module HasPresentationData
NOTE: `presentation_data` gets overwritten every time presentation_yaml is saved.
SECURITY NOTE: Use YAML.safe_load() instead of YAML.load(). This will prevent any
unwanted security vulnerabilities. http://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ http://www.ruby-doc.org/stdlib-2.1.2/libdoc/psych/rdoc/Psych.html#method-c-safe_load
Public Instance Methods
conditionally_sync_schema()
click to toggle source
# File lib/buweb/concerns/has_presentation_data.rb, line 45 def conditionally_sync_schema sync_schema if keep_in_sync end
is_valid_yaml?()
click to toggle source
# File lib/buweb/concerns/has_presentation_data.rb, line 96 def is_valid_yaml? begin # only validate if presentation_yaml has content and that content has changed if presentation_yaml.present? && presentation_yaml_changed? data = YAML.safe_load(presentation_yaml) # this will throw an error if YAML is invalid raise 'invalid YAML' if data.present? && !data.is_a?(Hash) end rescue self.errors.add(:presentation_yaml, "is not valid YAML") end end
presentation_data=(hash)
click to toggle source
# File lib/buweb/concerns/has_presentation_data.rb, line 49 def presentation_data=(hash) if hash.is_a? Hash # TODO: convert hash arrays into real arrays before saving. write_attribute :presentation_data, hash else # TODO: Maybe we should just throw an error here. write_attribute :presentation_data, {} end end
presentation_data_json()
click to toggle source
# File lib/buweb/concerns/has_presentation_data.rb, line 59 def presentation_data_json JSON.pretty_generate(presentation_data) end
presentation_data_json=(json)
click to toggle source
# File lib/buweb/concerns/has_presentation_data.rb, line 63 def presentation_data_json=(json) begin self.presentation_data = JSON.parse(json) rescue JSON::ParserError return false end end
presentation_yaml=(string)
click to toggle source
# File lib/buweb/concerns/has_presentation_data.rb, line 87 def presentation_yaml=(string) begin write_attribute :presentation_yaml, string self.presentation_data = YAML.safe_load(string) # this will throw an error if YAML is invalid rescue # setting error here won't do anything unfortunately... So we need a validation method. end end
sync_schema()
click to toggle source
# File lib/buweb/concerns/has_presentation_data.rb, line 36 def sync_schema if schema = presentation_data_template.try(:schema) self.presentation_data_schema = schema end if json_schema = presentation_data_template.try(:json_schema) self.presentation_data_json_schema = json_schema end end