Merge remote-tracking branch 'origin/master'

9 files changed, 86 insertions, 49 deletions

diff --git a/activemodel/lib/active_model/locale/en.yml b/activemodel/lib/active_model/locale/en.yml
index ba49c6beaa..1842ba002f 100644
--- a/activemodel/lib/active_model/locale/en.yml
+++ b/activemodel/lib/active_model/locale/en.yml
@@ -1,4 +1,8 @@
 en:
+  attributes:
+    # Prevent confusion in form errors due to 'has_secure_password'
+    password_digest: "Password"
+
   errors:
     # The default format to use in full error messages.
     format: "%{attribute} %{message}"
diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb
index e7a57cf691..7c529cb67b 100644
--- a/activemodel/lib/active_model/secure_password.rb
+++ b/activemodel/lib/active_model/secure_password.rb
@@ -10,6 +10,19 @@ module ActiveModel
       # a "password_confirmation" attribute) are automatically added.
       # You can add more validations by hand if need be.
       #
+      # Note: the implementation of <tt>has_secure_password</tt> enforces presence validation
+      # on the <tt>:password_digest</tt> attribute rather than on <tt>:password</tt>, which is
+      # in fact a virtual reader attribute.  However, <tt>validates_confirmation_of</tt> ensures
+      # an indirect means of presence validation of <tt>:password</tt> if the
+      # <tt>:password_confirmation</tt> attribute is not nil.
+      #
+      # You may want to add presence validation on <tt>:password</tt> for the benefit of your forms
+      #
+      #   class User < ActiveRecord::Base
+      #     has_secure_password
+      #     validates :password, :presence => { :on => :create }
+      #   end
+      #
       # You need to add bcrypt-ruby (~> 3.0.0) to Gemfile to use has_secure_password:
       #
       #   gem 'bcrypt-ruby', '~> 3.0.0'
diff --git a/railties/guides/code/getting_started/config/initializers/secret_token.rb b/railties/guides/code/getting_started/config/initializers/secret_token.rb
index b0c8ee23c1..f36ebdda18 100644
--- a/railties/guides/code/getting_started/config/initializers/secret_token.rb
+++ b/railties/guides/code/getting_started/config/initializers/secret_token.rb
@@ -4,4 +4,6 @@
 # If you change this key, all old signed cookies will become invalid!
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
+# Make sure your secret key is kept private
+# if you're sharing your code publicly.
 Blog::Application.config.secret_token = '685a9bf865b728c6549a191c90851c1b5ec41ecb60b9e94ad79dd3f824749798aa7b5e94431901960bee57809db0947b481570f7f13376b7ca190fa28099c459'
diff --git a/railties/guides/source/active_support_core_extensions.textile b/railties/guides/source/active_support_core_extensions.textile
index 2091ce0395..5d0a3f82e8 100644
--- a/railties/guides/source/active_support_core_extensions.textile
+++ b/railties/guides/source/active_support_core_extensions.textile
@@ -509,55 +509,6 @@ end
 
 NOTE: Defined in +active_support/core_ext/module/aliasing.rb+.
 
-h5. +attr_accessor_with_default+
-
-The method +attr_accessor_with_default+ serves the same purpose as the Ruby macro +attr_accessor+ but allows you to set a default value for the attribute:
-
-<ruby>
-class Url
-  attr_accessor_with_default :port, 80
-end
-
-Url.new.port # => 80
-</ruby>
-
-The default value can be also specified with a block, which is called in the context of the corresponding object:
-
-<ruby>
-class User
-  attr_accessor :name, :surname
-  attr_accessor_with_default(:full_name) do
-    [name, surname].compact.join(" ")
-  end
-end
-
-u = User.new
-u.name = 'Xavier'
-u.surname = 'Noria'
-u.full_name # => "Xavier Noria"
-</ruby>
-
-The result is not cached, the block is invoked in each call to the reader.
-
-You can overwrite the default with the writer:
-
-<ruby>
-url = Url.new
-url.host # => 80
-url.host = 8080
-url.host # => 8080
-</ruby>
-
-The default value is returned as long as the attribute is unset. The reader does not rely on the value of the attribute to know whether it has to return the default. It rather monitors the writer: if there's any assignment the value is no longer considered to be unset.
-
-Active Resource uses this macro to set a default value for the +:primary_key+ attribute:
-
-<ruby>
-attr_accessor_with_default :primary_key, 'id'
-</ruby>
-
-NOTE: Defined in +active_support/core_ext/module/attr_accessor_with_default.rb+.
-
 h5. Internal Attributes
 
 When you are defining an attribute in a class that is meant to be subclassed, name collisions are a risk. That's remarkably important for libraries.
diff --git a/railties/guides/source/active_support_instrumentation.textile b/railties/guides/source/active_support_instrumentation.textile
index f9452400ad..8e2866dfc3 100644
--- a/railties/guides/source/active_support_instrumentation.textile
+++ b/railties/guides/source/active_support_instrumentation.textile
@@ -21,10 +21,67 @@ You are even able to create your own events inside your application which you ca
 
 h3. Rails framework hooks
 
+Within the Ruby on Rails framework, there are a number of hooks provided for common events. These are detailed below.
+
 h4. Action Mailer
 
+h5. receive.action_mailer
+
+This hook is called when the +receive+ method of an +ActionMailer::Base+ class is called:
+
+<ruby>
+  class Mailer < ActionMailer::Base
+    def receive(mail)
+
+    end
+  end
+</ruby>
+
+The payload for this event has the following parameters related to the incoming email:
+
+|_.Key       |_.Value|
+|mailer      |Name of the mailer class|
+|message_id  |ID of the message, generated by the Mail gem|
+|subject     |Subject of the mail|
+|to          |To address(es) of the mail|
+|from        |From address of the mail|
+|bcc         |BCC addresses of the mail|
+|cc          |CC addresses of the mail|
+|date        |Date of the mail|
+|mail        |The encoded form of the mail|
+
+h5. deliver.action_mailer
+
+This hook is called when the +deliver+ method is called on a +Mail::Message+ object. This is due to a hook inserted by Action Mailer, rather than a specific feature of the Mail gem itself.
+
+The payload for this event has the following parameters related to the outgoing email:
+
+|_.Key       |_.Value|
+|mailer      |Name of the mailer class|
+|message_id  |ID of the message, generated by the Mail gem|
+|subject     |Subject of the mail|
+|to          |To address(es) of the mail|
+|from        |From address of the mail|
+|bcc         |BCC addresses of the mail|
+|cc          |CC addresses of the mail|
+|date        |Date of the mail|
+|mail        |The encoded form of the mail|
+
+
 h4. Action Controller
 
+h5. write_fragment.action_controller
+
+h5. read_fragment.action_controller
+
+h5. exist_fragment?.action_controller
+
+h5. expire_fragment.action_controller
+
+h5. write_page.action_controller
+
+h5. expire_page.action_controller
+
 h4. Action View
 
 h4. Active Record
diff --git a/railties/guides/source/configuring.textile b/railties/guides/source/configuring.textile
index 0ab1076fff..7a93a30702 100644
--- a/railties/guides/source/configuring.textile
+++ b/railties/guides/source/configuring.textile
@@ -286,6 +286,8 @@ h4. Configuring Active Record
 
 * +config.active_record.dependent_restrict_raises+ will control the behavior when an object with a <tt>:dependent => :restrict</tt> association is deleted. Setting this to false will prevent +DeleteRestrictionError+ from being raised and instead will add an error on the model object. Defaults to false in the development mode.
 
+* +config.active_record.mass_assignment_sanitizer+ will determine the strictness of the mass assignment sanitization within Rails. Defaults to +:strict+. In this mode, mass assigning any non-+attr_accessible+ attribute in a +create+ or +update_attributes+ call will raise an exception. Setting this option to +:logger+ will only print to the log file when an attribute is being assigned and will not raise an exception.
+
 The MySQL adapter adds one additional configuration option:
 
 * +ActiveRecord::ConnectionAdapters::MysqlAdapter.emulate_booleans+ controls whether Active Record will consider all +tinyint(1)+ columns in a MySQL database to be booleans and is true by default.
diff --git a/railties/guides/source/contributing_to_ruby_on_rails.textile b/railties/guides/source/contributing_to_ruby_on_rails.textile
index aac5e13978..69a95ff214 100644
--- a/railties/guides/source/contributing_to_ruby_on_rails.textile
+++ b/railties/guides/source/contributing_to_ruby_on_rails.textile
@@ -374,6 +374,8 @@ Write your branch name in branch field (is filled with master by default) and pr
 
 Ensure the changesets you introduced are included in the "Commits" tab and that the "Files Changed" incorporate all of your changes.
 
+If possible, it is encouraged that you squash your commits into a single commit, this makes the pull to master easier, and simplifies the git log for the main repository, so your entire unit of work shows in a single line in the log.
+
 Fill in some details about your potential patch including a meaningful title. When finished, press "Send pull request." Rails Core will be notified about your submission.
 
 h4. Get Some Feedback
diff --git a/railties/guides/source/documents.yaml b/railties/guides/source/documents.yaml
index 08aafda288..1c8d7d284c 100644
--- a/railties/guides/source/documents.yaml
+++ b/railties/guides/source/documents.yaml
@@ -97,6 +97,10 @@
       url: asset_pipeline.html
       description: This guide documents the asset pipeline.
     - 
+      name: Getting Started with Engines
+      url: engines.html
+      description: This guide explains how to write a mountable engine.
+    - 
       name: The Rails Initialization Process
       work_in_progress: true
       url: initialization.html
diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt
index a3143f1346..e02397aaf9 100644
--- a/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt
+++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/secret_token.rb.tt
@@ -4,4 +4,6 @@
 # If you change this key, all old signed cookies will become invalid!
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
+# Make sure your secret_token is kept private
+# if you're sharing your code publicly.
 <%= app_const %>.config.secret_token = '<%= app_secret %>'