Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@bigbinary/neeto-comments-frontend
Advanced tools
A repo acts as the source of truth for the new nano's structure, configs, data etc.
The neeto-comments-nano
manages comments within an application, notifying mentioned users via email based on their preferences.
The engine handles the backend of the comments table and notifies preferred users via email upon the creation of a new comment.
Add this line to your application's Gemfile:
source "NEETO_GEM_SERVER_URL" do
# ..existing gems
gem "neeto-comments-engine"
end
And then execute:
bundle install
Add this line to your application's config/routes.rb
file:
mount NeetoCommentsEngine::Engine => "/neeto_comments_engine"
Run the command to bring in all migrations required from the engine to the host application:
bundle exec rails neeto_comments_engine:install:migrations
Add the migrations to the database:
bundle exec rails db:migrate
This model has the following polymorphic associations
belongs_to :commentable, polymorphic: true
belongs_to :creator, polymorphic: true
Here, commentable
is the entity for which we add a comment.
For example, In NeetoPlanner
, Task
is a commentable entity. We can add comments in a Task as follows:
has_many :comments, as: :commentable, dependent: :destroy
Similarly creator
is the entity which created the comment.
In the host app, we can use the Comment
model by inheriting from it as follows:
class Comment < NeetoCommentsEngine::Comment
self.table_name = "neeto_comments_engine_comments"
end
The following methods are required in the inherited model of the host app to notify users mentioned in the comment as soon as a comment is created:
def email_data
{
preference_link:, # Notification preference URL
organization_name:,
link_title:, # Title
subject:, # Subject
reply_to: # Reply to email
}
end
The get_mentioned_ids_from_content
method returns the list of ids of the mentioned users that needs to be notified and can be used as follows:
def notifiable_users
user_list = get_mentioned_ids_from_content(content)
User.where(id: user_list)
end
In the host app, we can inherit the CommentsController
as follows:
class Api::V1::CommentsController < NeetoCommentsEngine::Api::V1::CommentsController
private
def load_commentable!
# required method in the host application to load the commentable entity
end
end
Include the following concern to the commentable
model
include NeetoCommentsEngine::NotificationPreferences
The notify_mentioned_user?(user)
returns a boolean value which decides whether to send email to that user or not. By default the method returns true
. This can be overriden by the host application.
def notify_mentioned_user?(user)
true
end
The notify_mentions_via_email?
returns a boolean value which decides whether to send email for that commentable entity or not. By default the method returns true
. This can be overriden by the host application.
def notify_mentions_via_email?
true
end
Consult the building and releasing packages guide for details on how to publish.
FAQs
A repo acts as the source of truth for the new nano's structure, configs, data etc.
The npm package @bigbinary/neeto-comments-frontend receives a total of 1 weekly downloads. As such, @bigbinary/neeto-comments-frontend popularity was classified as not popular.
We found that @bigbinary/neeto-comments-frontend demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.