Mailinglist Archive: yast-devel (87 mails)

< Previous Next >
Re: [yast-devel] An interesting Ruby exercise for a Friday
On 02/10/2017 02:31 PM, Lukas Ocilka wrote:
On 02/10/2017 02:06 PM, Ancor Gonzalez Sosa wrote:
And all calls to #to_s, #inspect are safe. Even using formatters like
pretty_print or awesome_print should be safe.

Ah, and I found one little case where redefining #to_s might cause some
problems:

```life
When you really want to use it for something else than logging
```

As long as you want to access that value explicitly, #to_s will work
exactly as expected. For example.

class TheClass
include Y2Storage::SecretAttributes

attr_accessor :name
secret_attr :password
end

one_object = TheClass.new
one_object.name = "Aa"
one_object.password = 42

one_object.password # => 42
one_object.password.to_s # => "42"
one_object.send(:password) # => 42
one_object.send(:password).to_s # => "42"

So if you really want to use #to_s for that attribute, it will work with
no surprises.

BUT the class saves you from revealing that value in an indirect way
(i.e. via inspection of the instance attributes). For example:

one_object.to_s
# => "#<TheClass:0x000000026bcc98>" - This is the default behavior

one_object.inspect
# => "#<TheClass:0x00000000c7cbf8 @password=<secret>, @name=\"Aa"\">"

Even more:

one_object.instance_variables.each do |var|
puts "#{var}: #{one_object.instance_variable_get(var)}"
puts "#{var} to_s: #{one_object.instance_variable_get(var).to_s}"
end

Will print

@name: Aa
@name to_s: Aa
@password: <secret>
@password to_s: <secret>

So the mixin never puts itself in your way, it's just in the way of
lurkers who want to inspect the internal state of your objects directly.
And that's exactly the problem it tries to avoid.

By their own nature, methods used for logging like #inspect don't use
your setters and getters to access your inner state (as you and every
well-educated piece of software should do). Those methods that violate
the uniform access principle are the only ones affected by the mixin.
Other than that, .secret_attr is 100% equivalent to .attr_accessor.

Cheers.
--
Ancor González Sosa
YaST Team at SUSE Linux GmbH
--
To unsubscribe, e-mail: yast-devel+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: yast-devel+owner@xxxxxxxxxxxx

< Previous Next >