Provides Javascript a simple API to the Ruby on Rails CRUD.
CoffeeScript JavaScript
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
bower_components/jquery/dist
dist
doc
spec
src
.gitignore
.travis.yml
LICENSE
README.md
bower.json
gulpfile.coffee
package.json

README.md

Gem Bower npm Code Climate Build Status

Databound

Provides Javascript a simple CRUD API to the Ruby on Rails backend.

Check out live examples on the Databound website databound.me.

Backend gem repo github.com/Nedomas/databound-rails.

Usage

  User = new Databound('/users')

  User.where({ name: 'John' }).then(function(users) {
    alert('Users called John');
  });

  User.find(15).then(function(user) {
    alert('User no. 15: ' + user.name);
  });

  User.create({ name: 'Peter' }).then(function(user) {
    alert('I am ' + user.name + ' from database');
  });

More API docs

Version support and dependencies

Works with:

  • Ruby on Rails 3+
  • Ruby 2.0+
  • It can work with Angular as a better ngResource alternative
  • Rails API
  • ActiveRecord or Mongoid
  • Active Model Serializers
  • Chrome any, Firefox any, Opera any, IE 8+

Depends on:

  • Lodash (should work with any version)
  • jQuery 1.5+

jQuery is used for making requests and promises. You can use your own library instead. Read API docs on how to override those.

Installation

1 - Gemfile

gem 'databound', '3.1.3'

2.1 - With asset pipeline (sprockets)

Run generator to add Databound to application.js

rails g databound:install

2.2 - Without asset pipeline

Download the databound-standalone.js and load it up

<script src='assets/databound-standalone.js'></script>

2.3 - With require.js

Download Javascript part with npm or bower

npm install databound

OR

bower install databound

Require it Javascript with:

var Databound = require('databound');

3 - Add a route to config/routes.rb

Rails.application.routes.draw do
  databound :users, columns: [:name, :city]
end

4 - (optional) Controller is autogenerated from route

But if you already have a controller, you can include Databound and specify the model yourself.

class UsersController < ApplicationController
  databound do
    model :user
    columns :name, :city
  end
end

5 - Install dependencies (skip if with require.js)

Easiest way is to use the official Ruby gems or include them from CDNs.

Lo-Dash - lodash-rails gem or CDN.

jQuery (already installed by default on Rails) - jquery-rails gem or CDN

6 - Use it in the Javascript

var User = new Databound('/users');

Security

Which parts can Javascript modify?

Specify columns.

By default - no columns are modifiable.

How to secure the relation values?

You can use dsl(:your_column, :expected_value) to only allow certain dsl values and convert them to relation ids in the backend.

How to protect the scope of the records?

If you need a reference to the record being modified, use permit. It will give you a parsed record.

It also works with 3rd party libraries.

class ProjectsController < ApplicationController
  databound do
    model :project
    columns :name, :city

    # CanCanCan gem
    permit(:create) do
      authorize! :create, current_user
    end

    # Pundit
    permit(:update) do
      authorize current_user
    end

    # Plain Ruby
    permit(:destroy) do
      current_user.god?
    end
  end
end

Which parts can Javascript show?

Use Active Model Serializers to serialize the record.

If you don't want to use that, you can overwrite as_json method on the model.

Contributing ❤️

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request
  6. Get ice cream 🍨

Changelog

Next release

  • Associations.
  • Your contribution here.

3.1.3 - 2015-04-10

  • Fix Postgresql bug introduced with 3.1.2. Do it @remigijusj bind_values way.

3.1.2 - 2015-04-10

3.1.1 - 2015-02-10

  • Fix where bug which did to take into account the extra_where_scopes.

3.1.0 - 2015-01-10

  • Friendly error messages in development environment.
  • .all method.

3.0.3 - 2015-01-09

  • Fix bootup of a default Rails stack in production with databound and eager_load

3.0.2 - 2015-01-08

  • read action of permit returning false now returns empty scoped records

3.0.1 - 2015-01-08

  • Minor bugfix

3.0.0 - 2015-01-08

  • Simplify configuration setup and improve performance.
  • Thanks to @Austio for docs on 3rd party authentication libraries.
class ProjectsController < ApplicationController
  databound do
    model :project
    columns :name, :city
  end
end

2.0.1 - 2015-01-03

  • Add support for specifying permitted_columns in routes.rb. No columns are modifiable by default.

1.1.0 - 2015-01-03

  • You can specify permit_update_destroy? on a controller to manage the scope of the records that can be modified from the Javascript.

1.0.0 - 2015-01-03

  • Destroy now accepts id instead of { id: someid }.
  • extra_find_scopes renamed to extra_where_scopes

Used and sponsored by

closeheat SameSystem picnic-right