
Research
/Security News
Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
mongoengine-goodjson
Advanced tools
This script has MongoEngine Document json serialization more-natural.
Using MongoEngine to create something (e.g. RESTful API), sometimes you might want to serialize the data from the db into JSON, but some fields are weird and not suitable for frontend/api:
{
"_id": {
"$oid": "5700c32a1cbd5856815051ce"
},
"name": "Hiroaki Yamamoto",
"registered_date": {
"$date": 1459667811724
}
}
The points are 2 points:
_id
might not be wanted because jslint disagrees _
character unless
declaring jslint nomen:true
$oid
and $date
. These fields are known as
MongoDB Extended JSON. However, considering MongoEngine is ODM and
therefore it has schema-definition methods, the fields shouldn't have the
special fields. In particular problems, you might get
No such property $oid of undefined
error when you handle above generated
data on frontend.To solve the problems, the generated data should be like this:
{
"id": "5700c32a1cbd5856815051ce",
"name": "Hiroaki Yamamoto",
"registered_date": 1459667811724
}
Making above structure can be possible by doing re-mapping, but if we do it on API's controller object, the code might get super-dirty:
"""Dirty code."""
import mongoengine as db
class User(db.Document):
"""User class."""
name = db.StringField(required=True, unique=True)
registered_date = db.DateTimeField()
def get_user(self):
"""Get user."""
models = [
{
("id" if key == "_id" else key): (
value.pop("$oid") if "$oid" in value and isinstance(value, dict)
else value.pop("$date") if "$date" in value and isinstance(value, dict)
else value #What if there are the special fields in child dict?
)
for (key, value) in doc.items()
} for doc in User.objects(pk=ObjectId("5700c32a1cbd5856815051ce"))
]
return json.dumps(models, indent=2)
To give the solution of this problem, I developed this scirpt. By using this script, you will not need to make the transform like above. i.e.
"""A little-bit clean code."""
import mongoengine as db
import mongoengine_goodjson as gj
class User(gj.Document):
"""User class."""
name = db.StringField(required=True, unique=True)
registered_date = db.DateTimeField()
def get_user(self):
"""Get user."""
return model_cls.objects(
pk=ObjectId("5700c32a1cbd5856815051ce")
).to_json(indent=2)
Generally you can define the document as usual, but you might want to inherits
mongoengine_goodjson.Document
or mongoengine_goodjson.EmbeddedDocument
.
Here is the example:
"""Example schema."""
import mongoengine_goodjson as gj
import mongoengine as db
class Address(gj.EmbeddedDocument):
"""Address schema."""
street = db.StringField()
city = db.StringField()
state = db.StringField()
class User(gj.Document):
"""User data schema."""
name = db.StringField()
email = db.EmailField()
address = db.EmbeddedDocumentListField(Address)
If you want to know more, there's read the doc that you want to read. You can now read the doc with drinking a cup of coffee!!
Please read the doc for the detail.
See LICENSE.md
FAQs
More human readable JSON serializer/de-serializer for MongoEngine
We found that mongoengine-goodjson demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.