| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Rather than protecting from forgery in the generated
ApplicationController, add it to ActionController::Base by config. This
configuration defaults to false to support older versions which have
removed it from their ApplicationController, but is set to true for
Rails 5.2.
|
|
|
|
|
|
|
|
|
| |
Currently the environment file is not loaded in `dbconsole` command.
Therefore, for example, if use encrypted secrets values in database.yml,
`read_encrypted_secrets` will not be true, so the value can not be
used correctly.
Fixes #29717
|
|\
| |
| |
| | |
Fix Parameters configuration integration tests
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
These tests relied on `ActionController::Parameters` being configured as
part of the boot process; since that now happens lazily we need to force
`ActionController::Base` to load so that we can test the behaviour.
The new tests added here ensure that `ActionController::Parameters` can
be configured from an initializer, which was broken until recently.
|
|/
|
|
|
|
|
| |
Now that the parameters configurations are only loaded when
ActionController::Base is we need to foce them to load in our tests. In
an application this is not needed since every request already load the
controllers.
|
|
|
|
| |
It is covered by following assertion.
|
| |
|
|
|
|
|
| |
This reverts commit 3420a14590c0e6915d8b6c242887f74adb4120f9, reversing
changes made to afb66a5a598ce4ac74ad84b125a5abf046dcf5aa.
|
|\
| |
| |
| | |
Enforce frozen string in Rubocop
|
| | |
|
|/
|
|
|
|
|
|
|
| |
If system test fails, it creates screenshot under `tmp/screenshots`.
https://github.com/rails/rails/blob/34fe2a4fc778d18b7fe6bdf3629c1481bee789b9/actionpack/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb#L45
But currently, screenshot files is not cleared by `tmp:clear` task.
This patch make clears screenshot files with `tmp:clear` task as well
as other tmp files.
|
| |
|
|\
| |
| | |
AEAD encrypted cookies and sessions
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit changes encrypted cookies from AES in CBC HMAC mode to
Authenticated Encryption using AES-GCM. It also provides a cookie jar
to transparently upgrade encrypted cookies to this new scheme. Some
other notable changes include:
- There is a new application configuration value:
+use_authenticated_cookie_encryption+. When enabled, AEAD encrypted
cookies will be used.
- +cookies.signed+ does not raise a +TypeError+ now if the name of an
encrypted cookie is used. Encrypted cookies using the same key as
signed cookies would be verified and serialization would then fail
due the message still be encrypted.
|
| |
| |
| |
| |
| | |
The app is booted by then, so there's no need to stash the code away in
some other script.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
singleton (#29180)
* Add ActiveSupport::CurrentAttributes to provide a thread-isolated attributes singleton
* Need to require first
* Move stubs into test namespace.
Thus they won't conflict with other Current and Person stubs.
* End of the line for you, whitespace!
* Support super in attribute methods.
Define instance level accessors in an included module such that
`super` in an overriden accessor works, akin to Active Model.
* Spare users the manual require.
Follow the example of concerns, autoload in the top level Active Support file.
* Add bidelegation support
* Rename #expose to #set. Simpler, clearer
* Automatically reset every instance.
Skips the need for users to actively embed something that resets
their CurrentAttributes instances.
* Fix test name; add tangible name value when blank.
* Try to ensure we run after a request as well.
* Delegate all missing methods to the instance
This allows regular `delegate` to serve, so we don't need bidelegate.
* Properly test resetting after execution cycle.
Also remove the stale puts debugging.
* Update documentation to match new autoreset
|
|/
|
|
|
|
| |
".. with __dir__ we can restore order in the Universe." - by @fxn
Related to 5b8738c2df003a96f0e490c43559747618d10f5f
|
| |
|
|
|
|
| |
Fixes #28988
|
|
|
|
| |
Fix #28905
|
|\
| |
| | |
Added a shared section to config/database.yml that will be loaded for all envs
|
| |
| |
| |
| | |
environments
|
|\ \
| | |
| | | |
Do not try to encoding the parameters when the controller is not defined
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When you have a route that points to an nonexistent controller we raise
an exception.
This exception was being caught by the DebugExceptions middleware in
development, but when trying to render the error page, we are reading
the request format[[1][]]. To determine the request format we are reading
the format parameters[[2][]], and to be able to read the parameters we need
to encode them[[3][]]. This was raising another exception that to encode the
parameter we try to load the controller to determine if we need to
encode the parameters are binary[[4][]]. This new exception inside the
DebugExceptions middleware makes Rails to render a generic error page.
To avoid this new exception now we only encode the parameters when the
controller can be loaded.
Fixes #28892
[1]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb#L80
[2]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/http/mime_negotiation.rb#L63
[3]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/http/parameters.rb#L58
[4]: https://github.com/rails/rails/blob/f52cdaac6336f99d13622ff9bda556a3124a4121/actionpack/lib/action_dispatch/http/parameters.rb#L88
|
|\ \
| |/
|/| |
Pass request params to ActionMailer::Preview
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
specified
Without this check, even if config is not specified, `ActionView::Helpers::FormHelper.form_with_generates_remote_forms`
always be set to nil and remote form not be generated.
Follow up to 128b804c6ce40fcbde744f294f8cb98654f6efec
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This configuration is not present in ActionView::Base so we can't let
the action_view.set_configs initializer set it.
Also add tests to make sure this config works.
Fixes #28824
|
| |
| |
| |
| |
| | |
Raise error on the movement of migrations
when the current migration does not exist.
|
| | |
|
| | |
|
|\ \
| | |
| | | |
Clear active connections after initialization
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Any connections that were checked out during initialization should be
checked back in before the first request is processed, for two reasons:
- Returning the connection to the pool allows it to be health checked
before it's used again. If the connection dies before the first
request arrives, the health check will replace it with a new one.
- If the thread that initialized Rails is not the same thread that will
be performing work, checking in the connection will allow it to be
reused instead of being stuck to the initialization thread forever.
|
| | |
| | |
| | |
| | |
| | |
| | | |
With Rack::Test the headers needs to match the `HTTP_` format. The tests
were passing before because they are not asserting the response was a
cache hit.
|
|\ \ \
| | | |
| | | | |
fix migrate with empty version
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add stronger assertions to rake migration tasks to make sure the user is providing a numeric VERSION
An empty string was getting converted to version = 0. This would in turn pass the presence check.
Address linting warning
Add test for rake task and refactor code to meet expectations
In particular passing VERSION=0 should not raise an error.
Addressed Comments for PR #28485. Trimmed empty lines + change of wording for error message
Adjust test for change of wording in error message
Change condition to follow rails idioms
|
|/ / / |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
The code itself should not be in the ARGV vector.
Fixes #28515
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
These tests may be expansive so let's only allow users to run them
through `bin/rails test:system` or by passing a path to the `test`
command.
The same applies for `bin/rake test`.
Refs #28109.
|
| |/
|/|
| |
| |
| |
| |
| |
| | |
If application has ajax, browser may begin request after rollback.
`teardown_fixtures` will be called after `super` on `after_teardown`
so we must call `Capybara.reset_sessions!` before `super`
https://github.com/rails/rails/blob/b61a56541aecd7ac685d4f19d943177a3f1b465a/activerecord/lib/active_record/fixtures.rb#L857
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Would have caught that the invoke changes broke rake delegation
behavior.
And we do ship the behavior so we should test it.
|
| |
| |
| |
| |
| | |
Use a separate method called `resolve` for the custom polymorphic
mapping to clarify the API.
|
| |
| |
| |
| |
| |
| | |
Using `undef_method` means that when a route is removed any other
implementations of that method in the ancestor chain are inaccessible
so instead use `remove_method` which restores access to the ancestor.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow the use of `direct` to specify custom mappings for polymorphic_url, e.g:
resource :basket
direct(class: "Basket") { [:basket] }
This will then generate the following:
>> link_to "Basket", @basket
=> <a href="/basket">Basket</a>
More importantly it will generate the correct url when used with `form_for`.
Fixes #1769.
|
| | |
|