Provides Javascript a simple CRUD API to the Ruby on Rails backend.
Check out live examples on the Databound website databound.me.
Backend gem repo github.com/Nedomas/databound-rails.
Usage
User = new Databound('/users')
User.where({ name: 'John' }).then(function(users) {
alert('Users called John');
});
User.find(15).then(function(user) {
alert('User no. 15: ' + user.name);
});
User.create({ name: 'Peter' }).then(function(user) {
alert('I am ' + user.name + ' from database');
});
Version support and dependencies
Works with:
- Ruby on Rails 3+
- Ruby 2.0+
- It can work with Angular as a better ngResource alternative
- Rails API
- ActiveRecord or Mongoid
- Active Model Serializers
- Chrome any, Firefox any, Opera any, IE 8+
Depends on:
- Lodash (should work with any version)
- jQuery 1.5+
jQuery is used for making requests and promises. You can use your own library instead. Read API docs on how to override those.
Installation
1 - Gemfile
gem 'databound', '3.1.3'
2.1 - With asset pipeline (sprockets)
Run generator to add Databound to application.js
rails g databound:install
2.2 - Without asset pipeline
Download the databound-standalone.js and load it up
<script src='assets/databound-standalone.js'></script>
2.3 - With require.js
Download Javascript part with npm or bower
npm install databound
OR
bower install databound
Require it Javascript with:
var Databound = require('databound');
3 - Add a route to config/routes.rb
Rails.application.routes.draw do
databound :users, columns: [:name, :city]
end
4 - (optional) Controller is autogenerated from route
But if you already have a controller, you can include Databound and specify the model yourself.
class UsersController < ApplicationController
databound do
model :user
columns :name, :city
end
end
5 - Install dependencies (skip if with require.js
)
Easiest way is to use the official Ruby gems or include them from CDNs.
Lo-Dash - lodash-rails gem or CDN.
jQuery (already installed by default on Rails) - jquery-rails gem or CDN
6 - Use it in the Javascript
var User = new Databound('/users');
Security
Which parts can Javascript modify?
Specify columns
.
By default - no columns are modifiable.
How to secure the relation values?
You can use dsl(:your_column, :expected_value)
to only allow certain dsl values and convert them to relation ids in the backend.
How to protect the scope of the records?
If you need a reference to the record being modified, use permit
. It will give you a parsed record.
It also works with 3rd party libraries.
class ProjectsController < ApplicationController
databound do
model :project
columns :name, :city
# CanCanCan gem
permit(:create) do
authorize! :create, current_user
end
# Pundit
permit(:update) do
authorize current_user
end
# Plain Ruby
permit(:destroy) do
current_user.god?
end
end
end
Which parts can Javascript show?
Use Active Model Serializers to serialize the record.
If you don't want to use that, you can overwrite as_json
method on the model.
β€οΈ
Contributing - Fork it
- Create your feature branch (git checkout -b my-new-feature)
- Commit your changes (git commit -am 'Add some feature')
- Push to the branch (git push origin my-new-feature)
- Create a new Pull Request
- Get ice cream
π¨
Changelog
Next release
- Associations.
- Your contribution here.
3.1.3 - 2015-04-10
- Fix Postgresql bug introduced with
3.1.2
. Do it @remigijusjbind_values
way.
3.1.2 - 2015-04-10
- Fix bug introduced with Rails 4.2
AdequateRecord
update - AREL query API changed. Thanks to @remigijusj who patched it (Nedomas/databound-rails#2).
3.1.1 - 2015-02-10
- Fix
where
bug which did to take into account theextra_where_scopes
.
3.1.0 - 2015-01-10
- Friendly error messages in development environment.
.all
method.
3.0.3 - 2015-01-09
- Fix bootup of a default Rails stack in production with
databound
andeager_load
3.0.2 - 2015-01-08
read
action ofpermit
returningfalse
now returns empty scoped records
3.0.1 - 2015-01-08
- Minor bugfix
3.0.0 - 2015-01-08
- Simplify configuration setup and improve performance.
- Thanks to @Austio for docs on 3rd party authentication libraries.
class ProjectsController < ApplicationController
databound do
model :project
columns :name, :city
end
end
2.0.1 - 2015-01-03
- Add support for specifying
permitted_columns
inroutes.rb
. No columns are modifiable by default.
1.1.0 - 2015-01-03
- You can specify
permit_update_destroy?
on a controller to manage the scope of the records that can be modified from the Javascript.
1.0.0 - 2015-01-03
- Destroy now accepts
id
instead of{ id: someid }
. extra_find_scopes
renamed toextra_where_scopes