Skip to content

The active model where method should act as a normal parameterized scope #116

New issue
New issue
Closed
Closed
The active model where method should act as a normal parameterized scope#116
Labels
enhancementNew feature or requestgood first issueGood for newcomers
@catmando

Description

@catmando
catmando
opened on Jan 28, 2019

Currently returns nil if used on a AR class, and throws a non-related error if used on a scope.

THIS WAS THE ORIGINAL CONCLUSION BUT ITS INCORRECT SEE DISCUSSION:

The reasons we won't implement where is that it could be used to insecurely determine counts on data.
For example Customers.where(top_secret_attribute: true).count could be executed from the JS console to find the count of customers with the top_secret_attribute.

where should be implemented as a scope.

We will need to add scope called __hyperstack_internal_where_scope

class ActiveRecord::Base 
  scope __hyperstack_internal_where_scope, 
    ->(attrs) { where(attrs) }, # server side we just call where
    filter: ->(attrs) { !attrs.detect { |k, v| self[k] != v } # client side optimization
  def self.where(attrs) 
    __hyperstack_internal_where_scope(attrs)
  end if RUBY_ENGINE == 'opal'
end

On the client side we can add the class level where method to ActiveRecord::Base and which simpy calls the `__hyperstack_internal_where_scope.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestgood first issueGood for newcomers

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions