ASWI - Pokročilé softwarové inženýrství » ASWI 2020 » Webová aplikace simulující kontingenční tabulku (CIV) - VLDC

# private [![Build Status](https://travis-ci.org/benjamn/private.png?branch=master)](https://travis-ci.org/benjamn/private) [![Greenkeeper badge](https://badges.greenkeeper.io/benjamn/private.svg)](https://greenkeeper.io/)

A general-purpose utility for associating truly private state with any JavaScript object.

Installation

---

From NPM:

    npm install private

From GitHub:

    cd path/to/node_modules

    git clone git://github.com/benjamn/private.git

    cd private

    npm install .

Usage

---

**Get or create a secret object associated with any (non-frozen) object:**

```js

var getSecret = require("private").makeAccessor();

var obj = Object.create(null); // any kind of object works

getSecret(obj).totallySafeProperty = "p455w0rd";

console.log(Object.keys(obj)); // []

console.log(Object.getOwnPropertyNames(obj)); // []

console.log(getSecret(obj)); // { totallySafeProperty: "p455w0rd" }

```

Now, only code that has a reference to both `getSecret` and `obj` can possibly access `.totallySafeProperty`.

*Importantly, no global references to the secret object are retained by the `private` package, so as soon as `obj` gets garbage collected, the secret will be reclaimed as well. In other words, you don't have to worry about memory leaks.*

**Create a unique property name that cannot be enumerated or guessed:**

```js

var secretKey = require("private").makeUniqueKey();

var obj = Object.create(null); // any kind of object works

Object.defineProperty(obj, secretKey, {

  value: { totallySafeProperty: "p455w0rd" },

  enumerable: false // optional; non-enumerability is the default

});

Object.defineProperty(obj, "nonEnumerableProperty", {

  value: "anyone can guess my name",

  enumerable: false

});

console.log(obj[secretKey].totallySafeProperty); // p455w0rd

console.log(obj.nonEnumerableProperty); // "anyone can guess my name"

console.log(Object.keys(obj)); // []

console.log(Object.getOwnPropertyNames(obj)); // ["nonEnumerableProperty"]

for (var key in obj) {

  console.log(key); // never called

}

```

Because these keys are non-enumerable, you can't discover them using a `for`-`in` loop. Because `secretKey` is a long string of random characters, you would have a lot of trouble guessing it. And because the `private` module wraps `Object.getOwnPropertyNames` to exclude the keys it generates, you can't even use that interface to discover it.

Unless you have access to the value of the `secretKey` property name, there is no way to access the value associated with it. So your only responsibility as secret-keeper is to avoid handing out the value of `secretKey` to untrusted code.

Think of this style as a home-grown version of the first style. Note, however, that it requires a full implementation of ES5's `Object.defineProperty` method in order to make any safety guarantees, whereas the first example will provide safety even in environments that do not support `Object.defineProperty`.

Rationale

---

In JavaScript, the only data that are truly private are local variables

whose values do not *leak* from the scope in which they were defined.

This notion of *closure privacy* is powerful, and it readily provides some

of the benefits of traditional data privacy, a la Java or C++:

```js

function MyClass(secret) {

    this.increment = function() {

        return ++secret;

    };

}

var mc = new MyClass(3);

console.log(mc.increment()); // 4

```

You can learn something about `secret` by calling `.increment()`, and you

can increase its value by one as many times as you like, but you can never

decrease its value, because it is completely inaccessible except through

the `.increment` method. And if the `.increment` method were not

available, it would be as if no `secret` variable had ever been declared,

as far as you could tell.

This style breaks down as soon as you want to inherit methods from the

prototype of a class:

```js

function MyClass(secret) {

    this.secret = secret;

}

MyClass.prototype.increment = function() {

    return ++this.secret;

};

```

The only way to communicate between the `MyClass` constructor and the

`.increment` method in this example is to manipulate shared properties of

`this`. Unfortunately `this.secret` is now exposed to unlicensed

modification:

```js

var mc = new MyClass(6);

console.log(mc.increment()); // 7

mc.secret -= Infinity;

console.log(mc.increment()); // -Infinity

mc.secret = "Go home JavaScript, you're drunk.";

mc.increment(); // NaN

```

Another problem with closure privacy is that it only lends itself to

per-instance privacy, whereas the `private` keyword in most

object-oriented languages indicates that the data member in question is

visible to all instances of the same class.

Suppose you have a `Node` class with a notion of parents and children:

```js

function Node() {

    var parent;

    var children = [];

    this.getParent = function() {

        return parent;

    };

    this.appendChild = function(child) {

        children.push(child);

        child.parent = this; // Can this be made to work?

    };

}

```

The desire here is to allow other `Node` objects to manipulate the value

returned by `.getParent()`, but otherwise disallow any modification of the

`parent` variable. You could expose a `.setParent` function, but then

anyone could call it, and you might as well give up on the getter/setter

pattern.

This module solves both of these problems.

Usage

---

Let's revisit the `Node` example from above:

```js

var p = require("private").makeAccessor();

function Node() {

    var privates = p(this);

    var children = [];

    this.getParent = function() {

        return privates.parent;

    };

    this.appendChild = function(child) {

        children.push(child);

        var cp = p(child);

        if (cp.parent)

            cp.parent.removeChild(child);

        cp.parent = this;

        return child;

    };

}

```

Now, in order to access the private data of a `Node` object, you need to

have access to the unique `p` function that is being used here.  This is

already an improvement over the previous example, because it allows

restricted access by other `Node` instances, but can it help with the

`Node.prototype` problem too?

Yes it can!

```js

var p = require("private").makeAccessor();

function Node() {

    p(this).children = [];

}

var Np = Node.prototype;

Np.getParent = function() {

    return p(this).parent;

};

Np.appendChild = function(child) {

    p(this).children.push(child);

    var cp = p(child);

    if (cp.parent)

        cp.parent.removeChild(child);

    cp.parent = this;

    return child;

};

```

Because `p` is in scope not only within the `Node` constructor but also

within `Node` methods, we can finally avoid redefining methods every time

the `Node` constructor is called.

Now, you might be wondering how you can restrict access to `p` so that no

untrusted code is able to call it. The answer is to use your favorite

module pattern, be it CommonJS, AMD `define`, or even the old

Immediately-Invoked Function Expression:

```js

var Node = (function() {

    var p = require("private").makeAccessor();

    function Node() {

        p(this).children = [];

    }

    var Np = Node.prototype;

    Np.getParent = function() {

        return p(this).parent;

    };

    Np.appendChild = function(child) {

        p(this).children.push(child);

        var cp = p(child);

        if (cp.parent)

            cp.parent.removeChild(child);

        cp.parent = this;

        return child;

    };

    return Node;

}());

var parent = new Node;

var child = new Node;

parent.appendChild(child);

assert.strictEqual(child.getParent(), parent);

```

Because this version of `p` never leaks from the enclosing function scope,

only `Node` objects have access to it.

So, you see, the claim I made at the beginning of this README remains

true:

> In JavaScript, the only data that are truly private are local variables

> whose values do not *leak* from the scope in which they were defined.

It just so happens that closure privacy is sufficient to implement a

privacy model similar to that provided by other languages.