Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
rails-settings-rails32
Advanced tools
= Settings Gem
Settings is a plugin that makes managing a table of global key, value pairs easy. Think of it like a global Hash stored in you database, that uses simple ActiveRecord like methods for manipulation. Keep track of any global setting that you dont want to hard code into your rails app. You can store any kind of object. Strings, numbers, arrays, or any object. Ported to Rails 3!
== Setup
Edit your Gemfile: gem "rails-settings", :git => "git://github.com/100hz/rails-settings.git"
Generate your settings: rails g settings <settings_name>
Now just put that migration in the database with: rake db:migrate
== Usage
The syntax is easy. First, lets create some settings to keep track of:
MySettings.admin_password = 'supersecret' MySettings.date_format = '%m %d, %Y' MySettings.cocktails = ['Martini', 'Screwdriver', 'White Russian'] MySettings.foo = 123 MySettings.credentials = { :username => 'tom', :password => 'secret' }
Now lets read them back:
MySettings.foo # returns 123
Changing an existing setting is the same as creating a new setting:
MySettings.foo = 'super duper bar'
For changing an existing setting which is a Hash, you can merge new values with existing ones: MySettings.merge! :credentials, :password => 'topsecret' MySettings.credentials # returns { :username => 'tom', :password => 'topsecret' }
Decide you dont want to track a particular setting anymore?
MySettings.destroy :foo MySettings.foo # returns nil
Want a list of all the settings?
MySettings.all # returns {'admin_password' => 'super_secret', 'date_format' => '%m %d, %Y'}
You need name spaces and want a list of settings for a give name space? Just choose your prefered named space delimiter and use Settings.all like this:
MySettings['preferences.color'] = :blue MySettings['preferences.size'] = :large MySettings['license.key'] = 'ABC-DEF' MySettings.all('preferences.') # returns { 'preferences.color' => :blue, 'preferences.size' => :large }
Set defaults for certain settings of your app. This will cause the defined settings to return with the Specified value even if they are not in the database. Make a new file in config/initializers/settings.rb with the following:
MySettings.defaults[:some_setting] = 'footastic'
Now even if the database is completely empty, you app will have some intelligent defaults:
MySettings.some_setting # returns 'footastic'
Settings may be bound to any existing ActiveRecord object. Define this association like this:
class User < ActiveRecord::Base has_settings end
Then you can set/get a setting for a given user instance just by doing this:
user = User.find(123) user.settings.color = :red user.settings.color # returns :red user.settings.all # { "color" => :red }
I you want to find users having or not having some settings, there are named scopes for this:
User.with_settings # => returns a scope of users having any setting User.with_settings_for('color') # => returns a scope of users having a 'color' setting
User.without_settings # returns a scope of users having no setting at all (means user.settings.all == {}) User.without_settings('color') # returns a scope of users having no 'color' setting (means user.settings.color == nil)
That's all there is to it! Enjoy!
FAQs
Unknown package
We found that rails-settings-rails32 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.