hashids_rails 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: a6f816fd46fbdcbf46b824d167babaf47344400d
+  data.tar.gz: 07770d6eaf85ebcc91b178865f78b783787d339b
+SHA512:
+  metadata.gz: 42dfc9b0eabe366a2dcb1b4ed1e416db39453c7e253c4b3fa26271233ddf9c176e28f0a92664973f2ba8aa0edd5c874efdb2f367a4e924813fb1714780b47850
+  data.tar.gz: 57d6233252efb45e33a4459b5b94e14bc427b931ff331ec5295388c6de8a99fd90647557c9fa12c1894a27a73ad393b7f4b9cf0e8a962f0d75069226c3ae410c

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2015 Brian Petro
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,33 @@
+= hashids_rails gem
+Use hashids.rb(https://github.com/peterhellberg/hashids.rb) to store ActiveRecord IDs in URL non-obviously. Heavily based on obfuscate_id(https://github.com/namick/obfuscate_id).
+
+== Installation
+Add the gem to your Gemfile.
+
+  gem 'hashids_rails'
+
+Run bundler.
+
+  bundle install
+
+== Usage
+In your model, add a single line.
+
+  class Post < ActiveRecord::Base
+    hash_id
+  end
+
+== Customization
+If you want your hash ids to be different than some other website using the same plugin, you can throw a random string (salt) at hash_id to make it hash out unique ids for your app.
+
+  class Post < ActiveRecord::Base
+    hash_id salt: 'bring_your_own_salt'
+  end
+
+== Limitations
+* This is not security. hashids_rails was created to lightly mask record id numbers for the casual user. If you need to really secure your database ids (hint, you probably don't), you need to use real encryption like AES.
+* To properly generate obfuscated urls(using hash_ids), make sure you trigger the model's to_param method by passing in the whole object rather than just the id; do this: post_path(@post) not this: post_path(@post.id).
+
+== Contributing
+=== TODO
+* write tests

data/Rakefile

@@ -0,0 +1,34 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'HashidsRails'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+
+
+
+
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/lib/hashids_rails/version.rb

@@ -0,0 +1,3 @@
+module HashidsRails
+  VERSION = "0.0.1"
+end

data/lib/hashids_rails.rb

@@ -0,0 +1,83 @@
+module HashidsRails
+  # based on obfuscate_id by namick
+  # ref: https://github.com/namick/obfuscate_id
+  def hash_id(options = {})
+    require 'hashids'
+    extend ClassMethods
+    include InstanceMethods
+    cattr_accessor :hash_salt
+    self.hash_salt = (options[:salt] || default_salt)
+  end
+
+  def self.hide(id, salt)
+    hashids = Hashids.new(salt, 3)
+    hashids.encode id
+  end
+
+  def self.show(id, salt)
+    hashids = Hashids.new(salt, 3)
+    hashids.decode id
+  end
+
+  module ClassMethods
+    def find(*args)
+      scope = args.slice!(0)
+      options = args.slice!(0) || {}
+      if has_hashed_id? && !options[:no_hashed_id]
+        if scope.is_a?(Array)
+          scope.map! {|a| dehash_id(a).to_i}
+        else
+          scope = dehash_id(scope)
+        end
+      end
+      super(scope)
+    end
+
+    def has_hashed_id?
+      true
+    end
+
+    def dehash_id(hashed_id)
+      HashidsRails.show(hashed_id, self.hash_salt)
+    end
+
+    # Generate a default salt from the Model name
+    # This makes it easy to drop hashids onto any model
+    # and produce different hashes for different models
+    def default_salt
+      name
+    end
+  end
+
+  module InstanceMethods
+    def to_param
+      HashidsRails.hide(self.id, self.class.hash_salt)
+    end
+
+    # Override ActiveRecord::Persistence#reload
+    # passing in an options flag with { no_hashed_id: true }
+    def reload(options = nil)
+      options = (options || {}).merge(no_hashed_id: true)
+
+      clear_aggregation_cache
+      clear_association_cache
+
+      fresh_object =
+        if options && options[:lock]
+          self.class.unscoped { self.class.lock(options[:lock]).find(id, options) }
+        else
+          self.class.unscoped { self.class.find(id, options) }
+        end
+
+      @attributes = fresh_object.instance_variable_get('@attributes')
+      @new_record = false
+      self
+    end
+
+    def dehash_id(hashed_id)
+      self.class.dehash_id(hashed_id)
+    end
+  end
+end
+
+ActiveRecord::Base.extend HashidsRails

data/test/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/test/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Rails.application.load_tasks

data/test/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/test/dummy/app/assets/javascripts/comments.js

@@ -0,0 +1,2 @@
+// Place all the behaviors and hooks related to the matching controller here.
+// All this logic will automatically be available in application.js.

data/test/dummy/app/assets/javascripts/posts.js

@@ -0,0 +1,2 @@
+// Place all the behaviors and hooks related to the matching controller here.
+// All this logic will automatically be available in application.js.

data/test/dummy/app/assets/javascripts/users.js

@@ -0,0 +1,2 @@
+// Place all the behaviors and hooks related to the matching controller here.
+// All this logic will automatically be available in application.js.

data/test/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any styles
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
+ * file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/test/dummy/app/assets/stylesheets/comments.css

@@ -0,0 +1,4 @@
+/*
+  Place all the styles related to the matching controller here.
+  They will automatically be included in application.css.
+*/

data/test/dummy/app/assets/stylesheets/posts.css

@@ -0,0 +1,4 @@
+/*
+  Place all the styles related to the matching controller here.
+  They will automatically be included in application.css.
+*/

data/test/dummy/app/assets/stylesheets/scaffold.css

@@ -0,0 +1,56 @@
+body { background-color: #fff; color: #333; }
+
+body, p, ol, ul, td {
+  font-family: verdana, arial, helvetica, sans-serif;
+  font-size:   13px;
+  line-height: 18px;
+}
+
+pre {
+  background-color: #eee;
+  padding: 10px;
+  font-size: 11px;
+}
+
+a { color: #000; }
+a:visited { color: #666; }
+a:hover { color: #fff; background-color:#000; }
+
+div.field, div.actions {
+  margin-bottom: 10px;
+}
+
+#notice {
+  color: green;
+}
+
+.field_with_errors {
+  padding: 2px;
+  background-color: red;
+  display: table;
+}
+
+#error_explanation {
+  width: 450px;
+  border: 2px solid red;
+  padding: 7px;
+  padding-bottom: 0;
+  margin-bottom: 20px;
+  background-color: #f0f0f0;
+}
+
+#error_explanation h2 {
+  text-align: left;
+  font-weight: bold;
+  padding: 5px 5px 5px 15px;
+  font-size: 12px;
+  margin: -7px;
+  margin-bottom: 0px;
+  background-color: #c00;
+  color: #fff;
+}
+
+#error_explanation ul li {
+  font-size: 12px;
+  list-style: square;
+}

data/test/dummy/app/assets/stylesheets/users.css

@@ -0,0 +1,4 @@
+/*
+  Place all the styles related to the matching controller here.
+  They will automatically be included in application.css.
+*/

data/test/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+end

data/test/dummy/app/controllers/comments_controller.rb

@@ -0,0 +1,58 @@
+class CommentsController < ApplicationController
+  before_action :set_comment, only: [:show, :edit, :update, :destroy]
+
+  # GET /comments
+  def index
+    @comments = Comment.all
+  end
+
+  # GET /comments/1
+  def show
+  end
+
+  # GET /comments/new
+  def new
+    @comment = Comment.new
+  end
+
+  # GET /comments/1/edit
+  def edit
+  end
+
+  # POST /comments
+  def create
+    @comment = Comment.new(comment_params)
+
+    if @comment.save
+      redirect_to @comment, notice: 'Comment was successfully created.'
+    else
+      render :new
+    end
+  end
+
+  # PATCH/PUT /comments/1
+  def update
+    if @comment.update(comment_params)
+      redirect_to @comment, notice: 'Comment was successfully updated.'
+    else
+      render :edit
+    end
+  end
+
+  # DELETE /comments/1
+  def destroy
+    @comment.destroy
+    redirect_to comments_url, notice: 'Comment was successfully destroyed.'
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_comment
+      @comment = Comment.find(params[:id])
+    end
+
+    # Only allow a trusted parameter "white list" through.
+    def comment_params
+      params.require(:comment).permit(:content, :post_id)
+    end
+end

data/test/dummy/app/controllers/posts_controller.rb

@@ -0,0 +1,58 @@
+class PostsController < ApplicationController
+  before_action :set_post, only: [:show, :edit, :update, :destroy]
+
+  # GET /posts
+  def index
+    @posts = Post.all
+  end
+
+  # GET /posts/1
+  def show
+  end
+
+  # GET /posts/new
+  def new
+    @post = Post.new
+  end
+
+  # GET /posts/1/edit
+  def edit
+  end
+
+  # POST /posts
+  def create
+    @post = Post.new(post_params)
+
+    if @post.save
+      redirect_to @post, notice: 'Post was successfully created.'
+    else
+      render :new
+    end
+  end
+
+  # PATCH/PUT /posts/1
+  def update
+    if @post.update(post_params)
+      redirect_to @post, notice: 'Post was successfully updated.'
+    else
+      render :edit
+    end
+  end
+
+  # DELETE /posts/1
+  def destroy
+    @post.destroy
+    redirect_to posts_url, notice: 'Post was successfully destroyed.'
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_post
+      @post = Post.find(params[:id])
+    end
+
+    # Only allow a trusted parameter "white list" through.
+    def post_params
+      params.require(:post).permit(:content)
+    end
+end

data/test/dummy/app/controllers/users_controller.rb

@@ -0,0 +1,58 @@
+class UsersController < ApplicationController
+  before_action :set_user, only: [:show, :edit, :update, :destroy]
+
+  # GET /users
+  def index
+    @users = User.all
+  end
+
+  # GET /users/1
+  def show
+  end
+
+  # GET /users/new
+  def new
+    @user = User.new
+  end
+
+  # GET /users/1/edit
+  def edit
+  end
+
+  # POST /users
+  def create
+    @user = User.new(user_params)
+
+    if @user.save
+      redirect_to @user, notice: 'User was successfully created.'
+    else
+      render :new
+    end
+  end
+
+  # PATCH/PUT /users/1
+  def update
+    if @user.update(user_params)
+      redirect_to @user, notice: 'User was successfully updated.'
+    else
+      render :edit
+    end
+  end
+
+  # DELETE /users/1
+  def destroy
+    @user.destroy
+    redirect_to users_url, notice: 'User was successfully destroyed.'
+  end
+
+  private
+    # Use callbacks to share common setup or constraints between actions.
+    def set_user
+      @user = User.find(params[:id])
+    end
+
+    # Only allow a trusted parameter "white list" through.
+    def user_params
+      params.require(:user).permit(:name)
+    end
+end

data/test/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/test/dummy/app/helpers/comments_helper.rb

@@ -0,0 +1,2 @@
+module CommentsHelper
+end

data/test/dummy/app/helpers/posts_helper.rb

@@ -0,0 +1,2 @@
+module PostsHelper
+end

data/test/dummy/app/helpers/users_helper.rb

@@ -0,0 +1,2 @@
+module UsersHelper
+end

data/test/dummy/app/models/comment.rb

@@ -0,0 +1,2 @@
+class Comment < ActiveRecord::Base
+end

data/test/dummy/app/models/post.rb

@@ -0,0 +1,2 @@
+class Post < ActiveRecord::Base
+end

data/test/dummy/app/models/user.rb

@@ -0,0 +1,2 @@
+class User < ActiveRecord::Base
+end

data/test/dummy/app/views/comments/_form.html.erb

@@ -0,0 +1,25 @@
+<%= form_for(@comment) do |f| %>
+  <% if @comment.errors.any? %>
+    <div id="error_explanation">
+      <h2><%= pluralize(@comment.errors.count, "error") %> prohibited this comment from being saved:</h2>
+
+      <ul>
+      <% @comment.errors.full_messages.each do |message| %>
+        <li><%= message %></li>
+      <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="field">
+    <%= f.label :content %><br>
+    <%= f.text_field :content %>
+  </div>
+  <div class="field">
+    <%= f.label :post_id %><br>
+    <%= f.number_field :post_id %>
+  </div>
+  <div class="actions">
+    <%= f.submit %>
+  </div>
+<% end %>

data/test/dummy/app/views/comments/edit.html.erb

@@ -0,0 +1,6 @@
+<h1>Editing Comment</h1>
+
+<%= render 'form' %>
+
+<%= link_to 'Show', @comment %> |
+<%= link_to 'Back', comments_path %>

data/test/dummy/app/views/comments/index.html.erb

@@ -0,0 +1,29 @@
+<p id="notice"><%= notice %></p>
+
+<h1>Listing Comments</h1>
+
+<table>
+  <thead>
+    <tr>
+      <th>Content</th>
+      <th>Post</th>
+      <th colspan="3"></th>
+    </tr>
+  </thead>
+
+  <tbody>
+    <% @comments.each do |comment| %>
+      <tr>
+        <td><%= comment.content %></td>
+        <td><%= comment.post_id %></td>
+        <td><%= link_to 'Show', comment %></td>
+        <td><%= link_to 'Edit', edit_comment_path(comment) %></td>
+        <td><%= link_to 'Destroy', comment, method: :delete, data: { confirm: 'Are you sure?' } %></td>
+      </tr>
+    <% end %>
+  </tbody>
+</table>
+
+<br>
+
+<%= link_to 'New Comment', new_comment_path %>

data/test/dummy/app/views/comments/new.html.erb

@@ -0,0 +1,5 @@
+<h1>New Comment</h1>
+
+<%= render 'form' %>
+
+<%= link_to 'Back', comments_path %>

data/test/dummy/app/views/comments/show.html.erb

@@ -0,0 +1,14 @@
+<p id="notice"><%= notice %></p>
+
+<p>
+  <strong>Content:</strong>
+  <%= @comment.content %>
+</p>
+
+<p>
+  <strong>Post:</strong>
+  <%= @comment.post_id %>
+</p>
+
+<%= link_to 'Edit', edit_comment_path(@comment) %> |
+<%= link_to 'Back', comments_path %>

data/test/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= stylesheet_link_tag    'application', media: 'all', 'data-turbolinks-track' => true %>
+  <%= javascript_include_tag 'application', 'data-turbolinks-track' => true %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/test/dummy/app/views/posts/_form.html.erb

@@ -0,0 +1,21 @@
+<%= form_for(@post) do |f| %>
+  <% if @post.errors.any? %>
+    <div id="error_explanation">
+      <h2><%= pluralize(@post.errors.count, "error") %> prohibited this post from being saved:</h2>
+
+      <ul>
+      <% @post.errors.full_messages.each do |message| %>
+        <li><%= message %></li>
+      <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="field">
+    <%= f.label :content %><br>
+    <%= f.text_field :content %>
+  </div>
+  <div class="actions">
+    <%= f.submit %>
+  </div>
+<% end %>