Customizing what data is submitted with Ember Data

Question

In Ember, I would typically submit a resource like this:

App.FooNewController = Ember.ObjectController.extend(

  actions:
    submit: ->
      @get('model').save().then ((response) =>
        @transitionToRoute('foo', @content)
      ), (response) =>
        @set "errors", response.errors
)

This works because all the data the user inputs into the Foo form translates nicely to the Foo model. But what about a User model that contains sensitive information, such as a password and email address? I would prefer not to include that information in the model. However, if it's not there, then when I submit a User form with those fields, Ember Data will not submit the password and email to the server, even though it submits non-sensitive data like the username.

So my question is, how can I get Ember Data to include the password and email field when submitting? I'm using the ActiveModelAdapter.

Answer 1

Your model should include the sensitive fields e.g:

App.User= DS.Model.extend({
    userName: DS.attr('string'),
    email: DS.attr('string'),
    password: DS.attr('string'),
    passwordConfirmation: DS.attr('string')
};

However your server should not send the email/password information when User is requested. In your view you can have the user add this information and then when you do something like:

this.get('model').save();

The user completed email and password will be submitted to the Server. The Server should then respond with a copy of the model data excluding the email and password which will cause the model to be updated with a blank email and password.

Also when the user navigates away from your view without submitting data to the server it may be good to do something like:

this.get('model').rollback();

which will rollback any changes the user may have made to the fields in the view.