stashable_params 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b66faa23c911c926b57ec2d9876831fb80303358
-  data.tar.gz: 48c98837e0fb79bbe21daa86c756be7c65e2edc8
+  metadata.gz: fd420ee069f2aec597d5c05a30aa4b51c8b90ad5
+  data.tar.gz: 814338f879e9e5b06940473a127c388095622e63
 SHA512:
-  metadata.gz: 650c93def2ec34c9e4ce54df3e0f4c5918e4c963eeeec28d1cbb1b8e3f6961b96a7907c36efcf46181190de35f79fd41ac99f00ee458be53b4caa2059b0f06f9
-  data.tar.gz: 7952a00ecda522da8eba2287dea878a54f8a3c2f480866a0bc75abe2630184755c082a02961be1923327e7a7e792cede13bf74db94e0fb97c316c73ecf36c7dc
+  metadata.gz: c69ef02aea3a5971da39e285123e1dc8f516ebf81f0e14773c4c2a08460db8ceb09e1e4e79498b3ea8344100725458093f5b0a418bec82624c0c0375a8246e6d
+  data.tar.gz: 8d4ff4492d1ca34919e1e1c2f3a3ddf52a6a652b3e05898bb87a0028e511d76ac65cfbc824b1815e17fc5aeaf8b97dfb7500fdd109e5f86b12b075d9fbec46f7

data/README.md

@@ -1,6 +1,9 @@
 # StashableParams
 
-TODO: Write a gem description
+Easily store the current params hash  and access them when you need them. 
+
+Call `stash_params` in your controller to store the current params. Call
+`unstash_params` to retrieve the stashed params and access them from the params hash.
 
 ## Installation
 
@@ -18,7 +21,108 @@ Or install it yourself as:
 
 ## Usage
 
-TODO: Write usage instructions here
+`stashed_params` provides helper methods that allow you to stash and
+unstash parameters for later use. To have access to these methods in
+your controllers, include StashableParams in `app/controllers/application_controller.rb`:
+
+```ruby
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+  include StashableParams
+end
+```
+
+### Stashing and Unstashing Params
+
+Any controller that inherits from ApplicaitonController now has access
+to the `stash_params` and `unstash_params` helper methods. 
+
+Call `stash_params` to store the current params hash. Call
+`unstash_params` to retrieve the stashed params. After unstashing the
+params, they will be available as part of the current params hash.
+
+### Params Filter
+
+`stashable_params` provides a default filter for filtering out
+potentially sensitive parameter keys such as `:password` and
+`:password_confirmation`. These keys will not be stored when
+`stash_params` is called. The `:action` and `:controller` keys are also
+part of the default params filter.
+
+### Customizing the Params Filter
+
+If you do not wish to store specific parameter keys you can create a
+custom params filter. To do this, define a `params_filter` method that
+returns an array of keys you do not wish to store. NOTE: This will
+overwrite the default params filter of:
+
+`[:password, :password_confirmation, :action, :controller]`
+
+It is recommended that you also include these keys in your custom filter.
+
+```ruby 
+class ApplicationController < ActionController:Base
+  protect_from_forgery
+  include StashableParams
+  
+  def params_filter
+    [:my_sensitive_key, :password, :password_confirmation, :action, :controller]
+  end
+end
+```
+
+### Example Usage
+
+Here's an example of stashing params so we can ask a user to confirm
+their identity before creating a comment. 
+
+Our application requires that a user must confirm their identity before 
+a comment is created if they have not signed in within the last 24
+hours. So, if a user has signed in recently we create the comment. If
+not, we redirect them to the sign in page to confirm their identity and 
+redirect them back to the `new_comment_path` so they can resubmit their
+comment.
+
+We'll stash the params before the user gets redirected to the sign in
+page and unstash them when the user gets back to the `new_comment_path`
+so we can repopulate the comment fields and save the user from having to
+retype the fields.
+
+```ruby
+class CommentsController < ApplicationController
+
+  #...
+
+  def new
+    unstash_params
+    @comment = Comment.new(comment_params)
+  end
+  
+  def create
+    if user_not_signed_in_recently
+      stash_params
+      redirect_to sign_in_path  
+    end 
+    
+    @comment = Comment.new(comment_params)
+
+    # Code to save comment...
+  end
+
+  private
+
+  def comment_params
+    params.require(:comment).permit(:content) if params(:comment)
+  end 
+
+  #...
+
+end
+```
+
+Now, when our user gets redirected back to the new comment page the
+comment fields will be populated with the content the user previously
+submitted.
 
 ## Contributing
 

data/lib/stashable_params.rb

@@ -1,5 +1,27 @@
 require "stashable_params/version"
 
 module StashableParams
-  # Your code goes here...
+  def stash_params
+    session[:stashed_params] = filter_params(params, params_filter)
+  end
+
+  def unstash_params
+    params.merge!(session.delete(:stashed_params)) if session[:stashed_params]
+  end
+
+  def filter_params(hash, filter)
+    filtered_hash = hash
+    filtered_hash.each do |k, v|
+      if filter.include?(k) || filter.include?(k.to_sym)
+        filtered_hash.delete(k)
+      else
+        filter_params(v, filter) if v.is_a?(Hash)
+      end
+    end
+    filtered_hash
+  end
+
+  def params_filter
+    [:password, :password_confirmation, :action, :controller]
+  end
 end

data/lib/stashable_params/version.rb

@@ -1,3 +1,3 @@
 module StashableParams
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

data/stashable_params.gemspec

@@ -18,6 +18,10 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
+  spec.add_runtime_dependency 'rails', '~> 4.0.0'
+
   spec.add_development_dependency "bundler", "~> 1.3"
   spec.add_development_dependency "rake"
+  spec.add_development_dependency 'm'
+  spec.add_development_dependency 'byebug'
 end

data/test/controller_test.rb

@@ -0,0 +1,116 @@
+require 'test_helper'
+require 'byebug'
+
+class ApplicationController
+  class << self; attr_accessor :session end
+  attr_accessor :params
+
+  @@session = {}      # Mimics session available from all controllers in rails app
+
+  def initialize
+    @params  = {}     # Mimics params hash available within controllers in rails app
+  end
+
+  def session
+    # Gives easy access to the session to class instances
+    self.class.session
+  end
+
+  def self.session
+    @@session
+  end
+
+  def self.session=(hash)
+    @@session = hash
+  end
+end
+
+describe ApplicationController do
+  it 'has access to a session and params hash' do
+    ApplicationController.session.wont_equal nil
+    ApplicationController.new.params.wont_equal nil
+  end
+end
+
+class StashableController < ApplicationController
+  include StashableParams
+
+  def stash_params_action
+    stash_params
+  end
+
+  def unstash_params_action
+    unstash_params
+  end
+
+  def self.reset_default_params_filter
+    def params_filter
+      [:password, :password_confirmation, :action, :controller]
+    end
+  end
+end
+
+describe StashableController do
+  let(:params) { { normal_param_key: 'params',
+                   password: 'password',
+                   sensitive_param: 'dont save me!',
+                   nested_hash: { nested_key: "I'm nested!" } } }
+
+  let(:stashable_controller) { StashableController.new }
+
+  it 'can stash params' do
+    stashable_controller.params = params
+
+    stashable_controller.stash_params_action
+    ApplicationController.session[:stashed_params].must_equal params
+  end
+
+  it 'can unstash params' do
+    stashable_controller.params = params
+    stashable_controller.stash_params_action
+    stashable_controller.params.must_equal(params)
+    stashable_controller.params = {}
+    stashable_controller.params.must_equal({})
+
+    stashable_controller.unstash_params_action
+
+    ApplicationController.session[:stashed_params].must_equal {}
+    stashable_controller.params.must_equal(params)
+  end
+
+  it 'provides a default filter for filtering out sensitive params' do
+    stashable_controller.params = params
+    stashable_controller.stash_params_action
+
+    ApplicationController.session[:stashed_params].wont_include(:password)
+    ApplicationController.session[:stashed_params].must_include(:normal_param_key)
+  end
+
+  it 'can redefine the filter to omit additional params' do
+    class StashableController < ApplicationController
+      def params_filter
+        [:sensitive_param]
+      end
+    end
+
+    stashable_controller.params = params
+    stashable_controller.stash_params_action
+
+    ApplicationController.session[:stashed_params].wont_include(:sensitive_param)
+    StashableController.reset_default_params_filter
+  end
+
+  it 'filters nested parameter keys' do
+    class StashableController < ApplicationController
+      def params_filter
+        [:nested_key]
+      end
+    end
+
+    stashable_controller.params = params
+    stashable_controller.stash_params_action
+
+    ApplicationController.session[:stashed_params][:nested_hash].wont_include(:nested_key)
+    StashableController.reset_default_params_filter
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,3 @@
+require 'minitest/autorun'
+require 'minitest/pride'
+require 'stashable_params'

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: stashable_params
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Lin Reid
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-11-15 00:00:00.000000000 Z
+date: 2013-11-17 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.0.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -38,6 +52,34 @@ dependencies:
     - - '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: m
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Easily stash your params for later use.
 email:
 - linreid@gmail.com
@@ -53,6 +95,8 @@ files:
 - lib/stashable_params.rb
 - lib/stashable_params/version.rb
 - stashable_params.gemspec
+- test/controller_test.rb
+- test/test_helper.rb
 homepage: https://github.com/linstula/stashable_params
 licenses:
 - MIT
@@ -78,4 +122,6 @@ signing_key:
 specification_version: 4
 summary: stashable_params allows you temporarily stash params and unstash them when
   you need them.
-test_files: []
+test_files:
+- test/controller_test.rb
+- test/test_helper.rb