diff options
Diffstat (limited to 'actionpack/lib/action_view')
-rw-r--r-- | actionpack/lib/action_view/helpers/asset_tag_helper.rb | 64 | ||||
-rw-r--r-- | actionpack/lib/action_view/helpers/csrf_helper.rb | 28 | ||||
-rw-r--r-- | actionpack/lib/action_view/helpers/form_helper.rb | 27 | ||||
-rw-r--r-- | actionpack/lib/action_view/render/partials.rb | 36 | ||||
-rw-r--r-- | actionpack/lib/action_view/test_case.rb | 6 |
5 files changed, 109 insertions, 52 deletions
diff --git a/actionpack/lib/action_view/helpers/asset_tag_helper.rb b/actionpack/lib/action_view/helpers/asset_tag_helper.rb index 3329a8b368..fdc40c8f2e 100644 --- a/actionpack/lib/action_view/helpers/asset_tag_helper.rb +++ b/actionpack/lib/action_view/helpers/asset_tag_helper.rb @@ -257,53 +257,53 @@ module ActionView end alias_method :path_to_javascript, :javascript_path # aliased to avoid conflicts with a javascript_path named route - # Returns an html script tag for each of the +sources+ provided. You - # can pass in the filename (.js extension is optional) of javascript files - # that exist in your public/javascripts directory for inclusion into the + # Returns an HTML script tag for each of the +sources+ provided. You + # can pass in the filename (.js extension is optional) of JavaScript files + # that exist in your <tt>public/javascripts</tt> directory for inclusion into the # current page or you can pass the full path relative to your document - # root. To include the Prototype and Scriptaculous javascript libraries in + # root. To include the Prototype and Scriptaculous JavaScript libraries in # your application, pass <tt>:defaults</tt> as the source. When using - # <tt>:defaults</tt>, if an application.js file exists in your public - # javascripts directory, it will be included as well. You can modify the - # html attributes of the script tag by passing a hash as the last argument. + # <tt>:defaults</tt>, if an <tt>application.js</tt> file exists in + # <tt>public/javascripts</tt> it will be included as well. You can modify the + # HTML attributes of the script tag by passing a hash as the last argument. # # ==== Examples # javascript_include_tag "xmlhr" # => - # <script type="text/javascript" src="/javascripts/xmlhr.js"></script> + # <script type="text/javascript" src="/javascripts/xmlhr.js?1284139606"></script> # # javascript_include_tag "xmlhr.js" # => - # <script type="text/javascript" src="/javascripts/xmlhr.js"></script> + # <script type="text/javascript" src="/javascripts/xmlhr.js?1284139606"></script> # # javascript_include_tag "common.javascript", "/elsewhere/cools" # => - # <script type="text/javascript" src="/javascripts/common.javascript"></script> - # <script type="text/javascript" src="/elsewhere/cools.js"></script> + # <script type="text/javascript" src="/javascripts/common.javascript?1284139606"></script> + # <script type="text/javascript" src="/elsewhere/cools.js?1423139606"></script> # # javascript_include_tag "http://www.railsapplication.com/xmlhr" # => - # <script type="text/javascript" src="http://www.railsapplication.com/xmlhr.js"></script> + # <script type="text/javascript" src="http://www.railsapplication.com/xmlhr.js?1284139606"></script> # # javascript_include_tag "http://www.railsapplication.com/xmlhr.js" # => - # <script type="text/javascript" src="http://www.railsapplication.com/xmlhr.js"></script> + # <script type="text/javascript" src="http://www.railsapplication.com/xmlhr.js?1284139606"></script> # # javascript_include_tag :defaults # => - # <script type="text/javascript" src="/javascripts/prototype.js"></script> - # <script type="text/javascript" src="/javascripts/effects.js"></script> + # <script type="text/javascript" src="/javascripts/prototype.js?1284139606"></script> + # <script type="text/javascript" src="/javascripts/effects.js?1284139606"></script> # ... - # <script type="text/javascript" src="/javascripts/application.js"></script> + # <script type="text/javascript" src="/javascripts/application.js?1284139606"></script> # # * = The application.js file is only referenced if it exists # # Though it's not really recommended practice, if you need to extend the default JavaScript set for any reason # (e.g., you're going to be using a certain .js file in every action), then take a look at the register_javascript_include_default method. # - # You can also include all javascripts in the javascripts directory using <tt>:all</tt> as the source: + # You can also include all javascripts in the +javascripts+ directory using <tt>:all</tt> as the source: # # javascript_include_tag :all # => - # <script type="text/javascript" src="/javascripts/prototype.js"></script> - # <script type="text/javascript" src="/javascripts/effects.js"></script> + # <script type="text/javascript" src="/javascripts/prototype.js?1284139606"></script> + # <script type="text/javascript" src="/javascripts/effects.js?1284139606"></script> # ... - # <script type="text/javascript" src="/javascripts/application.js"></script> - # <script type="text/javascript" src="/javascripts/shop.js"></script> - # <script type="text/javascript" src="/javascripts/checkout.js"></script> + # <script type="text/javascript" src="/javascripts/application.js?1284139606"></script> + # <script type="text/javascript" src="/javascripts/shop.js?1284139606"></script> + # <script type="text/javascript" src="/javascripts/checkout.js?1284139606"></script> # # Note that the default javascript files will be included first. So Prototype and Scriptaculous are available to # all subsequently included files. @@ -321,23 +321,23 @@ module ActionView # # ==== Examples # javascript_include_tag :all, :cache => true # when config.perform_caching is false => - # <script type="text/javascript" src="/javascripts/prototype.js"></script> - # <script type="text/javascript" src="/javascripts/effects.js"></script> + # <script type="text/javascript" src="/javascripts/prototype.js?1284139606"></script> + # <script type="text/javascript" src="/javascripts/effects.js?1284139606"></script> # ... - # <script type="text/javascript" src="/javascripts/application.js"></script> - # <script type="text/javascript" src="/javascripts/shop.js"></script> - # <script type="text/javascript" src="/javascripts/checkout.js"></script> + # <script type="text/javascript" src="/javascripts/application.js?1284139606"></script> + # <script type="text/javascript" src="/javascripts/shop.js?1284139606"></script> + # <script type="text/javascript" src="/javascripts/checkout.js?1284139606"></script> # # javascript_include_tag :all, :cache => true # when config.perform_caching is true => - # <script type="text/javascript" src="/javascripts/all.js"></script> + # <script type="text/javascript" src="/javascripts/all.js?1344139789"></script> # # javascript_include_tag "prototype", "cart", "checkout", :cache => "shop" # when config.perform_caching is false => - # <script type="text/javascript" src="/javascripts/prototype.js"></script> - # <script type="text/javascript" src="/javascripts/cart.js"></script> - # <script type="text/javascript" src="/javascripts/checkout.js"></script> + # <script type="text/javascript" src="/javascripts/prototype.js?1284139606"></script> + # <script type="text/javascript" src="/javascripts/cart.js?1289139157"></script> + # <script type="text/javascript" src="/javascripts/checkout.js?1299139816"></script> # # javascript_include_tag "prototype", "cart", "checkout", :cache => "shop" # when config.perform_caching is true => - # <script type="text/javascript" src="/javascripts/shop.js"></script> + # <script type="text/javascript" src="/javascripts/shop.js?1299139816"></script> # # The <tt>:recursive</tt> option is also available for caching: # diff --git a/actionpack/lib/action_view/helpers/csrf_helper.rb b/actionpack/lib/action_view/helpers/csrf_helper.rb index 3d03f6aac6..65c8debc76 100644 --- a/actionpack/lib/action_view/helpers/csrf_helper.rb +++ b/actionpack/lib/action_view/helpers/csrf_helper.rb @@ -1,14 +1,30 @@ +require 'active_support/core_ext/string/strip' + module ActionView # = Action View CSRF Helper module Helpers module CsrfHelper - # Returns a meta tag with the cross-site request forgery protection token - # for forms to use. Place this in your head. - def csrf_meta_tag - if protect_against_forgery? - %(<meta name="csrf-param" content="#{Rack::Utils.escape_html(request_forgery_protection_token)}"/>\n<meta name="csrf-token" content="#{Rack::Utils.escape_html(form_authenticity_token)}"/>).html_safe - end + # Returns meta tags "csrf-param" and "csrf-token" with the name of the cross-site + # request forgery protection parameter and token, respectively. + # + # <head> + # <%= csrf_meta_tags %> + # </head> + # + # These are used to generate the dynamic forms that implement non-remote links with + # <tt>:method</tt>. + # + # Note that regular forms generate hidden fields, and that Ajax calls are whitelisted, + # so they do not use these tags. + def csrf_meta_tags + <<-METAS.strip_heredoc.chomp.html_safe if protect_against_forgery? + <meta name="csrf-param" content="#{Rack::Utils.escape_html(request_forgery_protection_token)}"/> + <meta name="csrf-token" content="#{Rack::Utils.escape_html(form_authenticity_token)}"/> + METAS end + + # For backwards compatibility. + alias csrf_meta_tag csrf_meta_tags end end end diff --git a/actionpack/lib/action_view/helpers/form_helper.rb b/actionpack/lib/action_view/helpers/form_helper.rb index 43dbedc448..79a9d997dd 100644 --- a/actionpack/lib/action_view/helpers/form_helper.rb +++ b/actionpack/lib/action_view/helpers/form_helper.rb @@ -293,31 +293,32 @@ module ActionView # # If you don't need to attach a form to a model instance, then check out # FormTagHelper#form_tag. - def form_for(record_or_name_or_array, *args, &proc) + def form_for(record, record_object = nil, options = nil, &proc) raise ArgumentError, "Missing block" unless block_given? - options = args.extract_options! + options, record_object = record_object, nil if record_object.is_a?(Hash) + options ||= {} - case record_or_name_or_array + case record when String, Symbol - ActiveSupport::Deprecation.warn("Using form_for(:name, @resource) is deprecated. Please use form_for(@resource, :as => :name) instead.", caller) unless args.empty? - object_name = record_or_name_or_array + ActiveSupport::Deprecation.warn("Using form_for(:name, @resource) is deprecated. Please use form_for(@resource, :as => :name) instead.", caller) if record_object + object_name = record + object = record_object when Array - object = record_or_name_or_array.last + object = record.last object_name = options[:as] || ActiveModel::Naming.param_key(object) - apply_form_for_options!(record_or_name_or_array, options) - args.unshift object + apply_form_for_options!(record, options) else - object = record_or_name_or_array + object = record object_name = options[:as] || ActiveModel::Naming.param_key(object) apply_form_for_options!([object], options) - args.unshift object end - (options[:html] ||= {})[:remote] = true if options.delete(:remote) + options[:html] ||= {} + options[:html][:remote] = options.delete(:remote) - output = form_tag(options.delete(:url) || {}, options.delete(:html) || {}) - output << fields_for(object_name, *(args << options), &proc) + output = form_tag(options.delete(:url) || {}, options.delete(:html) || {}) + output << fields_for(object_name, object, options, &proc) output.safe_concat('</form>') end diff --git a/actionpack/lib/action_view/render/partials.rb b/actionpack/lib/action_view/render/partials.rb index 92cdbfb3af..cc9b444837 100644 --- a/actionpack/lib/action_view/render/partials.rb +++ b/actionpack/lib/action_view/render/partials.rb @@ -26,6 +26,35 @@ module ActionView # This would first render "advertiser/_account.erb" with @buyer passed in as the local variable +account+, then # render "advertiser/_ad.erb" and pass the local variable +ad+ to the template for display. # + # == The :as and :object options + # + # By default <tt>ActionView::Partials::PartialRenderer</tt> has its object in a local variable with the same + # name as the template. So, given + # + # <%= render :partial => "contract" %> + # + # within contract we'll get <tt>@contract</tt> in the local variable +contract+, as if we had written + # + # <%= render :partial => "contract", :locals => { :contract => @contract } %> + # + # With the <tt>:as</tt> option we can specify a different name for said local variable. For example, if we + # wanted it to be +agreement+ instead of +contract+ we'd do: + # + # <%= render :partial => "contract", :as => :agreement %> + # + # The <tt>:object</tt> option can be used to directly specify which object is rendered into the partial; + # useful when the template's object is elsewhere, in a different ivar or in a local variable for instance. + # + # Revisiting a previous example we could have written this code: + # + # <%= render :partial => "account", :object => @buyer %> + # + # <% for ad in @advertisements %> + # <%= render :partial => "ad", :object => ad %> + # <% end %> + # + # The <tt>:object</tt> and <tt>:as</tt> options can be used together. + # # == Rendering a collection of partials # # The example of partial use describes a familiar pattern where a template needs to iterate over an array and @@ -39,6 +68,13 @@ module ActionView # iteration counter will automatically be made available to the template with a name of the form # +partial_name_counter+. In the case of the example above, the template would be fed +ad_counter+. # + # The <tt>:as</tt> option may be used when rendering partials. + # + # You can specify a partial to be rendered between elements via the <tt>:spacer_template</tt> option. + # The following example will render <tt>advertiser/_ad_divider.html.erb</tt> between each ad partial: + # + # <%= render :partial => "ad", :collection => @advertisements, :spacer_template => "ad_divider" %> + # # NOTE: Due to backwards compatibility concerns, the collection can't be one of hashes. Normally you'd also # just keep domain objects, like Active Records, in there. # diff --git a/actionpack/lib/action_view/test_case.rb b/actionpack/lib/action_view/test_case.rb index e9d2e0b843..2c2661df26 100644 --- a/actionpack/lib/action_view/test_case.rb +++ b/actionpack/lib/action_view/test_case.rb @@ -74,6 +74,11 @@ module ActionView @helper_class ||= determine_default_helper_class(name) end + def new(*) + include_helper_modules! + super + end + private def include_helper_modules! @@ -89,7 +94,6 @@ module ActionView @output_buffer = ActiveSupport::SafeBuffer.new @rendered = '' - self.class.send(:include_helper_modules!) make_test_case_available_to_view! say_no_to_protect_against_forgery! end |