logic to show unauthorized_fields

app/lib/presenters.rb

@@ -2,10 +2,8 @@ module Presenters
   # This is work in progress we're releasing early so
   # that it can be used in forwarding to send the current
   # values as they're received.
-  # TODO: add presenter tests, finish refactor following
-  # spec in your spreadsheet, remove unneeded options,
-  # use in appropriate views, add unauthorized_fields logic
-  # delete unneeded code in models and views.
+  # TODO: add presenter tests
+  # use in appropriate views, delete unneeded code in models and views.
   PRESENTERS = {
     Device => Presenters::DevicePresenter,
     User => Presenters::UserPresenter,

app/lib/presenters/base_presenter.rb

@@ -13,14 +13,23 @@ def initialize(model, current_user=nil, render_context=nil, options={})
       @model = model
       @current_user = current_user
       @render_context = render_context
+      @unauthorized_fields = []
       @options = self.default_options.merge(options)
     end
 
     def as_json(_opts=nil)
-      self.exposed_fields.inject({}) { |hash, field|
+      values = self.exposed_fields.inject({}) { |hash, field|
         value = self.send(field)
         value.nil? ? hash : hash.merge(field => value)
       }
+      unauthorized_fields.each do |field_path|
+        parent_path = field_path.dup
+        field_name = parent_path.pop
+        parent = parent_path.inject(values) { |vals, key| vals[key] }
+        parent[:unauthorized_fields] ||= []
+        parent[:unauthorized_fields] << field_name
+      end
+      values
     end
 
     def method_missing(method, *args, &block)
@@ -35,8 +44,21 @@ def present(other_model, options={})
       Presenters.present(other_model, current_user, render_context, options)
     end
 
+    def authorized?
+      true
+    end
+
+    def authorize!(*field_path, &block)
+      if authorized?
+        block.call
+      else
+        unauthorized_fields << field_path
+        nil
+      end
+    end
+
     private
 
-    attr_reader :model, :current_user, :options, :render_context
+    attr_reader :model, :current_user, :options, :render_context, :unauthorized_fields
   end
 end

app/lib/presenters/device_presenter.rb

@@ -5,10 +5,8 @@ class DevicePresenter < BasePresenter
     def default_options
       {
         with_owner: true,
-        with_data: true,
         with_postprocessing: true,
         with_location: true,
-        slim_owner: false,
         never_authorized: false,
         readings: nil
       }
@@ -41,11 +39,13 @@ def location
     end
 
     def data_policy
-      {
-        is_private: authorized? ? device.is_private : "[FILTERED]",
-        enable_forwarding: authorized? ? device.enable_forwarding : "[FILTERED]",
-        precise_location: authorized? ? device.precise_location : "[FILTERED]"
-      }
+      authorize!(:data_policy) do
+        {
+          is_private: device.is_private,
+          enable_forwarding: device.enable_forwarding,
+          precise_location: device.precise_location
+        }
+      end
     end
 
     def hardware
@@ -54,7 +54,7 @@ def hardware
         type: device.hardware_type,
         version: device.hardware_version,
         slug: device.hardware_slug,
-        last_status_message: authorized? ? device.hardware_info : "[FILTERED]",
+        last_status_message: authorize!(:hardware, :last_status_message) { device.hardware_info },
       }
     end
 
@@ -69,11 +69,11 @@ def postprocessing
     end
 
     def device_token
-      authorized? ? device.device_token : "[FILTERED]"
+      authorize!(:device_token) { device.device_token }
     end
 
     def mac_address
-      authorized? ? device.mac_address : "[FILTERED]"
+      authorize!(:mac_address) { device.mac_address }
     end
 
     def components

app/lib/presenters/user_presenter.rb

@@ -18,11 +18,11 @@ def profile_picture
     end
 
     def email
-      user.email if authorized?
+      authorize!(:email) { user.email }
     end
 
     def legacy_api_key
-      user.legacy_api_key if authorized?
+      authorize!(:legacy_api_key) { user.legacy_api_key }
     end
 
     def devices