
Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
Curtains provides simple model decorators for Rails 4.
Add this line to your application's Gemfile
:
gem "curtains"
And then execute:
$ bundle
Or install it yourself as:
$ gem install curtains
In either controllers or views you may call decorate
to wrap a model in a decorator. The name of the decorator class is inferred from the name of the model, so for example, the Address
model will be wrapped with AddressDecorator
.
# app/views/addresses/show.html.erb
<%= decorate(@address).formatted_address_tag %>
The decorate
helper also supports enumerable collections and will return an array of decorated objects:
# app/views/addresses/index.html.erb
<%= decorate(@addresses).each do |address| %>
<%= address.formatted_address_tag %>
<% end %>
Additionally, the decorate
helper yields its result to a block if provided:
# app/views/addresses/show.html.erb
<%= decorate(@address) do |address| %>
<div class="name">
<%= address.formatted_name %>
</div>
<%= address.formatted_address_tag %>
<% end %>
These decorators should be placed in the app/decorators
folder and should inherit from Curtains::Decorator
. For example:
# app/decorators/address_decorator.rb
class AddressDecorator < Curtains::Decorator
def formatted_address_tag
content_tag :address, address.lines.join("<br/>").html_safe
end
def formatted_name
return "N/A" if name.blank?
name
end
end
Call decorate_resources
in your controller to add automatic decorating to the resource
, build_resource
and collection
methods provided by Inherited Resources:
# app/controllers/address_controller.rb
class AddressesController < InheritedResources::Base
decorate_resources
end
# app/views/addresses/show.html.erb
<%= resource.formatted_address_tag %>
Handcrafted by Patrick Hogan [github]
Released under the MIT License.
FAQs
Unknown package
We found that curtains demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A clarification on our recent research investigating 60 malicious Ruby gems.
Security News
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
Research
/Security News
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.