18f4abc916f025c293102da700303c24756233
+  data.tar.gz: 679db7739b37d2d705e9b1745e78abd881682982c8d5fc591d6de159cc8641e3e2b10ace09e2084c0e7d3332eb2581747e810f72bb5208e697fc9cfb59ddf5f5

data/.gitignore

@@ -7,3 +7,4 @@
 /pkg/
 /spec/reports/
 /tmp/
+/.ruby-version

data/.rubocop.yml

@@ -4,7 +4,7 @@ Style/IndentArray:
   EnforcedStyle: consistent
 Style/Documentation:
   Enabled: false
-Style/BlockLength:
+Metrics/BlockLength:
   Exclude:
   - "*.gemspec"
   - "spec/**/*.rb"

data/.travis.yml

@@ -1,8 +1,9 @@
 language: ruby
 cache: bundler
 rvm:
-  - 2.2.5
-  - 2.3.1
+  - 2.3.0
 addons:
   code_climate:
-    repo_token: 561da3bbc224e5217ceba7b8f99d24190d7d65b221570db6cf0949381e4c0c27
+    repo_token: 37aee70bb2e818f3bf4d2af88ea4a4355393901ba98b3876c244d42ed20fdbe1
+after_success:
+  - bundle exec codeclimate-test-reporter

data/CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## 1.0.0 (2017-04-29)
+- Sign hashids to prevent accidentally decoded regular ids
+- Require explicitly including Hashid::Rails in models
+- Improve support for model associations
+- Rename config variables to better match hashids project
+- Improve overall test coverage
+
 ## 0.7.0 (2017-02-15)
 - Add configuration option to disable overriding default `find` (#22).
 

data/README.md

@@ -32,56 +32,86 @@ $ gem install hashid-rails
 
 ## Basic Usage
 
-Just use `Model#find` passing in the hashid instead of the model id.
+1. Include Hashid Rails in the ActiveRecord model you'd like to enable hashids.
+
+```ruby
+class Model < ActiveRecord::Base
+  include Hashid::Rails
+end
+```
+
+2. Continue using `Model#find` passing in either a hashid or regular 'ol id.
 
 ```ruby
 @person = Person.find(params[:hashid])
 ```
 
+## Get hashid of model
+
+You can access the hashid of any model using the `hashid` method.
+
+```ruby
+model = Model.find(params[:hashid])
+#=> <Model>
+model.hashid
+#=> "yLA6m0oM"
+```
+
+Additionally, the `to_param` method is overriden to use hashid instead of id.
+This means methods that take advantage of implicit ID will automatically work
+with hashids.
+
+```erb
+Passing a hashid model to `link_to`…
+<%= link_to "Model", model %>
+
+will use `hashid` instead of `id`.
+<a href="/models/yLA6m0oM">Model</a>
+```
+
 ## Alternative Usage
 
 You can use the `Model#find_by_hashid` method to find a record without falling
-back on the standard `find` method. This can be useful in cases where the hashid
-might be misinterpreted by the `find` method, such as using a hashid containing
-only numbers that could be both interpreted as either an id and or a hashid.
+back on the standard `find` method.
+
 
 ```ruby
 # When a record is found, it returns the record.
 @person = Person.find_by_hashid(params[:hashid])
+#=> <Person>
+
+# When no record, it returns nil
+@person = Person.find_by_hashid(params[:hashid])
+#=> nil
 
-# When no record, is found it raises an exception.
-ActiveRecord::RecordNotFound
+# A bang (!) version is also available and raises an exception when not found.
+@person = Person.find_by_hashid!(params[:hashid])
+#=> ActiveRecord::RecordNotFound
 ```
 
-## Configuration
+## Configuration (optional)
 
-To customize the Hashids seed and ensure that another user of the gem cannot
-easily reverse engineer your ids, create an initializer and:
+You can add an initializer for Hashid::Rails to customize the options passed to
+the Hashids gem. This is completely optional. The configuration below shows the
+default options.
 
 ```ruby
 Hashid::Rails.configure do |config|
-  config.secret = 'my secret'
-  config.length = 6
-  # config.alphabet is optional, hashids provides a default
-  # alphabet that consists of all characters [a-zA-Z0-9]
-  config.alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-  
-  # If your alphbet contains any numerals [0-9], then we recommend diabling the find method
-  #config.disable_find = true
-end
-```
-### Disable Find Method
+  # The salt to use for generating hashid. Prepended with table name.
+  config.salt = ""
 
-If your alphabet includes numerals (0-9) and if the ids in your database are the same length as your hashes, then there could be valid
-hashids that are identical to valid ids.  This ambiguity could lead the `find` method to behave unpredictably.  Since `find` accepts both
-hashids and ids, an input argument that is potentially both a valid hashid and id, will cause `find` to treat the argument as a hashid
-in some cases, and as an id in others.  This unpredictably is usually not desired and can lead to subtle bugs appearing at runtime
+  # The minimum length of generated hashids
+  config.min_hash_length = 6
 
-In order to avoid this problem, users can add `config.disable_find = true` to their initializer.  This will disable the hashid
-functionality of the `find` method and force `find` to only accept normal (unhashed) ids.  Under this configuration, programmer 
-will need to use the `find_by_hashid` method when desiring to explicitly search by hashid.
+  # The alphabet to use for generating hashids
+  config.alphabet = "abcdefghijklmnopqrstuvwxyz" \
+                    "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
+                    "1234567890"
 
-It is recommended that `config.disable_find = true` be set when the alphabet contains any numerals.
+  # Whether to override the `find` method
+  config.override_find = true
+end
+```
 
 ## Development
 

data/hashid-rails.gemspec

@@ -30,7 +30,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "rspec", "~> 3.4.0"
-  spec.add_development_dependency "codeclimate-test-reporter"
+  spec.add_development_dependency "codeclimate-test-reporter", "~> 1.0.0"
   spec.add_development_dependency "sqlite3"
   spec.add_development_dependency "rubocop"
   spec.add_development_dependency "byebug"

data/lib/hashid/rails.rb

@@ -5,6 +5,14 @@ require "active_record"
 
 module Hashid
   module Rails
+    # Arbitrary value to verify hashid
+    # https://en.wikipedia.org/wiki/Phrases_from_The_Hitchhiker%27s_Guide_to_the_Galaxy#On_the_Internet_and_in_software
+    HASHID_TOKEN = 42
+
+    def self.included(base)
+      base.extend ClassMethods
+    end
+
     # Get configuration or load defaults
     def self.configuration
       @configuration ||= Configuration.new
@@ -20,31 +28,12 @@ module Hashid
       @configuration = Configuration.new
     end
 
-    def self.included(base)
-      base.extend ClassMethods
-    end
-
-    def encoded_id
+    def hashid
       self.class.encode_id(id)
     end
-
-    def to_param
-      encoded_id
-    end
-    alias hashid to_param
+    alias to_param hashid
 
     module ClassMethods
-      def hashids
-        secret = Hashid::Rails.configuration.secret
-        length = Hashid::Rails.configuration.length
-        alphabet = Hashid::Rails.configuration.alphabet
-
-        arguments = ["#{table_name}#{secret}", length]
-        arguments << alphabet if alphabet.present?
-
-        Hashids.new(*arguments)
-      end
-
       def encode_id(ids)
         if ids.is_a?(Array)
           ids.map { |id| hashid_encode(id) }
@@ -55,40 +44,52 @@ module Hashid
 
       def decode_id(ids)
         if ids.is_a?(Array)
-          decoded_ids = ids.map { |id| hashid_decode(id) }
-          decoded_ids.any? ? decoded_ids : nil
+          ids.map { |id| hashid_decode(id) }
         else
           hashid_decode(ids)
         end
       end
 
-      def find(hashid)
-        if model_reload? || Hashid::Rails.configuration.disable_find
-          super(hashid)
+      def find(*ids)
+        expects_array = ids.first.is_a?(Array)
+
+        uniq_ids = ids.flatten.compact.uniq
+        uniq_ids = uniq_ids.first unless expects_array || uniq_ids.size > 1
+
+        if Hashid::Rails.configuration.override_find
+          super(decode_id(uniq_ids))
         else
-          super(decode_id(hashid) || hashid)
+          super
         end
       end
 
       def find_by_hashid(hashid)
-        find_by!(id: hashid_decode(hashid))
+        find_by(id: decode_id(hashid))
+      end
+
+      def find_by_hashid!(hashid)
+        find_by!(id: decode_id(hashid))
       end
 
       private
 
-      def model_reload?
-        caller.any? { |s| s =~ %r{ active_record/persistence.*reload } }
+      def hashids
+        Hashids.new(*Hashid::Rails.configuration.for_table(table_name))
+      end
+
+      def hashid_encode(id)
+        hashids.encode(HASHID_TOKEN, id)
       end
 
       def hashid_decode(id)
-        hashids.decode(id.to_s).first
+        decoded_hashid = hashids.decode(id.to_s)
+        return id unless valid_hashid?(decoded_hashid)
+        decoded_hashid.last
       end
 
-      def hashid_encode(id)
-        hashids.encode(id)
+      def valid_hashid?(decoded_hashid)
+        decoded_hashid.size == 2 && decoded_hashid.first == HASHID_TOKEN
       end
     end
   end
 end
-
-ActiveRecord::Base.send :include, Hashid::Rails

data/lib/hashid/rails/configuration.rb

@@ -1,13 +1,19 @@
 module Hashid
   module Rails
     class Configuration
-      attr_accessor :secret, :length, :alphabet, :disable_find
+      attr_accessor :salt, :min_hash_length, :alphabet, :override_find
 
       def initialize
-        @secret = ""
-        @length = 6
-        @alphabet = nil
-        @disable_find = false
+        @salt = ""
+        @min_hash_length = 6
+        @alphabet = "abcdefghijklmnopqrstuvwxyz" \
+                    "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
+                    "1234567890"
+        @override_find = true
+      end
+
+      def for_table(table_name)
+        ["#{table_name}#{salt}", min_hash_length, alphabet]
       end
     end
   end

data/lib/hashid/rails/version.rb

@@ -1,5 +1,5 @@
 module Hashid
   module Rails
-    VERSION = "0.7.0".freeze
+    VERSION = "1.0.0".freeze
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hashid-rails
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Justin Cypret
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-02-16 00:00:00.000000000 Z
+date: 2017-04-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -56,16 +56,16 @@ dependencies:
   name: codeclimate-test-reporter
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.0.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.0.0
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -183,7 +183,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: Use Hashids in your Rails app models.