What is a json-view? A json-view allows you to map internal objects to external views.
There are two common reasons for using json-views, consistency and security. By using views we ensure consistency to how objects are presented. Since attributes are whitelisted, this also increases security by limiting the chance of accidental internal value exposure.
The following example simply creates a new object that lacks the "password" field.
var user = {
firstName: 'First',
lastName: 'Last',
email: 'test@example.com',
password: 'password'
};
views.describe('user', function () {
this.allow([ 'firstName', 'lastName', 'email' ]);
this.deny('password');
});
var results = views.view('user', user);
results === {
firstName: 'First',
lastName: 'Last',
email: 'test@example.com'
}
JSON serializers works as a combination whitelist/blacklist for object attributes where attributes must first be this.allow()'ed. this.deny() will always take priority in cases where an attribute is both allowed and denied.
var user = {
firstName: 'First',
lastName: 'Last',
email: 'test@example.com',
password: 'password',
address: {
street: '1234 Example',
city: 'Indianapolis',
state: 'IN'
}
};
views.describe('user.address', function() {
this.allow('state');
});
views.describe('user', function() {
this.allow([ 'firstName', 'lastName', 'email' ]);
this.deny('password');
this.reference('address', 'user.address');
this.transform(function(obj) { return obj.firstName + ' ' + obj.lastName }, { as: 'fullName' });
this.transform('fullName', function(obj) { return obj.firstName + ' ' + obj.lastName });
});
var results = views.view('user', user);
results === {
firstName: 'First',
lastName: 'Last',
email: 'test@example.com',
address: {
state: 'IN'
}
}
var results = views.view('user', user);
results === {
firstName: 'First',
lastName: 'Last',
email: 'test@example.com'
}
Serializers can also be nested using this.reference().
var user = {
firstName: 'First',
lastName: 'Last',
email: 'test@example.com',
password: 'password',
};
views.describe('user.address', function() {
this.allow('state');
});
views.describe('user', function() {
this.allow([ 'firstName', 'lastName', 'email', 'address' ]);
this.deny('password');
this.reference('address', 'user.address');
});
var results = views.view('user', user);
results === {
firstName: 'First',
lastName: 'Last',
email: 'test@example.com',
address: {
state: 'IN'
}
}
FAQs
A simple DSL for defining JSON views
We found that json-views demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.
Security News
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.