| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
Integrate strong_parameters in Rails 4
|
| |
| |
| |
| | |
StrongParameters protection
|
| |
| |
| |
| | |
reference from abstract_unit
|
| | |
|
| | |
|
| |
| |
| |
| | |
permissible params
|
| |
| |
| |
| | |
mass_assignment_sanitizers
|
|/
|
|
| |
option added (default is Monday)
|
| |
|
|
|
|
|
|
|
| |
I found them when I was running
warning mode on with railties
See https://github.com/rails/rails/pull/3782
|
| |
|
|\
| |
| | |
Implement :null_session CSRF protection method
|
| |
| |
| |
| |
| |
| |
| |
| | |
It's further work on CSRF after 245941101b1ea00a9b1af613c20b0ee994a43946.
The :null_session CSRF protection method provide an empty session during
request processing but doesn't reset it completely (as :reset_session
does).
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Users of other SCM's can now generate rails
apps that will add the "empty" directories to source control,
but will not have a useless .gitignore or mis-named .gitkeep
files.
* Change `rails new` and `rails plugin new` generators to name
the `.gitkeep` as `.keep` in a more SCM-agnostic way.
* Change `--skip-git` option to only skip the `.gitignore` file
and still generate the `.keep` files.
* Add `--skip-keeps` option to skip the `.keep` files.
It closes #2800.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This allow the users to do:
config.action_mailer.queue = MyQueue.new
and
class UsersMailer < ActionMailer::Base
self.queue = MyQueue.new
end
|
| |
| |
| |
| |
| | |
We should not let the users use the ThreadedConsumer without know about
the risks
|
|/
|
|
|
|
|
|
|
|
|
|
| |
- added tests to confirm establish_connection uses DATABASE_URL and
Rails.env correctly even when no arguments are passed in.
- updated rake db tasks to support DATABASE_URL, and added tests to
confirm correct behavior for these rake tasks. (Removed
establish_connection call from some tasks since in those cases
the :environment task already made sure the function would be called)
- updated Resolver so that when it resolves the database url, it
removes hash values with empty strings from the config spec (e.g.
to support connection to postgresql when no username is specified).
|
|
|
|
| |
We should show to user original issue if rake task will be aborted.
|
| |
|
|
|
|
| |
move validation to AR
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Option to run `bundle install` after generating new appplication was
added recently to rails. Since introduction, it contained a subtle bug
that caused it to use `Gemfile` from current directory (if it exists)
rather than from generated directory. This also accidentaly caused
railties tests to work without any problems - after generating test app
it just used `Gemfile` from the repository, rather than the one in
generated app. After fixing the bug mentioned above, this of course
broke. The easiest way to bypass that is to not generate a `Gemfile` for
test application - with such setup Bundler will just use first available
`Gemfile` in one of the parent directories.
|
|
|
|
|
|
|
|
| |
The cause of the previous revert was bug in bundler that made it hard to
make railties test work. Fix for bundler was recently pushed to github,
so now we can safely get back to the original commit.
This reverts commit 0f5cc34ab58cda99d1401ecc82e1ebb873838dd7.
|
| |
|
| |
|
|
|
|
|
|
| |
Tell people to install `activerecord-session_store` gem when it's not
installed instead ofraising `NameError` on missing
`ActionDispatch::Session::ActiveRecordStore`.
|
|
|
|
|
| |
This functionality will be available from gem
`active_record-session_store` instead.
|
|
|
|
|
|
|
| |
The reason the test was failing was because when the test
invokes `app.config`, the app is loaded and, as `eager_load`
is set to true, it disables the dependency loading mechanism,
so controllers that are later defined are not loaded.
|
| |
|
|
|
|
|
| |
These tests rely on "make_basic_app", which is a faster version that
does not need to create the whole app directory structure.
|
|
|
|
| |
Avoid output with config option not set when running some tests.
|
| |
|
|
|
|
|
|
|
| |
The new option allows any Ruby namespace to be registered and set
up for eager load. We are effectively exposing the structure existing
in Rails since v3.0 for all developers in order to make their applications
thread-safe and CoW friendly.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The flag was mainly used to add a Rack::Lock middleware to
the stack, but the only scenario the lock is desired is in
development.
If you are deploying on a not-threaded server, the Rack::Lock
does not provide any benefit since you don't have concurrent
accesses. On the other hand, if you are on a threaded server,
you don't want the lock, since it defeats the purpose of using
a threaded server.
If there is someone out there, running on a thread server
and does want a lock, it can be added to your environment
as easy as: `use Rack::Lock`
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the eager load behavior was mostly coupled to
config.cache_classes, however this was suboptimal since in
some environments a developer may want to cache classes but
not necessarily load them all on boot (for example, test env).
This pull request also promotes the use of config.eager_load
set to true by default in production. In the majority of the
cases, this is the behavior you want since it will copy most
of your app into memory on boot (which was also the previous
behavior).
Finally, this fix a long standing Rails bug where it was
impossible to access a model in a rake task when Rails was
set as thread safe.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When you mount your application at a path, for example /myapp, server
should set SCRIPT_NAME to /myapp. With such information, rails
application knows that it's mounted at /myapp path and it should generate
routes relative to that path.
Before this patch, rails handled SCRIPT_NAME correctly only for regular
apps, but it failed to do it for mounted engines. The solution was to
hardcode default_url_options[:script_name], which is not the best answer
- it will work only when application is mounted at a fixed path.
This patch fixes the situation by respecting original value of
SCRIPT_NAME when generating application's routes from engine and the
other way round - when you generate engine's routes from application.
This is done by using one of 2 pieces of information in env - current
SCRIPT_NAME or SCRIPT_NAME for a corresponding router. This is because
we have 2 cases to handle:
- generating engine's route from application: in this situation
SCRIPT_NAME is basically SCRIPT_NAME set by the server and it
indicates the place where application is mounted, so we can just pass
it as :original_script_name in url_options. :original_script_name is
used because if we use :script_name, router will ignore generating
prefix for engine
- generating application's route from engine: in this situation we
already lost information about the SCRIPT_NAME that server used. For
example if application is mounted at /myapp and engine is mounted at
/blog, at this point SCRIPT_NAME is equal /myapp/blog. Because of that
we need to keep reference to /myapp SCRIPT_NAME by binding it to the
current router. Later on we can extract it and use when generating url
Please note that starting from now you *should not* use
default_url_options[:script_name] explicitly if your server already
passes correct SCRIPT_NAME to rack env.
(closes #6933)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's not really a good idea to have this as a global config option. We
should allow people to specify the behaviour per association.
There will now be two new values:
* :dependent => :restrict_with_exception implements the current
behaviour of :restrict. :restrict itself is deprecated in favour of
:restrict_with_exception.
* :dependent => :restrict_with_error implements the new behaviour - it
adds an error to the owner if there are dependent records present
See #4727 for the original discussion of this.
|
| |
|
|
|
|
| |
basic data". I dont consider this something most people is going to want most of the time. If you want to add it in your own app, knock yourself out. But it doesnt belong in Rails imo
|
|
|
|
|
| |
Since b6ab4417720e03f1551abda2f1e4bd0a392dd04e the single quotes are
being escaped in the templates.
|
|
|
|
| |
Closes #7110 there's more work to do on rack-cache issue 69
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows us to do:
In your configuration:
Rails.queue[:image_queue] = SomeQueue.new
Rails.queue[:mail_queue] = SomeQueue.new
In your app code:
Rails.queue[:mail_queue].push MailJob.new
Both jobs pushed to the same default queue
Rails.queue.push DefaultJob.new
Rails.queue[:default].push DefaultJob.new
|
| |
|
|\
| |
| | |
Add indexes to create_join_table method
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For instance, running
rails g migration CreateMediaJoinTable artists musics:uniq
will create a migration with
create_join_table :artists, :musics do |t|
# t.index [:artist_id, :music_id]
t.index [:music_id, :artist_id], unique: true
end
|