User details being displayed in the browser dev tools












0















I have a rails application where i am using javascript. Now when the user logsin inside the application i can see all the user details(email,pw,phone etc.) in the Network->Preview section of the browser dev tools. Is there a way to hide it in rails? so that when i open the browser dev tools i dont see the user details. I am using React js in the front end.










share|improve this question



























    0















    I have a rails application where i am using javascript. Now when the user logsin inside the application i can see all the user details(email,pw,phone etc.) in the Network->Preview section of the browser dev tools. Is there a way to hide it in rails? so that when i open the browser dev tools i dont see the user details. I am using React js in the front end.










    share|improve this question

























      0












      0








      0


      1






      I have a rails application where i am using javascript. Now when the user logsin inside the application i can see all the user details(email,pw,phone etc.) in the Network->Preview section of the browser dev tools. Is there a way to hide it in rails? so that when i open the browser dev tools i dont see the user details. I am using React js in the front end.










      share|improve this question














      I have a rails application where i am using javascript. Now when the user logsin inside the application i can see all the user details(email,pw,phone etc.) in the Network->Preview section of the browser dev tools. Is there a way to hide it in rails? so that when i open the browser dev tools i dont see the user details. I am using React js in the front end.







      javascript ruby-on-rails reactjs






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 22 '18 at 11:34









      Soumyadip ChakrabortySoumyadip Chakraborty

      8226




      8226
























          1 Answer
          1






          active

          oldest

          votes


















          0














          As far as I could understand, this is an authorization issue. You probably want to have different roles for your users and, based on such roles, decide what to display.



          You may use policies to define which content each user is allowed to access. To this end, you could use the pundit gem. It is very useful to define authorization mechanisms for controller actions.



          If different users can access the same route but you need to hide some fields/details for some of them, you should pass the current_user to your serializations. For example, if you are using the Active Model Serializers gem, you need to add the current_user to the scope of your serializers:



          class ApplicationController < ActionController::Base
          serialization_scope :current_user
          end


          And then use that scope to display user details:



          class UserSerializer < BaseSerializer
          attribute :name # Everyone can see
          attribute :email do # Only admins can see
          user = scope
          if user
          if user.admin?
          object.email
          end
          end
          end
          end


          This article have a deeper discussion regarding authorization in rails apps






          share|improve this answer























            Your Answer






            StackExchange.ifUsing("editor", function () {
            StackExchange.using("externalEditor", function () {
            StackExchange.using("snippets", function () {
            StackExchange.snippets.init();
            });
            });
            }, "code-snippets");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "1"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53430085%2fuser-details-being-displayed-in-the-browser-dev-tools%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            As far as I could understand, this is an authorization issue. You probably want to have different roles for your users and, based on such roles, decide what to display.



            You may use policies to define which content each user is allowed to access. To this end, you could use the pundit gem. It is very useful to define authorization mechanisms for controller actions.



            If different users can access the same route but you need to hide some fields/details for some of them, you should pass the current_user to your serializations. For example, if you are using the Active Model Serializers gem, you need to add the current_user to the scope of your serializers:



            class ApplicationController < ActionController::Base
            serialization_scope :current_user
            end


            And then use that scope to display user details:



            class UserSerializer < BaseSerializer
            attribute :name # Everyone can see
            attribute :email do # Only admins can see
            user = scope
            if user
            if user.admin?
            object.email
            end
            end
            end
            end


            This article have a deeper discussion regarding authorization in rails apps






            share|improve this answer




























              0














              As far as I could understand, this is an authorization issue. You probably want to have different roles for your users and, based on such roles, decide what to display.



              You may use policies to define which content each user is allowed to access. To this end, you could use the pundit gem. It is very useful to define authorization mechanisms for controller actions.



              If different users can access the same route but you need to hide some fields/details for some of them, you should pass the current_user to your serializations. For example, if you are using the Active Model Serializers gem, you need to add the current_user to the scope of your serializers:



              class ApplicationController < ActionController::Base
              serialization_scope :current_user
              end


              And then use that scope to display user details:



              class UserSerializer < BaseSerializer
              attribute :name # Everyone can see
              attribute :email do # Only admins can see
              user = scope
              if user
              if user.admin?
              object.email
              end
              end
              end
              end


              This article have a deeper discussion regarding authorization in rails apps






              share|improve this answer


























                0












                0








                0







                As far as I could understand, this is an authorization issue. You probably want to have different roles for your users and, based on such roles, decide what to display.



                You may use policies to define which content each user is allowed to access. To this end, you could use the pundit gem. It is very useful to define authorization mechanisms for controller actions.



                If different users can access the same route but you need to hide some fields/details for some of them, you should pass the current_user to your serializations. For example, if you are using the Active Model Serializers gem, you need to add the current_user to the scope of your serializers:



                class ApplicationController < ActionController::Base
                serialization_scope :current_user
                end


                And then use that scope to display user details:



                class UserSerializer < BaseSerializer
                attribute :name # Everyone can see
                attribute :email do # Only admins can see
                user = scope
                if user
                if user.admin?
                object.email
                end
                end
                end
                end


                This article have a deeper discussion regarding authorization in rails apps






                share|improve this answer













                As far as I could understand, this is an authorization issue. You probably want to have different roles for your users and, based on such roles, decide what to display.



                You may use policies to define which content each user is allowed to access. To this end, you could use the pundit gem. It is very useful to define authorization mechanisms for controller actions.



                If different users can access the same route but you need to hide some fields/details for some of them, you should pass the current_user to your serializations. For example, if you are using the Active Model Serializers gem, you need to add the current_user to the scope of your serializers:



                class ApplicationController < ActionController::Base
                serialization_scope :current_user
                end


                And then use that scope to display user details:



                class UserSerializer < BaseSerializer
                attribute :name # Everyone can see
                attribute :email do # Only admins can see
                user = scope
                if user
                if user.admin?
                object.email
                end
                end
                end
                end


                This article have a deeper discussion regarding authorization in rails apps







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 22 '18 at 13:53









                Arthur Del EsposteArthur Del Esposte

                936




                936






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53430085%2fuser-details-being-displayed-in-the-browser-dev-tools%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Futebolista

                    Feedback on college project

                    Albești (Vaslui)