Module: SensitiveSerializableHash

Extended by:: ActiveSupport::Concern

Included in:: ApplicationRecord

Defined in:: app/models/concerns/sensitive_serializable_hash.rb

Instance Method Summary collapse

#serializable_hash(options = nil) ⇒ Object

Override serializable_hash to exclude sensitive attributes by default.

Instance Method Details

#serializable_hash(options = nil) ⇒ `Object`

Override serializable_hash to exclude sensitive attributes by default

In general, prefer NOT to use serializable_hash / to_json / as_json in favor of serializers / entities instead which has an allowlist of attributes

# File 'app/models/concerns/sensitive_serializable_hash.rb', line 21

def serializable_hash(options = nil)
  options = options.try(:dup) || {}
  options[:except] = Array(options[:except]).dup

  options[:except].concat self.class.attributes_exempt_from_serializable_hash

  if self.class.respond_to?(:attr_encrypted_attributes)
    options[:except].concat self.class.attr_encrypted_attributes.keys

    # Per https://github.com/attr-encrypted/attr_encrypted/blob/a96693e9a2a25f4f910bf915e29b0f364f277032/lib/attr_encrypted.rb#L413
    options[:except].concat self.class.attr_encrypted_attributes.values.map { |v| v[:attribute] }
    options[:except].concat self.class.attr_encrypted_attributes.values.map { |v| "#{v[:attribute]}_iv" }
  end

  super(options)
end

Module: SensitiveSerializableHash

Instance Method Summary collapse

Instance Method Details

#serializable_hash(options = nil) ⇒ Object

#serializable_hash(options = nil) ⇒ `Object`