praxis 2.0.pre.33 → 2.0.pre.34

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9bdbabd51b8b6bb4a776ab4c728d36b3cf86f3b7a3423250e6658fa01653ba6a
-  data.tar.gz: e9edc1eacc8ebf67d8f8b5fdda19cb010b587f3e2d0319cbcdeec62908752d8b
+  metadata.gz: 907548a79ff385c164356d493d6ed808933534a37037d55fd3ffa446317c2e16
+  data.tar.gz: a1bc7931b86f65d6091a5ec835cc1b7ea7dafa21ac13a5cf8a0fcafdfd00ba3f
 SHA512:
-  metadata.gz: 174e74b7e4e55378edde0f623b4f2c49aa15409bfc64ae9f36aa8a0167794ed1c3b747331da5bdc66e672bcb58228cbaad89971689449d082d5080c009b7ad6c
-  data.tar.gz: c7574f73697e2067e6f338d1c19bdc6447ca24620ed49a1ff94882392c8df987cbc598624323ce3228330c27ce0dda7b4f0228b68a4ad18dbf6c37c995869e84
+  metadata.gz: df103d23ba77341af3586865c294e4681ab4d3d8dcb89f5b78dc2f29c56e4edc84b755195e35965a0193635b9726cbfcfe96e1d13ee26597b10bd7fdc13011f4
+  data.tar.gz: 927034f7434cd8a9e3f710d151d5fd04b92db0939d116c4951888c2c8837e8029db723e3c1aadd40efdb9930f05aada870c0c1291a07c126630c3d4c1784bcb4

data/.coveralls.yml

@@ -0,0 +1,2 @@
+# Coveralls recommends putting the token in the yaml file, for public repos
+repo_token: qkOZ802q2tAFRaxcRPreAYzm8WpaKMCRE

data/.gitignore

@@ -11,9 +11,4 @@ node_modules/
 *.css.map
 pkg
 
-lib/api_browser/node_modules/
-lib/api_browser/app/bower_components/
-lib/api_browser/.tmp/
-lib/api_browser/bower.json
-
 development.sqlite3

data/.travis.yml

@@ -1,9 +1,8 @@
-sudo: false
 language: ruby
+cache: bundler
 rvm:
-  - 2.6
   - 2.7
-  - 3.1 # Not available in TravisCI out of the box yet
+  - 3.1
 script:
   - bundle exec rspec spec
 branches:

data/Appraisals

@@ -1,11 +1,13 @@
-appraise "active-6" do
+# frozen_string_literal: true
+
+appraise 'active-6' do
   # Just for the query selector/filtering/ordering extensions etc...
   gem 'activerecord', '> 4', '< 7'
   gem 'sequel', '~> 5'
 end
-  
-appraise "active-7" do
+
+appraise 'active-7' do
   # Just for the query selector/filtering/ordering extensions etc...
   gem 'activerecord', '>=7'
   gem 'sequel', '~> 5'
-end
+end

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 # Praxis Changelog
 
 ## next
+
+## 2.0.pre.34
+- Allow filtering, ordering and pagination to freely use any attributes (potentially deep ones) when no block for the definition is provided. When continuing to define the allowed fields from within the block, those would still be enforced.
+- Added the ability to easily control the hiding/displayability of MediaType attributes in responses.
+  - it introduces a :displayable custom attribute that accepts an array of opaque strings, which can represent some sort of 'privileges' required to have for it to be renderable.
+  - the expander tooling now, will use such `display_attribute?` method to decide if a given attribute needs to be expanded/displayed or not.
+  - The glue to all this requires defining a `display_attribute?` method in the controllers (with takes an array of string opaque privileges), which needs to return true/false to decide if a given attribute is displayable or now. This method will commonly be connected to the `authz` pieces of your app, and would look at the assigned 'privileges' of the currently logged in 'principal', and simply lookup if the required set of privileges received in the method, fall within the currently assigned ones.
+- Cleanup in the OpenAPI generation for schemas, to more properly surface existing custom attributes into x-{name} attributes as well.
+
+## 2.0.pre.33
 - Better support for ordefing in newer versions of MySQL:
   * Some versions will complain on an invalid query if you use an ORDER BY component that does not have the corresponding SELECT field
 - Use the newest Attributor gem, which revamps and hardnens the struct/collection definion DSL, and provides much better error messages and safety. It also

data/Gemfile

@@ -1,14 +1,14 @@
 # frozen_string_literal: true
 
-source "https://rubygems.org"
+source 'https://rubygems.org'
 gemspec
 
-gem "rubocop"
+gem 'rubocop'
 
 group :test do
-  gem "builder"
+  gem 'builder'
 
-  gem "link_header"
-  gem "oj"
-  gem "parslet"
+  gem 'link_header'
+  gem 'oj'
+  gem 'parslet'
 end

data/gemfiles/active_6.gemfile

@@ -1,16 +1,18 @@
+# frozen_string_literal: true
+
 # This file was generated by Appraisal
 
-source "https://rubygems.org"
+source 'https://rubygems.org'
 
-gem "rubocop"
-gem "activerecord", "> 4", "< 7"
-gem "sequel", "~> 5"
+gem 'activerecord', '> 4', '< 7'
+gem 'rubocop'
+gem 'sequel', '~> 5'
 
 group :test do
-  gem "builder"
-  gem "link_header"
-  gem "oj"
-  gem "parslet"
+  gem 'builder'
+  gem 'link_header'
+  gem 'oj'
+  gem 'parslet'
 end
 
-gemspec path: "../"
+gemspec path: '../'

data/gemfiles/active_6.gemfile.lock

@@ -1,9 +1,9 @@
 PATH
   remote: ..
   specs:
-    praxis (2.0.pre.32)
+    praxis (2.0.pre.34)
       activesupport (>= 3)
-      attributor (>= 6.5)
+      attributor (>= 7.1)
       mime (~> 0)
       mustermann (>= 1.1)
       rack (>= 1)
@@ -29,7 +29,7 @@ GEM
       rake
       thor (>= 0.14.0)
     ast (2.4.2)
-    attributor (6.5)
+    attributor (7.1)
       activesupport (>= 3)
       hashie (~> 3)
       randexp (~> 0)
@@ -39,12 +39,11 @@ GEM
     byebug (11.1.3)
     coderay (1.1.3)
     concurrent-ruby (1.2.2)
-    coveralls (0.8.23)
-      json (>= 1.8, < 3)
-      simplecov (~> 0.16.1)
-      term-ansicolor (~> 1.3)
-      thor (>= 0.19.4, < 2.0)
-      tins (~> 1.6)
+    coveralls_reborn (0.27.0)
+      simplecov (~> 0.22.0)
+      term-ansicolor (~> 1.7)
+      thor (~> 1.2)
+      tins (~> 1.32)
     debug_inspector (1.1.0)
     diff-lcs (1.5.0)
     docile (1.4.0)
@@ -82,6 +81,7 @@ GEM
     lumberjack (1.2.8)
     method_source (1.0.0)
     mime (0.4.4)
+    mini_portile2 (2.8.2)
     minitest (5.18.0)
     mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
@@ -148,18 +148,22 @@ GEM
     ruby2_keywords (0.0.5)
     sequel (5.55.0)
     shellany (0.0.1)
-    simplecov (0.16.1)
+    simplecov (0.22.0)
       docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.4)
+    sqlite3 (1.6.1)
+      mini_portile2 (~> 2.8.0)
     sqlite3 (1.6.1-x86_64-darwin)
+    sqlite3 (1.6.1-x86_64-linux)
     sync (0.5.0)
     term-ansicolor (1.7.1)
       tins (~> 1.0)
     terminal-table (1.6.0)
     thor (1.2.2)
-    tins (1.31.0)
+    tins (1.32.1)
       sync
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
@@ -167,14 +171,16 @@ GEM
     zeitwerk (2.6.8)
 
 PLATFORMS
+  ruby
   x86_64-darwin-20
+  x86_64-linux
 
 DEPENDENCIES
   activerecord (> 4, < 7)
   appraisal
   builder
   bundler
-  coveralls
+  coveralls_reborn (~> 0.27.0)
   fuubar (~> 2)
   guard (~> 2)
   guard-bundler (~> 2)

data/gemfiles/active_7.gemfile

@@ -1,16 +1,18 @@
+# frozen_string_literal: true
+
 # This file was generated by Appraisal
 
-source "https://rubygems.org"
+source 'https://rubygems.org'
 
-gem "rubocop"
-gem "activerecord", ">=7"
-gem "sequel", "~> 5"
+gem 'activerecord', '>=7'
+gem 'rubocop'
+gem 'sequel', '~> 5'
 
 group :test do
-  gem "builder"
-  gem "link_header"
-  gem "oj"
-  gem "parslet"
+  gem 'builder'
+  gem 'link_header'
+  gem 'oj'
+  gem 'parslet'
 end
 
-gemspec path: "../"
+gemspec path: '../'

data/gemfiles/active_7.gemfile.lock

@@ -1,9 +1,9 @@
 PATH
   remote: ..
   specs:
-    praxis (2.0.pre.32)
+    praxis (2.0.pre.34)
       activesupport (>= 3)
-      attributor (>= 6.5)
+      attributor (>= 7.1)
       mime (~> 0)
       mustermann (>= 1.1)
       rack (>= 1)
@@ -28,7 +28,7 @@ GEM
       rake
       thor (>= 0.14.0)
     ast (2.4.2)
-    attributor (6.5)
+    attributor (7.1)
       activesupport (>= 3)
       hashie (~> 3)
       randexp (~> 0)
@@ -38,12 +38,11 @@ GEM
     byebug (11.1.3)
     coderay (1.1.3)
     concurrent-ruby (1.2.2)
-    coveralls (0.8.23)
-      json (>= 1.8, < 3)
-      simplecov (~> 0.16.1)
-      term-ansicolor (~> 1.3)
-      thor (>= 0.19.4, < 2.0)
-      tins (~> 1.6)
+    coveralls_reborn (0.27.0)
+      simplecov (~> 0.22.0)
+      term-ansicolor (~> 1.7)
+      thor (~> 1.2)
+      tins (~> 1.32)
     debug_inspector (1.1.0)
     diff-lcs (1.5.0)
     docile (1.4.0)
@@ -81,6 +80,7 @@ GEM
     lumberjack (1.2.8)
     method_source (1.0.0)
     mime (0.4.4)
+    mini_portile2 (2.8.2)
     minitest (5.18.0)
     mustermann (3.0.0)
       ruby2_keywords (~> 0.0.1)
@@ -147,32 +147,38 @@ GEM
     ruby2_keywords (0.0.5)
     sequel (5.55.0)
     shellany (0.0.1)
-    simplecov (0.16.1)
+    simplecov (0.22.0)
       docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.4)
+    sqlite3 (1.6.1)
+      mini_portile2 (~> 2.8.0)
     sqlite3 (1.6.1-x86_64-darwin)
+    sqlite3 (1.6.1-x86_64-linux)
     sync (0.5.0)
     term-ansicolor (1.7.1)
       tins (~> 1.0)
     terminal-table (1.6.0)
     thor (1.2.2)
-    tins (1.31.0)
+    tins (1.32.1)
       sync
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.4.2)
 
 PLATFORMS
+  ruby
   x86_64-darwin-20
+  x86_64-linux
 
 DEPENDENCIES
   activerecord (>= 7)
   appraisal
   builder
   bundler
-  coveralls
+  coveralls_reborn (~> 0.27.0)
   fuubar (~> 2)
   guard (~> 2)
   guard-bundler (~> 2)

data/lib/praxis/application.rb

@@ -5,6 +5,9 @@ require 'mustermann'
 require 'logger'
 
 module Praxis
+  # Setup the option early, since things like MediaTypes and EndpointDefinitions might need it
+  Attributor::Attribute.custom_option :displayable, Types::SplattableStringArray.of(String)
+
   class Application
     include Singleton
 

data/lib/praxis/blueprint.rb

@@ -11,7 +11,7 @@ module Praxis
       # It takes the name of the group, and passes the attributes block that needs to be a subset of the MediaType where the group resides
       def group(name, **options, &block)
         # Pass the reference to the target type by default. But allow overriding it if needed
-        attribute(name, Praxis::BlueprintAttributeGroup.for(target), **{reference: target}.merge(options), &block)
+        attribute(name, Praxis::BlueprintAttributeGroup.for(target), **{ reference: target }.merge(options), &block)
       end
     end
 
@@ -284,6 +284,7 @@ module Praxis
       attributes.each do |name, attr|
         the_type = attr.type < Attributor::Collection ? attr.type.member_type : attr.type
         next if the_type < Blueprint
+
         # TODO: Allow groups in the default fieldset?? or perhaps better to make people explicitly define them?
         # next if (the_type < Blueprint && !(the_type < BlueprintAttributeGroup))
 

data/lib/praxis/docs/open_api/paths_object.rb

@@ -32,7 +32,7 @@ module Praxis
           id = resource.id
           # fill in the paths hash with a key for each path for each action/route
           resource.actions.each do |action_name, action|
-            params_example = action.params ? action.params.example(nil) : nil
+            params_example = action.params&.example(nil)
             url = ActionDefinition.url_description(route: action.route, params: action.params, params_example: params_example)
 
             verb = url[:verb].downcase

data/lib/praxis/docs/open_api/schema_object.rb

@@ -5,68 +5,79 @@ module Praxis
     module OpenApi
       class SchemaObject
         # https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.2.md#schema-object
-        attr_reader :type
+        attr_reader :type, :attribute
 
         def initialize(info:)
-          @attribute_options = {}
-
           # info could be an attribute ... or a type
+          # We will always try to work with the attribute if it is there, otherwise, we'll use type underneath
           if info.is_a?(Attributor::Attribute)
             @type = info.type
-            # Save the options that might be attached to the attribute, to add them to the type schema later
-            @attribute_options = info.options
+            @attribute = info
           else
             @type = info
           end
 
-          # Mediatypes have the description method, lower types don't
-          @attribute_options[:description] = @type.description if @type.respond_to?(:description)
           @collection = type.respond_to?(:member_type)
         end
 
         def dump_example
-          ex = type.example
+          ex = (attribute || type).example
           ex.respond_to?(:dump) ? ex.dump : ex
         end
 
         def dump_schema(shallow: false, allow_ref: false)
+          important_options = %i[description null]
+          # Compile all options from the underlying tye and attribute (if any), translating them
+          # to OpenAPI schema options with the x- prefix for our custom ones
+          base_options = _slice_options(type, important_options)
+          base_options.merge! _slice_options(type, Attributor::Attribute.custom_options, prefix: 'x')
+          if attribute
+            base_options.merge! _slice_options(attribute, important_options, prefix: 'x')
+            base_options.merge! _slice_options(attribute, Attributor::Attribute.custom_options, prefix: 'x')
+          end
+          # Tag on OpenAPI specific requirements that aren't already added in the underlying JSON schema model
+          # Nullable: (it seems we need to ensure there is a null option to the enum, if there is one)
+          base_options[:nullable] = !base_options.delete(:null).nil? if base_options.key?(:null)
+
           # We will dump schemas for mediatypes by simply creating a reference to the components' section
           if type < Attributor::Container && !(type < Praxis::Types::MultipartArray)
             if (type < Praxis::Blueprint || type < Attributor::Model) && allow_ref && !type.anonymous?
-              # TODO: Technically OpenAPI/JSON schema support passing a description when pointing to a $ref (to override it)
+              # NOTE: Technically OpenAPI/JSON schema support passing a description when pointing to a $ref (to override it)
               # However, it seems that UI browsers like redoc or elements have bugs where if that's done, they get into a loop and crash
               # so for now, we're gonna avoid overriding the description until that is solved
-              # h = @attribute_options[:description] ? { 'description' => @attribute_options[:description] } : {}
-              h = {}
+              base_options.delete(:description)
               Praxis::Docs::OpenApiGenerator.instance.register_seen_component(type)
-              h.merge!('$ref' => "#/components/schemas/#{type.id}")
+              base_options.merge!('$ref' => "#/components/schemas/#{type.id}")
             elsif @collection
               items = OpenApi::SchemaObject.new(info: type.member_type).dump_schema(allow_ref: allow_ref, shallow: false)
-              h = @attribute_options[:description] ? { 'description' => @attribute_options[:description] } : {}
-              h.merge!(type: 'array', items: items)
+              base_options.merge!(type: 'array', items: items)
             else # Attributor::Struct, etc
-              required_attributes = (type.describe[:requirements] || []).filter { |r| r[:type] == :all }.map { |r| r[:attributes] }.flatten.compact.uniq
-              props = type.attributes.transform_values do |definition|
-                # if type has an attribute in its requirements all, then it should be marked as required here
+              # Requirements are reported at the outter schema layer, we we need to gather them from the description here
+              reqs = type < Praxis::Blueprint ? type.attribute.type.requirements : type.requirements
+              # Full requirements specified at the struct level that apply to all are considered required attributes
+              required_attributes = (reqs || []).filter { |r| r.type == :all }.map(&:attr_names).flatten.compact
+              # Also, if any inner attribute has the required: true option, that, obviously means required as well
+              sub_attributes = (attribute || type).attributes
+              direct_required = sub_attributes ? sub_attributes.select { |_, a| a.options[:required] == true }.keys : []
+              required_attributes.concat(direct_required)
+              required_attributes.uniq!
+              props = sub_attributes.transform_values do |definition|
                 OpenApi::SchemaObject.new(info: definition).dump_schema(allow_ref: true, shallow: shallow)
               end
-              h = { type: :object }
-              h[:properties] = props if props.presence
-              h[:required] = required_attributes unless required_attributes.empty?
+
+              base_options.merge!(type: :object)
+              base_options[:properties] = props if props.presence
+              base_options[:required] = required_attributes unless required_attributes.empty?
             end
           else
+            desc = (attribute || type).as_json_schema(shallow: shallow, example: nil)
             # OpenApi::SchemaObject.new(info:target).dump_schema(allow_ref: allow_ref, shallow: shallow)
             # TODO...we need to make sure we can use refs in the underlying components after the first level...
             # ... maybe we need to loop over the attributes if it's an object/struct?...
-            h = type.as_json_schema(shallow: shallow, example: nil, attribute_options: @attribute_options)
+            base_options.merge!(desc)
           end
 
-          # Tag on OpenAPI specific requirements that aren't already added in the underlying JSON schema model
-          # Nullable: (it seems we need to ensure there is a null option to the enum, if there is one)
-          is_nullable = @attribute_options[:null]
-          h[:nullable] = true if is_nullable
-          h
-
+          base_options
           # # TODO: FIXME: return a generic object type if the passed info was weird.
           # return { type: :object } unless info
 
@@ -116,6 +127,16 @@ module Praxis
             raise "Unknown praxis family type: #{praxis_type[:family]}"
           end
         end
+
+        def _slice_options(object, names, prefix: nil)
+          subset = object.options.slice(*names)
+          return subset if prefix.nil?
+
+          subset.transform_keys do |key|
+            "#{prefix}-#{key}".to_sym
+          end
+          subset
+        end
       end
     end
   end

data/lib/praxis/docs/open_api_generator.rb

@@ -110,13 +110,13 @@ module Praxis
         info_object = OpenApi::InfoObject.new(version: version, api_definition_info: @infos[version])
         # We only support a server in Praxis ... so we'll use the base path
         server_params = {}
-        if(server_info = @infos[version].server)
+        if (server_info = @infos[version].server)
           server_params[:url] = server_info[:url]
           server_params[:variables] = server_info[:variables] if server_info[:variables]
+          server_params[:description] = server_info[:description] if server_info[:description]
         else
           server_params[:url] = @infos[version].base_path
         end
-        server_params[:description] = server_info[:description] if server_info[:description]
         server_object = OpenApi::ServerObject.new(**server_params)
 
         paths_object = OpenApi::PathsObject.new(resources: resources_by_version[version])
@@ -163,18 +163,18 @@ module Praxis
         if (version_with = @infos[version].version_with)
           common_params = {}
           if version_with.include?(:header)
-            common_params['ApiVersionHeader'] = { 
+            common_params['ApiVersionHeader'] = {
               in: 'header',
               name: 'X-Api-Version',
-              schema: { type: 'string', enum: [version]},
+              schema: { type: 'string', enum: [version] },
               required: version_with.size == 1
             }
           end
           if version_with.include?(:params)
-            common_params['ApiVersionParam'] = { 
+            common_params['ApiVersionParam'] = {
               in: :query,
               name: 'api_version',
-              schema: { type: 'string', enum: [version]},
+              schema: { type: 'string', enum: [version] },
               required: version_with.size == 1
             }
           end

data/lib/praxis/extensions/attribute_filtering/active_record_filter_query_builder.rb

@@ -86,7 +86,6 @@ module Praxis
             )
           end
 
-          
           if @active_record_version < Gem::Version.new('6')
             # ActiveRecord < 6 does not support '.and' so no nested things can be done
             # But we can still support the case of 1+ flat conditions of the same AND/OR type

data/lib/praxis/extensions/attribute_filtering/active_record_patches.rb

@@ -9,4 +9,4 @@ elsif ActiveRecord.gem_version < Gem::Version.new('6.1')
 else
   # As of 7.0.4 our 6.1-plus patches still work
   require_relative 'active_record_patches/6_1_plus'
-end
+end

data/lib/praxis/extensions/attribute_filtering/filtering_params.rb

@@ -229,6 +229,11 @@ module Praxis
         end
 
         def validate(_context = Attributor::DEFAULT_ROOT_CONTEXT)
+          # Treat a blank block definition for the filters, as a way to allow any valid filter, on any operator and fuz
+          # Obviously, the filter names need to be valid, but that's checked below.
+          # Also, in some circumstances, you'd need to make sure there is a filters_map entry for the ones that aren't directly translatable to query associations/columns
+          return [] if allowed_filters.blank? && allowed_leaves.blank?
+
           parsed_array.each_with_object([]) do |item, errors|
             attr_name = item[:name]
             attr_filters = allowed_filters[attr_name]

data/lib/praxis/extensions/field_expansion.rb

@@ -10,17 +10,20 @@ module Praxis
       end
 
       def expanded_fields
-        @expanded_fields ||= request.action.expanded_fields(request, media_type)
+        @expanded_fields ||=
+          begin
+            expansion_filter = respond_to?(:display_attribute?) ? method(:display_attribute?) : nil
+            request.action.expanded_fields(request, media_type, expansion_filter)
+          end
       end
 
       module ActionDefinitionExtension
         extend ActiveSupport::Concern
 
-        def expanded_fields(request, media_type)
+        def expanded_fields(request, media_type, expansion_filter)
           uses_fields = params&.attributes&.key?(:fields)
           fields = uses_fields ? request.params.fields.fields : true
-
-          Praxis::FieldExpander.expand(media_type, fields)
+          Praxis::FieldExpander.expand(media_type, fields, expansion_filter)
         end
       end
     end

data/lib/praxis/extensions/pagination/ordering_params.rb

@@ -91,10 +91,6 @@ module Praxis
 
             ::Class.new(self) do
               @media_type = media_type
-              if media_type
-                # By default all fields in the mediatype are allowed (but defining a DSL block will override it to more specific ones)
-                @fields_allowed = media_type.attributes.keys
-              end
               # Default is to only enforce the allowed fields in the first ordering position (the one typicall uses an index if there)
               @enforce_all = OrderingParams.enforce_all_fields
             end

data/lib/praxis/field_expander.rb

@@ -2,19 +2,27 @@
 
 module Praxis
   class FieldExpander
-    def self.expand(object, fields = true)
-      new.expand(object, fields)
+    def self.expand(object, fields = true, displayable_filter = nil)
+      # check the displayability of the whole type/attr object at the top as well, not just the inner ones
+      if (privs = object.options[:displayable])
+        raise 'Attempting to expand fields for a type that uses :displayable, but the system (or at least this controller) does not have a displayable_filter setup.' unless privs && displayable_filter
+        return {} unless displayable_filter.call(Array(privs))
+
+      end
+      new(displayable_filter: displayable_filter).expand(object, fields)
     end
 
     attr_reader :stack, :history
 
-    def initialize
+    # displayable_filter is a proc that takes a set of strings (representing privileges of sort) and returns true if it should be displayed
+    def initialize(displayable_filter: nil)
       @stack = Hash.new do |hash, key|
         hash[key] = Set.new
       end
       @history = Hash.new do |hash, key|
         hash[key] = {}
       end
+      @displayable_filter = displayable_filter
     end
 
     def expand(object, fields = true)
@@ -50,6 +58,13 @@ module Praxis
       end
 
       attributes.each_with_object({}) do |(name, dumpable), hash|
+        # Filter out attributes that are not displayable (if a filter is provided and there is a displayable option)
+        if (privs = dumpable.options[:displayable])
+          raise "Found field named #{name} using :displayable, but the system (or at least this controller) does not have a displayable_filter setup." unless privs && @displayable_filter
+          next unless @displayable_filter.call(Array(privs))
+
+        end
+
         sub_fields = case fields
                      when true
                        true