From e57cb2629ac4971a5dcb1cf8bb2f6d0509317928 Mon Sep 17 00:00:00 2001 From: Mike Gunderloy Date: Wed, 7 Jan 2009 16:59:06 +1300 Subject: Update CI configuration to reflect latest gems. --- ci/ci_build.rb | 15 ++++++++------- ci/ci_setup_notes.txt | 11 +++++++++++ ci/cruise_config.rb | 3 ++- ci/geminstaller.yml | 8 +++++++- 4 files changed, 28 insertions(+), 9 deletions(-) diff --git a/ci/ci_build.rb b/ci/ci_build.rb index 7b9cdceb27..010f78ba09 100755 --- a/ci/ci_build.rb +++ b/ci/ci_build.rb @@ -23,6 +23,7 @@ cd "#{root_dir}/activesupport" do build_results[:activesupport] = system 'rake' end +rm_f "#{root_dir}/activerecord/debug.log" cd "#{root_dir}/activerecord" do puts puts "[CruiseControl] Building ActiveRecord with MySQL" @@ -37,13 +38,12 @@ cd "#{root_dir}/activerecord" do build_results[:activerecord_postgresql8] = system 'rake test_postgresql' end -# Sqlite2 is disabled until tests are fixed -# cd "#{root_dir}/activerecord" do -# puts -# puts "[CruiseControl] Building ActiveRecord with SQLite 2" -# puts -# build_results[:activerecord_sqlite] = system 'rake test_sqlite' -# end +cd "#{root_dir}/activerecord" do + puts + puts "[CruiseControl] Building ActiveRecord with SQLite 2" + puts + build_results[:activerecord_sqlite] = system 'rake test_sqlite' +end cd "#{root_dir}/activerecord" do puts @@ -59,6 +59,7 @@ cd "#{root_dir}/activemodel" do build_results[:activemodel] = system 'rake' end +rm_f "#{root_dir}/activeresource/debug.log" cd "#{root_dir}/activeresource" do puts puts "[CruiseControl] Building ActiveResource" diff --git a/ci/ci_setup_notes.txt b/ci/ci_setup_notes.txt index 86df33c443..b3c5936797 100644 --- a/ci/ci_setup_notes.txt +++ b/ci/ci_setup_notes.txt @@ -54,10 +54,14 @@ ci ALL=NOPASSWD: /usr/local/bin/geminstaller, /usr/local/bin/ruby, /usr/loc * Install/setup nginx: $ sudo aptitude install nginx $ sudo vi /etc/nginx/sites-available/default +# Change server_name entry to match server name + # comment two lines and add one to proxy to ccrb: # root /var/www/nginx-default; # index index.html index.htm; proxy_pass http://127.0.0.1:3333; + +# also comment default locations for /doc and /images $ sudo /etc/init.d/nginx start * Add project to cruise (It will still fail until everything is set up): @@ -101,6 +105,13 @@ $ sudo aptitude install sqlite sqlite3 libsqlite-dev libsqlite3-dev $ sudo aptitude install postgresql postgresql-server-dev-8.3 $ sudo su - postgres -c 'createuser -s ci' +* Install fcgi libraries +$ sudo apt-get install libfcgi-dev + +* Install memcached and start for first time (should start on reboot automatically) +$ sudo aptitude install memcached +$ sudo /etc/init.d/memcached start + * Install and run GemInstaller to get all dependency gems $ sudo gem install geminstaller $ cd ~/.cruise/projects/rails/work diff --git a/ci/cruise_config.rb b/ci/cruise_config.rb index 46325f5ebd..7985e3c8df 100644 --- a/ci/cruise_config.rb +++ b/ci/cruise_config.rb @@ -1,5 +1,6 @@ Project.configure do |project| project.build_command = 'ruby ci/ci_build.rb' - project.email_notifier.emails = ['thewoolleyman@gmail.com','michael@koziarski.com', 'david@loudthinking.com', 'jeremy@bitsweat.net', 'josh@joshpeek.com', 'pratiknaik@gmail.com'] + project.email_notifier.emails = ['thewoolleyman@gmail.com'] +# project.email_notifier.emails = ['thewoolleyman@gmail.com','michael@koziarski.com', 'david@loudthinking.com', 'jeremy@bitsweat.net', 'josh@joshpeek.com', 'pratiknaik@gmail.com', 'wycats@gmail.com'] project.email_notifier.from = 'thewoolleyman+railsci@gmail.com' end diff --git a/ci/geminstaller.yml b/ci/geminstaller.yml index 3a1862c3c3..4251518999 100644 --- a/ci/geminstaller.yml +++ b/ci/geminstaller.yml @@ -2,13 +2,19 @@ gems: - name: geminstaller version: >= 0.4.3 +- name: fcgi + version: >= 0.8.7 +- name: memcache-client + version: >= 1.5.0 - name: mocha - version: >= 0.9.0 + version: >= 0.9.4 - name: mysql #version: >= 2.7 version: = 2.7 - name: postgres version: >= 0.7.9.2008.01.28 +- name: rack + version: '~> 0.9.0' - name: rake version: >= 0.8.1 - name: sqlite-ruby -- cgit v1.2.3 From eb9af20b7cc0e374277cf330bdd404f9daab28ec Mon Sep 17 00:00:00 2001 From: Yehuda Katz Date: Thu, 22 Jan 2009 16:18:10 -0600 Subject: Begin unifying the interface between ActionController and ActionView --- actionmailer/lib/action_mailer/base.rb | 65 +++-- actionmailer/test/mail_service_test.rb | 26 +- actionpack/lib/action_controller.rb | 2 + actionpack/lib/action_controller/base.rb | 258 ++++++++++-------- actionpack/lib/action_controller/layout.rb | 144 ++++------ actionpack/lib/action_controller/mime_responds.rb | 9 +- actionpack/lib/action_controller/mime_type.rb | 14 +- actionpack/lib/action_controller/request.rb | 35 ++- actionpack/lib/action_controller/rescue.rb | 10 +- .../templates/rescues/diagnostics.erb | 5 +- actionpack/lib/action_view.rb | 19 +- actionpack/lib/action_view/base.rb | 91 +------ .../lib/action_view/helpers/prototype_helper.rb | 6 +- actionpack/lib/action_view/inline_template.rb | 19 -- actionpack/lib/action_view/partials.rb | 235 ---------------- actionpack/lib/action_view/paths.rb | 16 +- actionpack/lib/action_view/render/partials.rb | 300 +++++++++++++++++++++ actionpack/lib/action_view/render/rendering.rb | 119 ++++++++ actionpack/lib/action_view/renderable.rb | 96 ------- actionpack/lib/action_view/renderable_partial.rb | 47 ---- actionpack/lib/action_view/template.rb | 235 ---------------- actionpack/lib/action_view/template/error.rb | 99 +++++++ actionpack/lib/action_view/template/handler.rb | 34 +++ actionpack/lib/action_view/template/handlers.rb | 48 ++++ .../lib/action_view/template/handlers/builder.rb | 17 ++ .../lib/action_view/template/handlers/erb.rb | 22 ++ .../lib/action_view/template/handlers/rjs.rb | 13 + actionpack/lib/action_view/template/inline.rb | 19 ++ actionpack/lib/action_view/template/partial.rb | 18 ++ actionpack/lib/action_view/template/renderable.rb | 74 +++++ actionpack/lib/action_view/template/template.rb | 241 +++++++++++++++++ actionpack/lib/action_view/template_error.rb | 99 ------- actionpack/lib/action_view/template_handler.rb | 34 --- actionpack/lib/action_view/template_handlers.rb | 48 ---- .../lib/action_view/template_handlers/builder.rb | 17 -- .../lib/action_view/template_handlers/erb.rb | 22 -- .../lib/action_view/template_handlers/rjs.rb | 13 - actionpack/lib/action_view/test_case.rb | 19 +- actionpack/test/controller/layout_test.rb | 38 ++- actionpack/test/controller/mime_responds_test.rb | 2 +- actionpack/test/controller/render_test.rb | 6 +- actionpack/test/controller/view_paths_test.rb | 2 +- .../test/fixtures/layout_tests/views/goodbye.rhtml | 1 + actionpack/test/template/javascript_helper_test.rb | 2 +- actionpack/test/template/prototype_helper_test.rb | 2 +- actionpack/test/template/render_test.rb | 2 +- activesupport/lib/active_support.rb | 1 + .../lib/active_support/buffered_logger.rb | 16 +- activesupport/lib/active_support/callbacks.rb | 2 +- .../lib/active_support/concurrent_hash.rb | 26 ++ .../core_ext/class/attribute_accessors.rb | 4 +- .../core_ext/class/delegating_attributes.rb | 10 +- .../core_ext/class/inheritable_attributes.rb | 22 +- .../core_ext/module/attribute_accessors.rb | 4 +- activesupport/lib/active_support/core_ext/proc.rb | 6 +- .../active_support/core_ext/string/multibyte.rb | 6 +- activesupport/lib/active_support/deprecation.rb | 2 +- activesupport/lib/active_support/memoizable.rb | 2 +- activesupport/lib/active_support/mini.rb | 9 + .../active_support/multibyte/unicode_database.rb | 10 +- activesupport/lib/active_support/time_with_zone.rb | 8 +- 61 files changed, 1487 insertions(+), 1284 deletions(-) delete mode 100644 actionpack/lib/action_view/inline_template.rb delete mode 100644 actionpack/lib/action_view/partials.rb create mode 100644 actionpack/lib/action_view/render/partials.rb create mode 100644 actionpack/lib/action_view/render/rendering.rb delete mode 100644 actionpack/lib/action_view/renderable.rb delete mode 100644 actionpack/lib/action_view/renderable_partial.rb delete mode 100644 actionpack/lib/action_view/template.rb create mode 100644 actionpack/lib/action_view/template/error.rb create mode 100644 actionpack/lib/action_view/template/handler.rb create mode 100644 actionpack/lib/action_view/template/handlers.rb create mode 100644 actionpack/lib/action_view/template/handlers/builder.rb create mode 100644 actionpack/lib/action_view/template/handlers/erb.rb create mode 100644 actionpack/lib/action_view/template/handlers/rjs.rb create mode 100644 actionpack/lib/action_view/template/inline.rb create mode 100644 actionpack/lib/action_view/template/partial.rb create mode 100644 actionpack/lib/action_view/template/renderable.rb create mode 100644 actionpack/lib/action_view/template/template.rb delete mode 100644 actionpack/lib/action_view/template_error.rb delete mode 100644 actionpack/lib/action_view/template_handler.rb delete mode 100644 actionpack/lib/action_view/template_handlers.rb delete mode 100644 actionpack/lib/action_view/template_handlers/builder.rb delete mode 100644 actionpack/lib/action_view/template_handlers/erb.rb delete mode 100644 actionpack/lib/action_view/template_handlers/rjs.rb create mode 100644 actionpack/test/fixtures/layout_tests/views/goodbye.rhtml create mode 100644 activesupport/lib/active_support/concurrent_hash.rb create mode 100644 activesupport/lib/active_support/mini.rb diff --git a/actionmailer/lib/action_mailer/base.rb b/actionmailer/lib/action_mailer/base.rb index eda5de4e18..473703b629 100644 --- a/actionmailer/lib/action_mailer/base.rb +++ b/actionmailer/lib/action_mailer/base.rb @@ -371,6 +371,14 @@ module ActionMailer #:nodoc: attr_reader :mail attr_reader :template_name, :default_template_name, :action_name + def controller_path + self.class.controller_path + end + + def formats + @template.formats + end + class << self attr_writer :mailer_name @@ -464,7 +472,7 @@ module ActionMailer #:nodoc: # have not already been specified manually. if @parts.empty? Dir.glob("#{template_path}/#{@template}.*").each do |path| - template = template_root["#{mailer_name}/#{File.basename(path)}"] + template = template_root.find_template("#{mailer_name}/#{File.basename(path)}") # Skip unless template has a multipart format next unless template && template.multipart? @@ -473,7 +481,7 @@ module ActionMailer #:nodoc: :content_type => template.content_type, :disposition => "inline", :charset => charset, - :body => render_message(template, @body) + :body => render_template(template, @body) ) end unless @parts.empty? @@ -487,7 +495,7 @@ module ActionMailer #:nodoc: # normal template exists (or if there were no implicit parts) we render # it. template_exists = @parts.empty? - template_exists ||= template_root["#{mailer_name}/#{@template}"] + template_exists ||= template_root.find_template("#{mailer_name}/#{@template}") @body = render_message(@template, @body) if template_exists # Finally, if there are other message parts and a textual body exists, @@ -512,6 +520,7 @@ module ActionMailer #:nodoc: # no alternate has been given as the parameter, this will fail. def deliver!(mail = @mail) raise "no mail object available for delivery!" unless mail + unless logger.nil? logger.info "Sent mail to #{Array(recipients).join(', ')}" logger.debug "\n#{mail.encoded}" @@ -543,27 +552,43 @@ module ActionMailer #:nodoc: @mime_version = @@default_mime_version.dup if @@default_mime_version end - def render_message(method_name, body) - if method_name.respond_to?(:content_type) - @current_template_content_type = method_name.content_type + def render_template(template, body) + if template.respond_to?(:content_type) + @current_template_content_type = template.content_type end + + @template = initialize_template_class(body) + layout = _pick_layout(layout, true) unless template.exempt_from_layout? + @template._render_template_with_layout(template, layout, {}) + ensure + @current_template_content_type = nil + end + + def render_message(method_name, body) render :file => method_name, :body => body ensure @current_template_content_type = nil end def render(opts) - body = opts.delete(:body) - if opts[:file] && (opts[:file] !~ /\// && !opts[:file].respond_to?(:render)) - opts[:file] = "#{mailer_name}/#{opts[:file]}" - end - + layout, file = opts.delete(:layout), opts[:file] + begin - old_template, @template = @template, initialize_template_class(body) - layout = respond_to?(:pick_layout, true) ? pick_layout(opts) : false - @template.render(opts.merge(:layout => layout)) - ensure - @template = old_template + @template = initialize_template_class(opts.delete(:body)) + + if file + prefix = mailer_name unless file =~ /\// + template = view_paths.find_by_parts(file, formats, prefix) + end + + layout = _pick_layout(layout, + !template || !template.exempt_from_layout?) + + if template + @template._render_template_with_layout(template, layout, opts) + elsif inline = opts[:inline] + @template._render_inline(inline, layout, opts) + end end end @@ -575,12 +600,6 @@ module ActionMailer #:nodoc: end end - def candidate_for_layout?(options) - !self.view_paths.find_template(default_template_name, default_template_format).exempt_from_layout? - rescue ActionView::MissingTemplate - return true - end - def template_root self.class.template_root end @@ -595,7 +614,7 @@ module ActionMailer #:nodoc: def initialize_template_class(assigns) template = ActionView::Base.new(view_paths, assigns, self) - template.template_format = default_template_format + template.formats = [default_template_format] template end diff --git a/actionmailer/test/mail_service_test.rb b/actionmailer/test/mail_service_test.rb index a886b1143e..d14f326163 100644 --- a/actionmailer/test/mail_service_test.rb +++ b/actionmailer/test/mail_service_test.rb @@ -566,13 +566,31 @@ class ActionMailerTest < Test::Unit::TestCase TestMailer.deliver_signed_up(@recipient) end + class FakeLogger + attr_reader :info_contents, :debug_contents + + def initialize + @info_contents, @debug_contents = "", "" + end + + def info(str) + @info_contents << str + end + + def debug(str) + @debug_contents << str + end + end + def test_delivery_logs_sent_mail mail = TestMailer.create_signed_up(@recipient) - logger = mock() - logger.expects(:info).with("Sent mail to #{@recipient}") - logger.expects(:debug).with("\n#{mail.encoded}") - TestMailer.logger = logger + # logger = mock() + # logger.expects(:info).with("Sent mail to #{@recipient}") + # logger.expects(:debug).with("\n#{mail.encoded}") + TestMailer.logger = FakeLogger.new TestMailer.deliver_signed_up(@recipient) + assert(TestMailer.logger.info_contents =~ /Sent mail to #{@recipient}/) + assert_equal(TestMailer.logger.debug_contents, "\n#{mail.encoded}") end def test_unquote_quoted_printable_subject diff --git a/actionpack/lib/action_controller.rb b/actionpack/lib/action_controller.rb index 3e77970367..6000ee15c6 100644 --- a/actionpack/lib/action_controller.rb +++ b/actionpack/lib/action_controller.rb @@ -35,6 +35,8 @@ gem 'rack', '>= 0.9.0' require 'rack' require 'action_controller/rack_ext' +require File.join(File.dirname(__FILE__), "action_pack") + module ActionController # TODO: Review explicit to see if they will automatically be handled by # the initilizer if they are really needed. diff --git a/actionpack/lib/action_controller/base.rb b/actionpack/lib/action_controller/base.rb index 50b965ce4c..78c8bf0647 100644 --- a/actionpack/lib/action_controller/base.rb +++ b/actionpack/lib/action_controller/base.rb @@ -514,8 +514,8 @@ module ActionController #:nodoc: def process(request, response, method = :perform_action, *arguments) #:nodoc: response.request = request - initialize_template_class(response) assign_shortcuts(request, response) + initialize_template_class(response) initialize_current_url assign_names @@ -863,90 +863,82 @@ module ActionController #:nodoc: def render(options = nil, extra_options = {}, &block) #:doc: raise DoubleRenderError, "Can only render or redirect once per action" if performed? - validate_render_arguments(options, extra_options, block_given?) - - if options.nil? - options = { :template => default_template, :layout => true } - elsif options == :update - options = extra_options.merge({ :update => true }) - elsif options.is_a?(String) || options.is_a?(Symbol) - case options.to_s.index('/') - when 0 - extra_options[:file] = options - when nil - extra_options[:action] = options - else - extra_options[:template] = options - end + options = { :layout => true } if options.nil? + original, options = options, extra_options unless options.is_a?(Hash) + + layout_name = options.delete(:layout) - options = extra_options - end + _process_options(options) + + if block_given? + @template.send(:_evaluate_assigns_and_ivars) - layout = pick_layout(options) - response.layout = layout.path_without_format_and_extension if layout - logger.info("Rendering template within #{layout.path_without_format_and_extension}") if logger && layout - - if content_type = options[:content_type] - response.content_type = content_type.to_s + generator = ActionView::Helpers::PrototypeHelper::JavaScriptGenerator.new(@template, &block) + response.content_type = Mime::JS + return render_for_text(generator.to_s) end - - if location = options[:location] - response.headers["Location"] = url_for(location) + + if original + return render_for_name(original, layout_name, options) unless block_given? + end + + if options.key?(:text) + return render_for_text(@template._render_text(options[:text], + _pick_layout(layout_name), options)) end - if options.has_key?(:text) - text = layout ? @template.render(options.merge(:text => options[:text], :layout => layout)) : options[:text] - render_for_text(text, options[:status]) + file, template = options.values_at(:file, :template) + if file || template + file = template.sub(/^\//, '') if template + return render_for_file(file, [layout_name, !!template], options) + end + + if action_option = options[:action] + return render_for_action(action_option, [layout_name, true], options) + end + + if inline = options[:inline] + render_for_text(@template._render_inline(inline, _pick_layout(layout_name), options)) + + elsif xml = options[:xml] + response.content_type ||= Mime::XML + render_for_text(xml.respond_to?(:to_xml) ? xml.to_xml : xml) + + elsif js = options[:js] + response.content_type ||= Mime::JS + render_for_text(js) + + elsif json = options[:json] + json = json.to_json unless json.is_a?(String) + json = "#{options[:callback]}(#{json})" unless options[:callback].blank? + response.content_type ||= Mime::JSON + render_for_text(json) + + elsif partial = options[:partial] + if partial == true + parts = [action_name_base, formats, controller_name, true] + elsif partial.is_a?(String) + parts = partial_parts(partial, options) + else + return render_for_text(@template._render_partial(options)) + end + + render_for_parts(parts, layout_name, options) + + elsif options[:nothing] + render_for_text(nil) else - if file = options[:file] - render_for_file(file, options[:status], layout, options[:locals] || {}) - - elsif template = options[:template] - render_for_file(template, options[:status], layout, options[:locals] || {}) - - elsif inline = options[:inline] - render_for_text(@template.render(options.merge(:layout => layout)), options[:status]) - - elsif action_name = options[:action] - render_for_file(default_template(action_name.to_s), options[:status], layout) - - elsif xml = options[:xml] - response.content_type ||= Mime::XML - render_for_text(xml.respond_to?(:to_xml) ? xml.to_xml : xml, options[:status]) - - elsif js = options[:js] - response.content_type ||= Mime::JS - render_for_text(js, options[:status]) - - elsif json = options[:json] - json = json.to_json unless json.is_a?(String) - json = "#{options[:callback]}(#{json})" unless options[:callback].blank? - response.content_type ||= Mime::JSON - render_for_text(json, options[:status]) - - elsif options[:partial] - options[:partial] = default_template_name if options[:partial] == true - if layout - render_for_text(@template.render(:text => @template.render(options), :layout => layout), options[:status]) - else - render_for_text(@template.render(options), options[:status]) - end - - elsif options[:update] - @template.send(:_evaluate_assigns_and_ivars) - - generator = ActionView::Helpers::PrototypeHelper::JavaScriptGenerator.new(@template, &block) - response.content_type = Mime::JS - render_for_text(generator.to_s, options[:status]) + render_for_parts([action_name, formats, controller_path], layout_name, options) + end + end - elsif options[:nothing] - render_for_text(nil, options[:status]) + def formats + @_request.formats.map {|f| f.symbol }.compact + end - else - render_for_file(default_template, options[:status], layout) - end - end + def action_name_base(name = action_name) + (name.is_a?(String) ? name.sub(/^#{controller_path}\//, '') : name).to_s end # Renders according to the same rules as render, but returns the result in a string instead @@ -1174,16 +1166,70 @@ module ActionController #:nodoc: end private - def render_for_file(template_path, status = nil, layout = nil, locals = {}) #:nodoc: - path = template_path.respond_to?(:path_without_format_and_extension) ? template_path.path_without_format_and_extension : template_path - logger.info("Rendering #{path}" + (status ? " (#{status})" : '')) if logger - render_for_text @template.render(:file => template_path, :locals => locals, :layout => layout), status + def _process_options(options) + if content_type = options[:content_type] + response.content_type = content_type.to_s + end + + if location = options[:location] + response.headers["Location"] = url_for(location) + end + + response.status = interpret_status(options[:status] || DEFAULT_RENDER_STATUS_CODE) end - def render_for_text(text = nil, status = nil, append_response = false) #:nodoc: - @performed_render = true + def render_for_name(name, layout, options) + case name.to_s.index('/') + when 0 + render_for_file(name, layout, options) + when nil + render_for_action(name, layout, options) + else + render_for_file(name.sub(/^\//, ''), [layout, true], options) + end + end + + def render_for_parts(parts, layout, options = {}) + tmp = view_paths.find_by_parts(*parts) + layout = _pick_layout(*layout) unless tmp.exempt_from_layout? + + render_for_text( + @template._render_template_with_layout(tmp, layout, options, parts[3])) + end + + def partial_parts(name, options) + segments = name.split("/") + parts = segments.pop.split(".") + + case parts.size + when 1 + parts + when 2, 3 + extension = parts.delete_at(1).to_sym + if formats.include?(extension) + self.formats.replace [extension] + end + parts.pop if parts.size == 2 + end - response.status = interpret_status(status || DEFAULT_RENDER_STATUS_CODE) + path = parts.join(".") + prefix = segments[0..-1].join("/") + prefix = prefix.blank? ? controller_path : prefix + parts = [path, formats, prefix] + parts.push options[:object] || true + end + + def render_for_file(file, layout, options) + render_for_parts([file, [request.format.to_sym]], layout, options) + end + + def render_for_action(name, layout, options) + parts = [action_name_base(name), formats, controller_name] + render_for_parts(parts, layout, options) + end + + def render_for_text(text = nil, append_response = false) #:nodoc: + @performed_render = true if append_response response.body ||= '' @@ -1197,18 +1243,8 @@ module ActionController #:nodoc: end end - def validate_render_arguments(options, extra_options, has_block) - if options && (has_block && options != :update) && !options.is_a?(String) && !options.is_a?(Hash) && !options.is_a?(Symbol) - raise RenderError, "You called render with invalid options : #{options.inspect}" - end - - if !extra_options.is_a?(Hash) - raise RenderError, "You called render with invalid options : #{options.inspect}, #{extra_options.inspect}" - end - end - def initialize_template_class(response) - response.template = ActionView::Base.new(self.class.view_paths, {}, self) + @template = response.template = ActionView::Base.new(self.class.view_paths, {}, self, formats) response.template.helpers.send :include, self.class.master_helper_module response.redirected_to = nil @performed_render = @performed_redirect = false @@ -1221,7 +1257,6 @@ module ActionController #:nodoc: @_response.session = request.session @_session = @_response.session - @template = @_response.template @_headers = @_response.headers end @@ -1257,23 +1292,21 @@ module ActionController #:nodoc: end def perform_action - if action_methods.include?(action_name) - send(action_name) - default_render unless performed? - elsif respond_to? :method_missing - method_missing action_name - default_render unless performed? - else - begin - default_render - rescue ActionView::MissingTemplate => e - # Was the implicit template missing, or was it another template? - if e.path == default_template_name - raise UnknownAction, "No action responded to #{action_name}. Actions: #{action_methods.sort.to_sentence}", caller - else - raise e - end - end + if called = action_methods.include?(action_name) + ret = send(action_name) + elsif called = respond_to?(:method_missing) + ret = method_missing(action_name) + end + + return (performed? ? ret : default_render) if called + + begin + default_render + rescue ActionView::MissingTemplate => e + raise e unless e.path == action_name + # If the path is the same as the action_name, the action is completely missing + raise UnknownAction, "No action responded to #{action_name}. Actions: " + + "#{action_methods.sort.to_sentence}", caller end end @@ -1337,6 +1370,7 @@ module ActionController #:nodoc: path.split('/', 2).last end + def template_path_includes_controller?(path) self.controller_path.split('/')[-1] == path.split('/')[0] end diff --git a/actionpack/lib/action_controller/layout.rb b/actionpack/lib/action_controller/layout.rb index 159c5c7326..926ae26f92 100644 --- a/actionpack/lib/action_controller/layout.rb +++ b/actionpack/lib/action_controller/layout.rb @@ -2,11 +2,7 @@ module ActionController #:nodoc: module Layout #:nodoc: def self.included(base) base.extend(ClassMethods) - base.class_eval do - class << self - alias_method_chain :inherited, :layout - end - end + base.class_inheritable_accessor :layout_name, :layout_conditions end # Layouts reverse the common pattern of including shared headers and footers in many templates to isolate changes in @@ -159,122 +155,90 @@ module ActionController #:nodoc: # # This will render the help action with the "help" layout instead of the controller-wide "weblog_standard" layout. module ClassMethods + extend ActiveSupport::Memoizable + # If a layout is specified, all rendered actions will have their result rendered # when the layout yields. This layout can itself depend on instance variables assigned during action # performance and have access to them as any normal template would. def layout(template_name, conditions = {}, auto = false) add_layout_conditions(conditions) - write_inheritable_attribute(:layout, template_name) - write_inheritable_attribute(:auto_layout, auto) + self.layout_name = template_name end - def layout_conditions #:nodoc: - @layout_conditions ||= read_inheritable_attribute(:layout_conditions) + def memoized_default_layout(formats) #:nodoc: + self.layout_name || begin + layout = default_layout_name + layout.is_a?(String) ? find_layout(layout, formats) : layout + rescue ActionView::MissingTemplate + end end - def default_layout(format) #:nodoc: - layout = read_inheritable_attribute(:layout) - return layout unless read_inheritable_attribute(:auto_layout) - find_layout(layout, format) + def default_layout(*args) + (@_memoized_default_layout ||= ::ActiveSupport::ConcurrentHash.new)[args] ||= memoized_default_layout(*args) + end + + def memoized_find_layout(layout, formats) #:nodoc: + return layout if layout.nil? || layout.respond_to?(:render) + prefix = layout.to_s =~ /layouts\// ? nil : "layouts" + view_paths.find_by_parts(layout.to_s, formats, prefix) + end + + def find_layout(*args) + (@_memoized_find_layout ||= ::ActiveSupport::ConcurrentHash.new)[args] ||= memoized_find_layout(*args) end def layout_list #:nodoc: Array(view_paths).sum([]) { |path| Dir["#{path}/layouts/**/*"] } end + memoize :layout_list - def find_layout(layout, *formats) #:nodoc: - return layout if layout.respond_to?(:render) - view_paths.find_template(layout.to_s =~ /layouts\// ? layout : "layouts/#{layout}", *formats) - rescue ActionView::MissingTemplate - nil + def default_layout_name + layout_match = name.underscore.sub(/_controller$/, '') + if layout_list.grep(%r{layouts/#{layout_match}(\.[a-z][0-9a-z]*)+$}).empty? + superclass.default_layout_name if superclass.respond_to?(:default_layout_name) + else + layout_match + end end + memoize :default_layout_name private - def inherited_with_layout(child) - inherited_without_layout(child) - unless child.name.blank? - layout_match = child.name.underscore.sub(/_controller$/, '').sub(/^controllers\//, '') - child.layout(layout_match, {}, true) unless child.layout_list.grep(%r{layouts/#{layout_match}(\.[a-z][0-9a-z]*)+$}).empty? - end - end - def add_layout_conditions(conditions) - write_inheritable_hash(:layout_conditions, normalize_conditions(conditions)) - end - - def normalize_conditions(conditions) - conditions.inject({}) {|hash, (key, value)| hash.merge(key => [value].flatten.map {|action| action.to_s})} + # :except => :foo == :except => [:foo] == :except => "foo" == :except => ["foo"] + conditions.each {|k, v| conditions[k] = Array(v).map {|a| a.to_s} } + write_inheritable_hash(:layout_conditions, conditions) end end - - # Returns the name of the active layout. If the layout was specified as a method reference (through a symbol), this method - # is called and the return value is used. Likewise if the layout was specified as an inline method (through a proc or method - # object). If the layout was defined without a directory, layouts is assumed. So layout "weblog/standard" will return - # weblog/standard, but layout "standard" will return layouts/standard. - def active_layout(passed_layout = nil) - layout = passed_layout || self.class.default_layout(default_template_format) - - active_layout = case layout - when Symbol then __send__(layout) - when Proc then layout.call(self) - else layout + + def active_layout(name) + name = self.class.default_layout(formats) if name == true + + layout_name = case name + when Symbol then __send__(name) + when Proc then name.call(self) + else name end - if active_layout - if layout = self.class.find_layout(active_layout, @template.template_format) - layout - else - raise ActionView::MissingTemplate.new(self.class.view_paths, active_layout) - end - end + self.class.find_layout(layout_name, formats) end - private - def candidate_for_layout?(options) - template = options[:template] || default_template(options[:action]) - if options.values_at(:text, :xml, :json, :file, :inline, :partial, :nothing, :update).compact.empty? - begin - !self.view_paths.find_template(template, default_template_format).exempt_from_layout? - rescue ActionView::MissingTemplate - true - end - end - rescue ActionView::MissingTemplate - false - end - - def pick_layout(options) - if options.has_key?(:layout) - case layout = options.delete(:layout) - when FalseClass - nil - when NilClass, TrueClass - active_layout if action_has_layout? && candidate_for_layout?(:template => default_template_name) - else - active_layout(layout) - end - else - active_layout if action_has_layout? && candidate_for_layout?(options) - end - end + def _pick_layout(layout_name, implicit = false) + return unless layout_name || implicit + layout_name = true if layout_name.nil? + active_layout(layout_name) if action_has_layout? && layout_name + end + private def action_has_layout? if conditions = self.class.layout_conditions - case - when only = conditions[:only] - only.include?(action_name) - when except = conditions[:except] - !except.include?(action_name) - else - true + if only = conditions[:only] + return only.include?(action_name) + elsif except = conditions[:except] + return !except.include?(action_name) end - else - true end + true end - def default_template_format - response.template.template_format - end end end diff --git a/actionpack/lib/action_controller/mime_responds.rb b/actionpack/lib/action_controller/mime_responds.rb index b755363873..bac225ab2a 100644 --- a/actionpack/lib/action_controller/mime_responds.rb +++ b/actionpack/lib/action_controller/mime_responds.rb @@ -109,16 +109,13 @@ module ActionController #:nodoc: end class Responder #:nodoc: + def initialize(controller) @controller = controller @request = controller.request @response = controller.response - if ActionController::Base.use_accept_header - @mime_type_priority = Array(Mime::Type.lookup_by_extension(@request.parameters[:format]) || @request.accepts) - else - @mime_type_priority = [@request.format] - end + @mime_type_priority = @request.formats @order = [] @responses = {} @@ -130,7 +127,7 @@ module ActionController #:nodoc: @order << mime_type @responses[mime_type] ||= Proc.new do - @response.template.template_format = mime_type.to_sym + @response.template.formats = [mime_type.to_sym] @response.content_type = mime_type.to_s block_given? ? block.call : @controller.send(:render, :action => @controller.action_name) end diff --git a/actionpack/lib/action_controller/mime_type.rb b/actionpack/lib/action_controller/mime_type.rb index 017626ba27..3d26870f4f 100644 --- a/actionpack/lib/action_controller/mime_type.rb +++ b/actionpack/lib/action_controller/mime_type.rb @@ -5,6 +5,10 @@ module Mime EXTENSION_LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } + def self.[](type) + Type.lookup_by_extension(type.to_s) + end + # Encapsulates the notion of a mime type. Can be used at render time, for example, with: # # class PostsController < ActionController::Base @@ -27,7 +31,7 @@ module Mime # only needs to protect against these types. @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text] cattr_reader :browser_generated_types - + attr_reader :symbol @@unverifiable_types = Set.new [:text, :json, :csv, :xml, :rss, :atom, :yaml] def self.unverifiable_types @@ -172,6 +176,8 @@ module Mime def ==(mime_type) return false if mime_type.blank? (@synonyms + [ self ]).any? do |synonym| + require "ruby-debug" + debugger if mime_type.is_a?(Array) synonym.to_s == mime_type.to_s || synonym.to_sym == mime_type.to_sym end end @@ -187,17 +193,13 @@ module Mime # Returns true if Action Pack should check requests using this Mime Type for possible request forgery. See # ActionController::RequestForgeryProtection. def verify_request? - browser_generated? + @@browser_generated_types.include?(to_sym) end def html? @@html_types.include?(to_sym) || @string =~ /html/ end - def browser_generated? - @@browser_generated_types.include?(to_sym) - end - private def method_missing(method, *args) if method.to_s =~ /(\w+)\?$/ diff --git a/actionpack/lib/action_controller/request.rb b/actionpack/lib/action_controller/request.rb index 09dcd684e8..f8c77241b9 100755 --- a/actionpack/lib/action_controller/request.rb +++ b/actionpack/lib/action_controller/request.rb @@ -101,10 +101,16 @@ module ActionController def accepts header = @env['HTTP_ACCEPT'].to_s.strip + fallback = xhr? ? Mime::JS : Mime::HTML + if header.empty? - [content_type, Mime::ALL].compact + [content_type, fallback, Mime::ALL].compact else - Mime::Type.parse(header) + ret = Mime::Type.parse(header) + if ret.last == Mime::ALL + ret.insert(-2, fallback) + end + ret end end memoize :accepts @@ -144,24 +150,33 @@ module ActionController end end + ONLY_ALL = [Mime::ALL].freeze + # Returns the Mime type for the \format used in the request. # # GET /posts/5.xml | request.format => Mime::XML # GET /posts/5.xhtml | request.format => Mime::HTML # GET /posts/5 | request.format => Mime::HTML or MIME::JS, or request.accepts.first depending on the value of ActionController::Base.use_accept_header - def format + + def format(view_path = []) @format ||= if parameters[:format] - Mime::Type.lookup_by_extension(parameters[:format]) - elsif ActionController::Base.use_accept_header - accepts.first - elsif xhr? - Mime::Type.lookup_by_extension("js") - else - Mime::Type.lookup_by_extension("html") + Mime[parameters[:format]] + elsif Base.use_accept_header && !(accepts == ONLY_ALL) + accepts.first + elsif xhr? then Mime::JS + else Mime::HTML end end + def formats + @formats = + if Base.use_accept_header + ret = Array(Mime[parameters[:format]] || accepts) + else + [format] + end + end # Sets the \format by string extension, which can be used to force custom formats # that are not controlled by the extension. diff --git a/actionpack/lib/action_controller/rescue.rb b/actionpack/lib/action_controller/rescue.rb index 4b7d1e32fd..3beeb2da83 100644 --- a/actionpack/lib/action_controller/rescue.rb +++ b/actionpack/lib/action_controller/rescue.rb @@ -125,11 +125,13 @@ module ActionController #:nodoc: @template.instance_variable_set("@exception", exception) @template.instance_variable_set("@rescues_path", RESCUES_TEMPLATE_PATH) @template.instance_variable_set("@contents", - @template.render(:file => template_path_for_local_rescue(exception))) + @template._render_template(template_path_for_local_rescue(exception))) response.content_type = Mime::HTML - render_for_file(rescues_path("layout"), - response_code_for_rescue(exception)) + response.status = interpret_status(response_code_for_rescue(exception)) + + content = @template._render_template(rescues_path("layout")) + render_for_text(content) end def rescue_action_without_handler(exception) @@ -157,7 +159,7 @@ module ActionController #:nodoc: end def rescues_path(template_name) - RESCUES_TEMPLATE_PATH["rescues/#{template_name}.erb"] + RESCUES_TEMPLATE_PATH.find_template("rescues/#{template_name}.erb") end def template_path_for_local_rescue(exception) diff --git a/actionpack/lib/action_controller/templates/rescues/diagnostics.erb b/actionpack/lib/action_controller/templates/rescues/diagnostics.erb index 669da1b26e..95be64511d 100644 --- a/actionpack/lib/action_controller/templates/rescues/diagnostics.erb +++ b/actionpack/lib/action_controller/templates/rescues/diagnostics.erb @@ -6,6 +6,5 @@ 
<%=h @exception.clean_message %>
-<%= render :file => @rescues_path["rescues/_trace.erb"] %> - -<%= render :file => @rescues_path["rescues/_request_and_response.erb"] %> +<%= @template._render_template(@rescues_path.find_template("rescues/_trace.erb")) %> +<%= @template._render_template(@rescues_path.find_template("rescues/_request_and_response.erb")) %> \ No newline at end of file diff --git a/actionpack/lib/action_view.rb b/actionpack/lib/action_view.rb index 0b710bd8d9..aa06c19a48 100644 --- a/actionpack/lib/action_view.rb +++ b/actionpack/lib/action_view.rb @@ -31,6 +31,8 @@ rescue LoadError end end +require File.join(File.dirname(__FILE__), "action_pack") + module ActionView def self.load_all! [Base, InlineTemplate, TemplateError] @@ -38,15 +40,16 @@ module ActionView autoload :Base, 'action_view/base' autoload :Helpers, 'action_view/helpers' - autoload :InlineTemplate, 'action_view/inline_template' - autoload :Partials, 'action_view/partials' + autoload :InlineTemplate, 'action_view/template/inline' + autoload :Partials, 'action_view/render/partials' autoload :PathSet, 'action_view/paths' - autoload :Renderable, 'action_view/renderable' - autoload :RenderablePartial, 'action_view/renderable_partial' - autoload :Template, 'action_view/template' - autoload :TemplateError, 'action_view/template_error' - autoload :TemplateHandler, 'action_view/template_handler' - autoload :TemplateHandlers, 'action_view/template_handlers' + autoload :Rendering, 'action_view/render/rendering' + autoload :Renderable, 'action_view/template/renderable' + autoload :RenderablePartial, 'action_view/template/partial' + autoload :Template, 'action_view/template/template' + autoload :TemplateError, 'action_view/template/error' + autoload :TemplateHandler, 'action_view/template/handler' + autoload :TemplateHandlers, 'action_view/template/handlers' autoload :Helpers, 'action_view/helpers' end diff --git a/actionpack/lib/action_view/base.rb b/actionpack/lib/action_view/base.rb index 70a0ba91a7..80b8ea6a4c 100644 --- a/actionpack/lib/action_view/base.rb +++ b/actionpack/lib/action_view/base.rb @@ -160,14 +160,13 @@ module ActionView #:nodoc: # # See the ActionView::Helpers::PrototypeHelper::GeneratorMethods documentation for more details. class Base - include Helpers, Partials, ::ERB::Util + include Helpers, Rendering, Partials, ::ERB::Util + extend ActiveSupport::Memoizable - attr_accessor :base_path, :assigns, :template_extension + attr_accessor :base_path, :assigns, :template_extension, :formats attr_accessor :controller - attr_writer :template_format - attr_accessor :output_buffer class << self @@ -184,9 +183,13 @@ module ActionView #:nodoc: attr_internal :request + delegate :controller_path, :to => :controller, :allow_nil => true + delegate :request_forgery_protection_token, :template, :params, :session, :cookies, :response, :headers, :flash, :logger, :action_name, :controller_name, :to => :controller + delegate :find_by_parts, :to => :view_paths + module CompiledTemplates #:nodoc: # holds compiled template code end @@ -209,7 +212,8 @@ module ActionView #:nodoc: end end - def initialize(view_paths = [], assigns_for_first_render = {}, controller = nil)#:nodoc: + def initialize(view_paths = [], assigns_for_first_render = {}, controller = nil, formats = nil)#:nodoc: + @formats = formats || [:html] @assigns = assigns_for_first_render @assigns_added = nil @_render_stack = [] @@ -223,55 +227,7 @@ module ActionView #:nodoc: def view_paths=(paths) @view_paths = self.class.process_view_paths(paths) end - - # Returns the result of a render that's dictated by the options hash. The primary options are: - # - # * :partial - See ActionView::Partials. - # * :update - Calls update_page with the block given. - # * :file - Renders an explicit template file (this used to be the old default), add :locals to pass in those. - # * :inline - Renders an inline template similar to how it's done in the controller. - # * :text - Renders the text passed in out. - # - # If no options hash is passed or :update specified, the default is to render a partial and use the second parameter - # as the locals hash. - def render(options = {}, local_assigns = {}, &block) #:nodoc: - local_assigns ||= {} - - case options - when Hash - options = options.reverse_merge(:locals => {}) - if options[:layout] - _render_with_layout(options, local_assigns, &block) - elsif options[:file] - tempalte = self.view_paths.find_template(options[:file], template_format) - tempalte.render_template(self, options[:locals]) - elsif options[:partial] - render_partial(options) - elsif options[:inline] - InlineTemplate.new(options[:inline], options[:type]).render(self, options[:locals]) - elsif options[:text] - options[:text] - end - when :update - update_page(&block) - else - render_partial(:partial => options, :locals => local_assigns) - end - end - - # The format to be used when choosing between multiple templates with - # the same name but differing formats. See +Request#template_format+ - # for more details. - def template_format - if defined? @template_format - @template_format - elsif controller && controller.respond_to?(:request) - @template_format = controller.request.template_format.to_sym - else - @template_format = :html - end - end - + # Access the current template being rendered. # Returns a ActionView::Template object. def template @@ -301,32 +257,5 @@ module ActionView #:nodoc: controller.response.content_type ||= content_type end end - - def _render_with_layout(options, local_assigns, &block) #:nodoc: - partial_layout = options.delete(:layout) - - if block_given? - begin - @_proc_for_layout = block - concat(render(options.merge(:partial => partial_layout))) - ensure - @_proc_for_layout = nil - end - else - begin - original_content_for_layout = @content_for_layout if defined?(@content_for_layout) - @content_for_layout = render(options) - - if (options[:inline] || options[:file] || options[:text]) - @cached_content_for_layout = @content_for_layout - render(:file => partial_layout, :locals => local_assigns) - else - render(options.merge(:partial => partial_layout)) - end - ensure - @content_for_layout = original_content_for_layout - end - end - end end end diff --git a/actionpack/lib/action_view/helpers/prototype_helper.rb b/actionpack/lib/action_view/helpers/prototype_helper.rb index 18a209dcea..99676a9c27 100644 --- a/actionpack/lib/action_view/helpers/prototype_helper.rb +++ b/actionpack/lib/action_view/helpers/prototype_helper.rb @@ -987,13 +987,13 @@ module ActionView end def render(*options_for_render) - old_format = @context && @context.template_format - @context.template_format = :html if @context + old_formats = @context && @context.formats + @context.formats = [:html] if @context Hash === options_for_render.first ? @context.render(*options_for_render) : options_for_render.first.to_s ensure - @context.template_format = old_format if @context + @context.formats = old_formats if @context end def javascript_object_for(object) diff --git a/actionpack/lib/action_view/inline_template.rb b/actionpack/lib/action_view/inline_template.rb deleted file mode 100644 index 54efa543c8..0000000000 --- a/actionpack/lib/action_view/inline_template.rb +++ /dev/null @@ -1,19 +0,0 @@ -module ActionView #:nodoc: - class InlineTemplate #:nodoc: - include Renderable - - attr_reader :source, :extension, :method_segment - - def initialize(source, type = nil) - @source = source - @extension = type - @method_segment = "inline_#{@source.hash.abs}" - end - - private - # Always recompile inline templates - def recompile? - true - end - end -end diff --git a/actionpack/lib/action_view/partials.rb b/actionpack/lib/action_view/partials.rb deleted file mode 100644 index 59e82b98a4..0000000000 --- a/actionpack/lib/action_view/partials.rb +++ /dev/null @@ -1,235 +0,0 @@ -module ActionView - # There's also a convenience method for rendering sub templates within the current controller that depends on a - # single object (we call this kind of sub templates for partials). It relies on the fact that partials should - # follow the naming convention of being prefixed with an underscore -- as to separate them from regular - # templates that could be rendered on their own. - # - # In a template for Advertiser#account: - # - # <%= render :partial => "account" %> - # - # This would render "advertiser/_account.erb" and pass the instance variable @account in as a local variable - # +account+ to the template for display. - # - # In another template for Advertiser#buy, we could have: - # - # <%= render :partial => "account", :locals => { :account => @buyer } %> - # - # <% for ad in @advertisements %> - # <%= render :partial => "ad", :locals => { :ad => ad } %> - # <% end %> - # - # This would first render "advertiser/_account.erb" with @buyer passed in as the local variable +account+, then - # render "advertiser/_ad.erb" and pass the local variable +ad+ to the template for display. - # - # == Rendering a collection of partials - # - # The example of partial use describes a familiar pattern where a template needs to iterate over an array and - # render a sub template for each of the elements. This pattern has been implemented as a single method that - # accepts an array and renders a partial by the same name as the elements contained within. So the three-lined - # example in "Using partials" can be rewritten with a single line: - # - # <%= render :partial => "ad", :collection => @advertisements %> - # - # This will render "advertiser/_ad.erb" and pass the local variable +ad+ to the template for display. An - # iteration counter will automatically be made available to the template with a name of the form - # +partial_name_counter+. In the case of the example above, the template would be fed +ad_counter+. - # - # NOTE: Due to backwards compatibility concerns, the collection can't be one of hashes. Normally you'd also - # just keep domain objects, like Active Records, in there. - # - # == Rendering shared partials - # - # Two controllers can share a set of partials and render them like this: - # - # <%= render :partial => "advertisement/ad", :locals => { :ad => @advertisement } %> - # - # This will render the partial "advertisement/_ad.erb" regardless of which controller this is being called from. - # - # == Rendering objects with the RecordIdentifier - # - # Instead of explicitly naming the location of a partial, you can also let the RecordIdentifier do the work if - # you're following its conventions for RecordIdentifier#partial_path. Examples: - # - # # @account is an Account instance, so it uses the RecordIdentifier to replace - # # <%= render :partial => "accounts/account", :locals => { :account => @buyer } %> - # <%= render :partial => @account %> - # - # # @posts is an array of Post instances, so it uses the RecordIdentifier to replace - # # <%= render :partial => "posts/post", :collection => @posts %> - # <%= render :partial => @posts %> - # - # == Rendering the default case - # - # If you're not going to be using any of the options like collections or layouts, you can also use the short-hand - # defaults of render to render partials. Examples: - # - # # Instead of <%= render :partial => "account" %> - # <%= render "account" %> - # - # # Instead of <%= render :partial => "account", :locals => { :account => @buyer } %> - # <%= render "account", :account => @buyer %> - # - # # @account is an Account instance, so it uses the RecordIdentifier to replace - # # <%= render :partial => "accounts/account", :locals => { :account => @account } %> - # <%= render(@account) %> - # - # # @posts is an array of Post instances, so it uses the RecordIdentifier to replace - # # <%= render :partial => "posts/post", :collection => @posts %> - # <%= render(@posts) %> - # - # == Rendering partials with layouts - # - # Partials can have their own layouts applied to them. These layouts are different than the ones that are - # specified globally for the entire action, but they work in a similar fashion. Imagine a list with two types - # of users: - # - # <%# app/views/users/index.html.erb &> - # Here's the administrator: - # <%= render :partial => "user", :layout => "administrator", :locals => { :user => administrator } %> - # - # Here's the editor: - # <%= render :partial => "user", :layout => "editor", :locals => { :user => editor } %> - # - # <%# app/views/users/_user.html.erb &> - # Name: <%= user.name %> - # - # <%# app/views/users/_administrator.html.erb &> - #
- # Budget: $<%= user.budget %> - # <%= yield %> - #
- # - # <%# app/views/users/_editor.html.erb &> - #
- # Deadline: <%= user.deadline %> - # <%= yield %> - #
- # - # ...this will return: - # - # Here's the administrator: - #
- # Budget: $<%= user.budget %> - # Name: <%= user.name %> - #
- # - # Here's the editor: - #
- # Deadline: <%= user.deadline %> - # Name: <%= user.name %> - #
- # - # You can also apply a layout to a block within any template: - # - # <%# app/views/users/_chief.html.erb &> - # <% render(:layout => "administrator", :locals => { :user => chief }) do %> - # Title: <%= chief.title %> - # <% end %> - # - # ...this will return: - # - #
- # Budget: $<%= user.budget %> - # Title: <%= chief.name %> - #
- # - # As you can see, the :locals hash is shared between both the partial and its layout. - # - # If you pass arguments to "yield" then this will be passed to the block. One way to use this is to pass - # an array to layout and treat it as an enumerable. - # - # <%# app/views/users/_user.html.erb &> - #
- # Budget: $<%= user.budget %> - # <%= yield user %> - #
- # - # <%# app/views/users/index.html.erb &> - # <% render :layout => @users do |user| %> - # Title: <%= user.title %> - # <% end %> - # - # This will render the layout for each user and yield to the block, passing the user, each time. - # - # You can also yield multiple times in one layout and use block arguments to differentiate the sections. - # - # <%# app/views/users/_user.html.erb &> - #
- # <%= yield user, :header %> - # Budget: $<%= user.budget %> - # <%= yield user, :footer %> - #
- # - # <%# app/views/users/index.html.erb &> - # <% render :layout => @users do |user, section| %> - # <%- case section when :header -%> - # Title: <%= user.title %> - # <%- when :footer -%> - # Deadline: <%= user.deadline %> - # <%- end -%> - # <% end %> - module Partials - extend ActiveSupport::Memoizable - - private - def render_partial(options = {}) #:nodoc: - local_assigns = options[:locals] || {} - - case partial_path = options[:partial] - when String, Symbol, NilClass - if options.has_key?(:collection) - render_partial_collection(options) - else - _pick_partial_template(partial_path).render_partial(self, options[:object], local_assigns) - end - when ActionView::Helpers::FormBuilder - builder_partial_path = partial_path.class.to_s.demodulize.underscore.sub(/_builder$/, '') - local_assigns.merge!(builder_partial_path.to_sym => partial_path) - render_partial(:partial => builder_partial_path, :object => options[:object], :locals => local_assigns) - when Array, ActiveRecord::Associations::AssociationCollection, ActiveRecord::NamedScope::Scope - render_partial_collection(options.except(:partial).merge(:collection => partial_path)) - else - object = partial_path - render_partial( - :partial => ActionController::RecordIdentifier.partial_path(object, controller.class.controller_path), - :object => object, - :locals => local_assigns - ) - end - end - - def render_partial_collection(options = {}) #:nodoc: - return nil if options[:collection].blank? - - partial = options[:partial] - spacer = options[:spacer_template] ? render(:partial => options[:spacer_template]) : '' - local_assigns = options[:locals] ? options[:locals].clone : {} - as = options[:as] - - index = 0 - options[:collection].map do |object| - _partial_path ||= partial || - ActionController::RecordIdentifier.partial_path(object, controller.class.controller_path) - template = _pick_partial_template(_partial_path) - local_assigns[template.counter_name] = index - result = template.render_partial(self, object, local_assigns.dup, as) - index += 1 - result - end.join(spacer) - end - - def _pick_partial_template(partial_path) #:nodoc: - if partial_path.include?('/') - path = File.join(File.dirname(partial_path), "_#{File.basename(partial_path)}") - elsif controller - path = "#{controller.class.controller_path}/_#{partial_path}" - else - path = "_#{partial_path}" - end - - self.view_paths.find_template(path, self.template_format) - end - memoize :_pick_partial_template - end -end diff --git a/actionpack/lib/action_view/paths.rb b/actionpack/lib/action_view/paths.rb index 19207e7262..4c3a226ac6 100644 --- a/actionpack/lib/action_view/paths.rb +++ b/actionpack/lib/action_view/paths.rb @@ -32,14 +32,24 @@ module ActionView #:nodoc: super(*objs.map { |obj| self.class.type_cast(obj) }) end + def find_by_parts(path, extension = nil, prefix = nil, partial = false) + template_path = path.sub(/^\//, '') + + each do |load_path| + if template = load_path.find_by_parts(template_path, extension, prefix, partial) + return template + end + end + + Template.new(path, self) + end + def find_template(original_template_path, format = nil) return original_template_path if original_template_path.respond_to?(:render) template_path = original_template_path.sub(/^\//, '') each do |load_path| - if format && (template = load_path["#{template_path}.#{format}"]) - return template - elsif template = load_path[template_path] + if template = load_path.find_by_parts(template_path, format) return template end end diff --git a/actionpack/lib/action_view/render/partials.rb b/actionpack/lib/action_view/render/partials.rb new file mode 100644 index 0000000000..aa4c4af213 --- /dev/null +++ b/actionpack/lib/action_view/render/partials.rb @@ -0,0 +1,300 @@ +module ActionView + # There's also a convenience method for rendering sub templates within the current controller that depends on a + # single object (we call this kind of sub templates for partials). It relies on the fact that partials should + # follow the naming convention of being prefixed with an underscore -- as to separate them from regular + # templates that could be rendered on their own. + # + # In a template for Advertiser#account: + # + # <%= render :partial => "account" %> + # + # This would render "advertiser/_account.erb" and pass the instance variable @account in as a local variable + # +account+ to the template for display. + # + # In another template for Advertiser#buy, we could have: + # + # <%= render :partial => "account", :locals => { :account => @buyer } %> + # + # <% for ad in @advertisements %> + # <%= render :partial => "ad", :locals => { :ad => ad } %> + # <% end %> + # + # This would first render "advertiser/_account.erb" with @buyer passed in as the local variable +account+, then + # render "advertiser/_ad.erb" and pass the local variable +ad+ to the template for display. + # + # == Rendering a collection of partials + # + # The example of partial use describes a familiar pattern where a template needs to iterate over an array and + # render a sub template for each of the elements. This pattern has been implemented as a single method that + # accepts an array and renders a partial by the same name as the elements contained within. So the three-lined + # example in "Using partials" can be rewritten with a single line: + # + # <%= render :partial => "ad", :collection => @advertisements %> + # + # This will render "advertiser/_ad.erb" and pass the local variable +ad+ to the template for display. An + # iteration counter will automatically be made available to the template with a name of the form + # +partial_name_counter+. In the case of the example above, the template would be fed +ad_counter+. + # + # NOTE: Due to backwards compatibility concerns, the collection can't be one of hashes. Normally you'd also + # just keep domain objects, like Active Records, in there. + # + # == Rendering shared partials + # + # Two controllers can share a set of partials and render them like this: + # + # <%= render :partial => "advertisement/ad", :locals => { :ad => @advertisement } %> + # + # This will render the partial "advertisement/_ad.erb" regardless of which controller this is being called from. + # + # == Rendering objects with the RecordIdentifier + # + # Instead of explicitly naming the location of a partial, you can also let the RecordIdentifier do the work if + # you're following its conventions for RecordIdentifier#partial_path. Examples: + # + # # @account is an Account instance, so it uses the RecordIdentifier to replace + # # <%= render :partial => "accounts/account", :locals => { :account => @buyer } %> + # <%= render :partial => @account %> + # + # # @posts is an array of Post instances, so it uses the RecordIdentifier to replace + # # <%= render :partial => "posts/post", :collection => @posts %> + # <%= render :partial => @posts %> + # + # == Rendering the default case + # + # If you're not going to be using any of the options like collections or layouts, you can also use the short-hand + # defaults of render to render partials. Examples: + # + # # Instead of <%= render :partial => "account" %> + # <%= render "account" %> + # + # # Instead of <%= render :partial => "account", :locals => { :account => @buyer } %> + # <%= render "account", :account => @buyer %> + # + # # @account is an Account instance, so it uses the RecordIdentifier to replace + # # <%= render :partial => "accounts/account", :locals => { :account => @account } %> + # <%= render(@account) %> + # + # # @posts is an array of Post instances, so it uses the RecordIdentifier to replace + # # <%= render :partial => "posts/post", :collection => @posts %> + # <%= render(@posts) %> + # + # == Rendering partials with layouts + # + # Partials can have their own layouts applied to them. These layouts are different than the ones that are + # specified globally for the entire action, but they work in a similar fashion. Imagine a list with two types + # of users: + # + # <%# app/views/users/index.html.erb &> + # Here's the administrator: + # <%= render :partial => "user", :layout => "administrator", :locals => { :user => administrator } %> + # + # Here's the editor: + # <%= render :partial => "user", :layout => "editor", :locals => { :user => editor } %> + # + # <%# app/views/users/_user.html.erb &> + # Name: <%= user.name %> + # + # <%# app/views/users/_administrator.html.erb &> + #
+ # Budget: $<%= user.budget %> + # <%= yield %> + #
+ # + # <%# app/views/users/_editor.html.erb &> + #
+ # Deadline: <%= user.deadline %> + # <%= yield %> + #
+ # + # ...this will return: + # + # Here's the administrator: + #
+ # Budget: $<%= user.budget %> + # Name: <%= user.name %> + #
+ # + # Here's the editor: + #
+ # Deadline: <%= user.deadline %> + # Name: <%= user.name %> + #
+ # + # You can also apply a layout to a block within any template: + # + # <%# app/views/users/_chief.html.erb &> + # <% render(:layout => "administrator", :locals => { :user => chief }) do %> + # Title: <%= chief.title %> + # <% end %> + # + # ...this will return: + # + #
+ # Budget: $<%= user.budget %> + # Title: <%= chief.name %> + #
+ # + # As you can see, the :locals hash is shared between both the partial and its layout. + # + # If you pass arguments to "yield" then this will be passed to the block. One way to use this is to pass + # an array to layout and treat it as an enumerable. + # + # <%# app/views/users/_user.html.erb &> + #
+ # Budget: $<%= user.budget %> + # <%= yield user %> + #
+ # + # <%# app/views/users/index.html.erb &> + # <% render :layout => @users do |user| %> + # Title: <%= user.title %> + # <% end %> + # + # This will render the layout for each user and yield to the block, passing the user, each time. + # + # You can also yield multiple times in one layout and use block arguments to differentiate the sections. + # + # <%# app/views/users/_user.html.erb &> + #
+ # <%= yield user, :header %> + # Budget: $<%= user.budget %> + # <%= yield user, :footer %> + #
+ # + # <%# app/views/users/index.html.erb &> + # <% render :layout => @users do |user, section| %> + # <%- case section when :header -%> + # Title: <%= user.title %> + # <%- when :footer -%> + # Deadline: <%= user.deadline %> + # <%- end -%> + # <% end %> + module Partials + extend ActiveSupport::Memoizable + + def _render_partial(options = {}) #:nodoc: + options[:locals] ||= {} + + case path = partial = options[:partial] + when *_array_like_objects + return _render_partial_collection(partial, options) + else + if partial.is_a?(ActionView::Helpers::FormBuilder) + path = partial.class.to_s.demodulize.underscore.sub(/_builder$/, '') + options[:locals].merge!(path.to_sym => partial) + elsif !partial.is_a?(String) + options[:object] = object = partial + path = ActionController::RecordIdentifier.partial_path(object, controller_path) + end + _, _, prefix, object = parts = partial_parts(path, options) + template = find_by_parts(*parts) + _render_partial_object(template, options, (object unless object == true)) + end + end + + private + def partial_parts(name, options) + segments = name.split("/") + parts = segments.pop.split(".") + + case parts.size + when 1 + parts + when 2, 3 + extension = parts.delete_at(1).to_sym + if formats.include?(extension) + self.formats.replace [extension] + end + parts.pop if parts.size == 2 + end + + path = parts.join(".") + prefix = segments[0..-1].join("/") + prefix = prefix.blank? ? controller_path : prefix + parts = [path, formats, prefix] + parts.push options[:object] || true + end + + def _render_partial_with_block(layout, block, options) + @_proc_for_layout = block + concat(_render_partial(options.merge(:partial => layout))) + ensure + @_proc_for_layout = nil + end + + def _render_partial_with_layout(layout, options) + if layout + prefix = controller && !layout.include?("/") ? controller.controller_path : nil + layout = find_by_parts(layout, formats, prefix, true) + end + content = _render_partial(options) + return _render_content_with_layout(content, layout, options[:locals]) + end + + def _deprecated_ivar_assign(template) + if respond_to?(:controller) + ivar = :"@#{template.variable_name}" + object = + if controller.instance_variable_defined?(ivar) + ActiveSupport::Deprecation::DeprecatedObjectProxy.new( + controller.instance_variable_get(ivar), + "#{ivar} will no longer be implicitly assigned to #{template.variable_name}") + end + end + end + + def _array_like_objects + array_like = [Array] + if defined?(ActiveRecord) + array_like.push(ActiveRecord::Associations::AssociationCollection, ActiveRecord::NamedScope::Scope) + end + array_like + end + + def _render_partial_object(template, options, object = nil) + if options.key?(:collection) + _render_partial_collection(options.delete(:collection), options, template) + else + locals = (options[:locals] ||= {}) + object ||= locals[:object] || locals[template.variable_name] + + _set_locals(object, locals, template, options) + _render_template(template, locals) + end + end + + def _set_locals(object, locals, template, options) + object ||= _deprecated_ivar_assign(template) + locals[:object] = locals[template.variable_name] = object + locals[options[:as]] = object if options[:as] + end + + def _render_partial_collection(collection, options = {}, passed_template = nil) #:nodoc: + return nil if collection.blank? + + spacer = options[:spacer_template] ? _render_partial(:partial => options[:spacer_template]) : '' + + locals = (options[:locals] ||= {}) + index, @_partial_path = 0, nil + collection.map do |object| + template = passed_template || begin + _partial_path = + ActionController::RecordIdentifier.partial_path(object, controller_path) + template = _pick_partial_template(_partial_path) + end + + _set_locals(object, locals, template, options) + locals[template.counter_name] = index + + index += 1 + _render_template(template, locals) + end.join(spacer) + end + + def _pick_partial_template(partial_path) #:nodoc: + prefix = controller_path unless partial_path.include?('/') + find_by_parts(partial_path, formats, prefix, true) + end + memoize :_pick_partial_template + end +end diff --git a/actionpack/lib/action_view/render/rendering.rb b/actionpack/lib/action_view/render/rendering.rb new file mode 100644 index 0000000000..a02c058725 --- /dev/null +++ b/actionpack/lib/action_view/render/rendering.rb @@ -0,0 +1,119 @@ +module ActionView + module Rendering + # Returns the result of a render that's dictated by the options hash. The primary options are: + # + # * :partial - See ActionView::Partials. + # * :update - Calls update_page with the block given. + # * :file - Renders an explicit template file (this used to be the old default), add :locals to pass in those. + # * :inline - Renders an inline template similar to how it's done in the controller. + # * :text - Renders the text passed in out. + # + # If no options hash is passed or :update specified, the default is to render a partial and use the second parameter + # as the locals hash. + def render(options = {}, local_assigns = {}, &block) #:nodoc: + local_assigns ||= {} + + @exempt_from_layout = true + + case options + when Hash + options[:locals] ||= {} + layout = options[:layout] + + return _render_partial_with_layout(layout, options) if options.key?(:partial) + return _render_partial_with_block(layout, block, options) if block_given? + + layout = find_by_parts(layout, formats) if layout + + if file = options[:file] + template = find_by_parts(file, formats) + _render_template_with_layout(template, layout, :locals => options[:locals]) + elsif inline = options[:inline] + _render_inline(inline, layout, options) + elsif text = options[:text] + _render_text(text, layout, options) + end + when :update + update_page(&block) + when String, NilClass + _render_partial(:partial => options, :locals => local_assigns) + end + end + + def _render_content_with_layout(content, layout, locals) + return content unless layout + + locals ||= {} + + if controller && layout + response.layout = layout.path_without_format_and_extension if controller.respond_to?(:response) + logger.info("Rendering template within #{layout.path_without_format_and_extension}") if logger + end + + begin + original_content_for_layout = @content_for_layout if defined?(@content_for_layout) + @content_for_layout = content + + @cached_content_for_layout = @content_for_layout + _render_template(layout, locals) + ensure + @content_for_layout = original_content_for_layout + end + end + + def _render_template(template, local_assigns = {}) + template.compile(local_assigns) + + @_render_stack.push(template) + + _evaluate_assigns_and_ivars + _set_controller_content_type(template.mime_type) if template.respond_to?(:mime_type) + + result = send(template.method_name(local_assigns), local_assigns) do |*names| + if !instance_variable_defined?(:"@content_for_#{names.first}") && + instance_variable_defined?(:@_proc_for_layout) && (proc = @_proc_for_layout) + capture(*names, &proc) + elsif instance_variable_defined?(ivar = :"@content_for_#{names.first || :layout}") + instance_variable_get(ivar) + end + end + + @_render_stack.pop + result + rescue Exception => e + raise e if !template.filename || template.is_a?(InlineTemplate) + if TemplateError === e + e.sub_template_of(template) + raise e + else + raise TemplateError.new(template, assigns, e) + end + end + + def _render_inline(inline, layout, options) + content = _render_template(InlineTemplate.new(options[:inline], options[:type]), options[:locals] || {}) + layout ? _render_content_with_layout(content, layout, options[:locals]) : content + end + + def _render_text(text, layout, options) + layout ? _render_content_with_layout(text, layout, options[:locals]) : text + end + + def _render_template_with_layout(template, layout = nil, options = {}, partial = false) + if controller && logger + logger.info("Rendering #{template.path_without_extension}" + + (options[:status] ? " (#{options[:status]})" : '')) + end + + content = if partial + object = partial unless partial == true + _render_partial_object(template, options, object) + else + _render_template(template, options[:locals] || {}) + end + + return content unless layout && !template.exempt_from_layout? + _render_content_with_layout(content, layout, options[:locals] || {}) + end + end +end \ No newline at end of file diff --git a/actionpack/lib/action_view/renderable.rb b/actionpack/lib/action_view/renderable.rb deleted file mode 100644 index 153e14f68b..0000000000 --- a/actionpack/lib/action_view/renderable.rb +++ /dev/null @@ -1,96 +0,0 @@ -module ActionView - # NOTE: The template that this mixin is being included into is frozen - # so you cannot set or modify any instance variables - module Renderable #:nodoc: - extend ActiveSupport::Memoizable - - def filename - 'compiled-template' - end - - def handler - Template.handler_class_for_extension(extension) - end - memoize :handler - - def compiled_source - handler.call(self) - end - memoize :compiled_source - - def method_name_without_locals - ['_run', extension, method_segment].compact.join('_') - end - memoize :method_name_without_locals - - def render(view, local_assigns = {}) - compile(local_assigns) - - stack = view.instance_variable_get(:@_render_stack) - stack.push(self) - - view.send(:_evaluate_assigns_and_ivars) - view.send(:_set_controller_content_type, mime_type) if respond_to?(:mime_type) - - result = view.send(method_name(local_assigns), local_assigns) do |*names| - ivar = :@_proc_for_layout - if !view.instance_variable_defined?(:"@content_for_#{names.first}") && view.instance_variable_defined?(ivar) && (proc = view.instance_variable_get(ivar)) - view.capture(*names, &proc) - elsif view.instance_variable_defined?(ivar = :"@content_for_#{names.first || :layout}") - view.instance_variable_get(ivar) - end - end - - stack.pop - result - end - - def method_name(local_assigns) - if local_assigns && local_assigns.any? - method_name = method_name_without_locals.dup - method_name << "_locals_#{local_assigns.keys.map { |k| k.to_s }.sort.join('_')}" - else - method_name = method_name_without_locals - end - method_name.to_sym - end - - private - # Compile and evaluate the template's code (if necessary) - def compile(local_assigns) - render_symbol = method_name(local_assigns) - - if !Base::CompiledTemplates.method_defined?(render_symbol) || recompile? - compile!(render_symbol, local_assigns) - end - end - - def compile!(render_symbol, local_assigns) - locals_code = local_assigns.keys.map { |key| "#{key} = local_assigns[:#{key}];" }.join - - source = <<-end_src - def #{render_symbol}(local_assigns) - old_output_buffer = output_buffer;#{locals_code};#{compiled_source} - ensure - self.output_buffer = old_output_buffer - end - end_src - - begin - ActionView::Base::CompiledTemplates.module_eval(source, filename, 0) - rescue Exception => e # errors from template code - if logger = defined?(ActionController) && Base.logger - logger.debug "ERROR: compiling #{render_symbol} RAISED #{e}" - logger.debug "Function body: #{source}" - logger.debug "Backtrace: #{e.backtrace.join("\n")}" - end - - raise ActionView::TemplateError.new(self, {}, e) - end - end - - def recompile? - false - end - end -end diff --git a/actionpack/lib/action_view/renderable_partial.rb b/actionpack/lib/action_view/renderable_partial.rb deleted file mode 100644 index 3ea836fa25..0000000000 --- a/actionpack/lib/action_view/renderable_partial.rb +++ /dev/null @@ -1,47 +0,0 @@ -module ActionView - # NOTE: The template that this mixin is being included into is frozen - # so you cannot set or modify any instance variables - module RenderablePartial #:nodoc: - extend ActiveSupport::Memoizable - - def variable_name - name.sub(/\A_/, '').to_sym - end - memoize :variable_name - - def counter_name - "#{variable_name}_counter".to_sym - end - memoize :counter_name - - def render(view, local_assigns = {}) - if defined? ActionController - ActionController::Base.benchmark("Rendered #{path_without_format_and_extension}", Logger::DEBUG, false) do - super - end - else - super - end - end - - def render_partial(view, object = nil, local_assigns = {}, as = nil) - object ||= local_assigns[:object] || local_assigns[variable_name] - - if object.nil? && view.respond_to?(:controller) - ivar = :"@#{variable_name}" - object = - if view.controller.instance_variable_defined?(ivar) - ActiveSupport::Deprecation::DeprecatedObjectProxy.new( - view.controller.instance_variable_get(ivar), - "#{ivar} will no longer be implicitly assigned to #{variable_name}") - end - end - - # Ensure correct object is reassigned to other accessors - local_assigns[:object] = local_assigns[variable_name] = object - local_assigns[as] = object if as - - render_template(view, local_assigns) - end - end -end diff --git a/actionpack/lib/action_view/template.rb b/actionpack/lib/action_view/template.rb deleted file mode 100644 index 9d1e0d3ac5..0000000000 --- a/actionpack/lib/action_view/template.rb +++ /dev/null @@ -1,235 +0,0 @@ -module ActionView #:nodoc: - class Template - class Path - attr_reader :path, :paths - delegate :hash, :inspect, :to => :path - - def initialize(path) - raise ArgumentError, "path already is a Path class" if path.is_a?(Path) - @path = path.freeze - end - - def to_s - if defined?(RAILS_ROOT) - path.to_s.sub(/^#{Regexp.escape(File.expand_path(RAILS_ROOT))}\//, '') - else - path.to_s - end - end - - def to_str - path.to_str - end - - def ==(path) - to_str == path.to_str - end - - def eql?(path) - to_str == path.to_str - end - - # Returns a ActionView::Template object for the given path string. The - # input path should be relative to the view path directory, - # +hello/index.html.erb+. This method also has a special exception to - # match partial file names without a handler extension. So - # +hello/index.html+ will match the first template it finds with a - # known template extension, +hello/index.html.erb+. Template extensions - # should not be confused with format extensions +html+, +js+, +xml+, - # etc. A format must be supplied to match a formated file. +hello/index+ - # will never match +hello/index.html.erb+. - def [](path) - templates_in_path do |template| - if template.accessible_paths.include?(path) - return template - end - end - nil - end - - private - def templates_in_path - (Dir.glob("#{@path}/**/*/**") | Dir.glob("#{@path}/**")).each do |file| - yield create_template(file) unless File.directory?(file) - end - end - - def create_template(file) - Template.new(file.split("#{self}/").last, self) - end - end - - class EagerPath < Path - def initialize(path) - super - - @paths = {} - templates_in_path do |template| - template.load! - template.accessible_paths.each do |path| - @paths[path] = template - end - end - @paths.freeze - end - - def [](path) - @paths[path] - end - end - - extend TemplateHandlers - extend ActiveSupport::Memoizable - include Renderable - - # Templates that are exempt from layouts - @@exempt_from_layout = Set.new([/\.rjs$/]) - - # Don't render layouts for templates with the given extensions. - def self.exempt_from_layout(*extensions) - regexps = extensions.collect do |extension| - extension.is_a?(Regexp) ? extension : /\.#{Regexp.escape(extension.to_s)}$/ - end - @@exempt_from_layout.merge(regexps) - end - - attr_accessor :filename, :load_path, :base_path, :name, :format, :extension - delegate :to_s, :to => :path - - def initialize(template_path, load_paths = []) - template_path = template_path.dup - @load_path, @filename = find_full_path(template_path, load_paths) - @base_path, @name, @format, @extension = split(template_path) - @base_path.to_s.gsub!(/\/$/, '') # Push to split method - - # Extend with partial super powers - extend RenderablePartial if @name =~ /^_/ - end - - def accessible_paths - paths = [] - paths << path - paths << path_without_extension - if multipart? - formats = format.split(".") - paths << "#{path_without_format_and_extension}.#{formats.first}" - paths << "#{path_without_format_and_extension}.#{formats.second}" - end - paths - end - - def format_and_extension - (extensions = [format, extension].compact.join(".")).blank? ? nil : extensions - end - memoize :format_and_extension - - def multipart? - format && format.include?('.') - end - - def content_type - format.gsub('.', '/') - end - - def mime_type - Mime::Type.lookup_by_extension(format) if format - end - memoize :mime_type - - def path - [base_path, [name, format, extension].compact.join('.')].compact.join('/') - end - memoize :path - - def path_without_extension - [base_path, [name, format].compact.join('.')].compact.join('/') - end - memoize :path_without_extension - - def path_without_format_and_extension - [base_path, name].compact.join('/') - end - memoize :path_without_format_and_extension - - def relative_path - path = File.expand_path(filename) - path.sub!(/^#{Regexp.escape(File.expand_path(RAILS_ROOT))}\//, '') if defined?(RAILS_ROOT) - path - end - memoize :relative_path - - def exempt_from_layout? - @@exempt_from_layout.any? { |exempted| path =~ exempted } - end - - def mtime - File.mtime(filename) - end - memoize :mtime - - def source - File.read(filename) - end - memoize :source - - def method_segment - relative_path.to_s.gsub(/([^a-zA-Z0-9_])/) { $1.ord } - end - memoize :method_segment - - def render_template(view, local_assigns = {}) - render(view, local_assigns) - rescue Exception => e - raise e unless filename - if TemplateError === e - e.sub_template_of(self) - raise e - else - raise TemplateError.new(self, view.assigns, e) - end - end - - def stale? - File.mtime(filename) > mtime - end - - def recompile? - !@cached - end - - def load! - @cached = true - freeze - end - - private - def valid_extension?(extension) - !Template.registered_template_handler(extension).nil? - end - - def find_full_path(path, load_paths) - load_paths = Array(load_paths) + [nil] - load_paths.each do |load_path| - file = load_path ? "#{load_path.to_str}/#{path}" : path - return load_path, file if File.file?(file) - end - raise MissingTemplate.new(load_paths, path) - end - - # Returns file split into an array - # [base_path, name, format, extension] - def split(file) - if m = file.match(/^(.*\/)?([^\.]+)\.?(\w+)?\.?(\w+)?\.?(\w+)?$/) - if valid_extension?(m[5]) # Multipart formats - [m[1], m[2], "#{m[3]}.#{m[4]}", m[5]] - elsif valid_extension?(m[4]) # Single format - [m[1], m[2], m[3], m[4]] - elsif valid_extension?(m[3]) # No format - [m[1], m[2], nil, m[3]] - else # No extension - [m[1], m[2], m[3], nil] - end - end - end - end -end diff --git a/actionpack/lib/action_view/template/error.rb b/actionpack/lib/action_view/template/error.rb new file mode 100644 index 0000000000..37cb1c7c6c --- /dev/null +++ b/actionpack/lib/action_view/template/error.rb @@ -0,0 +1,99 @@ +module ActionView + # The TemplateError exception is raised when the compilation of the template fails. This exception then gathers a + # bunch of intimate details and uses it to report a very precise exception message. + class TemplateError < ActionViewError #:nodoc: + SOURCE_CODE_RADIUS = 3 + + attr_reader :original_exception + + def initialize(template, assigns, original_exception) + @template, @assigns, @original_exception = template, assigns.dup, original_exception + @backtrace = compute_backtrace + end + + def file_name + @template.relative_path + end + + def message + ActiveSupport::Deprecation.silence { original_exception.message } + end + + def clean_backtrace + if defined?(Rails) && Rails.respond_to?(:backtrace_cleaner) + Rails.backtrace_cleaner.clean(original_exception.backtrace) + else + original_exception.backtrace + end + end + + def sub_template_message + if @sub_templates + "Trace of template inclusion: " + + @sub_templates.collect { |template| template.relative_path }.join(", ") + else + "" + end + end + + def source_extract(indentation = 0) + return unless num = line_number + num = num.to_i + + source_code = @template.source.split("\n") + + start_on_line = [ num - SOURCE_CODE_RADIUS - 1, 0 ].max + end_on_line = [ num + SOURCE_CODE_RADIUS - 1, source_code.length].min + + indent = ' ' * indentation + line_counter = start_on_line + return unless source_code = source_code[start_on_line..end_on_line] + + source_code.sum do |line| + line_counter += 1 + "#{indent}#{line_counter}: #{line}\n" + end + end + + def sub_template_of(template_path) + @sub_templates ||= [] + @sub_templates << template_path + end + + def line_number + @line_number ||= + if file_name + regexp = /#{Regexp.escape File.basename(file_name)}:(\d+)/ + + $1 if message =~ regexp or clean_backtrace.find { |line| line =~ regexp } + end + end + + def to_s + "\n#{self.class} (#{message}) #{source_location}:\n" + + "#{source_extract}\n #{clean_backtrace.join("\n ")}\n\n" + end + + # don't do anything nontrivial here. Any raised exception from here becomes fatal + # (and can't be rescued). + def backtrace + @backtrace + end + + private + def compute_backtrace + [ + "#{source_location.capitalize}\n\n#{source_extract(4)}\n " + + clean_backtrace.join("\n ") + ] + end + + def source_location + if line_number + "on line ##{line_number} of " + else + 'in ' + end + file_name + end + end +end \ No newline at end of file diff --git a/actionpack/lib/action_view/template/handler.rb b/actionpack/lib/action_view/template/handler.rb new file mode 100644 index 0000000000..672da0ed2b --- /dev/null +++ b/actionpack/lib/action_view/template/handler.rb @@ -0,0 +1,34 @@ +# Legacy TemplateHandler stub +module ActionView + module TemplateHandlers #:nodoc: + module Compilable + def self.included(base) + base.extend(ClassMethods) + end + + module ClassMethods + def call(template) + new.compile(template) + end + end + + def compile(template) + raise "Need to implement #{self.class.name}#compile(template)" + end + end + end + + class TemplateHandler + def self.call(template) + "#{name}.new(self).render(template, local_assigns)" + end + + def initialize(view = nil) + @view = view + end + + def render(template, local_assigns) + raise "Need to implement #{self.class.name}#render(template, local_assigns)" + end + end +end diff --git a/actionpack/lib/action_view/template/handlers.rb b/actionpack/lib/action_view/template/handlers.rb new file mode 100644 index 0000000000..fb85f28851 --- /dev/null +++ b/actionpack/lib/action_view/template/handlers.rb @@ -0,0 +1,48 @@ +module ActionView #:nodoc: + module TemplateHandlers #:nodoc: + autoload :ERB, 'action_view/template/handlers/erb' + autoload :RJS, 'action_view/template/handlers/rjs' + autoload :Builder, 'action_view/template/handlers/builder' + + def self.extended(base) + base.register_default_template_handler :erb, TemplateHandlers::ERB + base.register_template_handler :rjs, TemplateHandlers::RJS + base.register_template_handler :builder, TemplateHandlers::Builder + + # TODO: Depreciate old template extensions + base.register_template_handler :rhtml, TemplateHandlers::ERB + base.register_template_handler :rxml, TemplateHandlers::Builder + end + + @@template_handlers = {} + @@default_template_handlers = nil + + # Register a class that knows how to handle template files with the given + # extension. This can be used to implement new template types. + # The constructor for the class must take the ActiveView::Base instance + # as a parameter, and the class must implement a +render+ method that + # takes the contents of the template to render as well as the Hash of + # local assigns available to the template. The +render+ method ought to + # return the rendered template as a string. + def register_template_handler(extension, klass) + @@template_handlers[extension.to_sym] = klass + end + + def template_handler_extensions + @@template_handlers.keys.map(&:to_s).sort + end + + def registered_template_handler(extension) + extension && @@template_handlers[extension.to_sym] + end + + def register_default_template_handler(extension, klass) + register_template_handler(extension, klass) + @@default_template_handlers = klass + end + + def handler_class_for_extension(extension) + registered_template_handler(extension) || @@default_template_handlers + end + end +end diff --git a/actionpack/lib/action_view/template/handlers/builder.rb b/actionpack/lib/action_view/template/handlers/builder.rb new file mode 100644 index 0000000000..788dc93326 --- /dev/null +++ b/actionpack/lib/action_view/template/handlers/builder.rb @@ -0,0 +1,17 @@ +require 'builder' + +module ActionView + module TemplateHandlers + class Builder < TemplateHandler + include Compilable + + def compile(template) + "_set_controller_content_type(Mime::XML);" + + "xml = ::Builder::XmlMarkup.new(:indent => 2);" + + "self.output_buffer = xml.target!;" + + template.source + + ";xml.target!;" + end + end + end +end diff --git a/actionpack/lib/action_view/template/handlers/erb.rb b/actionpack/lib/action_view/template/handlers/erb.rb new file mode 100644 index 0000000000..e3120ba267 --- /dev/null +++ b/actionpack/lib/action_view/template/handlers/erb.rb @@ -0,0 +1,22 @@ +module ActionView + module TemplateHandlers + class ERB < TemplateHandler + include Compilable + + ## + # :singleton-method: + # Specify trim mode for the ERB compiler. Defaults to '-'. + # See ERb documentation for suitable values. + cattr_accessor :erb_trim_mode + self.erb_trim_mode = '-' + + def compile(template) + src = ::ERB.new("<% __in_erb_template=true %>#{template.source}", nil, erb_trim_mode, '@output_buffer').src + + # Ruby 1.9 prepends an encoding to the source. However this is + # useless because you can only set an encoding on the first line + RUBY_VERSION >= '1.9' ? src.sub(/\A#coding:.*\n/, '') : src + end + end + end +end diff --git a/actionpack/lib/action_view/template/handlers/rjs.rb b/actionpack/lib/action_view/template/handlers/rjs.rb new file mode 100644 index 0000000000..802a79b3fc --- /dev/null +++ b/actionpack/lib/action_view/template/handlers/rjs.rb @@ -0,0 +1,13 @@ +module ActionView + module TemplateHandlers + class RJS < TemplateHandler + include Compilable + + def compile(template) + "@formats = [:html];" + + "controller.response.content_type ||= Mime::JS;" + + "update_page do |page|;#{template.source}\nend" + end + end + end +end diff --git a/actionpack/lib/action_view/template/inline.rb b/actionpack/lib/action_view/template/inline.rb new file mode 100644 index 0000000000..54efa543c8 --- /dev/null +++ b/actionpack/lib/action_view/template/inline.rb @@ -0,0 +1,19 @@ +module ActionView #:nodoc: + class InlineTemplate #:nodoc: + include Renderable + + attr_reader :source, :extension, :method_segment + + def initialize(source, type = nil) + @source = source + @extension = type + @method_segment = "inline_#{@source.hash.abs}" + end + + private + # Always recompile inline templates + def recompile? + true + end + end +end diff --git a/actionpack/lib/action_view/template/partial.rb b/actionpack/lib/action_view/template/partial.rb new file mode 100644 index 0000000000..30dec1dc5b --- /dev/null +++ b/actionpack/lib/action_view/template/partial.rb @@ -0,0 +1,18 @@ +module ActionView + # NOTE: The template that this mixin is being included into is frozen + # so you cannot set or modify any instance variables + module RenderablePartial #:nodoc: + extend ActiveSupport::Memoizable + + def variable_name + name.sub(/\A_/, '').to_sym + end + memoize :variable_name + + def counter_name + "#{variable_name}_counter".to_sym + end + memoize :counter_name + + end +end diff --git a/actionpack/lib/action_view/template/renderable.rb b/actionpack/lib/action_view/template/renderable.rb new file mode 100644 index 0000000000..35c832aaba --- /dev/null +++ b/actionpack/lib/action_view/template/renderable.rb @@ -0,0 +1,74 @@ +module ActionView + # NOTE: The template that this mixin is being included into is frozen + # so you cannot set or modify any instance variables + module Renderable #:nodoc: + extend ActiveSupport::Memoizable + + def filename + 'compiled-template' + end + + def handler + Template.handler_class_for_extension(extension) + end + memoize :handler + + def compiled_source + handler.call(self) + end + memoize :compiled_source + + def method_name_without_locals + ['_run', extension, method_segment].compact.join('_') + end + memoize :method_name_without_locals + + def method_name(local_assigns) + if local_assigns && local_assigns.any? + method_name = method_name_without_locals.dup + method_name << "_locals_#{local_assigns.keys.map { |k| k.to_s }.sort.join('_')}" + else + method_name = method_name_without_locals + end + method_name.to_sym + end + + # Compile and evaluate the template's code (if necessary) + def compile(local_assigns) + render_symbol = method_name(local_assigns) + + if !Base::CompiledTemplates.method_defined?(render_symbol) || recompile? + compile!(render_symbol, local_assigns) + end + end + + private + def compile!(render_symbol, local_assigns) + locals_code = local_assigns.keys.map { |key| "#{key} = local_assigns[:#{key}];" }.join + + source = <<-end_src + def #{render_symbol}(local_assigns) + old_output_buffer = output_buffer;#{locals_code};#{compiled_source} + ensure + self.output_buffer = old_output_buffer + end + end_src + + begin + ActionView::Base::CompiledTemplates.module_eval(source, filename, 0) + rescue Exception => e # errors from template code + if logger = defined?(ActionController) && Base.logger + logger.debug "ERROR: compiling #{render_symbol} RAISED #{e}" + logger.debug "Function body: #{source}" + logger.debug "Backtrace: #{e.backtrace.join("\n")}" + end + + raise ActionView::TemplateError.new(self, {}, e) + end + end + + def recompile? + false + end + end +end diff --git a/actionpack/lib/action_view/template/template.rb b/actionpack/lib/action_view/template/template.rb new file mode 100644 index 0000000000..235a95a0f3 --- /dev/null +++ b/actionpack/lib/action_view/template/template.rb @@ -0,0 +1,241 @@ +module ActionView #:nodoc: + class Template + class Path + attr_reader :path, :paths + delegate :hash, :inspect, :to => :path + + def initialize(path) + raise ArgumentError, "path already is a Path class" if path.is_a?(Path) + @path = path.freeze + end + + def to_s + if defined?(RAILS_ROOT) + path.to_s.sub(/^#{Regexp.escape(File.expand_path(RAILS_ROOT))}\//, '') + else + path.to_s + end + end + + def to_str + path.to_str + end + + def ==(path) + to_str == path.to_str + end + + def eql?(path) + to_str == path.to_str + end + + # Returns a ActionView::Template object for the given path string. The + # input path should be relative to the view path directory, + # +hello/index.html.erb+. This method also has a special exception to + # match partial file names without a handler extension. So + # +hello/index.html+ will match the first template it finds with a + # known template extension, +hello/index.html.erb+. Template extensions + # should not be confused with format extensions +html+, +js+, +xml+, + # etc. A format must be supplied to match a formated file. +hello/index+ + # will never match +hello/index.html.erb+. + def find_template(path) + templates_in_path do |template| + if template.accessible_paths.include?(path) + return template + end + end + nil + end + + def find_by_parts(name, extensions = nil, prefix = nil, partial = nil) + path = prefix ? "#{prefix}/" : "" + + name = name.split("/") + name[-1] = "_#{name[-1]}" if partial + + path << name.join("/") + + template = nil + + Array(extensions).each do |extension| + extensioned_path = extension ? "#{path}.#{extension}" : path + template = find_template(extensioned_path) || find_template(path) + break if template + end + template + end + + private + def templates_in_path + (Dir.glob("#{@path}/**/*/**") | Dir.glob("#{@path}/**")).each do |file| + yield create_template(file) unless File.directory?(file) + end + end + + def create_template(file) + Template.new(file.split("#{self}/").last, self) + end + end + + class EagerPath < Path + def initialize(path) + super + + @paths = {} + templates_in_path do |template| + template.load! + template.accessible_paths.each do |path| + @paths[path] = template + end + end + @paths.freeze + end + + def find_template(path) + @paths[path] + end + end + + extend TemplateHandlers + extend ActiveSupport::Memoizable + include Renderable + + # Templates that are exempt from layouts + @@exempt_from_layout = Set.new([/\.rjs$/]) + + # Don't render layouts for templates with the given extensions. + def self.exempt_from_layout(*extensions) + regexps = extensions.collect do |extension| + extension.is_a?(Regexp) ? extension : /\.#{Regexp.escape(extension.to_s)}$/ + end + @@exempt_from_layout.merge(regexps) + end + + attr_accessor :filename, :load_path, :base_path, :name, :format, :extension + delegate :to_s, :to => :path + + def initialize(template_path, load_paths = []) + template_path = template_path.dup + @load_path, @filename = find_full_path(template_path, load_paths) + @base_path, @name, @format, @extension = split(template_path) + @base_path.to_s.gsub!(/\/$/, '') # Push to split method + + # Extend with partial super powers + extend RenderablePartial if @name =~ /^_/ + end + + def accessible_paths + paths = [] + paths << path + paths << path_without_extension + if multipart? + formats = format.split(".") + paths << "#{path_without_format_and_extension}.#{formats.first}" + paths << "#{path_without_format_and_extension}.#{formats.second}" + end + paths + end + + def format_and_extension + (extensions = [format, extension].compact.join(".")).blank? ? nil : extensions + end + memoize :format_and_extension + + def multipart? + format && format.include?('.') + end + + def content_type + format.gsub('.', '/') + end + + def mime_type + Mime::Type.lookup_by_extension(format) if format + end + memoize :mime_type + + def path + [base_path, [name, format, extension].compact.join('.')].compact.join('/') + end + memoize :path + + def path_without_extension + [base_path, [name, format].compact.join('.')].compact.join('/') + end + memoize :path_without_extension + + def path_without_format_and_extension + [base_path, name].compact.join('/') + end + memoize :path_without_format_and_extension + + def relative_path + path = File.expand_path(filename) + path.sub!(/^#{Regexp.escape(File.expand_path(RAILS_ROOT))}\//, '') if defined?(RAILS_ROOT) + path + end + memoize :relative_path + + def exempt_from_layout? + @@exempt_from_layout.any? { |exempted| path =~ exempted } + end + + def mtime + File.mtime(filename) + end + memoize :mtime + + def source + File.read(filename) + end + memoize :source + + def method_segment + relative_path.to_s.gsub(/([^a-zA-Z0-9_])/) { $1.ord } + end + memoize :method_segment + + def stale? + File.mtime(filename) > mtime + end + + def recompile? + !@cached + end + + def load! + @cached = true + freeze + end + + private + def valid_extension?(extension) + !Template.registered_template_handler(extension).nil? + end + + def find_full_path(path, load_paths) + load_paths = Array(load_paths) + [nil] + load_paths.each do |load_path| + file = load_path ? "#{load_path.to_str}/#{path}" : path + return load_path, file if File.file?(file) + end + raise MissingTemplate.new(load_paths, path) + end + + # Returns file split into an array + # [base_path, name, format, extension] + def split(file) + if m = file.match(/^(.*\/)?([^\.]+)\.?(\w+)?\.?(\w+)?\.?(\w+)?$/) + if valid_extension?(m[5]) # Multipart formats + [m[1], m[2], "#{m[3]}.#{m[4]}", m[5]] + elsif valid_extension?(m[4]) # Single format + [m[1], m[2], m[3], m[4]] + elsif valid_extension?(m[3]) # No format + [m[1], m[2], nil, m[3]] + else # No extension + [m[1], m[2], m[3], nil] + end + end + end + end +end diff --git a/actionpack/lib/action_view/template_error.rb b/actionpack/lib/action_view/template_error.rb deleted file mode 100644 index 37cb1c7c6c..0000000000 --- a/actionpack/lib/action_view/template_error.rb +++ /dev/null @@ -1,99 +0,0 @@ -module ActionView - # The TemplateError exception is raised when the compilation of the template fails. This exception then gathers a - # bunch of intimate details and uses it to report a very precise exception message. - class TemplateError < ActionViewError #:nodoc: - SOURCE_CODE_RADIUS = 3 - - attr_reader :original_exception - - def initialize(template, assigns, original_exception) - @template, @assigns, @original_exception = template, assigns.dup, original_exception - @backtrace = compute_backtrace - end - - def file_name - @template.relative_path - end - - def message - ActiveSupport::Deprecation.silence { original_exception.message } - end - - def clean_backtrace - if defined?(Rails) && Rails.respond_to?(:backtrace_cleaner) - Rails.backtrace_cleaner.clean(original_exception.backtrace) - else - original_exception.backtrace - end - end - - def sub_template_message - if @sub_templates - "Trace of template inclusion: " + - @sub_templates.collect { |template| template.relative_path }.join(", ") - else - "" - end - end - - def source_extract(indentation = 0) - return unless num = line_number - num = num.to_i - - source_code = @template.source.split("\n") - - start_on_line = [ num - SOURCE_CODE_RADIUS - 1, 0 ].max - end_on_line = [ num + SOURCE_CODE_RADIUS - 1, source_code.length].min - - indent = ' ' * indentation - line_counter = start_on_line - return unless source_code = source_code[start_on_line..end_on_line] - - source_code.sum do |line| - line_counter += 1 - "#{indent}#{line_counter}: #{line}\n" - end - end - - def sub_template_of(template_path) - @sub_templates ||= [] - @sub_templates << template_path - end - - def line_number - @line_number ||= - if file_name - regexp = /#{Regexp.escape File.basename(file_name)}:(\d+)/ - - $1 if message =~ regexp or clean_backtrace.find { |line| line =~ regexp } - end - end - - def to_s - "\n#{self.class} (#{message}) #{source_location}:\n" + - "#{source_extract}\n #{clean_backtrace.join("\n ")}\n\n" - end - - # don't do anything nontrivial here. Any raised exception from here becomes fatal - # (and can't be rescued). - def backtrace - @backtrace - end - - private - def compute_backtrace - [ - "#{source_location.capitalize}\n\n#{source_extract(4)}\n " + - clean_backtrace.join("\n ") - ] - end - - def source_location - if line_number - "on line ##{line_number} of " - else - 'in ' - end + file_name - end - end -end \ No newline at end of file diff --git a/actionpack/lib/action_view/template_handler.rb b/actionpack/lib/action_view/template_handler.rb deleted file mode 100644 index 672da0ed2b..0000000000 --- a/actionpack/lib/action_view/template_handler.rb +++ /dev/null @@ -1,34 +0,0 @@ -# Legacy TemplateHandler stub -module ActionView - module TemplateHandlers #:nodoc: - module Compilable - def self.included(base) - base.extend(ClassMethods) - end - - module ClassMethods - def call(template) - new.compile(template) - end - end - - def compile(template) - raise "Need to implement #{self.class.name}#compile(template)" - end - end - end - - class TemplateHandler - def self.call(template) - "#{name}.new(self).render(template, local_assigns)" - end - - def initialize(view = nil) - @view = view - end - - def render(template, local_assigns) - raise "Need to implement #{self.class.name}#render(template, local_assigns)" - end - end -end diff --git a/actionpack/lib/action_view/template_handlers.rb b/actionpack/lib/action_view/template_handlers.rb deleted file mode 100644 index 205f8628f0..0000000000 --- a/actionpack/lib/action_view/template_handlers.rb +++ /dev/null @@ -1,48 +0,0 @@ -module ActionView #:nodoc: - module TemplateHandlers #:nodoc: - autoload :ERB, 'action_view/template_handlers/erb' - autoload :RJS, 'action_view/template_handlers/rjs' - autoload :Builder, 'action_view/template_handlers/builder' - - def self.extended(base) - base.register_default_template_handler :erb, TemplateHandlers::ERB - base.register_template_handler :rjs, TemplateHandlers::RJS - base.register_template_handler :builder, TemplateHandlers::Builder - - # TODO: Depreciate old template extensions - base.register_template_handler :rhtml, TemplateHandlers::ERB - base.register_template_handler :rxml, TemplateHandlers::Builder - end - - @@template_handlers = {} - @@default_template_handlers = nil - - # Register a class that knows how to handle template files with the given - # extension. This can be used to implement new template types. - # The constructor for the class must take the ActiveView::Base instance - # as a parameter, and the class must implement a +render+ method that - # takes the contents of the template to render as well as the Hash of - # local assigns available to the template. The +render+ method ought to - # return the rendered template as a string. - def register_template_handler(extension, klass) - @@template_handlers[extension.to_sym] = klass - end - - def template_handler_extensions - @@template_handlers.keys.map(&:to_s).sort - end - - def registered_template_handler(extension) - extension && @@template_handlers[extension.to_sym] - end - - def register_default_template_handler(extension, klass) - register_template_handler(extension, klass) - @@default_template_handlers = klass - end - - def handler_class_for_extension(extension) - registered_template_handler(extension) || @@default_template_handlers - end - end -end diff --git a/actionpack/lib/action_view/template_handlers/builder.rb b/actionpack/lib/action_view/template_handlers/builder.rb deleted file mode 100644 index 788dc93326..0000000000 --- a/actionpack/lib/action_view/template_handlers/builder.rb +++ /dev/null @@ -1,17 +0,0 @@ -require 'builder' - -module ActionView - module TemplateHandlers - class Builder < TemplateHandler - include Compilable - - def compile(template) - "_set_controller_content_type(Mime::XML);" + - "xml = ::Builder::XmlMarkup.new(:indent => 2);" + - "self.output_buffer = xml.target!;" + - template.source + - ";xml.target!;" - end - end - end -end diff --git a/actionpack/lib/action_view/template_handlers/erb.rb b/actionpack/lib/action_view/template_handlers/erb.rb deleted file mode 100644 index e3120ba267..0000000000 --- a/actionpack/lib/action_view/template_handlers/erb.rb +++ /dev/null @@ -1,22 +0,0 @@ -module ActionView - module TemplateHandlers - class ERB < TemplateHandler - include Compilable - - ## - # :singleton-method: - # Specify trim mode for the ERB compiler. Defaults to '-'. - # See ERb documentation for suitable values. - cattr_accessor :erb_trim_mode - self.erb_trim_mode = '-' - - def compile(template) - src = ::ERB.new("<% __in_erb_template=true %>#{template.source}", nil, erb_trim_mode, '@output_buffer').src - - # Ruby 1.9 prepends an encoding to the source. However this is - # useless because you can only set an encoding on the first line - RUBY_VERSION >= '1.9' ? src.sub(/\A#coding:.*\n/, '') : src - end - end - end -end diff --git a/actionpack/lib/action_view/template_handlers/rjs.rb b/actionpack/lib/action_view/template_handlers/rjs.rb deleted file mode 100644 index 41a1fddb47..0000000000 --- a/actionpack/lib/action_view/template_handlers/rjs.rb +++ /dev/null @@ -1,13 +0,0 @@ -module ActionView - module TemplateHandlers - class RJS < TemplateHandler - include Compilable - - def compile(template) - "@template_format = :html;" + - "controller.response.content_type ||= Mime::JS;" + - "update_page do |page|;#{template.source}\nend" - end - end - end -end diff --git a/actionpack/lib/action_view/test_case.rb b/actionpack/lib/action_view/test_case.rb index ec337bb05b..c8f204046b 100644 --- a/actionpack/lib/action_view/test_case.rb +++ b/actionpack/lib/action_view/test_case.rb @@ -7,18 +7,15 @@ module ActionView @_rendered = { :template => nil, :partials => Hash.new(0) } initialize_without_template_tracking(*args) end - end - - module Renderable - alias_method :render_without_template_tracking, :render - def render(view, local_assigns = {}) - if respond_to?(:path) && !is_a?(InlineTemplate) - rendered = view.instance_variable_get(:@_rendered) - rendered[:partials][self] += 1 if is_a?(RenderablePartial) - rendered[:template] ||= self + + alias_method :_render_template_without_template_tracking, :_render_template + def _render_template(template, local_assigns = {}) + if template.respond_to?(:path) && !template.is_a?(InlineTemplate) + @_rendered[:partials][template] += 1 if template.is_a?(RenderablePartial) + @_rendered[:template] ||= template end - render_without_template_tracking(view, local_assigns) - end + _render_template_without_template_tracking(template, local_assigns) + end end class TestCase < ActiveSupport::TestCase diff --git a/actionpack/test/controller/layout_test.rb b/actionpack/test/controller/layout_test.rb index 2f5e830fba..16c16aa88d 100644 --- a/actionpack/test/controller/layout_test.rb +++ b/actionpack/test/controller/layout_test.rb @@ -55,7 +55,7 @@ class LayoutAutoDiscoveryTest < ActionController::TestCase def test_third_party_template_library_auto_discovers_layout @controller = ThirdPartyTemplateLibraryController.new get :hello - assert_equal 'layouts/third_party_template_library.mab', @controller.active_layout.to_s + assert_equal 'layouts/third_party_template_library.mab', @controller.active_layout(true).to_s assert_equal 'layouts/third_party_template_library', @response.layout assert_response :success assert_equal 'Mab', @response.body @@ -64,14 +64,14 @@ class LayoutAutoDiscoveryTest < ActionController::TestCase def test_namespaced_controllers_auto_detect_layouts @controller = ControllerNameSpace::NestedController.new get :hello - assert_equal 'layouts/controller_name_space/nested', @controller.active_layout.to_s + assert_equal 'layouts/controller_name_space/nested', @controller.active_layout(true).to_s assert_equal 'controller_name_space/nested.rhtml hello.rhtml', @response.body end def test_namespaced_controllers_auto_detect_layouts @controller = MultipleExtensions.new get :hello - assert_equal 'layouts/multiple_extensions.html.erb', @controller.active_layout.to_s + assert_equal 'layouts/multiple_extensions.html.erb', @controller.active_layout(true).to_s assert_equal 'multiple_extensions.html.erb hello.rhtml', @response.body.strip end end @@ -83,6 +83,14 @@ class HasOwnLayoutController < LayoutTest layout 'item' end +class OnlyLayoutController < LayoutTest + layout 'item', :only => "hello" +end + +class ExceptLayoutController < LayoutTest + layout 'item', :except => "goodbye" +end + class SetsLayoutInRenderController < LayoutTest def hello render :layout => 'third_party_template_library' @@ -107,6 +115,30 @@ class LayoutSetInResponseTest < ActionController::TestCase get :hello assert_equal 'layouts/item', @response.layout end + + def test_layout_only_exception_when_included + @controller = OnlyLayoutController.new + get :hello + assert_equal 'layouts/item', @response.layout + end + + def test_layout_only_exception_when_excepted + @controller = OnlyLayoutController.new + get :goodbye + assert_equal nil, @response.layout + end + + def test_layout_except_exception_when_included + @controller = ExceptLayoutController.new + get :hello + assert_equal 'layouts/item', @response.layout + end + + def test_layout_except_exception_when_excepted + @controller = ExceptLayoutController.new + get :goodbye + assert_equal nil, @response.layout + end def test_layout_set_when_using_render @controller = SetsLayoutInRenderController.new diff --git a/actionpack/test/controller/mime_responds_test.rb b/actionpack/test/controller/mime_responds_test.rb index dc59180a68..948e90254d 100644 --- a/actionpack/test/controller/mime_responds_test.rb +++ b/actionpack/test/controller/mime_responds_test.rb @@ -437,7 +437,7 @@ class MimeControllerTest < ActionController::TestCase unless args.empty? @action = args.first[:action] end - response.body = "#{@action} - #{@template.template_format}" + response.body = "#{@action} - #{@template.formats}" end end diff --git a/actionpack/test/controller/render_test.rb b/actionpack/test/controller/render_test.rb index 8809aa7c34..11b502a564 100644 --- a/actionpack/test/controller/render_test.rb +++ b/actionpack/test/controller/render_test.rb @@ -342,7 +342,7 @@ class TestController < ActionController::Base end def accessing_params_in_template_with_layout - render :layout => nil, :inline => "Hello: <%= params[:name] %>" + render :layout => true, :inline => "Hello: <%= params[:name] %>" end def render_with_explicit_template @@ -1612,7 +1612,7 @@ class RenderingLoggingTest < ActionController::TestCase @controller.logger = MockLogger.new get :layout_test logged = @controller.logger.logged.find_all {|l| l =~ /render/i } - assert_equal "Rendering template within layouts/standard", logged[0] - assert_equal "Rendering test/hello_world", logged[1] + assert_equal "Rendering test/hello_world", logged[0] + assert_equal "Rendering template within layouts/standard", logged[1] end end diff --git a/actionpack/test/controller/view_paths_test.rb b/actionpack/test/controller/view_paths_test.rb index ac84e2dfcd..1539f8f506 100644 --- a/actionpack/test/controller/view_paths_test.rb +++ b/actionpack/test/controller/view_paths_test.rb @@ -29,8 +29,8 @@ class ViewLoadPathsTest < ActionController::TestCase @controller = TestController.new # Following is needed in order to setup @controller.template object properly - @controller.send :initialize_template_class, @response @controller.send :assign_shortcuts, @request, @response + @controller.send :initialize_template_class, @response # Track the last warning. @old_behavior = ActiveSupport::Deprecation.behavior diff --git a/actionpack/test/fixtures/layout_tests/views/goodbye.rhtml b/actionpack/test/fixtures/layout_tests/views/goodbye.rhtml new file mode 100644 index 0000000000..bbccf0913e --- /dev/null +++ b/actionpack/test/fixtures/layout_tests/views/goodbye.rhtml @@ -0,0 +1 @@ +hello.rhtml \ No newline at end of file diff --git a/actionpack/test/template/javascript_helper_test.rb b/actionpack/test/template/javascript_helper_test.rb index d41111127b..d814f84752 100644 --- a/actionpack/test/template/javascript_helper_test.rb +++ b/actionpack/test/template/javascript_helper_test.rb @@ -3,7 +3,7 @@ require 'abstract_unit' class JavaScriptHelperTest < ActionView::TestCase tests ActionView::Helpers::JavaScriptHelper - attr_accessor :template_format, :output_buffer + attr_accessor :formats, :output_buffer def setup @template = self diff --git a/actionpack/test/template/prototype_helper_test.rb b/actionpack/test/template/prototype_helper_test.rb index d6b86a3964..8ff29412bf 100644 --- a/actionpack/test/template/prototype_helper_test.rb +++ b/actionpack/test/template/prototype_helper_test.rb @@ -25,7 +25,7 @@ class Author::Nested < Author; end class PrototypeHelperBaseTest < ActionView::TestCase - attr_accessor :template_format, :output_buffer + attr_accessor :formats, :output_buffer def setup @template = self diff --git a/actionpack/test/template/render_test.rb b/actionpack/test/template/render_test.rb index 4bd897efeb..47348ebdb8 100644 --- a/actionpack/test/template/render_test.rb +++ b/actionpack/test/template/render_test.rb @@ -138,7 +138,7 @@ module RenderTestCases # TODO: The reason for this test is unclear, improve documentation def test_render_missing_xml_partial_and_raise_missing_template - @view.template_format = :xml + @view.formats = [:xml] assert_raise(ActionView::MissingTemplate) { @view.render(:partial => "test/layout_for_partial") } end diff --git a/activesupport/lib/active_support.rb b/activesupport/lib/active_support.rb index 7ebb3c48e0..62d538e2d5 100644 --- a/activesupport/lib/active_support.rb +++ b/activesupport/lib/active_support.rb @@ -32,6 +32,7 @@ module ActiveSupport autoload :BufferedLogger, 'active_support/buffered_logger' autoload :Cache, 'active_support/cache' autoload :Callbacks, 'active_support/callbacks' + autoload :ConcurrentHash, 'active_support/concurrent_hash' autoload :Deprecation, 'active_support/deprecation' autoload :Duration, 'active_support/duration' autoload :Gzip, 'active_support/gzip' diff --git a/activesupport/lib/active_support/buffered_logger.rb b/activesupport/lib/active_support/buffered_logger.rb index 33bcf327f8..568c596f91 100644 --- a/activesupport/lib/active_support/buffered_logger.rb +++ b/activesupport/lib/active_support/buffered_logger.rb @@ -67,14 +67,14 @@ module ActiveSupport end for severity in Severity.constants - class_eval <<-EOT, __FILE__, __LINE__ - def #{severity.downcase}(message = nil, progname = nil, &block) # def debug(message = nil, progname = nil, &block) - add(#{severity}, message, progname, &block) # add(DEBUG, message, progname, &block) - end # end - # - def #{severity.downcase}? # def debug? - #{severity} >= @level # DEBUG >= @level - end # end + class_eval <<-EOT, __FILE__, __LINE__ + 1 + def #{severity.downcase}(message = nil, progname = nil, &block) # def debug(message = nil, progname = nil, &block) + add(#{severity}, message, progname, &block) # add(DEBUG, message, progname, &block) + end # end + + def #{severity.downcase}? # def debug? + #{severity} >= @level # DEBUG >= @level + end # end EOT end diff --git a/activesupport/lib/active_support/callbacks.rb b/activesupport/lib/active_support/callbacks.rb index 86e66e0588..4bac8292e2 100644 --- a/activesupport/lib/active_support/callbacks.rb +++ b/activesupport/lib/active_support/callbacks.rb @@ -204,7 +204,7 @@ module ActiveSupport module ClassMethods def define_callbacks(*callbacks) callbacks.each do |callback| - class_eval <<-"end_eval" + class_eval <<-"end_eval", __FILE__, __LINE__ + 1 def self.#{callback}(*methods, &block) # def self.before_save(*methods, &block) callbacks = CallbackChain.build(:#{callback}, *methods, &block) # callbacks = CallbackChain.build(:before_save, *methods, &block) @#{callback}_callbacks ||= CallbackChain.new # @before_save_callbacks ||= CallbackChain.new diff --git a/activesupport/lib/active_support/concurrent_hash.rb b/activesupport/lib/active_support/concurrent_hash.rb new file mode 100644 index 0000000000..c9f9b16da3 --- /dev/null +++ b/activesupport/lib/active_support/concurrent_hash.rb @@ -0,0 +1,26 @@ +module ActiveSupport + class ConcurrentHash + def initialize(hash = {}) + @backup_cache = hash.dup + @frozen_cache = hash.dup.freeze + @mutex = Mutex.new + end + + def []=(k,v) + @mutex.synchronize { @backup_cache[k] = v } + @frozen_cache = @backup_cache.dup.freeze + end + + def [](k) + if @frozen_cache.key?(k) + @frozen_cache[k] + else + @mutex.synchronize { @backup_cache[k] } + end + end + + def empty? + @backup_cache.empty? + end + end +end diff --git a/activesupport/lib/active_support/core_ext/class/attribute_accessors.rb b/activesupport/lib/active_support/core_ext/class/attribute_accessors.rb index c795871474..75e481fc54 100644 --- a/activesupport/lib/active_support/core_ext/class/attribute_accessors.rb +++ b/activesupport/lib/active_support/core_ext/class/attribute_accessors.rb @@ -10,7 +10,7 @@ class Class def cattr_reader(*syms) syms.flatten.each do |sym| next if sym.is_a?(Hash) - class_eval(<<-EOS, __FILE__, __LINE__) + class_eval(<<-EOS, __FILE__, __LINE__ + 1) unless defined? @@#{sym} # unless defined? @@hair_colors @@#{sym} = nil # @@hair_colors = nil end # end @@ -29,7 +29,7 @@ class Class def cattr_writer(*syms) options = syms.extract_options! syms.flatten.each do |sym| - class_eval(<<-EOS, __FILE__, __LINE__) + class_eval(<<-EOS, __FILE__, __LINE__ + 1) unless defined? @@#{sym} # unless defined? @@hair_colors @@#{sym} = nil # @@hair_colors = nil end # end diff --git a/activesupport/lib/active_support/core_ext/class/delegating_attributes.rb b/activesupport/lib/active_support/core_ext/class/delegating_attributes.rb index 000ccf4d55..d893818695 100644 --- a/activesupport/lib/active_support/core_ext/class/delegating_attributes.rb +++ b/activesupport/lib/active_support/core_ext/class/delegating_attributes.rb @@ -8,7 +8,7 @@ class Class def superclass_delegating_reader(*names) class_name_to_stop_searching_on = self.superclass.name.blank? ? "Object" : self.superclass.name names.each do |name| - class_eval <<-EOS + class_eval(<<-EOS, __FILE__, __LINE__ + 1) def self.#{name} # def self.only_reader if defined?(@#{name}) # if defined?(@only_reader) @#{name} # @only_reader @@ -32,10 +32,10 @@ class Class def superclass_delegating_writer(*names) names.each do |name| - class_eval <<-EOS - def self.#{name}=(value) # def self.only_writer=(value) - @#{name} = value # @only_writer = value - end # end + class_eval(<<-EOS, __FILE__, __LINE__ + 1) + def self.#{name}=(value) # def self.property=(value) + @#{name} = value # @property = value + end # end EOS end end diff --git a/activesupport/lib/active_support/core_ext/class/inheritable_attributes.rb b/activesupport/lib/active_support/core_ext/class/inheritable_attributes.rb index 1794afe77c..70fdde3a58 100644 --- a/activesupport/lib/active_support/core_ext/class/inheritable_attributes.rb +++ b/activesupport/lib/active_support/core_ext/class/inheritable_attributes.rb @@ -10,14 +10,14 @@ class Class # :nodoc: def class_inheritable_reader(*syms) syms.each do |sym| next if sym.is_a?(Hash) - class_eval <<-EOS - def self.#{sym} # def self.before_add_for_comments - read_inheritable_attribute(:#{sym}) # read_inheritable_attribute(:before_add_for_comments) - end # end - # - def #{sym} # def before_add_for_comments - self.class.#{sym} # self.class.before_add_for_comments - end # end + class_eval(<<-EOS, __FILE__, __LINE__ + 1) + def self.#{sym} # def self.after_add + read_inheritable_attribute(:#{sym}) # read_inheritable_attribute(:after_add) + end # end + + def #{sym} # def after_add + self.class.#{sym} # self.class.after_add + end # end EOS end end @@ -25,7 +25,7 @@ class Class # :nodoc: def class_inheritable_writer(*syms) options = syms.extract_options! syms.each do |sym| - class_eval <<-EOS + class_eval(<<-EOS, __FILE__, __LINE__ + 1) def self.#{sym}=(obj) # def self.color=(obj) write_inheritable_attribute(:#{sym}, obj) # write_inheritable_attribute(:color, obj) end # end @@ -42,7 +42,7 @@ class Class # :nodoc: def class_inheritable_array_writer(*syms) options = syms.extract_options! syms.each do |sym| - class_eval <<-EOS + class_eval(<<-EOS, __FILE__, __LINE__ + 1) def self.#{sym}=(obj) # def self.levels=(obj) write_inheritable_array(:#{sym}, obj) # write_inheritable_array(:levels, obj) end # end @@ -59,7 +59,7 @@ class Class # :nodoc: def class_inheritable_hash_writer(*syms) options = syms.extract_options! syms.each do |sym| - class_eval <<-EOS + class_eval(<<-EOS, __FILE__, __LINE__ + 1) def self.#{sym}=(obj) # def self.nicknames=(obj) write_inheritable_hash(:#{sym}, obj) # write_inheritable_hash(:nicknames, obj) end # end diff --git a/activesupport/lib/active_support/core_ext/module/attribute_accessors.rb b/activesupport/lib/active_support/core_ext/module/attribute_accessors.rb index 9402cb8534..137590d286 100644 --- a/activesupport/lib/active_support/core_ext/module/attribute_accessors.rb +++ b/activesupport/lib/active_support/core_ext/module/attribute_accessors.rb @@ -14,7 +14,7 @@ class Module def mattr_reader(*syms) syms.each do |sym| next if sym.is_a?(Hash) - class_eval(<<-EOS, __FILE__, __LINE__) + class_eval(<<-EOS, __FILE__, __LINE__ + 1) unless defined? @@#{sym} # unless defined? @@pagination_options @@#{sym} = nil # @@pagination_options = nil end # end @@ -33,7 +33,7 @@ class Module def mattr_writer(*syms) options = syms.extract_options! syms.each do |sym| - class_eval(<<-EOS, __FILE__, __LINE__) + class_eval(<<-EOS, __FILE__, __LINE__ + 1) unless defined? @@#{sym} # unless defined? @@pagination_options @@#{sym} = nil # @@pagination_options = nil end # end diff --git a/activesupport/lib/active_support/core_ext/proc.rb b/activesupport/lib/active_support/core_ext/proc.rb index 2ca23f62ef..5c29cc32a2 100644 --- a/activesupport/lib/active_support/core_ext/proc.rb +++ b/activesupport/lib/active_support/core_ext/proc.rb @@ -3,9 +3,9 @@ class Proc #:nodoc: block, time = self, Time.now (class << object; self end).class_eval do method_name = "__bind_#{time.to_i}_#{time.usec}" - define_method(method_name, &block) - method = instance_method(method_name) - remove_method(method_name) + define_method(method_name, &block) # define_method("__bind_1230458026_720454", &block) + method = instance_method(method_name) # method = instance_method("__bind_1230458026_720454") + remove_method(method_name) # remove_method("__bind_1230458026_720454") method end.bind(object) end diff --git a/activesupport/lib/active_support/core_ext/string/multibyte.rb b/activesupport/lib/active_support/core_ext/string/multibyte.rb index a4caa83b74..8f8f0968fd 100644 --- a/activesupport/lib/active_support/core_ext/string/multibyte.rb +++ b/activesupport/lib/active_support/core_ext/string/multibyte.rb @@ -55,7 +55,11 @@ module ActiveSupport #:nodoc: unless '1.8.7 and later'.respond_to?(:chars) def chars - ActiveSupport::Deprecation.warn('String#chars has been deprecated in favor of String#mb_chars.', caller) + # FIXME: + # ActiveSupport::Deprecation refers to RAILS_ENV + # and is a show stopper for 3rd party applications + # that only want ActiveSupport + ActiveSupport::Deprecation.warn('String#chars has been deprecated in favor of String#mb_chars.', caller) if defined?(ActiveSupport::Deprecation) mb_chars end end diff --git a/activesupport/lib/active_support/deprecation.rb b/activesupport/lib/active_support/deprecation.rb index d20151661b..202b46ce7a 100644 --- a/activesupport/lib/active_support/deprecation.rb +++ b/activesupport/lib/active_support/deprecation.rb @@ -89,7 +89,7 @@ module ActiveSupport method_names = method_names + options.keys method_names.each do |method_name| alias_method_chain(method_name, :deprecation) do |target, punctuation| - class_eval(<<-EOS, __FILE__, __LINE__) + class_eval(<<-EOS, __FILE__, __LINE__ + 1) def #{target}_with_deprecation#{punctuation}(*args, &block) # def generate_secret_with_deprecation(*args, &block) ::ActiveSupport::Deprecation.warn( # ::ActiveSupport::Deprecation.warn( self.class.deprecated_method_warning( # self.class.deprecated_method_warning( diff --git a/activesupport/lib/active_support/memoizable.rb b/activesupport/lib/active_support/memoizable.rb index 952b4d8063..4ffb5d9520 100644 --- a/activesupport/lib/active_support/memoizable.rb +++ b/activesupport/lib/active_support/memoizable.rb @@ -58,7 +58,7 @@ module ActiveSupport original_method = :"_unmemoized_#{symbol}" memoized_ivar = ActiveSupport::Memoizable.memoized_ivar_for(symbol) - class_eval <<-EOS, __FILE__, __LINE__ + class_eval <<-EOS, __FILE__, __LINE__ + 1 include InstanceMethods # include InstanceMethods # if method_defined?(:#{original_method}) # if method_defined?(:_unmemoized_mime_type) diff --git a/activesupport/lib/active_support/mini.rb b/activesupport/lib/active_support/mini.rb new file mode 100644 index 0000000000..fe7ba48e58 --- /dev/null +++ b/activesupport/lib/active_support/mini.rb @@ -0,0 +1,9 @@ +$LOAD_PATH.unshift File.dirname(__FILE__) + +require "core_ext/blank" +# whole object.rb pulls up rarely used introspection extensions +require "core_ext/object/metaclass" +require 'core_ext/array' +require 'core_ext/hash' +require 'core_ext/module/attribute_accessors' +require 'core_ext/string/inflections' \ No newline at end of file diff --git a/activesupport/lib/active_support/multibyte/unicode_database.rb b/activesupport/lib/active_support/multibyte/unicode_database.rb index a08f38cdbb..074ad8613a 100644 --- a/activesupport/lib/active_support/multibyte/unicode_database.rb +++ b/activesupport/lib/active_support/multibyte/unicode_database.rb @@ -23,11 +23,11 @@ module ActiveSupport #:nodoc: # Lazy load the Unicode database so it's only loaded when it's actually used ATTRIBUTES.each do |attr_name| - class_eval(<<-EOS, __FILE__, __LINE__) - def #{attr_name} # def codepoints - load # load - @#{attr_name} # @codepoints - end # end + class_eval(<<-EOS, __FILE__, __LINE__ + 1) + def #{attr_name} # def codepoints + load # load + @#{attr_name} # @codepoints + end # end EOS end diff --git a/activesupport/lib/active_support/time_with_zone.rb b/activesupport/lib/active_support/time_with_zone.rb index 1a59b2a08d..3a5a083629 100644 --- a/activesupport/lib/active_support/time_with_zone.rb +++ b/activesupport/lib/active_support/time_with_zone.rb @@ -237,10 +237,10 @@ module ActiveSupport end %w(year mon month day mday wday yday hour min sec to_date).each do |method_name| - class_eval <<-EOV - def #{method_name} # def year - time.#{method_name} # time.year - end # end + class_eval <<-EOV, __FILE__, __LINE__ + 1 + def #{method_name} # def month + time.#{method_name} # time.month + end # end EOV end -- cgit v1.2.3 From a0f2b1d95d3785de92ae271fd7ea23e91c0cadc6 Mon Sep 17 00:00:00 2001 From: Joshua Peek Date: Tue, 27 Jan 2009 18:17:39 -0600 Subject: Reorganize ActionController folder structure --- .gitignore | 1 + actionpack/lib/action_controller.rb | 94 +- .../action_controller/assertions/dom_assertions.rb | 39 - .../assertions/model_assertions.rb | 21 - .../assertions/response_assertions.rb | 150 --- .../assertions/routing_assertions.rb | 146 -- .../assertions/selector_assertions.rb | 632 --------- .../action_controller/assertions/tag_assertions.rb | 127 -- actionpack/lib/action_controller/base.rb | 1392 -------------------- actionpack/lib/action_controller/base/base.rb | 904 +++++++++++++ .../action_controller/base/chained/benchmarking.rb | 107 ++ .../lib/action_controller/base/chained/filters.rb | 680 ++++++++++ .../lib/action_controller/base/chained/flash.rb | 163 +++ actionpack/lib/action_controller/base/cookies.rb | 94 ++ actionpack/lib/action_controller/base/headers.rb | 33 + actionpack/lib/action_controller/base/helpers.rb | 225 ++++ .../action_controller/base/http_authentication.rb | 124 ++ actionpack/lib/action_controller/base/layout.rb | 244 ++++ actionpack/lib/action_controller/base/redirect.rb | 91 ++ actionpack/lib/action_controller/base/render.rb | 378 ++++++ .../base/request_forgery_protection.rb | 108 ++ actionpack/lib/action_controller/base/responder.rb | 41 + actionpack/lib/action_controller/base/streaming.rb | 171 +++ .../lib/action_controller/base/verification.rb | 130 ++ actionpack/lib/action_controller/benchmarking.rb | 107 -- actionpack/lib/action_controller/cgi/ext.rb | 15 + actionpack/lib/action_controller/cgi/ext/cookie.rb | 112 ++ .../action_controller/cgi/ext/query_extension.rb | 22 + .../lib/action_controller/cgi/ext/stdinput.rb | 24 + actionpack/lib/action_controller/cgi/process.rb | 70 + actionpack/lib/action_controller/cgi_ext.rb | 15 - actionpack/lib/action_controller/cgi_ext/cookie.rb | 112 -- .../action_controller/cgi_ext/query_extension.rb | 22 - .../lib/action_controller/cgi_ext/stdinput.rb | 24 - actionpack/lib/action_controller/cgi_process.rb | 72 - actionpack/lib/action_controller/cookies.rb | 94 -- .../lib/action_controller/dispatch/dispatcher.rb | 116 ++ .../action_controller/dispatch/params_parser.rb | 71 + .../action_controller/dispatch/rack/failsafe.rb | 52 + .../lib/action_controller/dispatch/rack/lock.rb | 16 + .../dispatch/rack/middleware_stack.rb | 109 ++ .../action_controller/dispatch/rack/middlewares.rb | 21 + .../lib/action_controller/dispatch/request.rb | 492 +++++++ .../action_controller/dispatch/request_parser.rb | 315 +++++ .../lib/action_controller/dispatch/rescue.rb | 179 +++ .../lib/action_controller/dispatch/response.rb | 255 ++++ .../action_controller/dispatch/rewindable_input.rb | 28 + .../lib/action_controller/dispatch/status_codes.rb | 88 ++ .../templates/rescues/_request_and_response.erb | 24 + .../dispatch/templates/rescues/_trace.erb | 26 + .../dispatch/templates/rescues/diagnostics.erb | 10 + .../dispatch/templates/rescues/layout.erb | 29 + .../templates/rescues/missing_template.erb | 2 + .../dispatch/templates/rescues/routing_error.erb | 10 + .../dispatch/templates/rescues/template_error.erb | 21 + .../dispatch/templates/rescues/unknown_action.erb | 2 + .../action_controller/dispatch/uploaded_file.rb | 44 + .../dispatch/url_encoded_pair_parser.rb | 155 +++ actionpack/lib/action_controller/dispatcher.rb | 116 -- actionpack/lib/action_controller/failsafe.rb | 52 - actionpack/lib/action_controller/filters.rb | 680 ---------- actionpack/lib/action_controller/flash.rb | 163 --- actionpack/lib/action_controller/headers.rb | 33 - actionpack/lib/action_controller/helpers.rb | 225 ---- .../lib/action_controller/http_authentication.rb | 124 -- actionpack/lib/action_controller/integration.rb | 676 ---------- actionpack/lib/action_controller/layout.rb | 244 ---- .../lib/action_controller/middleware_stack.rb | 109 -- actionpack/lib/action_controller/middlewares.rb | 21 - .../lib/action_controller/mime/default_types.rb | 21 + actionpack/lib/action_controller/mime/responds.rb | 190 +++ actionpack/lib/action_controller/mime/type.rb | 214 +++ actionpack/lib/action_controller/mime_responds.rb | 190 --- actionpack/lib/action_controller/mime_type.rb | 214 --- actionpack/lib/action_controller/mime_types.rb | 21 - actionpack/lib/action_controller/params_parser.rb | 71 - .../lib/action_controller/performance_test.rb | 15 - .../lib/action_controller/polymorphic_routes.rb | 201 --- .../lib/action_controller/record_identifier.rb | 2 +- actionpack/lib/action_controller/request.rb | 492 ------- .../request_forgery_protection.rb | 108 -- actionpack/lib/action_controller/rescue.rb | 179 --- actionpack/lib/action_controller/resources.rb | 674 ---------- actionpack/lib/action_controller/response.rb | 255 ---- .../lib/action_controller/rewindable_input.rb | 28 - .../routing/generation/polymorphic_routes.rb | 201 +++ .../routing/generation/url_rewriter.rb | 219 +++ .../lib/action_controller/routing/resources.rb | 674 ++++++++++ .../lib/action_controller/session/management.rb | 54 + .../lib/action_controller/session_management.rb | 54 - actionpack/lib/action_controller/status_codes.rb | 88 -- actionpack/lib/action_controller/streaming.rb | 171 --- .../templates/rescues/_request_and_response.erb | 24 - .../action_controller/templates/rescues/_trace.erb | 26 - .../templates/rescues/diagnostics.erb | 10 - .../action_controller/templates/rescues/layout.erb | 29 - .../templates/rescues/missing_template.erb | 2 - .../templates/rescues/routing_error.erb | 10 - .../templates/rescues/template_error.erb | 21 - .../templates/rescues/unknown_action.erb | 2 - actionpack/lib/action_controller/test_case.rb | 199 --- actionpack/lib/action_controller/test_process.rb | 543 -------- .../action_controller/testing/assertions/dom.rb | 39 + .../action_controller/testing/assertions/model.rb | 21 + .../testing/assertions/response.rb | 150 +++ .../testing/assertions/routing.rb | 146 ++ .../testing/assertions/selector.rb | 632 +++++++++ .../action_controller/testing/assertions/tag.rb | 127 ++ .../lib/action_controller/testing/integration.rb | 676 ++++++++++ .../lib/action_controller/testing/performance.rb | 15 + .../lib/action_controller/testing/process.rb | 543 ++++++++ .../lib/action_controller/testing/test_case.rb | 199 +++ actionpack/lib/action_controller/uploaded_file.rb | 44 - .../action_controller/url_encoded_pair_parser.rb | 155 --- actionpack/lib/action_controller/url_rewriter.rb | 219 --- actionpack/lib/action_controller/verification.rb | 130 -- actionpack/lib/action_view/render/partials.rb | 28 + actionpack/test/abstract_unit.rb | 3 +- actionpack/test/controller/send_file_test.rb | 2 +- actionpack/test/controller/test_test.rb | 2 +- activesupport/lib/active_support/memoizable.rb | 38 + railties/lib/dispatcher.rb | 2 +- 122 files changed, 10041 insertions(+), 9624 deletions(-) delete mode 100644 actionpack/lib/action_controller/assertions/dom_assertions.rb delete mode 100644 actionpack/lib/action_controller/assertions/model_assertions.rb delete mode 100644 actionpack/lib/action_controller/assertions/response_assertions.rb delete mode 100644 actionpack/lib/action_controller/assertions/routing_assertions.rb delete mode 100644 actionpack/lib/action_controller/assertions/selector_assertions.rb delete mode 100644 actionpack/lib/action_controller/assertions/tag_assertions.rb delete mode 100644 actionpack/lib/action_controller/base.rb create mode 100644 actionpack/lib/action_controller/base/base.rb create mode 100644 actionpack/lib/action_controller/base/chained/benchmarking.rb create mode 100644 actionpack/lib/action_controller/base/chained/filters.rb create mode 100644 actionpack/lib/action_controller/base/chained/flash.rb create mode 100644 actionpack/lib/action_controller/base/cookies.rb create mode 100644 actionpack/lib/action_controller/base/headers.rb create mode 100644 actionpack/lib/action_controller/base/helpers.rb create mode 100644 actionpack/lib/action_controller/base/http_authentication.rb create mode 100644 actionpack/lib/action_controller/base/layout.rb create mode 100644 actionpack/lib/action_controller/base/redirect.rb create mode 100644 actionpack/lib/action_controller/base/render.rb create mode 100644 actionpack/lib/action_controller/base/request_forgery_protection.rb create mode 100644 actionpack/lib/action_controller/base/responder.rb create mode 100644 actionpack/lib/action_controller/base/streaming.rb create mode 100644 actionpack/lib/action_controller/base/verification.rb delete mode 100644 actionpack/lib/action_controller/benchmarking.rb create mode 100644 actionpack/lib/action_controller/cgi/ext.rb create mode 100644 actionpack/lib/action_controller/cgi/ext/cookie.rb create mode 100644 actionpack/lib/action_controller/cgi/ext/query_extension.rb create mode 100644 actionpack/lib/action_controller/cgi/ext/stdinput.rb create mode 100644 actionpack/lib/action_controller/cgi/process.rb delete mode 100644 actionpack/lib/action_controller/cgi_ext.rb delete mode 100644 actionpack/lib/action_controller/cgi_ext/cookie.rb delete mode 100644 actionpack/lib/action_controller/cgi_ext/query_extension.rb delete mode 100644 actionpack/lib/action_controller/cgi_ext/stdinput.rb delete mode 100644 actionpack/lib/action_controller/cgi_process.rb delete mode 100644 actionpack/lib/action_controller/cookies.rb create mode 100644 actionpack/lib/action_controller/dispatch/dispatcher.rb create mode 100644 actionpack/lib/action_controller/dispatch/params_parser.rb create mode 100644 actionpack/lib/action_controller/dispatch/rack/failsafe.rb create mode 100644 actionpack/lib/action_controller/dispatch/rack/lock.rb create mode 100644 actionpack/lib/action_controller/dispatch/rack/middleware_stack.rb create mode 100644 actionpack/lib/action_controller/dispatch/rack/middlewares.rb create mode 100755 actionpack/lib/action_controller/dispatch/request.rb create mode 100644 actionpack/lib/action_controller/dispatch/request_parser.rb create mode 100644 actionpack/lib/action_controller/dispatch/rescue.rb create mode 100644 actionpack/lib/action_controller/dispatch/response.rb create mode 100644 actionpack/lib/action_controller/dispatch/rewindable_input.rb create mode 100644 actionpack/lib/action_controller/dispatch/status_codes.rb create mode 100644 actionpack/lib/action_controller/dispatch/templates/rescues/_request_and_response.erb create mode 100644 actionpack/lib/action_controller/dispatch/templates/rescues/_trace.erb create mode 100644 actionpack/lib/action_controller/dispatch/templates/rescues/diagnostics.erb create mode 100644 actionpack/lib/action_controller/dispatch/templates/rescues/layout.erb create mode 100644 actionpack/lib/action_controller/dispatch/templates/rescues/missing_template.erb create mode 100644 actionpack/lib/action_controller/dispatch/templates/rescues/routing_error.erb create mode 100644 actionpack/lib/action_controller/dispatch/templates/rescues/template_error.erb create mode 100644 actionpack/lib/action_controller/dispatch/templates/rescues/unknown_action.erb create mode 100644 actionpack/lib/action_controller/dispatch/uploaded_file.rb create mode 100644 actionpack/lib/action_controller/dispatch/url_encoded_pair_parser.rb delete mode 100644 actionpack/lib/action_controller/dispatcher.rb delete mode 100644 actionpack/lib/action_controller/failsafe.rb delete mode 100644 actionpack/lib/action_controller/filters.rb delete mode 100644 actionpack/lib/action_controller/flash.rb delete mode 100644 actionpack/lib/action_controller/headers.rb delete mode 100644 actionpack/lib/action_controller/helpers.rb delete mode 100644 actionpack/lib/action_controller/http_authentication.rb delete mode 100644 actionpack/lib/action_controller/integration.rb delete mode 100644 actionpack/lib/action_controller/layout.rb delete mode 100644 actionpack/lib/action_controller/middleware_stack.rb delete mode 100644 actionpack/lib/action_controller/middlewares.rb create mode 100644 actionpack/lib/action_controller/mime/default_types.rb create mode 100644 actionpack/lib/action_controller/mime/responds.rb create mode 100644 actionpack/lib/action_controller/mime/type.rb delete mode 100644 actionpack/lib/action_controller/mime_responds.rb delete mode 100644 actionpack/lib/action_controller/mime_type.rb delete mode 100644 actionpack/lib/action_controller/mime_types.rb delete mode 100644 actionpack/lib/action_controller/params_parser.rb delete mode 100644 actionpack/lib/action_controller/performance_test.rb delete mode 100644 actionpack/lib/action_controller/polymorphic_routes.rb delete mode 100755 actionpack/lib/action_controller/request.rb delete mode 100644 actionpack/lib/action_controller/request_forgery_protection.rb delete mode 100644 actionpack/lib/action_controller/rescue.rb delete mode 100644 actionpack/lib/action_controller/resources.rb delete mode 100644 actionpack/lib/action_controller/response.rb delete mode 100644 actionpack/lib/action_controller/rewindable_input.rb create mode 100644 actionpack/lib/action_controller/routing/generation/polymorphic_routes.rb create mode 100644 actionpack/lib/action_controller/routing/generation/url_rewriter.rb create mode 100644 actionpack/lib/action_controller/routing/resources.rb create mode 100644 actionpack/lib/action_controller/session/management.rb delete mode 100644 actionpack/lib/action_controller/session_management.rb delete mode 100644 actionpack/lib/action_controller/status_codes.rb delete mode 100644 actionpack/lib/action_controller/streaming.rb delete mode 100644 actionpack/lib/action_controller/templates/rescues/_request_and_response.erb delete mode 100644 actionpack/lib/action_controller/templates/rescues/_trace.erb delete mode 100644 actionpack/lib/action_controller/templates/rescues/diagnostics.erb delete mode 100644 actionpack/lib/action_controller/templates/rescues/layout.erb delete mode 100644 actionpack/lib/action_controller/templates/rescues/missing_template.erb delete mode 100644 actionpack/lib/action_controller/templates/rescues/routing_error.erb delete mode 100644 actionpack/lib/action_controller/templates/rescues/template_error.erb delete mode 100644 actionpack/lib/action_controller/templates/rescues/unknown_action.erb delete mode 100644 actionpack/lib/action_controller/test_case.rb delete mode 100644 actionpack/lib/action_controller/test_process.rb create mode 100644 actionpack/lib/action_controller/testing/assertions/dom.rb create mode 100644 actionpack/lib/action_controller/testing/assertions/model.rb create mode 100644 actionpack/lib/action_controller/testing/assertions/response.rb create mode 100644 actionpack/lib/action_controller/testing/assertions/routing.rb create mode 100644 actionpack/lib/action_controller/testing/assertions/selector.rb create mode 100644 actionpack/lib/action_controller/testing/assertions/tag.rb create mode 100644 actionpack/lib/action_controller/testing/integration.rb create mode 100644 actionpack/lib/action_controller/testing/performance.rb create mode 100644 actionpack/lib/action_controller/testing/process.rb create mode 100644 actionpack/lib/action_controller/testing/test_case.rb delete mode 100644 actionpack/lib/action_controller/uploaded_file.rb delete mode 100644 actionpack/lib/action_controller/url_encoded_pair_parser.rb delete mode 100644 actionpack/lib/action_controller/url_rewriter.rb delete mode 100644 actionpack/lib/action_controller/verification.rb diff --git a/.gitignore b/.gitignore index 28ee9cf2a8..bb1ca166e6 100644 --- a/.gitignore +++ b/.gitignore @@ -14,6 +14,7 @@ railties/pkg railties/test/500.html railties/doc/guides/html/images railties/doc/guides/html/stylesheets +benches *.rbc *.swp *.swo diff --git a/actionpack/lib/action_controller.rb b/actionpack/lib/action_controller.rb index 6000ee15c6..d973cbb382 100644 --- a/actionpack/lib/action_controller.rb +++ b/actionpack/lib/action_controller.rb @@ -44,57 +44,61 @@ module ActionController [Base, CGIHandler, CgiRequest, Request, Response, Http::Headers, UrlRewriter, UrlWriter] end - autoload :AbstractRequest, 'action_controller/request' - autoload :Base, 'action_controller/base' - autoload :Benchmarking, 'action_controller/benchmarking' + autoload :Base, 'action_controller/base/base' + autoload :Benchmarking, 'action_controller/base/chained/benchmarking' autoload :Caching, 'action_controller/caching' - autoload :Cookies, 'action_controller/cookies' - autoload :Dispatcher, 'action_controller/dispatcher' - autoload :Failsafe, 'action_controller/failsafe' - autoload :Filters, 'action_controller/filters' - autoload :Flash, 'action_controller/flash' - autoload :Helpers, 'action_controller/helpers' - autoload :HttpAuthentication, 'action_controller/http_authentication' - autoload :Integration, 'action_controller/integration' - autoload :IntegrationTest, 'action_controller/integration' - autoload :Layout, 'action_controller/layout' - autoload :MiddlewareStack, 'action_controller/middleware_stack' - autoload :MimeResponds, 'action_controller/mime_responds' - autoload :ParamsParser, 'action_controller/params_parser' - autoload :PolymorphicRoutes, 'action_controller/polymorphic_routes' + autoload :Cookies, 'action_controller/base/cookies' + autoload :Dispatcher, 'action_controller/dispatch/dispatcher' + autoload :Failsafe, 'action_controller/dispatch/rack/failsafe' + autoload :Filters, 'action_controller/base/chained/filters' + autoload :Flash, 'action_controller/base/chained/flash' + autoload :Helpers, 'action_controller/base/helpers' + autoload :HttpAuthentication, 'action_controller/base/http_authentication' + autoload :Integration, 'action_controller/testing/integration' + autoload :IntegrationTest, 'action_controller/testing/integration' + autoload :Layout, 'action_controller/base/layout' + autoload :Lock, 'action_controller/dispatch/rack/lock' + autoload :MiddlewareStack, 'action_controller/dispatch/rack/middleware_stack' + autoload :MimeResponds, 'action_controller/mime/responds' + autoload :ParamsParser, 'action_controller/dispatch/params_parser' + autoload :PolymorphicRoutes, 'action_controller/routing/generation/polymorphic_routes' autoload :RecordIdentifier, 'action_controller/record_identifier' - autoload :Request, 'action_controller/request' - autoload :RequestForgeryProtection, 'action_controller/request_forgery_protection' - autoload :Rescue, 'action_controller/rescue' - autoload :Resources, 'action_controller/resources' - autoload :Response, 'action_controller/response' - autoload :RewindableInput, 'action_controller/rewindable_input' + autoload :Redirector, 'action_controller/base/redirect' + autoload :Renderer, 'action_controller/base/render' + autoload :Request, 'action_controller/dispatch/request' + autoload :RequestForgeryProtection, 'action_controller/base/request_forgery_protection' + autoload :RequestParser, 'action_controller/dispatch/request_parser' + autoload :Rescue, 'action_controller/dispatch/rescue' + autoload :Resources, 'action_controller/routing/resources' + autoload :Responder, 'action_controller/base/responder' + autoload :Response, 'action_controller/dispatch/response' + autoload :RewindableInput, 'action_controller/dispatch/rewindable_input' autoload :Routing, 'action_controller/routing' - autoload :SessionManagement, 'action_controller/session_management' - autoload :StatusCodes, 'action_controller/status_codes' - autoload :Streaming, 'action_controller/streaming' - autoload :TestCase, 'action_controller/test_case' - autoload :TestProcess, 'action_controller/test_process' + autoload :SessionManagement, 'action_controller/session/management' + autoload :StatusCodes, 'action_controller/dispatch/status_codes' + autoload :Streaming, 'action_controller/base/streaming' + autoload :TestCase, 'action_controller/testing/test_case' + autoload :TestProcess, 'action_controller/testing/process' autoload :Translation, 'action_controller/translation' - autoload :UploadedFile, 'action_controller/uploaded_file' - autoload :UploadedStringIO, 'action_controller/uploaded_file' - autoload :UploadedTempfile, 'action_controller/uploaded_file' - autoload :UrlEncodedPairParser, 'action_controller/url_encoded_pair_parser' - autoload :UrlRewriter, 'action_controller/url_rewriter' - autoload :UrlWriter, 'action_controller/url_rewriter' - autoload :Verification, 'action_controller/verification' + autoload :UploadedFile, 'action_controller/dispatch/uploaded_file' + autoload :UploadedStringIO, 'action_controller/dispatch/uploaded_file' + autoload :UploadedTempfile, 'action_controller/dispatch/uploaded_file' + autoload :UrlEncodedPairParser, 'action_controller/dispatch/url_encoded_pair_parser' + autoload :UrlRewriter, 'action_controller/routing/generation/url_rewriter' + autoload :UrlWriter, 'action_controller/routing/generation/url_rewriter' + autoload :Verification, 'action_controller/base/verification' module Assertions - autoload :DomAssertions, 'action_controller/assertions/dom_assertions' - autoload :ModelAssertions, 'action_controller/assertions/model_assertions' - autoload :ResponseAssertions, 'action_controller/assertions/response_assertions' - autoload :RoutingAssertions, 'action_controller/assertions/routing_assertions' - autoload :SelectorAssertions, 'action_controller/assertions/selector_assertions' - autoload :TagAssertions, 'action_controller/assertions/tag_assertions' + autoload :DomAssertions, 'action_controller/testing/assertions/dom' + autoload :ModelAssertions, 'action_controller/testing/assertions/model' + autoload :ResponseAssertions, 'action_controller/testing/assertions/response' + autoload :RoutingAssertions, 'action_controller/testing/assertions/routing' + autoload :SelectorAssertions, 'action_controller/testing/assertions/selector' + autoload :TagAssertions, 'action_controller/testing/assertions/tag' end module Http - autoload :Headers, 'action_controller/headers' + autoload :Headers, 'action_controller/base/headers' end module Session @@ -102,13 +106,9 @@ module ActionController autoload :CookieStore, 'action_controller/session/cookie_store' autoload :MemCacheStore, 'action_controller/session/mem_cache_store' end - - # DEPRECATE: Remove CGI support - autoload :CgiRequest, 'action_controller/cgi_process' - autoload :CGIHandler, 'action_controller/cgi_process' end -autoload :Mime, 'action_controller/mime_type' +autoload :Mime, 'action_controller/mime/type' autoload :HTML, 'action_controller/vendor/html-scanner' diff --git a/actionpack/lib/action_controller/assertions/dom_assertions.rb b/actionpack/lib/action_controller/assertions/dom_assertions.rb deleted file mode 100644 index 5ffe5f1883..0000000000 --- a/actionpack/lib/action_controller/assertions/dom_assertions.rb +++ /dev/null @@ -1,39 +0,0 @@ -module ActionController - module Assertions - module DomAssertions - # Test two HTML strings for equivalency (e.g., identical up to reordering of attributes) - # - # ==== Examples - # - # # assert that the referenced method generates the appropriate HTML string - # assert_dom_equal 'Apples', link_to("Apples", "http://www.example.com") - # - def assert_dom_equal(expected, actual, message = "") - clean_backtrace do - expected_dom = HTML::Document.new(expected).root - actual_dom = HTML::Document.new(actual).root - full_message = build_message(message, " expected to be == to\n.", expected_dom.to_s, actual_dom.to_s) - - assert_block(full_message) { expected_dom == actual_dom } - end - end - - # The negated form of +assert_dom_equivalent+. - # - # ==== Examples - # - # # assert that the referenced method does not generate the specified HTML string - # assert_dom_not_equal 'Apples', link_to("Oranges", "http://www.example.com") - # - def assert_dom_not_equal(expected, actual, message = "") - clean_backtrace do - expected_dom = HTML::Document.new(expected).root - actual_dom = HTML::Document.new(actual).root - full_message = build_message(message, " expected to be != to\n.", expected_dom.to_s, actual_dom.to_s) - - assert_block(full_message) { expected_dom != actual_dom } - end - end - end - end -end diff --git a/actionpack/lib/action_controller/assertions/model_assertions.rb b/actionpack/lib/action_controller/assertions/model_assertions.rb deleted file mode 100644 index 3a7b39b106..0000000000 --- a/actionpack/lib/action_controller/assertions/model_assertions.rb +++ /dev/null @@ -1,21 +0,0 @@ -module ActionController - module Assertions - module ModelAssertions - # Ensures that the passed record is valid by Active Record standards and - # returns any error messages if it is not. - # - # ==== Examples - # - # # assert that a newly created record is valid - # model = Model.new - # assert_valid(model) - # - def assert_valid(record) - ::ActiveSupport::Deprecation.warn("assert_valid is deprecated. Use assert record.valid? instead", caller) - clean_backtrace do - assert record.valid?, record.errors.full_messages.join("\n") - end - end - end - end -end diff --git a/actionpack/lib/action_controller/assertions/response_assertions.rb b/actionpack/lib/action_controller/assertions/response_assertions.rb deleted file mode 100644 index 5976090273..0000000000 --- a/actionpack/lib/action_controller/assertions/response_assertions.rb +++ /dev/null @@ -1,150 +0,0 @@ -module ActionController - module Assertions - # A small suite of assertions that test responses from Rails applications. - module ResponseAssertions - # Asserts that the response is one of the following types: - # - # * :success - Status code was 200 - # * :redirect - Status code was in the 300-399 range - # * :missing - Status code was 404 - # * :error - Status code was in the 500-599 range - # - # You can also pass an explicit status number like assert_response(501) - # or its symbolic equivalent assert_response(:not_implemented). - # See ActionController::StatusCodes for a full list. - # - # ==== Examples - # - # # assert that the response was a redirection - # assert_response :redirect - # - # # assert that the response code was status code 401 (unauthorized) - # assert_response 401 - # - def assert_response(type, message = nil) - clean_backtrace do - if [ :success, :missing, :redirect, :error ].include?(type) && @response.send("#{type}?") - assert_block("") { true } # to count the assertion - elsif type.is_a?(Fixnum) && @response.response_code == type - assert_block("") { true } # to count the assertion - elsif type.is_a?(Symbol) && @response.response_code == ActionController::StatusCodes::SYMBOL_TO_STATUS_CODE[type] - assert_block("") { true } # to count the assertion - else - if @response.error? - exception = @response.template.instance_variable_get(:@exception) - exception_message = exception && exception.message - assert_block(build_message(message, "Expected response to be a , but was \n", type, @response.response_code, exception_message.to_s)) { false } - else - assert_block(build_message(message, "Expected response to be a , but was ", type, @response.response_code)) { false } - end - end - end - end - - # Assert that the redirection options passed in match those of the redirect called in the latest action. - # This match can be partial, such that assert_redirected_to(:controller => "weblog") will also - # match the redirection of redirect_to(:controller => "weblog", :action => "show") and so on. - # - # ==== Examples - # - # # assert that the redirection was to the "index" action on the WeblogController - # assert_redirected_to :controller => "weblog", :action => "index" - # - # # assert that the redirection was to the named route login_url - # assert_redirected_to login_url - # - # # assert that the redirection was to the url for @customer - # assert_redirected_to @customer - # - def assert_redirected_to(options = {}, message=nil) - clean_backtrace do - assert_response(:redirect, message) - return true if options == @response.redirected_to - - # Support partial arguments for hash redirections - if options.is_a?(Hash) && @response.redirected_to.is_a?(Hash) - return true if options.all? {|(key, value)| @response.redirected_to[key] == value} - end - - redirected_to_after_normalisation = normalize_argument_to_redirection(@response.redirected_to) - options_after_normalisation = normalize_argument_to_redirection(options) - - if redirected_to_after_normalisation != options_after_normalisation - flunk "Expected response to be a redirect to <#{options_after_normalisation}> but was a redirect to <#{redirected_to_after_normalisation}>" - end - end - end - - # Asserts that the request was rendered with the appropriate template file or partials - # - # ==== Examples - # - # # assert that the "new" view template was rendered - # assert_template "new" - # - # # assert that the "_customer" partial was rendered twice - # assert_template :partial => '_customer', :count => 2 - # - # # assert that no partials were rendered - # assert_template :partial => false - # - def assert_template(options = {}, message = nil) - clean_backtrace do - case options - when NilClass, String - rendered = @response.rendered[:template].to_s - msg = build_message(message, - "expecting but rendering with ", - options, rendered) - assert_block(msg) do - if options.nil? - @response.rendered[:template].blank? - else - rendered.to_s.match(options) - end - end - when Hash - if expected_partial = options[:partial] - partials = @response.rendered[:partials] - if expected_count = options[:count] - found = partials.detect { |p, _| p.to_s.match(expected_partial) } - actual_count = found.nil? ? 0 : found.second - msg = build_message(message, - "expecting ? to be rendered ? time(s) but rendered ? time(s)", - expected_partial, expected_count, actual_count) - assert(actual_count == expected_count.to_i, msg) - else - msg = build_message(message, - "expecting partial but action rendered ", - options[:partial], partials.keys) - assert(partials.keys.any? { |p| p.to_s.match(expected_partial) }, msg) - end - else - assert @response.rendered[:partials].empty?, - "Expected no partials to be rendered" - end - end - end - end - - private - # Proxy to to_param if the object will respond to it. - def parameterize(value) - value.respond_to?(:to_param) ? value.to_param : value - end - - def normalize_argument_to_redirection(fragment) - after_routing = @controller.url_for(fragment) - if after_routing =~ %r{^\w+://.*} - after_routing - else - # FIXME - this should probably get removed. - if after_routing.first != '/' - after_routing = '/' + after_routing - end - @request.protocol + @request.host_with_port + after_routing - end - end - end - end -end diff --git a/actionpack/lib/action_controller/assertions/routing_assertions.rb b/actionpack/lib/action_controller/assertions/routing_assertions.rb deleted file mode 100644 index 5101751cea..0000000000 --- a/actionpack/lib/action_controller/assertions/routing_assertions.rb +++ /dev/null @@ -1,146 +0,0 @@ -module ActionController - module Assertions - # Suite of assertions to test routes generated by Rails and the handling of requests made to them. - module RoutingAssertions - # Asserts that the routing of the given +path+ was handled correctly and that the parsed options (given in the +expected_options+ hash) - # match +path+. Basically, it asserts that Rails recognizes the route given by +expected_options+. - # - # Pass a hash in the second argument (+path+) to specify the request method. This is useful for routes - # requiring a specific HTTP method. The hash should contain a :path with the incoming request path - # and a :method containing the required HTTP verb. - # - # # assert that POSTing to /items will call the create action on ItemsController - # assert_recognizes {:controller => 'items', :action => 'create'}, {:path => 'items', :method => :post} - # - # You can also pass in +extras+ with a hash containing URL parameters that would normally be in the query string. This can be used - # to assert that values in the query string string will end up in the params hash correctly. To test query strings you must use the - # extras argument, appending the query string on the path directly will not work. For example: - # - # # assert that a path of '/items/list/1?view=print' returns the correct options - # assert_recognizes {:controller => 'items', :action => 'list', :id => '1', :view => 'print'}, 'items/list/1', { :view => "print" } - # - # The +message+ parameter allows you to pass in an error message that is displayed upon failure. - # - # ==== Examples - # # Check the default route (i.e., the index action) - # assert_recognizes {:controller => 'items', :action => 'index'}, 'items' - # - # # Test a specific action - # assert_recognizes {:controller => 'items', :action => 'list'}, 'items/list' - # - # # Test an action with a parameter - # assert_recognizes {:controller => 'items', :action => 'destroy', :id => '1'}, 'items/destroy/1' - # - # # Test a custom route - # assert_recognizes {:controller => 'items', :action => 'show', :id => '1'}, 'view/item1' - # - # # Check a Simply RESTful generated route - # assert_recognizes list_items_url, 'items/list' - def assert_recognizes(expected_options, path, extras={}, message=nil) - if path.is_a? Hash - request_method = path[:method] - path = path[:path] - else - request_method = nil - end - - clean_backtrace do - ActionController::Routing::Routes.reload if ActionController::Routing::Routes.empty? - request = recognized_request_for(path, request_method) - - expected_options = expected_options.clone - extras.each_key { |key| expected_options.delete key } unless extras.nil? - - expected_options.stringify_keys! - routing_diff = expected_options.diff(request.path_parameters) - msg = build_message(message, "The recognized options did not match , difference: ", - request.path_parameters, expected_options, expected_options.diff(request.path_parameters)) - assert_block(msg) { request.path_parameters == expected_options } - end - end - - # Asserts that the provided options can be used to generate the provided path. This is the inverse of +assert_recognizes+. - # The +extras+ parameter is used to tell the request the names and values of additional request parameters that would be in - # a query string. The +message+ parameter allows you to specify a custom error message for assertion failures. - # - # The +defaults+ parameter is unused. - # - # ==== Examples - # # Asserts that the default action is generated for a route with no action - # assert_generates "/items", :controller => "items", :action => "index" - # - # # Tests that the list action is properly routed - # assert_generates "/items/list", :controller => "items", :action => "list" - # - # # Tests the generation of a route with a parameter - # assert_generates "/items/list/1", { :controller => "items", :action => "list", :id => "1" } - # - # # Asserts that the generated route gives us our custom route - # assert_generates "changesets/12", { :controller => 'scm', :action => 'show_diff', :revision => "12" } - def assert_generates(expected_path, options, defaults={}, extras = {}, message=nil) - clean_backtrace do - expected_path = "/#{expected_path}" unless expected_path[0] == ?/ - # Load routes.rb if it hasn't been loaded. - ActionController::Routing::Routes.reload if ActionController::Routing::Routes.empty? - - generated_path, extra_keys = ActionController::Routing::Routes.generate_extras(options, defaults) - found_extras = options.reject {|k, v| ! extra_keys.include? k} - - msg = build_message(message, "found extras , not ", found_extras, extras) - assert_block(msg) { found_extras == extras } - - msg = build_message(message, "The generated path did not match ", generated_path, - expected_path) - assert_block(msg) { expected_path == generated_path } - end - end - - # Asserts that path and options match both ways; in other words, it verifies that path generates - # options and then that options generates path. This essentially combines +assert_recognizes+ - # and +assert_generates+ into one step. - # - # The +extras+ hash allows you to specify options that would normally be provided as a query string to the action. The - # +message+ parameter allows you to specify a custom error message to display upon failure. - # - # ==== Examples - # # Assert a basic route: a controller with the default action (index) - # assert_routing '/home', :controller => 'home', :action => 'index' - # - # # Test a route generated with a specific controller, action, and parameter (id) - # assert_routing '/entries/show/23', :controller => 'entries', :action => 'show', id => 23 - # - # # Assert a basic route (controller + default action), with an error message if it fails - # assert_routing '/store', { :controller => 'store', :action => 'index' }, {}, {}, 'Route for store index not generated properly' - # - # # Tests a route, providing a defaults hash - # assert_routing 'controller/action/9', {:id => "9", :item => "square"}, {:controller => "controller", :action => "action"}, {}, {:item => "square"} - # - # # Tests a route with a HTTP method - # assert_routing { :method => 'put', :path => '/product/321' }, { :controller => "product", :action => "update", :id => "321" } - def assert_routing(path, options, defaults={}, extras={}, message=nil) - assert_recognizes(options, path, extras, message) - - controller, default_controller = options[:controller], defaults[:controller] - if controller && controller.include?(?/) && default_controller && default_controller.include?(?/) - options[:controller] = "/#{controller}" - end - - assert_generates(path.is_a?(Hash) ? path[:path] : path, options, defaults, extras, message) - end - - private - # Recognizes the route for a given path. - def recognized_request_for(path, request_method = nil) - path = "/#{path}" unless path.first == '/' - - # Assume given controller - request = ActionController::TestRequest.new - request.env["REQUEST_METHOD"] = request_method.to_s.upcase if request_method - request.path = path - - ActionController::Routing::Routes.recognize(request) - request - end - end - end -end diff --git a/actionpack/lib/action_controller/assertions/selector_assertions.rb b/actionpack/lib/action_controller/assertions/selector_assertions.rb deleted file mode 100644 index 0d56ea5ef7..0000000000 --- a/actionpack/lib/action_controller/assertions/selector_assertions.rb +++ /dev/null @@ -1,632 +0,0 @@ -#-- -# Copyright (c) 2006 Assaf Arkin (http://labnotes.org) -# Under MIT and/or CC By license. -#++ - -module ActionController - module Assertions - unless const_defined?(:NO_STRIP) - NO_STRIP = %w{pre script style textarea} - end - - # Adds the +assert_select+ method for use in Rails functional - # test cases, which can be used to make assertions on the response HTML of a controller - # action. You can also call +assert_select+ within another +assert_select+ to - # make assertions on elements selected by the enclosing assertion. - # - # Use +css_select+ to select elements without making an assertions, either - # from the response HTML or elements selected by the enclosing assertion. - # - # In addition to HTML responses, you can make the following assertions: - # * +assert_select_rjs+ - Assertions on HTML content of RJS update and insertion operations. - # * +assert_select_encoded+ - Assertions on HTML encoded inside XML, for example for dealing with feed item descriptions. - # * +assert_select_email+ - Assertions on the HTML body of an e-mail. - # - # Also see HTML::Selector to learn how to use selectors. - module SelectorAssertions - # :call-seq: - # css_select(selector) => array - # css_select(element, selector) => array - # - # Select and return all matching elements. - # - # If called with a single argument, uses that argument as a selector - # to match all elements of the current page. Returns an empty array - # if no match is found. - # - # If called with two arguments, uses the first argument as the base - # element and the second argument as the selector. Attempts to match the - # base element and any of its children. Returns an empty array if no - # match is found. - # - # The selector may be a CSS selector expression (String), an expression - # with substitution values (Array) or an HTML::Selector object. - # - # ==== Examples - # # Selects all div tags - # divs = css_select("div") - # - # # Selects all paragraph tags and does something interesting - # pars = css_select("p") - # pars.each do |par| - # # Do something fun with paragraphs here... - # end - # - # # Selects all list items in unordered lists - # items = css_select("ul>li") - # - # # Selects all form tags and then all inputs inside the form - # forms = css_select("form") - # forms.each do |form| - # inputs = css_select(form, "input") - # ... - # end - # - def css_select(*args) - # See assert_select to understand what's going on here. - arg = args.shift - - if arg.is_a?(HTML::Node) - root = arg - arg = args.shift - elsif arg == nil - raise ArgumentError, "First argument is either selector or element to select, but nil found. Perhaps you called assert_select with an element that does not exist?" - elsif @selected - matches = [] - - @selected.each do |selected| - subset = css_select(selected, HTML::Selector.new(arg.dup, args.dup)) - subset.each do |match| - matches << match unless matches.any? { |m| m.equal?(match) } - end - end - - return matches - else - root = response_from_page_or_rjs - end - - case arg - when String - selector = HTML::Selector.new(arg, args) - when Array - selector = HTML::Selector.new(*arg) - when HTML::Selector - selector = arg - else raise ArgumentError, "Expecting a selector as the first argument" - end - - selector.select(root) - end - - # :call-seq: - # assert_select(selector, equality?, message?) - # assert_select(element, selector, equality?, message?) - # - # An assertion that selects elements and makes one or more equality tests. - # - # If the first argument is an element, selects all matching elements - # starting from (and including) that element and all its children in - # depth-first order. - # - # If no element if specified, calling +assert_select+ selects from the - # response HTML unless +assert_select+ is called from within an +assert_select+ block. - # - # When called with a block +assert_select+ passes an array of selected elements - # to the block. Calling +assert_select+ from the block, with no element specified, - # runs the assertion on the complete set of elements selected by the enclosing assertion. - # Alternatively the array may be iterated through so that +assert_select+ can be called - # separately for each element. - # - # - # ==== Example - # If the response contains two ordered lists, each with four list elements then: - # assert_select "ol" do |elements| - # elements.each do |element| - # assert_select element, "li", 4 - # end - # end - # - # will pass, as will: - # assert_select "ol" do - # assert_select "li", 8 - # end - # - # The selector may be a CSS selector expression (String), an expression - # with substitution values, or an HTML::Selector object. - # - # === Equality Tests - # - # The equality test may be one of the following: - # * true - Assertion is true if at least one element selected. - # * false - Assertion is true if no element selected. - # * String/Regexp - Assertion is true if the text value of at least - # one element matches the string or regular expression. - # * Integer - Assertion is true if exactly that number of - # elements are selected. - # * Range - Assertion is true if the number of selected - # elements fit the range. - # If no equality test specified, the assertion is true if at least one - # element selected. - # - # To perform more than one equality tests, use a hash with the following keys: - # * :text - Narrow the selection to elements that have this text - # value (string or regexp). - # * :html - Narrow the selection to elements that have this HTML - # content (string or regexp). - # * :count - Assertion is true if the number of selected elements - # is equal to this value. - # * :minimum - Assertion is true if the number of selected - # elements is at least this value. - # * :maximum - Assertion is true if the number of selected - # elements is at most this value. - # - # If the method is called with a block, once all equality tests are - # evaluated the block is called with an array of all matched elements. - # - # ==== Examples - # - # # At least one form element - # assert_select "form" - # - # # Form element includes four input fields - # assert_select "form input", 4 - # - # # Page title is "Welcome" - # assert_select "title", "Welcome" - # - # # Page title is "Welcome" and there is only one title element - # assert_select "title", {:count=>1, :text=>"Welcome"}, - # "Wrong title or more than one title element" - # - # # Page contains no forms - # assert_select "form", false, "This page must contain no forms" - # - # # Test the content and style - # assert_select "body div.header ul.menu" - # - # # Use substitution values - # assert_select "ol>li#?", /item-\d+/ - # - # # All input fields in the form have a name - # assert_select "form input" do - # assert_select "[name=?]", /.+/ # Not empty - # end - def assert_select(*args, &block) - # Start with optional element followed by mandatory selector. - arg = args.shift - - if arg.is_a?(HTML::Node) - # First argument is a node (tag or text, but also HTML root), - # so we know what we're selecting from. - root = arg - arg = args.shift - elsif arg == nil - # This usually happens when passing a node/element that - # happens to be nil. - raise ArgumentError, "First argument is either selector or element to select, but nil found. Perhaps you called assert_select with an element that does not exist?" - elsif @selected - root = HTML::Node.new(nil) - root.children.concat @selected - else - # Otherwise just operate on the response document. - root = response_from_page_or_rjs - end - - # First or second argument is the selector: string and we pass - # all remaining arguments. Array and we pass the argument. Also - # accepts selector itself. - case arg - when String - selector = HTML::Selector.new(arg, args) - when Array - selector = HTML::Selector.new(*arg) - when HTML::Selector - selector = arg - else raise ArgumentError, "Expecting a selector as the first argument" - end - - # Next argument is used for equality tests. - equals = {} - case arg = args.shift - when Hash - equals = arg - when String, Regexp - equals[:text] = arg - when Integer - equals[:count] = arg - when Range - equals[:minimum] = arg.begin - equals[:maximum] = arg.end - when FalseClass - equals[:count] = 0 - when NilClass, TrueClass - equals[:minimum] = 1 - else raise ArgumentError, "I don't understand what you're trying to match" - end - - # By default we're looking for at least one match. - if equals[:count] - equals[:minimum] = equals[:maximum] = equals[:count] - else - equals[:minimum] = 1 unless equals[:minimum] - end - - # Last argument is the message we use if the assertion fails. - message = args.shift - #- message = "No match made with selector #{selector.inspect}" unless message - if args.shift - raise ArgumentError, "Not expecting that last argument, you either have too many arguments, or they're the wrong type" - end - - matches = selector.select(root) - # If text/html, narrow down to those elements that match it. - content_mismatch = nil - if match_with = equals[:text] - matches.delete_if do |match| - text = "" - text.force_encoding(match_with.encoding) if text.respond_to?(:force_encoding) - stack = match.children.reverse - while node = stack.pop - if node.tag? - stack.concat node.children.reverse - else - content = node.content - content.force_encoding(match_with.encoding) if content.respond_to?(:force_encoding) - text << content - end - end - text.strip! unless NO_STRIP.include?(match.name) - unless match_with.is_a?(Regexp) ? (text =~ match_with) : (text == match_with.to_s) - content_mismatch ||= build_message(message, " expected but was\n.", match_with, text) - true - end - end - elsif match_with = equals[:html] - matches.delete_if do |match| - html = match.children.map(&:to_s).join - html.strip! unless NO_STRIP.include?(match.name) - unless match_with.is_a?(Regexp) ? (html =~ match_with) : (html == match_with.to_s) - content_mismatch ||= build_message(message, " expected but was\n.", match_with, html) - true - end - end - end - # Expecting foo found bar element only if found zero, not if - # found one but expecting two. - message ||= content_mismatch if matches.empty? - # Test minimum/maximum occurrence. - min, max = equals[:minimum], equals[:maximum] - message = message || %(Expected #{count_description(min, max)} matching "#{selector.to_s}", found #{matches.size}.) - assert matches.size >= min, message if min - assert matches.size <= max, message if max - - # If a block is given call that block. Set @selected to allow - # nested assert_select, which can be nested several levels deep. - if block_given? && !matches.empty? - begin - in_scope, @selected = @selected, matches - yield matches - ensure - @selected = in_scope - end - end - - # Returns all matches elements. - matches - end - - def count_description(min, max) #:nodoc: - pluralize = lambda {|word, quantity| word << (quantity == 1 ? '' : 's')} - - if min && max && (max != min) - "between #{min} and #{max} elements" - elsif min && !(min == 1 && max == 1) - "at least #{min} #{pluralize['element', min]}" - elsif max - "at most #{max} #{pluralize['element', max]}" - end - end - - # :call-seq: - # assert_select_rjs(id?) { |elements| ... } - # assert_select_rjs(statement, id?) { |elements| ... } - # assert_select_rjs(:insert, position, id?) { |elements| ... } - # - # Selects content from the RJS response. - # - # === Narrowing down - # - # With no arguments, asserts that one or more elements are updated or - # inserted by RJS statements. - # - # Use the +id+ argument to narrow down the assertion to only statements - # that update or insert an element with that identifier. - # - # Use the first argument to narrow down assertions to only statements - # of that type. Possible values are :replace, :replace_html, - # :show, :hide, :toggle, :remove and - # :insert_html. - # - # Use the argument :insert followed by an insertion position to narrow - # down the assertion to only statements that insert elements in that - # position. Possible values are :top, :bottom, :before - # and :after. - # - # Using the :remove statement, you will be able to pass a block, but it will - # be ignored as there is no HTML passed for this statement. - # - # === Using blocks - # - # Without a block, +assert_select_rjs+ merely asserts that the response - # contains one or more RJS statements that replace or update content. - # - # With a block, +assert_select_rjs+ also selects all elements used in - # these statements and passes them to the block. Nested assertions are - # supported. - # - # Calling +assert_select_rjs+ with no arguments and using nested asserts - # asserts that the HTML content is returned by one or more RJS statements. - # Using +assert_select+ directly makes the same assertion on the content, - # but without distinguishing whether the content is returned in an HTML - # or JavaScript. - # - # ==== Examples - # - # # Replacing the element foo. - # # page.replace 'foo', ... - # assert_select_rjs :replace, "foo" - # - # # Replacing with the chained RJS proxy. - # # page[:foo].replace ... - # assert_select_rjs :chained_replace, 'foo' - # - # # Inserting into the element bar, top position. - # assert_select_rjs :insert, :top, "bar" - # - # # Remove the element bar - # assert_select_rjs :remove, "bar" - # - # # Changing the element foo, with an image. - # assert_select_rjs "foo" do - # assert_select "img[src=/images/logo.gif"" - # end - # - # # RJS inserts or updates a list with four items. - # assert_select_rjs do - # assert_select "ol>li", 4 - # end - # - # # The same, but shorter. - # assert_select "ol>li", 4 - def assert_select_rjs(*args, &block) - rjs_type = args.first.is_a?(Symbol) ? args.shift : nil - id = args.first.is_a?(String) ? args.shift : nil - - # If the first argument is a symbol, it's the type of RJS statement we're looking - # for (update, replace, insertion, etc). Otherwise, we're looking for just about - # any RJS statement. - if rjs_type - if rjs_type == :insert - position = args.shift - id = args.shift - insertion = "insert_#{position}".to_sym - raise ArgumentError, "Unknown RJS insertion type #{position}" unless RJS_STATEMENTS[insertion] - statement = "(#{RJS_STATEMENTS[insertion]})" - else - raise ArgumentError, "Unknown RJS statement type #{rjs_type}" unless RJS_STATEMENTS[rjs_type] - statement = "(#{RJS_STATEMENTS[rjs_type]})" - end - else - statement = "#{RJS_STATEMENTS[:any]}" - end - - # Next argument we're looking for is the element identifier. If missing, we pick - # any element, otherwise we replace it in the statement. - pattern = Regexp.new( - id ? statement.gsub(RJS_ANY_ID, "\"#{id}\"") : statement - ) - - # Duplicate the body since the next step involves destroying it. - matches = nil - case rjs_type - when :remove, :show, :hide, :toggle - matches = @response.body.match(pattern) - else - @response.body.gsub(pattern) do |match| - html = unescape_rjs(match) - matches ||= [] - matches.concat HTML::Document.new(html).root.children.select { |n| n.tag? } - "" - end - end - - if matches - assert_block("") { true } # to count the assertion - if block_given? && !([:remove, :show, :hide, :toggle].include? rjs_type) - begin - in_scope, @selected = @selected, matches - yield matches - ensure - @selected = in_scope - end - end - matches - else - # RJS statement not found. - case rjs_type - when :remove, :show, :hide, :toggle - flunk_message = "No RJS statement that #{rjs_type.to_s}s '#{id}' was rendered." - else - flunk_message = "No RJS statement that replaces or inserts HTML content." - end - flunk args.shift || flunk_message - end - end - - # :call-seq: - # assert_select_encoded(element?) { |elements| ... } - # - # Extracts the content of an element, treats it as encoded HTML and runs - # nested assertion on it. - # - # You typically call this method within another assertion to operate on - # all currently selected elements. You can also pass an element or array - # of elements. - # - # The content of each element is un-encoded, and wrapped in the root - # element +encoded+. It then calls the block with all un-encoded elements. - # - # ==== Examples - # # Selects all bold tags from within the title of an ATOM feed's entries (perhaps to nab a section name prefix) - # assert_select_feed :atom, 1.0 do - # # Select each entry item and then the title item - # assert_select "entry>title" do - # # Run assertions on the encoded title elements - # assert_select_encoded do - # assert_select "b" - # end - # end - # end - # - # - # # Selects all paragraph tags from within the description of an RSS feed - # assert_select_feed :rss, 2.0 do - # # Select description element of each feed item. - # assert_select "channel>item>description" do - # # Run assertions on the encoded elements. - # assert_select_encoded do - # assert_select "p" - # end - # end - # end - def assert_select_encoded(element = nil, &block) - case element - when Array - elements = element - when HTML::Node - elements = [element] - when nil - unless elements = @selected - raise ArgumentError, "First argument is optional, but must be called from a nested assert_select" - end - else - raise ArgumentError, "Argument is optional, and may be node or array of nodes" - end - - fix_content = lambda do |node| - # Gets around a bug in the Rails 1.1 HTML parser. - node.content.gsub(/)?/m) { CGI.escapeHTML($1) } - end - - selected = elements.map do |element| - text = element.children.select{ |c| not c.tag? }.map{ |c| fix_content[c] }.join - root = HTML::Document.new(CGI.unescapeHTML("#{text}")).root - css_select(root, "encoded:root", &block)[0] - end - - begin - old_selected, @selected = @selected, selected - assert_select ":root", &block - ensure - @selected = old_selected - end - end - - # :call-seq: - # assert_select_email { } - # - # Extracts the body of an email and runs nested assertions on it. - # - # You must enable deliveries for this assertion to work, use: - # ActionMailer::Base.perform_deliveries = true - # - # ==== Examples - # - # assert_select_email do - # assert_select "h1", "Email alert" - # end - # - # assert_select_email do - # items = assert_select "ol>li" - # items.each do - # # Work with items here... - # end - # end - # - def assert_select_email(&block) - deliveries = ActionMailer::Base.deliveries - assert !deliveries.empty?, "No e-mail in delivery list" - - for delivery in deliveries - for part in delivery.parts - if part["Content-Type"].to_s =~ /^text\/html\W/ - root = HTML::Document.new(part.body).root - assert_select root, ":root", &block - end - end - end - end - - protected - unless const_defined?(:RJS_STATEMENTS) - RJS_PATTERN_HTML = "\"((\\\\\"|[^\"])*)\"" - RJS_ANY_ID = "\"([^\"])*\"" - RJS_STATEMENTS = { - :chained_replace => "\\$\\(#{RJS_ANY_ID}\\)\\.replace\\(#{RJS_PATTERN_HTML}\\)", - :chained_replace_html => "\\$\\(#{RJS_ANY_ID}\\)\\.update\\(#{RJS_PATTERN_HTML}\\)", - :replace_html => "Element\\.update\\(#{RJS_ANY_ID}, #{RJS_PATTERN_HTML}\\)", - :replace => "Element\\.replace\\(#{RJS_ANY_ID}, #{RJS_PATTERN_HTML}\\)" - } - [:remove, :show, :hide, :toggle].each do |action| - RJS_STATEMENTS[action] = "Element\\.#{action}\\(#{RJS_ANY_ID}\\)" - end - RJS_INSERTIONS = ["top", "bottom", "before", "after"] - RJS_INSERTIONS.each do |insertion| - RJS_STATEMENTS["insert_#{insertion}".to_sym] = "Element.insert\\(#{RJS_ANY_ID}, \\{ #{insertion}: #{RJS_PATTERN_HTML} \\}\\)" - end - RJS_STATEMENTS[:insert_html] = "Element.insert\\(#{RJS_ANY_ID}, \\{ (#{RJS_INSERTIONS.join('|')}): #{RJS_PATTERN_HTML} \\}\\)" - RJS_STATEMENTS[:any] = Regexp.new("(#{RJS_STATEMENTS.values.join('|')})") - RJS_PATTERN_UNICODE_ESCAPED_CHAR = /\\u([0-9a-zA-Z]{4})/ - end - - # +assert_select+ and +css_select+ call this to obtain the content in the HTML - # page, or from all the RJS statements, depending on the type of response. - def response_from_page_or_rjs() - content_type = @response.content_type - - if content_type && Mime::JS =~ content_type - body = @response.body.dup - root = HTML::Node.new(nil) - - while true - next if body.sub!(RJS_STATEMENTS[:any]) do |match| - html = unescape_rjs(match) - matches = HTML::Document.new(html).root.children.select { |n| n.tag? } - root.children.concat matches - "" - end - break - end - - root - else - html_document.root - end - end - - # Unescapes a RJS string. - def unescape_rjs(rjs_string) - # RJS encodes double quotes and line breaks. - unescaped= rjs_string.gsub('\"', '"') - unescaped.gsub!(/\\\//, '/') - unescaped.gsub!('\n', "\n") - unescaped.gsub!('\076', '>') - unescaped.gsub!('\074', '<') - # RJS encodes non-ascii characters. - unescaped.gsub!(RJS_PATTERN_UNICODE_ESCAPED_CHAR) {|u| [$1.hex].pack('U*')} - unescaped - end - end - end -end diff --git a/actionpack/lib/action_controller/assertions/tag_assertions.rb b/actionpack/lib/action_controller/assertions/tag_assertions.rb deleted file mode 100644 index 80249e0e83..0000000000 --- a/actionpack/lib/action_controller/assertions/tag_assertions.rb +++ /dev/null @@ -1,127 +0,0 @@ -module ActionController - module Assertions - # Pair of assertions to testing elements in the HTML output of the response. - module TagAssertions - # Asserts that there is a tag/node/element in the body of the response - # that meets all of the given conditions. The +conditions+ parameter must - # be a hash of any of the following keys (all are optional): - # - # * :tag: the node type must match the corresponding value - # * :attributes: a hash. The node's attributes must match the - # corresponding values in the hash. - # * :parent: a hash. The node's parent must match the - # corresponding hash. - # * :child: a hash. At least one of the node's immediate children - # must meet the criteria described by the hash. - # * :ancestor: a hash. At least one of the node's ancestors must - # meet the criteria described by the hash. - # * :descendant: a hash. At least one of the node's descendants - # must meet the criteria described by the hash. - # * :sibling: a hash. At least one of the node's siblings must - # meet the criteria described by the hash. - # * :after: a hash. The node must be after any sibling meeting - # the criteria described by the hash, and at least one sibling must match. - # * :before: a hash. The node must be before any sibling meeting - # the criteria described by the hash, and at least one sibling must match. - # * :children: a hash, for counting children of a node. Accepts - # the keys: - # * :count: either a number or a range which must equal (or - # include) the number of children that match. - # * :less_than: the number of matching children must be less - # than this number. - # * :greater_than: the number of matching children must be - # greater than this number. - # * :only: another hash consisting of the keys to use - # to match on the children, and only matching children will be - # counted. - # * :content: the textual content of the node must match the - # given value. This will not match HTML tags in the body of a - # tag--only text. - # - # Conditions are matched using the following algorithm: - # - # * if the condition is a string, it must be a substring of the value. - # * if the condition is a regexp, it must match the value. - # * if the condition is a number, the value must match number.to_s. - # * if the condition is +true+, the value must not be +nil+. - # * if the condition is +false+ or +nil+, the value must be +nil+. - # - # === Examples - # - # # Assert that there is a "span" tag - # assert_tag :tag => "span" - # - # # Assert that there is a "span" tag with id="x" - # assert_tag :tag => "span", :attributes => { :id => "x" } - # - # # Assert that there is a "span" tag using the short-hand - # assert_tag :span - # - # # Assert that there is a "span" tag with id="x" using the short-hand - # assert_tag :span, :attributes => { :id => "x" } - # - # # Assert that there is a "span" inside of a "div" - # assert_tag :tag => "span", :parent => { :tag => "div" } - # - # # Assert that there is a "span" somewhere inside a table - # assert_tag :tag => "span", :ancestor => { :tag => "table" } - # - # # Assert that there is a "span" with at least one "em" child - # assert_tag :tag => "span", :child => { :tag => "em" } - # - # # Assert that there is a "span" containing a (possibly nested) - # # "strong" tag. - # assert_tag :tag => "span", :descendant => { :tag => "strong" } - # - # # Assert that there is a "span" containing between 2 and 4 "em" tags - # # as immediate children - # assert_tag :tag => "span", - # :children => { :count => 2..4, :only => { :tag => "em" } } - # - # # Get funky: assert that there is a "div", with an "ul" ancestor - # # and an "li" parent (with "class" = "enum"), and containing a - # # "span" descendant that contains text matching /hello world/ - # assert_tag :tag => "div", - # :ancestor => { :tag => "ul" }, - # :parent => { :tag => "li", - # :attributes => { :class => "enum" } }, - # :descendant => { :tag => "span", - # :child => /hello world/ } - # - # Please note: +assert_tag+ and +assert_no_tag+ only work - # with well-formed XHTML. They recognize a few tags as implicitly self-closing - # (like br and hr and such) but will not work correctly with tags - # that allow optional closing tags (p, li, td). You must explicitly - # close all of your tags to use these assertions. - def assert_tag(*opts) - clean_backtrace do - opts = opts.size > 1 ? opts.last.merge({ :tag => opts.first.to_s }) : opts.first - tag = find_tag(opts) - assert tag, "expected tag, but no tag found matching #{opts.inspect} in:\n#{@response.body.inspect}" - end - end - - # Identical to +assert_tag+, but asserts that a matching tag does _not_ - # exist. (See +assert_tag+ for a full discussion of the syntax.) - # - # === Examples - # # Assert that there is not a "div" containing a "p" - # assert_no_tag :tag => "div", :descendant => { :tag => "p" } - # - # # Assert that an unordered list is empty - # assert_no_tag :tag => "ul", :descendant => { :tag => "li" } - # - # # Assert that there is not a "p" tag with between 1 to 3 "img" tags - # # as immediate children - # assert_no_tag :tag => "p", - # :children => { :count => 1..3, :only => { :tag => "img" } } - def assert_no_tag(*opts) - clean_backtrace do - opts = opts.size > 1 ? opts.last.merge({ :tag => opts.first.to_s }) : opts.first - tag = find_tag(opts) - assert !tag, "expected no tag, but found tag matching #{opts.inspect} in:\n#{@response.body.inspect}" - end - end - end - end -end diff --git a/actionpack/lib/action_controller/base.rb b/actionpack/lib/action_controller/base.rb deleted file mode 100644 index 78c8bf0647..0000000000 --- a/actionpack/lib/action_controller/base.rb +++ /dev/null @@ -1,1392 +0,0 @@ -require 'set' - -module ActionController #:nodoc: - class ActionControllerError < StandardError #:nodoc: - end - - class SessionRestoreError < ActionControllerError #:nodoc: - end - - class RenderError < ActionControllerError #:nodoc: - end - - class RoutingError < ActionControllerError #:nodoc: - attr_reader :failures - def initialize(message, failures=[]) - super(message) - @failures = failures - end - end - - class MethodNotAllowed < ActionControllerError #:nodoc: - attr_reader :allowed_methods - - def initialize(*allowed_methods) - super("Only #{allowed_methods.to_sentence} requests are allowed.") - @allowed_methods = allowed_methods - end - - def allowed_methods_header - allowed_methods.map { |method_symbol| method_symbol.to_s.upcase } * ', ' - end - - def handle_response!(response) - response.headers['Allow'] ||= allowed_methods_header - end - end - - class NotImplemented < MethodNotAllowed #:nodoc: - end - - class UnknownController < ActionControllerError #:nodoc: - end - - class UnknownAction < ActionControllerError #:nodoc: - end - - class MissingFile < ActionControllerError #:nodoc: - end - - class RenderError < ActionControllerError #:nodoc: - end - - class SessionOverflowError < ActionControllerError #:nodoc: - DEFAULT_MESSAGE = 'Your session data is larger than the data column in which it is to be stored. You must increase the size of your data column if you intend to store large data.' - - def initialize(message = nil) - super(message || DEFAULT_MESSAGE) - end - end - - class DoubleRenderError < ActionControllerError #:nodoc: - DEFAULT_MESSAGE = "Render and/or redirect were called multiple times in this action. Please note that you may only call render OR redirect, and at most once per action. Also note that neither redirect nor render terminate execution of the action, so if you want to exit an action after redirecting, you need to do something like \"redirect_to(...) and return\"." - - def initialize(message = nil) - super(message || DEFAULT_MESSAGE) - end - end - - class RedirectBackError < ActionControllerError #:nodoc: - DEFAULT_MESSAGE = 'No HTTP_REFERER was set in the request to this action, so redirect_to :back could not be called successfully. If this is a test, make sure to specify request.env["HTTP_REFERER"].' - - def initialize(message = nil) - super(message || DEFAULT_MESSAGE) - end - end - - class UnknownHttpMethod < ActionControllerError #:nodoc: - end - - # Action Controllers are the core of a web request in Rails. They are made up of one or more actions that are executed - # on request and then either render a template or redirect to another action. An action is defined as a public method - # on the controller, which will automatically be made accessible to the web-server through Rails Routes. - # - # A sample controller could look like this: - # - # class GuestBookController < ActionController::Base - # def index - # @entries = Entry.find(:all) - # end - # - # def sign - # Entry.create(params[:entry]) - # redirect_to :action => "index" - # end - # end - # - # Actions, by default, render a template in the app/views directory corresponding to the name of the controller and action - # after executing code in the action. For example, the +index+ action of the GuestBookController would render the - # template app/views/guestbook/index.erb by default after populating the @entries instance variable. - # - # Unlike index, the sign action will not render a template. After performing its main purpose (creating a - # new entry in the guest book), it initiates a redirect instead. This redirect works by returning an external - # "302 Moved" HTTP response that takes the user to the index action. - # - # The index and sign represent the two basic action archetypes used in Action Controllers. Get-and-show and do-and-redirect. - # Most actions are variations of these themes. - # - # == Requests - # - # Requests are processed by the Action Controller framework by extracting the value of the "action" key in the request parameters. - # This value should hold the name of the action to be performed. Once the action has been identified, the remaining - # request parameters, the session (if one is available), and the full request with all the HTTP headers are made available to - # the action through instance variables. Then the action is performed. - # - # The full request object is available with the request accessor and is primarily used to query for HTTP headers. These queries - # are made by accessing the environment hash, like this: - # - # def server_ip - # location = request.env["SERVER_ADDR"] - # render :text => "This server hosted at #{location}" - # end - # - # == Parameters - # - # All request parameters, whether they come from a GET or POST request, or from the URL, are available through the params method - # which returns a hash. For example, an action that was performed through /weblog/list?category=All&limit=5 will include - # { "category" => "All", "limit" => 5 } in params. - # - # It's also possible to construct multi-dimensional parameter hashes by specifying keys using brackets, such as: - # - # - # - # - # A request stemming from a form holding these inputs will include { "post" => { "name" => "david", "address" => "hyacintvej" } }. - # If the address input had been named "post[address][street]", the params would have included - # { "post" => { "address" => { "street" => "hyacintvej" } } }. There's no limit to the depth of the nesting. - # - # == Sessions - # - # Sessions allows you to store objects in between requests. This is useful for objects that are not yet ready to be persisted, - # such as a Signup object constructed in a multi-paged process, or objects that don't change much and are needed all the time, such - # as a User object for a system that requires login. The session should not be used, however, as a cache for objects where it's likely - # they could be changed unknowingly. It's usually too much work to keep it all synchronized -- something databases already excel at. - # - # You can place objects in the session by using the session method, which accesses a hash: - # - # session[:person] = Person.authenticate(user_name, password) - # - # And retrieved again through the same hash: - # - # Hello #{session[:person]} - # - # For removing objects from the session, you can either assign a single key to +nil+: - # - # # removes :person from session - # session[:person] = nil - # - # or you can remove the entire session with +reset_session+. - # - # Sessions are stored by default in a browser cookie that's cryptographically signed, but unencrypted. - # This prevents the user from tampering with the session but also allows him to see its contents. - # - # Do not put secret information in cookie-based sessions! - # - # Other options for session storage are: - # - # * ActiveRecord::SessionStore - Sessions are stored in your database, which works better than PStore with multiple app servers and, - # unlike CookieStore, hides your session contents from the user. To use ActiveRecord::SessionStore, set - # - # config.action_controller.session_store = :active_record_store - # - # in your config/environment.rb and run rake db:sessions:create. - # - # * MemCacheStore - Sessions are stored as entries in your memcached cache. - # Set the session store type in config/environment.rb: - # - # config.action_controller.session_store = :mem_cache_store - # - # This assumes that memcached has been installed and configured properly. - # See the MemCacheStore docs for more information. - # - # == Responses - # - # Each action results in a response, which holds the headers and document to be sent to the user's browser. The actual response - # object is generated automatically through the use of renders and redirects and requires no user intervention. - # - # == Renders - # - # Action Controller sends content to the user by using one of five rendering methods. The most versatile and common is the rendering - # of a template. Included in the Action Pack is the Action View, which enables rendering of ERb templates. It's automatically configured. - # The controller passes objects to the view by assigning instance variables: - # - # def show - # @post = Post.find(params[:id]) - # end - # - # Which are then automatically available to the view: - # - # Title: <%= @post.title %> - # - # You don't have to rely on the automated rendering. Especially actions that could result in the rendering of different templates will use - # the manual rendering methods: - # - # def search - # @results = Search.find(params[:query]) - # case @results - # when 0 then render :action => "no_results" - # when 1 then render :action => "show" - # when 2..10 then render :action => "show_many" - # end - # end - # - # Read more about writing ERb and Builder templates in link:classes/ActionView/Base.html. - # - # == Redirects - # - # Redirects are used to move from one action to another. For example, after a create action, which stores a blog entry to a database, - # we might like to show the user the new entry. Because we're following good DRY principles (Don't Repeat Yourself), we're going to reuse (and redirect to) - # a show action that we'll assume has already been created. The code might look like this: - # - # def create - # @entry = Entry.new(params[:entry]) - # if @entry.save - # # The entry was saved correctly, redirect to show - # redirect_to :action => 'show', :id => @entry.id - # else - # # things didn't go so well, do something else - # end - # end - # - # In this case, after saving our new entry to the database, the user is redirected to the show method which is then executed. - # - # == Calling multiple redirects or renders - # - # An action may contain only a single render or a single redirect. Attempting to try to do either again will result in a DoubleRenderError: - # - # def do_something - # redirect_to :action => "elsewhere" - # render :action => "overthere" # raises DoubleRenderError - # end - # - # If you need to redirect on the condition of something, then be sure to add "and return" to halt execution. - # - # def do_something - # redirect_to(:action => "elsewhere") and return if monkeys.nil? - # render :action => "overthere" # won't be called if monkeys is nil - # end - # - class Base - DEFAULT_RENDER_STATUS_CODE = "200 OK" - - include StatusCodes - - cattr_reader :protected_instance_variables - # Controller specific instance variables which will not be accessible inside views. - @@protected_instance_variables = %w(@assigns @performed_redirect @performed_render @variables_added @request_origin @url @parent_controller - @action_name @before_filter_chain_aborted @action_cache_path @_session @_headers @_params - @_flash @_response) - - # Prepends all the URL-generating helpers from AssetHelper. This makes it possible to easily move javascripts, stylesheets, - # and images to a dedicated asset server away from the main web server. Example: - # ActionController::Base.asset_host = "http://assets.example.com" - @@asset_host = "" - cattr_accessor :asset_host - - # All requests are considered local by default, so everyone will be exposed to detailed debugging screens on errors. - # When the application is ready to go public, this should be set to false, and the protected method local_request? - # should instead be implemented in the controller to determine when debugging screens should be shown. - @@consider_all_requests_local = true - cattr_accessor :consider_all_requests_local - - # Indicates whether to allow concurrent action processing. Your - # controller actions and any other code they call must also behave well - # when called from concurrent threads. Turned off by default. - @@allow_concurrency = false - cattr_accessor :allow_concurrency - - # Modern REST web services often need to submit complex data to the web application. - # The @@param_parsers hash lets you register handlers which will process the HTTP body and add parameters to the - # params hash. These handlers are invoked for POST and PUT requests. - # - # By default application/xml is enabled. A XmlSimple class with the same param name as the root will be instantiated - # in the params. This allows XML requests to mask themselves as regular form submissions, so you can have one - # action serve both regular forms and web service requests. - # - # Example of doing your own parser for a custom content type: - # - # ActionController::Base.param_parsers[Mime::Type.lookup('application/atom+xml')] = Proc.new do |data| - # node = REXML::Document.new(post) - # { node.root.name => node.root } - # end - # - # Note: Up until release 1.1 of Rails, Action Controller would default to using XmlSimple configured to discard the - # root node for such requests. The new default is to keep the root, such that "David" results - # in params[:r][:name] for "David" instead of params[:name]. To get the old behavior, you can - # re-register XmlSimple as application/xml handler ike this: - # - # ActionController::Base.param_parsers[Mime::XML] = - # Proc.new { |data| XmlSimple.xml_in(data, 'ForceArray' => false) } - # - # A YAML parser is also available and can be turned on with: - # - # ActionController::Base.param_parsers[Mime::YAML] = :yaml - @@param_parsers = {} - cattr_accessor :param_parsers - - # Controls the default charset for all renders. - @@default_charset = "utf-8" - cattr_accessor :default_charset - - # The logger is used for generating information on the action run-time (including benchmarking) if available. - # Can be set to nil for no logging. Compatible with both Ruby's own Logger and Log4r loggers. - cattr_accessor :logger - - # Controls the resource action separator - @@resource_action_separator = "/" - cattr_accessor :resource_action_separator - - # Allow to override path names for default resources' actions - @@resources_path_names = { :new => 'new', :edit => 'edit' } - cattr_accessor :resources_path_names - - # Sets the token parameter name for RequestForgery. Calling +protect_from_forgery+ - # sets it to :authenticity_token by default. - cattr_accessor :request_forgery_protection_token - - # Controls the IP Spoofing check when determining the remote IP. - @@ip_spoofing_check = true - cattr_accessor :ip_spoofing_check - - # Indicates whether or not optimise the generated named - # route helper methods - cattr_accessor :optimise_named_routes - self.optimise_named_routes = true - - # Indicates whether the response format should be determined by examining the Accept HTTP header, - # or by using the simpler params + ajax rules. - # - # If this is set to +true+ (the default) then +respond_to+ and +Request#format+ will take the Accept - # header into account. If it is set to false then the request format will be determined solely - # by examining params[:format]. If params format is missing, the format will be either HTML or - # Javascript depending on whether the request is an AJAX request. - cattr_accessor :use_accept_header - self.use_accept_header = true - - # Controls whether request forgergy protection is turned on or not. Turned off by default only in test mode. - class_inheritable_accessor :allow_forgery_protection - self.allow_forgery_protection = true - - # If you are deploying to a subdirectory, you will need to set - # config.action_controller.relative_url_root - # This defaults to ENV['RAILS_RELATIVE_URL_ROOT'] - cattr_accessor :relative_url_root - self.relative_url_root = ENV['RAILS_RELATIVE_URL_ROOT'] - - # Holds the request object that's primarily used to get environment variables through access like - # request.env["REQUEST_URI"]. - attr_internal :request - - # Holds a hash of all the GET, POST, and Url parameters passed to the action. Accessed like params["post_id"] - # to get the post_id. No type casts are made, so all values are returned as strings. - attr_internal :params - - # Holds the response object that's primarily used to set additional HTTP headers through access like - # response.headers["Cache-Control"] = "no-cache". Can also be used to access the final body HTML after a template - # has been rendered through response.body -- useful for after_filters that wants to manipulate the output, - # such as a OutputCompressionFilter. - attr_internal :response - - # Holds a hash of objects in the session. Accessed like session[:person] to get the object tied to the "person" - # key. The session will hold any type of object as values, but the key should be a string or symbol. - attr_internal :session - - # Holds a hash of header names and values. Accessed like headers["Cache-Control"] to get the value of the Cache-Control - # directive. Values should always be specified as strings. - attr_internal :headers - - # Returns the name of the action this controller is processing. - attr_accessor :action_name - - class << self - def call(env) - # HACK: For global rescue to have access to the original request and response - request = env["action_controller.rescue.request"] ||= Request.new(env) - response = env["action_controller.rescue.response"] ||= Response.new - process(request, response) - end - - # Factory for the standard create, process loop where the controller is discarded after processing. - def process(request, response) #:nodoc: - new.process(request, response) - end - - # Converts the class name from something like "OneModule::TwoModule::NeatController" to "NeatController". - def controller_class_name - @controller_class_name ||= name.demodulize - end - - # Converts the class name from something like "OneModule::TwoModule::NeatController" to "neat". - def controller_name - @controller_name ||= controller_class_name.sub(/Controller$/, '').underscore - end - - # Converts the class name from something like "OneModule::TwoModule::NeatController" to "one_module/two_module/neat". - def controller_path - @controller_path ||= name.gsub(/Controller$/, '').underscore - end - - # Return an array containing the names of public methods that have been marked hidden from the action processor. - # By default, all methods defined in ActionController::Base and included modules are hidden. - # More methods can be hidden using hide_actions. - def hidden_actions - read_inheritable_attribute(:hidden_actions) || write_inheritable_attribute(:hidden_actions, []) - end - - # Hide each of the given methods from being callable as actions. - def hide_action(*names) - write_inheritable_attribute(:hidden_actions, hidden_actions | names.map { |name| name.to_s }) - end - - # View load paths determine the bases from which template references can be made. So a call to - # render("test/template") will be looked up in the view load paths array and the closest match will be - # returned. - def view_paths - if defined? @view_paths - @view_paths - else - superclass.view_paths - end - end - - def view_paths=(value) - @view_paths = ActionView::Base.process_view_paths(value) if value - end - - # Adds a view_path to the front of the view_paths array. - # If the current class has no view paths, copy them from - # the superclass. This change will be visible for all future requests. - # - # ArticleController.prepend_view_path("views/default") - # ArticleController.prepend_view_path(["views/default", "views/custom"]) - # - def prepend_view_path(path) - @view_paths = superclass.view_paths.dup if !defined?(@view_paths) || @view_paths.nil? - @view_paths.unshift(*path) - end - - # Adds a view_path to the end of the view_paths array. - # If the current class has no view paths, copy them from - # the superclass. This change will be visible for all future requests. - # - # ArticleController.append_view_path("views/default") - # ArticleController.append_view_path(["views/default", "views/custom"]) - # - def append_view_path(path) - @view_paths = superclass.view_paths.dup if @view_paths.nil? - @view_paths.push(*path) - end - - # Replace sensitive parameter data from the request log. - # Filters parameters that have any of the arguments as a substring. - # Looks in all subhashes of the param hash for keys to filter. - # If a block is given, each key and value of the parameter hash and all - # subhashes is passed to it, the value or key - # can be replaced using String#replace or similar method. - # - # Examples: - # filter_parameter_logging - # => Does nothing, just slows the logging process down - # - # filter_parameter_logging :password - # => replaces the value to all keys matching /password/i with "[FILTERED]" - # - # filter_parameter_logging :foo, "bar" - # => replaces the value to all keys matching /foo|bar/i with "[FILTERED]" - # - # filter_parameter_logging { |k,v| v.reverse! if k =~ /secret/i } - # => reverses the value to all keys matching /secret/i - # - # filter_parameter_logging(:foo, "bar") { |k,v| v.reverse! if k =~ /secret/i } - # => reverses the value to all keys matching /secret/i, and - # replaces the value to all keys matching /foo|bar/i with "[FILTERED]" - def filter_parameter_logging(*filter_words, &block) - parameter_filter = Regexp.new(filter_words.collect{ |s| s.to_s }.join('|'), true) if filter_words.length > 0 - - define_method(:filter_parameters) do |unfiltered_parameters| - filtered_parameters = {} - - unfiltered_parameters.each do |key, value| - if key =~ parameter_filter - filtered_parameters[key] = '[FILTERED]' - elsif value.is_a?(Hash) - filtered_parameters[key] = filter_parameters(value) - elsif block_given? - key = key.dup - value = value.dup if value - yield key, value - filtered_parameters[key] = value - else - filtered_parameters[key] = value - end - end - - filtered_parameters - end - protected :filter_parameters - end - - delegate :exempt_from_layout, :to => 'ActionView::Template' - end - - public - # Extracts the action_name from the request parameters and performs that action. - def process(request, response, method = :perform_action, *arguments) #:nodoc: - response.request = request - - assign_shortcuts(request, response) - initialize_template_class(response) - initialize_current_url - assign_names - - log_processing - send(method, *arguments) - - send_response - ensure - process_cleanup - end - - def send_response - response.prepare! - response - end - - # Returns a URL that has been rewritten according to the options hash and the defined routes. - # (For doing a complete redirect, use +redirect_to+). - # - # url_for is used to: - # - # All keys given to +url_for+ are forwarded to the Route module, save for the following: - # * :anchor - Specifies the anchor name to be appended to the path. For example, - # url_for :controller => 'posts', :action => 'show', :id => 10, :anchor => 'comments' - # will produce "/posts/show/10#comments". - # * :only_path - If true, returns the relative URL (omitting the protocol, host name, and port) (false by default). - # * :trailing_slash - If true, adds a trailing slash, as in "/archive/2005/". Note that this - # is currently not recommended since it breaks caching. - # * :host - Overrides the default (current) host if provided. - # * :protocol - Overrides the default (current) protocol if provided. - # * :port - Optionally specify the port to connect to. - # * :user - Inline HTTP authentication (only plucked out if :password is also present). - # * :password - Inline HTTP authentication (only plucked out if :user is also present). - # * :skip_relative_url_root - If true, the url is not constructed using the +relative_url_root+ - # of the request so the path will include the web server relative installation directory. - # - # The URL is generated from the remaining keys in the hash. A URL contains two key parts: the and a query string. - # Routes composes a query string as the key/value pairs not included in the . - # - # The default Routes setup supports a typical Rails path of "controller/action/id" where action and id are optional, with - # action defaulting to 'index' when not given. Here are some typical url_for statements and their corresponding URLs: - # - # url_for :controller => 'posts', :action => 'recent' # => 'proto://host.com/posts/recent' - # url_for :controller => 'posts', :action => 'index' # => 'proto://host.com/posts' - # url_for :controller => 'posts', :action => 'index', :port=>'8033' # => 'proto://host.com:8033/posts' - # url_for :controller => 'posts', :action => 'show', :id => 10 # => 'proto://host.com/posts/show/10' - # url_for :controller => 'posts', :user => 'd', :password => '123' # => 'proto://d:123@host.com/posts' - # - # When generating a new URL, missing values may be filled in from the current request's parameters. For example, - # url_for :action => 'some_action' will retain the current controller, as expected. This behavior extends to - # other parameters, including :controller, :id, and any other parameters that are placed into a Route's - # path. - #   - # The URL helpers such as url_for have a limited form of memory: when generating a new URL, they can look for - # missing values in the current request's parameters. Routes attempts to guess when a value should and should not be - # taken from the defaults. There are a few simple rules on how this is performed: - # - # * If the controller name begins with a slash no defaults are used: - # - # url_for :controller => '/home' - # - # In particular, a leading slash ensures no namespace is assumed. Thus, - # while url_for :controller => 'users' may resolve to - # Admin::UsersController if the current controller lives under - # that module, url_for :controller => '/users' ensures you link - # to ::UsersController no matter what. - # * If the controller changes, the action will default to index unless provided - # - # The final rule is applied while the URL is being generated and is best illustrated by an example. Let us consider the - # route given by map.connect 'people/:last/:first/:action', :action => 'bio', :controller => 'people'. - # - # Suppose that the current URL is "people/hh/david/contacts". Let's consider a few different cases of URLs which are generated - # from this page. - # - # * url_for :action => 'bio' -- During the generation of this URL, default values will be used for the first and - # last components, and the action shall change. The generated URL will be, "people/hh/david/bio". - # * url_for :first => 'davids-little-brother' This generates the URL 'people/hh/davids-little-brother' -- note - # that this URL leaves out the assumed action of 'bio'. - # - # However, you might ask why the action from the current request, 'contacts', isn't carried over into the new URL. The - # answer has to do with the order in which the parameters appear in the generated path. In a nutshell, since the - # value that appears in the slot for :first is not equal to default value for :first we stop using - # defaults. On its own, this rule can account for much of the typical Rails URL behavior. - #   - # Although a convenience, defaults can occasionally get in your way. In some cases a default persists longer than desired. - # The default may be cleared by adding :name => nil to url_for's options. - # This is often required when writing form helpers, since the defaults in play may vary greatly depending upon where the - # helper is used from. The following line will redirect to PostController's default action, regardless of the page it is - # displayed on: - # - # url_for :controller => 'posts', :action => nil - # - # If you explicitly want to create a URL that's almost the same as the current URL, you can do so using the - # :overwrite_params options. Say for your posts you have different views for showing and printing them. - # Then, in the show view, you get the URL for the print view like this - # - # url_for :overwrite_params => { :action => 'print' } - # - # This takes the current URL as is and only exchanges the action. In contrast, url_for :action => 'print' - # would have slashed-off the path components after the changed action. - def url_for(options = {}) - options ||= {} - case options - when String - options - when Hash - @url.rewrite(rewrite_options(options)) - else - polymorphic_url(options) - end - end - - # Converts the class name from something like "OneModule::TwoModule::NeatController" to "NeatController". - def controller_class_name - self.class.controller_class_name - end - - # Converts the class name from something like "OneModule::TwoModule::NeatController" to "neat". - def controller_name - self.class.controller_name - end - - # Converts the class name from something like "OneModule::TwoModule::NeatController" to "one_module/two_module/neat". - def controller_path - self.class.controller_path - end - - def session_enabled? - ActiveSupport::Deprecation.warn("Sessions are now lazy loaded. So if you don't access them, consider them disabled.", caller) - end - - self.view_paths = [] - - # View load paths for controller. - def view_paths - @template.view_paths - end - - def view_paths=(value) - @template.view_paths = ActionView::Base.process_view_paths(value) - end - - # Adds a view_path to the front of the view_paths array. - # This change affects the current request only. - # - # self.prepend_view_path("views/default") - # self.prepend_view_path(["views/default", "views/custom"]) - # - def prepend_view_path(path) - @template.view_paths.unshift(*path) - end - - # Adds a view_path to the end of the view_paths array. - # This change affects the current request only. - # - # self.append_view_path("views/default") - # self.append_view_path(["views/default", "views/custom"]) - # - def append_view_path(path) - @template.view_paths.push(*path) - end - - protected - # Renders the content that will be returned to the browser as the response body. - # - # === Rendering an action - # - # Action rendering is the most common form and the type used automatically by Action Controller when nothing else is - # specified. By default, actions are rendered within the current layout (if one exists). - # - # # Renders the template for the action "goal" within the current controller - # render :action => "goal" - # - # # Renders the template for the action "short_goal" within the current controller, - # # but without the current active layout - # render :action => "short_goal", :layout => false - # - # # Renders the template for the action "long_goal" within the current controller, - # # but with a custom layout - # render :action => "long_goal", :layout => "spectacular" - # - # === Rendering partials - # - # Partial rendering in a controller is most commonly used together with Ajax calls that only update one or a few elements on a page - # without reloading. Rendering of partials from the controller makes it possible to use the same partial template in - # both the full-page rendering (by calling it from within the template) and when sub-page updates happen (from the - # controller action responding to Ajax calls). By default, the current layout is not used. - # - # # Renders the same partial with a local variable. - # render :partial => "person", :locals => { :name => "david" } - # - # # Renders the partial, making @new_person available through - # # the local variable 'person' - # render :partial => "person", :object => @new_person - # - # # Renders a collection of the same partial by making each element - # # of @winners available through the local variable "person" as it - # # builds the complete response. - # render :partial => "person", :collection => @winners - # - # # Renders a collection of partials but with a custom local variable name - # render :partial => "admin_person", :collection => @winners, :as => :person - # - # # Renders the same collection of partials, but also renders the - # # person_divider partial between each person partial. - # render :partial => "person", :collection => @winners, :spacer_template => "person_divider" - # - # # Renders a collection of partials located in a view subfolder - # # outside of our current controller. In this example we will be - # # rendering app/views/shared/_note.r(html|xml) Inside the partial - # # each element of @new_notes is available as the local var "note". - # render :partial => "shared/note", :collection => @new_notes - # - # # Renders the partial with a status code of 500 (internal error). - # render :partial => "broken", :status => 500 - # - # Note that the partial filename must also be a valid Ruby variable name, - # so e.g. 2005 and register-user are invalid. - # - # - # == Automatic etagging - # - # Rendering will automatically insert the etag header on 200 OK responses. The etag is calculated using MD5 of the - # response body. If a request comes in that has a matching etag, the response will be changed to a 304 Not Modified - # and the response body will be set to an empty string. No etag header will be inserted if it's already set. - # - # === Rendering a template - # - # Template rendering works just like action rendering except that it takes a path relative to the template root. - # The current layout is automatically applied. - # - # # Renders the template located in [TEMPLATE_ROOT]/weblog/show.r(html|xml) (in Rails, app/views/weblog/show.erb) - # render :template => "weblog/show" - # - # # Renders the template with a local variable - # render :template => "weblog/show", :locals => {:customer => Customer.new} - # - # === Rendering a file - # - # File rendering works just like action rendering except that it takes a filesystem path. By default, the path - # is assumed to be absolute, and the current layout is not applied. - # - # # Renders the template located at the absolute filesystem path - # render :file => "/path/to/some/template.erb" - # render :file => "c:/path/to/some/template.erb" - # - # # Renders a template within the current layout, and with a 404 status code - # render :file => "/path/to/some/template.erb", :layout => true, :status => 404 - # render :file => "c:/path/to/some/template.erb", :layout => true, :status => 404 - # - # === Rendering text - # - # Rendering of text is usually used for tests or for rendering prepared content, such as a cache. By default, text - # rendering is not done within the active layout. - # - # # Renders the clear text "hello world" with status code 200 - # render :text => "hello world!" - # - # # Renders the clear text "Explosion!" with status code 500 - # render :text => "Explosion!", :status => 500 - # - # # Renders the clear text "Hi there!" within the current active layout (if one exists) - # render :text => "Hi there!", :layout => true - # - # # Renders the clear text "Hi there!" within the layout - # # placed in "app/views/layouts/special.r(html|xml)" - # render :text => "Hi there!", :layout => "special" - # - # The :text option can also accept a Proc object, which can be used to manually control the page generation. This should - # generally be avoided, as it violates the separation between code and content, and because almost everything that can be - # done with this method can also be done more cleanly using one of the other rendering methods, most notably templates. - # - # # Renders "Hello from code!" - # render :text => proc { |response, output| output.write("Hello from code!") } - # - # === Rendering XML - # - # Rendering XML sets the content type to application/xml. - # - # # Renders 'David' - # render :xml => {:name => "David"}.to_xml - # - # It's not necessary to call to_xml on the object you want to render, since render will - # automatically do that for you: - # - # # Also renders 'David' - # render :xml => {:name => "David"} - # - # === Rendering JSON - # - # Rendering JSON sets the content type to application/json and optionally wraps the JSON in a callback. It is expected - # that the response will be parsed (or eval'd) for use as a data structure. - # - # # Renders '{"name": "David"}' - # render :json => {:name => "David"}.to_json - # - # It's not necessary to call to_json on the object you want to render, since render will - # automatically do that for you: - # - # # Also renders '{"name": "David"}' - # render :json => {:name => "David"} - # - # Sometimes the result isn't handled directly by a script (such as when the request comes from a SCRIPT tag), - # so the :callback option is provided for these cases. - # - # # Renders 'show({"name": "David"})' - # render :json => {:name => "David"}.to_json, :callback => 'show' - # - # === Rendering an inline template - # - # Rendering of an inline template works as a cross between text and action rendering where the source for the template - # is supplied inline, like text, but its interpreted with ERb or Builder, like action. By default, ERb is used for rendering - # and the current layout is not used. - # - # # Renders "hello, hello, hello, again" - # render :inline => "<%= 'hello, ' * 3 + 'again' %>" - # - # # Renders "

Good seeing you!

" using Builder - # render :inline => "xml.p { 'Good seeing you!' }", :type => :builder - # - # # Renders "hello david" - # render :inline => "<%= 'hello ' + name %>", :locals => { :name => "david" } - # - # === Rendering inline JavaScriptGenerator page updates - # - # In addition to rendering JavaScriptGenerator page updates with Ajax in RJS templates (see ActionView::Base for details), - # you can also pass the :update parameter to +render+, along with a block, to render page updates inline. - # - # render :update do |page| - # page.replace_html 'user_list', :partial => 'user', :collection => @users - # page.visual_effect :highlight, 'user_list' - # end - # - # === Rendering vanilla JavaScript - # - # In addition to using RJS with render :update, you can also just render vanilla JavaScript with :js. - # - # # Renders "alert('hello')" and sets the mime type to text/javascript - # render :js => "alert('hello')" - # - # === Rendering with status and location headers - # All renders take the :status and :location options and turn them into headers. They can even be used together: - # - # render :xml => post.to_xml, :status => :created, :location => post_url(post) - def render(options = nil, extra_options = {}, &block) #:doc: - raise DoubleRenderError, "Can only render or redirect once per action" if performed? - - options = { :layout => true } if options.nil? - original, options = options, extra_options unless options.is_a?(Hash) - - layout_name = options.delete(:layout) - - _process_options(options) - - if block_given? - @template.send(:_evaluate_assigns_and_ivars) - - generator = ActionView::Helpers::PrototypeHelper::JavaScriptGenerator.new(@template, &block) - response.content_type = Mime::JS - return render_for_text(generator.to_s) - end - - if original - return render_for_name(original, layout_name, options) unless block_given? - end - - if options.key?(:text) - return render_for_text(@template._render_text(options[:text], - _pick_layout(layout_name), options)) - end - - file, template = options.values_at(:file, :template) - if file || template - file = template.sub(/^\//, '') if template - return render_for_file(file, [layout_name, !!template], options) - end - - if action_option = options[:action] - return render_for_action(action_option, [layout_name, true], options) - end - - if inline = options[:inline] - render_for_text(@template._render_inline(inline, _pick_layout(layout_name), options)) - - elsif xml = options[:xml] - response.content_type ||= Mime::XML - render_for_text(xml.respond_to?(:to_xml) ? xml.to_xml : xml) - - elsif js = options[:js] - response.content_type ||= Mime::JS - render_for_text(js) - - elsif json = options[:json] - json = json.to_json unless json.is_a?(String) - json = "#{options[:callback]}(#{json})" unless options[:callback].blank? - response.content_type ||= Mime::JSON - render_for_text(json) - - elsif partial = options[:partial] - if partial == true - parts = [action_name_base, formats, controller_name, true] - elsif partial.is_a?(String) - parts = partial_parts(partial, options) - else - return render_for_text(@template._render_partial(options)) - end - - render_for_parts(parts, layout_name, options) - - elsif options[:nothing] - render_for_text(nil) - - else - render_for_parts([action_name, formats, controller_path], layout_name, options) - end - end - - def formats - @_request.formats.map {|f| f.symbol }.compact - end - - def action_name_base(name = action_name) - (name.is_a?(String) ? name.sub(/^#{controller_path}\//, '') : name).to_s - end - - # Renders according to the same rules as render, but returns the result in a string instead - # of sending it as the response body to the browser. - def render_to_string(options = nil, &block) #:doc: - render(options, &block) - ensure - response.content_type = nil - erase_render_results - reset_variables_added_to_assigns - end - - # Return a response that has no content (merely headers). The options - # argument is interpreted to be a hash of header names and values. - # This allows you to easily return a response that consists only of - # significant headers: - # - # head :created, :location => person_path(@person) - # - # It can also be used to return exceptional conditions: - # - # return head(:method_not_allowed) unless request.post? - # return head(:bad_request) unless valid_request? - # render - def head(*args) - if args.length > 2 - raise ArgumentError, "too many arguments to head" - elsif args.empty? - raise ArgumentError, "too few arguments to head" - end - options = args.extract_options! - status = interpret_status(args.shift || options.delete(:status) || :ok) - - options.each do |key, value| - headers[key.to_s.dasherize.split(/-/).map { |v| v.capitalize }.join("-")] = value.to_s - end - - render :nothing => true, :status => status - end - - # Clears the rendered results, allowing for another render to be performed. - def erase_render_results #:nodoc: - response.body = nil - @performed_render = false - end - - # Clears the redirected results from the headers, resets the status to 200 and returns - # the URL that was used to redirect or nil if there was no redirected URL - # Note that +redirect_to+ will change the body of the response to indicate a redirection. - # The response body is not reset here, see +erase_render_results+ - def erase_redirect_results #:nodoc: - @performed_redirect = false - response.redirected_to = nil - response.redirected_to_method_params = nil - response.status = DEFAULT_RENDER_STATUS_CODE - response.headers.delete('Location') - end - - # Erase both render and redirect results - def erase_results #:nodoc: - erase_render_results - erase_redirect_results - end - - def rewrite_options(options) #:nodoc: - if defaults = default_url_options(options) - defaults.merge(options) - else - options - end - end - - # Overwrite to implement a number of default options that all url_for-based methods will use. The default options should come in - # the form of a hash, just like the one you would use for url_for directly. Example: - # - # def default_url_options(options) - # { :project => @project.active? ? @project.url_name : "unknown" } - # end - # - # As you can infer from the example, this is mostly useful for situations where you want to centralize dynamic decisions about the - # urls as they stem from the business domain. Please note that any individual url_for call can always override the defaults set - # by this method. - def default_url_options(options = nil) - end - - # Redirects the browser to the target specified in +options+. This parameter can take one of three forms: - # - # * Hash - The URL will be generated by calling url_for with the +options+. - # * Record - The URL will be generated by calling url_for with the +options+, which will reference a named URL for that record. - # * String starting with protocol:// (like http://) - Is passed straight through as the target for redirection. - # * String not containing a protocol - The current protocol and host is prepended to the string. - # * :back - Back to the page that issued the request. Useful for forms that are triggered from multiple places. - # Short-hand for redirect_to(request.env["HTTP_REFERER"]) - # - # Examples: - # redirect_to :action => "show", :id => 5 - # redirect_to post - # redirect_to "http://www.rubyonrails.org" - # redirect_to "/images/screenshot.jpg" - # redirect_to articles_url - # redirect_to :back - # - # The redirection happens as a "302 Moved" header unless otherwise specified. - # - # Examples: - # redirect_to post_url(@post), :status=>:found - # redirect_to :action=>'atom', :status=>:moved_permanently - # redirect_to post_url(@post), :status=>301 - # redirect_to :action=>'atom', :status=>302 - # - # When using redirect_to :back, if there is no referrer, - # RedirectBackError will be raised. You may specify some fallback - # behavior for this case by rescuing RedirectBackError. - def redirect_to(options = {}, response_status = {}) #:doc: - raise ActionControllerError.new("Cannot redirect to nil!") if options.nil? - - if options.is_a?(Hash) && options[:status] - status = options.delete(:status) - elsif response_status[:status] - status = response_status[:status] - else - status = 302 - end - - response.redirected_to = options - logger.info("Redirected to #{options}") if logger && logger.info? - - case options - # The scheme name consist of a letter followed by any combination of - # letters, digits, and the plus ("+"), period ("."), or hyphen ("-") - # characters; and is terminated by a colon (":"). - when %r{^\w[\w\d+.-]*:.*} - redirect_to_full_url(options, status) - when String - redirect_to_full_url(request.protocol + request.host_with_port + options, status) - when :back - if referer = request.headers["Referer"] - redirect_to(referer, :status=>status) - else - raise RedirectBackError - end - else - redirect_to_full_url(url_for(options), status) - end - end - - def redirect_to_full_url(url, status) - raise DoubleRenderError if performed? - response.redirect(url, interpret_status(status)) - @performed_redirect = true - end - - # Sets the etag and/or last_modified on the response and checks it against - # the client request. If the request doesn't match the options provided, the - # request is considered stale and should be generated from scratch. Otherwise, - # it's fresh and we don't need to generate anything and a reply of "304 Not Modified" is sent. - # - # Example: - # - # def show - # @article = Article.find(params[:id]) - # - # if stale?(:etag => @article, :last_modified => @article.created_at.utc) - # @statistics = @article.really_expensive_call - # respond_to do |format| - # # all the supported formats - # end - # end - # end - def stale?(options) - fresh_when(options) - !request.fresh?(response) - end - - # Sets the etag, last_modified, or both on the response and renders a - # "304 Not Modified" response if the request is already fresh. - # - # Example: - # - # def show - # @article = Article.find(params[:id]) - # fresh_when(:etag => @article, :last_modified => @article.created_at.utc) - # end - # - # This will render the show template if the request isn't sending a matching etag or - # If-Modified-Since header and just a "304 Not Modified" response if there's a match. - def fresh_when(options) - options.assert_valid_keys(:etag, :last_modified) - - response.etag = options[:etag] if options[:etag] - response.last_modified = options[:last_modified] if options[:last_modified] - - if request.fresh?(response) - head :not_modified - end - end - - # Sets a HTTP 1.1 Cache-Control header. Defaults to issuing a "private" instruction, so that - # intermediate caches shouldn't cache the response. - # - # Examples: - # expires_in 20.minutes - # expires_in 3.hours, :private => false - # expires in 3.hours, 'max-stale' => 5.hours, :private => nil, :public => true - # - # This method will overwrite an existing Cache-Control header. - # See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html for more possibilities. - def expires_in(seconds, options = {}) #:doc: - cache_options = { 'max-age' => seconds, 'private' => true }.symbolize_keys.merge!(options.symbolize_keys) - cache_options.delete_if { |k,v| v.nil? or v == false } - cache_control = cache_options.map{ |k,v| v == true ? k.to_s : "#{k.to_s}=#{v.to_s}"} - response.headers["Cache-Control"] = cache_control.join(', ') - end - - # Sets a HTTP 1.1 Cache-Control header of "no-cache" so no caching should occur by the browser or - # intermediate caches (like caching proxy servers). - def expires_now #:doc: - response.headers["Cache-Control"] = "no-cache" - end - - # Resets the session by clearing out all the objects stored within and initializing a new session object. - def reset_session #:doc: - request.reset_session - @_session = request.session - end - - private - def _process_options(options) - if content_type = options[:content_type] - response.content_type = content_type.to_s - end - - if location = options[:location] - response.headers["Location"] = url_for(location) - end - - response.status = interpret_status(options[:status] || DEFAULT_RENDER_STATUS_CODE) - end - - def render_for_name(name, layout, options) - case name.to_s.index('/') - when 0 - render_for_file(name, layout, options) - when nil - render_for_action(name, layout, options) - else - render_for_file(name.sub(/^\//, ''), [layout, true], options) - end - end - - def render_for_parts(parts, layout, options = {}) - tmp = view_paths.find_by_parts(*parts) - layout = _pick_layout(*layout) unless tmp.exempt_from_layout? - - render_for_text( - @template._render_template_with_layout(tmp, layout, options, parts[3])) - end - - def partial_parts(name, options) - segments = name.split("/") - parts = segments.pop.split(".") - - case parts.size - when 1 - parts - when 2, 3 - extension = parts.delete_at(1).to_sym - if formats.include?(extension) - self.formats.replace [extension] - end - parts.pop if parts.size == 2 - end - - path = parts.join(".") - prefix = segments[0..-1].join("/") - prefix = prefix.blank? ? controller_path : prefix - parts = [path, formats, prefix] - parts.push options[:object] || true - end - - def render_for_file(file, layout, options) - render_for_parts([file, [request.format.to_sym]], layout, options) - end - - def render_for_action(name, layout, options) - parts = [action_name_base(name), formats, controller_name] - render_for_parts(parts, layout, options) - end - - def render_for_text(text = nil, append_response = false) #:nodoc: - @performed_render = true - - if append_response - response.body ||= '' - response.body << text.to_s - else - response.body = case text - when Proc then text - when nil then " " # Safari doesn't pass the headers of the return if the response is zero length - else text.to_s - end - end - end - - def initialize_template_class(response) - @template = response.template = ActionView::Base.new(self.class.view_paths, {}, self, formats) - response.template.helpers.send :include, self.class.master_helper_module - response.redirected_to = nil - @performed_render = @performed_redirect = false - end - - def assign_shortcuts(request, response) - @_request, @_params = request, request.parameters - - @_response = response - @_response.session = request.session - - @_session = @_response.session - - @_headers = @_response.headers - end - - def initialize_current_url - @url = UrlRewriter.new(request, params.clone) - end - - def log_processing - if logger && logger.info? - log_processing_for_request_id - log_processing_for_parameters - end - end - - def log_processing_for_request_id - request_id = "\n\nProcessing #{self.class.name}\##{action_name} " - request_id << "to #{params[:format]} " if params[:format] - request_id << "(for #{request_origin}) [#{request.method.to_s.upcase}]" - - logger.info(request_id) - end - - def log_processing_for_parameters - parameters = respond_to?(:filter_parameters) ? filter_parameters(params) : params.dup - parameters = parameters.except!(:controller, :action, :format, :_method) - - logger.info " Parameters: #{parameters.inspect}" unless parameters.empty? - end - - def default_render #:nodoc: - render - end - - def perform_action - if called = action_methods.include?(action_name) - ret = send(action_name) - elsif called = respond_to?(:method_missing) - ret = method_missing(action_name) - end - - return (performed? ? ret : default_render) if called - - begin - default_render - rescue ActionView::MissingTemplate => e - raise e unless e.path == action_name - # If the path is the same as the action_name, the action is completely missing - raise UnknownAction, "No action responded to #{action_name}. Actions: " + - "#{action_methods.sort.to_sentence}", caller - end - end - - def performed? - @performed_render || @performed_redirect - end - - def assign_names - @action_name = (params['action'] || 'index') - end - - def action_methods - self.class.action_methods - end - - def self.action_methods - @action_methods ||= - # All public instance methods of this class, including ancestors - public_instance_methods(true).map { |m| m.to_s }.to_set - - # Except for public instance methods of Base and its ancestors - Base.public_instance_methods(true).map { |m| m.to_s } + - # Be sure to include shadowed public instance methods of this class - public_instance_methods(false).map { |m| m.to_s } - - # And always exclude explicitly hidden actions - hidden_actions - end - - def reset_variables_added_to_assigns - @template.instance_variable_set("@assigns_added", nil) - end - - def request_origin - # this *needs* to be cached! - # otherwise you'd get different results if calling it more than once - @request_origin ||= "#{request.remote_ip} at #{Time.now.to_s(:db)}" - end - - def complete_request_uri - "#{request.protocol}#{request.host}#{request.request_uri}" - end - - def close_session - @_session.close if @_session && @_session.respond_to?(:close) - end - - def default_template(action_name = self.action_name) - self.view_paths.find_template(default_template_name(action_name), default_template_format) - end - - def default_template_name(action_name = self.action_name) - if action_name - action_name = action_name.to_s - if action_name.include?('/') && template_path_includes_controller?(action_name) - action_name = strip_out_controller(action_name) - end - end - "#{self.controller_path}/#{action_name}" - end - - def strip_out_controller(path) - path.split('/', 2).last - end - - - def template_path_includes_controller?(path) - self.controller_path.split('/')[-1] == path.split('/')[0] - end - - def process_cleanup - close_session - end - end - - Base.class_eval do - [ Filters, Layout, Benchmarking, Rescue, Flash, MimeResponds, Helpers, - Cookies, Caching, Verification, Streaming, SessionManagement, - HttpAuthentication::Basic::ControllerMethods, RecordIdentifier, - RequestForgeryProtection, Translation - ].each do |mod| - include mod - end - end -end diff --git a/actionpack/lib/action_controller/base/base.rb b/actionpack/lib/action_controller/base/base.rb new file mode 100644 index 0000000000..84371643d7 --- /dev/null +++ b/actionpack/lib/action_controller/base/base.rb @@ -0,0 +1,904 @@ +require 'set' + +module ActionController #:nodoc: + class ActionControllerError < StandardError #:nodoc: + end + + class SessionRestoreError < ActionControllerError #:nodoc: + end + + class RenderError < ActionControllerError #:nodoc: + end + + class RoutingError < ActionControllerError #:nodoc: + attr_reader :failures + def initialize(message, failures=[]) + super(message) + @failures = failures + end + end + + class MethodNotAllowed < ActionControllerError #:nodoc: + attr_reader :allowed_methods + + def initialize(*allowed_methods) + super("Only #{allowed_methods.to_sentence} requests are allowed.") + @allowed_methods = allowed_methods + end + + def allowed_methods_header + allowed_methods.map { |method_symbol| method_symbol.to_s.upcase } * ', ' + end + + def handle_response!(response) + response.headers['Allow'] ||= allowed_methods_header + end + end + + class NotImplemented < MethodNotAllowed #:nodoc: + end + + class UnknownController < ActionControllerError #:nodoc: + end + + class UnknownAction < ActionControllerError #:nodoc: + end + + class MissingFile < ActionControllerError #:nodoc: + end + + class RenderError < ActionControllerError #:nodoc: + end + + class SessionOverflowError < ActionControllerError #:nodoc: + DEFAULT_MESSAGE = 'Your session data is larger than the data column in which it is to be stored. You must increase the size of your data column if you intend to store large data.' + + def initialize(message = nil) + super(message || DEFAULT_MESSAGE) + end + end + + class UnknownHttpMethod < ActionControllerError #:nodoc: + end + + # Action Controllers are the core of a web request in Rails. They are made up of one or more actions that are executed + # on request and then either render a template or redirect to another action. An action is defined as a public method + # on the controller, which will automatically be made accessible to the web-server through Rails Routes. + # + # A sample controller could look like this: + # + # class GuestBookController < ActionController::Base + # def index + # @entries = Entry.find(:all) + # end + # + # def sign + # Entry.create(params[:entry]) + # redirect_to :action => "index" + # end + # end + # + # Actions, by default, render a template in the app/views directory corresponding to the name of the controller and action + # after executing code in the action. For example, the +index+ action of the GuestBookController would render the + # template app/views/guestbook/index.erb by default after populating the @entries instance variable. + # + # Unlike index, the sign action will not render a template. After performing its main purpose (creating a + # new entry in the guest book), it initiates a redirect instead. This redirect works by returning an external + # "302 Moved" HTTP response that takes the user to the index action. + # + # The index and sign represent the two basic action archetypes used in Action Controllers. Get-and-show and do-and-redirect. + # Most actions are variations of these themes. + # + # == Requests + # + # Requests are processed by the Action Controller framework by extracting the value of the "action" key in the request parameters. + # This value should hold the name of the action to be performed. Once the action has been identified, the remaining + # request parameters, the session (if one is available), and the full request with all the HTTP headers are made available to + # the action through instance variables. Then the action is performed. + # + # The full request object is available with the request accessor and is primarily used to query for HTTP headers. These queries + # are made by accessing the environment hash, like this: + # + # def server_ip + # location = request.env["SERVER_ADDR"] + # render :text => "This server hosted at #{location}" + # end + # + # == Parameters + # + # All request parameters, whether they come from a GET or POST request, or from the URL, are available through the params method + # which returns a hash. For example, an action that was performed through /weblog/list?category=All&limit=5 will include + # { "category" => "All", "limit" => 5 } in params. + # + # It's also possible to construct multi-dimensional parameter hashes by specifying keys using brackets, such as: + # + # + # + # + # A request stemming from a form holding these inputs will include { "post" => { "name" => "david", "address" => "hyacintvej" } }. + # If the address input had been named "post[address][street]", the params would have included + # { "post" => { "address" => { "street" => "hyacintvej" } } }. There's no limit to the depth of the nesting. + # + # == Sessions + # + # Sessions allows you to store objects in between requests. This is useful for objects that are not yet ready to be persisted, + # such as a Signup object constructed in a multi-paged process, or objects that don't change much and are needed all the time, such + # as a User object for a system that requires login. The session should not be used, however, as a cache for objects where it's likely + # they could be changed unknowingly. It's usually too much work to keep it all synchronized -- something databases already excel at. + # + # You can place objects in the session by using the session method, which accesses a hash: + # + # session[:person] = Person.authenticate(user_name, password) + # + # And retrieved again through the same hash: + # + # Hello #{session[:person]} + # + # For removing objects from the session, you can either assign a single key to +nil+: + # + # # removes :person from session + # session[:person] = nil + # + # or you can remove the entire session with +reset_session+. + # + # Sessions are stored by default in a browser cookie that's cryptographically signed, but unencrypted. + # This prevents the user from tampering with the session but also allows him to see its contents. + # + # Do not put secret information in cookie-based sessions! + # + # Other options for session storage are: + # + # * ActiveRecord::SessionStore - Sessions are stored in your database, which works better than PStore with multiple app servers and, + # unlike CookieStore, hides your session contents from the user. To use ActiveRecord::SessionStore, set + # + # config.action_controller.session_store = :active_record_store + # + # in your config/environment.rb and run rake db:sessions:create. + # + # * MemCacheStore - Sessions are stored as entries in your memcached cache. + # Set the session store type in config/environment.rb: + # + # config.action_controller.session_store = :mem_cache_store + # + # This assumes that memcached has been installed and configured properly. + # See the MemCacheStore docs for more information. + # + # == Responses + # + # Each action results in a response, which holds the headers and document to be sent to the user's browser. The actual response + # object is generated automatically through the use of renders and redirects and requires no user intervention. + # + # == Renders + # + # Action Controller sends content to the user by using one of five rendering methods. The most versatile and common is the rendering + # of a template. Included in the Action Pack is the Action View, which enables rendering of ERb templates. It's automatically configured. + # The controller passes objects to the view by assigning instance variables: + # + # def show + # @post = Post.find(params[:id]) + # end + # + # Which are then automatically available to the view: + # + # Title: <%= @post.title %> + # + # You don't have to rely on the automated rendering. Especially actions that could result in the rendering of different templates will use + # the manual rendering methods: + # + # def search + # @results = Search.find(params[:query]) + # case @results + # when 0 then render :action => "no_results" + # when 1 then render :action => "show" + # when 2..10 then render :action => "show_many" + # end + # end + # + # Read more about writing ERb and Builder templates in link:classes/ActionView/Base.html. + # + # == Redirects + # + # Redirects are used to move from one action to another. For example, after a create action, which stores a blog entry to a database, + # we might like to show the user the new entry. Because we're following good DRY principles (Don't Repeat Yourself), we're going to reuse (and redirect to) + # a show action that we'll assume has already been created. The code might look like this: + # + # def create + # @entry = Entry.new(params[:entry]) + # if @entry.save + # # The entry was saved correctly, redirect to show + # redirect_to :action => 'show', :id => @entry.id + # else + # # things didn't go so well, do something else + # end + # end + # + # In this case, after saving our new entry to the database, the user is redirected to the show method which is then executed. + # + # == Calling multiple redirects or renders + # + # An action may contain only a single render or a single redirect. Attempting to try to do either again will result in a DoubleRenderError: + # + # def do_something + # redirect_to :action => "elsewhere" + # render :action => "overthere" # raises DoubleRenderError + # end + # + # If you need to redirect on the condition of something, then be sure to add "and return" to halt execution. + # + # def do_something + # redirect_to(:action => "elsewhere") and return if monkeys.nil? + # render :action => "overthere" # won't be called if monkeys is nil + # end + # + class Base + + include StatusCodes + + cattr_reader :protected_instance_variables + # Controller specific instance variables which will not be accessible inside views. + @@protected_instance_variables = %w(@assigns @performed_redirect @performed_render @variables_added @request_origin @url @parent_controller + @action_name @before_filter_chain_aborted @action_cache_path @_session @_headers @_params + @_flash @_response) + + # Prepends all the URL-generating helpers from AssetHelper. This makes it possible to easily move javascripts, stylesheets, + # and images to a dedicated asset server away from the main web server. Example: + # ActionController::Base.asset_host = "http://assets.example.com" + @@asset_host = "" + cattr_accessor :asset_host + + # All requests are considered local by default, so everyone will be exposed to detailed debugging screens on errors. + # When the application is ready to go public, this should be set to false, and the protected method local_request? + # should instead be implemented in the controller to determine when debugging screens should be shown. + @@consider_all_requests_local = true + cattr_accessor :consider_all_requests_local + + # Indicates whether to allow concurrent action processing. Your + # controller actions and any other code they call must also behave well + # when called from concurrent threads. Turned off by default. + @@allow_concurrency = false + cattr_accessor :allow_concurrency + + # Modern REST web services often need to submit complex data to the web application. + # The @@param_parsers hash lets you register handlers which will process the HTTP body and add parameters to the + # params hash. These handlers are invoked for POST and PUT requests. + # + # By default application/xml is enabled. A XmlSimple class with the same param name as the root will be instantiated + # in the params. This allows XML requests to mask themselves as regular form submissions, so you can have one + # action serve both regular forms and web service requests. + # + # Example of doing your own parser for a custom content type: + # + # ActionController::Base.param_parsers[Mime::Type.lookup('application/atom+xml')] = Proc.new do |data| + # node = REXML::Document.new(post) + # { node.root.name => node.root } + # end + # + # Note: Up until release 1.1 of Rails, Action Controller would default to using XmlSimple configured to discard the + # root node for such requests. The new default is to keep the root, such that "David" results + # in params[:r][:name] for "David" instead of params[:name]. To get the old behavior, you can + # re-register XmlSimple as application/xml handler ike this: + # + # ActionController::Base.param_parsers[Mime::XML] = + # Proc.new { |data| XmlSimple.xml_in(data, 'ForceArray' => false) } + # + # A YAML parser is also available and can be turned on with: + # + # ActionController::Base.param_parsers[Mime::YAML] = :yaml + @@param_parsers = { Mime::MULTIPART_FORM => :multipart_form, + Mime::URL_ENCODED_FORM => :url_encoded_form, + Mime::XML => :xml_simple, + Mime::JSON => :json } + cattr_accessor :param_parsers + + # Controls the default charset for all renders. + @@default_charset = "utf-8" + cattr_accessor :default_charset + + # The logger is used for generating information on the action run-time (including benchmarking) if available. + # Can be set to nil for no logging. Compatible with both Ruby's own Logger and Log4r loggers. + cattr_accessor :logger + + # Controls the resource action separator + @@resource_action_separator = "/" + cattr_accessor :resource_action_separator + + # Allow to override path names for default resources' actions + @@resources_path_names = { :new => 'new', :edit => 'edit' } + cattr_accessor :resources_path_names + + # Sets the token parameter name for RequestForgery. Calling +protect_from_forgery+ + # sets it to :authenticity_token by default. + cattr_accessor :request_forgery_protection_token + + # Controls the IP Spoofing check when determining the remote IP. + @@ip_spoofing_check = true + cattr_accessor :ip_spoofing_check + + # Indicates whether or not optimise the generated named + # route helper methods + cattr_accessor :optimise_named_routes + self.optimise_named_routes = true + + # Indicates whether the response format should be determined by examining the Accept HTTP header, + # or by using the simpler params + ajax rules. + # + # If this is set to +true+ (the default) then +respond_to+ and +Request#format+ will take the Accept + # header into account. If it is set to false then the request format will be determined solely + # by examining params[:format]. If params format is missing, the format will be either HTML or + # Javascript depending on whether the request is an AJAX request. + cattr_accessor :use_accept_header + self.use_accept_header = true + + # Controls whether request forgergy protection is turned on or not. Turned off by default only in test mode. + class_inheritable_accessor :allow_forgery_protection + self.allow_forgery_protection = true + + # If you are deploying to a subdirectory, you will need to set + # config.action_controller.relative_url_root + # This defaults to ENV['RAILS_RELATIVE_URL_ROOT'] + cattr_accessor :relative_url_root + self.relative_url_root = ENV['RAILS_RELATIVE_URL_ROOT'] + + # Holds the request object that's primarily used to get environment variables through access like + # request.env["REQUEST_URI"]. + attr_internal :request + + # Holds a hash of all the GET, POST, and Url parameters passed to the action. Accessed like params["post_id"] + # to get the post_id. No type casts are made, so all values are returned as strings. + attr_internal :params + + # Holds the response object that's primarily used to set additional HTTP headers through access like + # response.headers["Cache-Control"] = "no-cache". Can also be used to access the final body HTML after a template + # has been rendered through response.body -- useful for after_filters that wants to manipulate the output, + # such as a OutputCompressionFilter. + attr_internal :response + + # Holds a hash of objects in the session. Accessed like session[:person] to get the object tied to the "person" + # key. The session will hold any type of object as values, but the key should be a string or symbol. + attr_internal :session + + # Holds a hash of header names and values. Accessed like headers["Cache-Control"] to get the value of the Cache-Control + # directive. Values should always be specified as strings. + attr_internal :headers + + # Returns the name of the action this controller is processing. + attr_accessor :action_name + + class << self + def call(env) + # HACK: For global rescue to have access to the original request and response + request = env["action_controller.rescue.request"] ||= Request.new(env) + response = env["action_controller.rescue.response"] ||= Response.new + process(request, response) + end + + # Factory for the standard create, process loop where the controller is discarded after processing. + def process(request, response) #:nodoc: + new.process(request, response) + end + + # Converts the class name from something like "OneModule::TwoModule::NeatController" to "NeatController". + def controller_class_name + @controller_class_name ||= name.demodulize + end + + # Converts the class name from something like "OneModule::TwoModule::NeatController" to "neat". + def controller_name + @controller_name ||= controller_class_name.sub(/Controller$/, '').underscore + end + + # Converts the class name from something like "OneModule::TwoModule::NeatController" to "one_module/two_module/neat". + def controller_path + @controller_path ||= name.gsub(/Controller$/, '').underscore + end + + # Return an array containing the names of public methods that have been marked hidden from the action processor. + # By default, all methods defined in ActionController::Base and included modules are hidden. + # More methods can be hidden using hide_actions. + def hidden_actions + read_inheritable_attribute(:hidden_actions) || write_inheritable_attribute(:hidden_actions, []) + end + + # Hide each of the given methods from being callable as actions. + def hide_action(*names) + write_inheritable_attribute(:hidden_actions, hidden_actions | names.map { |name| name.to_s }) + end + + # View load paths determine the bases from which template references can be made. So a call to + # render("test/template") will be looked up in the view load paths array and the closest match will be + # returned. + def view_paths + if defined? @view_paths + @view_paths + else + superclass.view_paths + end + end + + def view_paths=(value) + @view_paths = ActionView::Base.process_view_paths(value) if value + end + + # Adds a view_path to the front of the view_paths array. + # If the current class has no view paths, copy them from + # the superclass. This change will be visible for all future requests. + # + # ArticleController.prepend_view_path("views/default") + # ArticleController.prepend_view_path(["views/default", "views/custom"]) + # + def prepend_view_path(path) + @view_paths = superclass.view_paths.dup if !defined?(@view_paths) || @view_paths.nil? + @view_paths.unshift(*path) + end + + # Adds a view_path to the end of the view_paths array. + # If the current class has no view paths, copy them from + # the superclass. This change will be visible for all future requests. + # + # ArticleController.append_view_path("views/default") + # ArticleController.append_view_path(["views/default", "views/custom"]) + # + def append_view_path(path) + @view_paths = superclass.view_paths.dup if @view_paths.nil? + @view_paths.push(*path) + end + + # Replace sensitive parameter data from the request log. + # Filters parameters that have any of the arguments as a substring. + # Looks in all subhashes of the param hash for keys to filter. + # If a block is given, each key and value of the parameter hash and all + # subhashes is passed to it, the value or key + # can be replaced using String#replace or similar method. + # + # Examples: + # filter_parameter_logging + # => Does nothing, just slows the logging process down + # + # filter_parameter_logging :password + # => replaces the value to all keys matching /password/i with "[FILTERED]" + # + # filter_parameter_logging :foo, "bar" + # => replaces the value to all keys matching /foo|bar/i with "[FILTERED]" + # + # filter_parameter_logging { |k,v| v.reverse! if k =~ /secret/i } + # => reverses the value to all keys matching /secret/i + # + # filter_parameter_logging(:foo, "bar") { |k,v| v.reverse! if k =~ /secret/i } + # => reverses the value to all keys matching /secret/i, and + # replaces the value to all keys matching /foo|bar/i with "[FILTERED]" + def filter_parameter_logging(*filter_words, &block) + parameter_filter = Regexp.new(filter_words.collect{ |s| s.to_s }.join('|'), true) if filter_words.length > 0 + + define_method(:filter_parameters) do |unfiltered_parameters| + filtered_parameters = {} + + unfiltered_parameters.each do |key, value| + if key =~ parameter_filter + filtered_parameters[key] = '[FILTERED]' + elsif value.is_a?(Hash) + filtered_parameters[key] = filter_parameters(value) + elsif block_given? + key = key.dup + value = value.dup if value + yield key, value + filtered_parameters[key] = value + else + filtered_parameters[key] = value + end + end + + filtered_parameters + end + protected :filter_parameters + end + + delegate :exempt_from_layout, :to => 'ActionView::Template' + end + + public + # Extracts the action_name from the request parameters and performs that action. + def process(request, response, method = :perform_action, *arguments) #:nodoc: + response.request = request + + assign_shortcuts(request, response) + initialize_template_class(response) + initialize_current_url + assign_names + + log_processing + send(method, *arguments) + + send_response + ensure + process_cleanup + end + + def send_response + response.prepare! + response + end + + # Returns a URL that has been rewritten according to the options hash and the defined routes. + # (For doing a complete redirect, use +redirect_to+). + # + # url_for is used to: + # + # All keys given to +url_for+ are forwarded to the Route module, save for the following: + # * :anchor - Specifies the anchor name to be appended to the path. For example, + # url_for :controller => 'posts', :action => 'show', :id => 10, :anchor => 'comments' + # will produce "/posts/show/10#comments". + # * :only_path - If true, returns the relative URL (omitting the protocol, host name, and port) (false by default). + # * :trailing_slash - If true, adds a trailing slash, as in "/archive/2005/". Note that this + # is currently not recommended since it breaks caching. + # * :host - Overrides the default (current) host if provided. + # * :protocol - Overrides the default (current) protocol if provided. + # * :port - Optionally specify the port to connect to. + # * :user - Inline HTTP authentication (only plucked out if :password is also present). + # * :password - Inline HTTP authentication (only plucked out if :user is also present). + # * :skip_relative_url_root - If true, the url is not constructed using the +relative_url_root+ + # of the request so the path will include the web server relative installation directory. + # + # The URL is generated from the remaining keys in the hash. A URL contains two key parts: the and a query string. + # Routes composes a query string as the key/value pairs not included in the . + # + # The default Routes setup supports a typical Rails path of "controller/action/id" where action and id are optional, with + # action defaulting to 'index' when not given. Here are some typical url_for statements and their corresponding URLs: + # + # url_for :controller => 'posts', :action => 'recent' # => 'proto://host.com/posts/recent' + # url_for :controller => 'posts', :action => 'index' # => 'proto://host.com/posts' + # url_for :controller => 'posts', :action => 'index', :port=>'8033' # => 'proto://host.com:8033/posts' + # url_for :controller => 'posts', :action => 'show', :id => 10 # => 'proto://host.com/posts/show/10' + # url_for :controller => 'posts', :user => 'd', :password => '123' # => 'proto://d:123@host.com/posts' + # + # When generating a new URL, missing values may be filled in from the current request's parameters. For example, + # url_for :action => 'some_action' will retain the current controller, as expected. This behavior extends to + # other parameters, including :controller, :id, and any other parameters that are placed into a Route's + # path. + #   + # The URL helpers such as url_for have a limited form of memory: when generating a new URL, they can look for + # missing values in the current request's parameters. Routes attempts to guess when a value should and should not be + # taken from the defaults. There are a few simple rules on how this is performed: + # + # * If the controller name begins with a slash no defaults are used: + # + # url_for :controller => '/home' + # + # In particular, a leading slash ensures no namespace is assumed. Thus, + # while url_for :controller => 'users' may resolve to + # Admin::UsersController if the current controller lives under + # that module, url_for :controller => '/users' ensures you link + # to ::UsersController no matter what. + # * If the controller changes, the action will default to index unless provided + # + # The final rule is applied while the URL is being generated and is best illustrated by an example. Let us consider the + # route given by map.connect 'people/:last/:first/:action', :action => 'bio', :controller => 'people'. + # + # Suppose that the current URL is "people/hh/david/contacts". Let's consider a few different cases of URLs which are generated + # from this page. + # + # * url_for :action => 'bio' -- During the generation of this URL, default values will be used for the first and + # last components, and the action shall change. The generated URL will be, "people/hh/david/bio". + # * url_for :first => 'davids-little-brother' This generates the URL 'people/hh/davids-little-brother' -- note + # that this URL leaves out the assumed action of 'bio'. + # + # However, you might ask why the action from the current request, 'contacts', isn't carried over into the new URL. The + # answer has to do with the order in which the parameters appear in the generated path. In a nutshell, since the + # value that appears in the slot for :first is not equal to default value for :first we stop using + # defaults. On its own, this rule can account for much of the typical Rails URL behavior. + #   + # Although a convenience, defaults can occasionally get in your way. In some cases a default persists longer than desired. + # The default may be cleared by adding :name => nil to url_for's options. + # This is often required when writing form helpers, since the defaults in play may vary greatly depending upon where the + # helper is used from. The following line will redirect to PostController's default action, regardless of the page it is + # displayed on: + # + # url_for :controller => 'posts', :action => nil + # + # If you explicitly want to create a URL that's almost the same as the current URL, you can do so using the + # :overwrite_params options. Say for your posts you have different views for showing and printing them. + # Then, in the show view, you get the URL for the print view like this + # + # url_for :overwrite_params => { :action => 'print' } + # + # This takes the current URL as is and only exchanges the action. In contrast, url_for :action => 'print' + # would have slashed-off the path components after the changed action. + def url_for(options = {}) + options ||= {} + case options + when String + options + when Hash + @url.rewrite(rewrite_options(options)) + else + polymorphic_url(options) + end + end + + # Converts the class name from something like "OneModule::TwoModule::NeatController" to "NeatController". + def controller_class_name + self.class.controller_class_name + end + + # Converts the class name from something like "OneModule::TwoModule::NeatController" to "neat". + def controller_name + self.class.controller_name + end + + # Converts the class name from something like "OneModule::TwoModule::NeatController" to "one_module/two_module/neat". + def controller_path + self.class.controller_path + end + + def session_enabled? + request.session_options && request.session_options[:disabled] != false + end + + self.view_paths = [] + + # View load paths for controller. + def view_paths + @template.view_paths + end + + def view_paths=(value) + @template.view_paths = ActionView::Base.process_view_paths(value) + end + + # Adds a view_path to the front of the view_paths array. + # This change affects the current request only. + # + # self.prepend_view_path("views/default") + # self.prepend_view_path(["views/default", "views/custom"]) + # + def prepend_view_path(path) + @template.view_paths.unshift(*path) + end + + # Adds a view_path to the end of the view_paths array. + # This change affects the current request only. + # + # self.append_view_path("views/default") + # self.append_view_path(["views/default", "views/custom"]) + # + def append_view_path(path) + @template.view_paths.push(*path) + end + + def rewrite_options(options) #:nodoc: + if defaults = default_url_options(options) + defaults.merge(options) + else + options + end + end + + # Overwrite to implement a number of default options that all url_for-based methods will use. The default options should come in + # the form of a hash, just like the one you would use for url_for directly. Example: + # + # def default_url_options(options) + # { :project => @project.active? ? @project.url_name : "unknown" } + # end + # + # As you can infer from the example, this is mostly useful for situations where you want to centralize dynamic decisions about the + # urls as they stem from the business domain. Please note that any individual url_for call can always override the defaults set + # by this method. + def default_url_options(options = nil) + end + + # Sets the etag and/or last_modified on the response and checks it against + # the client request. If the request doesn't match the options provided, the + # request is considered stale and should be generated from scratch. Otherwise, + # it's fresh and we don't need to generate anything and a reply of "304 Not Modified" is sent. + # + # Example: + # + # def show + # @article = Article.find(params[:id]) + # + # if stale?(:etag => @article, :last_modified => @article.created_at.utc) + # @statistics = @article.really_expensive_call + # respond_to do |format| + # # all the supported formats + # end + # end + # end + def stale?(options) + fresh_when(options) + !request.fresh?(response) + end + + # Sets the etag, last_modified, or both on the response and renders a + # "304 Not Modified" response if the request is already fresh. + # + # Example: + # + # def show + # @article = Article.find(params[:id]) + # fresh_when(:etag => @article, :last_modified => @article.created_at.utc) + # end + # + # This will render the show template if the request isn't sending a matching etag or + # If-Modified-Since header and just a "304 Not Modified" response if there's a match. + def fresh_when(options) + options.assert_valid_keys(:etag, :last_modified) + + response.etag = options[:etag] if options[:etag] + response.last_modified = options[:last_modified] if options[:last_modified] + + if request.fresh?(response) + head :not_modified + end + end + + # Sets a HTTP 1.1 Cache-Control header. Defaults to issuing a "private" instruction, so that + # intermediate caches shouldn't cache the response. + # + # Examples: + # expires_in 20.minutes + # expires_in 3.hours, :private => false + # expires in 3.hours, 'max-stale' => 5.hours, :private => nil, :public => true + # + # This method will overwrite an existing Cache-Control header. + # See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html for more possibilities. + def expires_in(seconds, options = {}) #:doc: + cache_options = { 'max-age' => seconds, 'private' => true }.symbolize_keys.merge!(options.symbolize_keys) + cache_options.delete_if { |k,v| v.nil? or v == false } + cache_control = cache_options.map{ |k,v| v == true ? k.to_s : "#{k.to_s}=#{v.to_s}"} + response.headers["Cache-Control"] = cache_control.join(', ') + end + + # Sets a HTTP 1.1 Cache-Control header of "no-cache" so no caching should occur by the browser or + # intermediate caches (like caching proxy servers). + def expires_now #:doc: + response.headers["Cache-Control"] = "no-cache" + end + + # Resets the session by clearing out all the objects stored within and initializing a new session object. + def reset_session #:doc: + request.reset_session + @_session = request.session + end + + private + def _process_options(options) + if content_type = options[:content_type] + response.content_type = content_type.to_s + end + + if location = options[:location] + response.headers["Location"] = url_for(location) + end + + response.status = interpret_status(options[:status] || DEFAULT_RENDER_STATUS_CODE) + end + + def initialize_template_class(response) + @template = response.template = ActionView::Base.new(self.class.view_paths, {}, self, formats) + response.template.helpers.send :include, self.class.master_helper_module + response.redirected_to = nil + @performed_render = @performed_redirect = false + end + + def assign_shortcuts(request, response) + @_request, @_params = request, request.parameters + + @_response = response + @_response.session = request.session + + @_session = @_response.session + + @_headers = @_response.headers + end + + def initialize_current_url + @url = UrlRewriter.new(request, params.clone) + end + + def log_processing + if logger && logger.info? + log_processing_for_request_id + log_processing_for_parameters + end + end + + def log_processing_for_request_id + request_id = "\n\nProcessing #{self.class.name}\##{action_name} " + request_id << "to #{params[:format]} " if params[:format] + request_id << "(for #{request_origin}) [#{request.method.to_s.upcase}]" + + logger.info(request_id) + end + + def log_processing_for_parameters + parameters = respond_to?(:filter_parameters) ? filter_parameters(params) : params.dup + parameters = parameters.except!(:controller, :action, :format, :_method) + + logger.info " Parameters: #{parameters.inspect}" unless parameters.empty? + end + + def default_render #:nodoc: + render + end + + def perform_action + if called = action_methods.include?(action_name) + ret = send(action_name) + elsif called = respond_to?(:method_missing) + ret = method_missing(action_name) + end + + return (performed? ? ret : default_render) if called + + begin + default_render + rescue ActionView::MissingTemplate => e + raise e unless e.path == action_name + # If the path is the same as the action_name, the action is completely missing + raise UnknownAction, "No action responded to #{action_name}. Actions: " + + "#{action_methods.sort.to_sentence}", caller + end + end + + def performed? + @performed_render || @performed_redirect + end + + def assign_names + @action_name = (params['action'] || 'index') + end + + def reset_variables_added_to_assigns + @template.instance_variable_set("@assigns_added", nil) + end + + def request_origin + # this *needs* to be cached! + # otherwise you'd get different results if calling it more than once + @request_origin ||= "#{request.remote_ip} at #{Time.now.to_s(:db)}" + end + + def complete_request_uri + "#{request.protocol}#{request.host}#{request.request_uri}" + end + + def close_session + @_session.close if @_session && @_session.respond_to?(:close) + end + + def default_template(action_name = self.action_name) + self.view_paths.find_template(default_template_name(action_name), default_template_format) + end + + def default_template_name(action_name = self.action_name) + if action_name + action_name = action_name.to_s + if action_name.include?('/') && template_path_includes_controller?(action_name) + action_name = strip_out_controller(action_name) + end + end + "#{controller_path}/#{action_name}" + end + + def strip_out_controller(path) + path.split('/', 2).last + end + + def template_path_includes_controller?(path) + self.controller_path.split('/')[-1] == path.split('/')[0] + end + + def process_cleanup + close_session + end + end + + Base.class_eval do + [ Filters, Layout, Renderer, Redirector, Responder, Benchmarking, Rescue, Flash, MimeResponds, Helpers, + Cookies, Caching, Verification, Streaming, SessionManagement, + HttpAuthentication::Basic::ControllerMethods, RecordIdentifier, + RequestForgeryProtection, Translation + ].each do |mod| + include mod + end + end +end diff --git a/actionpack/lib/action_controller/base/chained/benchmarking.rb b/actionpack/lib/action_controller/base/chained/benchmarking.rb new file mode 100644 index 0000000000..066150f58a --- /dev/null +++ b/actionpack/lib/action_controller/base/chained/benchmarking.rb @@ -0,0 +1,107 @@ +require 'benchmark' + +module ActionController #:nodoc: + # The benchmarking module times the performance of actions and reports to the logger. If the Active Record + # package has been included, a separate timing section for database calls will be added as well. + module Benchmarking #:nodoc: + def self.included(base) + base.extend(ClassMethods) + + base.class_eval do + alias_method_chain :perform_action, :benchmark + alias_method_chain :render, :benchmark + end + end + + module ClassMethods + # Log and benchmark the workings of a single block and silence whatever logging that may have happened inside it + # (unless use_silence is set to false). + # + # The benchmark is only recorded if the current level of the logger matches the log_level, which makes it + # easy to include benchmarking statements in production software that will remain inexpensive because the benchmark + # will only be conducted if the log level is low enough. + def benchmark(title, log_level = Logger::DEBUG, use_silence = true) + if logger && logger.level == log_level + result = nil + ms = Benchmark.ms { result = use_silence ? silence { yield } : yield } + logger.add(log_level, "#{title} (#{('%.1f' % ms)}ms)") + result + else + yield + end + end + + # Silences the logger for the duration of the block. + def silence + old_logger_level, logger.level = logger.level, Logger::ERROR if logger + yield + ensure + logger.level = old_logger_level if logger + end + end + + protected + def render_with_benchmark(options = nil, extra_options = {}, &block) + if logger + if Object.const_defined?("ActiveRecord") && ActiveRecord::Base.connected? + db_runtime = ActiveRecord::Base.connection.reset_runtime + end + + render_output = nil + @view_runtime = Benchmark.ms { render_output = render_without_benchmark(options, extra_options, &block) } + + if Object.const_defined?("ActiveRecord") && ActiveRecord::Base.connected? + @db_rt_before_render = db_runtime + @db_rt_after_render = ActiveRecord::Base.connection.reset_runtime + @view_runtime -= @db_rt_after_render + end + + render_output + else + render_without_benchmark(options, extra_options, &block) + end + end + + private + def perform_action_with_benchmark + if logger && logger.info? + ms = [Benchmark.ms { perform_action_without_benchmark }, 0.01].max + logging_view = defined?(@view_runtime) + logging_active_record = Object.const_defined?("ActiveRecord") && ActiveRecord::Base.connected? + + log_message = 'Completed in %.0fms' % ms + + if logging_view || logging_active_record + log_message << " (" + log_message << view_runtime if logging_view + + if logging_active_record + log_message << ", " if logging_view + log_message << active_record_runtime + ")" + else + ")" + end + end + + log_message << " | #{response.status}" + log_message << " [#{complete_request_uri rescue "unknown"}]" + + logger.info(log_message) + response.headers["X-Runtime"] = "%.0f" % ms + else + perform_action_without_benchmark + end + end + + def view_runtime + "View: %.0f" % @view_runtime + end + + def active_record_runtime + db_runtime = ActiveRecord::Base.connection.reset_runtime + db_runtime += @db_rt_before_render if @db_rt_before_render + db_runtime += @db_rt_after_render if @db_rt_after_render + "DB: %.0f" % db_runtime + end + end +end diff --git a/actionpack/lib/action_controller/base/chained/filters.rb b/actionpack/lib/action_controller/base/chained/filters.rb new file mode 100644 index 0000000000..9022b8b279 --- /dev/null +++ b/actionpack/lib/action_controller/base/chained/filters.rb @@ -0,0 +1,680 @@ +module ActionController #:nodoc: + module Filters #:nodoc: + def self.included(base) + base.class_eval do + extend ClassMethods + include ActionController::Filters::InstanceMethods + end + end + + class FilterChain < ActiveSupport::Callbacks::CallbackChain #:nodoc: + def append_filter_to_chain(filters, filter_type, &block) + pos = find_filter_append_position(filters, filter_type) + update_filter_chain(filters, filter_type, pos, &block) + end + + def prepend_filter_to_chain(filters, filter_type, &block) + pos = find_filter_prepend_position(filters, filter_type) + update_filter_chain(filters, filter_type, pos, &block) + end + + def create_filters(filters, filter_type, &block) + filters, conditions = extract_options(filters, &block) + filters.map! { |filter| find_or_create_filter(filter, filter_type, conditions) } + filters + end + + def skip_filter_in_chain(*filters, &test) + filters, conditions = extract_options(filters) + filters.each do |filter| + if callback = find(filter) then delete(callback) end + end if conditions.empty? + update_filter_in_chain(filters, :skip => conditions, &test) + end + + private + def update_filter_chain(filters, filter_type, pos, &block) + new_filters = create_filters(filters, filter_type, &block) + insert(pos, new_filters).flatten! + end + + def find_filter_append_position(filters, filter_type) + # appending an after filter puts it at the end of the call chain + # before and around filters go before the first after filter in the chain + unless filter_type == :after + each_with_index do |f,i| + return i if f.after? + end + end + return -1 + end + + def find_filter_prepend_position(filters, filter_type) + # prepending a before or around filter puts it at the front of the call chain + # after filters go before the first after filter in the chain + if filter_type == :after + each_with_index do |f,i| + return i if f.after? + end + return -1 + end + return 0 + end + + def find_or_create_filter(filter, filter_type, options = {}) + update_filter_in_chain([filter], options) + + if found_filter = find(filter) { |f| f.type == filter_type } + found_filter + else + filter_kind = case + when filter.respond_to?(:before) && filter_type == :before + :before + when filter.respond_to?(:after) && filter_type == :after + :after + else + :filter + end + + case filter_type + when :before + BeforeFilter.new(filter_kind, filter, options) + when :after + AfterFilter.new(filter_kind, filter, options) + else + AroundFilter.new(filter_kind, filter, options) + end + end + end + + def update_filter_in_chain(filters, options, &test) + filters.map! { |f| block_given? ? find(f, &test) : find(f) } + filters.compact! + + map! do |filter| + if filters.include?(filter) + new_filter = filter.dup + new_filter.update_options!(options) + new_filter + else + filter + end + end + end + end + + class Filter < ActiveSupport::Callbacks::Callback #:nodoc: + def initialize(kind, method, options = {}) + super + update_options! options + end + + # override these to return true in appropriate subclass + def before? + false + end + + def after? + false + end + + def around? + false + end + + # Make sets of strings from :only/:except options + def update_options!(other) + if other + convert_only_and_except_options_to_sets_of_strings(other) + if other[:skip] + convert_only_and_except_options_to_sets_of_strings(other[:skip]) + end + end + + options.update(other) + end + + private + def should_not_skip?(controller) + if options[:skip] + !included_in_action?(controller, options[:skip]) + else + true + end + end + + def included_in_action?(controller, options) + if options[:only] + options[:only].include?(controller.action_name) + elsif options[:except] + !options[:except].include?(controller.action_name) + else + true + end + end + + def should_run_callback?(controller) + should_not_skip?(controller) && included_in_action?(controller, options) && super + end + + def convert_only_and_except_options_to_sets_of_strings(opts) + [:only, :except].each do |key| + if values = opts[key] + opts[key] = Array(values).map(&:to_s).to_set + end + end + end + end + + class AroundFilter < Filter #:nodoc: + def type + :around + end + + def around? + true + end + + def call(controller, &block) + if should_run_callback?(controller) + method = filter_responds_to_before_and_after? ? around_proc : self.method + + # For around_filter do |controller, action| + if method.is_a?(Proc) && method.arity == 2 + evaluate_method(method, controller, block) + else + evaluate_method(method, controller, &block) + end + else + block.call + end + end + + private + def filter_responds_to_before_and_after? + method.respond_to?(:before) && method.respond_to?(:after) + end + + def around_proc + Proc.new do |controller, action| + method.before(controller) + + if controller.__send__(:performed?) + controller.__send__(:halt_filter_chain, method, :rendered_or_redirected) + else + begin + action.call + ensure + method.after(controller) + end + end + end + end + end + + class BeforeFilter < Filter #:nodoc: + def type + :before + end + + def before? + true + end + + def call(controller, &block) + super + if controller.__send__(:performed?) + controller.__send__(:halt_filter_chain, method, :rendered_or_redirected) + end + end + end + + class AfterFilter < Filter #:nodoc: + def type + :after + end + + def after? + true + end + end + + # Filters enable controllers to run shared pre- and post-processing code for its actions. These filters can be used to do + # authentication, caching, or auditing before the intended action is performed. Or to do localization or output + # compression after the action has been performed. Filters have access to the request, response, and all the instance + # variables set by other filters in the chain or by the action (in the case of after filters). + # + # == Filter inheritance + # + # Controller inheritance hierarchies share filters downwards, but subclasses can also add or skip filters without + # affecting the superclass. For example: + # + # class BankController < ActionController::Base + # before_filter :audit + # + # private + # def audit + # # record the action and parameters in an audit log + # end + # end + # + # class VaultController < BankController + # before_filter :verify_credentials + # + # private + # def verify_credentials + # # make sure the user is allowed into the vault + # end + # end + # + # Now any actions performed on the BankController will have the audit method called before. On the VaultController, + # first the audit method is called, then the verify_credentials method. If the audit method renders or redirects, then + # verify_credentials and the intended action are never called. + # + # == Filter types + # + # A filter can take one of three forms: method reference (symbol), external class, or inline method (proc). The first + # is the most common and works by referencing a protected or private method somewhere in the inheritance hierarchy of + # the controller by use of a symbol. In the bank example above, both BankController and VaultController use this form. + # + # Using an external class makes for more easily reused generic filters, such as output compression. External filter classes + # are implemented by having a static +filter+ method on any class and then passing this class to the filter method. Example: + # + # class OutputCompressionFilter + # def self.filter(controller) + # controller.response.body = compress(controller.response.body) + # end + # end + # + # class NewspaperController < ActionController::Base + # after_filter OutputCompressionFilter + # end + # + # The filter method is passed the controller instance and is hence granted access to all aspects of the controller and can + # manipulate them as it sees fit. + # + # The inline method (using a proc) can be used to quickly do something small that doesn't require a lot of explanation. + # Or just as a quick test. It works like this: + # + # class WeblogController < ActionController::Base + # before_filter { |controller| head(400) if controller.params["stop_action"] } + # end + # + # As you can see, the block expects to be passed the controller after it has assigned the request to the internal variables. + # This means that the block has access to both the request and response objects complete with convenience methods for params, + # session, template, and assigns. Note: The inline method doesn't strictly have to be a block; any object that responds to call + # and returns 1 or -1 on arity will do (such as a Proc or an Method object). + # + # Please note that around_filters function a little differently than the normal before and after filters with regard to filter + # types. Please see the section dedicated to around_filters below. + # + # == Filter chain ordering + # + # Using before_filter and after_filter appends the specified filters to the existing chain. That's usually + # just fine, but some times you care more about the order in which the filters are executed. When that's the case, you + # can use prepend_before_filter and prepend_after_filter. Filters added by these methods will be put at the + # beginning of their respective chain and executed before the rest. For example: + # + # class ShoppingController < ActionController::Base + # before_filter :verify_open_shop + # + # class CheckoutController < ShoppingController + # prepend_before_filter :ensure_items_in_cart, :ensure_items_in_stock + # + # The filter chain for the CheckoutController is now :ensure_items_in_cart, :ensure_items_in_stock, + # :verify_open_shop. So if either of the ensure filters renders or redirects, we'll never get around to see if the shop + # is open or not. + # + # You may pass multiple filter arguments of each type as well as a filter block. + # If a block is given, it is treated as the last argument. + # + # == Around filters + # + # Around filters wrap an action, executing code both before and after. + # They may be declared as method references, blocks, or objects responding + # to +filter+ or to both +before+ and +after+. + # + # To use a method as an +around_filter+, pass a symbol naming the Ruby method. + # Yield (or block.call) within the method to run the action. + # + # around_filter :catch_exceptions + # + # private + # def catch_exceptions + # yield + # rescue => exception + # logger.debug "Caught exception! #{exception}" + # raise + # end + # + # To use a block as an +around_filter+, pass a block taking as args both + # the controller and the action block. You can't call yield directly from + # an +around_filter+ block; explicitly call the action block instead: + # + # around_filter do |controller, action| + # logger.debug "before #{controller.action_name}" + # action.call + # logger.debug "after #{controller.action_name}" + # end + # + # To use a filter object with +around_filter+, pass an object responding + # to :filter or both :before and :after. With a + # filter method, yield to the block as above: + # + # around_filter BenchmarkingFilter + # + # class BenchmarkingFilter + # def self.filter(controller, &block) + # Benchmark.measure(&block) + # end + # end + # + # With +before+ and +after+ methods: + # + # around_filter Authorizer.new + # + # class Authorizer + # # This will run before the action. Redirecting aborts the action. + # def before(controller) + # unless user.authorized? + # redirect_to(login_url) + # end + # end + # + # # This will run after the action if and only if before did not render or redirect. + # def after(controller) + # end + # end + # + # If the filter has +before+ and +after+ methods, the +before+ method will be + # called before the action. If +before+ renders or redirects, the filter chain is + # halted and +after+ will not be run. See Filter Chain Halting below for + # an example. + # + # == Filter chain skipping + # + # Declaring a filter on a base class conveniently applies to its subclasses, + # but sometimes a subclass should skip some of its superclass' filters: + # + # class ApplicationController < ActionController::Base + # before_filter :authenticate + # around_filter :catch_exceptions + # end + # + # class WeblogController < ApplicationController + # # Will run the :authenticate and :catch_exceptions filters. + # end + # + # class SignupController < ApplicationController + # # Skip :authenticate, run :catch_exceptions. + # skip_before_filter :authenticate + # end + # + # class ProjectsController < ApplicationController + # # Skip :catch_exceptions, run :authenticate. + # skip_filter :catch_exceptions + # end + # + # class ClientsController < ApplicationController + # # Skip :catch_exceptions and :authenticate unless action is index. + # skip_filter :catch_exceptions, :authenticate, :except => :index + # end + # + # == Filter conditions + # + # Filters may be limited to specific actions by declaring the actions to + # include or exclude. Both options accept single actions + # (:only => :index) or arrays of actions + # (:except => [:foo, :bar]). + # + # class Journal < ActionController::Base + # # Require authentication for edit and delete. + # before_filter :authorize, :only => [:edit, :delete] + # + # # Passing options to a filter with a block. + # around_filter(:except => :index) do |controller, action_block| + # results = Profiler.run(&action_block) + # controller.response.sub! "", "#{results}" + # end + # + # private + # def authorize + # # Redirect to login unless authenticated. + # end + # end + # + # == Filter Chain Halting + # + # before_filter and around_filter may halt the request + # before a controller action is run. This is useful, for example, to deny + # access to unauthenticated users or to redirect from HTTP to HTTPS. + # Simply call render or redirect. After filters will not be executed if the filter + # chain is halted. + # + # Around filters halt the request unless the action block is called. + # Given these filters + # after_filter :after + # around_filter :around + # before_filter :before + # + # The filter chain will look like: + # + # ... + # . \ + # . #around (code before yield) + # . . \ + # . . #before (actual filter code is run) + # . . . \ + # . . . execute controller action + # . . . / + # . . ... + # . . / + # . #around (code after yield) + # . / + # #after (actual filter code is run, unless the around filter does not yield) + # + # If +around+ returns before yielding, +after+ will still not be run. The +before+ + # filter and controller action will not be run. If +before+ renders or redirects, + # the second half of +around+ and will still run but +after+ and the + # action will not. If +around+ fails to yield, +after+ will not be run. + module ClassMethods + # The passed filters will be appended to the filter_chain and + # will execute before the action on this controller is performed. + def append_before_filter(*filters, &block) + filter_chain.append_filter_to_chain(filters, :before, &block) + end + + # The passed filters will be prepended to the filter_chain and + # will execute before the action on this controller is performed. + def prepend_before_filter(*filters, &block) + filter_chain.prepend_filter_to_chain(filters, :before, &block) + end + + # Shorthand for append_before_filter since it's the most common. + alias :before_filter :append_before_filter + + # The passed filters will be appended to the array of filters + # that run _after_ actions on this controller are performed. + def append_after_filter(*filters, &block) + filter_chain.append_filter_to_chain(filters, :after, &block) + end + + # The passed filters will be prepended to the array of filters + # that run _after_ actions on this controller are performed. + def prepend_after_filter(*filters, &block) + filter_chain.prepend_filter_to_chain(filters, :after, &block) + end + + # Shorthand for append_after_filter since it's the most common. + alias :after_filter :append_after_filter + + # If you append_around_filter A.new, B.new, the filter chain looks like + # + # B#before + # A#before + # # run the action + # A#after + # B#after + # + # With around filters which yield to the action block, +before+ and +after+ + # are the code before and after the yield. + def append_around_filter(*filters, &block) + filter_chain.append_filter_to_chain(filters, :around, &block) + end + + # If you prepend_around_filter A.new, B.new, the filter chain looks like: + # + # A#before + # B#before + # # run the action + # B#after + # A#after + # + # With around filters which yield to the action block, +before+ and +after+ + # are the code before and after the yield. + def prepend_around_filter(*filters, &block) + filter_chain.prepend_filter_to_chain(filters, :around, &block) + end + + # Shorthand for +append_around_filter+ since it's the most common. + alias :around_filter :append_around_filter + + # Removes the specified filters from the +before+ filter chain. Note that this only works for skipping method-reference + # filters, not procs. This is especially useful for managing the chain in inheritance hierarchies where only one out + # of many sub-controllers need a different hierarchy. + # + # You can control the actions to skip the filter for with the :only and :except options, + # just like when you apply the filters. + def skip_before_filter(*filters) + filter_chain.skip_filter_in_chain(*filters, &:before?) + end + + # Removes the specified filters from the +after+ filter chain. Note that this only works for skipping method-reference + # filters, not procs. This is especially useful for managing the chain in inheritance hierarchies where only one out + # of many sub-controllers need a different hierarchy. + # + # You can control the actions to skip the filter for with the :only and :except options, + # just like when you apply the filters. + def skip_after_filter(*filters) + filter_chain.skip_filter_in_chain(*filters, &:after?) + end + + # Removes the specified filters from the filter chain. This only works for method reference (symbol) + # filters, not procs. This method is different from skip_after_filter and skip_before_filter in that + # it will match any before, after or yielding around filter. + # + # You can control the actions to skip the filter for with the :only and :except options, + # just like when you apply the filters. + def skip_filter(*filters) + filter_chain.skip_filter_in_chain(*filters) + end + + # Returns an array of Filter objects for this controller. + def filter_chain + if chain = read_inheritable_attribute('filter_chain') + return chain + else + write_inheritable_attribute('filter_chain', FilterChain.new) + return filter_chain + end + end + + # Returns all the before filters for this class and all its ancestors. + # This method returns the actual filter that was assigned in the controller to maintain existing functionality. + def before_filters #:nodoc: + filter_chain.select(&:before?).map(&:method) + end + + # Returns all the after filters for this class and all its ancestors. + # This method returns the actual filter that was assigned in the controller to maintain existing functionality. + def after_filters #:nodoc: + filter_chain.select(&:after?).map(&:method) + end + end + + module InstanceMethods # :nodoc: + def self.included(base) + base.class_eval do + alias_method_chain :perform_action, :filters + alias_method_chain :process, :filters + end + end + + protected + def process_with_filters(request, response, method = :perform_action, *arguments) #:nodoc: + @before_filter_chain_aborted = false + process_without_filters(request, response, method, *arguments) + end + + def perform_action_with_filters + call_filters(self.class.filter_chain, 0, 0) + end + + private + def call_filters(chain, index, nesting) + index = run_before_filters(chain, index, nesting) + aborted = @before_filter_chain_aborted + perform_action_without_filters unless performed? || aborted + return index if nesting != 0 || aborted + run_after_filters(chain, index) + end + + def run_before_filters(chain, index, nesting) + while chain[index] + filter, index = chain[index], index + break unless filter # end of call chain reached + + case filter + when BeforeFilter + filter.call(self) # invoke before filter + index = index.next + break if @before_filter_chain_aborted + when AroundFilter + yielded = false + + filter.call(self) do + yielded = true + # all remaining before and around filters will be run in this call + index = call_filters(chain, index.next, nesting.next) + end + + halt_filter_chain(filter, :did_not_yield) unless yielded + + break + else + break # no before or around filters left + end + end + + index + end + + def run_after_filters(chain, index) + seen_after_filter = false + + while chain[index] + filter, index = chain[index], index + break unless filter # end of call chain reached + + case filter + when AfterFilter + seen_after_filter = true + filter.call(self) # invoke after filter + else + # implementation error or someone has mucked with the filter chain + raise ActionControllerError, "filter #{filter.inspect} was in the wrong place!" if seen_after_filter + end + + index = index.next + end + + index.next + end + + def halt_filter_chain(filter, reason) + @before_filter_chain_aborted = true + logger.info "Filter chain halted as [#{filter.inspect}] #{reason}." if logger + end + end + end +end diff --git a/actionpack/lib/action_controller/base/chained/flash.rb b/actionpack/lib/action_controller/base/chained/flash.rb new file mode 100644 index 0000000000..56ee9c67e2 --- /dev/null +++ b/actionpack/lib/action_controller/base/chained/flash.rb @@ -0,0 +1,163 @@ +module ActionController #:nodoc: + # The flash provides a way to pass temporary objects between actions. Anything you place in the flash will be exposed + # to the very next action and then cleared out. This is a great way of doing notices and alerts, such as a create + # action that sets flash[:notice] = "Successfully created" before redirecting to a display action that can + # then expose the flash to its template. Actually, that exposure is automatically done. Example: + # + # class PostsController < ActionController::Base + # def create + # # save post + # flash[:notice] = "Successfully created post" + # redirect_to posts_path(@post) + # end + # + # def show + # # doesn't need to assign the flash notice to the template, that's done automatically + # end + # end + # + # show.html.erb + # <% if flash[:notice] %> + #
<%= flash[:notice] %>
+ # <% end %> + # + # This example just places a string in the flash, but you can put any object in there. And of course, you can put as + # many as you like at a time too. Just remember: They'll be gone by the time the next action has been performed. + # + # See docs on the FlashHash class for more details about the flash. + module Flash + def self.included(base) + base.class_eval do + include InstanceMethods + alias_method_chain :perform_action, :flash + alias_method_chain :reset_session, :flash + end + end + + class FlashNow #:nodoc: + def initialize(flash) + @flash = flash + end + + def []=(k, v) + @flash[k] = v + @flash.discard(k) + v + end + + def [](k) + @flash[k] + end + end + + class FlashHash < Hash + def initialize #:nodoc: + super + @used = {} + end + + def []=(k, v) #:nodoc: + keep(k) + super + end + + def update(h) #:nodoc: + h.keys.each { |k| keep(k) } + super + end + + alias :merge! :update + + def replace(h) #:nodoc: + @used = {} + super + end + + # Sets a flash that will not be available to the next action, only to the current. + # + # flash.now[:message] = "Hello current action" + # + # This method enables you to use the flash as a central messaging system in your app. + # When you need to pass an object to the next action, you use the standard flash assign ([]=). + # When you need to pass an object to the current action, you use now, and your object will + # vanish when the current action is done. + # + # Entries set via now are accessed the same way as standard entries: flash['my-key']. + def now + FlashNow.new(self) + end + + # Keeps either the entire current flash or a specific flash entry available for the next action: + # + # flash.keep # keeps the entire flash + # flash.keep(:notice) # keeps only the "notice" entry, the rest of the flash is discarded + def keep(k = nil) + use(k, false) + end + + # Marks the entire flash or a single flash entry to be discarded by the end of the current action: + # + # flash.discard # discard the entire flash at the end of the current action + # flash.discard(:warning) # discard only the "warning" entry at the end of the current action + def discard(k = nil) + use(k) + end + + # Mark for removal entries that were kept, and delete unkept ones. + # + # This method is called automatically by filters, so you generally don't need to care about it. + def sweep #:nodoc: + keys.each do |k| + unless @used[k] + use(k) + else + delete(k) + @used.delete(k) + end + end + + # clean up after keys that could have been left over by calling reject! or shift on the flash + (@used.keys - keys).each{ |k| @used.delete(k) } + end + + private + # Used internally by the keep and discard methods + # use() # marks the entire flash as used + # use('msg') # marks the "msg" entry as used + # use(nil, false) # marks the entire flash as unused (keeps it around for one more action) + # use('msg', false) # marks the "msg" entry as unused (keeps it around for one more action) + def use(k=nil, v=true) + unless k.nil? + @used[k] = v + else + keys.each{ |key| use(key, v) } + end + end + end + + module InstanceMethods #:nodoc: + protected + def perform_action_with_flash + perform_action_without_flash + remove_instance_variable(:@_flash) if defined? @_flash + end + + def reset_session_with_flash + reset_session_without_flash + remove_instance_variable(:@_flash) if defined? @_flash + end + + # Access the contents of the flash. Use flash["notice"] to + # read a notice you put there or flash["notice"] = "hello" + # to put a new one. + def flash #:doc: + unless defined? @_flash + @_flash = session["flash"] ||= FlashHash.new + @_flash.sweep + end + + @_flash + end + end + end +end diff --git a/actionpack/lib/action_controller/base/cookies.rb b/actionpack/lib/action_controller/base/cookies.rb new file mode 100644 index 0000000000..840ceb5abd --- /dev/null +++ b/actionpack/lib/action_controller/base/cookies.rb @@ -0,0 +1,94 @@ +module ActionController #:nodoc: + # Cookies are read and written through ActionController#cookies. + # + # The cookies being read are the ones received along with the request, the cookies + # being written will be sent out with the response. Reading a cookie does not get + # the cookie object itself back, just the value it holds. + # + # Examples for writing: + # + # # Sets a simple session cookie. + # cookies[:user_name] = "david" + # + # # Sets a cookie that expires in 1 hour. + # cookies[:login] = { :value => "XJ-122", :expires => 1.hour.from_now } + # + # Examples for reading: + # + # cookies[:user_name] # => "david" + # cookies.size # => 2 + # + # Example for deleting: + # + # cookies.delete :user_name + # + # Please note that if you specify a :domain when setting a cookie, you must also specify the domain when deleting the cookie: + # + # cookies[:key] = { + # :value => 'a yummy cookie', + # :expires => 1.year.from_now, + # :domain => 'domain.com' + # } + # + # cookies.delete(:key, :domain => 'domain.com') + # + # The option symbols for setting cookies are: + # + # * :value - The cookie's value or list of values (as an array). + # * :path - The path for which this cookie applies. Defaults to the root + # of the application. + # * :domain - The domain for which this cookie applies. + # * :expires - The time at which this cookie expires, as a Time object. + # * :secure - Whether this cookie is a only transmitted to HTTPS servers. + # Default is +false+. + # * :http_only - Whether this cookie is accessible via scripting or + # only HTTP. Defaults to +false+. + module Cookies + def self.included(base) + base.helper_method :cookies + end + + protected + # Returns the cookie container, which operates as described above. + def cookies + CookieJar.new(self) + end + end + + class CookieJar < Hash #:nodoc: + def initialize(controller) + @controller, @cookies = controller, controller.request.cookies + super() + update(@cookies) + end + + # Returns the value of the cookie by +name+, or +nil+ if no such cookie exists. + def [](name) + super(name.to_s) + end + + # Sets the cookie named +name+. The second argument may be the very cookie + # value, or a hash of options as documented above. + def []=(key, options) + if options.is_a?(Hash) + options.symbolize_keys! + else + options = { :value => options } + end + + options[:path] = "/" unless options.has_key?(:path) + super(key.to_s, options[:value]) + @controller.response.set_cookie(key, options) + end + + # Removes the cookie on the client machine by setting the value to an empty string + # and setting its expiration date into the past. Like []=, you can pass in + # an options hash to delete cookies with extra data such as a :path. + def delete(key, options = {}) + options.symbolize_keys! + options[:path] = "/" unless options.has_key?(:path) + super(key.to_s) + @controller.response.delete_cookie(key, options) + end + end +end diff --git a/actionpack/lib/action_controller/base/headers.rb b/actionpack/lib/action_controller/base/headers.rb new file mode 100644 index 0000000000..139669c66f --- /dev/null +++ b/actionpack/lib/action_controller/base/headers.rb @@ -0,0 +1,33 @@ +require 'active_support/memoizable' + +module ActionController + module Http + class Headers < ::Hash + extend ActiveSupport::Memoizable + + def initialize(*args) + if args.size == 1 && args[0].is_a?(Hash) + super() + update(args[0]) + else + super + end + end + + def [](header_name) + if include?(header_name) + super + else + super(env_name(header_name)) + end + end + + private + # Converts a HTTP header name to an environment variable name. + def env_name(header_name) + "HTTP_#{header_name.upcase.gsub(/-/, '_')}" + end + memoize :env_name + end + end +end diff --git a/actionpack/lib/action_controller/base/helpers.rb b/actionpack/lib/action_controller/base/helpers.rb new file mode 100644 index 0000000000..ba65032f6a --- /dev/null +++ b/actionpack/lib/action_controller/base/helpers.rb @@ -0,0 +1,225 @@ +require 'active_support/dependencies' + +# FIXME: helper { ... } is broken on Ruby 1.9 +module ActionController #:nodoc: + module Helpers #:nodoc: + def self.included(base) + # Initialize the base module to aggregate its helpers. + base.class_inheritable_accessor :master_helper_module + base.master_helper_module = Module.new + + # Set the default directory for helpers + base.class_inheritable_accessor :helpers_dir + base.helpers_dir = (defined?(RAILS_ROOT) ? "#{RAILS_ROOT}/app/helpers" : "app/helpers") + + # Extend base with class methods to declare helpers. + base.extend(ClassMethods) + + base.class_eval do + # Wrap inherited to create a new master helper module for subclasses. + class << self + alias_method_chain :inherited, :helper + end + end + end + + # The Rails framework provides a large number of helpers for working with +assets+, +dates+, +forms+, + # +numbers+ and Active Record objects, to name a few. These helpers are available to all templates + # by default. + # + # In addition to using the standard template helpers provided in the Rails framework, creating custom helpers to + # extract complicated logic or reusable functionality is strongly encouraged. By default, the controller will + # include a helper whose name matches that of the controller, e.g., MyController will automatically + # include MyHelper. + # + # Additional helpers can be specified using the +helper+ class method in ActionController::Base or any + # controller which inherits from it. + # + # ==== Examples + # The +to_s+ method from the Time class can be wrapped in a helper method to display a custom message if + # the Time object is blank: + # + # module FormattedTimeHelper + # def format_time(time, format=:long, blank_message=" ") + # time.blank? ? blank_message : time.to_s(format) + # end + # end + # + # FormattedTimeHelper can now be included in a controller, using the +helper+ class method: + # + # class EventsController < ActionController::Base + # helper FormattedTimeHelper + # def index + # @events = Event.find(:all) + # end + # end + # + # Then, in any view rendered by EventController, the format_time method can be called: + # + # <% @events.each do |event| -%> + #

+ # <% format_time(event.time, :short, "N/A") %> | <%= event.name %> + #

+ # <% end -%> + # + # Finally, assuming we have two event instances, one which has a time and one which does not, + # the output might look like this: + # + # 23 Aug 11:30 | Carolina Railhawks Soccer Match + # N/A | Carolina Railhaws Training Workshop + # + module ClassMethods + # Makes all the (instance) methods in the helper module available to templates rendered through this controller. + # See ActionView::Helpers (link:classes/ActionView/Helpers.html) for more about making your own helper modules + # available to the templates. + def add_template_helper(helper_module) #:nodoc: + master_helper_module.module_eval { include helper_module } + end + + # The +helper+ class method can take a series of helper module names, a block, or both. + # + # * *args: One or more modules, strings or symbols, or the special symbol :all. + # * &block: A block defining helper methods. + # + # ==== Examples + # When the argument is a string or symbol, the method will provide the "_helper" suffix, require the file + # and include the module in the template class. The second form illustrates how to include custom helpers + # when working with namespaced controllers, or other cases where the file containing the helper definition is not + # in one of Rails' standard load paths: + # helper :foo # => requires 'foo_helper' and includes FooHelper + # helper 'resources/foo' # => requires 'resources/foo_helper' and includes Resources::FooHelper + # + # When the argument is a module it will be included directly in the template class. + # helper FooHelper # => includes FooHelper + # + # When the argument is the symbol :all, the controller will include all helpers beneath + # ActionController::Base.helpers_dir (defaults to app/helpers/**/*.rb under RAILS_ROOT). + # helper :all + # + # Additionally, the +helper+ class method can receive and evaluate a block, making the methods defined available + # to the template. + # # One line + # helper { def hello() "Hello, world!" end } + # # Multi-line + # helper do + # def foo(bar) + # "#{bar} is the very best" + # end + # end + # + # Finally, all the above styles can be mixed together, and the +helper+ method can be invoked with a mix of + # +symbols+, +strings+, +modules+ and blocks. + # helper(:three, BlindHelper) { def mice() 'mice' end } + # + def helper(*args, &block) + args.flatten.each do |arg| + case arg + when Module + add_template_helper(arg) + when :all + helper(all_application_helpers) + when String, Symbol + file_name = arg.to_s.underscore + '_helper' + class_name = file_name.camelize + + begin + require_dependency(file_name) + rescue LoadError => load_error + requiree = / -- (.*?)(\.rb)?$/.match(load_error.message).to_a[1] + if requiree == file_name + msg = "Missing helper file helpers/#{file_name}.rb" + raise LoadError.new(msg).copy_blame!(load_error) + else + raise + end + end + + add_template_helper(class_name.constantize) + else + raise ArgumentError, "helper expects String, Symbol, or Module argument (was: #{args.inspect})" + end + end + + # Evaluate block in template class if given. + master_helper_module.module_eval(&block) if block_given? + end + + # Declare a controller method as a helper. For example, the following + # makes the +current_user+ controller method available to the view: + # class ApplicationController < ActionController::Base + # helper_method :current_user, :logged_in? + # + # def current_user + # @current_user ||= User.find_by_id(session[:user]) + # end + # + # def logged_in? + # current_user != nil + # end + # end + # + # In a view: + # <% if logged_in? -%>Welcome, <%= current_user.name %><% end -%> + def helper_method(*methods) + methods.flatten.each do |method| + master_helper_module.module_eval <<-end_eval + def #{method}(*args, &block) # def current_user(*args, &block) + controller.send(%(#{method}), *args, &block) # controller.send(%(current_user), *args, &block) + end # end + end_eval + end + end + + # Declares helper accessors for controller attributes. For example, the + # following adds new +name+ and name= instance methods to a + # controller and makes them available to the view: + # helper_attr :name + # attr_accessor :name + def helper_attr(*attrs) + attrs.flatten.each { |attr| helper_method(attr, "#{attr}=") } + end + + # Provides a proxy to access helpers methods from outside the view. + def helpers + unless @helper_proxy + @helper_proxy = ActionView::Base.new + @helper_proxy.extend master_helper_module + else + @helper_proxy + end + end + + private + def default_helper_module! + unless name.blank? + module_name = name.sub(/Controller$|$/, 'Helper') + module_path = module_name.split('::').map { |m| m.underscore }.join('/') + require_dependency module_path + helper module_name.constantize + end + rescue MissingSourceFile => e + raise unless e.is_missing? module_path + rescue NameError => e + raise unless e.missing_name? module_name + end + + def inherited_with_helper(child) + inherited_without_helper(child) + + begin + child.master_helper_module = Module.new + child.master_helper_module.__send__ :include, master_helper_module + child.__send__ :default_helper_module! + rescue MissingSourceFile => e + raise unless e.is_missing?("helpers/#{child.controller_path}_helper") + end + end + + # Extract helper names from files in app/helpers/**/*.rb + def all_application_helpers + extract = /^#{Regexp.quote(helpers_dir)}\/?(.*)_helper.rb$/ + Dir["#{helpers_dir}/**/*_helper.rb"].map { |file| file.sub extract, '\1' } + end + end + end +end diff --git a/actionpack/lib/action_controller/base/http_authentication.rb b/actionpack/lib/action_controller/base/http_authentication.rb new file mode 100644 index 0000000000..2ed810db7d --- /dev/null +++ b/actionpack/lib/action_controller/base/http_authentication.rb @@ -0,0 +1,124 @@ +module ActionController + module HttpAuthentication + # Makes it dead easy to do HTTP Basic authentication. + # + # Simple Basic example: + # + # class PostsController < ApplicationController + # USER_NAME, PASSWORD = "dhh", "secret" + # + # before_filter :authenticate, :except => [ :index ] + # + # def index + # render :text => "Everyone can see me!" + # end + # + # def edit + # render :text => "I'm only accessible if you know the password" + # end + # + # private + # def authenticate + # authenticate_or_request_with_http_basic do |user_name, password| + # user_name == USER_NAME && password == PASSWORD + # end + # end + # end + # + # + # Here is a more advanced Basic example where only Atom feeds and the XML API is protected by HTTP authentication, + # the regular HTML interface is protected by a session approach: + # + # class ApplicationController < ActionController::Base + # before_filter :set_account, :authenticate + # + # protected + # def set_account + # @account = Account.find_by_url_name(request.subdomains.first) + # end + # + # def authenticate + # case request.format + # when Mime::XML, Mime::ATOM + # if user = authenticate_with_http_basic { |u, p| @account.users.authenticate(u, p) } + # @current_user = user + # else + # request_http_basic_authentication + # end + # else + # if session_authenticated? + # @current_user = @account.users.find(session[:authenticated][:user_id]) + # else + # redirect_to(login_url) and return false + # end + # end + # end + # end + # + # + # In your integration tests, you can do something like this: + # + # def test_access_granted_from_xml + # get( + # "/notes/1.xml", nil, + # :authorization => ActionController::HttpAuthentication::Basic.encode_credentials(users(:dhh).name, users(:dhh).password) + # ) + # + # assert_equal 200, status + # end + # + # + # On shared hosts, Apache sometimes doesn't pass authentication headers to + # FCGI instances. If your environment matches this description and you cannot + # authenticate, try this rule in your Apache setup: + # + # RewriteRule ^(.*)$ dispatch.fcgi [E=X-HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L] + module Basic + extend self + + module ControllerMethods + def authenticate_or_request_with_http_basic(realm = "Application", &login_procedure) + authenticate_with_http_basic(&login_procedure) || request_http_basic_authentication(realm) + end + + def authenticate_with_http_basic(&login_procedure) + HttpAuthentication::Basic.authenticate(self, &login_procedure) + end + + def request_http_basic_authentication(realm = "Application") + HttpAuthentication::Basic.authentication_request(self, realm) + end + end + + def authenticate(controller, &login_procedure) + unless authorization(controller.request).blank? + login_procedure.call(*user_name_and_password(controller.request)) + end + end + + def user_name_and_password(request) + decode_credentials(request).split(/:/, 2) + end + + def authorization(request) + request.env['HTTP_AUTHORIZATION'] || + request.env['X-HTTP_AUTHORIZATION'] || + request.env['X_HTTP_AUTHORIZATION'] || + request.env['REDIRECT_X_HTTP_AUTHORIZATION'] + end + + def decode_credentials(request) + ActiveSupport::Base64.decode64(authorization(request).split.last || '') + end + + def encode_credentials(user_name, password) + "Basic #{ActiveSupport::Base64.encode64("#{user_name}:#{password}")}" + end + + def authentication_request(controller, realm) + controller.headers["WWW-Authenticate"] = %(Basic realm="#{realm.gsub(/"/, "")}") + controller.__send__ :render, :text => "HTTP Basic: Access denied.\n", :status => :unauthorized + end + end + end +end diff --git a/actionpack/lib/action_controller/base/layout.rb b/actionpack/lib/action_controller/base/layout.rb new file mode 100644 index 0000000000..926ae26f92 --- /dev/null +++ b/actionpack/lib/action_controller/base/layout.rb @@ -0,0 +1,244 @@ +module ActionController #:nodoc: + module Layout #:nodoc: + def self.included(base) + base.extend(ClassMethods) + base.class_inheritable_accessor :layout_name, :layout_conditions + end + + # Layouts reverse the common pattern of including shared headers and footers in many templates to isolate changes in + # repeated setups. The inclusion pattern has pages that look like this: + # + # <%= render "shared/header" %> + # Hello World + # <%= render "shared/footer" %> + # + # This approach is a decent way of keeping common structures isolated from the changing content, but it's verbose + # and if you ever want to change the structure of these two includes, you'll have to change all the templates. + # + # With layouts, you can flip it around and have the common structure know where to insert changing content. This means + # that the header and footer are only mentioned in one place, like this: + # + # // The header part of this layout + # <%= yield %> + # // The footer part of this layout + # + # And then you have content pages that look like this: + # + # hello world + # + # At rendering time, the content page is computed and then inserted in the layout, like this: + # + # // The header part of this layout + # hello world + # // The footer part of this layout + # + # NOTE: The old notation for rendering the view from a layout was to expose the magic @content_for_layout instance + # variable. The preferred notation now is to use yield, as documented above. + # + # == Accessing shared variables + # + # Layouts have access to variables specified in the content pages and vice versa. This allows you to have layouts with + # references that won't materialize before rendering time: + # + #

<%= @page_title %>

+ # <%= yield %> + # + # ...and content pages that fulfill these references _at_ rendering time: + # + # <% @page_title = "Welcome" %> + # Off-world colonies offers you a chance to start a new life + # + # The result after rendering is: + # + #

Welcome

+ # Off-world colonies offers you a chance to start a new life + # + # == Automatic layout assignment + # + # If there is a template in app/views/layouts/ with the same name as the current controller then it will be automatically + # set as that controller's layout unless explicitly told otherwise. Say you have a WeblogController, for example. If a template named + # app/views/layouts/weblog.erb or app/views/layouts/weblog.builder exists then it will be automatically set as + # the layout for your WeblogController. You can create a layout with the name application.erb or application.builder + # and this will be set as the default controller if there is no layout with the same name as the current controller and there is + # no layout explicitly assigned with the +layout+ method. Nested controllers use the same folder structure for automatic layout. + # assignment. So an Admin::WeblogController will look for a template named app/views/layouts/admin/weblog.erb. + # Setting a layout explicitly will always override the automatic behaviour for the controller where the layout is set. + # Explicitly setting the layout in a parent class, though, will not override the child class's layout assignment if the child + # class has a layout with the same name. + # + # == Inheritance for layouts + # + # Layouts are shared downwards in the inheritance hierarchy, but not upwards. Examples: + # + # class BankController < ActionController::Base + # layout "bank_standard" + # + # class InformationController < BankController + # + # class VaultController < BankController + # layout :access_level_layout + # + # class EmployeeController < BankController + # layout nil + # + # The InformationController uses "bank_standard" inherited from the BankController, the VaultController overwrites + # and picks the layout dynamically, and the EmployeeController doesn't want to use a layout at all. + # + # == Types of layouts + # + # Layouts are basically just regular templates, but the name of this template needs not be specified statically. Sometimes + # you want to alternate layouts depending on runtime information, such as whether someone is logged in or not. This can + # be done either by specifying a method reference as a symbol or using an inline method (as a proc). + # + # The method reference is the preferred approach to variable layouts and is used like this: + # + # class WeblogController < ActionController::Base + # layout :writers_and_readers + # + # def index + # # fetching posts + # end + # + # private + # def writers_and_readers + # logged_in? ? "writer_layout" : "reader_layout" + # end + # + # Now when a new request for the index action is processed, the layout will vary depending on whether the person accessing + # is logged in or not. + # + # If you want to use an inline method, such as a proc, do something like this: + # + # class WeblogController < ActionController::Base + # layout proc{ |controller| controller.logged_in? ? "writer_layout" : "reader_layout" } + # + # Of course, the most common way of specifying a layout is still just as a plain template name: + # + # class WeblogController < ActionController::Base + # layout "weblog_standard" + # + # If no directory is specified for the template name, the template will by default be looked for in app/views/layouts/. + # Otherwise, it will be looked up relative to the template root. + # + # == Conditional layouts + # + # If you have a layout that by default is applied to all the actions of a controller, you still have the option of rendering + # a given action or set of actions without a layout, or restricting a layout to only a single action or a set of actions. The + # :only and :except options can be passed to the layout call. For example: + # + # class WeblogController < ActionController::Base + # layout "weblog_standard", :except => :rss + # + # # ... + # + # end + # + # This will assign "weblog_standard" as the WeblogController's layout except for the +rss+ action, which will not wrap a layout + # around the rendered view. + # + # Both the :only and :except condition can accept an arbitrary number of method references, so + # #:except => [ :rss, :text_only ] is valid, as is :except => :rss. + # + # == Using a different layout in the action render call + # + # If most of your actions use the same layout, it makes perfect sense to define a controller-wide layout as described above. + # Sometimes you'll have exceptions where one action wants to use a different layout than the rest of the controller. + # You can do this by passing a :layout option to the render call. For example: + # + # class WeblogController < ActionController::Base + # layout "weblog_standard" + # + # def help + # render :action => "help", :layout => "help" + # end + # end + # + # This will render the help action with the "help" layout instead of the controller-wide "weblog_standard" layout. + module ClassMethods + extend ActiveSupport::Memoizable + + # If a layout is specified, all rendered actions will have their result rendered + # when the layout yields. This layout can itself depend on instance variables assigned during action + # performance and have access to them as any normal template would. + def layout(template_name, conditions = {}, auto = false) + add_layout_conditions(conditions) + self.layout_name = template_name + end + + def memoized_default_layout(formats) #:nodoc: + self.layout_name || begin + layout = default_layout_name + layout.is_a?(String) ? find_layout(layout, formats) : layout + rescue ActionView::MissingTemplate + end + end + + def default_layout(*args) + (@_memoized_default_layout ||= ::ActiveSupport::ConcurrentHash.new)[args] ||= memoized_default_layout(*args) + end + + def memoized_find_layout(layout, formats) #:nodoc: + return layout if layout.nil? || layout.respond_to?(:render) + prefix = layout.to_s =~ /layouts\// ? nil : "layouts" + view_paths.find_by_parts(layout.to_s, formats, prefix) + end + + def find_layout(*args) + (@_memoized_find_layout ||= ::ActiveSupport::ConcurrentHash.new)[args] ||= memoized_find_layout(*args) + end + + def layout_list #:nodoc: + Array(view_paths).sum([]) { |path| Dir["#{path}/layouts/**/*"] } + end + memoize :layout_list + + def default_layout_name + layout_match = name.underscore.sub(/_controller$/, '') + if layout_list.grep(%r{layouts/#{layout_match}(\.[a-z][0-9a-z]*)+$}).empty? + superclass.default_layout_name if superclass.respond_to?(:default_layout_name) + else + layout_match + end + end + memoize :default_layout_name + + private + def add_layout_conditions(conditions) + # :except => :foo == :except => [:foo] == :except => "foo" == :except => ["foo"] + conditions.each {|k, v| conditions[k] = Array(v).map {|a| a.to_s} } + write_inheritable_hash(:layout_conditions, conditions) + end + end + + def active_layout(name) + name = self.class.default_layout(formats) if name == true + + layout_name = case name + when Symbol then __send__(name) + when Proc then name.call(self) + else name + end + + self.class.find_layout(layout_name, formats) + end + + def _pick_layout(layout_name, implicit = false) + return unless layout_name || implicit + layout_name = true if layout_name.nil? + active_layout(layout_name) if action_has_layout? && layout_name + end + + private + def action_has_layout? + if conditions = self.class.layout_conditions + if only = conditions[:only] + return only.include?(action_name) + elsif except = conditions[:except] + return !except.include?(action_name) + end + end + true + end + + end +end diff --git a/actionpack/lib/action_controller/base/redirect.rb b/actionpack/lib/action_controller/base/redirect.rb new file mode 100644 index 0000000000..83af793978 --- /dev/null +++ b/actionpack/lib/action_controller/base/redirect.rb @@ -0,0 +1,91 @@ +module ActionController + class RedirectBackError < ActionControllerError #:nodoc: + DEFAULT_MESSAGE = 'No HTTP_REFERER was set in the request to this action, so redirect_to :back could not be called successfully. If this is a test, make sure to specify request.env["HTTP_REFERER"].' + + def initialize(message = nil) + super(message || DEFAULT_MESSAGE) + end + end + + module Redirector + + # Redirects the browser to the target specified in +options+. This parameter can take one of three forms: + # + # * Hash - The URL will be generated by calling url_for with the +options+. + # * Record - The URL will be generated by calling url_for with the +options+, which will reference a named URL for that record. + # * String starting with protocol:// (like http://) - Is passed straight through as the target for redirection. + # * String not containing a protocol - The current protocol and host is prepended to the string. + # * :back - Back to the page that issued the request. Useful for forms that are triggered from multiple places. + # Short-hand for redirect_to(request.env["HTTP_REFERER"]) + # + # Examples: + # redirect_to :action => "show", :id => 5 + # redirect_to post + # redirect_to "http://www.rubyonrails.org" + # redirect_to "/images/screenshot.jpg" + # redirect_to articles_url + # redirect_to :back + # + # The redirection happens as a "302 Moved" header unless otherwise specified. + # + # Examples: + # redirect_to post_url(@post), :status=>:found + # redirect_to :action=>'atom', :status=>:moved_permanently + # redirect_to post_url(@post), :status=>301 + # redirect_to :action=>'atom', :status=>302 + # + # When using redirect_to :back, if there is no referrer, + # RedirectBackError will be raised. You may specify some fallback + # behavior for this case by rescuing RedirectBackError. + def redirect_to(options = {}, response_status = {}) #:doc: + raise ActionControllerError.new("Cannot redirect to nil!") if options.nil? + + if options.is_a?(Hash) && options[:status] + status = options.delete(:status) + elsif response_status[:status] + status = response_status[:status] + else + status = 302 + end + + response.redirected_to = options + logger.info("Redirected to #{options}") if logger && logger.info? + + case options + # The scheme name consist of a letter followed by any combination of + # letters, digits, and the plus ("+"), period ("."), or hyphen ("-") + # characters; and is terminated by a colon (":"). + when %r{^\w[\w\d+.-]*:.*} + redirect_to_full_url(options, status) + when String + redirect_to_full_url(request.protocol + request.host_with_port + options, status) + when :back + if referer = request.headers["Referer"] + redirect_to(referer, :status=>status) + else + raise RedirectBackError + end + else + redirect_to_full_url(url_for(options), status) + end + end + + def redirect_to_full_url(url, status) + raise DoubleRenderError if performed? + response.redirect(url, interpret_status(status)) + @performed_redirect = true + end + + # Clears the redirected results from the headers, resets the status to 200 and returns + # the URL that was used to redirect or nil if there was no redirected URL + # Note that +redirect_to+ will change the body of the response to indicate a redirection. + # The response body is not reset here, see +erase_render_results+ + def erase_redirect_results #:nodoc: + @performed_redirect = false + response.redirected_to = nil + response.redirected_to_method_params = nil + response.status = DEFAULT_RENDER_STATUS_CODE + response.headers.delete('Location') + end + end +end \ No newline at end of file diff --git a/actionpack/lib/action_controller/base/render.rb b/actionpack/lib/action_controller/base/render.rb new file mode 100644 index 0000000000..abba059969 --- /dev/null +++ b/actionpack/lib/action_controller/base/render.rb @@ -0,0 +1,378 @@ +module ActionController + DEFAULT_RENDER_STATUS_CODE = "200 OK" + + class DoubleRenderError < ActionControllerError #:nodoc: + DEFAULT_MESSAGE = "Render and/or redirect were called multiple times in this action. Please note that you may only call render OR redirect, and at most once per action. Also note that neither redirect nor render terminate execution of the action, so if you want to exit an action after redirecting, you need to do something like \"redirect_to(...) and return\"." + + def initialize(message = nil) + super(message || DEFAULT_MESSAGE) + end + end + + module Renderer + + protected + # Renders the content that will be returned to the browser as the response body. + # + # === Rendering an action + # + # Action rendering is the most common form and the type used automatically by Action Controller when nothing else is + # specified. By default, actions are rendered within the current layout (if one exists). + # + # # Renders the template for the action "goal" within the current controller + # render :action => "goal" + # + # # Renders the template for the action "short_goal" within the current controller, + # # but without the current active layout + # render :action => "short_goal", :layout => false + # + # # Renders the template for the action "long_goal" within the current controller, + # # but with a custom layout + # render :action => "long_goal", :layout => "spectacular" + # + # === Rendering partials + # + # Partial rendering in a controller is most commonly used together with Ajax calls that only update one or a few elements on a page + # without reloading. Rendering of partials from the controller makes it possible to use the same partial template in + # both the full-page rendering (by calling it from within the template) and when sub-page updates happen (from the + # controller action responding to Ajax calls). By default, the current layout is not used. + # + # # Renders the same partial with a local variable. + # render :partial => "person", :locals => { :name => "david" } + # + # # Renders the partial, making @new_person available through + # # the local variable 'person' + # render :partial => "person", :object => @new_person + # + # # Renders a collection of the same partial by making each element + # # of @winners available through the local variable "person" as it + # # builds the complete response. + # render :partial => "person", :collection => @winners + # + # # Renders a collection of partials but with a custom local variable name + # render :partial => "admin_person", :collection => @winners, :as => :person + # + # # Renders the same collection of partials, but also renders the + # # person_divider partial between each person partial. + # render :partial => "person", :collection => @winners, :spacer_template => "person_divider" + # + # # Renders a collection of partials located in a view subfolder + # # outside of our current controller. In this example we will be + # # rendering app/views/shared/_note.r(html|xml) Inside the partial + # # each element of @new_notes is available as the local var "note". + # render :partial => "shared/note", :collection => @new_notes + # + # # Renders the partial with a status code of 500 (internal error). + # render :partial => "broken", :status => 500 + # + # Note that the partial filename must also be a valid Ruby variable name, + # so e.g. 2005 and register-user are invalid. + # + # + # == Automatic etagging + # + # Rendering will automatically insert the etag header on 200 OK responses. The etag is calculated using MD5 of the + # response body. If a request comes in that has a matching etag, the response will be changed to a 304 Not Modified + # and the response body will be set to an empty string. No etag header will be inserted if it's already set. + # + # === Rendering a template + # + # Template rendering works just like action rendering except that it takes a path relative to the template root. + # The current layout is automatically applied. + # + # # Renders the template located in [TEMPLATE_ROOT]/weblog/show.r(html|xml) (in Rails, app/views/weblog/show.erb) + # render :template => "weblog/show" + # + # # Renders the template with a local variable + # render :template => "weblog/show", :locals => {:customer => Customer.new} + # + # === Rendering a file + # + # File rendering works just like action rendering except that it takes a filesystem path. By default, the path + # is assumed to be absolute, and the current layout is not applied. + # + # # Renders the template located at the absolute filesystem path + # render :file => "/path/to/some/template.erb" + # render :file => "c:/path/to/some/template.erb" + # + # # Renders a template within the current layout, and with a 404 status code + # render :file => "/path/to/some/template.erb", :layout => true, :status => 404 + # render :file => "c:/path/to/some/template.erb", :layout => true, :status => 404 + # + # === Rendering text + # + # Rendering of text is usually used for tests or for rendering prepared content, such as a cache. By default, text + # rendering is not done within the active layout. + # + # # Renders the clear text "hello world" with status code 200 + # render :text => "hello world!" + # + # # Renders the clear text "Explosion!" with status code 500 + # render :text => "Explosion!", :status => 500 + # + # # Renders the clear text "Hi there!" within the current active layout (if one exists) + # render :text => "Hi there!", :layout => true + # + # # Renders the clear text "Hi there!" within the layout + # # placed in "app/views/layouts/special.r(html|xml)" + # render :text => "Hi there!", :layout => "special" + # + # The :text option can also accept a Proc object, which can be used to manually control the page generation. This should + # generally be avoided, as it violates the separation between code and content, and because almost everything that can be + # done with this method can also be done more cleanly using one of the other rendering methods, most notably templates. + # + # # Renders "Hello from code!" + # render :text => proc { |response, output| output.write("Hello from code!") } + # + # === Rendering XML + # + # Rendering XML sets the content type to application/xml. + # + # # Renders 'David' + # render :xml => {:name => "David"}.to_xml + # + # It's not necessary to call to_xml on the object you want to render, since render will + # automatically do that for you: + # + # # Also renders 'David' + # render :xml => {:name => "David"} + # + # === Rendering JSON + # + # Rendering JSON sets the content type to application/json and optionally wraps the JSON in a callback. It is expected + # that the response will be parsed (or eval'd) for use as a data structure. + # + # # Renders '{"name": "David"}' + # render :json => {:name => "David"}.to_json + # + # It's not necessary to call to_json on the object you want to render, since render will + # automatically do that for you: + # + # # Also renders '{"name": "David"}' + # render :json => {:name => "David"} + # + # Sometimes the result isn't handled directly by a script (such as when the request comes from a SCRIPT tag), + # so the :callback option is provided for these cases. + # + # # Renders 'show({"name": "David"})' + # render :json => {:name => "David"}.to_json, :callback => 'show' + # + # === Rendering an inline template + # + # Rendering of an inline template works as a cross between text and action rendering where the source for the template + # is supplied inline, like text, but its interpreted with ERb or Builder, like action. By default, ERb is used for rendering + # and the current layout is not used. + # + # # Renders "hello, hello, hello, again" + # render :inline => "<%= 'hello, ' * 3 + 'again' %>" + # + # # Renders "

Good seeing you!

" using Builder + # render :inline => "xml.p { 'Good seeing you!' }", :type => :builder + # + # # Renders "hello david" + # render :inline => "<%= 'hello ' + name %>", :locals => { :name => "david" } + # + # === Rendering inline JavaScriptGenerator page updates + # + # In addition to rendering JavaScriptGenerator page updates with Ajax in RJS templates (see ActionView::Base for details), + # you can also pass the :update parameter to +render+, along with a block, to render page updates inline. + # + # render :update do |page| + # page.replace_html 'user_list', :partial => 'user', :collection => @users + # page.visual_effect :highlight, 'user_list' + # end + # + # === Rendering vanilla JavaScript + # + # In addition to using RJS with render :update, you can also just render vanilla JavaScript with :js. + # + # # Renders "alert('hello')" and sets the mime type to text/javascript + # render :js => "alert('hello')" + # + # === Rendering with status and location headers + # All renders take the :status and :location options and turn them into headers. They can even be used together: + # + # render :xml => post.to_xml, :status => :created, :location => post_url(post) + def render(options = nil, extra_options = {}, &block) #:doc: + raise DoubleRenderError, "Can only render or redirect once per action" if performed? + + options = { :layout => true } if options.nil? + original, options = options, extra_options unless options.is_a?(Hash) + + layout_name = options.delete(:layout) + + _process_options(options) + + if block_given? + @template.send(:_evaluate_assigns_and_ivars) + + generator = ActionView::Helpers::PrototypeHelper::JavaScriptGenerator.new(@template, &block) + response.content_type = Mime::JS + return render_for_text(generator.to_s) + end + + if original + return render_for_name(original, layout_name, options) unless block_given? + end + + if options.key?(:text) + return render_for_text(@template._render_text(options[:text], + _pick_layout(layout_name), options)) + end + + file, template = options.values_at(:file, :template) + if file || template + file = template.sub(/^\//, '') if template + return render_for_file(file, [layout_name, !!template], options) + end + + if action_option = options[:action] + return render_for_action(action_option, [layout_name, true], options) + end + + if inline = options[:inline] + render_for_text(@template._render_inline(inline, _pick_layout(layout_name), options)) + + elsif xml = options[:xml] + response.content_type ||= Mime::XML + render_for_text(xml.respond_to?(:to_xml) ? xml.to_xml : xml) + + elsif js = options[:js] + response.content_type ||= Mime::JS + render_for_text(js) + + elsif json = options[:json] + json = json.to_json unless json.is_a?(String) + json = "#{options[:callback]}(#{json})" unless options[:callback].blank? + response.content_type ||= Mime::JSON + render_for_text(json) + + elsif partial = options[:partial] + if partial == true + parts = [action_name_base, formats, controller_name, true] + elsif partial.is_a?(String) + parts = partial_parts(partial, options) + else + return render_for_text(@template._render_partial(options)) + end + + render_for_parts(parts, layout_name, options) + + elsif options[:nothing] + render_for_text(nil) + + else + render_for_parts([action_name, formats, controller_path], layout_name, options) + end + end + + def partial_parts(name, options) + segments = name.split("/") + parts = segments.pop.split(".") + + case parts.size + when 1 + parts + when 2, 3 + extension = parts.delete_at(1).to_sym + if formats.include?(extension) + self.formats.replace [extension] + end + parts.pop if parts.size == 2 + end + + path = parts.join(".") + prefix = segments[0..-1].join("/") + prefix = prefix.blank? ? controller_path : prefix + parts = [path, formats, prefix] + parts.push options[:object] || true + end + + def formats + @_request.formats.map {|f| f.symbol }.compact + end + + def action_name_base(name = action_name) + (name.is_a?(String) ? name.sub(/^#{controller_path}\//, '') : name).to_s + end + + # Renders according to the same rules as render, but returns the result in a string instead + # of sending it as the response body to the browser. + def render_to_string(options = nil, &block) #:doc: + render(options, &block) + ensure + response.content_type = nil + erase_render_results + reset_variables_added_to_assigns + end + + # Clears the rendered results, allowing for another render to be performed. + def erase_render_results #:nodoc: + response.body = nil + @performed_render = false + end + + # Erase both render and redirect results + def erase_results #:nodoc: + erase_render_results + erase_redirect_results + end + + # Return a response that has no content (merely headers). The options + # argument is interpreted to be a hash of header names and values. + # This allows you to easily return a response that consists only of + # significant headers: + # + # head :created, :location => person_path(@person) + # + # It can also be used to return exceptional conditions: + # + # return head(:method_not_allowed) unless request.post? + # return head(:bad_request) unless valid_request? + # render + def head(*args) + if args.length > 2 + raise ArgumentError, "too many arguments to head" + elsif args.empty? + raise ArgumentError, "too few arguments to head" + end + options = args.extract_options! + status = interpret_status(args.shift || options.delete(:status) || :ok) + + options.each do |key, value| + headers[key.to_s.dasherize.split(/-/).map { |v| v.capitalize }.join("-")] = value.to_s + end + + render :nothing => true, :status => status + end + + private + def render_for_name(name, layout, options) + case name.to_s.index('/') + when 0 + render_for_file(name, layout, options) + when nil + render_for_action(name, layout, options) + else + render_for_file(name.sub(/^\//, ''), [layout, true], options) + end + end + + def render_for_parts(parts, layout, options = {}) + tmp = view_paths.find_by_parts(*parts) + layout = _pick_layout(*layout) unless tmp.exempt_from_layout? + + render_for_text( + @template._render_template_with_layout(tmp, layout, options, parts[3])) + end + + def render_for_file(file, layout, options) + render_for_parts([file, [request.format.to_sym]], layout, options) + end + + def render_for_action(name, layout, options) + parts = [action_name_base(name), formats, controller_name] + render_for_parts(parts, layout, options) + end + end +end \ No newline at end of file diff --git a/actionpack/lib/action_controller/base/request_forgery_protection.rb b/actionpack/lib/action_controller/base/request_forgery_protection.rb new file mode 100644 index 0000000000..f3e6288c26 --- /dev/null +++ b/actionpack/lib/action_controller/base/request_forgery_protection.rb @@ -0,0 +1,108 @@ +module ActionController #:nodoc: + class InvalidAuthenticityToken < ActionControllerError #:nodoc: + end + + module RequestForgeryProtection + def self.included(base) + base.class_eval do + helper_method :form_authenticity_token + helper_method :protect_against_forgery? + end + base.extend(ClassMethods) + end + + # Protecting controller actions from CSRF attacks by ensuring that all forms are coming from the current web application, not a + # forged link from another site, is done by embedding a token based on a random string stored in the session (which an attacker wouldn't know) in all + # forms and Ajax requests generated by Rails and then verifying the authenticity of that token in the controller. Only + # HTML/JavaScript requests are checked, so this will not protect your XML API (presumably you'll have a different authentication + # scheme there anyway). Also, GET requests are not protected as these should be idempotent anyway. + # + # This is turned on with the protect_from_forgery method, which will check the token and raise an + # ActionController::InvalidAuthenticityToken if it doesn't match what was expected. You can customize the error message in + # production by editing public/422.html. A call to this method in ApplicationController is generated by default in post-Rails 2.0 + # applications. + # + # The token parameter is named authenticity_token by default. If you are generating an HTML form manually (without the + # use of Rails' form_for, form_tag or other helpers), you have to include a hidden field named like that and + # set its value to what is returned by form_authenticity_token. Same applies to manually constructed Ajax requests. To + # make the token available through a global variable to scripts on a certain page, you could add something like this to a view: + # + # <%= javascript_tag "window._token = '#{form_authenticity_token}'" %> + # + # Request forgery protection is disabled by default in test environment. If you are upgrading from Rails 1.x, add this to + # config/environments/test.rb: + # + # # Disable request forgery protection in test environment + # config.action_controller.allow_forgery_protection = false + # + # == Learn more about CSRF (Cross-Site Request Forgery) attacks + # + # Here are some resources: + # * http://isc.sans.org/diary.html?storyid=1750 + # * http://en.wikipedia.org/wiki/Cross-site_request_forgery + # + # Keep in mind, this is NOT a silver-bullet, plug 'n' play, warm security blanket for your rails application. + # There are a few guidelines you should follow: + # + # * Keep your GET requests safe and idempotent. More reading material: + # * http://www.xml.com/pub/a/2002/04/24/deviant.html + # * http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.1.1 + # * Make sure the session cookies that Rails creates are non-persistent. Check in Firefox and look for "Expires: at end of session" + # + module ClassMethods + # Turn on request forgery protection. Bear in mind that only non-GET, HTML/JavaScript requests are checked. + # + # Example: + # + # class FooController < ApplicationController + # protect_from_forgery :except => :index + # + # # you can disable csrf protection on controller-by-controller basis: + # skip_before_filter :verify_authenticity_token + # end + # + # Valid Options: + # + # * :only/:except - Passed to the before_filter call. Set which actions are verified. + def protect_from_forgery(options = {}) + self.request_forgery_protection_token ||= :authenticity_token + before_filter :verify_authenticity_token, :only => options.delete(:only), :except => options.delete(:except) + if options[:secret] || options[:digest] + ActiveSupport::Deprecation.warn("protect_from_forgery only takes :only and :except options now. :digest and :secret have no effect", caller) + end + end + end + + protected + # The actual before_filter that is used. Modify this to change how you handle unverified requests. + def verify_authenticity_token + verified_request? || raise(ActionController::InvalidAuthenticityToken) + end + + # Returns true or false if a request is verified. Checks: + # + # * is the format restricted? By default, only HTML and AJAX requests are checked. + # * is it a GET request? Gets should be safe and idempotent + # * Does the form_authenticity_token match the given token value from the params? + def verified_request? + !protect_against_forgery? || + request.method == :get || + !verifiable_request_format? || + form_authenticity_token == params[request_forgery_protection_token] + end + + def verifiable_request_format? + !request.content_type.nil? && request.content_type.verify_request? + end + + # Sets the token value for the current session. Pass a :secret option + # in +protect_from_forgery+ to add a custom salt to the hash. + def form_authenticity_token + session[:_csrf_token] ||= ActiveSupport::SecureRandom.base64(32) + end + + def protect_against_forgery? + allow_forgery_protection && request_forgery_protection_token + end + end +end diff --git a/actionpack/lib/action_controller/base/responder.rb b/actionpack/lib/action_controller/base/responder.rb new file mode 100644 index 0000000000..f83abb5a4b --- /dev/null +++ b/actionpack/lib/action_controller/base/responder.rb @@ -0,0 +1,41 @@ +module ActionController + module Responder + def self.included(klass) + klass.extend ClassMethods + end + + private + def render_for_text(text = nil, append_response = false) #:nodoc: + @performed_render = true + + if append_response + response.body ||= '' + response.body << text.to_s + else + response.body = case text + when Proc then text + when nil then " " # Safari doesn't pass the headers of the return if the response is zero length + else text.to_s + end + end + end + + def action_methods + self.class.action_methods + end + + module ClassMethods + def action_methods + @action_methods ||= + # All public instance methods of this class, including ancestors + public_instance_methods(true).map { |m| m.to_s }.to_set - + # Except for public instance methods of Base and its ancestors + Base.public_instance_methods(true).map { |m| m.to_s } + + # Be sure to include shadowed public instance methods of this class + public_instance_methods(false).map { |m| m.to_s } - + # And always exclude explicitly hidden actions + hidden_actions + end + end + end +end \ No newline at end of file diff --git a/actionpack/lib/action_controller/base/streaming.rb b/actionpack/lib/action_controller/base/streaming.rb new file mode 100644 index 0000000000..e1786913a7 --- /dev/null +++ b/actionpack/lib/action_controller/base/streaming.rb @@ -0,0 +1,171 @@ +module ActionController #:nodoc: + # Methods for sending files and streams to the browser instead of rendering. + module Streaming + DEFAULT_SEND_FILE_OPTIONS = { + :type => 'application/octet-stream'.freeze, + :disposition => 'attachment'.freeze, + :stream => true, + :buffer_size => 4096, + :x_sendfile => false + }.freeze + + X_SENDFILE_HEADER = 'X-Sendfile'.freeze + + protected + # Sends the file, by default streaming it 4096 bytes at a time. This way the + # whole file doesn't need to be read into memory at once. This makes it + # feasible to send even large files. You can optionally turn off streaming + # and send the whole file at once. + # + # Be careful to sanitize the path parameter if it is coming from a web + # page. send_file(params[:path]) allows a malicious user to + # download any file on your server. + # + # Options: + # * :filename - suggests a filename for the browser to use. + # Defaults to File.basename(path). + # * :type - specifies an HTTP content type. Defaults to 'application/octet-stream'. You can specify + # either a string or a symbol for a registered type register with Mime::Type.register, for example :json + # * :length - used to manually override the length (in bytes) of the content that + # is going to be sent to the client. Defaults to File.size(path). + # * :disposition - specifies whether the file will be shown inline or downloaded. + # Valid values are 'inline' and 'attachment' (default). + # * :stream - whether to send the file to the user agent as it is read (+true+) + # or to read the entire file before sending (+false+). Defaults to +true+. + # * :buffer_size - specifies size (in bytes) of the buffer used to stream the file. + # Defaults to 4096. + # * :status - specifies the status code to send with the response. Defaults to '200 OK'. + # * :url_based_filename - set to +true+ if you want the browser guess the filename from + # the URL, which is necessary for i18n filenames on certain browsers + # (setting :filename overrides this option). + # * :x_sendfile - uses X-Sendfile to send the file when set to +true+. This is currently + # only available with Lighttpd/Apache2 and specific modules installed and activated. Since this + # uses the web server to send the file, this may lower memory consumption on your server and + # it will not block your application for further requests. + # See http://blog.lighttpd.net/articles/2006/07/02/x-sendfile and + # http://tn123.ath.cx/mod_xsendfile/ for details. Defaults to +false+. + # + # The default Content-Type and Content-Disposition headers are + # set to download arbitrary binary files in as many browsers as + # possible. IE versions 4, 5, 5.5, and 6 are all known to have + # a variety of quirks (especially when downloading over SSL). + # + # Simple download: + # + # send_file '/path/to.zip' + # + # Show a JPEG in the browser: + # + # send_file '/path/to.jpeg', :type => 'image/jpeg', :disposition => 'inline' + # + # Show a 404 page in the browser: + # + # send_file '/path/to/404.html', :type => 'text/html; charset=utf-8', :status => 404 + # + # Read about the other Content-* HTTP headers if you'd like to + # provide the user with more information (such as Content-Description) in + # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11. + # + # Also be aware that the document may be cached by proxies and browsers. + # The Pragma and Cache-Control headers declare how the file may be cached + # by intermediaries. They default to require clients to validate with + # the server before releasing cached responses. See + # http://www.mnot.net/cache_docs/ for an overview of web caching and + # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9 + # for the Cache-Control header spec. + def send_file(path, options = {}) #:doc: + raise MissingFile, "Cannot read file #{path}" unless File.file?(path) and File.readable?(path) + + options[:length] ||= File.size(path) + options[:filename] ||= File.basename(path) unless options[:url_based_filename] + send_file_headers! options + + @performed_render = false + + if options[:x_sendfile] + logger.info "Sending #{X_SENDFILE_HEADER} header #{path}" if logger + head options[:status], X_SENDFILE_HEADER => path + else + if options[:stream] + render :status => options[:status], :text => Proc.new { |response, output| + logger.info "Streaming file #{path}" unless logger.nil? + len = options[:buffer_size] || 4096 + File.open(path, 'rb') do |file| + while buf = file.read(len) + output.write(buf) + end + end + } + else + logger.info "Sending file #{path}" unless logger.nil? + File.open(path, 'rb') { |file| render :status => options[:status], :text => file.read } + end + end + end + + # Send binary data to the user as a file download. May set content type, apparent file name, + # and specify whether to show data inline or download as an attachment. + # + # Options: + # * :filename - suggests a filename for the browser to use. + # * :type - specifies an HTTP content type. Defaults to 'application/octet-stream'. You can specify + # either a string or a symbol for a registered type register with Mime::Type.register, for example :json + # * :disposition - specifies whether the file will be shown inline or downloaded. + # Valid values are 'inline' and 'attachment' (default). + # * :status - specifies the status code to send with the response. Defaults to '200 OK'. + # + # Generic data download: + # + # send_data buffer + # + # Download a dynamically-generated tarball: + # + # send_data generate_tgz('dir'), :filename => 'dir.tgz' + # + # Display an image Active Record in the browser: + # + # send_data image.data, :type => image.content_type, :disposition => 'inline' + # + # See +send_file+ for more information on HTTP Content-* headers and caching. + def send_data(data, options = {}) #:doc: + logger.info "Sending data #{options[:filename]}" if logger + send_file_headers! options.merge(:length => data.size) + @performed_render = false + render :status => options[:status], :text => data + end + + private + def send_file_headers!(options) + options.update(DEFAULT_SEND_FILE_OPTIONS.merge(options)) + [:length, :type, :disposition].each do |arg| + raise ArgumentError, ":#{arg} option required" if options[arg].nil? + end + + disposition = options[:disposition].dup || 'attachment' + + disposition <<= %(; filename="#{options[:filename]}") if options[:filename] + + content_type = options[:type] + if content_type.is_a?(Symbol) + raise ArgumentError, "Unknown MIME type #{options[:type]}" unless Mime::EXTENSION_LOOKUP.has_key?(content_type.to_s) + content_type = Mime::Type.lookup_by_extension(content_type.to_s) + end + content_type = content_type.to_s.strip # fixes a problem with extra '\r' with some browsers + + headers.update( + 'Content-Length' => options[:length], + 'Content-Type' => content_type, + 'Content-Disposition' => disposition, + 'Content-Transfer-Encoding' => 'binary' + ) + + # Fix a problem with IE 6.0 on opening downloaded files: + # If Cache-Control: no-cache is set (which Rails does by default), + # IE removes the file it just downloaded from its cache immediately + # after it displays the "open/save" dialog, which means that if you + # hit "open" the file isn't there anymore when the application that + # is called for handling the download is run, so let's workaround that + headers['Cache-Control'] = 'private' if headers['Cache-Control'] == 'no-cache' + end + end +end diff --git a/actionpack/lib/action_controller/base/verification.rb b/actionpack/lib/action_controller/base/verification.rb new file mode 100644 index 0000000000..7bf09ba6ea --- /dev/null +++ b/actionpack/lib/action_controller/base/verification.rb @@ -0,0 +1,130 @@ +module ActionController #:nodoc: + module Verification #:nodoc: + def self.included(base) #:nodoc: + base.extend(ClassMethods) + end + + # This module provides a class-level method for specifying that certain + # actions are guarded against being called without certain prerequisites + # being met. This is essentially a special kind of before_filter. + # + # An action may be guarded against being invoked without certain request + # parameters being set, or without certain session values existing. + # + # When a verification is violated, values may be inserted into the flash, and + # a specified redirection is triggered. If no specific action is configured, + # verification failures will by default result in a 400 Bad Request response. + # + # Usage: + # + # class GlobalController < ActionController::Base + # # Prevent the #update_settings action from being invoked unless + # # the 'admin_privileges' request parameter exists. The + # # settings action will be redirected to in current controller + # # if verification fails. + # verify :params => "admin_privileges", :only => :update_post, + # :redirect_to => { :action => "settings" } + # + # # Disallow a post from being updated if there was no information + # # submitted with the post, and if there is no active post in the + # # session, and if there is no "note" key in the flash. The route + # # named category_url will be redirected to if verification fails. + # + # verify :params => "post", :session => "post", "flash" => "note", + # :only => :update_post, + # :add_flash => { "alert" => "Failed to create your message" }, + # :redirect_to => :category_url + # + # Note that these prerequisites are not business rules. They do not examine + # the content of the session or the parameters. That level of validation should + # be encapsulated by your domain model or helper methods in the controller. + module ClassMethods + # Verify the given actions so that if certain prerequisites are not met, + # the user is redirected to a different action. The +options+ parameter + # is a hash consisting of the following key/value pairs: + # + # :params:: + # a single key or an array of keys that must be in the params + # hash in order for the action(s) to be safely called. + # :session:: + # a single key or an array of keys that must be in the session + # in order for the action(s) to be safely called. + # :flash:: + # a single key or an array of keys that must be in the flash in order + # for the action(s) to be safely called. + # :method:: + # a single key or an array of keys--any one of which must match the + # current request method in order for the action(s) to be safely called. + # (The key should be a symbol: :get or :post, for + # example.) + # :xhr:: + # true/false option to ensure that the request is coming from an Ajax + # call or not. + # :add_flash:: + # a hash of name/value pairs that should be merged into the session's + # flash if the prerequisites cannot be satisfied. + # :add_headers:: + # a hash of name/value pairs that should be merged into the response's + # headers hash if the prerequisites cannot be satisfied. + # :redirect_to:: + # the redirection parameters to be used when redirecting if the + # prerequisites cannot be satisfied. You can redirect either to named + # route or to the action in some controller. + # :render:: + # the render parameters to be used when the prerequisites cannot be satisfied. + # :only:: + # only apply this verification to the actions specified in the associated + # array (may also be a single value). + # :except:: + # do not apply this verification to the actions specified in the associated + # array (may also be a single value). + def verify(options={}) + before_filter :only => options[:only], :except => options[:except] do |c| + c.__send__ :verify_action, options + end + end + end + + private + + def verify_action(options) #:nodoc: + if prereqs_invalid?(options) + flash.update(options[:add_flash]) if options[:add_flash] + response.headers.update(options[:add_headers]) if options[:add_headers] + apply_remaining_actions(options) unless performed? + end + end + + def prereqs_invalid?(options) # :nodoc: + verify_presence_of_keys_in_hash_flash_or_params(options) || + verify_method(options) || + verify_request_xhr_status(options) + end + + def verify_presence_of_keys_in_hash_flash_or_params(options) # :nodoc: + [*options[:params] ].find { |v| params[v].nil? } || + [*options[:session]].find { |v| session[v].nil? } || + [*options[:flash] ].find { |v| flash[v].nil? } + end + + def verify_method(options) # :nodoc: + [*options[:method]].all? { |v| request.method != v.to_sym } if options[:method] + end + + def verify_request_xhr_status(options) # :nodoc: + request.xhr? != options[:xhr] unless options[:xhr].nil? + end + + def apply_redirect_to(redirect_to_option) # :nodoc: + (redirect_to_option.is_a?(Symbol) && redirect_to_option != :back) ? self.__send__(redirect_to_option) : redirect_to_option + end + + def apply_remaining_actions(options) # :nodoc: + case + when options[:render] ; render(options[:render]) + when options[:redirect_to] ; redirect_to(apply_redirect_to(options[:redirect_to])) + else head(:bad_request) + end + end + end +end \ No newline at end of file diff --git a/actionpack/lib/action_controller/benchmarking.rb b/actionpack/lib/action_controller/benchmarking.rb deleted file mode 100644 index 47377e5fa9..0000000000 --- a/actionpack/lib/action_controller/benchmarking.rb +++ /dev/null @@ -1,107 +0,0 @@ -require 'benchmark' - -module ActionController #:nodoc: - # The benchmarking module times the performance of actions and reports to the logger. If the Active Record - # package has been included, a separate timing section for database calls will be added as well. - module Benchmarking #:nodoc: - def self.included(base) - base.extend(ClassMethods) - - base.class_eval do - alias_method_chain :perform_action, :benchmark - alias_method_chain :render, :benchmark - end - end - - module ClassMethods - # Log and benchmark the workings of a single block and silence whatever logging that may have happened inside it - # (unless use_silence is set to false). - # - # The benchmark is only recorded if the current level of the logger matches the log_level, which makes it - # easy to include benchmarking statements in production software that will remain inexpensive because the benchmark - # will only be conducted if the log level is low enough. - def benchmark(title, log_level = Logger::DEBUG, use_silence = true) - if logger && logger.level == log_level - result = nil - ms = Benchmark.ms { result = use_silence ? silence { yield } : yield } - logger.add(log_level, "#{title} (#{('%.1f' % ms)}ms)") - result - else - yield - end - end - - # Silences the logger for the duration of the block. - def silence - old_logger_level, logger.level = logger.level, Logger::ERROR if logger - yield - ensure - logger.level = old_logger_level if logger - end - end - - protected - def render_with_benchmark(options = nil, extra_options = {}, &block) - if logger - if Object.const_defined?("ActiveRecord") && ActiveRecord::Base.connected? - db_runtime = ActiveRecord::Base.connection.reset_runtime - end - - render_output = nil - @view_runtime = Benchmark.ms { render_output = render_without_benchmark(options, extra_options, &block) } - - if Object.const_defined?("ActiveRecord") && ActiveRecord::Base.connected? - @db_rt_before_render = db_runtime - @db_rt_after_render = ActiveRecord::Base.connection.reset_runtime - @view_runtime -= @db_rt_after_render - end - - render_output - else - render_without_benchmark(options, extra_options, &block) - end - end - - private - def perform_action_with_benchmark - if logger - ms = [Benchmark.ms { perform_action_without_benchmark }, 0.01].max - logging_view = defined?(@view_runtime) - logging_active_record = Object.const_defined?("ActiveRecord") && ActiveRecord::Base.connected? - - log_message = 'Completed in %.0fms' % ms - - if logging_view || logging_active_record - log_message << " (" - log_message << view_runtime if logging_view - - if logging_active_record - log_message << ", " if logging_view - log_message << active_record_runtime + ")" - else - ")" - end - end - - log_message << " | #{response.status}" - log_message << " [#{complete_request_uri rescue "unknown"}]" - - logger.info(log_message) - response.headers["X-Runtime"] = "%.0f" % ms - else - perform_action_without_benchmark - end - end - - def view_runtime - "View: %.0f" % @view_runtime - end - - def active_record_runtime - db_runtime = ActiveRecord::Base.connection.reset_runtime - db_runtime += @db_rt_before_render if @db_rt_before_render - db_runtime += @db_rt_after_render if @db_rt_after_render - "DB: %.0f" % db_runtime - end - end -end diff --git a/actionpack/lib/action_controller/cgi/ext.rb b/actionpack/lib/action_controller/cgi/ext.rb new file mode 100644 index 0000000000..558748f4bd --- /dev/null +++ b/actionpack/lib/action_controller/cgi/ext.rb @@ -0,0 +1,15 @@ +require 'action_controller/cgi/ext/stdinput' +require 'action_controller/cgi/ext/query_extension' +require 'action_controller/cgi/ext/cookie' + +class CGI #:nodoc: + include ActionController::CgiExt::Stdinput + + class << self + alias :escapeHTML_fail_on_nil :escapeHTML + + def escapeHTML(string) + escapeHTML_fail_on_nil(string) unless string.nil? + end + end +end diff --git a/actionpack/lib/action_controller/cgi/ext/cookie.rb b/actionpack/lib/action_controller/cgi/ext/cookie.rb new file mode 100644 index 0000000000..9cd19bb12d --- /dev/null +++ b/actionpack/lib/action_controller/cgi/ext/cookie.rb @@ -0,0 +1,112 @@ +require 'delegate' + +CGI.module_eval { remove_const "Cookie" } + +# TODO: document how this differs from stdlib CGI::Cookie +class CGI #:nodoc: + class Cookie < DelegateClass(Array) + attr_accessor :name, :value, :path, :domain, :expires + attr_reader :secure, :http_only + + # Creates a new CGI::Cookie object. + # + # The contents of the cookie can be specified as a +name+ and one + # or more +value+ arguments. Alternatively, the contents can + # be specified as a single hash argument. The possible keywords of + # this hash are as follows: + # + # * :name - The name of the cookie. Required. + # * :value - The cookie's value or list of values. + # * :path - The path for which this cookie applies. Defaults to the + # base directory of the CGI script. + # * :domain - The domain for which this cookie applies. + # * :expires - The time at which this cookie expires, as a Time object. + # * :secure - Whether this cookie is a secure cookie or not (defaults to + # +false+). Secure cookies are only transmitted to HTTPS servers. + # * :http_only - Whether this cookie can be accessed by client side scripts (e.g. document.cookie) or only over HTTP. + # More details in http://msdn2.microsoft.com/en-us/library/system.web.httpcookie.httponly.aspx. Defaults to +false+. + # + # These keywords correspond to attributes of the cookie object. + def initialize(name = '', *value) + if name.kind_of?(String) + @name = name + @value = Array(value) + @domain = nil + @expires = nil + @secure = false + @http_only = false + @path = nil + else + @name = name['name'] + @value = (name['value'].kind_of?(String) ? [name['value']] : Array(name['value'])).delete_if(&:blank?) + @domain = name['domain'] + @expires = name['expires'] + @secure = name['secure'] || false + @http_only = name['http_only'] || false + @path = name['path'] + end + + raise ArgumentError, "`name' required" unless @name + + # simple support for IE + unless @path + %r|^(.*/)|.match(ENV['SCRIPT_NAME']) + @path = ($1 or '') + end + + super(@value) + end + + # Sets whether the Cookie is a secure cookie or not. + def secure=(val) + @secure = val == true + end + + # Sets whether the Cookie is an HTTP only cookie or not. + def http_only=(val) + @http_only = val == true + end + + # Converts the Cookie to its string representation. + def to_s + buf = '' + buf << @name << '=' + buf << (@value.kind_of?(String) ? CGI::escape(@value) : @value.collect{|v| CGI::escape(v) }.join("&")) + buf << '; domain=' << @domain if @domain + buf << '; path=' << @path if @path + buf << '; expires=' << CGI::rfc1123_date(@expires) if @expires + buf << '; secure' if @secure + buf << '; HttpOnly' if @http_only + buf + end + + # FIXME: work around broken 1.8.7 DelegateClass#respond_to? + def respond_to?(method, include_private = false) + return true if super(method) + return __getobj__.respond_to?(method, include_private) + end + + # Parses a raw cookie string into a hash of cookie-name => cookie-object + # pairs. + # + # cookies = CGI::Cookie::parse("raw_cookie_string") + # # => { "name1" => cookie1, "name2" => cookie2, ... } + # + def self.parse(raw_cookie) + cookies = Hash.new([]) + + if raw_cookie + raw_cookie.split(/;\s?/).each do |pairs| + name, value = pairs.split('=',2) + next unless name and value + name = CGI::unescape(name) + unless cookies.has_key?(name) + cookies[name] = new(name, CGI::unescape(value)) + end + end + end + + cookies + end + end # class Cookie +end diff --git a/actionpack/lib/action_controller/cgi/ext/query_extension.rb b/actionpack/lib/action_controller/cgi/ext/query_extension.rb new file mode 100644 index 0000000000..9620fd2873 --- /dev/null +++ b/actionpack/lib/action_controller/cgi/ext/query_extension.rb @@ -0,0 +1,22 @@ +require 'cgi' + +class CGI #:nodoc: + module QueryExtension + # Remove the old initialize_query method before redefining it. + remove_method :initialize_query + + # Neuter CGI parameter parsing. + def initialize_query + # Fix some strange request environments. + env_table['REQUEST_METHOD'] ||= 'GET' + + # POST assumes missing Content-Type is application/x-www-form-urlencoded. + if env_table['CONTENT_TYPE'].blank? && env_table['REQUEST_METHOD'] == 'POST' + env_table['CONTENT_TYPE'] = 'application/x-www-form-urlencoded' + end + + @cookies = CGI::Cookie::parse(env_table['HTTP_COOKIE'] || env_table['COOKIE']) + @params = {} + end + end +end diff --git a/actionpack/lib/action_controller/cgi/ext/stdinput.rb b/actionpack/lib/action_controller/cgi/ext/stdinput.rb new file mode 100644 index 0000000000..5e9b6784af --- /dev/null +++ b/actionpack/lib/action_controller/cgi/ext/stdinput.rb @@ -0,0 +1,24 @@ +require 'cgi' + +module ActionController + module CgiExt + # Publicize the CGI's internal input stream so we can lazy-read + # request.body. Make it writable so we don't have to play $stdin games. + module Stdinput + def self.included(base) + base.class_eval do + remove_method :stdinput + attr_accessor :stdinput + end + + base.alias_method_chain :initialize, :stdinput + end + + def initialize_with_stdinput(type = nil, stdinput = $stdin) + @stdinput = stdinput + @stdinput.set_encoding(Encoding::BINARY) if @stdinput.respond_to?(:set_encoding) + initialize_without_stdinput(type || 'query') + end + end + end +end diff --git a/actionpack/lib/action_controller/cgi/process.rb b/actionpack/lib/action_controller/cgi/process.rb new file mode 100644 index 0000000000..ffcad5666a --- /dev/null +++ b/actionpack/lib/action_controller/cgi/process.rb @@ -0,0 +1,70 @@ +module ActionController #:nodoc: + class CGIHandler + module ProperStream + def each + while line = gets + yield line + end + end + + def read(*args) + if args.empty? + super || "" + else + super + end + end + end + + def self.dispatch_cgi(app, cgi, out = $stdout) + env = cgi.__send__(:env_table) + env.delete "HTTP_CONTENT_LENGTH" + + cgi.stdinput.extend ProperStream + + env["SCRIPT_NAME"] = "" if env["SCRIPT_NAME"] == "/" + + env.update({ + "rack.version" => [0,1], + "rack.input" => cgi.stdinput, + "rack.errors" => $stderr, + "rack.multithread" => false, + "rack.multiprocess" => true, + "rack.run_once" => false, + "rack.url_scheme" => ["yes", "on", "1"].include?(env["HTTPS"]) ? "https" : "http" + }) + + env["QUERY_STRING"] ||= "" + env["HTTP_VERSION"] ||= env["SERVER_PROTOCOL"] + env["REQUEST_PATH"] ||= "/" + env.delete "PATH_INFO" if env["PATH_INFO"] == "" + + status, headers, body = app.call(env) + begin + out.binmode if out.respond_to?(:binmode) + out.sync = false if out.respond_to?(:sync=) + + headers['Status'] = status.to_s + out.write(cgi.header(headers)) + + body.each { |part| + out.write part + out.flush if out.respond_to?(:flush) + } + ensure + body.close if body.respond_to?(:close) + end + end + end + + class CgiRequest #:nodoc: + DEFAULT_SESSION_OPTIONS = { + :database_manager => nil, + :prefix => "ruby_sess.", + :session_path => "/", + :session_key => "_session_id", + :cookie_only => true, + :session_http_only => true + } + end +end diff --git a/actionpack/lib/action_controller/cgi_ext.rb b/actionpack/lib/action_controller/cgi_ext.rb deleted file mode 100644 index 406b6f06d6..0000000000 --- a/actionpack/lib/action_controller/cgi_ext.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'action_controller/cgi_ext/stdinput' -require 'action_controller/cgi_ext/query_extension' -require 'action_controller/cgi_ext/cookie' - -class CGI #:nodoc: - include ActionController::CgiExt::Stdinput - - class << self - alias :escapeHTML_fail_on_nil :escapeHTML - - def escapeHTML(string) - escapeHTML_fail_on_nil(string) unless string.nil? - end - end -end diff --git a/actionpack/lib/action_controller/cgi_ext/cookie.rb b/actionpack/lib/action_controller/cgi_ext/cookie.rb deleted file mode 100644 index 9cd19bb12d..0000000000 --- a/actionpack/lib/action_controller/cgi_ext/cookie.rb +++ /dev/null @@ -1,112 +0,0 @@ -require 'delegate' - -CGI.module_eval { remove_const "Cookie" } - -# TODO: document how this differs from stdlib CGI::Cookie -class CGI #:nodoc: - class Cookie < DelegateClass(Array) - attr_accessor :name, :value, :path, :domain, :expires - attr_reader :secure, :http_only - - # Creates a new CGI::Cookie object. - # - # The contents of the cookie can be specified as a +name+ and one - # or more +value+ arguments. Alternatively, the contents can - # be specified as a single hash argument. The possible keywords of - # this hash are as follows: - # - # * :name - The name of the cookie. Required. - # * :value - The cookie's value or list of values. - # * :path - The path for which this cookie applies. Defaults to the - # base directory of the CGI script. - # * :domain - The domain for which this cookie applies. - # * :expires - The time at which this cookie expires, as a Time object. - # * :secure - Whether this cookie is a secure cookie or not (defaults to - # +false+). Secure cookies are only transmitted to HTTPS servers. - # * :http_only - Whether this cookie can be accessed by client side scripts (e.g. document.cookie) or only over HTTP. - # More details in http://msdn2.microsoft.com/en-us/library/system.web.httpcookie.httponly.aspx. Defaults to +false+. - # - # These keywords correspond to attributes of the cookie object. - def initialize(name = '', *value) - if name.kind_of?(String) - @name = name - @value = Array(value) - @domain = nil - @expires = nil - @secure = false - @http_only = false - @path = nil - else - @name = name['name'] - @value = (name['value'].kind_of?(String) ? [name['value']] : Array(name['value'])).delete_if(&:blank?) - @domain = name['domain'] - @expires = name['expires'] - @secure = name['secure'] || false - @http_only = name['http_only'] || false - @path = name['path'] - end - - raise ArgumentError, "`name' required" unless @name - - # simple support for IE - unless @path - %r|^(.*/)|.match(ENV['SCRIPT_NAME']) - @path = ($1 or '') - end - - super(@value) - end - - # Sets whether the Cookie is a secure cookie or not. - def secure=(val) - @secure = val == true - end - - # Sets whether the Cookie is an HTTP only cookie or not. - def http_only=(val) - @http_only = val == true - end - - # Converts the Cookie to its string representation. - def to_s - buf = '' - buf << @name << '=' - buf << (@value.kind_of?(String) ? CGI::escape(@value) : @value.collect{|v| CGI::escape(v) }.join("&")) - buf << '; domain=' << @domain if @domain - buf << '; path=' << @path if @path - buf << '; expires=' << CGI::rfc1123_date(@expires) if @expires - buf << '; secure' if @secure - buf << '; HttpOnly' if @http_only - buf - end - - # FIXME: work around broken 1.8.7 DelegateClass#respond_to? - def respond_to?(method, include_private = false) - return true if super(method) - return __getobj__.respond_to?(method, include_private) - end - - # Parses a raw cookie string into a hash of cookie-name => cookie-object - # pairs. - # - # cookies = CGI::Cookie::parse("raw_cookie_string") - # # => { "name1" => cookie1, "name2" => cookie2, ... } - # - def self.parse(raw_cookie) - cookies = Hash.new([]) - - if raw_cookie - raw_cookie.split(/;\s?/).each do |pairs| - name, value = pairs.split('=',2) - next unless name and value - name = CGI::unescape(name) - unless cookies.has_key?(name) - cookies[name] = new(name, CGI::unescape(value)) - end - end - end - - cookies - end - end # class Cookie -end diff --git a/actionpack/lib/action_controller/cgi_ext/query_extension.rb b/actionpack/lib/action_controller/cgi_ext/query_extension.rb deleted file mode 100644 index 9620fd2873..0000000000 --- a/actionpack/lib/action_controller/cgi_ext/query_extension.rb +++ /dev/null @@ -1,22 +0,0 @@ -require 'cgi' - -class CGI #:nodoc: - module QueryExtension - # Remove the old initialize_query method before redefining it. - remove_method :initialize_query - - # Neuter CGI parameter parsing. - def initialize_query - # Fix some strange request environments. - env_table['REQUEST_METHOD'] ||= 'GET' - - # POST assumes missing Content-Type is application/x-www-form-urlencoded. - if env_table['CONTENT_TYPE'].blank? && env_table['REQUEST_METHOD'] == 'POST' - env_table['CONTENT_TYPE'] = 'application/x-www-form-urlencoded' - end - - @cookies = CGI::Cookie::parse(env_table['HTTP_COOKIE'] || env_table['COOKIE']) - @params = {} - end - end -end diff --git a/actionpack/lib/action_controller/cgi_ext/stdinput.rb b/actionpack/lib/action_controller/cgi_ext/stdinput.rb deleted file mode 100644 index 5e9b6784af..0000000000 --- a/actionpack/lib/action_controller/cgi_ext/stdinput.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'cgi' - -module ActionController - module CgiExt - # Publicize the CGI's internal input stream so we can lazy-read - # request.body. Make it writable so we don't have to play $stdin games. - module Stdinput - def self.included(base) - base.class_eval do - remove_method :stdinput - attr_accessor :stdinput - end - - base.alias_method_chain :initialize, :stdinput - end - - def initialize_with_stdinput(type = nil, stdinput = $stdin) - @stdinput = stdinput - @stdinput.set_encoding(Encoding::BINARY) if @stdinput.respond_to?(:set_encoding) - initialize_without_stdinput(type || 'query') - end - end - end -end diff --git a/actionpack/lib/action_controller/cgi_process.rb b/actionpack/lib/action_controller/cgi_process.rb deleted file mode 100644 index 7e5e95e135..0000000000 --- a/actionpack/lib/action_controller/cgi_process.rb +++ /dev/null @@ -1,72 +0,0 @@ -require 'action_controller/cgi_ext' - -module ActionController #:nodoc: - class CGIHandler - module ProperStream - def each - while line = gets - yield line - end - end - - def read(*args) - if args.empty? - super || "" - else - super - end - end - end - - def self.dispatch_cgi(app, cgi, out = $stdout) - env = cgi.__send__(:env_table) - env.delete "HTTP_CONTENT_LENGTH" - - cgi.stdinput.extend ProperStream - - env["SCRIPT_NAME"] = "" if env["SCRIPT_NAME"] == "/" - - env.update({ - "rack.version" => [0,1], - "rack.input" => cgi.stdinput, - "rack.errors" => $stderr, - "rack.multithread" => false, - "rack.multiprocess" => true, - "rack.run_once" => false, - "rack.url_scheme" => ["yes", "on", "1"].include?(env["HTTPS"]) ? "https" : "http" - }) - - env["QUERY_STRING"] ||= "" - env["HTTP_VERSION"] ||= env["SERVER_PROTOCOL"] - env["REQUEST_PATH"] ||= "/" - env.delete "PATH_INFO" if env["PATH_INFO"] == "" - - status, headers, body = app.call(env) - begin - out.binmode if out.respond_to?(:binmode) - out.sync = false if out.respond_to?(:sync=) - - headers['Status'] = status.to_s - out.write(cgi.header(headers)) - - body.each { |part| - out.write part - out.flush if out.respond_to?(:flush) - } - ensure - body.close if body.respond_to?(:close) - end - end - end - - class CgiRequest #:nodoc: - DEFAULT_SESSION_OPTIONS = { - :database_manager => nil, - :prefix => "ruby_sess.", - :session_path => "/", - :session_key => "_session_id", - :cookie_only => true, - :session_http_only => true - } - end -end diff --git a/actionpack/lib/action_controller/cookies.rb b/actionpack/lib/action_controller/cookies.rb deleted file mode 100644 index 840ceb5abd..0000000000 --- a/actionpack/lib/action_controller/cookies.rb +++ /dev/null @@ -1,94 +0,0 @@ -module ActionController #:nodoc: - # Cookies are read and written through ActionController#cookies. - # - # The cookies being read are the ones received along with the request, the cookies - # being written will be sent out with the response. Reading a cookie does not get - # the cookie object itself back, just the value it holds. - # - # Examples for writing: - # - # # Sets a simple session cookie. - # cookies[:user_name] = "david" - # - # # Sets a cookie that expires in 1 hour. - # cookies[:login] = { :value => "XJ-122", :expires => 1.hour.from_now } - # - # Examples for reading: - # - # cookies[:user_name] # => "david" - # cookies.size # => 2 - # - # Example for deleting: - # - # cookies.delete :user_name - # - # Please note that if you specify a :domain when setting a cookie, you must also specify the domain when deleting the cookie: - # - # cookies[:key] = { - # :value => 'a yummy cookie', - # :expires => 1.year.from_now, - # :domain => 'domain.com' - # } - # - # cookies.delete(:key, :domain => 'domain.com') - # - # The option symbols for setting cookies are: - # - # * :value - The cookie's value or list of values (as an array). - # * :path - The path for which this cookie applies. Defaults to the root - # of the application. - # * :domain - The domain for which this cookie applies. - # * :expires - The time at which this cookie expires, as a Time object. - # * :secure - Whether this cookie is a only transmitted to HTTPS servers. - # Default is +false+. - # * :http_only - Whether this cookie is accessible via scripting or - # only HTTP. Defaults to +false+. - module Cookies - def self.included(base) - base.helper_method :cookies - end - - protected - # Returns the cookie container, which operates as described above. - def cookies - CookieJar.new(self) - end - end - - class CookieJar < Hash #:nodoc: - def initialize(controller) - @controller, @cookies = controller, controller.request.cookies - super() - update(@cookies) - end - - # Returns the value of the cookie by +name+, or +nil+ if no such cookie exists. - def [](name) - super(name.to_s) - end - - # Sets the cookie named +name+. The second argument may be the very cookie - # value, or a hash of options as documented above. - def []=(key, options) - if options.is_a?(Hash) - options.symbolize_keys! - else - options = { :value => options } - end - - options[:path] = "/" unless options.has_key?(:path) - super(key.to_s, options[:value]) - @controller.response.set_cookie(key, options) - end - - # Removes the cookie on the client machine by setting the value to an empty string - # and setting its expiration date into the past. Like []=, you can pass in - # an options hash to delete cookies with extra data such as a :path. - def delete(key, options = {}) - options.symbolize_keys! - options[:path] = "/" unless options.has_key?(:path) - super(key.to_s) - @controller.response.delete_cookie(key, options) - end - end -end diff --git a/actionpack/lib/action_controller/dispatch/dispatcher.rb b/actionpack/lib/action_controller/dispatch/dispatcher.rb new file mode 100644 index 0000000000..714e270781 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/dispatcher.rb @@ -0,0 +1,116 @@ +module ActionController + # Dispatches requests to the appropriate controller and takes care of + # reloading the app after each request when Dependencies.load? is true. + class Dispatcher + class << self + def define_dispatcher_callbacks(cache_classes) + unless cache_classes + # Development mode callbacks + before_dispatch :reload_application + after_dispatch :cleanup_application + + ActionView::Helpers::AssetTagHelper.cache_asset_timestamps = false + end + + if defined?(ActiveRecord) + after_dispatch :checkin_connections + to_prepare(:activerecord_instantiate_observers) { ActiveRecord::Base.instantiate_observers } + end + + after_dispatch :flush_logger if Base.logger && Base.logger.respond_to?(:flush) + + to_prepare do + I18n.reload! + end + end + + # DEPRECATE: Remove CGI support + def dispatch(cgi = nil, session_options = CgiRequest::DEFAULT_SESSION_OPTIONS, output = $stdout) + new(output).dispatch_cgi(cgi, session_options) + end + + # Add a preparation callback. Preparation callbacks are run before every + # request in development mode, and before the first request in production + # mode. + # + # An optional identifier may be supplied for the callback. If provided, + # to_prepare may be called again with the same identifier to replace the + # existing callback. Passing an identifier is a suggested practice if the + # code adding a preparation block may be reloaded. + def to_prepare(identifier = nil, &block) + @prepare_dispatch_callbacks ||= ActiveSupport::Callbacks::CallbackChain.new + callback = ActiveSupport::Callbacks::Callback.new(:prepare_dispatch, block, :identifier => identifier) + @prepare_dispatch_callbacks.replace_or_append!(callback) + end + end + + cattr_accessor :middleware + self.middleware = MiddlewareStack.new do |middleware| + middlewares = File.join(File.dirname(__FILE__), "rack", "middlewares.rb") + middleware.instance_eval(File.read(middlewares)) + end + + include ActiveSupport::Callbacks + define_callbacks :prepare_dispatch, :before_dispatch, :after_dispatch + + # DEPRECATE: Remove arguments, since they are only used by CGI + def initialize(output = $stdout, request = nil, response = nil) + @output = output + @app = @@middleware.build(lambda { |env| self.dup._call(env) }) + end + + def dispatch + begin + run_callbacks :before_dispatch + Routing::Routes.call(@env) + rescue Exception => exception + if controller ||= (::ApplicationController rescue Base) + controller.call_with_exception(@env, exception).to_a + else + raise exception + end + ensure + run_callbacks :after_dispatch, :enumerator => :reverse_each + end + end + + # DEPRECATE: Remove CGI support + def dispatch_cgi(cgi, session_options) + CGIHandler.dispatch_cgi(self, cgi, @output) + end + + def call(env) + @app.call(env) + end + + def _call(env) + @env = env + dispatch + end + + def reload_application + # Run prepare callbacks before every request in development mode + run_callbacks :prepare_dispatch + + Routing::Routes.reload + end + + # Cleanup the application by clearing out loaded classes so they can + # be reloaded on the next request without restarting the server. + def cleanup_application + ActiveRecord::Base.reset_subclasses if defined?(ActiveRecord) + ActiveSupport::Dependencies.clear + ActiveRecord::Base.clear_reloadable_connections! if defined?(ActiveRecord) + end + + def flush_logger + Base.logger.flush + end + + def checkin_connections + # Don't return connection (and peform implicit rollback) if this request is a part of integration test + return if @env.key?("rack.test") + ActiveRecord::Base.clear_active_connections! + end + end +end diff --git a/actionpack/lib/action_controller/dispatch/params_parser.rb b/actionpack/lib/action_controller/dispatch/params_parser.rb new file mode 100644 index 0000000000..d269fe07fa --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/params_parser.rb @@ -0,0 +1,71 @@ +module ActionController + class ParamsParser + ActionController::Base.param_parsers[Mime::XML] = :xml_simple + ActionController::Base.param_parsers[Mime::JSON] = :json + + def initialize(app) + @app = app + end + + def call(env) + if params = parse_formatted_parameters(env) + env["action_controller.request.request_parameters"] = params + end + + @app.call(env) + end + + private + def parse_formatted_parameters(env) + request = Request.new(env) + + return false if request.content_length.zero? + + mime_type = content_type_from_legacy_post_data_format_header(env) || request.content_type + strategy = ActionController::Base.param_parsers[mime_type] + + return false unless strategy + + case strategy + when Proc + strategy.call(request.raw_post) + when :xml_simple, :xml_node + body = request.raw_post + body.blank? ? {} : Hash.from_xml(body).with_indifferent_access + when :yaml + YAML.load(request.raw_post) + when :json + body = request.raw_post + if body.blank? + {} + else + data = ActiveSupport::JSON.decode(body) + data = {:_json => data} unless data.is_a?(Hash) + data.with_indifferent_access + end + else + false + end + rescue Exception => e # YAML, XML or Ruby code block errors + raise + { "body" => request.raw_post, + "content_type" => request.content_type, + "content_length" => request.content_length, + "exception" => "#{e.message} (#{e.class})", + "backtrace" => e.backtrace } + end + + def content_type_from_legacy_post_data_format_header(env) + if x_post_format = env['HTTP_X_POST_DATA_FORMAT'] + case x_post_format.to_s.downcase + when 'yaml' + return Mime::YAML + when 'xml' + return Mime::XML + end + end + + nil + end + end +end diff --git a/actionpack/lib/action_controller/dispatch/rack/failsafe.rb b/actionpack/lib/action_controller/dispatch/rack/failsafe.rb new file mode 100644 index 0000000000..567581142c --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/rack/failsafe.rb @@ -0,0 +1,52 @@ +module ActionController + class Failsafe + cattr_accessor :error_file_path + self.error_file_path = Rails.public_path if defined?(Rails.public_path) + + def initialize(app) + @app = app + end + + def call(env) + @app.call(env) + rescue Exception => exception + # Reraise exception in test environment + if env["rack.test"] + raise exception + else + failsafe_response(exception) + end + end + + private + def failsafe_response(exception) + log_failsafe_exception(exception) + [500, {'Content-Type' => 'text/html'}, failsafe_response_body] + rescue Exception => failsafe_error # Logger or IO errors + $stderr.puts "Error during failsafe response: #{failsafe_error}" + end + + def failsafe_response_body + error_path = "#{self.class.error_file_path}/500.html" + if File.exist?(error_path) + File.read(error_path) + else + "

500 Internal Server Error

" + end + end + + def log_failsafe_exception(exception) + message = "/!\\ FAILSAFE /!\\ #{Time.now}\n Status: 500 Internal Server Error\n" + message << " #{exception}\n #{exception.backtrace.join("\n ")}" if exception + failsafe_logger.fatal(message) + end + + def failsafe_logger + if defined?(Rails) && Rails.logger + Rails.logger + else + Logger.new($stderr) + end + end + end +end diff --git a/actionpack/lib/action_controller/dispatch/rack/lock.rb b/actionpack/lib/action_controller/dispatch/rack/lock.rb new file mode 100644 index 0000000000..c50762216e --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/rack/lock.rb @@ -0,0 +1,16 @@ +module ActionController + class Lock + FLAG = 'rack.multithread'.freeze + + def initialize(app, lock = Mutex.new) + @app, @lock = app, lock + end + + def call(env) + old, env[FLAG] = env[FLAG], false + @lock.synchronize { @app.call(env) } + ensure + env[FLAG] = old + end + end +end diff --git a/actionpack/lib/action_controller/dispatch/rack/middleware_stack.rb b/actionpack/lib/action_controller/dispatch/rack/middleware_stack.rb new file mode 100644 index 0000000000..dbc2fda41e --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/rack/middleware_stack.rb @@ -0,0 +1,109 @@ +module ActionController + class MiddlewareStack < Array + class Middleware + def self.new(klass, *args, &block) + if klass.is_a?(self) + klass + else + super + end + end + + attr_reader :args, :block + + def initialize(klass, *args, &block) + @klass = klass + + options = args.extract_options! + if options.has_key?(:if) + @conditional = options.delete(:if) + else + @conditional = true + end + args << options unless options.empty? + + @args = args + @block = block + end + + def klass + if @klass.is_a?(Class) + @klass + else + @klass.to_s.constantize + end + rescue NameError + @klass + end + + def active? + if @conditional.respond_to?(:call) + @conditional.call + else + @conditional + end + end + + def ==(middleware) + case middleware + when Middleware + klass == middleware.klass + when Class + klass == middleware + else + klass == middleware.to_s.constantize + end + end + + def inspect + str = klass.to_s + args.each { |arg| str += ", #{arg.inspect}" } + str + end + + def build(app) + if block + klass.new(app, *args, &block) + else + klass.new(app, *args) + end + end + end + + def initialize(*args, &block) + super(*args) + block.call(self) if block_given? + end + + def insert(index, *args, &block) + index = self.index(index) unless index.is_a?(Integer) + middleware = Middleware.new(*args, &block) + super(index, middleware) + end + + alias_method :insert_before, :insert + + def insert_after(index, *args, &block) + index = self.index(index) unless index.is_a?(Integer) + insert(index + 1, *args, &block) + end + + def swap(target, *args, &block) + insert_before(target, *args, &block) + delete(target) + end + + def use(*args, &block) + middleware = Middleware.new(*args, &block) + push(middleware) + end + + def active + find_all { |middleware| middleware.active? } + end + + def build(app) + active.reverse.inject(app) { |a, e| e.build(a) } + end + end +end diff --git a/actionpack/lib/action_controller/dispatch/rack/middlewares.rb b/actionpack/lib/action_controller/dispatch/rack/middlewares.rb new file mode 100644 index 0000000000..f9cfc2b18e --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/rack/middlewares.rb @@ -0,0 +1,21 @@ +use "Rack::Lock", :if => lambda { + !ActionController::Base.allow_concurrency +} + +use "ActionController::Failsafe" + +["ActionController::Session::CookieStore", + "ActionController::Session::MemCacheStore", + "ActiveRecord::SessionStore"].each do |store| + use(store, ActionController::Base.session_options, + :if => lambda { + if session_store = ActionController::Base.session_store + session_store.name == store + end + } + ) +end + +use "ActionController::RewindableInput" +use "ActionController::ParamsParser" +use "Rack::MethodOverride" diff --git a/actionpack/lib/action_controller/dispatch/request.rb b/actionpack/lib/action_controller/dispatch/request.rb new file mode 100755 index 0000000000..f8c77241b9 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/request.rb @@ -0,0 +1,492 @@ +require 'tempfile' +require 'stringio' +require 'strscan' + +require 'active_support/memoizable' +require 'action_controller/cgi_ext' + +module ActionController + class Request < Rack::Request + extend ActiveSupport::Memoizable + + %w[ AUTH_TYPE GATEWAY_INTERFACE + PATH_TRANSLATED REMOTE_HOST + REMOTE_IDENT REMOTE_USER REMOTE_ADDR + SERVER_NAME SERVER_PROTOCOL + + HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING + HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM + HTTP_NEGOTIATE HTTP_PRAGMA HTTP_REFERER HTTP_USER_AGENT ].each do |env| + define_method(env.sub(/^HTTP_/n, '').downcase) do + @env[env] + end + end + + def key?(key) + @env.key?(key) + end + + HTTP_METHODS = %w(get head put post delete options) + HTTP_METHOD_LOOKUP = HTTP_METHODS.inject({}) { |h, m| h[m] = h[m.upcase] = m.to_sym; h } + + # Returns the true HTTP request \method as a lowercase symbol, such as + # :get. If the request \method is not listed in the HTTP_METHODS + # constant above, an UnknownHttpMethod exception is raised. + def request_method + HTTP_METHOD_LOOKUP[super] || raise(UnknownHttpMethod, "#{super}, accepted HTTP methods are #{HTTP_METHODS.to_sentence}") + end + memoize :request_method + + # Returns the HTTP request \method used for action processing as a + # lowercase symbol, such as :post. (Unlike #request_method, this + # method returns :get for a HEAD request because the two are + # functionally equivalent from the application's perspective.) + def method + request_method == :head ? :get : request_method + end + + # Is this a GET (or HEAD) request? Equivalent to request.method == :get. + def get? + method == :get + end + + # Is this a POST request? Equivalent to request.method == :post. + def post? + request_method == :post + end + + # Is this a PUT request? Equivalent to request.method == :put. + def put? + request_method == :put + end + + # Is this a DELETE request? Equivalent to request.method == :delete. + def delete? + request_method == :delete + end + + # Is this a HEAD request? Since request.method sees HEAD as :get, + # this \method checks the actual HTTP \method directly. + def head? + request_method == :head + end + + # Provides access to the request's HTTP headers, for example: + # + # request.headers["Content-Type"] # => "text/plain" + def headers + ActionController::Http::Headers.new(@env) + end + memoize :headers + + # Returns the content length of the request as an integer. + def content_length + super.to_i + end + + # The MIME type of the HTTP request, such as Mime::XML. + # + # For backward compatibility, the post \format is extracted from the + # X-Post-Data-Format HTTP header if present. + def content_type + if @env['CONTENT_TYPE'] =~ /^([^,\;]*)/ + Mime::Type.lookup($1.strip.downcase) + else + nil + end + end + memoize :content_type + + # Returns the accepted MIME type for the request. + def accepts + header = @env['HTTP_ACCEPT'].to_s.strip + + fallback = xhr? ? Mime::JS : Mime::HTML + + if header.empty? + [content_type, fallback, Mime::ALL].compact + else + ret = Mime::Type.parse(header) + if ret.last == Mime::ALL + ret.insert(-2, fallback) + end + ret + end + end + memoize :accepts + + def if_modified_since + if since = env['HTTP_IF_MODIFIED_SINCE'] + Time.rfc2822(since) rescue nil + end + end + memoize :if_modified_since + + def if_none_match + env['HTTP_IF_NONE_MATCH'] + end + + def not_modified?(modified_at) + if_modified_since && modified_at && if_modified_since >= modified_at + end + + def etag_matches?(etag) + if_none_match && if_none_match == etag + end + + # Check response freshness (Last-Modified and ETag) against request + # If-Modified-Since and If-None-Match conditions. If both headers are + # supplied, both must match, or the request is not considered fresh. + def fresh?(response) + case + when if_modified_since && if_none_match + not_modified?(response.last_modified) && etag_matches?(response.etag) + when if_modified_since + not_modified?(response.last_modified) + when if_none_match + etag_matches?(response.etag) + else + false + end + end + + ONLY_ALL = [Mime::ALL].freeze + + # Returns the Mime type for the \format used in the request. + # + # GET /posts/5.xml | request.format => Mime::XML + # GET /posts/5.xhtml | request.format => Mime::HTML + # GET /posts/5 | request.format => Mime::HTML or MIME::JS, or request.accepts.first depending on the value of ActionController::Base.use_accept_header + + def format(view_path = []) + @format ||= + if parameters[:format] + Mime[parameters[:format]] + elsif Base.use_accept_header && !(accepts == ONLY_ALL) + accepts.first + elsif xhr? then Mime::JS + else Mime::HTML + end + end + + def formats + @formats = + if Base.use_accept_header + ret = Array(Mime[parameters[:format]] || accepts) + else + [format] + end + end + + # Sets the \format by string extension, which can be used to force custom formats + # that are not controlled by the extension. + # + # class ApplicationController < ActionController::Base + # before_filter :adjust_format_for_iphone + # + # private + # def adjust_format_for_iphone + # request.format = :iphone if request.env["HTTP_USER_AGENT"][/iPhone/] + # end + # end + def format=(extension) + parameters[:format] = extension.to_s + @format = Mime::Type.lookup_by_extension(parameters[:format]) + end + + # Returns a symbolized version of the :format parameter of the request. + # If no \format is given it returns :jsfor Ajax requests and :html + # otherwise. + def template_format + parameter_format = parameters[:format] + + if parameter_format + parameter_format + elsif xhr? + :js + else + :html + end + end + + def cache_format + parameters[:format] + end + + # Returns true if the request's "X-Requested-With" header contains + # "XMLHttpRequest". (The Prototype Javascript library sends this header with + # every Ajax request.) + def xml_http_request? + !(@env['HTTP_X_REQUESTED_WITH'] !~ /XMLHttpRequest/i) + end + alias xhr? :xml_http_request? + + # Which IP addresses are "trusted proxies" that can be stripped from + # the right-hand-side of X-Forwarded-For + TRUSTED_PROXIES = /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\./i + + # Determines originating IP address. REMOTE_ADDR is the standard + # but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or + # HTTP_X_FORWARDED_FOR are set by proxies so check for these if + # REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma- + # delimited list in the case of multiple chained proxies; the last + # address which is not trusted is the originating IP. + def remote_ip + remote_addr_list = @env['REMOTE_ADDR'] && @env['REMOTE_ADDR'].scan(/[^,\s]+/) + + unless remote_addr_list.blank? + not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES} + return not_trusted_addrs.first unless not_trusted_addrs.empty? + end + remote_ips = @env['HTTP_X_FORWARDED_FOR'] && @env['HTTP_X_FORWARDED_FOR'].split(',') + + if @env.include? 'HTTP_CLIENT_IP' + if ActionController::Base.ip_spoofing_check && remote_ips && !remote_ips.include?(@env['HTTP_CLIENT_IP']) + # We don't know which came from the proxy, and which from the user + raise ActionControllerError.new(< 1 && TRUSTED_PROXIES =~ remote_ips.last.strip + remote_ips.pop + end + + return remote_ips.last.strip + end + + @env['REMOTE_ADDR'] + end + memoize :remote_ip + + # Returns the lowercase name of the HTTP server software. + def server_software + (@env['SERVER_SOFTWARE'] && /^([a-zA-Z]+)/ =~ @env['SERVER_SOFTWARE']) ? $1.downcase : nil + end + memoize :server_software + + # Returns the complete URL used for this request. + def url + protocol + host_with_port + request_uri + end + memoize :url + + # Returns 'https://' if this is an SSL request and 'http://' otherwise. + def protocol + ssl? ? 'https://' : 'http://' + end + memoize :protocol + + # Is this an SSL request? + def ssl? + @env['HTTPS'] == 'on' || @env['HTTP_X_FORWARDED_PROTO'] == 'https' + end + + # Returns the \host for this request, such as "example.com". + def raw_host_with_port + if forwarded = env["HTTP_X_FORWARDED_HOST"] + forwarded.split(/,\s?/).last + else + env['HTTP_HOST'] || "#{env['SERVER_NAME'] || env['SERVER_ADDR']}:#{env['SERVER_PORT']}" + end + end + + # Returns the host for this request, such as example.com. + def host + raw_host_with_port.sub(/:\d+$/, '') + end + memoize :host + + # Returns a \host:\port string for this request, such as "example.com" or + # "example.com:8080". + def host_with_port + "#{host}#{port_string}" + end + memoize :host_with_port + + # Returns the port number of this request as an integer. + def port + if raw_host_with_port =~ /:(\d+)$/ + $1.to_i + else + standard_port + end + end + memoize :port + + # Returns the standard \port number for this request's protocol. + def standard_port + case protocol + when 'https://' then 443 + else 80 + end + end + + # Returns a \port suffix like ":8080" if the \port number of this request + # is not the default HTTP \port 80 or HTTPS \port 443. + def port_string + port == standard_port ? '' : ":#{port}" + end + + # Returns the \domain part of a \host, such as "rubyonrails.org" in "www.rubyonrails.org". You can specify + # a different tld_length, such as 2 to catch rubyonrails.co.uk in "www.rubyonrails.co.uk". + def domain(tld_length = 1) + return nil unless named_host?(host) + + host.split('.').last(1 + tld_length).join('.') + end + + # Returns all the \subdomains as an array, so ["dev", "www"] would be + # returned for "dev.www.rubyonrails.org". You can specify a different tld_length, + # such as 2 to catch ["www"] instead of ["www", "rubyonrails"] + # in "www.rubyonrails.co.uk". + def subdomains(tld_length = 1) + return [] unless named_host?(host) + parts = host.split('.') + parts[0..-(tld_length+2)] + end + + # Returns the query string, accounting for server idiosyncrasies. + def query_string + @env['QUERY_STRING'].present? ? @env['QUERY_STRING'] : (@env['REQUEST_URI'].split('?', 2)[1] || '') + end + memoize :query_string + + # Returns the request URI, accounting for server idiosyncrasies. + # WEBrick includes the full URL. IIS leaves REQUEST_URI blank. + def request_uri + if uri = @env['REQUEST_URI'] + # Remove domain, which webrick puts into the request_uri. + (%r{^\w+\://[^/]+(/.*|$)$} =~ uri) ? $1 : uri + else + # Construct IIS missing REQUEST_URI from SCRIPT_NAME and PATH_INFO. + uri = @env['PATH_INFO'].to_s + + if script_filename = @env['SCRIPT_NAME'].to_s.match(%r{[^/]+$}) + uri = uri.sub(/#{script_filename}\//, '') + end + + env_qs = @env['QUERY_STRING'].to_s + uri += "?#{env_qs}" unless env_qs.empty? + + if uri.blank? + @env.delete('REQUEST_URI') + else + @env['REQUEST_URI'] = uri + end + end + end + memoize :request_uri + + # Returns the interpreted \path to requested resource after all the installation + # directory of this application was taken into account. + def path + path = request_uri.to_s[/\A[^\?]*/] + path.sub!(/\A#{ActionController::Base.relative_url_root}/, '') + path + end + memoize :path + + # Read the request \body. This is useful for web services that need to + # work with raw requests directly. + def raw_post + unless @env.include? 'RAW_POST_DATA' + @env['RAW_POST_DATA'] = body.read(@env['CONTENT_LENGTH'].to_i) + body.rewind if body.respond_to?(:rewind) + end + @env['RAW_POST_DATA'] + end + + # Returns both GET and POST \parameters in a single hash. + def parameters + @parameters ||= request_parameters.merge(query_parameters).update(path_parameters).with_indifferent_access + end + alias_method :params, :parameters + + def path_parameters=(parameters) #:nodoc: + @env["rack.routing_args"] = parameters + @symbolized_path_parameters = @parameters = nil + end + + # The same as path_parameters with explicitly symbolized keys. + def symbolized_path_parameters + @symbolized_path_parameters ||= path_parameters.symbolize_keys + end + + # Returns a hash with the \parameters used to form the \path of the request. + # Returned hash keys are strings: + # + # {'action' => 'my_action', 'controller' => 'my_controller'} + # + # See symbolized_path_parameters for symbolized keys. + def path_parameters + @env["rack.routing_args"] ||= {} + end + + # The request body is an IO input stream. If the RAW_POST_DATA environment + # variable is already set, wrap it in a StringIO. + def body + if raw_post = @env['RAW_POST_DATA'] + raw_post.force_encoding(Encoding::BINARY) if raw_post.respond_to?(:force_encoding) + StringIO.new(raw_post) + else + @env['rack.input'] + end + end + + def form_data? + FORM_DATA_MEDIA_TYPES.include?(content_type.to_s) + end + + # Override Rack's GET method to support nested query strings + def GET + @env["action_controller.request.query_parameters"] ||= UrlEncodedPairParser.parse_query_parameters(query_string) + end + alias_method :query_parameters, :GET + + # Override Rack's POST method to support nested query strings + def POST + @env["action_controller.request.request_parameters"] ||= UrlEncodedPairParser.parse_hash_parameters(super) + end + alias_method :request_parameters, :POST + + def body_stream #:nodoc: + @env['rack.input'] + end + + def session + @env['rack.session'] ||= {} + end + + def session=(session) #:nodoc: + @env['rack.session'] = session + end + + def reset_session + @env['rack.session'] = {} + end + + def session_options + @env['rack.session.options'] ||= {} + end + + def session_options=(options) + @env['rack.session.options'] = options + end + + def server_port + @env['SERVER_PORT'].to_i + end + + private + def named_host?(host) + !(host.nil? || /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.match(host)) + end + end +end diff --git a/actionpack/lib/action_controller/dispatch/request_parser.rb b/actionpack/lib/action_controller/dispatch/request_parser.rb new file mode 100644 index 0000000000..d1739ef4d0 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/request_parser.rb @@ -0,0 +1,315 @@ +module ActionController + class RequestParser + def initialize(env) + @env = env + freeze + end + + def request_parameters + @env["action_controller.request_parser.request_parameters"] ||= parse_formatted_request_parameters + end + + def query_parameters + @env["action_controller.request_parser.query_parameters"] ||= self.class.parse_query_parameters(query_string) + end + + # Returns the query string, accounting for server idiosyncrasies. + def query_string + @env['QUERY_STRING'].present? ? @env['QUERY_STRING'] : (@env['REQUEST_URI'].split('?', 2)[1] || '') + end + + # The request body is an IO input stream. If the RAW_POST_DATA environment + # variable is already set, wrap it in a StringIO. + def body + if raw_post = @env['RAW_POST_DATA'] + raw_post.force_encoding(Encoding::BINARY) if raw_post.respond_to?(:force_encoding) + StringIO.new(raw_post) + else + @env['rack.input'] + end + end + + # The raw content type string with its parameters stripped off. + def content_type_without_parameters + self.class.extract_content_type_without_parameters(content_type_with_parameters) + end + + def raw_post + unless @env.include? 'RAW_POST_DATA' + @env['RAW_POST_DATA'] = body.read(content_length) + body.rewind if body.respond_to?(:rewind) + end + @env['RAW_POST_DATA'] + end + + private + + def parse_formatted_request_parameters + return {} if content_length.zero? + + content_type, boundary = self.class.extract_multipart_boundary(content_type_with_parameters) + + # Don't parse params for unknown requests. + return {} if content_type.blank? + + mime_type = Mime::Type.lookup(content_type) + strategy = ActionController::Base.param_parsers[mime_type] + + # Only multipart form parsing expects a stream. + body = (strategy && strategy != :multipart_form) ? raw_post : self.body + + case strategy + when Proc + strategy.call(body) + when :url_encoded_form + self.class.clean_up_ajax_request_body! body + self.class.parse_query_parameters(body) + when :multipart_form + self.class.parse_multipart_form_parameters(body, boundary, content_length, @env) + when :xml_simple, :xml_node + body.blank? ? {} : Hash.from_xml(body).with_indifferent_access + when :yaml + YAML.load(body) + when :json + if body.blank? + {} + else + data = ActiveSupport::JSON.decode(body) + data = {:_json => data} unless data.is_a?(Hash) + data.with_indifferent_access + end + else + {} + end + rescue Exception => e # YAML, XML or Ruby code block errors + raise + { "body" => body, + "content_type" => content_type_with_parameters, + "content_length" => content_length, + "exception" => "#{e.message} (#{e.class})", + "backtrace" => e.backtrace } + end + + def content_length + @env['CONTENT_LENGTH'].to_i + end + + # The raw content type string. Use when you need parameters such as + # charset or boundary which aren't included in the content_type MIME type. + # Overridden by the X-POST_DATA_FORMAT header for backward compatibility. + def content_type_with_parameters + content_type_from_legacy_post_data_format_header || @env['CONTENT_TYPE'].to_s + end + + def content_type_from_legacy_post_data_format_header + if x_post_format = @env['HTTP_X_POST_DATA_FORMAT'] + case x_post_format.to_s.downcase + when 'yaml'; 'application/x-yaml' + when 'xml'; 'application/xml' + end + end + end + + class << self + def parse_query_parameters(query_string) + return {} if query_string.blank? + + pairs = query_string.split('&').collect do |chunk| + next if chunk.empty? + key, value = chunk.split('=', 2) + next if key.empty? + value = value.nil? ? nil : CGI.unescape(value) + [ CGI.unescape(key), value ] + end.compact + + UrlEncodedPairParser.new(pairs).result + end + + def parse_request_parameters(params) + parser = UrlEncodedPairParser.new + + params = params.dup + until params.empty? + for key, value in params + if key.blank? + params.delete key + elsif !key.include?('[') + # much faster to test for the most common case first (GET) + # and avoid the call to build_deep_hash + parser.result[key] = get_typed_value(value[0]) + params.delete key + elsif value.is_a?(Array) + parser.parse(key, get_typed_value(value.shift)) + params.delete key if value.empty? + else + raise TypeError, "Expected array, found #{value.inspect}" + end + end + end + + parser.result + end + + def parse_multipart_form_parameters(body, boundary, body_size, env) + parse_request_parameters(read_multipart(body, boundary, body_size, env)) + end + + def extract_multipart_boundary(content_type_with_parameters) + if content_type_with_parameters =~ MULTIPART_BOUNDARY + ['multipart/form-data', $1.dup] + else + extract_content_type_without_parameters(content_type_with_parameters) + end + end + + def extract_content_type_without_parameters(content_type_with_parameters) + $1.strip.downcase if content_type_with_parameters =~ /^([^,\;]*)/ + end + + def clean_up_ajax_request_body!(body) + body.chop! if body[-1] == 0 + body.gsub!(/&_=$/, '') + end + + + private + def get_typed_value(value) + case value + when String + value + when NilClass + '' + when Array + value.map { |v| get_typed_value(v) } + else + if value.respond_to? :original_filename + # Uploaded file + if value.original_filename + value + # Multipart param + else + result = value.read + value.rewind + result + end + # Unknown value, neither string nor multipart. + else + raise "Unknown form value: #{value.inspect}" + end + end + end + + MULTIPART_BOUNDARY = %r|\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?|n + + EOL = "\015\012" + + def read_multipart(body, boundary, body_size, env) + params = Hash.new([]) + boundary = "--" + boundary + quoted_boundary = Regexp.quote(boundary) + buf = "" + bufsize = 10 * 1024 + boundary_end="" + + # start multipart/form-data + body.binmode if defined? body.binmode + case body + when File + body.set_encoding(Encoding::BINARY) if body.respond_to?(:set_encoding) + when StringIO + body.string.force_encoding(Encoding::BINARY) if body.string.respond_to?(:force_encoding) + end + boundary_size = boundary.size + EOL.size + body_size -= boundary_size + status = body.read(boundary_size) + if nil == status + raise EOFError, "no content body" + elsif boundary + EOL != status + raise EOFError, "bad content body" + end + + loop do + head = nil + content = + if 10240 < body_size + UploadedTempfile.new("CGI") + else + UploadedStringIO.new + end + content.binmode if defined? content.binmode + + until head and /#{quoted_boundary}(?:#{EOL}|--)/n.match(buf) + + if (not head) and /#{EOL}#{EOL}/n.match(buf) + buf = buf.sub(/\A((?:.|\n)*?#{EOL})#{EOL}/n) do + head = $1.dup + "" + end + next + end + + if head and ( (EOL + boundary + EOL).size < buf.size ) + content.print buf[0 ... (buf.size - (EOL + boundary + EOL).size)] + buf[0 ... (buf.size - (EOL + boundary + EOL).size)] = "" + end + + c = if bufsize < body_size + body.read(bufsize) + else + body.read(body_size) + end + if c.nil? || c.empty? + raise EOFError, "bad content body" + end + buf.concat(c) + body_size -= c.size + end + + buf = buf.sub(/\A((?:.|\n)*?)(?:[\r\n]{1,2})?#{quoted_boundary}([\r\n]{1,2}|--)/n) do + content.print $1 + if "--" == $2 + body_size = -1 + end + boundary_end = $2.dup + "" + end + + content.rewind + + head =~ /Content-Disposition:.* filename=(?:"((?:\\.|[^\"])*)"|([^;]*))/ni + if filename = $1 || $2 + if /Mac/ni.match(env['HTTP_USER_AGENT']) and + /Mozilla/ni.match(env['HTTP_USER_AGENT']) and + (not /MSIE/ni.match(env['HTTP_USER_AGENT'])) + filename = CGI.unescape(filename) + end + content.original_path = filename.dup + end + + head =~ /Content-Type: ([^\r]*)/ni + content.content_type = $1.dup if $1 + + head =~ /Content-Disposition:.* name="?([^\";]*)"?/ni + name = $1.dup if $1 + + if params.has_key?(name) + params[name].push(content) + else + params[name] = [content] + end + break if body_size == -1 + end + raise EOFError, "bad boundary end of body part" unless boundary_end=~/--/ + + begin + body.rewind if body.respond_to?(:rewind) + rescue Errno::ESPIPE + # Handles exceptions raised by input streams that cannot be rewound + # such as when using plain CGI under Apache + end + + params + end + end # class << self + end +end diff --git a/actionpack/lib/action_controller/dispatch/rescue.rb b/actionpack/lib/action_controller/dispatch/rescue.rb new file mode 100644 index 0000000000..0293e62fc7 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/rescue.rb @@ -0,0 +1,179 @@ +module ActionController #:nodoc: + # Actions that fail to perform as expected throw exceptions. These + # exceptions can either be rescued for the public view (with a nice + # user-friendly explanation) or for the developers view (with tons of + # debugging information). The developers view is already implemented by + # the Action Controller, but the public view should be tailored to your + # specific application. + # + # The default behavior for public exceptions is to render a static html + # file with the name of the error code thrown. If no such file exists, an + # empty response is sent with the correct status code. + # + # You can override what constitutes a local request by overriding the + # local_request? method in your own controller. Custom rescue + # behavior is achieved by overriding the rescue_action_in_public + # and rescue_action_locally methods. + module Rescue + LOCALHOST = '127.0.0.1'.freeze + + DEFAULT_RESCUE_RESPONSE = :internal_server_error + DEFAULT_RESCUE_RESPONSES = { + 'ActionController::RoutingError' => :not_found, + 'ActionController::UnknownAction' => :not_found, + 'ActiveRecord::RecordNotFound' => :not_found, + 'ActiveRecord::StaleObjectError' => :conflict, + 'ActiveRecord::RecordInvalid' => :unprocessable_entity, + 'ActiveRecord::RecordNotSaved' => :unprocessable_entity, + 'ActionController::MethodNotAllowed' => :method_not_allowed, + 'ActionController::NotImplemented' => :not_implemented, + 'ActionController::InvalidAuthenticityToken' => :unprocessable_entity + } + + DEFAULT_RESCUE_TEMPLATE = 'diagnostics' + DEFAULT_RESCUE_TEMPLATES = { + 'ActionView::MissingTemplate' => 'missing_template', + 'ActionController::RoutingError' => 'routing_error', + 'ActionController::UnknownAction' => 'unknown_action', + 'ActionView::TemplateError' => 'template_error' + } + + RESCUES_TEMPLATE_PATH = ActionView::Template::EagerPath.new( + File.join(File.dirname(__FILE__), "templates")) + + def self.included(base) #:nodoc: + base.cattr_accessor :rescue_responses + base.rescue_responses = Hash.new(DEFAULT_RESCUE_RESPONSE) + base.rescue_responses.update DEFAULT_RESCUE_RESPONSES + + base.cattr_accessor :rescue_templates + base.rescue_templates = Hash.new(DEFAULT_RESCUE_TEMPLATE) + base.rescue_templates.update DEFAULT_RESCUE_TEMPLATES + + base.extend(ClassMethods) + base.send :include, ActiveSupport::Rescuable + + base.class_eval do + alias_method_chain :perform_action, :rescue + end + end + + module ClassMethods + def call_with_exception(env, exception) #:nodoc: + request = env["action_controller.rescue.request"] ||= ActionController::Request.new(env) + response = env["action_controller.rescue.response"] ||= ActionController::Response.new + new.process(request, response, :rescue_action, exception) + end + end + + protected + # Exception handler called when the performance of an action raises + # an exception. + def rescue_action(exception) + rescue_with_handler(exception) || + rescue_action_without_handler(exception) + end + + # Overwrite to implement custom logging of errors. By default + # logs as fatal. + def log_error(exception) #:doc: + ActiveSupport::Deprecation.silence do + if ActionView::TemplateError === exception + logger.fatal(exception.to_s) + else + logger.fatal( + "\n#{exception.class} (#{exception.message}):\n " + + clean_backtrace(exception).join("\n ") + "\n\n" + ) + end + end + end + + # Overwrite to implement public exception handling (for requests + # answering false to local_request?). By default will call + # render_optional_error_file. Override this method to provide more + # user friendly error messages. + def rescue_action_in_public(exception) #:doc: + render_optional_error_file response_code_for_rescue(exception) + end + + # Attempts to render a static error page based on the + # status_code thrown, or just return headers if no such file + # exists. For example, if a 500 error is being handled Rails will first + # attempt to render the file at public/500.html. If the file + # doesn't exist, the body of the response will be left empty. + def render_optional_error_file(status_code) + status = interpret_status(status_code) + path = "#{Rails.public_path}/#{status.to_s[0,3]}.html" + if File.exist?(path) + render :file => path, :status => status, :content_type => Mime::HTML + else + head status + end + end + + # True if the request came from localhost, 127.0.0.1. Override this + # method if you wish to redefine the meaning of a local request to + # include remote IP addresses or other criteria. + def local_request? #:doc: + request.remote_addr == LOCALHOST && request.remote_ip == LOCALHOST + end + + # Render detailed diagnostics for unhandled exceptions rescued from + # a controller action. + def rescue_action_locally(exception) + @template.instance_variable_set("@exception", exception) + @template.instance_variable_set("@rescues_path", RESCUES_TEMPLATE_PATH) + @template.instance_variable_set("@contents", + @template._render_template(template_path_for_local_rescue(exception))) + + response.content_type = Mime::HTML + response.status = interpret_status(response_code_for_rescue(exception)) + + content = @template._render_template(rescues_path("layout")) + render_for_text(content) + end + + def rescue_action_without_handler(exception) + log_error(exception) if logger + erase_results if performed? + + # Let the exception alter the response if it wants. + # For example, MethodNotAllowed sets the Allow header. + if exception.respond_to?(:handle_response!) + exception.handle_response!(response) + end + + if consider_all_requests_local || local_request? + rescue_action_locally(exception) + else + rescue_action_in_public(exception) + end + end + + private + def perform_action_with_rescue #:nodoc: + perform_action_without_rescue + rescue Exception => exception + rescue_action(exception) + end + + def rescues_path(template_name) + RESCUES_TEMPLATE_PATH.find_template("rescues/#{template_name}.erb") + end + + def template_path_for_local_rescue(exception) + rescues_path(rescue_templates[exception.class.name]) + end + + def response_code_for_rescue(exception) + rescue_responses[exception.class.name] + end + + def clean_backtrace(exception) + defined?(Rails) && Rails.respond_to?(:backtrace_cleaner) ? + Rails.backtrace_cleaner.clean(exception.backtrace) : + exception.backtrace + end + end +end diff --git a/actionpack/lib/action_controller/dispatch/response.rb b/actionpack/lib/action_controller/dispatch/response.rb new file mode 100644 index 0000000000..27860a6207 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/response.rb @@ -0,0 +1,255 @@ +require 'digest/md5' + +module ActionController # :nodoc: + # Represents an HTTP response generated by a controller action. One can use + # an ActionController::Response object to retrieve the current state + # of the response, or customize the response. An Response object can + # either represent a "real" HTTP response (i.e. one that is meant to be sent + # back to the web browser) or a test response (i.e. one that is generated + # from integration tests). See CgiResponse and TestResponse, respectively. + # + # Response is mostly a Ruby on Rails framework implement detail, and + # should never be used directly in controllers. Controllers should use the + # methods defined in ActionController::Base instead. For example, if you want + # to set the HTTP response's content MIME type, then use + # ActionControllerBase#headers instead of Response#headers. + # + # Nevertheless, integration tests may want to inspect controller responses in + # more detail, and that's when Response can be useful for application + # developers. Integration test methods such as + # ActionController::Integration::Session#get and + # ActionController::Integration::Session#post return objects of type + # TestResponse (which are of course also of type Response). + # + # For example, the following demo integration "test" prints the body of the + # controller response to the console: + # + # class DemoControllerTest < ActionController::IntegrationTest + # def test_print_root_path_to_console + # get('/') + # puts @response.body + # end + # end + class Response < Rack::Response + DEFAULT_HEADERS = { "Cache-Control" => "no-cache" } + attr_accessor :request + + attr_accessor :session, :assigns, :template, :layout + attr_accessor :redirected_to, :redirected_to_method_params + + delegate :default_charset, :to => 'ActionController::Base' + + def initialize + @status = 200 + @header = DEFAULT_HEADERS.dup + + @writer = lambda { |x| @body << x } + @block = nil + + @body = "", + @session, @assigns = [], [] + end + + def location; headers['Location'] end + def location=(url) headers['Location'] = url end + + + # Sets the HTTP response's content MIME type. For example, in the controller + # you could write this: + # + # response.content_type = "text/plain" + # + # If a character set has been defined for this response (see charset=) then + # the character set information will also be included in the content type + # information. + def content_type=(mime_type) + self.headers["Content-Type"] = + if mime_type =~ /charset/ || (c = charset).nil? + mime_type.to_s + else + "#{mime_type}; charset=#{c}" + end + end + + # Returns the response's content MIME type, or nil if content type has been set. + def content_type + content_type = String(headers["Content-Type"] || headers["type"]).split(";")[0] + content_type.blank? ? nil : content_type + end + + # Set the charset of the Content-Type header. Set to nil to remove it. + # If no content type is set, it defaults to HTML. + def charset=(charset) + headers["Content-Type"] = + if charset + "#{content_type || Mime::HTML}; charset=#{charset}" + else + content_type || Mime::HTML.to_s + end + end + + def charset + charset = String(headers["Content-Type"] || headers["type"]).split(";")[1] + charset.blank? ? nil : charset.strip.split("=")[1] + end + + def last_modified + if last = headers['Last-Modified'] + Time.httpdate(last) + end + end + + def last_modified? + headers.include?('Last-Modified') + end + + def last_modified=(utc_time) + headers['Last-Modified'] = utc_time.httpdate + end + + def etag + headers['ETag'] + end + + def etag? + headers.include?('ETag') + end + + def etag=(etag) + if etag.blank? + headers.delete('ETag') + else + headers['ETag'] = %("#{Digest::MD5.hexdigest(ActiveSupport::Cache.expand_cache_key(etag))}") + end + end + + def redirect(url, status) + self.status = status + self.location = url.gsub(/[\r\n]/, '') + self.body = "You are being redirected." + end + + def sending_file? + headers["Content-Transfer-Encoding"] == "binary" + end + + def assign_default_content_type_and_charset! + self.content_type ||= Mime::HTML + self.charset ||= default_charset unless sending_file? + end + + def prepare! + assign_default_content_type_and_charset! + handle_conditional_get! + set_content_length! + convert_content_type! + convert_language! + convert_expires! + convert_cookies! + end + + def each(&callback) + if @body.respond_to?(:call) + @writer = lambda { |x| callback.call(x) } + @body.call(self, self) + elsif @body.is_a?(String) + @body.each_line(&callback) + else + @body.each(&callback) + end + + @writer = callback + @block.call(self) if @block + end + + def write(str) + @writer.call str.to_s + str + end + + # Over Rack::Response#set_cookie to add HttpOnly option + def set_cookie(key, value) + case value + when Hash + domain = "; domain=" + value[:domain] if value[:domain] + path = "; path=" + value[:path] if value[:path] + # According to RFC 2109, we need dashes here. + # N.B.: cgi.rb uses spaces... + expires = "; expires=" + value[:expires].clone.gmtime. + strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires] + secure = "; secure" if value[:secure] + httponly = "; HttpOnly" if value[:http_only] + value = value[:value] + end + value = [value] unless Array === value + cookie = ::Rack::Utils.escape(key) + "=" + + value.map { |v| ::Rack::Utils.escape v }.join("&") + + "#{domain}#{path}#{expires}#{secure}#{httponly}" + + case self["Set-Cookie"] + when Array + self["Set-Cookie"] << cookie + when String + self["Set-Cookie"] = [self["Set-Cookie"], cookie] + when nil + self["Set-Cookie"] = cookie + end + end + + private + def handle_conditional_get! + if etag? || last_modified? + set_conditional_cache_control! + elsif nonempty_ok_response? + self.etag = body + + if request && request.etag_matches?(etag) + self.status = '304 Not Modified' + self.body = '' + end + + set_conditional_cache_control! + end + end + + def nonempty_ok_response? + ok = !status || status.to_s[0..2] == '200' + ok && body.is_a?(String) && !body.empty? + end + + def set_conditional_cache_control! + if headers['Cache-Control'] == DEFAULT_HEADERS['Cache-Control'] + headers['Cache-Control'] = 'private, max-age=0, must-revalidate' + end + end + + def convert_content_type! + headers['Content-Type'] ||= "text/html" + headers['Content-Type'] += "; charset=" + headers.delete('charset') if headers['charset'] + end + + # Don't set the Content-Length for block-based bodies as that would mean + # reading it all into memory. Not nice for, say, a 2GB streaming file. + def set_content_length! + if status && status.to_s[0..2] == '204' + headers.delete('Content-Length') + elsif length = headers['Content-Length'] + headers['Content-Length'] = length.to_s + elsif !body.respond_to?(:call) && (!status || status.to_s[0..2] != '304') + headers["Content-Length"] = body.size.to_s + end + end + + def convert_language! + headers["Content-Language"] = headers.delete("language") if headers["language"] + end + + def convert_expires! + headers["Expires"] = headers.delete("") if headers["expires"] + end + + def convert_cookies! + headers['Set-Cookie'] = Array(headers['Set-Cookie']).compact + end + end +end diff --git a/actionpack/lib/action_controller/dispatch/rewindable_input.rb b/actionpack/lib/action_controller/dispatch/rewindable_input.rb new file mode 100644 index 0000000000..36f655c51e --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/rewindable_input.rb @@ -0,0 +1,28 @@ +module ActionController + class RewindableInput + class RewindableIO < ActiveSupport::BasicObject + def initialize(io) + @io = io + @rewindable = io.is_a?(StringIO) + end + + def method_missing(method, *args, &block) + unless @rewindable + @io = StringIO.new(@io.read) + @rewindable = true + end + + @io.__send__(method, *args, &block) + end + end + + def initialize(app) + @app = app + end + + def call(env) + env['rack.input'] = RewindableIO.new(env['rack.input']) + @app.call(env) + end + end +end diff --git a/actionpack/lib/action_controller/dispatch/status_codes.rb b/actionpack/lib/action_controller/dispatch/status_codes.rb new file mode 100644 index 0000000000..4977c79491 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/status_codes.rb @@ -0,0 +1,88 @@ +module ActionController + module StatusCodes #:nodoc: + # Defines the standard HTTP status codes, by integer, with their + # corresponding default message texts. + # Source: http://www.iana.org/assignments/http-status-codes + STATUS_CODES = { + 100 => "Continue", + 101 => "Switching Protocols", + 102 => "Processing", + + 200 => "OK", + 201 => "Created", + 202 => "Accepted", + 203 => "Non-Authoritative Information", + 204 => "No Content", + 205 => "Reset Content", + 206 => "Partial Content", + 207 => "Multi-Status", + 226 => "IM Used", + + 300 => "Multiple Choices", + 301 => "Moved Permanently", + 302 => "Found", + 303 => "See Other", + 304 => "Not Modified", + 305 => "Use Proxy", + 307 => "Temporary Redirect", + + 400 => "Bad Request", + 401 => "Unauthorized", + 402 => "Payment Required", + 403 => "Forbidden", + 404 => "Not Found", + 405 => "Method Not Allowed", + 406 => "Not Acceptable", + 407 => "Proxy Authentication Required", + 408 => "Request Timeout", + 409 => "Conflict", + 410 => "Gone", + 411 => "Length Required", + 412 => "Precondition Failed", + 413 => "Request Entity Too Large", + 414 => "Request-URI Too Long", + 415 => "Unsupported Media Type", + 416 => "Requested Range Not Satisfiable", + 417 => "Expectation Failed", + 422 => "Unprocessable Entity", + 423 => "Locked", + 424 => "Failed Dependency", + 426 => "Upgrade Required", + + 500 => "Internal Server Error", + 501 => "Not Implemented", + 502 => "Bad Gateway", + 503 => "Service Unavailable", + 504 => "Gateway Timeout", + 505 => "HTTP Version Not Supported", + 507 => "Insufficient Storage", + 510 => "Not Extended" + } + + # Provides a symbol-to-fixnum lookup for converting a symbol (like + # :created or :not_implemented) into its corresponding HTTP status + # code (like 200 or 501). + SYMBOL_TO_STATUS_CODE = STATUS_CODES.inject({}) do |hash, (code, message)| + hash[message.gsub(/ /, "").underscore.to_sym] = code + hash + end + + # Given a status parameter, determine whether it needs to be converted + # to a string. If it is a fixnum, use the STATUS_CODES hash to lookup + # the default message. If it is a symbol, use the SYMBOL_TO_STATUS_CODE + # hash to convert it. + def interpret_status(status) + case status + when Fixnum then + "#{status} #{STATUS_CODES[status]}".strip + when Symbol then + interpret_status(SYMBOL_TO_STATUS_CODE[status] || + "500 Unknown Status #{status.inspect}") + else + status.to_s + end + end + private :interpret_status + + end +end \ No newline at end of file diff --git a/actionpack/lib/action_controller/dispatch/templates/rescues/_request_and_response.erb b/actionpack/lib/action_controller/dispatch/templates/rescues/_request_and_response.erb new file mode 100644 index 0000000000..64b34650b1 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/templates/rescues/_request_and_response.erb @@ -0,0 +1,24 @@ +<% unless @exception.blamed_files.blank? %> + <% if (hide = @exception.blamed_files.length > 8) %> + Show blamed files + <% end %> + 
><%=h @exception.describe_blame %>
+<% end %> + +<% + clean_params = request.parameters.clone + clean_params.delete("action") + clean_params.delete("controller") + + request_dump = clean_params.empty? ? 'None' : clean_params.inspect.gsub(',', ",\n") +%> + +

Request

+

Parameters: 

<%=h request_dump %>

+ +

Show session dump

+ + + +

Response

+

Headers: 

<%=h response ? response.headers.inspect.gsub(',', ",\n") : 'None' %>

diff --git a/actionpack/lib/action_controller/dispatch/templates/rescues/_trace.erb b/actionpack/lib/action_controller/dispatch/templates/rescues/_trace.erb new file mode 100644 index 0000000000..bb2d8375bd --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/templates/rescues/_trace.erb @@ -0,0 +1,26 @@ +<% + traces = [ + ["Application Trace", @exception.application_backtrace], + ["Framework Trace", @exception.framework_backtrace], + ["Full Trace", @exception.clean_backtrace] + ] + names = traces.collect {|name, trace| name} +%> + +

RAILS_ROOT: <%= defined?(RAILS_ROOT) ? RAILS_ROOT : "unset" %>

+ +
+ <% names.each do |name| %> + <% + show = "document.getElementById('#{name.gsub /\s/, '-'}').style.display='block';" + hide = (names - [name]).collect {|hide_name| "document.getElementById('#{hide_name.gsub /\s/, '-'}').style.display='none';"} + %> + <%= name %> <%= '|' unless names.last == name %> + <% end %> + + <% traces.each do |name, trace| %> +
;"> + 
<%= trace.join "\n" %>
+
+ <% end %> +
diff --git a/actionpack/lib/action_controller/dispatch/templates/rescues/diagnostics.erb b/actionpack/lib/action_controller/dispatch/templates/rescues/diagnostics.erb new file mode 100644 index 0000000000..95be64511d --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/templates/rescues/diagnostics.erb @@ -0,0 +1,10 @@ +

+ <%=h @exception.class.to_s %> + <% if request.parameters['controller'] %> + in <%=h request.parameters['controller'].humanize %>Controller<% if request.parameters['action'] %>#<%=h request.parameters['action'] %><% end %> + <% end %> +

+
<%=h @exception.clean_message %>
+ +<%= @template._render_template(@rescues_path.find_template("rescues/_trace.erb")) %> +<%= @template._render_template(@rescues_path.find_template("rescues/_request_and_response.erb")) %> \ No newline at end of file diff --git a/actionpack/lib/action_controller/dispatch/templates/rescues/layout.erb b/actionpack/lib/action_controller/dispatch/templates/rescues/layout.erb new file mode 100644 index 0000000000..4a04742e40 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/templates/rescues/layout.erb @@ -0,0 +1,29 @@ + + + Action Controller: Exception caught + + + + +<%= @contents %> + + + \ No newline at end of file diff --git a/actionpack/lib/action_controller/dispatch/templates/rescues/missing_template.erb b/actionpack/lib/action_controller/dispatch/templates/rescues/missing_template.erb new file mode 100644 index 0000000000..dbfdf76947 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/templates/rescues/missing_template.erb @@ -0,0 +1,2 @@ +

Template is missing

+

<%=h @exception.message %>

diff --git a/actionpack/lib/action_controller/dispatch/templates/rescues/routing_error.erb b/actionpack/lib/action_controller/dispatch/templates/rescues/routing_error.erb new file mode 100644 index 0000000000..ccfa858cce --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/templates/rescues/routing_error.erb @@ -0,0 +1,10 @@ +

Routing Error

+

<%=h @exception.message %>

+<% unless @exception.failures.empty? %>

+

Failure reasons:

+
    + <% @exception.failures.each do |route, reason| %> +
  1. <%=h route.inspect.gsub('\\', '') %> failed because <%=h reason.downcase %>
    2. + <% end %> +
+

<% end %> diff --git a/actionpack/lib/action_controller/dispatch/templates/rescues/template_error.erb b/actionpack/lib/action_controller/dispatch/templates/rescues/template_error.erb new file mode 100644 index 0000000000..2e34e03bd5 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/templates/rescues/template_error.erb @@ -0,0 +1,21 @@ +

+ <%=h @exception.original_exception.class.to_s %> in + <%=h request.parameters["controller"].capitalize if request.parameters["controller"]%>#<%=h request.parameters["action"] %> +

+ +

+ Showing <%=h @exception.file_name %> where line #<%=h @exception.line_number %> raised: + 

<%=h @exception.message %>
+

+ +

Extracted source (around line #<%=h @exception.line_number %>): +

<%=h @exception.source_extract %>

+ +

<%=h @exception.sub_template_message %>

+ +<% @real_exception = @exception + @exception = @exception.original_exception || @exception %> +<%= render :file => @rescues_path["rescues/_trace.erb"] %> +<% @exception = @real_exception %> + +<%= render :file => @rescues_path["rescues/_request_and_response.erb"] %> diff --git a/actionpack/lib/action_controller/dispatch/templates/rescues/unknown_action.erb b/actionpack/lib/action_controller/dispatch/templates/rescues/unknown_action.erb new file mode 100644 index 0000000000..683379da10 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/templates/rescues/unknown_action.erb @@ -0,0 +1,2 @@ +

Unknown action

+

<%=h @exception.message %>

diff --git a/actionpack/lib/action_controller/dispatch/uploaded_file.rb b/actionpack/lib/action_controller/dispatch/uploaded_file.rb new file mode 100644 index 0000000000..376ba3621a --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/uploaded_file.rb @@ -0,0 +1,44 @@ +module ActionController + module UploadedFile + def self.included(base) + base.class_eval do + attr_accessor :original_path, :content_type + alias_method :local_path, :path + end + end + + def self.extended(object) + object.class_eval do + attr_accessor :original_path, :content_type + alias_method :local_path, :path + end + end + + # Take the basename of the upload's original filename. + # This handles the full Windows paths given by Internet Explorer + # (and perhaps other broken user agents) without affecting + # those which give the lone filename. + # The Windows regexp is adapted from Perl's File::Basename. + def original_filename + unless defined? @original_filename + @original_filename = + unless original_path.blank? + if original_path =~ /^(?:.*[:\\\/])?(.*)/m + $1 + else + File.basename original_path + end + end + end + @original_filename + end + end + + class UploadedStringIO < StringIO + include UploadedFile + end + + class UploadedTempfile < Tempfile + include UploadedFile + end +end diff --git a/actionpack/lib/action_controller/dispatch/url_encoded_pair_parser.rb b/actionpack/lib/action_controller/dispatch/url_encoded_pair_parser.rb new file mode 100644 index 0000000000..57594c4259 --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/url_encoded_pair_parser.rb @@ -0,0 +1,155 @@ +module ActionController + class UrlEncodedPairParser < StringScanner #:nodoc: + class << self + def parse_query_parameters(query_string) + return {} if query_string.blank? + + pairs = query_string.split('&').collect do |chunk| + next if chunk.empty? + key, value = chunk.split('=', 2) + next if key.empty? + value = value.nil? ? nil : CGI.unescape(value) + [ CGI.unescape(key), value ] + end.compact + + new(pairs).result + end + + def parse_hash_parameters(params) + parser = new + + params = params.dup + until params.empty? + for key, value in params + if key.blank? + params.delete(key) + elsif value.is_a?(Array) + parser.parse(key, get_typed_value(value.shift)) + params.delete(key) if value.empty? + else + parser.parse(key, get_typed_value(value)) + params.delete(key) + end + end + end + + parser.result + end + + private + def get_typed_value(value) + case value + when String + value + when NilClass + '' + when Array + value.map { |v| get_typed_value(v) } + when Hash + if value.has_key?(:tempfile) && value[:filename].any? + upload = value[:tempfile] + upload.extend(UploadedFile) + upload.original_path = value[:filename] + upload.content_type = value[:type] + upload + else + nil + end + else + raise "Unknown form value: #{value.inspect}" + end + end + end + + attr_reader :top, :parent, :result + + def initialize(pairs = []) + super('') + @result = {} + pairs.each { |key, value| parse(key, value) } + end + + KEY_REGEXP = %r{([^\[\]=&]+)} + BRACKETED_KEY_REGEXP = %r{\[([^\[\]=&]+)\]} + + # Parse the query string + def parse(key, value) + self.string = key + @top, @parent = result, nil + + # First scan the bare key + key = scan(KEY_REGEXP) or return + key = post_key_check(key) + + # Then scan as many nestings as present + until eos? + r = scan(BRACKETED_KEY_REGEXP) or return + key = self[1] + key = post_key_check(key) + end + + bind(key, value) + end + + private + # After we see a key, we must look ahead to determine our next action. Cases: + # + # [] follows the key. Then the value must be an array. + # = follows the key. (A value comes next) + # & or the end of string follows the key. Then the key is a flag. + # otherwise, a hash follows the key. + def post_key_check(key) + if scan(/\[\]/) # a[b][] indicates that b is an array + container(key, Array) + nil + elsif check(/\[[^\]]/) # a[b] indicates that a is a hash + container(key, Hash) + nil + else # End of key? We do nothing. + key + end + end + + # Add a container to the stack. + def container(key, klass) + type_conflict! klass, top[key] if top.is_a?(Hash) && top.key?(key) && ! top[key].is_a?(klass) + value = bind(key, klass.new) + type_conflict! klass, value unless value.is_a?(klass) + push(value) + end + + # Push a value onto the 'stack', which is actually only the top 2 items. + def push(value) + @parent, @top = @top, value + end + + # Bind a key (which may be nil for items in an array) to the provided value. + def bind(key, value) + if top.is_a? Array + if key + if top[-1].is_a?(Hash) && ! top[-1].key?(key) + top[-1][key] = value + else + top << {key => value}.with_indifferent_access + end + push top.last + return top[key] + else + top << value + return value + end + elsif top.is_a? Hash + key = CGI.unescape(key) + parent << (@top = {}) if top.key?(key) && parent.is_a?(Array) + top[key] ||= value + return top[key] + else + raise ArgumentError, "Don't know what to do: top is #{top.inspect}" + end + end + + def type_conflict!(klass, value) + raise TypeError, "Conflicting types for parameter containers. Expected an instance of #{klass} but found an instance of #{value.class}. This can be caused by colliding Array and Hash parameters like qs[]=value&qs[key]=value. (The parameters received were #{value.inspect}.)" + end + end +end diff --git a/actionpack/lib/action_controller/dispatcher.rb b/actionpack/lib/action_controller/dispatcher.rb deleted file mode 100644 index 781bc48887..0000000000 --- a/actionpack/lib/action_controller/dispatcher.rb +++ /dev/null @@ -1,116 +0,0 @@ -module ActionController - # Dispatches requests to the appropriate controller and takes care of - # reloading the app after each request when Dependencies.load? is true. - class Dispatcher - class << self - def define_dispatcher_callbacks(cache_classes) - unless cache_classes - # Development mode callbacks - before_dispatch :reload_application - after_dispatch :cleanup_application - - ActionView::Helpers::AssetTagHelper.cache_asset_timestamps = false - end - - if defined?(ActiveRecord) - after_dispatch :checkin_connections - to_prepare(:activerecord_instantiate_observers) { ActiveRecord::Base.instantiate_observers } - end - - after_dispatch :flush_logger if Base.logger && Base.logger.respond_to?(:flush) - - to_prepare do - I18n.reload! - end - end - - # DEPRECATE: Remove CGI support - def dispatch(cgi = nil, session_options = CgiRequest::DEFAULT_SESSION_OPTIONS, output = $stdout) - new(output).dispatch_cgi(cgi, session_options) - end - - # Add a preparation callback. Preparation callbacks are run before every - # request in development mode, and before the first request in production - # mode. - # - # An optional identifier may be supplied for the callback. If provided, - # to_prepare may be called again with the same identifier to replace the - # existing callback. Passing an identifier is a suggested practice if the - # code adding a preparation block may be reloaded. - def to_prepare(identifier = nil, &block) - @prepare_dispatch_callbacks ||= ActiveSupport::Callbacks::CallbackChain.new - callback = ActiveSupport::Callbacks::Callback.new(:prepare_dispatch, block, :identifier => identifier) - @prepare_dispatch_callbacks.replace_or_append!(callback) - end - end - - cattr_accessor :middleware - self.middleware = MiddlewareStack.new do |middleware| - middlewares = File.join(File.dirname(__FILE__), "middlewares.rb") - middleware.instance_eval(File.read(middlewares)) - end - - include ActiveSupport::Callbacks - define_callbacks :prepare_dispatch, :before_dispatch, :after_dispatch - - # DEPRECATE: Remove arguments, since they are only used by CGI - def initialize(output = $stdout, request = nil, response = nil) - @output = output - @app = @@middleware.build(lambda { |env| self.dup._call(env) }) - end - - def dispatch - begin - run_callbacks :before_dispatch - Routing::Routes.call(@env) - rescue Exception => exception - if controller ||= (::ApplicationController rescue Base) - controller.call_with_exception(@env, exception).to_a - else - raise exception - end - ensure - run_callbacks :after_dispatch, :enumerator => :reverse_each - end - end - - # DEPRECATE: Remove CGI support - def dispatch_cgi(cgi, session_options) - CGIHandler.dispatch_cgi(self, cgi, @output) - end - - def call(env) - @app.call(env) - end - - def _call(env) - @env = env - dispatch - end - - def reload_application - # Run prepare callbacks before every request in development mode - run_callbacks :prepare_dispatch - - Routing::Routes.reload - end - - # Cleanup the application by clearing out loaded classes so they can - # be reloaded on the next request without restarting the server. - def cleanup_application - ActiveRecord::Base.reset_subclasses if defined?(ActiveRecord) - ActiveSupport::Dependencies.clear - ActiveRecord::Base.clear_reloadable_connections! if defined?(ActiveRecord) - end - - def flush_logger - Base.logger.flush - end - - def checkin_connections - # Don't return connection (and peform implicit rollback) if this request is a part of integration test - return if @env.key?("rack.test") - ActiveRecord::Base.clear_active_connections! - end - end -end diff --git a/actionpack/lib/action_controller/failsafe.rb b/actionpack/lib/action_controller/failsafe.rb deleted file mode 100644 index 567581142c..0000000000 --- a/actionpack/lib/action_controller/failsafe.rb +++ /dev/null @@ -1,52 +0,0 @@ -module ActionController - class Failsafe - cattr_accessor :error_file_path - self.error_file_path = Rails.public_path if defined?(Rails.public_path) - - def initialize(app) - @app = app - end - - def call(env) - @app.call(env) - rescue Exception => exception - # Reraise exception in test environment - if env["rack.test"] - raise exception - else - failsafe_response(exception) - end - end - - private - def failsafe_response(exception) - log_failsafe_exception(exception) - [500, {'Content-Type' => 'text/html'}, failsafe_response_body] - rescue Exception => failsafe_error # Logger or IO errors - $stderr.puts "Error during failsafe response: #{failsafe_error}" - end - - def failsafe_response_body - error_path = "#{self.class.error_file_path}/500.html" - if File.exist?(error_path) - File.read(error_path) - else - "

500 Internal Server Error

" - end - end - - def log_failsafe_exception(exception) - message = "/!\\ FAILSAFE /!\\ #{Time.now}\n Status: 500 Internal Server Error\n" - message << " #{exception}\n #{exception.backtrace.join("\n ")}" if exception - failsafe_logger.fatal(message) - end - - def failsafe_logger - if defined?(Rails) && Rails.logger - Rails.logger - else - Logger.new($stderr) - end - end - end -end diff --git a/actionpack/lib/action_controller/filters.rb b/actionpack/lib/action_controller/filters.rb deleted file mode 100644 index 9022b8b279..0000000000 --- a/actionpack/lib/action_controller/filters.rb +++ /dev/null @@ -1,680 +0,0 @@ -module ActionController #:nodoc: - module Filters #:nodoc: - def self.included(base) - base.class_eval do - extend ClassMethods - include ActionController::Filters::InstanceMethods - end - end - - class FilterChain < ActiveSupport::Callbacks::CallbackChain #:nodoc: - def append_filter_to_chain(filters, filter_type, &block) - pos = find_filter_append_position(filters, filter_type) - update_filter_chain(filters, filter_type, pos, &block) - end - - def prepend_filter_to_chain(filters, filter_type, &block) - pos = find_filter_prepend_position(filters, filter_type) - update_filter_chain(filters, filter_type, pos, &block) - end - - def create_filters(filters, filter_type, &block) - filters, conditions = extract_options(filters, &block) - filters.map! { |filter| find_or_create_filter(filter, filter_type, conditions) } - filters - end - - def skip_filter_in_chain(*filters, &test) - filters, conditions = extract_options(filters) - filters.each do |filter| - if callback = find(filter) then delete(callback) end - end if conditions.empty? - update_filter_in_chain(filters, :skip => conditions, &test) - end - - private - def update_filter_chain(filters, filter_type, pos, &block) - new_filters = create_filters(filters, filter_type, &block) - insert(pos, new_filters).flatten! - end - - def find_filter_append_position(filters, filter_type) - # appending an after filter puts it at the end of the call chain - # before and around filters go before the first after filter in the chain - unless filter_type == :after - each_with_index do |f,i| - return i if f.after? - end - end - return -1 - end - - def find_filter_prepend_position(filters, filter_type) - # prepending a before or around filter puts it at the front of the call chain - # after filters go before the first after filter in the chain - if filter_type == :after - each_with_index do |f,i| - return i if f.after? - end - return -1 - end - return 0 - end - - def find_or_create_filter(filter, filter_type, options = {}) - update_filter_in_chain([filter], options) - - if found_filter = find(filter) { |f| f.type == filter_type } - found_filter - else - filter_kind = case - when filter.respond_to?(:before) && filter_type == :before - :before - when filter.respond_to?(:after) && filter_type == :after - :after - else - :filter - end - - case filter_type - when :before - BeforeFilter.new(filter_kind, filter, options) - when :after - AfterFilter.new(filter_kind, filter, options) - else - AroundFilter.new(filter_kind, filter, options) - end - end - end - - def update_filter_in_chain(filters, options, &test) - filters.map! { |f| block_given? ? find(f, &test) : find(f) } - filters.compact! - - map! do |filter| - if filters.include?(filter) - new_filter = filter.dup - new_filter.update_options!(options) - new_filter - else - filter - end - end - end - end - - class Filter < ActiveSupport::Callbacks::Callback #:nodoc: - def initialize(kind, method, options = {}) - super - update_options! options - end - - # override these to return true in appropriate subclass - def before? - false - end - - def after? - false - end - - def around? - false - end - - # Make sets of strings from :only/:except options - def update_options!(other) - if other - convert_only_and_except_options_to_sets_of_strings(other) - if other[:skip] - convert_only_and_except_options_to_sets_of_strings(other[:skip]) - end - end - - options.update(other) - end - - private - def should_not_skip?(controller) - if options[:skip] - !included_in_action?(controller, options[:skip]) - else - true - end - end - - def included_in_action?(controller, options) - if options[:only] - options[:only].include?(controller.action_name) - elsif options[:except] - !options[:except].include?(controller.action_name) - else - true - end - end - - def should_run_callback?(controller) - should_not_skip?(controller) && included_in_action?(controller, options) && super - end - - def convert_only_and_except_options_to_sets_of_strings(opts) - [:only, :except].each do |key| - if values = opts[key] - opts[key] = Array(values).map(&:to_s).to_set - end - end - end - end - - class AroundFilter < Filter #:nodoc: - def type - :around - end - - def around? - true - end - - def call(controller, &block) - if should_run_callback?(controller) - method = filter_responds_to_before_and_after? ? around_proc : self.method - - # For around_filter do |controller, action| - if method.is_a?(Proc) && method.arity == 2 - evaluate_method(method, controller, block) - else - evaluate_method(method, controller, &block) - end - else - block.call - end - end - - private - def filter_responds_to_before_and_after? - method.respond_to?(:before) && method.respond_to?(:after) - end - - def around_proc - Proc.new do |controller, action| - method.before(controller) - - if controller.__send__(:performed?) - controller.__send__(:halt_filter_chain, method, :rendered_or_redirected) - else - begin - action.call - ensure - method.after(controller) - end - end - end - end - end - - class BeforeFilter < Filter #:nodoc: - def type - :before - end - - def before? - true - end - - def call(controller, &block) - super - if controller.__send__(:performed?) - controller.__send__(:halt_filter_chain, method, :rendered_or_redirected) - end - end - end - - class AfterFilter < Filter #:nodoc: - def type - :after - end - - def after? - true - end - end - - # Filters enable controllers to run shared pre- and post-processing code for its actions. These filters can be used to do - # authentication, caching, or auditing before the intended action is performed. Or to do localization or output - # compression after the action has been performed. Filters have access to the request, response, and all the instance - # variables set by other filters in the chain or by the action (in the case of after filters). - # - # == Filter inheritance - # - # Controller inheritance hierarchies share filters downwards, but subclasses can also add or skip filters without - # affecting the superclass. For example: - # - # class BankController < ActionController::Base - # before_filter :audit - # - # private - # def audit - # # record the action and parameters in an audit log - # end - # end - # - # class VaultController < BankController - # before_filter :verify_credentials - # - # private - # def verify_credentials - # # make sure the user is allowed into the vault - # end - # end - # - # Now any actions performed on the BankController will have the audit method called before. On the VaultController, - # first the audit method is called, then the verify_credentials method. If the audit method renders or redirects, then - # verify_credentials and the intended action are never called. - # - # == Filter types - # - # A filter can take one of three forms: method reference (symbol), external class, or inline method (proc). The first - # is the most common and works by referencing a protected or private method somewhere in the inheritance hierarchy of - # the controller by use of a symbol. In the bank example above, both BankController and VaultController use this form. - # - # Using an external class makes for more easily reused generic filters, such as output compression. External filter classes - # are implemented by having a static +filter+ method on any class and then passing this class to the filter method. Example: - # - # class OutputCompressionFilter - # def self.filter(controller) - # controller.response.body = compress(controller.response.body) - # end - # end - # - # class NewspaperController < ActionController::Base - # after_filter OutputCompressionFilter - # end - # - # The filter method is passed the controller instance and is hence granted access to all aspects of the controller and can - # manipulate them as it sees fit. - # - # The inline method (using a proc) can be used to quickly do something small that doesn't require a lot of explanation. - # Or just as a quick test. It works like this: - # - # class WeblogController < ActionController::Base - # before_filter { |controller| head(400) if controller.params["stop_action"] } - # end - # - # As you can see, the block expects to be passed the controller after it has assigned the request to the internal variables. - # This means that the block has access to both the request and response objects complete with convenience methods for params, - # session, template, and assigns. Note: The inline method doesn't strictly have to be a block; any object that responds to call - # and returns 1 or -1 on arity will do (such as a Proc or an Method object). - # - # Please note that around_filters function a little differently than the normal before and after filters with regard to filter - # types. Please see the section dedicated to around_filters below. - # - # == Filter chain ordering - # - # Using before_filter and after_filter appends the specified filters to the existing chain. That's usually - # just fine, but some times you care more about the order in which the filters are executed. When that's the case, you - # can use prepend_before_filter and prepend_after_filter. Filters added by these methods will be put at the - # beginning of their respective chain and executed before the rest. For example: - # - # class ShoppingController < ActionController::Base - # before_filter :verify_open_shop - # - # class CheckoutController < ShoppingController - # prepend_before_filter :ensure_items_in_cart, :ensure_items_in_stock - # - # The filter chain for the CheckoutController is now :ensure_items_in_cart, :ensure_items_in_stock, - # :verify_open_shop. So if either of the ensure filters renders or redirects, we'll never get around to see if the shop - # is open or not. - # - # You may pass multiple filter arguments of each type as well as a filter block. - # If a block is given, it is treated as the last argument. - # - # == Around filters - # - # Around filters wrap an action, executing code both before and after. - # They may be declared as method references, blocks, or objects responding - # to +filter+ or to both +before+ and +after+. - # - # To use a method as an +around_filter+, pass a symbol naming the Ruby method. - # Yield (or block.call) within the method to run the action. - # - # around_filter :catch_exceptions - # - # private - # def catch_exceptions - # yield - # rescue => exception - # logger.debug "Caught exception! #{exception}" - # raise - # end - # - # To use a block as an +around_filter+, pass a block taking as args both - # the controller and the action block. You can't call yield directly from - # an +around_filter+ block; explicitly call the action block instead: - # - # around_filter do |controller, action| - # logger.debug "before #{controller.action_name}" - # action.call - # logger.debug "after #{controller.action_name}" - # end - # - # To use a filter object with +around_filter+, pass an object responding - # to :filter or both :before and :after. With a - # filter method, yield to the block as above: - # - # around_filter BenchmarkingFilter - # - # class BenchmarkingFilter - # def self.filter(controller, &block) - # Benchmark.measure(&block) - # end - # end - # - # With +before+ and +after+ methods: - # - # around_filter Authorizer.new - # - # class Authorizer - # # This will run before the action. Redirecting aborts the action. - # def before(controller) - # unless user.authorized? - # redirect_to(login_url) - # end - # end - # - # # This will run after the action if and only if before did not render or redirect. - # def after(controller) - # end - # end - # - # If the filter has +before+ and +after+ methods, the +before+ method will be - # called before the action. If +before+ renders or redirects, the filter chain is - # halted and +after+ will not be run. See Filter Chain Halting below for - # an example. - # - # == Filter chain skipping - # - # Declaring a filter on a base class conveniently applies to its subclasses, - # but sometimes a subclass should skip some of its superclass' filters: - # - # class ApplicationController < ActionController::Base - # before_filter :authenticate - # around_filter :catch_exceptions - # end - # - # class WeblogController < ApplicationController - # # Will run the :authenticate and :catch_exceptions filters. - # end - # - # class SignupController < ApplicationController - # # Skip :authenticate, run :catch_exceptions. - # skip_before_filter :authenticate - # end - # - # class ProjectsController < ApplicationController - # # Skip :catch_exceptions, run :authenticate. - # skip_filter :catch_exceptions - # end - # - # class ClientsController < ApplicationController - # # Skip :catch_exceptions and :authenticate unless action is index. - # skip_filter :catch_exceptions, :authenticate, :except => :index - # end - # - # == Filter conditions - # - # Filters may be limited to specific actions by declaring the actions to - # include or exclude. Both options accept single actions - # (:only => :index) or arrays of actions - # (:except => [:foo, :bar]). - # - # class Journal < ActionController::Base - # # Require authentication for edit and delete. - # before_filter :authorize, :only => [:edit, :delete] - # - # # Passing options to a filter with a block. - # around_filter(:except => :index) do |controller, action_block| - # results = Profiler.run(&action_block) - # controller.response.sub! "", "#{results}" - # end - # - # private - # def authorize - # # Redirect to login unless authenticated. - # end - # end - # - # == Filter Chain Halting - # - # before_filter and around_filter may halt the request - # before a controller action is run. This is useful, for example, to deny - # access to unauthenticated users or to redirect from HTTP to HTTPS. - # Simply call render or redirect. After filters will not be executed if the filter - # chain is halted. - # - # Around filters halt the request unless the action block is called. - # Given these filters - # after_filter :after - # around_filter :around - # before_filter :before - # - # The filter chain will look like: - # - # ... - # . \ - # . #around (code before yield) - # . . \ - # . . #before (actual filter code is run) - # . . . \ - # . . . execute controller action - # . . . / - # . . ... - # . . / - # . #around (code after yield) - # . / - # #after (actual filter code is run, unless the around filter does not yield) - # - # If +around+ returns before yielding, +after+ will still not be run. The +before+ - # filter and controller action will not be run. If +before+ renders or redirects, - # the second half of +around+ and will still run but +after+ and the - # action will not. If +around+ fails to yield, +after+ will not be run. - module ClassMethods - # The passed filters will be appended to the filter_chain and - # will execute before the action on this controller is performed. - def append_before_filter(*filters, &block) - filter_chain.append_filter_to_chain(filters, :before, &block) - end - - # The passed filters will be prepended to the filter_chain and - # will execute before the action on this controller is performed. - def prepend_before_filter(*filters, &block) - filter_chain.prepend_filter_to_chain(filters, :before, &block) - end - - # Shorthand for append_before_filter since it's the most common. - alias :before_filter :append_before_filter - - # The passed filters will be appended to the array of filters - # that run _after_ actions on this controller are performed. - def append_after_filter(*filters, &block) - filter_chain.append_filter_to_chain(filters, :after, &block) - end - - # The passed filters will be prepended to the array of filters - # that run _after_ actions on this controller are performed. - def prepend_after_filter(*filters, &block) - filter_chain.prepend_filter_to_chain(filters, :after, &block) - end - - # Shorthand for append_after_filter since it's the most common. - alias :after_filter :append_after_filter - - # If you append_around_filter A.new, B.new, the filter chain looks like - # - # B#before - # A#before - # # run the action - # A#after - # B#after - # - # With around filters which yield to the action block, +before+ and +after+ - # are the code before and after the yield. - def append_around_filter(*filters, &block) - filter_chain.append_filter_to_chain(filters, :around, &block) - end - - # If you prepend_around_filter A.new, B.new, the filter chain looks like: - # - # A#before - # B#before - # # run the action - # B#after - # A#after - # - # With around filters which yield to the action block, +before+ and +after+ - # are the code before and after the yield. - def prepend_around_filter(*filters, &block) - filter_chain.prepend_filter_to_chain(filters, :around, &block) - end - - # Shorthand for +append_around_filter+ since it's the most common. - alias :around_filter :append_around_filter - - # Removes the specified filters from the +before+ filter chain. Note that this only works for skipping method-reference - # filters, not procs. This is especially useful for managing the chain in inheritance hierarchies where only one out - # of many sub-controllers need a different hierarchy. - # - # You can control the actions to skip the filter for with the :only and :except options, - # just like when you apply the filters. - def skip_before_filter(*filters) - filter_chain.skip_filter_in_chain(*filters, &:before?) - end - - # Removes the specified filters from the +after+ filter chain. Note that this only works for skipping method-reference - # filters, not procs. This is especially useful for managing the chain in inheritance hierarchies where only one out - # of many sub-controllers need a different hierarchy. - # - # You can control the actions to skip the filter for with the :only and :except options, - # just like when you apply the filters. - def skip_after_filter(*filters) - filter_chain.skip_filter_in_chain(*filters, &:after?) - end - - # Removes the specified filters from the filter chain. This only works for method reference (symbol) - # filters, not procs. This method is different from skip_after_filter and skip_before_filter in that - # it will match any before, after or yielding around filter. - # - # You can control the actions to skip the filter for with the :only and :except options, - # just like when you apply the filters. - def skip_filter(*filters) - filter_chain.skip_filter_in_chain(*filters) - end - - # Returns an array of Filter objects for this controller. - def filter_chain - if chain = read_inheritable_attribute('filter_chain') - return chain - else - write_inheritable_attribute('filter_chain', FilterChain.new) - return filter_chain - end - end - - # Returns all the before filters for this class and all its ancestors. - # This method returns the actual filter that was assigned in the controller to maintain existing functionality. - def before_filters #:nodoc: - filter_chain.select(&:before?).map(&:method) - end - - # Returns all the after filters for this class and all its ancestors. - # This method returns the actual filter that was assigned in the controller to maintain existing functionality. - def after_filters #:nodoc: - filter_chain.select(&:after?).map(&:method) - end - end - - module InstanceMethods # :nodoc: - def self.included(base) - base.class_eval do - alias_method_chain :perform_action, :filters - alias_method_chain :process, :filters - end - end - - protected - def process_with_filters(request, response, method = :perform_action, *arguments) #:nodoc: - @before_filter_chain_aborted = false - process_without_filters(request, response, method, *arguments) - end - - def perform_action_with_filters - call_filters(self.class.filter_chain, 0, 0) - end - - private - def call_filters(chain, index, nesting) - index = run_before_filters(chain, index, nesting) - aborted = @before_filter_chain_aborted - perform_action_without_filters unless performed? || aborted - return index if nesting != 0 || aborted - run_after_filters(chain, index) - end - - def run_before_filters(chain, index, nesting) - while chain[index] - filter, index = chain[index], index - break unless filter # end of call chain reached - - case filter - when BeforeFilter - filter.call(self) # invoke before filter - index = index.next - break if @before_filter_chain_aborted - when AroundFilter - yielded = false - - filter.call(self) do - yielded = true - # all remaining before and around filters will be run in this call - index = call_filters(chain, index.next, nesting.next) - end - - halt_filter_chain(filter, :did_not_yield) unless yielded - - break - else - break # no before or around filters left - end - end - - index - end - - def run_after_filters(chain, index) - seen_after_filter = false - - while chain[index] - filter, index = chain[index], index - break unless filter # end of call chain reached - - case filter - when AfterFilter - seen_after_filter = true - filter.call(self) # invoke after filter - else - # implementation error or someone has mucked with the filter chain - raise ActionControllerError, "filter #{filter.inspect} was in the wrong place!" if seen_after_filter - end - - index = index.next - end - - index.next - end - - def halt_filter_chain(filter, reason) - @before_filter_chain_aborted = true - logger.info "Filter chain halted as [#{filter.inspect}] #{reason}." if logger - end - end - end -end diff --git a/actionpack/lib/action_controller/flash.rb b/actionpack/lib/action_controller/flash.rb deleted file mode 100644 index 56ee9c67e2..0000000000 --- a/actionpack/lib/action_controller/flash.rb +++ /dev/null @@ -1,163 +0,0 @@ -module ActionController #:nodoc: - # The flash provides a way to pass temporary objects between actions. Anything you place in the flash will be exposed - # to the very next action and then cleared out. This is a great way of doing notices and alerts, such as a create - # action that sets flash[:notice] = "Successfully created" before redirecting to a display action that can - # then expose the flash to its template. Actually, that exposure is automatically done. Example: - # - # class PostsController < ActionController::Base - # def create - # # save post - # flash[:notice] = "Successfully created post" - # redirect_to posts_path(@post) - # end - # - # def show - # # doesn't need to assign the flash notice to the template, that's done automatically - # end - # end - # - # show.html.erb - # <% if flash[:notice] %> - #
<%= flash[:notice] %>
- # <% end %> - # - # This example just places a string in the flash, but you can put any object in there. And of course, you can put as - # many as you like at a time too. Just remember: They'll be gone by the time the next action has been performed. - # - # See docs on the FlashHash class for more details about the flash. - module Flash - def self.included(base) - base.class_eval do - include InstanceMethods - alias_method_chain :perform_action, :flash - alias_method_chain :reset_session, :flash - end - end - - class FlashNow #:nodoc: - def initialize(flash) - @flash = flash - end - - def []=(k, v) - @flash[k] = v - @flash.discard(k) - v - end - - def [](k) - @flash[k] - end - end - - class FlashHash < Hash - def initialize #:nodoc: - super - @used = {} - end - - def []=(k, v) #:nodoc: - keep(k) - super - end - - def update(h) #:nodoc: - h.keys.each { |k| keep(k) } - super - end - - alias :merge! :update - - def replace(h) #:nodoc: - @used = {} - super - end - - # Sets a flash that will not be available to the next action, only to the current. - # - # flash.now[:message] = "Hello current action" - # - # This method enables you to use the flash as a central messaging system in your app. - # When you need to pass an object to the next action, you use the standard flash assign ([]=). - # When you need to pass an object to the current action, you use now, and your object will - # vanish when the current action is done. - # - # Entries set via now are accessed the same way as standard entries: flash['my-key']. - def now - FlashNow.new(self) - end - - # Keeps either the entire current flash or a specific flash entry available for the next action: - # - # flash.keep # keeps the entire flash - # flash.keep(:notice) # keeps only the "notice" entry, the rest of the flash is discarded - def keep(k = nil) - use(k, false) - end - - # Marks the entire flash or a single flash entry to be discarded by the end of the current action: - # - # flash.discard # discard the entire flash at the end of the current action - # flash.discard(:warning) # discard only the "warning" entry at the end of the current action - def discard(k = nil) - use(k) - end - - # Mark for removal entries that were kept, and delete unkept ones. - # - # This method is called automatically by filters, so you generally don't need to care about it. - def sweep #:nodoc: - keys.each do |k| - unless @used[k] - use(k) - else - delete(k) - @used.delete(k) - end - end - - # clean up after keys that could have been left over by calling reject! or shift on the flash - (@used.keys - keys).each{ |k| @used.delete(k) } - end - - private - # Used internally by the keep and discard methods - # use() # marks the entire flash as used - # use('msg') # marks the "msg" entry as used - # use(nil, false) # marks the entire flash as unused (keeps it around for one more action) - # use('msg', false) # marks the "msg" entry as unused (keeps it around for one more action) - def use(k=nil, v=true) - unless k.nil? - @used[k] = v - else - keys.each{ |key| use(key, v) } - end - end - end - - module InstanceMethods #:nodoc: - protected - def perform_action_with_flash - perform_action_without_flash - remove_instance_variable(:@_flash) if defined? @_flash - end - - def reset_session_with_flash - reset_session_without_flash - remove_instance_variable(:@_flash) if defined? @_flash - end - - # Access the contents of the flash. Use flash["notice"] to - # read a notice you put there or flash["notice"] = "hello" - # to put a new one. - def flash #:doc: - unless defined? @_flash - @_flash = session["flash"] ||= FlashHash.new - @_flash.sweep - end - - @_flash - end - end - end -end diff --git a/actionpack/lib/action_controller/headers.rb b/actionpack/lib/action_controller/headers.rb deleted file mode 100644 index 139669c66f..0000000000 --- a/actionpack/lib/action_controller/headers.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'active_support/memoizable' - -module ActionController - module Http - class Headers < ::Hash - extend ActiveSupport::Memoizable - - def initialize(*args) - if args.size == 1 && args[0].is_a?(Hash) - super() - update(args[0]) - else - super - end - end - - def [](header_name) - if include?(header_name) - super - else - super(env_name(header_name)) - end - end - - private - # Converts a HTTP header name to an environment variable name. - def env_name(header_name) - "HTTP_#{header_name.upcase.gsub(/-/, '_')}" - end - memoize :env_name - end - end -end diff --git a/actionpack/lib/action_controller/helpers.rb b/actionpack/lib/action_controller/helpers.rb deleted file mode 100644 index ba65032f6a..0000000000 --- a/actionpack/lib/action_controller/helpers.rb +++ /dev/null @@ -1,225 +0,0 @@ -require 'active_support/dependencies' - -# FIXME: helper { ... } is broken on Ruby 1.9 -module ActionController #:nodoc: - module Helpers #:nodoc: - def self.included(base) - # Initialize the base module to aggregate its helpers. - base.class_inheritable_accessor :master_helper_module - base.master_helper_module = Module.new - - # Set the default directory for helpers - base.class_inheritable_accessor :helpers_dir - base.helpers_dir = (defined?(RAILS_ROOT) ? "#{RAILS_ROOT}/app/helpers" : "app/helpers") - - # Extend base with class methods to declare helpers. - base.extend(ClassMethods) - - base.class_eval do - # Wrap inherited to create a new master helper module for subclasses. - class << self - alias_method_chain :inherited, :helper - end - end - end - - # The Rails framework provides a large number of helpers for working with +assets+, +dates+, +forms+, - # +numbers+ and Active Record objects, to name a few. These helpers are available to all templates - # by default. - # - # In addition to using the standard template helpers provided in the Rails framework, creating custom helpers to - # extract complicated logic or reusable functionality is strongly encouraged. By default, the controller will - # include a helper whose name matches that of the controller, e.g., MyController will automatically - # include MyHelper. - # - # Additional helpers can be specified using the +helper+ class method in ActionController::Base or any - # controller which inherits from it. - # - # ==== Examples - # The +to_s+ method from the Time class can be wrapped in a helper method to display a custom message if - # the Time object is blank: - # - # module FormattedTimeHelper - # def format_time(time, format=:long, blank_message=" ") - # time.blank? ? blank_message : time.to_s(format) - # end - # end - # - # FormattedTimeHelper can now be included in a controller, using the +helper+ class method: - # - # class EventsController < ActionController::Base - # helper FormattedTimeHelper - # def index - # @events = Event.find(:all) - # end - # end - # - # Then, in any view rendered by EventController, the format_time method can be called: - # - # <% @events.each do |event| -%> - #

- # <% format_time(event.time, :short, "N/A") %> | <%= event.name %> - #

- # <% end -%> - # - # Finally, assuming we have two event instances, one which has a time and one which does not, - # the output might look like this: - # - # 23 Aug 11:30 | Carolina Railhawks Soccer Match - # N/A | Carolina Railhaws Training Workshop - # - module ClassMethods - # Makes all the (instance) methods in the helper module available to templates rendered through this controller. - # See ActionView::Helpers (link:classes/ActionView/Helpers.html) for more about making your own helper modules - # available to the templates. - def add_template_helper(helper_module) #:nodoc: - master_helper_module.module_eval { include helper_module } - end - - # The +helper+ class method can take a series of helper module names, a block, or both. - # - # * *args: One or more modules, strings or symbols, or the special symbol :all. - # * &block: A block defining helper methods. - # - # ==== Examples - # When the argument is a string or symbol, the method will provide the "_helper" suffix, require the file - # and include the module in the template class. The second form illustrates how to include custom helpers - # when working with namespaced controllers, or other cases where the file containing the helper definition is not - # in one of Rails' standard load paths: - # helper :foo # => requires 'foo_helper' and includes FooHelper - # helper 'resources/foo' # => requires 'resources/foo_helper' and includes Resources::FooHelper - # - # When the argument is a module it will be included directly in the template class. - # helper FooHelper # => includes FooHelper - # - # When the argument is the symbol :all, the controller will include all helpers beneath - # ActionController::Base.helpers_dir (defaults to app/helpers/**/*.rb under RAILS_ROOT). - # helper :all - # - # Additionally, the +helper+ class method can receive and evaluate a block, making the methods defined available - # to the template. - # # One line - # helper { def hello() "Hello, world!" end } - # # Multi-line - # helper do - # def foo(bar) - # "#{bar} is the very best" - # end - # end - # - # Finally, all the above styles can be mixed together, and the +helper+ method can be invoked with a mix of - # +symbols+, +strings+, +modules+ and blocks. - # helper(:three, BlindHelper) { def mice() 'mice' end } - # - def helper(*args, &block) - args.flatten.each do |arg| - case arg - when Module - add_template_helper(arg) - when :all - helper(all_application_helpers) - when String, Symbol - file_name = arg.to_s.underscore + '_helper' - class_name = file_name.camelize - - begin - require_dependency(file_name) - rescue LoadError => load_error - requiree = / -- (.*?)(\.rb)?$/.match(load_error.message).to_a[1] - if requiree == file_name - msg = "Missing helper file helpers/#{file_name}.rb" - raise LoadError.new(msg).copy_blame!(load_error) - else - raise - end - end - - add_template_helper(class_name.constantize) - else - raise ArgumentError, "helper expects String, Symbol, or Module argument (was: #{args.inspect})" - end - end - - # Evaluate block in template class if given. - master_helper_module.module_eval(&block) if block_given? - end - - # Declare a controller method as a helper. For example, the following - # makes the +current_user+ controller method available to the view: - # class ApplicationController < ActionController::Base - # helper_method :current_user, :logged_in? - # - # def current_user - # @current_user ||= User.find_by_id(session[:user]) - # end - # - # def logged_in? - # current_user != nil - # end - # end - # - # In a view: - # <% if logged_in? -%>Welcome, <%= current_user.name %><% end -%> - def helper_method(*methods) - methods.flatten.each do |method| - master_helper_module.module_eval <<-end_eval - def #{method}(*args, &block) # def current_user(*args, &block) - controller.send(%(#{method}), *args, &block) # controller.send(%(current_user), *args, &block) - end # end - end_eval - end - end - - # Declares helper accessors for controller attributes. For example, the - # following adds new +name+ and name= instance methods to a - # controller and makes them available to the view: - # helper_attr :name - # attr_accessor :name - def helper_attr(*attrs) - attrs.flatten.each { |attr| helper_method(attr, "#{attr}=") } - end - - # Provides a proxy to access helpers methods from outside the view. - def helpers - unless @helper_proxy - @helper_proxy = ActionView::Base.new - @helper_proxy.extend master_helper_module - else - @helper_proxy - end - end - - private - def default_helper_module! - unless name.blank? - module_name = name.sub(/Controller$|$/, 'Helper') - module_path = module_name.split('::').map { |m| m.underscore }.join('/') - require_dependency module_path - helper module_name.constantize - end - rescue MissingSourceFile => e - raise unless e.is_missing? module_path - rescue NameError => e - raise unless e.missing_name? module_name - end - - def inherited_with_helper(child) - inherited_without_helper(child) - - begin - child.master_helper_module = Module.new - child.master_helper_module.__send__ :include, master_helper_module - child.__send__ :default_helper_module! - rescue MissingSourceFile => e - raise unless e.is_missing?("helpers/#{child.controller_path}_helper") - end - end - - # Extract helper names from files in app/helpers/**/*.rb - def all_application_helpers - extract = /^#{Regexp.quote(helpers_dir)}\/?(.*)_helper.rb$/ - Dir["#{helpers_dir}/**/*_helper.rb"].map { |file| file.sub extract, '\1' } - end - end - end -end diff --git a/actionpack/lib/action_controller/http_authentication.rb b/actionpack/lib/action_controller/http_authentication.rb deleted file mode 100644 index 2ed810db7d..0000000000 --- a/actionpack/lib/action_controller/http_authentication.rb +++ /dev/null @@ -1,124 +0,0 @@ -module ActionController - module HttpAuthentication - # Makes it dead easy to do HTTP Basic authentication. - # - # Simple Basic example: - # - # class PostsController < ApplicationController - # USER_NAME, PASSWORD = "dhh", "secret" - # - # before_filter :authenticate, :except => [ :index ] - # - # def index - # render :text => "Everyone can see me!" - # end - # - # def edit - # render :text => "I'm only accessible if you know the password" - # end - # - # private - # def authenticate - # authenticate_or_request_with_http_basic do |user_name, password| - # user_name == USER_NAME && password == PASSWORD - # end - # end - # end - # - # - # Here is a more advanced Basic example where only Atom feeds and the XML API is protected by HTTP authentication, - # the regular HTML interface is protected by a session approach: - # - # class ApplicationController < ActionController::Base - # before_filter :set_account, :authenticate - # - # protected - # def set_account - # @account = Account.find_by_url_name(request.subdomains.first) - # end - # - # def authenticate - # case request.format - # when Mime::XML, Mime::ATOM - # if user = authenticate_with_http_basic { |u, p| @account.users.authenticate(u, p) } - # @current_user = user - # else - # request_http_basic_authentication - # end - # else - # if session_authenticated? - # @current_user = @account.users.find(session[:authenticated][:user_id]) - # else - # redirect_to(login_url) and return false - # end - # end - # end - # end - # - # - # In your integration tests, you can do something like this: - # - # def test_access_granted_from_xml - # get( - # "/notes/1.xml", nil, - # :authorization => ActionController::HttpAuthentication::Basic.encode_credentials(users(:dhh).name, users(:dhh).password) - # ) - # - # assert_equal 200, status - # end - # - # - # On shared hosts, Apache sometimes doesn't pass authentication headers to - # FCGI instances. If your environment matches this description and you cannot - # authenticate, try this rule in your Apache setup: - # - # RewriteRule ^(.*)$ dispatch.fcgi [E=X-HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L] - module Basic - extend self - - module ControllerMethods - def authenticate_or_request_with_http_basic(realm = "Application", &login_procedure) - authenticate_with_http_basic(&login_procedure) || request_http_basic_authentication(realm) - end - - def authenticate_with_http_basic(&login_procedure) - HttpAuthentication::Basic.authenticate(self, &login_procedure) - end - - def request_http_basic_authentication(realm = "Application") - HttpAuthentication::Basic.authentication_request(self, realm) - end - end - - def authenticate(controller, &login_procedure) - unless authorization(controller.request).blank? - login_procedure.call(*user_name_and_password(controller.request)) - end - end - - def user_name_and_password(request) - decode_credentials(request).split(/:/, 2) - end - - def authorization(request) - request.env['HTTP_AUTHORIZATION'] || - request.env['X-HTTP_AUTHORIZATION'] || - request.env['X_HTTP_AUTHORIZATION'] || - request.env['REDIRECT_X_HTTP_AUTHORIZATION'] - end - - def decode_credentials(request) - ActiveSupport::Base64.decode64(authorization(request).split.last || '') - end - - def encode_credentials(user_name, password) - "Basic #{ActiveSupport::Base64.encode64("#{user_name}:#{password}")}" - end - - def authentication_request(controller, realm) - controller.headers["WWW-Authenticate"] = %(Basic realm="#{realm.gsub(/"/, "")}") - controller.__send__ :render, :text => "HTTP Basic: Access denied.\n", :status => :unauthorized - end - end - end -end diff --git a/actionpack/lib/action_controller/integration.rb b/actionpack/lib/action_controller/integration.rb deleted file mode 100644 index 163ba84a3e..0000000000 --- a/actionpack/lib/action_controller/integration.rb +++ /dev/null @@ -1,676 +0,0 @@ -require 'stringio' -require 'uri' -require 'active_support/test_case' - -module ActionController - module Integration #:nodoc: - # An integration Session instance represents a set of requests and responses - # performed sequentially by some virtual user. Becase you can instantiate - # multiple sessions and run them side-by-side, you can also mimic (to some - # limited extent) multiple simultaneous users interacting with your system. - # - # Typically, you will instantiate a new session using - # IntegrationTest#open_session, rather than instantiating - # Integration::Session directly. - class Session - include Test::Unit::Assertions - include ActionController::TestCase::Assertions - include ActionController::TestProcess - - # Rack application to use - attr_accessor :application - - # The integer HTTP status code of the last request. - attr_reader :status - - # The status message that accompanied the status code of the last request. - attr_reader :status_message - - # The URI of the last request. - attr_reader :path - - # The hostname used in the last request. - attr_accessor :host - - # The remote_addr used in the last request. - attr_accessor :remote_addr - - # The Accept header to send. - attr_accessor :accept - - # A map of the cookies returned by the last response, and which will be - # sent with the next request. - attr_reader :cookies - - # A map of the headers returned by the last response. - attr_reader :headers - - # A reference to the controller instance used by the last request. - attr_reader :controller - - # A reference to the request instance used by the last request. - attr_reader :request - - # A reference to the response instance used by the last request. - attr_reader :response - - # A running counter of the number of requests processed. - attr_accessor :request_count - - class MultiPartNeededException < Exception - end - - # Create and initialize a new Session instance. - def initialize(app = nil) - @application = app || ActionController::Dispatcher.new - reset! - end - - # Resets the instance. This can be used to reset the state information - # in an existing session instance, so it can be used from a clean-slate - # condition. - # - # session.reset! - def reset! - @status = @path = @headers = nil - @result = @status_message = nil - @https = false - @cookies = {} - @controller = @request = @response = nil - @request_count = 0 - - self.host = "www.example.com" - self.remote_addr = "127.0.0.1" - self.accept = "text/xml,application/xml,application/xhtml+xml," + - "text/html;q=0.9,text/plain;q=0.8,image/png," + - "*/*;q=0.5" - - unless defined? @named_routes_configured - # install the named routes in this session instance. - klass = class << self; self; end - Routing::Routes.install_helpers(klass) - - # the helpers are made protected by default--we make them public for - # easier access during testing and troubleshooting. - klass.module_eval { public *Routing::Routes.named_routes.helpers } - @named_routes_configured = true - end - end - - # Specify whether or not the session should mimic a secure HTTPS request. - # - # session.https! - # session.https!(false) - def https!(flag = true) - @https = flag - end - - # Return +true+ if the session is mimicking a secure HTTPS request. - # - # if session.https? - # ... - # end - def https? - @https - end - - # Set the host name to use in the next request. - # - # session.host! "www.example.com" - def host!(name) - @host = name - end - - # Follow a single redirect response. If the last response was not a - # redirect, an exception will be raised. Otherwise, the redirect is - # performed on the location header. - def follow_redirect! - raise "not a redirect! #{@status} #{@status_message}" unless redirect? - get(interpret_uri(headers['location'])) - status - end - - # Performs a request using the specified method, following any subsequent - # redirect. Note that the redirects are followed until the response is - # not a redirect--this means you may run into an infinite loop if your - # redirect loops back to itself. - def request_via_redirect(http_method, path, parameters = nil, headers = nil) - send(http_method, path, parameters, headers) - follow_redirect! while redirect? - status - end - - # Performs a GET request, following any subsequent redirect. - # See +request_via_redirect+ for more information. - def get_via_redirect(path, parameters = nil, headers = nil) - request_via_redirect(:get, path, parameters, headers) - end - - # Performs a POST request, following any subsequent redirect. - # See +request_via_redirect+ for more information. - def post_via_redirect(path, parameters = nil, headers = nil) - request_via_redirect(:post, path, parameters, headers) - end - - # Performs a PUT request, following any subsequent redirect. - # See +request_via_redirect+ for more information. - def put_via_redirect(path, parameters = nil, headers = nil) - request_via_redirect(:put, path, parameters, headers) - end - - # Performs a DELETE request, following any subsequent redirect. - # See +request_via_redirect+ for more information. - def delete_via_redirect(path, parameters = nil, headers = nil) - request_via_redirect(:delete, path, parameters, headers) - end - - # Returns +true+ if the last response was a redirect. - def redirect? - status/100 == 3 - end - - # Performs a GET request with the given parameters. - # - # - +path+: The URI (as a String) on which you want to perform a GET - # request. - # - +parameters+: The HTTP parameters that you want to pass. This may - # be +nil+, - # a Hash, or a String that is appropriately encoded - # (application/x-www-form-urlencoded or - # multipart/form-data). - # - +headers+: Additional HTTP headers to pass, as a Hash. The keys will - # automatically be upcased, with the prefix 'HTTP_' added if needed. - # - # This method returns an Response object, which one can use to - # inspect the details of the response. Furthermore, if this method was - # called from an ActionController::IntegrationTest object, then that - # object's @response instance variable will point to the same - # response object. - # - # You can also perform POST, PUT, DELETE, and HEAD requests with +post+, - # +put+, +delete+, and +head+. - def get(path, parameters = nil, headers = nil) - process :get, path, parameters, headers - end - - # Performs a POST request with the given parameters. See get() for more - # details. - def post(path, parameters = nil, headers = nil) - process :post, path, parameters, headers - end - - # Performs a PUT request with the given parameters. See get() for more - # details. - def put(path, parameters = nil, headers = nil) - process :put, path, parameters, headers - end - - # Performs a DELETE request with the given parameters. See get() for - # more details. - def delete(path, parameters = nil, headers = nil) - process :delete, path, parameters, headers - end - - # Performs a HEAD request with the given parameters. See get() for more - # details. - def head(path, parameters = nil, headers = nil) - process :head, path, parameters, headers - end - - # Performs an XMLHttpRequest request with the given parameters, mirroring - # a request from the Prototype library. - # - # The request_method is :get, :post, :put, :delete or :head; the - # parameters are +nil+, a hash, or a url-encoded or multipart string; - # the headers are a hash. Keys are automatically upcased and prefixed - # with 'HTTP_' if not already. - def xml_http_request(request_method, path, parameters = nil, headers = nil) - headers ||= {} - headers['X-Requested-With'] = 'XMLHttpRequest' - headers['Accept'] ||= [Mime::JS, Mime::HTML, Mime::XML, 'text/xml', Mime::ALL].join(', ') - process(request_method, path, parameters, headers) - end - alias xhr :xml_http_request - - # Returns the URL for the given options, according to the rules specified - # in the application's routes. - def url_for(options) - controller ? - controller.url_for(options) : - generic_url_rewriter.rewrite(options) - end - - private - # Tailors the session based on the given URI, setting the HTTPS value - # and the hostname. - def interpret_uri(path) - location = URI.parse(path) - https! URI::HTTPS === location if location.scheme - host! location.host if location.host - location.query ? "#{location.path}?#{location.query}" : location.path - end - - # Performs the actual request. - def process(method, path, parameters = nil, headers = nil) - data = requestify(parameters) - path = interpret_uri(path) if path =~ %r{://} - path = "/#{path}" unless path[0] == ?/ - @path = path - env = {} - - if method == :get - env["QUERY_STRING"] = data - data = nil - end - - env["QUERY_STRING"] ||= "" - - data = data.is_a?(IO) ? data : StringIO.new(data || '') - - env.update( - "REQUEST_METHOD" => method.to_s.upcase, - "SERVER_NAME" => host, - "SERVER_PORT" => (https? ? "443" : "80"), - "HTTPS" => https? ? "on" : "off", - "rack.url_scheme" => https? ? "https" : "http", - "SCRIPT_NAME" => "", - - "REQUEST_URI" => path, - "PATH_INFO" => path, - "HTTP_HOST" => host, - "REMOTE_ADDR" => remote_addr, - "CONTENT_TYPE" => "application/x-www-form-urlencoded", - "CONTENT_LENGTH" => data ? data.length.to_s : nil, - "HTTP_COOKIE" => encode_cookies, - "HTTP_ACCEPT" => accept, - - "rack.version" => [0,1], - "rack.input" => data, - "rack.errors" => StringIO.new, - "rack.multithread" => true, - "rack.multiprocess" => true, - "rack.run_once" => false, - - "rack.test" => true - ) - - (headers || {}).each do |key, value| - key = key.to_s.upcase.gsub(/-/, "_") - key = "HTTP_#{key}" unless env.has_key?(key) || key =~ /^HTTP_/ - env[key] = value - end - - [ControllerCapture, ActionController::ProcessWithTest].each do |mod| - unless ActionController::Base < mod - ActionController::Base.class_eval { include mod } - end - end - - ActionController::Base.clear_last_instantiation! - - app = Rack::Lint.new(@application) - - status, headers, body = app.call(env) - @request_count += 1 - - @html_document = nil - - @status = status.to_i - @status_message = StatusCodes::STATUS_CODES[@status] - - @headers = Rack::Utils::HeaderHash.new(headers) - - (@headers['Set-Cookie'] || []).each do |cookie| - name, value = cookie.match(/^([^=]*)=([^;]*);/)[1,2] - @cookies[name] = value - end - - @body = "" - body.each { |part| @body << part } - - if @controller = ActionController::Base.last_instantiation - @request = @controller.request - @response = @controller.response - @controller.send(:set_test_assigns) - else - # Decorate responses from Rack Middleware and Rails Metal - # as an Response for the purposes of integration testing - @response = Response.new - @response.status = status.to_s - @response.headers.replace(@headers) - @response.body = @body - end - - # Decorate the response with the standard behavior of the - # TestResponse so that things like assert_response can be - # used in integration tests. - @response.extend(TestResponseBehavior) - - return @status - rescue MultiPartNeededException - boundary = "----------XnJLe9ZIbbGUYtzPQJ16u1" - status = process(method, path, - multipart_body(parameters, boundary), - (headers || {}).merge( - {"CONTENT_TYPE" => "multipart/form-data; boundary=#{boundary}"})) - return status - end - - # Encode the cookies hash in a format suitable for passing to a - # request. - def encode_cookies - cookies.inject("") do |string, (name, value)| - string << "#{name}=#{value}; " - end - end - - # Get a temporary URL writer object - def generic_url_rewriter - env = { - 'REQUEST_METHOD' => "GET", - 'QUERY_STRING' => "", - "REQUEST_URI" => "/", - "HTTP_HOST" => host, - "SERVER_PORT" => https? ? "443" : "80", - "HTTPS" => https? ? "on" : "off" - } - UrlRewriter.new(Request.new(env), {}) - end - - def name_with_prefix(prefix, name) - prefix ? "#{prefix}[#{name}]" : name.to_s - end - - # Convert the given parameters to a request string. The parameters may - # be a string, +nil+, or a Hash. - def requestify(parameters, prefix=nil) - if TestUploadedFile === parameters - raise MultiPartNeededException - elsif Hash === parameters - return nil if parameters.empty? - parameters.map { |k,v| - requestify(v, name_with_prefix(prefix, k)) - }.join("&") - elsif Array === parameters - parameters.map { |v| - requestify(v, name_with_prefix(prefix, "")) - }.join("&") - elsif prefix.nil? - parameters - else - "#{CGI.escape(prefix)}=#{CGI.escape(parameters.to_s)}" - end - end - - def multipart_requestify(params, first=true) - returning Hash.new do |p| - params.each do |key, value| - k = first ? CGI.escape(key.to_s) : "[#{CGI.escape(key.to_s)}]" - if Hash === value - multipart_requestify(value, false).each do |subkey, subvalue| - p[k + subkey] = subvalue - end - else - p[k] = value - end - end - end - end - - def multipart_body(params, boundary) - multipart_requestify(params).map do |key, value| - if value.respond_to?(:original_filename) - File.open(value.path, "rb") do |f| - f.set_encoding(Encoding::BINARY) if f.respond_to?(:set_encoding) - - <<-EOF ---#{boundary}\r -Content-Disposition: form-data; name="#{key}"; filename="#{CGI.escape(value.original_filename)}"\r -Content-Type: #{value.content_type}\r -Content-Length: #{File.stat(value.path).size}\r -\r -#{f.read}\r -EOF - end - else -<<-EOF ---#{boundary}\r -Content-Disposition: form-data; name="#{key}"\r -\r -#{value}\r -EOF - end - end.join("")+"--#{boundary}--\r" - end - end - - # A module used to extend ActionController::Base, so that integration tests - # can capture the controller used to satisfy a request. - module ControllerCapture #:nodoc: - def self.included(base) - base.extend(ClassMethods) - base.class_eval do - class << self - alias_method_chain :new, :capture - end - end - end - - module ClassMethods #:nodoc: - mattr_accessor :last_instantiation - - def clear_last_instantiation! - self.last_instantiation = nil - end - - def new_with_capture(*args) - controller = new_without_capture(*args) - self.last_instantiation ||= controller - controller - end - end - end - - module Runner - # Reset the current session. This is useful for testing multiple sessions - # in a single test case. - def reset! - @integration_session = open_session - end - - %w(get post put head delete cookies assigns - xml_http_request xhr get_via_redirect post_via_redirect).each do |method| - define_method(method) do |*args| - reset! unless @integration_session - # reset the html_document variable, but only for new get/post calls - @html_document = nil unless %w(cookies assigns).include?(method) - returning @integration_session.__send__(method, *args) do - copy_session_variables! - end - end - end - - # Open a new session instance. If a block is given, the new session is - # yielded to the block before being returned. - # - # session = open_session do |sess| - # sess.extend(CustomAssertions) - # end - # - # By default, a single session is automatically created for you, but you - # can use this method to open multiple sessions that ought to be tested - # simultaneously. - def open_session(application = nil) - session = Integration::Session.new(application) - - # delegate the fixture accessors back to the test instance - extras = Module.new { attr_accessor :delegate, :test_result } - if self.class.respond_to?(:fixture_table_names) - self.class.fixture_table_names.each do |table_name| - name = table_name.tr(".", "_") - next unless respond_to?(name) - extras.__send__(:define_method, name) { |*args| - delegate.send(name, *args) - } - end - end - - # delegate add_assertion to the test case - extras.__send__(:define_method, :add_assertion) { - test_result.add_assertion - } - session.extend(extras) - session.delegate = self - session.test_result = @_result - - yield session if block_given? - session - end - - # Copy the instance variables from the current session instance into the - # test instance. - def copy_session_variables! #:nodoc: - return unless @integration_session - %w(controller response request).each do |var| - instance_variable_set("@#{var}", @integration_session.__send__(var)) - end - end - - # Delegate unhandled messages to the current session instance. - def method_missing(sym, *args, &block) - reset! unless @integration_session - returning @integration_session.__send__(sym, *args, &block) do - copy_session_variables! - end - end - end - end - - # An IntegrationTest is one that spans multiple controllers and actions, - # tying them all together to ensure they work together as expected. It tests - # more completely than either unit or functional tests do, exercising the - # entire stack, from the dispatcher to the database. - # - # At its simplest, you simply extend IntegrationTest and write your tests - # using the get/post methods: - # - # require "#{File.dirname(__FILE__)}/test_helper" - # - # class ExampleTest < ActionController::IntegrationTest - # fixtures :people - # - # def test_login - # # get the login page - # get "/login" - # assert_equal 200, status - # - # # post the login and follow through to the home page - # post "/login", :username => people(:jamis).username, - # :password => people(:jamis).password - # follow_redirect! - # assert_equal 200, status - # assert_equal "/home", path - # end - # end - # - # However, you can also have multiple session instances open per test, and - # even extend those instances with assertions and methods to create a very - # powerful testing DSL that is specific for your application. You can even - # reference any named routes you happen to have defined! - # - # require "#{File.dirname(__FILE__)}/test_helper" - # - # class AdvancedTest < ActionController::IntegrationTest - # fixtures :people, :rooms - # - # def test_login_and_speak - # jamis, david = login(:jamis), login(:david) - # room = rooms(:office) - # - # jamis.enter(room) - # jamis.speak(room, "anybody home?") - # - # david.enter(room) - # david.speak(room, "hello!") - # end - # - # private - # - # module CustomAssertions - # def enter(room) - # # reference a named route, for maximum internal consistency! - # get(room_url(:id => room.id)) - # assert(...) - # ... - # end - # - # def speak(room, message) - # xml_http_request "/say/#{room.id}", :message => message - # assert(...) - # ... - # end - # end - # - # def login(who) - # open_session do |sess| - # sess.extend(CustomAssertions) - # who = people(who) - # sess.post "/login", :username => who.username, - # :password => who.password - # assert(...) - # end - # end - # end - class IntegrationTest < ActiveSupport::TestCase - include Integration::Runner - - # Work around a bug in test/unit caused by the default test being named - # as a symbol (:default_test), which causes regex test filters - # (like "ruby test.rb -n /foo/") to fail because =~ doesn't work on - # symbols. - def initialize(name) #:nodoc: - super(name.to_s) - end - - # Work around test/unit's requirement that every subclass of TestCase have - # at least one test method. Note that this implementation extends to all - # subclasses, as well, so subclasses of IntegrationTest may also exist - # without any test methods. - def run(*args) #:nodoc: - return if @method_name == "default_test" - super - end - - # Because of how use_instantiated_fixtures and use_transactional_fixtures - # are defined, we need to treat them as special cases. Otherwise, users - # would potentially have to set their values for both Test::Unit::TestCase - # ActionController::IntegrationTest, since by the time the value is set on - # TestCase, IntegrationTest has already been defined and cannot inherit - # changes to those variables. So, we make those two attributes - # copy-on-write. - - class << self - def use_transactional_fixtures=(flag) #:nodoc: - @_use_transactional_fixtures = true - @use_transactional_fixtures = flag - end - - def use_instantiated_fixtures=(flag) #:nodoc: - @_use_instantiated_fixtures = true - @use_instantiated_fixtures = flag - end - - def use_transactional_fixtures #:nodoc: - @_use_transactional_fixtures ? - @use_transactional_fixtures : - superclass.use_transactional_fixtures - end - - def use_instantiated_fixtures #:nodoc: - @_use_instantiated_fixtures ? - @use_instantiated_fixtures : - superclass.use_instantiated_fixtures - end - end - end -end diff --git a/actionpack/lib/action_controller/layout.rb b/actionpack/lib/action_controller/layout.rb deleted file mode 100644 index 926ae26f92..0000000000 --- a/actionpack/lib/action_controller/layout.rb +++ /dev/null @@ -1,244 +0,0 @@ -module ActionController #:nodoc: - module Layout #:nodoc: - def self.included(base) - base.extend(ClassMethods) - base.class_inheritable_accessor :layout_name, :layout_conditions - end - - # Layouts reverse the common pattern of including shared headers and footers in many templates to isolate changes in - # repeated setups. The inclusion pattern has pages that look like this: - # - # <%= render "shared/header" %> - # Hello World - # <%= render "shared/footer" %> - # - # This approach is a decent way of keeping common structures isolated from the changing content, but it's verbose - # and if you ever want to change the structure of these two includes, you'll have to change all the templates. - # - # With layouts, you can flip it around and have the common structure know where to insert changing content. This means - # that the header and footer are only mentioned in one place, like this: - # - # // The header part of this layout - # <%= yield %> - # // The footer part of this layout - # - # And then you have content pages that look like this: - # - # hello world - # - # At rendering time, the content page is computed and then inserted in the layout, like this: - # - # // The header part of this layout - # hello world - # // The footer part of this layout - # - # NOTE: The old notation for rendering the view from a layout was to expose the magic @content_for_layout instance - # variable. The preferred notation now is to use yield, as documented above. - # - # == Accessing shared variables - # - # Layouts have access to variables specified in the content pages and vice versa. This allows you to have layouts with - # references that won't materialize before rendering time: - # - #

<%= @page_title %>

- # <%= yield %> - # - # ...and content pages that fulfill these references _at_ rendering time: - # - # <% @page_title = "Welcome" %> - # Off-world colonies offers you a chance to start a new life - # - # The result after rendering is: - # - #

Welcome

- # Off-world colonies offers you a chance to start a new life - # - # == Automatic layout assignment - # - # If there is a template in app/views/layouts/ with the same name as the current controller then it will be automatically - # set as that controller's layout unless explicitly told otherwise. Say you have a WeblogController, for example. If a template named - # app/views/layouts/weblog.erb or app/views/layouts/weblog.builder exists then it will be automatically set as - # the layout for your WeblogController. You can create a layout with the name application.erb or application.builder - # and this will be set as the default controller if there is no layout with the same name as the current controller and there is - # no layout explicitly assigned with the +layout+ method. Nested controllers use the same folder structure for automatic layout. - # assignment. So an Admin::WeblogController will look for a template named app/views/layouts/admin/weblog.erb. - # Setting a layout explicitly will always override the automatic behaviour for the controller where the layout is set. - # Explicitly setting the layout in a parent class, though, will not override the child class's layout assignment if the child - # class has a layout with the same name. - # - # == Inheritance for layouts - # - # Layouts are shared downwards in the inheritance hierarchy, but not upwards. Examples: - # - # class BankController < ActionController::Base - # layout "bank_standard" - # - # class InformationController < BankController - # - # class VaultController < BankController - # layout :access_level_layout - # - # class EmployeeController < BankController - # layout nil - # - # The InformationController uses "bank_standard" inherited from the BankController, the VaultController overwrites - # and picks the layout dynamically, and the EmployeeController doesn't want to use a layout at all. - # - # == Types of layouts - # - # Layouts are basically just regular templates, but the name of this template needs not be specified statically. Sometimes - # you want to alternate layouts depending on runtime information, such as whether someone is logged in or not. This can - # be done either by specifying a method reference as a symbol or using an inline method (as a proc). - # - # The method reference is the preferred approach to variable layouts and is used like this: - # - # class WeblogController < ActionController::Base - # layout :writers_and_readers - # - # def index - # # fetching posts - # end - # - # private - # def writers_and_readers - # logged_in? ? "writer_layout" : "reader_layout" - # end - # - # Now when a new request for the index action is processed, the layout will vary depending on whether the person accessing - # is logged in or not. - # - # If you want to use an inline method, such as a proc, do something like this: - # - # class WeblogController < ActionController::Base - # layout proc{ |controller| controller.logged_in? ? "writer_layout" : "reader_layout" } - # - # Of course, the most common way of specifying a layout is still just as a plain template name: - # - # class WeblogController < ActionController::Base - # layout "weblog_standard" - # - # If no directory is specified for the template name, the template will by default be looked for in app/views/layouts/. - # Otherwise, it will be looked up relative to the template root. - # - # == Conditional layouts - # - # If you have a layout that by default is applied to all the actions of a controller, you still have the option of rendering - # a given action or set of actions without a layout, or restricting a layout to only a single action or a set of actions. The - # :only and :except options can be passed to the layout call. For example: - # - # class WeblogController < ActionController::Base - # layout "weblog_standard", :except => :rss - # - # # ... - # - # end - # - # This will assign "weblog_standard" as the WeblogController's layout except for the +rss+ action, which will not wrap a layout - # around the rendered view. - # - # Both the :only and :except condition can accept an arbitrary number of method references, so - # #:except => [ :rss, :text_only ] is valid, as is :except => :rss. - # - # == Using a different layout in the action render call - # - # If most of your actions use the same layout, it makes perfect sense to define a controller-wide layout as described above. - # Sometimes you'll have exceptions where one action wants to use a different layout than the rest of the controller. - # You can do this by passing a :layout option to the render call. For example: - # - # class WeblogController < ActionController::Base - # layout "weblog_standard" - # - # def help - # render :action => "help", :layout => "help" - # end - # end - # - # This will render the help action with the "help" layout instead of the controller-wide "weblog_standard" layout. - module ClassMethods - extend ActiveSupport::Memoizable - - # If a layout is specified, all rendered actions will have their result rendered - # when the layout yields. This layout can itself depend on instance variables assigned during action - # performance and have access to them as any normal template would. - def layout(template_name, conditions = {}, auto = false) - add_layout_conditions(conditions) - self.layout_name = template_name - end - - def memoized_default_layout(formats) #:nodoc: - self.layout_name || begin - layout = default_layout_name - layout.is_a?(String) ? find_layout(layout, formats) : layout - rescue ActionView::MissingTemplate - end - end - - def default_layout(*args) - (@_memoized_default_layout ||= ::ActiveSupport::ConcurrentHash.new)[args] ||= memoized_default_layout(*args) - end - - def memoized_find_layout(layout, formats) #:nodoc: - return layout if layout.nil? || layout.respond_to?(:render) - prefix = layout.to_s =~ /layouts\// ? nil : "layouts" - view_paths.find_by_parts(layout.to_s, formats, prefix) - end - - def find_layout(*args) - (@_memoized_find_layout ||= ::ActiveSupport::ConcurrentHash.new)[args] ||= memoized_find_layout(*args) - end - - def layout_list #:nodoc: - Array(view_paths).sum([]) { |path| Dir["#{path}/layouts/**/*"] } - end - memoize :layout_list - - def default_layout_name - layout_match = name.underscore.sub(/_controller$/, '') - if layout_list.grep(%r{layouts/#{layout_match}(\.[a-z][0-9a-z]*)+$}).empty? - superclass.default_layout_name if superclass.respond_to?(:default_layout_name) - else - layout_match - end - end - memoize :default_layout_name - - private - def add_layout_conditions(conditions) - # :except => :foo == :except => [:foo] == :except => "foo" == :except => ["foo"] - conditions.each {|k, v| conditions[k] = Array(v).map {|a| a.to_s} } - write_inheritable_hash(:layout_conditions, conditions) - end - end - - def active_layout(name) - name = self.class.default_layout(formats) if name == true - - layout_name = case name - when Symbol then __send__(name) - when Proc then name.call(self) - else name - end - - self.class.find_layout(layout_name, formats) - end - - def _pick_layout(layout_name, implicit = false) - return unless layout_name || implicit - layout_name = true if layout_name.nil? - active_layout(layout_name) if action_has_layout? && layout_name - end - - private - def action_has_layout? - if conditions = self.class.layout_conditions - if only = conditions[:only] - return only.include?(action_name) - elsif except = conditions[:except] - return !except.include?(action_name) - end - end - true - end - - end -end diff --git a/actionpack/lib/action_controller/middleware_stack.rb b/actionpack/lib/action_controller/middleware_stack.rb deleted file mode 100644 index dbc2fda41e..0000000000 --- a/actionpack/lib/action_controller/middleware_stack.rb +++ /dev/null @@ -1,109 +0,0 @@ -module ActionController - class MiddlewareStack < Array - class Middleware - def self.new(klass, *args, &block) - if klass.is_a?(self) - klass - else - super - end - end - - attr_reader :args, :block - - def initialize(klass, *args, &block) - @klass = klass - - options = args.extract_options! - if options.has_key?(:if) - @conditional = options.delete(:if) - else - @conditional = true - end - args << options unless options.empty? - - @args = args - @block = block - end - - def klass - if @klass.is_a?(Class) - @klass - else - @klass.to_s.constantize - end - rescue NameError - @klass - end - - def active? - if @conditional.respond_to?(:call) - @conditional.call - else - @conditional - end - end - - def ==(middleware) - case middleware - when Middleware - klass == middleware.klass - when Class - klass == middleware - else - klass == middleware.to_s.constantize - end - end - - def inspect - str = klass.to_s - args.each { |arg| str += ", #{arg.inspect}" } - str - end - - def build(app) - if block - klass.new(app, *args, &block) - else - klass.new(app, *args) - end - end - end - - def initialize(*args, &block) - super(*args) - block.call(self) if block_given? - end - - def insert(index, *args, &block) - index = self.index(index) unless index.is_a?(Integer) - middleware = Middleware.new(*args, &block) - super(index, middleware) - end - - alias_method :insert_before, :insert - - def insert_after(index, *args, &block) - index = self.index(index) unless index.is_a?(Integer) - insert(index + 1, *args, &block) - end - - def swap(target, *args, &block) - insert_before(target, *args, &block) - delete(target) - end - - def use(*args, &block) - middleware = Middleware.new(*args, &block) - push(middleware) - end - - def active - find_all { |middleware| middleware.active? } - end - - def build(app) - active.reverse.inject(app) { |a, e| e.build(a) } - end - end -end diff --git a/actionpack/lib/action_controller/middlewares.rb b/actionpack/lib/action_controller/middlewares.rb deleted file mode 100644 index f9cfc2b18e..0000000000 --- a/actionpack/lib/action_controller/middlewares.rb +++ /dev/null @@ -1,21 +0,0 @@ -use "Rack::Lock", :if => lambda { - !ActionController::Base.allow_concurrency -} - -use "ActionController::Failsafe" - -["ActionController::Session::CookieStore", - "ActionController::Session::MemCacheStore", - "ActiveRecord::SessionStore"].each do |store| - use(store, ActionController::Base.session_options, - :if => lambda { - if session_store = ActionController::Base.session_store - session_store.name == store - end - } - ) -end - -use "ActionController::RewindableInput" -use "ActionController::ParamsParser" -use "Rack::MethodOverride" diff --git a/actionpack/lib/action_controller/mime/default_types.rb b/actionpack/lib/action_controller/mime/default_types.rb new file mode 100644 index 0000000000..2d7fba1173 --- /dev/null +++ b/actionpack/lib/action_controller/mime/default_types.rb @@ -0,0 +1,21 @@ +# Build list of Mime types for HTTP responses +# http://www.iana.org/assignments/media-types/ + +Mime::Type.register "*/*", :all +Mime::Type.register "text/plain", :text, [], %w(txt) +Mime::Type.register "text/html", :html, %w( application/xhtml+xml ), %w( xhtml ) +Mime::Type.register "text/javascript", :js, %w( application/javascript application/x-javascript ) +Mime::Type.register "text/css", :css +Mime::Type.register "text/calendar", :ics +Mime::Type.register "text/csv", :csv +Mime::Type.register "application/xml", :xml, %w( text/xml application/x-xml ) +Mime::Type.register "application/rss+xml", :rss +Mime::Type.register "application/atom+xml", :atom +Mime::Type.register "application/x-yaml", :yaml, %w( text/yaml ) + +Mime::Type.register "multipart/form-data", :multipart_form +Mime::Type.register "application/x-www-form-urlencoded", :url_encoded_form + +# http://www.ietf.org/rfc/rfc4627.txt +# http://www.json.org/JSONRequest.html +Mime::Type.register "application/json", :json, %w( text/x-json application/jsonrequest ) \ No newline at end of file diff --git a/actionpack/lib/action_controller/mime/responds.rb b/actionpack/lib/action_controller/mime/responds.rb new file mode 100644 index 0000000000..bac225ab2a --- /dev/null +++ b/actionpack/lib/action_controller/mime/responds.rb @@ -0,0 +1,190 @@ +module ActionController #:nodoc: + module MimeResponds #:nodoc: + def self.included(base) + base.module_eval do + include ActionController::MimeResponds::InstanceMethods + end + end + + module InstanceMethods + # Without web-service support, an action which collects the data for displaying a list of people + # might look something like this: + # + # def index + # @people = Person.find(:all) + # end + # + # Here's the same action, with web-service support baked in: + # + # def index + # @people = Person.find(:all) + # + # respond_to do |format| + # format.html + # format.xml { render :xml => @people.to_xml } + # end + # end + # + # What that says is, "if the client wants HTML in response to this action, just respond as we + # would have before, but if the client wants XML, return them the list of people in XML format." + # (Rails determines the desired response format from the HTTP Accept header submitted by the client.) + # + # Supposing you have an action that adds a new person, optionally creating their company + # (by name) if it does not already exist, without web-services, it might look like this: + # + # def create + # @company = Company.find_or_create_by_name(params[:company][:name]) + # @person = @company.people.create(params[:person]) + # + # redirect_to(person_list_url) + # end + # + # Here's the same action, with web-service support baked in: + # + # def create + # company = params[:person].delete(:company) + # @company = Company.find_or_create_by_name(company[:name]) + # @person = @company.people.create(params[:person]) + # + # respond_to do |format| + # format.html { redirect_to(person_list_url) } + # format.js + # format.xml { render :xml => @person.to_xml(:include => @company) } + # end + # end + # + # If the client wants HTML, we just redirect them back to the person list. If they want Javascript + # (format.js), then it is an RJS request and we render the RJS template associated with this action. + # Lastly, if the client wants XML, we render the created person as XML, but with a twist: we also + # include the person's company in the rendered XML, so you get something like this: + # + # + # ... + # ... + # + # ... + # ... + # ... + # + # + # + # Note, however, the extra bit at the top of that action: + # + # company = params[:person].delete(:company) + # @company = Company.find_or_create_by_name(company[:name]) + # + # This is because the incoming XML document (if a web-service request is in process) can only contain a + # single root-node. So, we have to rearrange things so that the request looks like this (url-encoded): + # + # person[name]=...&person[company][name]=...&... + # + # And, like this (xml-encoded): + # + # + # ... + # + # ... + # + # + # + # In other words, we make the request so that it operates on a single entity's person. Then, in the action, + # we extract the company data from the request, find or create the company, and then create the new person + # with the remaining data. + # + # Note that you can define your own XML parameter parser which would allow you to describe multiple entities + # in a single request (i.e., by wrapping them all in a single root node), but if you just go with the flow + # and accept Rails' defaults, life will be much easier. + # + # If you need to use a MIME type which isn't supported by default, you can register your own handlers in + # environment.rb as follows. + # + # Mime::Type.register "image/jpg", :jpg + def respond_to(*types, &block) + raise ArgumentError, "respond_to takes either types or a block, never both" unless types.any? ^ block + block ||= lambda { |responder| types.each { |type| responder.send(type) } } + responder = Responder.new(self) + block.call(responder) + responder.respond + end + end + + class Responder #:nodoc: + + def initialize(controller) + @controller = controller + @request = controller.request + @response = controller.response + + @mime_type_priority = @request.formats + + @order = [] + @responses = {} + end + + def custom(mime_type, &block) + mime_type = mime_type.is_a?(Mime::Type) ? mime_type : Mime::Type.lookup(mime_type.to_s) + + @order << mime_type + + @responses[mime_type] ||= Proc.new do + @response.template.formats = [mime_type.to_sym] + @response.content_type = mime_type.to_s + block_given? ? block.call : @controller.send(:render, :action => @controller.action_name) + end + end + + def any(*args, &block) + if args.any? + args.each { |type| send(type, &block) } + else + custom(@mime_type_priority.first, &block) + end + end + + def self.generate_method_for_mime(mime) + sym = mime.is_a?(Symbol) ? mime : mime.to_sym + const = sym.to_s.upcase + class_eval <<-RUBY, __FILE__, __LINE__ + 1 + def #{sym}(&block) # def html(&block) + custom(Mime::#{const}, &block) # custom(Mime::HTML, &block) + end # end + RUBY + end + + Mime::SET.each do |mime| + generate_method_for_mime(mime) + end + + def method_missing(symbol, &block) + mime_constant = Mime.const_get(symbol.to_s.upcase) + + if Mime::SET.include?(mime_constant) + self.class.generate_method_for_mime(mime_constant) + send(symbol, &block) + else + super + end + end + + def respond + for priority in @mime_type_priority + if priority == Mime::ALL + @responses[@order.first].call + return + else + if @responses[priority] + @responses[priority].call + return # mime type match found, be happy and return + end + end + end + + if @order.include?(Mime::ALL) + @responses[Mime::ALL].call + else + @controller.send :head, :not_acceptable + end + end + end + end +end diff --git a/actionpack/lib/action_controller/mime/type.rb b/actionpack/lib/action_controller/mime/type.rb new file mode 100644 index 0000000000..23a39dff54 --- /dev/null +++ b/actionpack/lib/action_controller/mime/type.rb @@ -0,0 +1,214 @@ +require 'set' + +module Mime + SET = [] + EXTENSION_LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } + LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } + + def self.[](type) + Type.lookup_by_extension(type.to_s) + end + + # Encapsulates the notion of a mime type. Can be used at render time, for example, with: + # + # class PostsController < ActionController::Base + # def show + # @post = Post.find(params[:id]) + # + # respond_to do |format| + # format.html + # format.ics { render :text => post.to_ics, :mime_type => Mime::Type["text/calendar"] } + # format.xml { render :xml => @people.to_xml } + # end + # end + # end + class Type + @@html_types = Set.new [:html, :all] + cattr_reader :html_types + + # These are the content types which browsers can generate without using ajax, flash, etc + # i.e. following a link, getting an image or posting a form. CSRF protection + # only needs to protect against these types. + @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text] + cattr_reader :browser_generated_types + attr_reader :symbol + + @@unverifiable_types = Set.new [:text, :json, :csv, :xml, :rss, :atom, :yaml] + def self.unverifiable_types + ActiveSupport::Deprecation.warn("unverifiable_types is deprecated and has no effect", caller) + @@unverifiable_types + end + + # A simple helper class used in parsing the accept header + class AcceptItem #:nodoc: + attr_accessor :order, :name, :q + + def initialize(order, name, q=nil) + @order = order + @name = name.strip + q ||= 0.0 if @name == Mime::ALL # default wilcard match to end of list + @q = ((q || 1.0).to_f * 100).to_i + end + + def to_s + @name + end + + def <=>(item) + result = item.q <=> q + result = order <=> item.order if result == 0 + result + end + + def ==(item) + name == (item.respond_to?(:name) ? item.name : item) + end + end + + class << self + def lookup(string) + LOOKUP[string] + end + + def lookup_by_extension(extension) + EXTENSION_LOOKUP[extension] + end + + # Registers an alias that's not used on mime type lookup, but can be referenced directly. Especially useful for + # rendering different HTML versions depending on the user agent, like an iPhone. + def register_alias(string, symbol, extension_synonyms = []) + register(string, symbol, [], extension_synonyms, true) + end + + def register(string, symbol, mime_type_synonyms = [], extension_synonyms = [], skip_lookup = false) + Mime.instance_eval { const_set symbol.to_s.upcase, Type.new(string, symbol, mime_type_synonyms) } + + SET << Mime.const_get(symbol.to_s.upcase) + + ([string] + mime_type_synonyms).each { |string| LOOKUP[string] = SET.last } unless skip_lookup + ([symbol.to_s] + extension_synonyms).each { |ext| EXTENSION_LOOKUP[ext] = SET.last } + end + + def parse(accept_header) + if accept_header !~ /,/ + [Mime::Type.lookup(accept_header)] + else + # keep track of creation order to keep the subsequent sort stable + list = [] + accept_header.split(/,/).each_with_index do |header, index| + params, q = header.split(/;\s*q=/) + if params + params.strip! + list << AcceptItem.new(index, params, q) unless params.empty? + end + end + list.sort! + + # Take care of the broken text/xml entry by renaming or deleting it + text_xml = list.index("text/xml") + app_xml = list.index(Mime::XML.to_s) + + if text_xml && app_xml + # set the q value to the max of the two + list[app_xml].q = [list[text_xml].q, list[app_xml].q].max + + # make sure app_xml is ahead of text_xml in the list + if app_xml > text_xml + list[app_xml], list[text_xml] = list[text_xml], list[app_xml] + app_xml, text_xml = text_xml, app_xml + end + + # delete text_xml from the list + list.delete_at(text_xml) + + elsif text_xml + list[text_xml].name = Mime::XML.to_s + end + + # Look for more specific XML-based types and sort them ahead of app/xml + + if app_xml + idx = app_xml + app_xml_type = list[app_xml] + + while(idx < list.length) + type = list[idx] + break if type.q < app_xml_type.q + if type.name =~ /\+xml$/ + list[app_xml], list[idx] = list[idx], list[app_xml] + app_xml = idx + end + idx += 1 + end + end + + list.map! { |i| Mime::Type.lookup(i.name) }.uniq! + list + end + end + end + + def initialize(string, symbol = nil, synonyms = []) + @symbol, @synonyms = symbol, synonyms + @string = string + end + + def to_s + @string + end + + def to_str + to_s + end + + def to_sym + @symbol || @string.to_sym + end + + def ===(list) + if list.is_a?(Array) + (@synonyms + [ self ]).any? { |synonym| list.include?(synonym) } + else + super + end + end + + def ==(mime_type) + return false if mime_type.blank? + (@synonyms + [ self ]).any? do |synonym| + require "ruby-debug" + debugger if mime_type.is_a?(Array) + synonym.to_s == mime_type.to_s || synonym.to_sym == mime_type.to_sym + end + end + + def =~(mime_type) + return false if mime_type.blank? + regexp = Regexp.new(Regexp.quote(mime_type.to_s)) + (@synonyms + [ self ]).any? do |synonym| + synonym.to_s =~ regexp + end + end + + # Returns true if Action Pack should check requests using this Mime Type for possible request forgery. See + # ActionController::RequestForgeryProtection. + def verify_request? + @@browser_generated_types.include?(to_sym) + end + + def html? + @@html_types.include?(to_sym) || @string =~ /html/ + end + + private + def method_missing(method, *args) + if method.to_s =~ /(\w+)\?$/ + $1.downcase.to_sym == to_sym + else + super + end + end + end +end + +require 'action_controller/mime/default_types' diff --git a/actionpack/lib/action_controller/mime_responds.rb b/actionpack/lib/action_controller/mime_responds.rb deleted file mode 100644 index bac225ab2a..0000000000 --- a/actionpack/lib/action_controller/mime_responds.rb +++ /dev/null @@ -1,190 +0,0 @@ -module ActionController #:nodoc: - module MimeResponds #:nodoc: - def self.included(base) - base.module_eval do - include ActionController::MimeResponds::InstanceMethods - end - end - - module InstanceMethods - # Without web-service support, an action which collects the data for displaying a list of people - # might look something like this: - # - # def index - # @people = Person.find(:all) - # end - # - # Here's the same action, with web-service support baked in: - # - # def index - # @people = Person.find(:all) - # - # respond_to do |format| - # format.html - # format.xml { render :xml => @people.to_xml } - # end - # end - # - # What that says is, "if the client wants HTML in response to this action, just respond as we - # would have before, but if the client wants XML, return them the list of people in XML format." - # (Rails determines the desired response format from the HTTP Accept header submitted by the client.) - # - # Supposing you have an action that adds a new person, optionally creating their company - # (by name) if it does not already exist, without web-services, it might look like this: - # - # def create - # @company = Company.find_or_create_by_name(params[:company][:name]) - # @person = @company.people.create(params[:person]) - # - # redirect_to(person_list_url) - # end - # - # Here's the same action, with web-service support baked in: - # - # def create - # company = params[:person].delete(:company) - # @company = Company.find_or_create_by_name(company[:name]) - # @person = @company.people.create(params[:person]) - # - # respond_to do |format| - # format.html { redirect_to(person_list_url) } - # format.js - # format.xml { render :xml => @person.to_xml(:include => @company) } - # end - # end - # - # If the client wants HTML, we just redirect them back to the person list. If they want Javascript - # (format.js), then it is an RJS request and we render the RJS template associated with this action. - # Lastly, if the client wants XML, we render the created person as XML, but with a twist: we also - # include the person's company in the rendered XML, so you get something like this: - # - # - # ... - # ... - # - # ... - # ... - # ... - # - # - # - # Note, however, the extra bit at the top of that action: - # - # company = params[:person].delete(:company) - # @company = Company.find_or_create_by_name(company[:name]) - # - # This is because the incoming XML document (if a web-service request is in process) can only contain a - # single root-node. So, we have to rearrange things so that the request looks like this (url-encoded): - # - # person[name]=...&person[company][name]=...&... - # - # And, like this (xml-encoded): - # - # - # ... - # - # ... - # - # - # - # In other words, we make the request so that it operates on a single entity's person. Then, in the action, - # we extract the company data from the request, find or create the company, and then create the new person - # with the remaining data. - # - # Note that you can define your own XML parameter parser which would allow you to describe multiple entities - # in a single request (i.e., by wrapping them all in a single root node), but if you just go with the flow - # and accept Rails' defaults, life will be much easier. - # - # If you need to use a MIME type which isn't supported by default, you can register your own handlers in - # environment.rb as follows. - # - # Mime::Type.register "image/jpg", :jpg - def respond_to(*types, &block) - raise ArgumentError, "respond_to takes either types or a block, never both" unless types.any? ^ block - block ||= lambda { |responder| types.each { |type| responder.send(type) } } - responder = Responder.new(self) - block.call(responder) - responder.respond - end - end - - class Responder #:nodoc: - - def initialize(controller) - @controller = controller - @request = controller.request - @response = controller.response - - @mime_type_priority = @request.formats - - @order = [] - @responses = {} - end - - def custom(mime_type, &block) - mime_type = mime_type.is_a?(Mime::Type) ? mime_type : Mime::Type.lookup(mime_type.to_s) - - @order << mime_type - - @responses[mime_type] ||= Proc.new do - @response.template.formats = [mime_type.to_sym] - @response.content_type = mime_type.to_s - block_given? ? block.call : @controller.send(:render, :action => @controller.action_name) - end - end - - def any(*args, &block) - if args.any? - args.each { |type| send(type, &block) } - else - custom(@mime_type_priority.first, &block) - end - end - - def self.generate_method_for_mime(mime) - sym = mime.is_a?(Symbol) ? mime : mime.to_sym - const = sym.to_s.upcase - class_eval <<-RUBY, __FILE__, __LINE__ + 1 - def #{sym}(&block) # def html(&block) - custom(Mime::#{const}, &block) # custom(Mime::HTML, &block) - end # end - RUBY - end - - Mime::SET.each do |mime| - generate_method_for_mime(mime) - end - - def method_missing(symbol, &block) - mime_constant = Mime.const_get(symbol.to_s.upcase) - - if Mime::SET.include?(mime_constant) - self.class.generate_method_for_mime(mime_constant) - send(symbol, &block) - else - super - end - end - - def respond - for priority in @mime_type_priority - if priority == Mime::ALL - @responses[@order.first].call - return - else - if @responses[priority] - @responses[priority].call - return # mime type match found, be happy and return - end - end - end - - if @order.include?(Mime::ALL) - @responses[Mime::ALL].call - else - @controller.send :head, :not_acceptable - end - end - end - end -end diff --git a/actionpack/lib/action_controller/mime_type.rb b/actionpack/lib/action_controller/mime_type.rb deleted file mode 100644 index 3d26870f4f..0000000000 --- a/actionpack/lib/action_controller/mime_type.rb +++ /dev/null @@ -1,214 +0,0 @@ -require 'set' - -module Mime - SET = [] - EXTENSION_LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } - LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } - - def self.[](type) - Type.lookup_by_extension(type.to_s) - end - - # Encapsulates the notion of a mime type. Can be used at render time, for example, with: - # - # class PostsController < ActionController::Base - # def show - # @post = Post.find(params[:id]) - # - # respond_to do |format| - # format.html - # format.ics { render :text => post.to_ics, :mime_type => Mime::Type["text/calendar"] } - # format.xml { render :xml => @people.to_xml } - # end - # end - # end - class Type - @@html_types = Set.new [:html, :all] - cattr_reader :html_types - - # These are the content types which browsers can generate without using ajax, flash, etc - # i.e. following a link, getting an image or posting a form. CSRF protection - # only needs to protect against these types. - @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text] - cattr_reader :browser_generated_types - attr_reader :symbol - - @@unverifiable_types = Set.new [:text, :json, :csv, :xml, :rss, :atom, :yaml] - def self.unverifiable_types - ActiveSupport::Deprecation.warn("unverifiable_types is deprecated and has no effect", caller) - @@unverifiable_types - end - - # A simple helper class used in parsing the accept header - class AcceptItem #:nodoc: - attr_accessor :order, :name, :q - - def initialize(order, name, q=nil) - @order = order - @name = name.strip - q ||= 0.0 if @name == Mime::ALL # default wilcard match to end of list - @q = ((q || 1.0).to_f * 100).to_i - end - - def to_s - @name - end - - def <=>(item) - result = item.q <=> q - result = order <=> item.order if result == 0 - result - end - - def ==(item) - name == (item.respond_to?(:name) ? item.name : item) - end - end - - class << self - def lookup(string) - LOOKUP[string] - end - - def lookup_by_extension(extension) - EXTENSION_LOOKUP[extension] - end - - # Registers an alias that's not used on mime type lookup, but can be referenced directly. Especially useful for - # rendering different HTML versions depending on the user agent, like an iPhone. - def register_alias(string, symbol, extension_synonyms = []) - register(string, symbol, [], extension_synonyms, true) - end - - def register(string, symbol, mime_type_synonyms = [], extension_synonyms = [], skip_lookup = false) - Mime.instance_eval { const_set symbol.to_s.upcase, Type.new(string, symbol, mime_type_synonyms) } - - SET << Mime.const_get(symbol.to_s.upcase) - - ([string] + mime_type_synonyms).each { |string| LOOKUP[string] = SET.last } unless skip_lookup - ([symbol.to_s] + extension_synonyms).each { |ext| EXTENSION_LOOKUP[ext] = SET.last } - end - - def parse(accept_header) - if accept_header !~ /,/ - [Mime::Type.lookup(accept_header)] - else - # keep track of creation order to keep the subsequent sort stable - list = [] - accept_header.split(/,/).each_with_index do |header, index| - params, q = header.split(/;\s*q=/) - if params - params.strip! - list << AcceptItem.new(index, params, q) unless params.empty? - end - end - list.sort! - - # Take care of the broken text/xml entry by renaming or deleting it - text_xml = list.index("text/xml") - app_xml = list.index(Mime::XML.to_s) - - if text_xml && app_xml - # set the q value to the max of the two - list[app_xml].q = [list[text_xml].q, list[app_xml].q].max - - # make sure app_xml is ahead of text_xml in the list - if app_xml > text_xml - list[app_xml], list[text_xml] = list[text_xml], list[app_xml] - app_xml, text_xml = text_xml, app_xml - end - - # delete text_xml from the list - list.delete_at(text_xml) - - elsif text_xml - list[text_xml].name = Mime::XML.to_s - end - - # Look for more specific XML-based types and sort them ahead of app/xml - - if app_xml - idx = app_xml - app_xml_type = list[app_xml] - - while(idx < list.length) - type = list[idx] - break if type.q < app_xml_type.q - if type.name =~ /\+xml$/ - list[app_xml], list[idx] = list[idx], list[app_xml] - app_xml = idx - end - idx += 1 - end - end - - list.map! { |i| Mime::Type.lookup(i.name) }.uniq! - list - end - end - end - - def initialize(string, symbol = nil, synonyms = []) - @symbol, @synonyms = symbol, synonyms - @string = string - end - - def to_s - @string - end - - def to_str - to_s - end - - def to_sym - @symbol || @string.to_sym - end - - def ===(list) - if list.is_a?(Array) - (@synonyms + [ self ]).any? { |synonym| list.include?(synonym) } - else - super - end - end - - def ==(mime_type) - return false if mime_type.blank? - (@synonyms + [ self ]).any? do |synonym| - require "ruby-debug" - debugger if mime_type.is_a?(Array) - synonym.to_s == mime_type.to_s || synonym.to_sym == mime_type.to_sym - end - end - - def =~(mime_type) - return false if mime_type.blank? - regexp = Regexp.new(Regexp.quote(mime_type.to_s)) - (@synonyms + [ self ]).any? do |synonym| - synonym.to_s =~ regexp - end - end - - # Returns true if Action Pack should check requests using this Mime Type for possible request forgery. See - # ActionController::RequestForgeryProtection. - def verify_request? - @@browser_generated_types.include?(to_sym) - end - - def html? - @@html_types.include?(to_sym) || @string =~ /html/ - end - - private - def method_missing(method, *args) - if method.to_s =~ /(\w+)\?$/ - $1.downcase.to_sym == to_sym - else - super - end - end - end -end - -require 'action_controller/mime_types' diff --git a/actionpack/lib/action_controller/mime_types.rb b/actionpack/lib/action_controller/mime_types.rb deleted file mode 100644 index 2d7fba1173..0000000000 --- a/actionpack/lib/action_controller/mime_types.rb +++ /dev/null @@ -1,21 +0,0 @@ -# Build list of Mime types for HTTP responses -# http://www.iana.org/assignments/media-types/ - -Mime::Type.register "*/*", :all -Mime::Type.register "text/plain", :text, [], %w(txt) -Mime::Type.register "text/html", :html, %w( application/xhtml+xml ), %w( xhtml ) -Mime::Type.register "text/javascript", :js, %w( application/javascript application/x-javascript ) -Mime::Type.register "text/css", :css -Mime::Type.register "text/calendar", :ics -Mime::Type.register "text/csv", :csv -Mime::Type.register "application/xml", :xml, %w( text/xml application/x-xml ) -Mime::Type.register "application/rss+xml", :rss -Mime::Type.register "application/atom+xml", :atom -Mime::Type.register "application/x-yaml", :yaml, %w( text/yaml ) - -Mime::Type.register "multipart/form-data", :multipart_form -Mime::Type.register "application/x-www-form-urlencoded", :url_encoded_form - -# http://www.ietf.org/rfc/rfc4627.txt -# http://www.json.org/JSONRequest.html -Mime::Type.register "application/json", :json, %w( text/x-json application/jsonrequest ) \ No newline at end of file diff --git a/actionpack/lib/action_controller/params_parser.rb b/actionpack/lib/action_controller/params_parser.rb deleted file mode 100644 index d269fe07fa..0000000000 --- a/actionpack/lib/action_controller/params_parser.rb +++ /dev/null @@ -1,71 +0,0 @@ -module ActionController - class ParamsParser - ActionController::Base.param_parsers[Mime::XML] = :xml_simple - ActionController::Base.param_parsers[Mime::JSON] = :json - - def initialize(app) - @app = app - end - - def call(env) - if params = parse_formatted_parameters(env) - env["action_controller.request.request_parameters"] = params - end - - @app.call(env) - end - - private - def parse_formatted_parameters(env) - request = Request.new(env) - - return false if request.content_length.zero? - - mime_type = content_type_from_legacy_post_data_format_header(env) || request.content_type - strategy = ActionController::Base.param_parsers[mime_type] - - return false unless strategy - - case strategy - when Proc - strategy.call(request.raw_post) - when :xml_simple, :xml_node - body = request.raw_post - body.blank? ? {} : Hash.from_xml(body).with_indifferent_access - when :yaml - YAML.load(request.raw_post) - when :json - body = request.raw_post - if body.blank? - {} - else - data = ActiveSupport::JSON.decode(body) - data = {:_json => data} unless data.is_a?(Hash) - data.with_indifferent_access - end - else - false - end - rescue Exception => e # YAML, XML or Ruby code block errors - raise - { "body" => request.raw_post, - "content_type" => request.content_type, - "content_length" => request.content_length, - "exception" => "#{e.message} (#{e.class})", - "backtrace" => e.backtrace } - end - - def content_type_from_legacy_post_data_format_header(env) - if x_post_format = env['HTTP_X_POST_DATA_FORMAT'] - case x_post_format.to_s.downcase - when 'yaml' - return Mime::YAML - when 'xml' - return Mime::XML - end - end - - nil - end - end -end diff --git a/actionpack/lib/action_controller/performance_test.rb b/actionpack/lib/action_controller/performance_test.rb deleted file mode 100644 index d88180087d..0000000000 --- a/actionpack/lib/action_controller/performance_test.rb +++ /dev/null @@ -1,15 +0,0 @@ -require 'active_support/testing/performance' -require 'active_support/testing/default' - -module ActionController - # An integration test that runs a code profiler on your test methods. - # Profiling output for combinations of each test method, measurement, and - # output format are written to your tmp/performance directory. - # - # By default, process_time is measured and both flat and graph_html output - # formats are written, so you'll have two output files per test method. - class PerformanceTest < ActionController::IntegrationTest - include ActiveSupport::Testing::Performance - include ActiveSupport::Testing::Default - end -end diff --git a/actionpack/lib/action_controller/polymorphic_routes.rb b/actionpack/lib/action_controller/polymorphic_routes.rb deleted file mode 100644 index 924d1aa6bd..0000000000 --- a/actionpack/lib/action_controller/polymorphic_routes.rb +++ /dev/null @@ -1,201 +0,0 @@ -module ActionController - # Polymorphic URL helpers are methods for smart resolution to a named route call when - # given an Active Record model instance. They are to be used in combination with - # ActionController::Resources. - # - # These methods are useful when you want to generate correct URL or path to a RESTful - # resource without having to know the exact type of the record in question. - # - # Nested resources and/or namespaces are also supported, as illustrated in the example: - # - # polymorphic_url([:admin, @article, @comment]) - # - # results in: - # - # admin_article_comment_url(@article, @comment) - # - # == Usage within the framework - # - # Polymorphic URL helpers are used in a number of places throughout the Rails framework: - # - # * url_for, so you can use it with a record as the argument, e.g. - # url_for(@article); - # * ActionView::Helpers::FormHelper uses polymorphic_path, so you can write - # form_for(@article) without having to specify :url parameter for the form - # action; - # * redirect_to (which, in fact, uses url_for) so you can write - # redirect_to(post) in your controllers; - # * ActionView::Helpers::AtomFeedHelper, so you don't have to explicitly specify URLs - # for feed entries. - # - # == Prefixed polymorphic helpers - # - # In addition to polymorphic_url and polymorphic_path methods, a - # number of prefixed helpers are available as a shorthand to :action => "..." - # in options. Those are: - # - # * edit_polymorphic_url, edit_polymorphic_path - # * new_polymorphic_url, new_polymorphic_path - # - # Example usage: - # - # edit_polymorphic_path(@post) # => "/posts/1/edit" - # polymorphic_path(@post, :format => :pdf) # => "/posts/1.pdf" - module PolymorphicRoutes - # Constructs a call to a named RESTful route for the given record and returns the - # resulting URL string. For example: - # - # # calls post_url(post) - # polymorphic_url(post) # => "http://example.com/posts/1" - # polymorphic_url([blog, post]) # => "http://example.com/blogs/1/posts/1" - # polymorphic_url([:admin, blog, post]) # => "http://example.com/admin/blogs/1/posts/1" - # polymorphic_url([user, :blog, post]) # => "http://example.com/users/1/blog/posts/1" - # - # ==== Options - # - # * :action - Specifies the action prefix for the named route: - # :new or :edit. Default is no prefix. - # * :routing_type - Allowed values are :path or :url. - # Default is :url. - # - # ==== Examples - # - # # an Article record - # polymorphic_url(record) # same as article_url(record) - # - # # a Comment record - # polymorphic_url(record) # same as comment_url(record) - # - # # it recognizes new records and maps to the collection - # record = Comment.new - # polymorphic_url(record) # same as comments_url() - # - def polymorphic_url(record_or_hash_or_array, options = {}) - if record_or_hash_or_array.kind_of?(Array) - record_or_hash_or_array = record_or_hash_or_array.compact - record_or_hash_or_array = record_or_hash_or_array[0] if record_or_hash_or_array.size == 1 - end - - record = extract_record(record_or_hash_or_array) - namespace = extract_namespace(record_or_hash_or_array) - - args = case record_or_hash_or_array - when Hash; [ record_or_hash_or_array ] - when Array; record_or_hash_or_array.dup - else [ record_or_hash_or_array ] - end - - inflection = - case - when options[:action].to_s == "new" - args.pop - :singular - when record.respond_to?(:new_record?) && record.new_record? - args.pop - :plural - else - :singular - end - - args.delete_if {|arg| arg.is_a?(Symbol) || arg.is_a?(String)} - - named_route = build_named_route_call(record_or_hash_or_array, namespace, inflection, options) - - url_options = options.except(:action, :routing_type) - unless url_options.empty? - args.last.kind_of?(Hash) ? args.last.merge!(url_options) : args << url_options - end - - __send__(named_route, *args) - end - - # Returns the path component of a URL for the given record. It uses - # polymorphic_url with :routing_type => :path. - def polymorphic_path(record_or_hash_or_array, options = {}) - options[:routing_type] = :path - polymorphic_url(record_or_hash_or_array, options) - end - - %w(edit new).each do |action| - module_eval <<-EOT, __FILE__, __LINE__ - def #{action}_polymorphic_url(record_or_hash, options = {}) # def edit_polymorphic_url(record_or_hash, options = {}) - polymorphic_url( # polymorphic_url( - record_or_hash, # record_or_hash, - options.merge(:action => "#{action}")) # options.merge(:action => "edit")) - end # end - # - def #{action}_polymorphic_path(record_or_hash, options = {}) # def edit_polymorphic_path(record_or_hash, options = {}) - polymorphic_url( # polymorphic_url( - record_or_hash, # record_or_hash, - options.merge(:action => "#{action}", :routing_type => :path)) # options.merge(:action => "edit", :routing_type => :path)) - end # end - EOT - end - - def formatted_polymorphic_url(record_or_hash, options = {}) - ActiveSupport::Deprecation.warn("formatted_polymorphic_url has been deprecated. Please pass :format to the polymorphic_url method instead", caller) - options[:format] = record_or_hash.pop if Array === record_or_hash - polymorphic_url(record_or_hash, options) - end - - def formatted_polymorphic_path(record_or_hash, options = {}) - ActiveSupport::Deprecation.warn("formatted_polymorphic_path has been deprecated. Please pass :format to the polymorphic_path method instead", caller) - options[:format] = record_or_hash.pop if record_or_hash === Array - polymorphic_url(record_or_hash, options.merge(:routing_type => :path)) - end - - private - def action_prefix(options) - options[:action] ? "#{options[:action]}_" : '' - end - - def routing_type(options) - options[:routing_type] || :url - end - - def build_named_route_call(records, namespace, inflection, options = {}) - unless records.is_a?(Array) - record = extract_record(records) - route = '' - else - record = records.pop - route = records.inject("") do |string, parent| - if parent.is_a?(Symbol) || parent.is_a?(String) - string << "#{parent}_" - else - string << "#{RecordIdentifier.__send__("singular_class_name", parent)}_" - end - end - end - - if record.is_a?(Symbol) || record.is_a?(String) - route << "#{record}_" - else - route << "#{RecordIdentifier.__send__("#{inflection}_class_name", record)}_" - end - - action_prefix(options) + namespace + route + routing_type(options).to_s - end - - def extract_record(record_or_hash_or_array) - case record_or_hash_or_array - when Array; record_or_hash_or_array.last - when Hash; record_or_hash_or_array[:id] - else record_or_hash_or_array - end - end - - # Remove the first symbols from the array and return the url prefix - # implied by those symbols. - def extract_namespace(record_or_hash_or_array) - return "" unless record_or_hash_or_array.is_a?(Array) - - namespace_keys = [] - while (key = record_or_hash_or_array.first) && key.is_a?(String) || key.is_a?(Symbol) - namespace_keys << record_or_hash_or_array.shift - end - - namespace_keys.map {|k| "#{k}_"}.join - end - end -end diff --git a/actionpack/lib/action_controller/record_identifier.rb b/actionpack/lib/action_controller/record_identifier.rb index 742d290ad6..6bda27e23a 100644 --- a/actionpack/lib/action_controller/record_identifier.rb +++ b/actionpack/lib/action_controller/record_identifier.rb @@ -1,4 +1,4 @@ -module ActionController +module ActionController # The record identifier encapsulates a number of naming conventions for dealing with records, like Active Records or # Active Resources or pretty much any other model type that has an id. These patterns are then used to try elevate # the view actions to a higher logical level. Example: diff --git a/actionpack/lib/action_controller/request.rb b/actionpack/lib/action_controller/request.rb deleted file mode 100755 index f8c77241b9..0000000000 --- a/actionpack/lib/action_controller/request.rb +++ /dev/null @@ -1,492 +0,0 @@ -require 'tempfile' -require 'stringio' -require 'strscan' - -require 'active_support/memoizable' -require 'action_controller/cgi_ext' - -module ActionController - class Request < Rack::Request - extend ActiveSupport::Memoizable - - %w[ AUTH_TYPE GATEWAY_INTERFACE - PATH_TRANSLATED REMOTE_HOST - REMOTE_IDENT REMOTE_USER REMOTE_ADDR - SERVER_NAME SERVER_PROTOCOL - - HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING - HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM - HTTP_NEGOTIATE HTTP_PRAGMA HTTP_REFERER HTTP_USER_AGENT ].each do |env| - define_method(env.sub(/^HTTP_/n, '').downcase) do - @env[env] - end - end - - def key?(key) - @env.key?(key) - end - - HTTP_METHODS = %w(get head put post delete options) - HTTP_METHOD_LOOKUP = HTTP_METHODS.inject({}) { |h, m| h[m] = h[m.upcase] = m.to_sym; h } - - # Returns the true HTTP request \method as a lowercase symbol, such as - # :get. If the request \method is not listed in the HTTP_METHODS - # constant above, an UnknownHttpMethod exception is raised. - def request_method - HTTP_METHOD_LOOKUP[super] || raise(UnknownHttpMethod, "#{super}, accepted HTTP methods are #{HTTP_METHODS.to_sentence}") - end - memoize :request_method - - # Returns the HTTP request \method used for action processing as a - # lowercase symbol, such as :post. (Unlike #request_method, this - # method returns :get for a HEAD request because the two are - # functionally equivalent from the application's perspective.) - def method - request_method == :head ? :get : request_method - end - - # Is this a GET (or HEAD) request? Equivalent to request.method == :get. - def get? - method == :get - end - - # Is this a POST request? Equivalent to request.method == :post. - def post? - request_method == :post - end - - # Is this a PUT request? Equivalent to request.method == :put. - def put? - request_method == :put - end - - # Is this a DELETE request? Equivalent to request.method == :delete. - def delete? - request_method == :delete - end - - # Is this a HEAD request? Since request.method sees HEAD as :get, - # this \method checks the actual HTTP \method directly. - def head? - request_method == :head - end - - # Provides access to the request's HTTP headers, for example: - # - # request.headers["Content-Type"] # => "text/plain" - def headers - ActionController::Http::Headers.new(@env) - end - memoize :headers - - # Returns the content length of the request as an integer. - def content_length - super.to_i - end - - # The MIME type of the HTTP request, such as Mime::XML. - # - # For backward compatibility, the post \format is extracted from the - # X-Post-Data-Format HTTP header if present. - def content_type - if @env['CONTENT_TYPE'] =~ /^([^,\;]*)/ - Mime::Type.lookup($1.strip.downcase) - else - nil - end - end - memoize :content_type - - # Returns the accepted MIME type for the request. - def accepts - header = @env['HTTP_ACCEPT'].to_s.strip - - fallback = xhr? ? Mime::JS : Mime::HTML - - if header.empty? - [content_type, fallback, Mime::ALL].compact - else - ret = Mime::Type.parse(header) - if ret.last == Mime::ALL - ret.insert(-2, fallback) - end - ret - end - end - memoize :accepts - - def if_modified_since - if since = env['HTTP_IF_MODIFIED_SINCE'] - Time.rfc2822(since) rescue nil - end - end - memoize :if_modified_since - - def if_none_match - env['HTTP_IF_NONE_MATCH'] - end - - def not_modified?(modified_at) - if_modified_since && modified_at && if_modified_since >= modified_at - end - - def etag_matches?(etag) - if_none_match && if_none_match == etag - end - - # Check response freshness (Last-Modified and ETag) against request - # If-Modified-Since and If-None-Match conditions. If both headers are - # supplied, both must match, or the request is not considered fresh. - def fresh?(response) - case - when if_modified_since && if_none_match - not_modified?(response.last_modified) && etag_matches?(response.etag) - when if_modified_since - not_modified?(response.last_modified) - when if_none_match - etag_matches?(response.etag) - else - false - end - end - - ONLY_ALL = [Mime::ALL].freeze - - # Returns the Mime type for the \format used in the request. - # - # GET /posts/5.xml | request.format => Mime::XML - # GET /posts/5.xhtml | request.format => Mime::HTML - # GET /posts/5 | request.format => Mime::HTML or MIME::JS, or request.accepts.first depending on the value of ActionController::Base.use_accept_header - - def format(view_path = []) - @format ||= - if parameters[:format] - Mime[parameters[:format]] - elsif Base.use_accept_header && !(accepts == ONLY_ALL) - accepts.first - elsif xhr? then Mime::JS - else Mime::HTML - end - end - - def formats - @formats = - if Base.use_accept_header - ret = Array(Mime[parameters[:format]] || accepts) - else - [format] - end - end - - # Sets the \format by string extension, which can be used to force custom formats - # that are not controlled by the extension. - # - # class ApplicationController < ActionController::Base - # before_filter :adjust_format_for_iphone - # - # private - # def adjust_format_for_iphone - # request.format = :iphone if request.env["HTTP_USER_AGENT"][/iPhone/] - # end - # end - def format=(extension) - parameters[:format] = extension.to_s - @format = Mime::Type.lookup_by_extension(parameters[:format]) - end - - # Returns a symbolized version of the :format parameter of the request. - # If no \format is given it returns :jsfor Ajax requests and :html - # otherwise. - def template_format - parameter_format = parameters[:format] - - if parameter_format - parameter_format - elsif xhr? - :js - else - :html - end - end - - def cache_format - parameters[:format] - end - - # Returns true if the request's "X-Requested-With" header contains - # "XMLHttpRequest". (The Prototype Javascript library sends this header with - # every Ajax request.) - def xml_http_request? - !(@env['HTTP_X_REQUESTED_WITH'] !~ /XMLHttpRequest/i) - end - alias xhr? :xml_http_request? - - # Which IP addresses are "trusted proxies" that can be stripped from - # the right-hand-side of X-Forwarded-For - TRUSTED_PROXIES = /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\./i - - # Determines originating IP address. REMOTE_ADDR is the standard - # but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or - # HTTP_X_FORWARDED_FOR are set by proxies so check for these if - # REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma- - # delimited list in the case of multiple chained proxies; the last - # address which is not trusted is the originating IP. - def remote_ip - remote_addr_list = @env['REMOTE_ADDR'] && @env['REMOTE_ADDR'].scan(/[^,\s]+/) - - unless remote_addr_list.blank? - not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES} - return not_trusted_addrs.first unless not_trusted_addrs.empty? - end - remote_ips = @env['HTTP_X_FORWARDED_FOR'] && @env['HTTP_X_FORWARDED_FOR'].split(',') - - if @env.include? 'HTTP_CLIENT_IP' - if ActionController::Base.ip_spoofing_check && remote_ips && !remote_ips.include?(@env['HTTP_CLIENT_IP']) - # We don't know which came from the proxy, and which from the user - raise ActionControllerError.new(< 1 && TRUSTED_PROXIES =~ remote_ips.last.strip - remote_ips.pop - end - - return remote_ips.last.strip - end - - @env['REMOTE_ADDR'] - end - memoize :remote_ip - - # Returns the lowercase name of the HTTP server software. - def server_software - (@env['SERVER_SOFTWARE'] && /^([a-zA-Z]+)/ =~ @env['SERVER_SOFTWARE']) ? $1.downcase : nil - end - memoize :server_software - - # Returns the complete URL used for this request. - def url - protocol + host_with_port + request_uri - end - memoize :url - - # Returns 'https://' if this is an SSL request and 'http://' otherwise. - def protocol - ssl? ? 'https://' : 'http://' - end - memoize :protocol - - # Is this an SSL request? - def ssl? - @env['HTTPS'] == 'on' || @env['HTTP_X_FORWARDED_PROTO'] == 'https' - end - - # Returns the \host for this request, such as "example.com". - def raw_host_with_port - if forwarded = env["HTTP_X_FORWARDED_HOST"] - forwarded.split(/,\s?/).last - else - env['HTTP_HOST'] || "#{env['SERVER_NAME'] || env['SERVER_ADDR']}:#{env['SERVER_PORT']}" - end - end - - # Returns the host for this request, such as example.com. - def host - raw_host_with_port.sub(/:\d+$/, '') - end - memoize :host - - # Returns a \host:\port string for this request, such as "example.com" or - # "example.com:8080". - def host_with_port - "#{host}#{port_string}" - end - memoize :host_with_port - - # Returns the port number of this request as an integer. - def port - if raw_host_with_port =~ /:(\d+)$/ - $1.to_i - else - standard_port - end - end - memoize :port - - # Returns the standard \port number for this request's protocol. - def standard_port - case protocol - when 'https://' then 443 - else 80 - end - end - - # Returns a \port suffix like ":8080" if the \port number of this request - # is not the default HTTP \port 80 or HTTPS \port 443. - def port_string - port == standard_port ? '' : ":#{port}" - end - - # Returns the \domain part of a \host, such as "rubyonrails.org" in "www.rubyonrails.org". You can specify - # a different tld_length, such as 2 to catch rubyonrails.co.uk in "www.rubyonrails.co.uk". - def domain(tld_length = 1) - return nil unless named_host?(host) - - host.split('.').last(1 + tld_length).join('.') - end - - # Returns all the \subdomains as an array, so ["dev", "www"] would be - # returned for "dev.www.rubyonrails.org". You can specify a different tld_length, - # such as 2 to catch ["www"] instead of ["www", "rubyonrails"] - # in "www.rubyonrails.co.uk". - def subdomains(tld_length = 1) - return [] unless named_host?(host) - parts = host.split('.') - parts[0..-(tld_length+2)] - end - - # Returns the query string, accounting for server idiosyncrasies. - def query_string - @env['QUERY_STRING'].present? ? @env['QUERY_STRING'] : (@env['REQUEST_URI'].split('?', 2)[1] || '') - end - memoize :query_string - - # Returns the request URI, accounting for server idiosyncrasies. - # WEBrick includes the full URL. IIS leaves REQUEST_URI blank. - def request_uri - if uri = @env['REQUEST_URI'] - # Remove domain, which webrick puts into the request_uri. - (%r{^\w+\://[^/]+(/.*|$)$} =~ uri) ? $1 : uri - else - # Construct IIS missing REQUEST_URI from SCRIPT_NAME and PATH_INFO. - uri = @env['PATH_INFO'].to_s - - if script_filename = @env['SCRIPT_NAME'].to_s.match(%r{[^/]+$}) - uri = uri.sub(/#{script_filename}\//, '') - end - - env_qs = @env['QUERY_STRING'].to_s - uri += "?#{env_qs}" unless env_qs.empty? - - if uri.blank? - @env.delete('REQUEST_URI') - else - @env['REQUEST_URI'] = uri - end - end - end - memoize :request_uri - - # Returns the interpreted \path to requested resource after all the installation - # directory of this application was taken into account. - def path - path = request_uri.to_s[/\A[^\?]*/] - path.sub!(/\A#{ActionController::Base.relative_url_root}/, '') - path - end - memoize :path - - # Read the request \body. This is useful for web services that need to - # work with raw requests directly. - def raw_post - unless @env.include? 'RAW_POST_DATA' - @env['RAW_POST_DATA'] = body.read(@env['CONTENT_LENGTH'].to_i) - body.rewind if body.respond_to?(:rewind) - end - @env['RAW_POST_DATA'] - end - - # Returns both GET and POST \parameters in a single hash. - def parameters - @parameters ||= request_parameters.merge(query_parameters).update(path_parameters).with_indifferent_access - end - alias_method :params, :parameters - - def path_parameters=(parameters) #:nodoc: - @env["rack.routing_args"] = parameters - @symbolized_path_parameters = @parameters = nil - end - - # The same as path_parameters with explicitly symbolized keys. - def symbolized_path_parameters - @symbolized_path_parameters ||= path_parameters.symbolize_keys - end - - # Returns a hash with the \parameters used to form the \path of the request. - # Returned hash keys are strings: - # - # {'action' => 'my_action', 'controller' => 'my_controller'} - # - # See symbolized_path_parameters for symbolized keys. - def path_parameters - @env["rack.routing_args"] ||= {} - end - - # The request body is an IO input stream. If the RAW_POST_DATA environment - # variable is already set, wrap it in a StringIO. - def body - if raw_post = @env['RAW_POST_DATA'] - raw_post.force_encoding(Encoding::BINARY) if raw_post.respond_to?(:force_encoding) - StringIO.new(raw_post) - else - @env['rack.input'] - end - end - - def form_data? - FORM_DATA_MEDIA_TYPES.include?(content_type.to_s) - end - - # Override Rack's GET method to support nested query strings - def GET - @env["action_controller.request.query_parameters"] ||= UrlEncodedPairParser.parse_query_parameters(query_string) - end - alias_method :query_parameters, :GET - - # Override Rack's POST method to support nested query strings - def POST - @env["action_controller.request.request_parameters"] ||= UrlEncodedPairParser.parse_hash_parameters(super) - end - alias_method :request_parameters, :POST - - def body_stream #:nodoc: - @env['rack.input'] - end - - def session - @env['rack.session'] ||= {} - end - - def session=(session) #:nodoc: - @env['rack.session'] = session - end - - def reset_session - @env['rack.session'] = {} - end - - def session_options - @env['rack.session.options'] ||= {} - end - - def session_options=(options) - @env['rack.session.options'] = options - end - - def server_port - @env['SERVER_PORT'].to_i - end - - private - def named_host?(host) - !(host.nil? || /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.match(host)) - end - end -end diff --git a/actionpack/lib/action_controller/request_forgery_protection.rb b/actionpack/lib/action_controller/request_forgery_protection.rb deleted file mode 100644 index f3e6288c26..0000000000 --- a/actionpack/lib/action_controller/request_forgery_protection.rb +++ /dev/null @@ -1,108 +0,0 @@ -module ActionController #:nodoc: - class InvalidAuthenticityToken < ActionControllerError #:nodoc: - end - - module RequestForgeryProtection - def self.included(base) - base.class_eval do - helper_method :form_authenticity_token - helper_method :protect_against_forgery? - end - base.extend(ClassMethods) - end - - # Protecting controller actions from CSRF attacks by ensuring that all forms are coming from the current web application, not a - # forged link from another site, is done by embedding a token based on a random string stored in the session (which an attacker wouldn't know) in all - # forms and Ajax requests generated by Rails and then verifying the authenticity of that token in the controller. Only - # HTML/JavaScript requests are checked, so this will not protect your XML API (presumably you'll have a different authentication - # scheme there anyway). Also, GET requests are not protected as these should be idempotent anyway. - # - # This is turned on with the protect_from_forgery method, which will check the token and raise an - # ActionController::InvalidAuthenticityToken if it doesn't match what was expected. You can customize the error message in - # production by editing public/422.html. A call to this method in ApplicationController is generated by default in post-Rails 2.0 - # applications. - # - # The token parameter is named authenticity_token by default. If you are generating an HTML form manually (without the - # use of Rails' form_for, form_tag or other helpers), you have to include a hidden field named like that and - # set its value to what is returned by form_authenticity_token. Same applies to manually constructed Ajax requests. To - # make the token available through a global variable to scripts on a certain page, you could add something like this to a view: - # - # <%= javascript_tag "window._token = '#{form_authenticity_token}'" %> - # - # Request forgery protection is disabled by default in test environment. If you are upgrading from Rails 1.x, add this to - # config/environments/test.rb: - # - # # Disable request forgery protection in test environment - # config.action_controller.allow_forgery_protection = false - # - # == Learn more about CSRF (Cross-Site Request Forgery) attacks - # - # Here are some resources: - # * http://isc.sans.org/diary.html?storyid=1750 - # * http://en.wikipedia.org/wiki/Cross-site_request_forgery - # - # Keep in mind, this is NOT a silver-bullet, plug 'n' play, warm security blanket for your rails application. - # There are a few guidelines you should follow: - # - # * Keep your GET requests safe and idempotent. More reading material: - # * http://www.xml.com/pub/a/2002/04/24/deviant.html - # * http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.1.1 - # * Make sure the session cookies that Rails creates are non-persistent. Check in Firefox and look for "Expires: at end of session" - # - module ClassMethods - # Turn on request forgery protection. Bear in mind that only non-GET, HTML/JavaScript requests are checked. - # - # Example: - # - # class FooController < ApplicationController - # protect_from_forgery :except => :index - # - # # you can disable csrf protection on controller-by-controller basis: - # skip_before_filter :verify_authenticity_token - # end - # - # Valid Options: - # - # * :only/:except - Passed to the before_filter call. Set which actions are verified. - def protect_from_forgery(options = {}) - self.request_forgery_protection_token ||= :authenticity_token - before_filter :verify_authenticity_token, :only => options.delete(:only), :except => options.delete(:except) - if options[:secret] || options[:digest] - ActiveSupport::Deprecation.warn("protect_from_forgery only takes :only and :except options now. :digest and :secret have no effect", caller) - end - end - end - - protected - # The actual before_filter that is used. Modify this to change how you handle unverified requests. - def verify_authenticity_token - verified_request? || raise(ActionController::InvalidAuthenticityToken) - end - - # Returns true or false if a request is verified. Checks: - # - # * is the format restricted? By default, only HTML and AJAX requests are checked. - # * is it a GET request? Gets should be safe and idempotent - # * Does the form_authenticity_token match the given token value from the params? - def verified_request? - !protect_against_forgery? || - request.method == :get || - !verifiable_request_format? || - form_authenticity_token == params[request_forgery_protection_token] - end - - def verifiable_request_format? - !request.content_type.nil? && request.content_type.verify_request? - end - - # Sets the token value for the current session. Pass a :secret option - # in +protect_from_forgery+ to add a custom salt to the hash. - def form_authenticity_token - session[:_csrf_token] ||= ActiveSupport::SecureRandom.base64(32) - end - - def protect_against_forgery? - allow_forgery_protection && request_forgery_protection_token - end - end -end diff --git a/actionpack/lib/action_controller/rescue.rb b/actionpack/lib/action_controller/rescue.rb deleted file mode 100644 index 3beeb2da83..0000000000 --- a/actionpack/lib/action_controller/rescue.rb +++ /dev/null @@ -1,179 +0,0 @@ -module ActionController #:nodoc: - # Actions that fail to perform as expected throw exceptions. These - # exceptions can either be rescued for the public view (with a nice - # user-friendly explanation) or for the developers view (with tons of - # debugging information). The developers view is already implemented by - # the Action Controller, but the public view should be tailored to your - # specific application. - # - # The default behavior for public exceptions is to render a static html - # file with the name of the error code thrown. If no such file exists, an - # empty response is sent with the correct status code. - # - # You can override what constitutes a local request by overriding the - # local_request? method in your own controller. Custom rescue - # behavior is achieved by overriding the rescue_action_in_public - # and rescue_action_locally methods. - module Rescue - LOCALHOST = '127.0.0.1'.freeze - - DEFAULT_RESCUE_RESPONSE = :internal_server_error - DEFAULT_RESCUE_RESPONSES = { - 'ActionController::RoutingError' => :not_found, - 'ActionController::UnknownAction' => :not_found, - 'ActiveRecord::RecordNotFound' => :not_found, - 'ActiveRecord::StaleObjectError' => :conflict, - 'ActiveRecord::RecordInvalid' => :unprocessable_entity, - 'ActiveRecord::RecordNotSaved' => :unprocessable_entity, - 'ActionController::MethodNotAllowed' => :method_not_allowed, - 'ActionController::NotImplemented' => :not_implemented, - 'ActionController::InvalidAuthenticityToken' => :unprocessable_entity - } - - DEFAULT_RESCUE_TEMPLATE = 'diagnostics' - DEFAULT_RESCUE_TEMPLATES = { - 'ActionView::MissingTemplate' => 'missing_template', - 'ActionController::RoutingError' => 'routing_error', - 'ActionController::UnknownAction' => 'unknown_action', - 'ActionView::TemplateError' => 'template_error' - } - - RESCUES_TEMPLATE_PATH = ActionView::Template::EagerPath.new( - File.join(File.dirname(__FILE__), "templates")) - - def self.included(base) #:nodoc: - base.cattr_accessor :rescue_responses - base.rescue_responses = Hash.new(DEFAULT_RESCUE_RESPONSE) - base.rescue_responses.update DEFAULT_RESCUE_RESPONSES - - base.cattr_accessor :rescue_templates - base.rescue_templates = Hash.new(DEFAULT_RESCUE_TEMPLATE) - base.rescue_templates.update DEFAULT_RESCUE_TEMPLATES - - base.extend(ClassMethods) - base.send :include, ActiveSupport::Rescuable - - base.class_eval do - alias_method_chain :perform_action, :rescue - end - end - - module ClassMethods - def call_with_exception(env, exception) #:nodoc: - request = env["action_controller.rescue.request"] ||= Request.new(env) - response = env["action_controller.rescue.response"] ||= Response.new - new.process(request, response, :rescue_action, exception) - end - end - - protected - # Exception handler called when the performance of an action raises - # an exception. - def rescue_action(exception) - rescue_with_handler(exception) || - rescue_action_without_handler(exception) - end - - # Overwrite to implement custom logging of errors. By default - # logs as fatal. - def log_error(exception) #:doc: - ActiveSupport::Deprecation.silence do - if ActionView::TemplateError === exception - logger.fatal(exception.to_s) - else - logger.fatal( - "\n#{exception.class} (#{exception.message}):\n " + - clean_backtrace(exception).join("\n ") + "\n\n" - ) - end - end - end - - # Overwrite to implement public exception handling (for requests - # answering false to local_request?). By default will call - # render_optional_error_file. Override this method to provide more - # user friendly error messages. - def rescue_action_in_public(exception) #:doc: - render_optional_error_file response_code_for_rescue(exception) - end - - # Attempts to render a static error page based on the - # status_code thrown, or just return headers if no such file - # exists. For example, if a 500 error is being handled Rails will first - # attempt to render the file at public/500.html. If the file - # doesn't exist, the body of the response will be left empty. - def render_optional_error_file(status_code) - status = interpret_status(status_code) - path = "#{Rails.public_path}/#{status.to_s[0,3]}.html" - if File.exist?(path) - render :file => path, :status => status, :content_type => Mime::HTML - else - head status - end - end - - # True if the request came from localhost, 127.0.0.1. Override this - # method if you wish to redefine the meaning of a local request to - # include remote IP addresses or other criteria. - def local_request? #:doc: - request.remote_addr == LOCALHOST && request.remote_ip == LOCALHOST - end - - # Render detailed diagnostics for unhandled exceptions rescued from - # a controller action. - def rescue_action_locally(exception) - @template.instance_variable_set("@exception", exception) - @template.instance_variable_set("@rescues_path", RESCUES_TEMPLATE_PATH) - @template.instance_variable_set("@contents", - @template._render_template(template_path_for_local_rescue(exception))) - - response.content_type = Mime::HTML - response.status = interpret_status(response_code_for_rescue(exception)) - - content = @template._render_template(rescues_path("layout")) - render_for_text(content) - end - - def rescue_action_without_handler(exception) - log_error(exception) if logger - erase_results if performed? - - # Let the exception alter the response if it wants. - # For example, MethodNotAllowed sets the Allow header. - if exception.respond_to?(:handle_response!) - exception.handle_response!(response) - end - - if consider_all_requests_local || local_request? - rescue_action_locally(exception) - else - rescue_action_in_public(exception) - end - end - - private - def perform_action_with_rescue #:nodoc: - perform_action_without_rescue - rescue Exception => exception - rescue_action(exception) - end - - def rescues_path(template_name) - RESCUES_TEMPLATE_PATH.find_template("rescues/#{template_name}.erb") - end - - def template_path_for_local_rescue(exception) - rescues_path(rescue_templates[exception.class.name]) - end - - def response_code_for_rescue(exception) - rescue_responses[exception.class.name] - end - - def clean_backtrace(exception) - defined?(Rails) && Rails.respond_to?(:backtrace_cleaner) ? - Rails.backtrace_cleaner.clean(exception.backtrace) : - exception.backtrace - end - end -end diff --git a/actionpack/lib/action_controller/resources.rb b/actionpack/lib/action_controller/resources.rb deleted file mode 100644 index e8988aa737..0000000000 --- a/actionpack/lib/action_controller/resources.rb +++ /dev/null @@ -1,674 +0,0 @@ -module ActionController - # == Overview - # - # ActionController::Resources are a way of defining RESTful \resources. A RESTful \resource, in basic terms, - # is something that can be pointed at and it will respond with a representation of the data requested. - # In real terms this could mean a user with a browser requests an HTML page, or that a desktop application - # requests XML data. - # - # RESTful design is based on the assumption that there are four generic verbs that a user of an - # application can request from a \resource (the noun). - # - # \Resources can be requested using four basic HTTP verbs (GET, POST, PUT, DELETE), the method used - # denotes the type of action that should take place. - # - # === The Different Methods and their Usage - # - # * GET - Requests for a \resource, no saving or editing of a \resource should occur in a GET request. - # * POST - Creation of \resources. - # * PUT - Editing of attributes on a \resource. - # * DELETE - Deletion of a \resource. - # - # === Examples - # - # # A GET request on the Posts resource is asking for all Posts - # GET /posts - # - # # A GET request on a single Post resource is asking for that particular Post - # GET /posts/1 - # - # # A POST request on the Posts resource is asking for a Post to be created with the supplied details - # POST /posts # with => { :post => { :title => "My Whizzy New Post", :body => "I've got a brand new combine harvester" } } - # - # # A PUT request on a single Post resource is asking for a Post to be updated - # PUT /posts # with => { :id => 1, :post => { :title => "Changed Whizzy Title" } } - # - # # A DELETE request on a single Post resource is asking for it to be deleted - # DELETE /posts # with => { :id => 1 } - # - # By using the REST convention, users of our application can assume certain things about how the data - # is requested and how it is returned. Rails simplifies the routing part of RESTful design by - # supplying you with methods to create them in your routes.rb file. - # - # Read more about REST at http://en.wikipedia.org/wiki/Representational_State_Transfer - module Resources - INHERITABLE_OPTIONS = :namespace, :shallow, :actions - - class Resource #:nodoc: - DEFAULT_ACTIONS = :index, :create, :new, :edit, :show, :update, :destroy - - attr_reader :collection_methods, :member_methods, :new_methods - attr_reader :path_prefix, :name_prefix, :path_segment - attr_reader :plural, :singular - attr_reader :options - - def initialize(entities, options) - @plural ||= entities - @singular ||= options[:singular] || plural.to_s.singularize - @path_segment = options.delete(:as) || @plural - - @options = options - - arrange_actions - add_default_actions - set_allowed_actions - set_prefixes - end - - def controller - @controller ||= "#{options[:namespace]}#{(options[:controller] || plural).to_s}" - end - - def requirements(with_id = false) - @requirements ||= @options[:requirements] || {} - @id_requirement ||= { :id => @requirements.delete(:id) || /[^#{Routing::SEPARATORS.join}]+/ } - - with_id ? @requirements.merge(@id_requirement) : @requirements - end - - def conditions - @conditions ||= @options[:conditions] || {} - end - - def path - @path ||= "#{path_prefix}/#{path_segment}" - end - - def new_path - new_action = self.options[:path_names][:new] if self.options[:path_names] - new_action ||= Base.resources_path_names[:new] - @new_path ||= "#{path}/#{new_action}" - end - - def shallow_path_prefix - @shallow_path_prefix ||= "#{path_prefix unless @options[:shallow]}" - end - - def member_path - @member_path ||= "#{shallow_path_prefix}/#{path_segment}/:id" - end - - def nesting_path_prefix - @nesting_path_prefix ||= "#{shallow_path_prefix}/#{path_segment}/:#{singular}_id" - end - - def shallow_name_prefix - @shallow_name_prefix ||= "#{name_prefix unless @options[:shallow]}" - end - - def nesting_name_prefix - "#{shallow_name_prefix}#{singular}_" - end - - def action_separator - @action_separator ||= Base.resource_action_separator - end - - def uncountable? - @singular.to_s == @plural.to_s - end - - def has_action?(action) - !DEFAULT_ACTIONS.include?(action) || @options[:actions].nil? || @options[:actions].include?(action) - end - - protected - def arrange_actions - @collection_methods = arrange_actions_by_methods(options.delete(:collection)) - @member_methods = arrange_actions_by_methods(options.delete(:member)) - @new_methods = arrange_actions_by_methods(options.delete(:new)) - end - - def add_default_actions - add_default_action(member_methods, :get, :edit) - add_default_action(new_methods, :get, :new) - end - - def set_allowed_actions - only = @options.delete(:only) - except = @options.delete(:except) - - if only && except - raise ArgumentError, 'Please supply either :only or :except, not both.' - elsif only == :all || except == :none - options[:actions] = DEFAULT_ACTIONS - elsif only == :none || except == :all - options[:actions] = [] - elsif only - options[:actions] = DEFAULT_ACTIONS & Array(only).map(&:to_sym) - elsif except - options[:actions] = DEFAULT_ACTIONS - Array(except).map(&:to_sym) - else - # leave options[:actions] alone - end - end - - def set_prefixes - @path_prefix = options.delete(:path_prefix) - @name_prefix = options.delete(:name_prefix) - end - - def arrange_actions_by_methods(actions) - (actions || {}).inject({}) do |flipped_hash, (key, value)| - (flipped_hash[value] ||= []) << key - flipped_hash - end - end - - def add_default_action(collection, method, action) - (collection[method] ||= []).unshift(action) - end - end - - class SingletonResource < Resource #:nodoc: - def initialize(entity, options) - @singular = @plural = entity - options[:controller] ||= @singular.to_s.pluralize - super - end - - alias_method :shallow_path_prefix, :path_prefix - alias_method :shallow_name_prefix, :name_prefix - alias_method :member_path, :path - alias_method :nesting_path_prefix, :path - end - - # Creates named routes for implementing verb-oriented controllers - # for a collection \resource. - # - # For example: - # - # map.resources :messages - # - # will map the following actions in the corresponding controller: - # - # class MessagesController < ActionController::Base - # # GET messages_url - # def index - # # return all messages - # end - # - # # GET new_message_url - # def new - # # return an HTML form for describing a new message - # end - # - # # POST messages_url - # def create - # # create a new message - # end - # - # # GET message_url(:id => 1) - # def show - # # find and return a specific message - # end - # - # # GET edit_message_url(:id => 1) - # def edit - # # return an HTML form for editing a specific message - # end - # - # # PUT message_url(:id => 1) - # def update - # # find and update a specific message - # end - # - # # DELETE message_url(:id => 1) - # def destroy - # # delete a specific message - # end - # end - # - # Along with the routes themselves, +resources+ generates named routes for use in - # controllers and views. map.resources :messages produces the following named routes and helpers: - # - # Named Route Helpers - # ============ ===================================================== - # messages messages_url, hash_for_messages_url, - # messages_path, hash_for_messages_path - # - # message message_url(id), hash_for_message_url(id), - # message_path(id), hash_for_message_path(id) - # - # new_message new_message_url, hash_for_new_message_url, - # new_message_path, hash_for_new_message_path - # - # edit_message edit_message_url(id), hash_for_edit_message_url(id), - # edit_message_path(id), hash_for_edit_message_path(id) - # - # You can use these helpers instead of +url_for+ or methods that take +url_for+ parameters. For example: - # - # redirect_to :controller => 'messages', :action => 'index' - # # and - # <%= link_to "edit this message", :controller => 'messages', :action => 'edit', :id => @message.id %> - # - # now become: - # - # redirect_to messages_url - # # and - # <%= link_to "edit this message", edit_message_url(@message) # calls @message.id automatically - # - # Since web browsers don't support the PUT and DELETE verbs, you will need to add a parameter '_method' to your - # form tags. The form helpers make this a little easier. For an update form with a @message object: - # - # <%= form_tag message_path(@message), :method => :put %> - # - # or - # - # <% form_for :message, @message, :url => message_path(@message), :html => {:method => :put} do |f| %> - # - # or - # - # <% form_for @message do |f| %> - # - # which takes into account whether @message is a new record or not and generates the - # path and method accordingly. - # - # The +resources+ method accepts the following options to customize the resulting routes: - # * :collection - Add named routes for other actions that operate on the collection. - # Takes a hash of #{action} => #{method}, where method is :get/:post/:put/:delete, - # an array of any of the previous, or :any if the method does not matter. - # These routes map to a URL like /messages/rss, with a route of +rss_messages_url+. - # * :member - Same as :collection, but for actions that operate on a specific member. - # * :new - Same as :collection, but for actions that operate on the new \resource action. - # * :controller - Specify the controller name for the routes. - # * :singular - Specify the singular name used in the member routes. - # * :requirements - Set custom routing parameter requirements; this is a hash of either - # regular expressions (which must match for the route to match) or extra parameters. For example: - # - # map.resource :profile, :path_prefix => ':name', :requirements => { :name => /[a-zA-Z]+/, :extra => 'value' } - # - # will only match if the first part is alphabetic, and will pass the parameter :extra to the controller. - # * :conditions - Specify custom routing recognition conditions. \Resources sets the :method value for the method-specific routes. - # * :as - Specify a different \resource name to use in the URL path. For example: - # # products_path == '/productos' - # map.resources :products, :as => 'productos' do |product| - # # product_reviews_path(product) == '/productos/1234/comentarios' - # product.resources :product_reviews, :as => 'comentarios' - # end - # - # * :has_one - Specify nested \resources, this is a shorthand for mapping singleton \resources beneath the current. - # * :has_many - Same has :has_one, but for plural \resources. - # - # You may directly specify the routing association with +has_one+ and +has_many+ like: - # - # map.resources :notes, :has_one => :author, :has_many => [:comments, :attachments] - # - # This is the same as: - # - # map.resources :notes do |notes| - # notes.resource :author - # notes.resources :comments - # notes.resources :attachments - # end - # - # * :path_names - Specify different names for the 'new' and 'edit' actions. For example: - # # new_products_path == '/productos/nuevo' - # map.resources :products, :as => 'productos', :path_names => { :new => 'nuevo', :edit => 'editar' } - # - # You can also set default action names from an environment, like this: - # config.action_controller.resources_path_names = { :new => 'nuevo', :edit => 'editar' } - # - # * :path_prefix - Set a prefix to the routes with required route variables. - # - # Weblog comments usually belong to a post, so you might use +resources+ like: - # - # map.resources :articles - # map.resources :comments, :path_prefix => '/articles/:article_id' - # - # You can nest +resources+ calls to set this automatically: - # - # map.resources :articles do |article| - # article.resources :comments - # end - # - # The comment \resources work the same, but must now include a value for :article_id. - # - # article_comments_url(@article) - # article_comment_url(@article, @comment) - # - # article_comments_url(:article_id => @article) - # article_comment_url(:article_id => @article, :id => @comment) - # - # If you don't want to load all objects from the database you might want to use the article_id directly: - # - # articles_comments_url(@comment.article_id, @comment) - # - # * :name_prefix - Define a prefix for all generated routes, usually ending in an underscore. - # Use this if you have named routes that may clash. - # - # map.resources :tags, :path_prefix => '/books/:book_id', :name_prefix => 'book_' - # map.resources :tags, :path_prefix => '/toys/:toy_id', :name_prefix => 'toy_' - # - # You may also use :name_prefix to override the generic named routes in a nested \resource: - # - # map.resources :articles do |article| - # article.resources :comments, :name_prefix => nil - # end - # - # This will yield named \resources like so: - # - # comments_url(@article) - # comment_url(@article, @comment) - # - # * :shallow - If true, paths for nested resources which reference a specific member - # (ie. those with an :id parameter) will not use the parent path prefix or name prefix. - # - # The :shallow option is inherited by any nested resource(s). - # - # For example, 'users', 'posts' and 'comments' all use shallow paths with the following nested resources: - # - # map.resources :users, :shallow => true do |user| - # user.resources :posts do |post| - # post.resources :comments - # end - # end - # # --> GET /users/1/posts (maps to the PostsController#index action as usual) - # # also adds the usual named route called "user_posts" - # # --> GET /posts/2 (maps to the PostsController#show action as if it were not nested) - # # also adds the named route called "post" - # # --> GET /posts/2/comments (maps to the CommentsController#index action) - # # also adds the named route called "post_comments" - # # --> GET /comments/2 (maps to the CommentsController#show action as if it were not nested) - # # also adds the named route called "comment" - # - # You may also use :shallow in combination with the +has_one+ and +has_many+ shorthand notations like: - # - # map.resources :users, :has_many => { :posts => :comments }, :shallow => true - # - # * :only and :except - Specify which of the seven default actions should be routed to. - # - # :only and :except may be set to :all, :none, an action name or a - # list of action names. By default, routes are generated for all seven actions. - # - # For example: - # - # map.resources :posts, :only => [:index, :show] do |post| - # post.resources :comments, :except => [:update, :destroy] - # end - # # --> GET /posts (maps to the PostsController#index action) - # # --> POST /posts (fails) - # # --> GET /posts/1 (maps to the PostsController#show action) - # # --> DELETE /posts/1 (fails) - # # --> POST /posts/1/comments (maps to the CommentsController#create action) - # # --> PUT /posts/1/comments/1 (fails) - # - # The :only and :except options are inherited by any nested resource(s). - # - # If map.resources is called with multiple resources, they all get the same options applied. - # - # Examples: - # - # map.resources :messages, :path_prefix => "/thread/:thread_id" - # # --> GET /thread/7/messages/1 - # - # map.resources :messages, :collection => { :rss => :get } - # # --> GET /messages/rss (maps to the #rss action) - # # also adds a named route called "rss_messages" - # - # map.resources :messages, :member => { :mark => :post } - # # --> POST /messages/1/mark (maps to the #mark action) - # # also adds a named route called "mark_message" - # - # map.resources :messages, :new => { :preview => :post } - # # --> POST /messages/new/preview (maps to the #preview action) - # # also adds a named route called "preview_new_message" - # - # map.resources :messages, :new => { :new => :any, :preview => :post } - # # --> POST /messages/new/preview (maps to the #preview action) - # # also adds a named route called "preview_new_message" - # # --> /messages/new can be invoked via any request method - # - # map.resources :messages, :controller => "categories", - # :path_prefix => "/category/:category_id", - # :name_prefix => "category_" - # # --> GET /categories/7/messages/1 - # # has named route "category_message" - # - # The +resources+ method sets HTTP method restrictions on the routes it generates. For example, making an - # HTTP POST on new_message_url will raise a RoutingError exception. The default route in - # config/routes.rb overrides this and allows invalid HTTP methods for \resource routes. - def resources(*entities, &block) - options = entities.extract_options! - entities.each { |entity| map_resource(entity, options.dup, &block) } - end - - # Creates named routes for implementing verb-oriented controllers for a singleton \resource. - # A singleton \resource is global to its current context. For unnested singleton \resources, - # the \resource is global to the current user visiting the application, such as a user's - # /account profile. For nested singleton \resources, the \resource is global to its parent - # \resource, such as a projects \resource that has_one :project_manager. - # The project_manager should be mapped as a singleton \resource under projects: - # - # map.resources :projects do |project| - # project.resource :project_manager - # end - # - # See +resources+ for general conventions. These are the main differences: - # * A singular name is given to map.resource. The default controller name is still taken from the plural name. - # * To specify a custom plural name, use the :plural option. There is no :singular option. - # * No default index route is created for the singleton \resource controller. - # * When nesting singleton \resources, only the singular name is used as the path prefix (example: 'account/messages/1') - # - # For example: - # - # map.resource :account - # - # maps these actions in the Accounts controller: - # - # class AccountsController < ActionController::Base - # # GET new_account_url - # def new - # # return an HTML form for describing the new account - # end - # - # # POST account_url - # def create - # # create an account - # end - # - # # GET account_url - # def show - # # find and return the account - # end - # - # # GET edit_account_url - # def edit - # # return an HTML form for editing the account - # end - # - # # PUT account_url - # def update - # # find and update the account - # end - # - # # DELETE account_url - # def destroy - # # delete the account - # end - # end - # - # Along with the routes themselves, +resource+ generates named routes for - # use in controllers and views. map.resource :account produces - # these named routes and helpers: - # - # Named Route Helpers - # ============ ============================================= - # account account_url, hash_for_account_url, - # account_path, hash_for_account_path - # - # new_account new_account_url, hash_for_new_account_url, - # new_account_path, hash_for_new_account_path - # - # edit_account edit_account_url, hash_for_edit_account_url, - # edit_account_path, hash_for_edit_account_path - def resource(*entities, &block) - options = entities.extract_options! - entities.each { |entity| map_singleton_resource(entity, options.dup, &block) } - end - - private - def map_resource(entities, options = {}, &block) - resource = Resource.new(entities, options) - - with_options :controller => resource.controller do |map| - map_collection_actions(map, resource) - map_default_collection_actions(map, resource) - map_new_actions(map, resource) - map_member_actions(map, resource) - - map_associations(resource, options) - - if block_given? - with_options(options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix), &block) - end - end - end - - def map_singleton_resource(entities, options = {}, &block) - resource = SingletonResource.new(entities, options) - - with_options :controller => resource.controller do |map| - map_collection_actions(map, resource) - map_new_actions(map, resource) - map_member_actions(map, resource) - map_default_singleton_actions(map, resource) - - map_associations(resource, options) - - if block_given? - with_options(options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix), &block) - end - end - end - - def map_associations(resource, options) - map_has_many_associations(resource, options.delete(:has_many), options) if options[:has_many] - - path_prefix = "#{options.delete(:path_prefix)}#{resource.nesting_path_prefix}" - name_prefix = "#{options.delete(:name_prefix)}#{resource.nesting_name_prefix}" - - Array(options[:has_one]).each do |association| - resource(association, options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => path_prefix, :name_prefix => name_prefix)) - end - end - - def map_has_many_associations(resource, associations, options) - case associations - when Hash - associations.each do |association,has_many| - map_has_many_associations(resource, association, options.merge(:has_many => has_many)) - end - when Array - associations.each do |association| - map_has_many_associations(resource, association, options) - end - when Symbol, String - resources(associations, options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix, :has_many => options[:has_many])) - else - end - end - - def map_collection_actions(map, resource) - resource.collection_methods.each do |method, actions| - actions.each do |action| - [method].flatten.each do |m| - map_resource_routes(map, resource, action, "#{resource.path}#{resource.action_separator}#{action}", "#{action}_#{resource.name_prefix}#{resource.plural}", m) - end - end - end - end - - def map_default_collection_actions(map, resource) - index_route_name = "#{resource.name_prefix}#{resource.plural}" - - if resource.uncountable? - index_route_name << "_index" - end - - map_resource_routes(map, resource, :index, resource.path, index_route_name) - map_resource_routes(map, resource, :create, resource.path, index_route_name) - end - - def map_default_singleton_actions(map, resource) - map_resource_routes(map, resource, :create, resource.path, "#{resource.shallow_name_prefix}#{resource.singular}") - end - - def map_new_actions(map, resource) - resource.new_methods.each do |method, actions| - actions.each do |action| - route_path = resource.new_path - route_name = "new_#{resource.name_prefix}#{resource.singular}" - - unless action == :new - route_path = "#{route_path}#{resource.action_separator}#{action}" - route_name = "#{action}_#{route_name}" - end - - map_resource_routes(map, resource, action, route_path, route_name, method) - end - end - end - - def map_member_actions(map, resource) - resource.member_methods.each do |method, actions| - actions.each do |action| - [method].flatten.each do |m| - action_path = resource.options[:path_names][action] if resource.options[:path_names].is_a?(Hash) - action_path ||= Base.resources_path_names[action] || action - - map_resource_routes(map, resource, action, "#{resource.member_path}#{resource.action_separator}#{action_path}", "#{action}_#{resource.shallow_name_prefix}#{resource.singular}", m) - end - end - end - - route_path = "#{resource.shallow_name_prefix}#{resource.singular}" - map_resource_routes(map, resource, :show, resource.member_path, route_path) - map_resource_routes(map, resource, :update, resource.member_path, route_path) - map_resource_routes(map, resource, :destroy, resource.member_path, route_path) - end - - def map_resource_routes(map, resource, action, route_path, route_name = nil, method = nil) - if resource.has_action?(action) - action_options = action_options_for(action, resource, method) - formatted_route_path = "#{route_path}.:format" - - if route_name && @set.named_routes[route_name.to_sym].nil? - map.named_route(route_name, formatted_route_path, action_options) - else - map.connect(formatted_route_path, action_options) - end - end - end - - def add_conditions_for(conditions, method) - returning({:conditions => conditions.dup}) do |options| - options[:conditions][:method] = method unless method == :any - end - end - - def action_options_for(action, resource, method = nil) - default_options = { :action => action.to_s } - require_id = !resource.kind_of?(SingletonResource) - - case default_options[:action] - when "index", "new"; default_options.merge(add_conditions_for(resource.conditions, method || :get)).merge(resource.requirements) - when "create"; default_options.merge(add_conditions_for(resource.conditions, method || :post)).merge(resource.requirements) - when "show", "edit"; default_options.merge(add_conditions_for(resource.conditions, method || :get)).merge(resource.requirements(require_id)) - when "update"; default_options.merge(add_conditions_for(resource.conditions, method || :put)).merge(resource.requirements(require_id)) - when "destroy"; default_options.merge(add_conditions_for(resource.conditions, method || :delete)).merge(resource.requirements(require_id)) - else default_options.merge(add_conditions_for(resource.conditions, method)).merge(resource.requirements) - end - end - end -end diff --git a/actionpack/lib/action_controller/response.rb b/actionpack/lib/action_controller/response.rb deleted file mode 100644 index 27860a6207..0000000000 --- a/actionpack/lib/action_controller/response.rb +++ /dev/null @@ -1,255 +0,0 @@ -require 'digest/md5' - -module ActionController # :nodoc: - # Represents an HTTP response generated by a controller action. One can use - # an ActionController::Response object to retrieve the current state - # of the response, or customize the response. An Response object can - # either represent a "real" HTTP response (i.e. one that is meant to be sent - # back to the web browser) or a test response (i.e. one that is generated - # from integration tests). See CgiResponse and TestResponse, respectively. - # - # Response is mostly a Ruby on Rails framework implement detail, and - # should never be used directly in controllers. Controllers should use the - # methods defined in ActionController::Base instead. For example, if you want - # to set the HTTP response's content MIME type, then use - # ActionControllerBase#headers instead of Response#headers. - # - # Nevertheless, integration tests may want to inspect controller responses in - # more detail, and that's when Response can be useful for application - # developers. Integration test methods such as - # ActionController::Integration::Session#get and - # ActionController::Integration::Session#post return objects of type - # TestResponse (which are of course also of type Response). - # - # For example, the following demo integration "test" prints the body of the - # controller response to the console: - # - # class DemoControllerTest < ActionController::IntegrationTest - # def test_print_root_path_to_console - # get('/') - # puts @response.body - # end - # end - class Response < Rack::Response - DEFAULT_HEADERS = { "Cache-Control" => "no-cache" } - attr_accessor :request - - attr_accessor :session, :assigns, :template, :layout - attr_accessor :redirected_to, :redirected_to_method_params - - delegate :default_charset, :to => 'ActionController::Base' - - def initialize - @status = 200 - @header = DEFAULT_HEADERS.dup - - @writer = lambda { |x| @body << x } - @block = nil - - @body = "", - @session, @assigns = [], [] - end - - def location; headers['Location'] end - def location=(url) headers['Location'] = url end - - - # Sets the HTTP response's content MIME type. For example, in the controller - # you could write this: - # - # response.content_type = "text/plain" - # - # If a character set has been defined for this response (see charset=) then - # the character set information will also be included in the content type - # information. - def content_type=(mime_type) - self.headers["Content-Type"] = - if mime_type =~ /charset/ || (c = charset).nil? - mime_type.to_s - else - "#{mime_type}; charset=#{c}" - end - end - - # Returns the response's content MIME type, or nil if content type has been set. - def content_type - content_type = String(headers["Content-Type"] || headers["type"]).split(";")[0] - content_type.blank? ? nil : content_type - end - - # Set the charset of the Content-Type header. Set to nil to remove it. - # If no content type is set, it defaults to HTML. - def charset=(charset) - headers["Content-Type"] = - if charset - "#{content_type || Mime::HTML}; charset=#{charset}" - else - content_type || Mime::HTML.to_s - end - end - - def charset - charset = String(headers["Content-Type"] || headers["type"]).split(";")[1] - charset.blank? ? nil : charset.strip.split("=")[1] - end - - def last_modified - if last = headers['Last-Modified'] - Time.httpdate(last) - end - end - - def last_modified? - headers.include?('Last-Modified') - end - - def last_modified=(utc_time) - headers['Last-Modified'] = utc_time.httpdate - end - - def etag - headers['ETag'] - end - - def etag? - headers.include?('ETag') - end - - def etag=(etag) - if etag.blank? - headers.delete('ETag') - else - headers['ETag'] = %("#{Digest::MD5.hexdigest(ActiveSupport::Cache.expand_cache_key(etag))}") - end - end - - def redirect(url, status) - self.status = status - self.location = url.gsub(/[\r\n]/, '') - self.body = "You are being redirected." - end - - def sending_file? - headers["Content-Transfer-Encoding"] == "binary" - end - - def assign_default_content_type_and_charset! - self.content_type ||= Mime::HTML - self.charset ||= default_charset unless sending_file? - end - - def prepare! - assign_default_content_type_and_charset! - handle_conditional_get! - set_content_length! - convert_content_type! - convert_language! - convert_expires! - convert_cookies! - end - - def each(&callback) - if @body.respond_to?(:call) - @writer = lambda { |x| callback.call(x) } - @body.call(self, self) - elsif @body.is_a?(String) - @body.each_line(&callback) - else - @body.each(&callback) - end - - @writer = callback - @block.call(self) if @block - end - - def write(str) - @writer.call str.to_s - str - end - - # Over Rack::Response#set_cookie to add HttpOnly option - def set_cookie(key, value) - case value - when Hash - domain = "; domain=" + value[:domain] if value[:domain] - path = "; path=" + value[:path] if value[:path] - # According to RFC 2109, we need dashes here. - # N.B.: cgi.rb uses spaces... - expires = "; expires=" + value[:expires].clone.gmtime. - strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires] - secure = "; secure" if value[:secure] - httponly = "; HttpOnly" if value[:http_only] - value = value[:value] - end - value = [value] unless Array === value - cookie = ::Rack::Utils.escape(key) + "=" + - value.map { |v| ::Rack::Utils.escape v }.join("&") + - "#{domain}#{path}#{expires}#{secure}#{httponly}" - - case self["Set-Cookie"] - when Array - self["Set-Cookie"] << cookie - when String - self["Set-Cookie"] = [self["Set-Cookie"], cookie] - when nil - self["Set-Cookie"] = cookie - end - end - - private - def handle_conditional_get! - if etag? || last_modified? - set_conditional_cache_control! - elsif nonempty_ok_response? - self.etag = body - - if request && request.etag_matches?(etag) - self.status = '304 Not Modified' - self.body = '' - end - - set_conditional_cache_control! - end - end - - def nonempty_ok_response? - ok = !status || status.to_s[0..2] == '200' - ok && body.is_a?(String) && !body.empty? - end - - def set_conditional_cache_control! - if headers['Cache-Control'] == DEFAULT_HEADERS['Cache-Control'] - headers['Cache-Control'] = 'private, max-age=0, must-revalidate' - end - end - - def convert_content_type! - headers['Content-Type'] ||= "text/html" - headers['Content-Type'] += "; charset=" + headers.delete('charset') if headers['charset'] - end - - # Don't set the Content-Length for block-based bodies as that would mean - # reading it all into memory. Not nice for, say, a 2GB streaming file. - def set_content_length! - if status && status.to_s[0..2] == '204' - headers.delete('Content-Length') - elsif length = headers['Content-Length'] - headers['Content-Length'] = length.to_s - elsif !body.respond_to?(:call) && (!status || status.to_s[0..2] != '304') - headers["Content-Length"] = body.size.to_s - end - end - - def convert_language! - headers["Content-Language"] = headers.delete("language") if headers["language"] - end - - def convert_expires! - headers["Expires"] = headers.delete("") if headers["expires"] - end - - def convert_cookies! - headers['Set-Cookie'] = Array(headers['Set-Cookie']).compact - end - end -end diff --git a/actionpack/lib/action_controller/rewindable_input.rb b/actionpack/lib/action_controller/rewindable_input.rb deleted file mode 100644 index 36f655c51e..0000000000 --- a/actionpack/lib/action_controller/rewindable_input.rb +++ /dev/null @@ -1,28 +0,0 @@ -module ActionController - class RewindableInput - class RewindableIO < ActiveSupport::BasicObject - def initialize(io) - @io = io - @rewindable = io.is_a?(StringIO) - end - - def method_missing(method, *args, &block) - unless @rewindable - @io = StringIO.new(@io.read) - @rewindable = true - end - - @io.__send__(method, *args, &block) - end - end - - def initialize(app) - @app = app - end - - def call(env) - env['rack.input'] = RewindableIO.new(env['rack.input']) - @app.call(env) - end - end -end diff --git a/actionpack/lib/action_controller/routing/generation/polymorphic_routes.rb b/actionpack/lib/action_controller/routing/generation/polymorphic_routes.rb new file mode 100644 index 0000000000..924d1aa6bd --- /dev/null +++ b/actionpack/lib/action_controller/routing/generation/polymorphic_routes.rb @@ -0,0 +1,201 @@ +module ActionController + # Polymorphic URL helpers are methods for smart resolution to a named route call when + # given an Active Record model instance. They are to be used in combination with + # ActionController::Resources. + # + # These methods are useful when you want to generate correct URL or path to a RESTful + # resource without having to know the exact type of the record in question. + # + # Nested resources and/or namespaces are also supported, as illustrated in the example: + # + # polymorphic_url([:admin, @article, @comment]) + # + # results in: + # + # admin_article_comment_url(@article, @comment) + # + # == Usage within the framework + # + # Polymorphic URL helpers are used in a number of places throughout the Rails framework: + # + # * url_for, so you can use it with a record as the argument, e.g. + # url_for(@article); + # * ActionView::Helpers::FormHelper uses polymorphic_path, so you can write + # form_for(@article) without having to specify :url parameter for the form + # action; + # * redirect_to (which, in fact, uses url_for) so you can write + # redirect_to(post) in your controllers; + # * ActionView::Helpers::AtomFeedHelper, so you don't have to explicitly specify URLs + # for feed entries. + # + # == Prefixed polymorphic helpers + # + # In addition to polymorphic_url and polymorphic_path methods, a + # number of prefixed helpers are available as a shorthand to :action => "..." + # in options. Those are: + # + # * edit_polymorphic_url, edit_polymorphic_path + # * new_polymorphic_url, new_polymorphic_path + # + # Example usage: + # + # edit_polymorphic_path(@post) # => "/posts/1/edit" + # polymorphic_path(@post, :format => :pdf) # => "/posts/1.pdf" + module PolymorphicRoutes + # Constructs a call to a named RESTful route for the given record and returns the + # resulting URL string. For example: + # + # # calls post_url(post) + # polymorphic_url(post) # => "http://example.com/posts/1" + # polymorphic_url([blog, post]) # => "http://example.com/blogs/1/posts/1" + # polymorphic_url([:admin, blog, post]) # => "http://example.com/admin/blogs/1/posts/1" + # polymorphic_url([user, :blog, post]) # => "http://example.com/users/1/blog/posts/1" + # + # ==== Options + # + # * :action - Specifies the action prefix for the named route: + # :new or :edit. Default is no prefix. + # * :routing_type - Allowed values are :path or :url. + # Default is :url. + # + # ==== Examples + # + # # an Article record + # polymorphic_url(record) # same as article_url(record) + # + # # a Comment record + # polymorphic_url(record) # same as comment_url(record) + # + # # it recognizes new records and maps to the collection + # record = Comment.new + # polymorphic_url(record) # same as comments_url() + # + def polymorphic_url(record_or_hash_or_array, options = {}) + if record_or_hash_or_array.kind_of?(Array) + record_or_hash_or_array = record_or_hash_or_array.compact + record_or_hash_or_array = record_or_hash_or_array[0] if record_or_hash_or_array.size == 1 + end + + record = extract_record(record_or_hash_or_array) + namespace = extract_namespace(record_or_hash_or_array) + + args = case record_or_hash_or_array + when Hash; [ record_or_hash_or_array ] + when Array; record_or_hash_or_array.dup + else [ record_or_hash_or_array ] + end + + inflection = + case + when options[:action].to_s == "new" + args.pop + :singular + when record.respond_to?(:new_record?) && record.new_record? + args.pop + :plural + else + :singular + end + + args.delete_if {|arg| arg.is_a?(Symbol) || arg.is_a?(String)} + + named_route = build_named_route_call(record_or_hash_or_array, namespace, inflection, options) + + url_options = options.except(:action, :routing_type) + unless url_options.empty? + args.last.kind_of?(Hash) ? args.last.merge!(url_options) : args << url_options + end + + __send__(named_route, *args) + end + + # Returns the path component of a URL for the given record. It uses + # polymorphic_url with :routing_type => :path. + def polymorphic_path(record_or_hash_or_array, options = {}) + options[:routing_type] = :path + polymorphic_url(record_or_hash_or_array, options) + end + + %w(edit new).each do |action| + module_eval <<-EOT, __FILE__, __LINE__ + def #{action}_polymorphic_url(record_or_hash, options = {}) # def edit_polymorphic_url(record_or_hash, options = {}) + polymorphic_url( # polymorphic_url( + record_or_hash, # record_or_hash, + options.merge(:action => "#{action}")) # options.merge(:action => "edit")) + end # end + # + def #{action}_polymorphic_path(record_or_hash, options = {}) # def edit_polymorphic_path(record_or_hash, options = {}) + polymorphic_url( # polymorphic_url( + record_or_hash, # record_or_hash, + options.merge(:action => "#{action}", :routing_type => :path)) # options.merge(:action => "edit", :routing_type => :path)) + end # end + EOT + end + + def formatted_polymorphic_url(record_or_hash, options = {}) + ActiveSupport::Deprecation.warn("formatted_polymorphic_url has been deprecated. Please pass :format to the polymorphic_url method instead", caller) + options[:format] = record_or_hash.pop if Array === record_or_hash + polymorphic_url(record_or_hash, options) + end + + def formatted_polymorphic_path(record_or_hash, options = {}) + ActiveSupport::Deprecation.warn("formatted_polymorphic_path has been deprecated. Please pass :format to the polymorphic_path method instead", caller) + options[:format] = record_or_hash.pop if record_or_hash === Array + polymorphic_url(record_or_hash, options.merge(:routing_type => :path)) + end + + private + def action_prefix(options) + options[:action] ? "#{options[:action]}_" : '' + end + + def routing_type(options) + options[:routing_type] || :url + end + + def build_named_route_call(records, namespace, inflection, options = {}) + unless records.is_a?(Array) + record = extract_record(records) + route = '' + else + record = records.pop + route = records.inject("") do |string, parent| + if parent.is_a?(Symbol) || parent.is_a?(String) + string << "#{parent}_" + else + string << "#{RecordIdentifier.__send__("singular_class_name", parent)}_" + end + end + end + + if record.is_a?(Symbol) || record.is_a?(String) + route << "#{record}_" + else + route << "#{RecordIdentifier.__send__("#{inflection}_class_name", record)}_" + end + + action_prefix(options) + namespace + route + routing_type(options).to_s + end + + def extract_record(record_or_hash_or_array) + case record_or_hash_or_array + when Array; record_or_hash_or_array.last + when Hash; record_or_hash_or_array[:id] + else record_or_hash_or_array + end + end + + # Remove the first symbols from the array and return the url prefix + # implied by those symbols. + def extract_namespace(record_or_hash_or_array) + return "" unless record_or_hash_or_array.is_a?(Array) + + namespace_keys = [] + while (key = record_or_hash_or_array.first) && key.is_a?(String) || key.is_a?(Symbol) + namespace_keys << record_or_hash_or_array.shift + end + + namespace_keys.map {|k| "#{k}_"}.join + end + end +end diff --git a/actionpack/lib/action_controller/routing/generation/url_rewriter.rb b/actionpack/lib/action_controller/routing/generation/url_rewriter.rb new file mode 100644 index 0000000000..d86e2db67d --- /dev/null +++ b/actionpack/lib/action_controller/routing/generation/url_rewriter.rb @@ -0,0 +1,219 @@ +module ActionController + # In routes.rb one defines URL-to-controller mappings, but the reverse + # is also possible: an URL can be generated from one of your routing definitions. + # URL generation functionality is centralized in this module. + # + # See ActionController::Routing and ActionController::Resources for general + # information about routing and routes.rb. + # + # Tip: If you need to generate URLs from your models or some other place, + # then ActionController::UrlWriter is what you're looking for. Read on for + # an introduction. + # + # == URL generation from parameters + # + # As you may know, some functions - such as ActionController::Base#url_for + # and ActionView::Helpers::UrlHelper#link_to, can generate URLs given a set + # of parameters. For example, you've probably had the chance to write code + # like this in one of your views: + # + # <%= link_to('Click here', :controller => 'users', + # :action => 'new', :message => 'Welcome!') %> + # + # #=> Generates a link to: /users/new?message=Welcome%21 + # + # link_to, and all other functions that require URL generation functionality, + # actually use ActionController::UrlWriter under the hood. And in particular, + # they use the ActionController::UrlWriter#url_for method. One can generate + # the same path as the above example by using the following code: + # + # include UrlWriter + # url_for(:controller => 'users', + # :action => 'new', + # :message => 'Welcome!', + # :only_path => true) + # # => "/users/new?message=Welcome%21" + # + # Notice the :only_path => true part. This is because UrlWriter has no + # information about the website hostname that your Rails app is serving. So if you + # want to include the hostname as well, then you must also pass the :host + # argument: + # + # include UrlWriter + # url_for(:controller => 'users', + # :action => 'new', + # :message => 'Welcome!', + # :host => 'www.example.com') # Changed this. + # # => "http://www.example.com/users/new?message=Welcome%21" + # + # By default, all controllers and views have access to a special version of url_for, + # that already knows what the current hostname is. So if you use url_for in your + # controllers or your views, then you don't need to explicitly pass the :host + # argument. + # + # For convenience reasons, mailers provide a shortcut for ActionController::UrlWriter#url_for. + # So within mailers, you only have to type 'url_for' instead of 'ActionController::UrlWriter#url_for' + # in full. However, mailers don't have hostname information, and what's why you'll still + # have to specify the :host argument when generating URLs in mailers. + # + # + # == URL generation for named routes + # + # UrlWriter also allows one to access methods that have been auto-generated from + # named routes. For example, suppose that you have a 'users' resource in your + # routes.rb: + # + # map.resources :users + # + # This generates, among other things, the method users_path. By default, + # this method is accessible from your controllers, views and mailers. If you need + # to access this auto-generated method from other places (such as a model), then + # you can do that in two ways. + # + # The first way is to include ActionController::UrlWriter in your class: + # + # class User < ActiveRecord::Base + # include ActionController::UrlWriter # !!! + # + # def name=(value) + # write_attribute('name', value) + # write_attribute('base_uri', users_path) # !!! + # end + # end + # + # The second way is to access them through ActionController::UrlWriter. + # The autogenerated named routes methods are available as class methods: + # + # class User < ActiveRecord::Base + # def name=(value) + # write_attribute('name', value) + # path = ActionController::UrlWriter.users_path # !!! + # write_attribute('base_uri', path) # !!! + # end + # end + module UrlWriter + # The default options for urls written by this writer. Typically a :host + # pair is provided. + mattr_accessor :default_url_options + self.default_url_options = {} + + def self.included(base) #:nodoc: + ActionController::Routing::Routes.install_helpers(base) + base.mattr_accessor :default_url_options + base.default_url_options ||= default_url_options + end + + # Generate a url based on the options provided, default_url_options and the + # routes defined in routes.rb. The following options are supported: + # + # * :only_path - If true, the relative url is returned. Defaults to +false+. + # * :protocol - The protocol to connect to. Defaults to 'http'. + # * :host - Specifies the host the link should be targetted at. + # If :only_path is false, this option must be + # provided either explicitly, or via +default_url_options+. + # * :port - Optionally specify the port to connect to. + # * :anchor - An anchor name to be appended to the path. + # * :skip_relative_url_root - If true, the url is not constructed using the + # +relative_url_root+ set in ActionController::Base.relative_url_root. + # * :trailing_slash - If true, adds a trailing slash, as in "/archive/2009/" + # + # Any other key (:controller, :action, etc.) given to + # +url_for+ is forwarded to the Routes module. + # + # Examples: + # + # url_for :controller => 'tasks', :action => 'testing', :host=>'somehost.org', :port=>'8080' # => 'http://somehost.org:8080/tasks/testing' + # url_for :controller => 'tasks', :action => 'testing', :host=>'somehost.org', :anchor => 'ok', :only_path => true # => '/tasks/testing#ok' + # url_for :controller => 'tasks', :action => 'testing', :trailing_slash=>true # => 'http://somehost.org/tasks/testing/' + # url_for :controller => 'tasks', :action => 'testing', :host=>'somehost.org', :number => '33' # => 'http://somehost.org/tasks/testing?number=33' + def url_for(options) + options = self.class.default_url_options.merge(options) + + url = '' + + unless options.delete(:only_path) + url << (options.delete(:protocol) || 'http') + url << '://' unless url.match("://") + + raise "Missing host to link to! Please provide :host parameter or set default_url_options[:host]" unless options[:host] + + url << options.delete(:host) + url << ":#{options.delete(:port)}" if options.key?(:port) + else + # Delete the unused options to prevent their appearance in the query string. + [:protocol, :host, :port, :skip_relative_url_root].each { |k| options.delete(k) } + end + trailing_slash = options.delete(:trailing_slash) if options.key?(:trailing_slash) + url << ActionController::Base.relative_url_root.to_s unless options[:skip_relative_url_root] + anchor = "##{CGI.escape options.delete(:anchor).to_param.to_s}" if options[:anchor] + generated = Routing::Routes.generate(options, {}) + url << (trailing_slash ? generated.sub(/\?|\z/) { "/" + $& } : generated) + url << anchor if anchor + + url + end + end + + # Rewrites URLs for Base.redirect_to and Base.url_for in the controller. + class UrlRewriter #:nodoc: + RESERVED_OPTIONS = [:anchor, :params, :only_path, :host, :protocol, :port, :trailing_slash, :skip_relative_url_root] + def initialize(request, parameters) + @request, @parameters = request, parameters + end + + def rewrite(options = {}) + rewrite_url(options) + end + + def to_str + "#{@request.protocol}, #{@request.host_with_port}, #{@request.path}, #{@parameters[:controller]}, #{@parameters[:action]}, #{@request.parameters.inspect}" + end + + alias_method :to_s, :to_str + + private + # Given a path and options, returns a rewritten URL string + def rewrite_url(options) + rewritten_url = "" + + unless options[:only_path] + rewritten_url << (options[:protocol] || @request.protocol) + rewritten_url << "://" unless rewritten_url.match("://") + rewritten_url << rewrite_authentication(options) + rewritten_url << (options[:host] || @request.host_with_port) + rewritten_url << ":#{options.delete(:port)}" if options.key?(:port) + end + + path = rewrite_path(options) + rewritten_url << ActionController::Base.relative_url_root.to_s unless options[:skip_relative_url_root] + rewritten_url << (options[:trailing_slash] ? path.sub(/\?|\z/) { "/" + $& } : path) + rewritten_url << "##{options[:anchor]}" if options[:anchor] + + rewritten_url + end + + # Given a Hash of options, generates a route + def rewrite_path(options) + options = options.symbolize_keys + options.update(options[:params].symbolize_keys) if options[:params] + + if (overwrite = options.delete(:overwrite_params)) + options.update(@parameters.symbolize_keys) + options.update(overwrite.symbolize_keys) + end + + RESERVED_OPTIONS.each { |k| options.delete(k) } + + # Generates the query string, too + Routing::Routes.generate(options, @request.symbolized_path_parameters) + end + + def rewrite_authentication(options) + if options[:user] && options[:password] + "#{CGI.escape(options.delete(:user))}:#{CGI.escape(options.delete(:password))}@" + else + "" + end + end + end +end diff --git a/actionpack/lib/action_controller/routing/resources.rb b/actionpack/lib/action_controller/routing/resources.rb new file mode 100644 index 0000000000..e8988aa737 --- /dev/null +++ b/actionpack/lib/action_controller/routing/resources.rb @@ -0,0 +1,674 @@ +module ActionController + # == Overview + # + # ActionController::Resources are a way of defining RESTful \resources. A RESTful \resource, in basic terms, + # is something that can be pointed at and it will respond with a representation of the data requested. + # In real terms this could mean a user with a browser requests an HTML page, or that a desktop application + # requests XML data. + # + # RESTful design is based on the assumption that there are four generic verbs that a user of an + # application can request from a \resource (the noun). + # + # \Resources can be requested using four basic HTTP verbs (GET, POST, PUT, DELETE), the method used + # denotes the type of action that should take place. + # + # === The Different Methods and their Usage + # + # * GET - Requests for a \resource, no saving or editing of a \resource should occur in a GET request. + # * POST - Creation of \resources. + # * PUT - Editing of attributes on a \resource. + # * DELETE - Deletion of a \resource. + # + # === Examples + # + # # A GET request on the Posts resource is asking for all Posts + # GET /posts + # + # # A GET request on a single Post resource is asking for that particular Post + # GET /posts/1 + # + # # A POST request on the Posts resource is asking for a Post to be created with the supplied details + # POST /posts # with => { :post => { :title => "My Whizzy New Post", :body => "I've got a brand new combine harvester" } } + # + # # A PUT request on a single Post resource is asking for a Post to be updated + # PUT /posts # with => { :id => 1, :post => { :title => "Changed Whizzy Title" } } + # + # # A DELETE request on a single Post resource is asking for it to be deleted + # DELETE /posts # with => { :id => 1 } + # + # By using the REST convention, users of our application can assume certain things about how the data + # is requested and how it is returned. Rails simplifies the routing part of RESTful design by + # supplying you with methods to create them in your routes.rb file. + # + # Read more about REST at http://en.wikipedia.org/wiki/Representational_State_Transfer + module Resources + INHERITABLE_OPTIONS = :namespace, :shallow, :actions + + class Resource #:nodoc: + DEFAULT_ACTIONS = :index, :create, :new, :edit, :show, :update, :destroy + + attr_reader :collection_methods, :member_methods, :new_methods + attr_reader :path_prefix, :name_prefix, :path_segment + attr_reader :plural, :singular + attr_reader :options + + def initialize(entities, options) + @plural ||= entities + @singular ||= options[:singular] || plural.to_s.singularize + @path_segment = options.delete(:as) || @plural + + @options = options + + arrange_actions + add_default_actions + set_allowed_actions + set_prefixes + end + + def controller + @controller ||= "#{options[:namespace]}#{(options[:controller] || plural).to_s}" + end + + def requirements(with_id = false) + @requirements ||= @options[:requirements] || {} + @id_requirement ||= { :id => @requirements.delete(:id) || /[^#{Routing::SEPARATORS.join}]+/ } + + with_id ? @requirements.merge(@id_requirement) : @requirements + end + + def conditions + @conditions ||= @options[:conditions] || {} + end + + def path + @path ||= "#{path_prefix}/#{path_segment}" + end + + def new_path + new_action = self.options[:path_names][:new] if self.options[:path_names] + new_action ||= Base.resources_path_names[:new] + @new_path ||= "#{path}/#{new_action}" + end + + def shallow_path_prefix + @shallow_path_prefix ||= "#{path_prefix unless @options[:shallow]}" + end + + def member_path + @member_path ||= "#{shallow_path_prefix}/#{path_segment}/:id" + end + + def nesting_path_prefix + @nesting_path_prefix ||= "#{shallow_path_prefix}/#{path_segment}/:#{singular}_id" + end + + def shallow_name_prefix + @shallow_name_prefix ||= "#{name_prefix unless @options[:shallow]}" + end + + def nesting_name_prefix + "#{shallow_name_prefix}#{singular}_" + end + + def action_separator + @action_separator ||= Base.resource_action_separator + end + + def uncountable? + @singular.to_s == @plural.to_s + end + + def has_action?(action) + !DEFAULT_ACTIONS.include?(action) || @options[:actions].nil? || @options[:actions].include?(action) + end + + protected + def arrange_actions + @collection_methods = arrange_actions_by_methods(options.delete(:collection)) + @member_methods = arrange_actions_by_methods(options.delete(:member)) + @new_methods = arrange_actions_by_methods(options.delete(:new)) + end + + def add_default_actions + add_default_action(member_methods, :get, :edit) + add_default_action(new_methods, :get, :new) + end + + def set_allowed_actions + only = @options.delete(:only) + except = @options.delete(:except) + + if only && except + raise ArgumentError, 'Please supply either :only or :except, not both.' + elsif only == :all || except == :none + options[:actions] = DEFAULT_ACTIONS + elsif only == :none || except == :all + options[:actions] = [] + elsif only + options[:actions] = DEFAULT_ACTIONS & Array(only).map(&:to_sym) + elsif except + options[:actions] = DEFAULT_ACTIONS - Array(except).map(&:to_sym) + else + # leave options[:actions] alone + end + end + + def set_prefixes + @path_prefix = options.delete(:path_prefix) + @name_prefix = options.delete(:name_prefix) + end + + def arrange_actions_by_methods(actions) + (actions || {}).inject({}) do |flipped_hash, (key, value)| + (flipped_hash[value] ||= []) << key + flipped_hash + end + end + + def add_default_action(collection, method, action) + (collection[method] ||= []).unshift(action) + end + end + + class SingletonResource < Resource #:nodoc: + def initialize(entity, options) + @singular = @plural = entity + options[:controller] ||= @singular.to_s.pluralize + super + end + + alias_method :shallow_path_prefix, :path_prefix + alias_method :shallow_name_prefix, :name_prefix + alias_method :member_path, :path + alias_method :nesting_path_prefix, :path + end + + # Creates named routes for implementing verb-oriented controllers + # for a collection \resource. + # + # For example: + # + # map.resources :messages + # + # will map the following actions in the corresponding controller: + # + # class MessagesController < ActionController::Base + # # GET messages_url + # def index + # # return all messages + # end + # + # # GET new_message_url + # def new + # # return an HTML form for describing a new message + # end + # + # # POST messages_url + # def create + # # create a new message + # end + # + # # GET message_url(:id => 1) + # def show + # # find and return a specific message + # end + # + # # GET edit_message_url(:id => 1) + # def edit + # # return an HTML form for editing a specific message + # end + # + # # PUT message_url(:id => 1) + # def update + # # find and update a specific message + # end + # + # # DELETE message_url(:id => 1) + # def destroy + # # delete a specific message + # end + # end + # + # Along with the routes themselves, +resources+ generates named routes for use in + # controllers and views. map.resources :messages produces the following named routes and helpers: + # + # Named Route Helpers + # ============ ===================================================== + # messages messages_url, hash_for_messages_url, + # messages_path, hash_for_messages_path + # + # message message_url(id), hash_for_message_url(id), + # message_path(id), hash_for_message_path(id) + # + # new_message new_message_url, hash_for_new_message_url, + # new_message_path, hash_for_new_message_path + # + # edit_message edit_message_url(id), hash_for_edit_message_url(id), + # edit_message_path(id), hash_for_edit_message_path(id) + # + # You can use these helpers instead of +url_for+ or methods that take +url_for+ parameters. For example: + # + # redirect_to :controller => 'messages', :action => 'index' + # # and + # <%= link_to "edit this message", :controller => 'messages', :action => 'edit', :id => @message.id %> + # + # now become: + # + # redirect_to messages_url + # # and + # <%= link_to "edit this message", edit_message_url(@message) # calls @message.id automatically + # + # Since web browsers don't support the PUT and DELETE verbs, you will need to add a parameter '_method' to your + # form tags. The form helpers make this a little easier. For an update form with a @message object: + # + # <%= form_tag message_path(@message), :method => :put %> + # + # or + # + # <% form_for :message, @message, :url => message_path(@message), :html => {:method => :put} do |f| %> + # + # or + # + # <% form_for @message do |f| %> + # + # which takes into account whether @message is a new record or not and generates the + # path and method accordingly. + # + # The +resources+ method accepts the following options to customize the resulting routes: + # * :collection - Add named routes for other actions that operate on the collection. + # Takes a hash of #{action} => #{method}, where method is :get/:post/:put/:delete, + # an array of any of the previous, or :any if the method does not matter. + # These routes map to a URL like /messages/rss, with a route of +rss_messages_url+. + # * :member - Same as :collection, but for actions that operate on a specific member. + # * :new - Same as :collection, but for actions that operate on the new \resource action. + # * :controller - Specify the controller name for the routes. + # * :singular - Specify the singular name used in the member routes. + # * :requirements - Set custom routing parameter requirements; this is a hash of either + # regular expressions (which must match for the route to match) or extra parameters. For example: + # + # map.resource :profile, :path_prefix => ':name', :requirements => { :name => /[a-zA-Z]+/, :extra => 'value' } + # + # will only match if the first part is alphabetic, and will pass the parameter :extra to the controller. + # * :conditions - Specify custom routing recognition conditions. \Resources sets the :method value for the method-specific routes. + # * :as - Specify a different \resource name to use in the URL path. For example: + # # products_path == '/productos' + # map.resources :products, :as => 'productos' do |product| + # # product_reviews_path(product) == '/productos/1234/comentarios' + # product.resources :product_reviews, :as => 'comentarios' + # end + # + # * :has_one - Specify nested \resources, this is a shorthand for mapping singleton \resources beneath the current. + # * :has_many - Same has :has_one, but for plural \resources. + # + # You may directly specify the routing association with +has_one+ and +has_many+ like: + # + # map.resources :notes, :has_one => :author, :has_many => [:comments, :attachments] + # + # This is the same as: + # + # map.resources :notes do |notes| + # notes.resource :author + # notes.resources :comments + # notes.resources :attachments + # end + # + # * :path_names - Specify different names for the 'new' and 'edit' actions. For example: + # # new_products_path == '/productos/nuevo' + # map.resources :products, :as => 'productos', :path_names => { :new => 'nuevo', :edit => 'editar' } + # + # You can also set default action names from an environment, like this: + # config.action_controller.resources_path_names = { :new => 'nuevo', :edit => 'editar' } + # + # * :path_prefix - Set a prefix to the routes with required route variables. + # + # Weblog comments usually belong to a post, so you might use +resources+ like: + # + # map.resources :articles + # map.resources :comments, :path_prefix => '/articles/:article_id' + # + # You can nest +resources+ calls to set this automatically: + # + # map.resources :articles do |article| + # article.resources :comments + # end + # + # The comment \resources work the same, but must now include a value for :article_id. + # + # article_comments_url(@article) + # article_comment_url(@article, @comment) + # + # article_comments_url(:article_id => @article) + # article_comment_url(:article_id => @article, :id => @comment) + # + # If you don't want to load all objects from the database you might want to use the article_id directly: + # + # articles_comments_url(@comment.article_id, @comment) + # + # * :name_prefix - Define a prefix for all generated routes, usually ending in an underscore. + # Use this if you have named routes that may clash. + # + # map.resources :tags, :path_prefix => '/books/:book_id', :name_prefix => 'book_' + # map.resources :tags, :path_prefix => '/toys/:toy_id', :name_prefix => 'toy_' + # + # You may also use :name_prefix to override the generic named routes in a nested \resource: + # + # map.resources :articles do |article| + # article.resources :comments, :name_prefix => nil + # end + # + # This will yield named \resources like so: + # + # comments_url(@article) + # comment_url(@article, @comment) + # + # * :shallow - If true, paths for nested resources which reference a specific member + # (ie. those with an :id parameter) will not use the parent path prefix or name prefix. + # + # The :shallow option is inherited by any nested resource(s). + # + # For example, 'users', 'posts' and 'comments' all use shallow paths with the following nested resources: + # + # map.resources :users, :shallow => true do |user| + # user.resources :posts do |post| + # post.resources :comments + # end + # end + # # --> GET /users/1/posts (maps to the PostsController#index action as usual) + # # also adds the usual named route called "user_posts" + # # --> GET /posts/2 (maps to the PostsController#show action as if it were not nested) + # # also adds the named route called "post" + # # --> GET /posts/2/comments (maps to the CommentsController#index action) + # # also adds the named route called "post_comments" + # # --> GET /comments/2 (maps to the CommentsController#show action as if it were not nested) + # # also adds the named route called "comment" + # + # You may also use :shallow in combination with the +has_one+ and +has_many+ shorthand notations like: + # + # map.resources :users, :has_many => { :posts => :comments }, :shallow => true + # + # * :only and :except - Specify which of the seven default actions should be routed to. + # + # :only and :except may be set to :all, :none, an action name or a + # list of action names. By default, routes are generated for all seven actions. + # + # For example: + # + # map.resources :posts, :only => [:index, :show] do |post| + # post.resources :comments, :except => [:update, :destroy] + # end + # # --> GET /posts (maps to the PostsController#index action) + # # --> POST /posts (fails) + # # --> GET /posts/1 (maps to the PostsController#show action) + # # --> DELETE /posts/1 (fails) + # # --> POST /posts/1/comments (maps to the CommentsController#create action) + # # --> PUT /posts/1/comments/1 (fails) + # + # The :only and :except options are inherited by any nested resource(s). + # + # If map.resources is called with multiple resources, they all get the same options applied. + # + # Examples: + # + # map.resources :messages, :path_prefix => "/thread/:thread_id" + # # --> GET /thread/7/messages/1 + # + # map.resources :messages, :collection => { :rss => :get } + # # --> GET /messages/rss (maps to the #rss action) + # # also adds a named route called "rss_messages" + # + # map.resources :messages, :member => { :mark => :post } + # # --> POST /messages/1/mark (maps to the #mark action) + # # also adds a named route called "mark_message" + # + # map.resources :messages, :new => { :preview => :post } + # # --> POST /messages/new/preview (maps to the #preview action) + # # also adds a named route called "preview_new_message" + # + # map.resources :messages, :new => { :new => :any, :preview => :post } + # # --> POST /messages/new/preview (maps to the #preview action) + # # also adds a named route called "preview_new_message" + # # --> /messages/new can be invoked via any request method + # + # map.resources :messages, :controller => "categories", + # :path_prefix => "/category/:category_id", + # :name_prefix => "category_" + # # --> GET /categories/7/messages/1 + # # has named route "category_message" + # + # The +resources+ method sets HTTP method restrictions on the routes it generates. For example, making an + # HTTP POST on new_message_url will raise a RoutingError exception. The default route in + # config/routes.rb overrides this and allows invalid HTTP methods for \resource routes. + def resources(*entities, &block) + options = entities.extract_options! + entities.each { |entity| map_resource(entity, options.dup, &block) } + end + + # Creates named routes for implementing verb-oriented controllers for a singleton \resource. + # A singleton \resource is global to its current context. For unnested singleton \resources, + # the \resource is global to the current user visiting the application, such as a user's + # /account profile. For nested singleton \resources, the \resource is global to its parent + # \resource, such as a projects \resource that has_one :project_manager. + # The project_manager should be mapped as a singleton \resource under projects: + # + # map.resources :projects do |project| + # project.resource :project_manager + # end + # + # See +resources+ for general conventions. These are the main differences: + # * A singular name is given to map.resource. The default controller name is still taken from the plural name. + # * To specify a custom plural name, use the :plural option. There is no :singular option. + # * No default index route is created for the singleton \resource controller. + # * When nesting singleton \resources, only the singular name is used as the path prefix (example: 'account/messages/1') + # + # For example: + # + # map.resource :account + # + # maps these actions in the Accounts controller: + # + # class AccountsController < ActionController::Base + # # GET new_account_url + # def new + # # return an HTML form for describing the new account + # end + # + # # POST account_url + # def create + # # create an account + # end + # + # # GET account_url + # def show + # # find and return the account + # end + # + # # GET edit_account_url + # def edit + # # return an HTML form for editing the account + # end + # + # # PUT account_url + # def update + # # find and update the account + # end + # + # # DELETE account_url + # def destroy + # # delete the account + # end + # end + # + # Along with the routes themselves, +resource+ generates named routes for + # use in controllers and views. map.resource :account produces + # these named routes and helpers: + # + # Named Route Helpers + # ============ ============================================= + # account account_url, hash_for_account_url, + # account_path, hash_for_account_path + # + # new_account new_account_url, hash_for_new_account_url, + # new_account_path, hash_for_new_account_path + # + # edit_account edit_account_url, hash_for_edit_account_url, + # edit_account_path, hash_for_edit_account_path + def resource(*entities, &block) + options = entities.extract_options! + entities.each { |entity| map_singleton_resource(entity, options.dup, &block) } + end + + private + def map_resource(entities, options = {}, &block) + resource = Resource.new(entities, options) + + with_options :controller => resource.controller do |map| + map_collection_actions(map, resource) + map_default_collection_actions(map, resource) + map_new_actions(map, resource) + map_member_actions(map, resource) + + map_associations(resource, options) + + if block_given? + with_options(options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix), &block) + end + end + end + + def map_singleton_resource(entities, options = {}, &block) + resource = SingletonResource.new(entities, options) + + with_options :controller => resource.controller do |map| + map_collection_actions(map, resource) + map_new_actions(map, resource) + map_member_actions(map, resource) + map_default_singleton_actions(map, resource) + + map_associations(resource, options) + + if block_given? + with_options(options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix), &block) + end + end + end + + def map_associations(resource, options) + map_has_many_associations(resource, options.delete(:has_many), options) if options[:has_many] + + path_prefix = "#{options.delete(:path_prefix)}#{resource.nesting_path_prefix}" + name_prefix = "#{options.delete(:name_prefix)}#{resource.nesting_name_prefix}" + + Array(options[:has_one]).each do |association| + resource(association, options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => path_prefix, :name_prefix => name_prefix)) + end + end + + def map_has_many_associations(resource, associations, options) + case associations + when Hash + associations.each do |association,has_many| + map_has_many_associations(resource, association, options.merge(:has_many => has_many)) + end + when Array + associations.each do |association| + map_has_many_associations(resource, association, options) + end + when Symbol, String + resources(associations, options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix, :has_many => options[:has_many])) + else + end + end + + def map_collection_actions(map, resource) + resource.collection_methods.each do |method, actions| + actions.each do |action| + [method].flatten.each do |m| + map_resource_routes(map, resource, action, "#{resource.path}#{resource.action_separator}#{action}", "#{action}_#{resource.name_prefix}#{resource.plural}", m) + end + end + end + end + + def map_default_collection_actions(map, resource) + index_route_name = "#{resource.name_prefix}#{resource.plural}" + + if resource.uncountable? + index_route_name << "_index" + end + + map_resource_routes(map, resource, :index, resource.path, index_route_name) + map_resource_routes(map, resource, :create, resource.path, index_route_name) + end + + def map_default_singleton_actions(map, resource) + map_resource_routes(map, resource, :create, resource.path, "#{resource.shallow_name_prefix}#{resource.singular}") + end + + def map_new_actions(map, resource) + resource.new_methods.each do |method, actions| + actions.each do |action| + route_path = resource.new_path + route_name = "new_#{resource.name_prefix}#{resource.singular}" + + unless action == :new + route_path = "#{route_path}#{resource.action_separator}#{action}" + route_name = "#{action}_#{route_name}" + end + + map_resource_routes(map, resource, action, route_path, route_name, method) + end + end + end + + def map_member_actions(map, resource) + resource.member_methods.each do |method, actions| + actions.each do |action| + [method].flatten.each do |m| + action_path = resource.options[:path_names][action] if resource.options[:path_names].is_a?(Hash) + action_path ||= Base.resources_path_names[action] || action + + map_resource_routes(map, resource, action, "#{resource.member_path}#{resource.action_separator}#{action_path}", "#{action}_#{resource.shallow_name_prefix}#{resource.singular}", m) + end + end + end + + route_path = "#{resource.shallow_name_prefix}#{resource.singular}" + map_resource_routes(map, resource, :show, resource.member_path, route_path) + map_resource_routes(map, resource, :update, resource.member_path, route_path) + map_resource_routes(map, resource, :destroy, resource.member_path, route_path) + end + + def map_resource_routes(map, resource, action, route_path, route_name = nil, method = nil) + if resource.has_action?(action) + action_options = action_options_for(action, resource, method) + formatted_route_path = "#{route_path}.:format" + + if route_name && @set.named_routes[route_name.to_sym].nil? + map.named_route(route_name, formatted_route_path, action_options) + else + map.connect(formatted_route_path, action_options) + end + end + end + + def add_conditions_for(conditions, method) + returning({:conditions => conditions.dup}) do |options| + options[:conditions][:method] = method unless method == :any + end + end + + def action_options_for(action, resource, method = nil) + default_options = { :action => action.to_s } + require_id = !resource.kind_of?(SingletonResource) + + case default_options[:action] + when "index", "new"; default_options.merge(add_conditions_for(resource.conditions, method || :get)).merge(resource.requirements) + when "create"; default_options.merge(add_conditions_for(resource.conditions, method || :post)).merge(resource.requirements) + when "show", "edit"; default_options.merge(add_conditions_for(resource.conditions, method || :get)).merge(resource.requirements(require_id)) + when "update"; default_options.merge(add_conditions_for(resource.conditions, method || :put)).merge(resource.requirements(require_id)) + when "destroy"; default_options.merge(add_conditions_for(resource.conditions, method || :delete)).merge(resource.requirements(require_id)) + else default_options.merge(add_conditions_for(resource.conditions, method)).merge(resource.requirements) + end + end + end +end diff --git a/actionpack/lib/action_controller/session/management.rb b/actionpack/lib/action_controller/session/management.rb new file mode 100644 index 0000000000..b556f04649 --- /dev/null +++ b/actionpack/lib/action_controller/session/management.rb @@ -0,0 +1,54 @@ +module ActionController #:nodoc: + module SessionManagement #:nodoc: + def self.included(base) + base.class_eval do + extend ClassMethods + end + end + + module ClassMethods + # Set the session store to be used for keeping the session data between requests. + # By default, sessions are stored in browser cookies (:cookie_store), + # but you can also specify one of the other included stores (:active_record_store, + # :mem_cache_store, or your own custom class. + def session_store=(store) + if store == :active_record_store + self.session_store = ActiveRecord::SessionStore + else + @@session_store = store.is_a?(Symbol) ? + Session.const_get(store.to_s.camelize) : + store + end + end + + # Returns the session store class currently used. + def session_store + if defined? @@session_store + @@session_store + else + Session::CookieStore + end + end + + def session=(options = {}) + self.session_store = nil if options.delete(:disabled) + session_options.merge!(options) + end + + # Returns the hash used to configure the session. Example use: + # + # ActionController::Base.session_options[:secure] = true # session only available over HTTPS + def session_options + @session_options ||= {} + end + + def session(*args) + ActiveSupport::Deprecation.warn( + "Disabling sessions for a single controller has been deprecated. " + + "Sessions are now lazy loaded. So if you don't access them, " + + "consider them off. You can still modify the session cookie " + + "options with request.session_options.", caller) + end + end + end +end diff --git a/actionpack/lib/action_controller/session_management.rb b/actionpack/lib/action_controller/session_management.rb deleted file mode 100644 index b556f04649..0000000000 --- a/actionpack/lib/action_controller/session_management.rb +++ /dev/null @@ -1,54 +0,0 @@ -module ActionController #:nodoc: - module SessionManagement #:nodoc: - def self.included(base) - base.class_eval do - extend ClassMethods - end - end - - module ClassMethods - # Set the session store to be used for keeping the session data between requests. - # By default, sessions are stored in browser cookies (:cookie_store), - # but you can also specify one of the other included stores (:active_record_store, - # :mem_cache_store, or your own custom class. - def session_store=(store) - if store == :active_record_store - self.session_store = ActiveRecord::SessionStore - else - @@session_store = store.is_a?(Symbol) ? - Session.const_get(store.to_s.camelize) : - store - end - end - - # Returns the session store class currently used. - def session_store - if defined? @@session_store - @@session_store - else - Session::CookieStore - end - end - - def session=(options = {}) - self.session_store = nil if options.delete(:disabled) - session_options.merge!(options) - end - - # Returns the hash used to configure the session. Example use: - # - # ActionController::Base.session_options[:secure] = true # session only available over HTTPS - def session_options - @session_options ||= {} - end - - def session(*args) - ActiveSupport::Deprecation.warn( - "Disabling sessions for a single controller has been deprecated. " + - "Sessions are now lazy loaded. So if you don't access them, " + - "consider them off. You can still modify the session cookie " + - "options with request.session_options.", caller) - end - end - end -end diff --git a/actionpack/lib/action_controller/status_codes.rb b/actionpack/lib/action_controller/status_codes.rb deleted file mode 100644 index 4977c79491..0000000000 --- a/actionpack/lib/action_controller/status_codes.rb +++ /dev/null @@ -1,88 +0,0 @@ -module ActionController - module StatusCodes #:nodoc: - # Defines the standard HTTP status codes, by integer, with their - # corresponding default message texts. - # Source: http://www.iana.org/assignments/http-status-codes - STATUS_CODES = { - 100 => "Continue", - 101 => "Switching Protocols", - 102 => "Processing", - - 200 => "OK", - 201 => "Created", - 202 => "Accepted", - 203 => "Non-Authoritative Information", - 204 => "No Content", - 205 => "Reset Content", - 206 => "Partial Content", - 207 => "Multi-Status", - 226 => "IM Used", - - 300 => "Multiple Choices", - 301 => "Moved Permanently", - 302 => "Found", - 303 => "See Other", - 304 => "Not Modified", - 305 => "Use Proxy", - 307 => "Temporary Redirect", - - 400 => "Bad Request", - 401 => "Unauthorized", - 402 => "Payment Required", - 403 => "Forbidden", - 404 => "Not Found", - 405 => "Method Not Allowed", - 406 => "Not Acceptable", - 407 => "Proxy Authentication Required", - 408 => "Request Timeout", - 409 => "Conflict", - 410 => "Gone", - 411 => "Length Required", - 412 => "Precondition Failed", - 413 => "Request Entity Too Large", - 414 => "Request-URI Too Long", - 415 => "Unsupported Media Type", - 416 => "Requested Range Not Satisfiable", - 417 => "Expectation Failed", - 422 => "Unprocessable Entity", - 423 => "Locked", - 424 => "Failed Dependency", - 426 => "Upgrade Required", - - 500 => "Internal Server Error", - 501 => "Not Implemented", - 502 => "Bad Gateway", - 503 => "Service Unavailable", - 504 => "Gateway Timeout", - 505 => "HTTP Version Not Supported", - 507 => "Insufficient Storage", - 510 => "Not Extended" - } - - # Provides a symbol-to-fixnum lookup for converting a symbol (like - # :created or :not_implemented) into its corresponding HTTP status - # code (like 200 or 501). - SYMBOL_TO_STATUS_CODE = STATUS_CODES.inject({}) do |hash, (code, message)| - hash[message.gsub(/ /, "").underscore.to_sym] = code - hash - end - - # Given a status parameter, determine whether it needs to be converted - # to a string. If it is a fixnum, use the STATUS_CODES hash to lookup - # the default message. If it is a symbol, use the SYMBOL_TO_STATUS_CODE - # hash to convert it. - def interpret_status(status) - case status - when Fixnum then - "#{status} #{STATUS_CODES[status]}".strip - when Symbol then - interpret_status(SYMBOL_TO_STATUS_CODE[status] || - "500 Unknown Status #{status.inspect}") - else - status.to_s - end - end - private :interpret_status - - end -end \ No newline at end of file diff --git a/actionpack/lib/action_controller/streaming.rb b/actionpack/lib/action_controller/streaming.rb deleted file mode 100644 index e1786913a7..0000000000 --- a/actionpack/lib/action_controller/streaming.rb +++ /dev/null @@ -1,171 +0,0 @@ -module ActionController #:nodoc: - # Methods for sending files and streams to the browser instead of rendering. - module Streaming - DEFAULT_SEND_FILE_OPTIONS = { - :type => 'application/octet-stream'.freeze, - :disposition => 'attachment'.freeze, - :stream => true, - :buffer_size => 4096, - :x_sendfile => false - }.freeze - - X_SENDFILE_HEADER = 'X-Sendfile'.freeze - - protected - # Sends the file, by default streaming it 4096 bytes at a time. This way the - # whole file doesn't need to be read into memory at once. This makes it - # feasible to send even large files. You can optionally turn off streaming - # and send the whole file at once. - # - # Be careful to sanitize the path parameter if it is coming from a web - # page. send_file(params[:path]) allows a malicious user to - # download any file on your server. - # - # Options: - # * :filename - suggests a filename for the browser to use. - # Defaults to File.basename(path). - # * :type - specifies an HTTP content type. Defaults to 'application/octet-stream'. You can specify - # either a string or a symbol for a registered type register with Mime::Type.register, for example :json - # * :length - used to manually override the length (in bytes) of the content that - # is going to be sent to the client. Defaults to File.size(path). - # * :disposition - specifies whether the file will be shown inline or downloaded. - # Valid values are 'inline' and 'attachment' (default). - # * :stream - whether to send the file to the user agent as it is read (+true+) - # or to read the entire file before sending (+false+). Defaults to +true+. - # * :buffer_size - specifies size (in bytes) of the buffer used to stream the file. - # Defaults to 4096. - # * :status - specifies the status code to send with the response. Defaults to '200 OK'. - # * :url_based_filename - set to +true+ if you want the browser guess the filename from - # the URL, which is necessary for i18n filenames on certain browsers - # (setting :filename overrides this option). - # * :x_sendfile - uses X-Sendfile to send the file when set to +true+. This is currently - # only available with Lighttpd/Apache2 and specific modules installed and activated. Since this - # uses the web server to send the file, this may lower memory consumption on your server and - # it will not block your application for further requests. - # See http://blog.lighttpd.net/articles/2006/07/02/x-sendfile and - # http://tn123.ath.cx/mod_xsendfile/ for details. Defaults to +false+. - # - # The default Content-Type and Content-Disposition headers are - # set to download arbitrary binary files in as many browsers as - # possible. IE versions 4, 5, 5.5, and 6 are all known to have - # a variety of quirks (especially when downloading over SSL). - # - # Simple download: - # - # send_file '/path/to.zip' - # - # Show a JPEG in the browser: - # - # send_file '/path/to.jpeg', :type => 'image/jpeg', :disposition => 'inline' - # - # Show a 404 page in the browser: - # - # send_file '/path/to/404.html', :type => 'text/html; charset=utf-8', :status => 404 - # - # Read about the other Content-* HTTP headers if you'd like to - # provide the user with more information (such as Content-Description) in - # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11. - # - # Also be aware that the document may be cached by proxies and browsers. - # The Pragma and Cache-Control headers declare how the file may be cached - # by intermediaries. They default to require clients to validate with - # the server before releasing cached responses. See - # http://www.mnot.net/cache_docs/ for an overview of web caching and - # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9 - # for the Cache-Control header spec. - def send_file(path, options = {}) #:doc: - raise MissingFile, "Cannot read file #{path}" unless File.file?(path) and File.readable?(path) - - options[:length] ||= File.size(path) - options[:filename] ||= File.basename(path) unless options[:url_based_filename] - send_file_headers! options - - @performed_render = false - - if options[:x_sendfile] - logger.info "Sending #{X_SENDFILE_HEADER} header #{path}" if logger - head options[:status], X_SENDFILE_HEADER => path - else - if options[:stream] - render :status => options[:status], :text => Proc.new { |response, output| - logger.info "Streaming file #{path}" unless logger.nil? - len = options[:buffer_size] || 4096 - File.open(path, 'rb') do |file| - while buf = file.read(len) - output.write(buf) - end - end - } - else - logger.info "Sending file #{path}" unless logger.nil? - File.open(path, 'rb') { |file| render :status => options[:status], :text => file.read } - end - end - end - - # Send binary data to the user as a file download. May set content type, apparent file name, - # and specify whether to show data inline or download as an attachment. - # - # Options: - # * :filename - suggests a filename for the browser to use. - # * :type - specifies an HTTP content type. Defaults to 'application/octet-stream'. You can specify - # either a string or a symbol for a registered type register with Mime::Type.register, for example :json - # * :disposition - specifies whether the file will be shown inline or downloaded. - # Valid values are 'inline' and 'attachment' (default). - # * :status - specifies the status code to send with the response. Defaults to '200 OK'. - # - # Generic data download: - # - # send_data buffer - # - # Download a dynamically-generated tarball: - # - # send_data generate_tgz('dir'), :filename => 'dir.tgz' - # - # Display an image Active Record in the browser: - # - # send_data image.data, :type => image.content_type, :disposition => 'inline' - # - # See +send_file+ for more information on HTTP Content-* headers and caching. - def send_data(data, options = {}) #:doc: - logger.info "Sending data #{options[:filename]}" if logger - send_file_headers! options.merge(:length => data.size) - @performed_render = false - render :status => options[:status], :text => data - end - - private - def send_file_headers!(options) - options.update(DEFAULT_SEND_FILE_OPTIONS.merge(options)) - [:length, :type, :disposition].each do |arg| - raise ArgumentError, ":#{arg} option required" if options[arg].nil? - end - - disposition = options[:disposition].dup || 'attachment' - - disposition <<= %(; filename="#{options[:filename]}") if options[:filename] - - content_type = options[:type] - if content_type.is_a?(Symbol) - raise ArgumentError, "Unknown MIME type #{options[:type]}" unless Mime::EXTENSION_LOOKUP.has_key?(content_type.to_s) - content_type = Mime::Type.lookup_by_extension(content_type.to_s) - end - content_type = content_type.to_s.strip # fixes a problem with extra '\r' with some browsers - - headers.update( - 'Content-Length' => options[:length], - 'Content-Type' => content_type, - 'Content-Disposition' => disposition, - 'Content-Transfer-Encoding' => 'binary' - ) - - # Fix a problem with IE 6.0 on opening downloaded files: - # If Cache-Control: no-cache is set (which Rails does by default), - # IE removes the file it just downloaded from its cache immediately - # after it displays the "open/save" dialog, which means that if you - # hit "open" the file isn't there anymore when the application that - # is called for handling the download is run, so let's workaround that - headers['Cache-Control'] = 'private' if headers['Cache-Control'] == 'no-cache' - end - end -end diff --git a/actionpack/lib/action_controller/templates/rescues/_request_and_response.erb b/actionpack/lib/action_controller/templates/rescues/_request_and_response.erb deleted file mode 100644 index 64b34650b1..0000000000 --- a/actionpack/lib/action_controller/templates/rescues/_request_and_response.erb +++ /dev/null @@ -1,24 +0,0 @@ -<% unless @exception.blamed_files.blank? %> - <% if (hide = @exception.blamed_files.length > 8) %> - Show blamed files - <% end %> - 
><%=h @exception.describe_blame %>
-<% end %> - -<% - clean_params = request.parameters.clone - clean_params.delete("action") - clean_params.delete("controller") - - request_dump = clean_params.empty? ? 'None' : clean_params.inspect.gsub(',', ",\n") -%> - -

Request

-

Parameters: 

<%=h request_dump %>

- -

Show session dump

- - - -

Response

-

Headers: 

<%=h response ? response.headers.inspect.gsub(',', ",\n") : 'None' %>

diff --git a/actionpack/lib/action_controller/templates/rescues/_trace.erb b/actionpack/lib/action_controller/templates/rescues/_trace.erb deleted file mode 100644 index bb2d8375bd..0000000000 --- a/actionpack/lib/action_controller/templates/rescues/_trace.erb +++ /dev/null @@ -1,26 +0,0 @@ -<% - traces = [ - ["Application Trace", @exception.application_backtrace], - ["Framework Trace", @exception.framework_backtrace], - ["Full Trace", @exception.clean_backtrace] - ] - names = traces.collect {|name, trace| name} -%> - -

RAILS_ROOT: <%= defined?(RAILS_ROOT) ? RAILS_ROOT : "unset" %>

- -
- <% names.each do |name| %> - <% - show = "document.getElementById('#{name.gsub /\s/, '-'}').style.display='block';" - hide = (names - [name]).collect {|hide_name| "document.getElementById('#{hide_name.gsub /\s/, '-'}').style.display='none';"} - %> - <%= name %> <%= '|' unless names.last == name %> - <% end %> - - <% traces.each do |name, trace| %> -
;"> - 
<%= trace.join "\n" %>
-
- <% end %> -
diff --git a/actionpack/lib/action_controller/templates/rescues/diagnostics.erb b/actionpack/lib/action_controller/templates/rescues/diagnostics.erb deleted file mode 100644 index 95be64511d..0000000000 --- a/actionpack/lib/action_controller/templates/rescues/diagnostics.erb +++ /dev/null @@ -1,10 +0,0 @@ -

- <%=h @exception.class.to_s %> - <% if request.parameters['controller'] %> - in <%=h request.parameters['controller'].humanize %>Controller<% if request.parameters['action'] %>#<%=h request.parameters['action'] %><% end %> - <% end %> -

-
<%=h @exception.clean_message %>
- -<%= @template._render_template(@rescues_path.find_template("rescues/_trace.erb")) %> -<%= @template._render_template(@rescues_path.find_template("rescues/_request_and_response.erb")) %> \ No newline at end of file diff --git a/actionpack/lib/action_controller/templates/rescues/layout.erb b/actionpack/lib/action_controller/templates/rescues/layout.erb deleted file mode 100644 index 4a04742e40..0000000000 --- a/actionpack/lib/action_controller/templates/rescues/layout.erb +++ /dev/null @@ -1,29 +0,0 @@ - - - Action Controller: Exception caught - - - - -<%= @contents %> - - - \ No newline at end of file diff --git a/actionpack/lib/action_controller/templates/rescues/missing_template.erb b/actionpack/lib/action_controller/templates/rescues/missing_template.erb deleted file mode 100644 index dbfdf76947..0000000000 --- a/actionpack/lib/action_controller/templates/rescues/missing_template.erb +++ /dev/null @@ -1,2 +0,0 @@ -

Template is missing

-

<%=h @exception.message %>

diff --git a/actionpack/lib/action_controller/templates/rescues/routing_error.erb b/actionpack/lib/action_controller/templates/rescues/routing_error.erb deleted file mode 100644 index ccfa858cce..0000000000 --- a/actionpack/lib/action_controller/templates/rescues/routing_error.erb +++ /dev/null @@ -1,10 +0,0 @@ -

Routing Error

-

<%=h @exception.message %>

-<% unless @exception.failures.empty? %>

-

Failure reasons:

-
    - <% @exception.failures.each do |route, reason| %> -
  1. <%=h route.inspect.gsub('\\', '') %> failed because <%=h reason.downcase %>
    2. - <% end %> -
-

<% end %> diff --git a/actionpack/lib/action_controller/templates/rescues/template_error.erb b/actionpack/lib/action_controller/templates/rescues/template_error.erb deleted file mode 100644 index 2e34e03bd5..0000000000 --- a/actionpack/lib/action_controller/templates/rescues/template_error.erb +++ /dev/null @@ -1,21 +0,0 @@ -

- <%=h @exception.original_exception.class.to_s %> in - <%=h request.parameters["controller"].capitalize if request.parameters["controller"]%>#<%=h request.parameters["action"] %> -

- -

- Showing <%=h @exception.file_name %> where line #<%=h @exception.line_number %> raised: - 

<%=h @exception.message %>
-

- -

Extracted source (around line #<%=h @exception.line_number %>): -

<%=h @exception.source_extract %>

- -

<%=h @exception.sub_template_message %>

- -<% @real_exception = @exception - @exception = @exception.original_exception || @exception %> -<%= render :file => @rescues_path["rescues/_trace.erb"] %> -<% @exception = @real_exception %> - -<%= render :file => @rescues_path["rescues/_request_and_response.erb"] %> diff --git a/actionpack/lib/action_controller/templates/rescues/unknown_action.erb b/actionpack/lib/action_controller/templates/rescues/unknown_action.erb deleted file mode 100644 index 683379da10..0000000000 --- a/actionpack/lib/action_controller/templates/rescues/unknown_action.erb +++ /dev/null @@ -1,2 +0,0 @@ -

Unknown action

-

<%=h @exception.message %>

diff --git a/actionpack/lib/action_controller/test_case.rb b/actionpack/lib/action_controller/test_case.rb deleted file mode 100644 index 0b0d0c799b..0000000000 --- a/actionpack/lib/action_controller/test_case.rb +++ /dev/null @@ -1,199 +0,0 @@ -require 'active_support/test_case' -require 'action_controller/test_process' - -module ActionController - # Superclass for ActionController functional tests. Functional tests allow you to - # test a single controller action per test method. This should not be confused with - # integration tests (see ActionController::IntegrationTest), which are more like - # "stories" that can involve multiple controllers and mutliple actions (i.e. multiple - # different HTTP requests). - # - # == Basic example - # - # Functional tests are written as follows: - # 1. First, one uses the +get+, +post+, +put+, +delete+ or +head+ method to simulate - # an HTTP request. - # 2. Then, one asserts whether the current state is as expected. "State" can be anything: - # the controller's HTTP response, the database contents, etc. - # - # For example: - # - # class BooksControllerTest < ActionController::TestCase - # def test_create - # # Simulate a POST response with the given HTTP parameters. - # post(:create, :book => { :title => "Love Hina" }) - # - # # Assert that the controller tried to redirect us to - # # the created book's URI. - # assert_response :found - # - # # Assert that the controller really put the book in the database. - # assert_not_nil Book.find_by_title("Love Hina") - # end - # end - # - # == Special instance variables - # - # ActionController::TestCase will also automatically provide the following instance - # variables for use in the tests: - # - # @controller:: - # The controller instance that will be tested. - # @request:: - # An ActionController::TestRequest, representing the current HTTP - # request. You can modify this object before sending the HTTP request. For example, - # you might want to set some session properties before sending a GET request. - # @response:: - # An ActionController::TestResponse object, representing the response - # of the last HTTP response. In the above example, @response becomes valid - # after calling +post+. If the various assert methods are not sufficient, then you - # may use this object to inspect the HTTP response in detail. - # - # (Earlier versions of Rails required each functional test to subclass - # Test::Unit::TestCase and define @controller, @request, @response in +setup+.) - # - # == Controller is automatically inferred - # - # ActionController::TestCase will automatically infer the controller under test - # from the test class name. If the controller cannot be inferred from the test - # class name, you can explicity set it with +tests+. - # - # class SpecialEdgeCaseWidgetsControllerTest < ActionController::TestCase - # tests WidgetController - # end - # - # == Testing controller internals - # - # In addition to these specific assertions, you also have easy access to various collections that the regular test/unit assertions - # can be used against. These collections are: - # - # * assigns: Instance variables assigned in the action that are available for the view. - # * session: Objects being saved in the session. - # * flash: The flash objects currently in the session. - # * cookies: Cookies being sent to the user on this request. - # - # These collections can be used just like any other hash: - # - # assert_not_nil assigns(:person) # makes sure that a @person instance variable was set - # assert_equal "Dave", cookies[:name] # makes sure that a cookie called :name was set as "Dave" - # assert flash.empty? # makes sure that there's nothing in the flash - # - # For historic reasons, the assigns hash uses string-based keys. So assigns[:person] won't work, but assigns["person"] will. To - # appease our yearning for symbols, though, an alternative accessor has been devised using a method call instead of index referencing. - # So assigns(:person) will work just like assigns["person"], but again, assigns[:person] will not work. - # - # On top of the collections, you have the complete url that a given action redirected to available in redirect_to_url. - # - # For redirects within the same controller, you can even call follow_redirect and the redirect will be followed, triggering another - # action call which can then be asserted against. - # - # == Manipulating the request collections - # - # The collections described above link to the response, so you can test if what the actions were expected to do happened. But - # sometimes you also want to manipulate these collections in the incoming request. This is really only relevant for sessions - # and cookies, though. For sessions, you just do: - # - # @request.session[:key] = "value" - # @request.cookies["key"] = "value" - # - # == Testing named routes - # - # If you're using named routes, they can be easily tested using the original named routes' methods straight in the test case. - # Example: - # - # assert_redirected_to page_url(:title => 'foo') - class TestCase < ActiveSupport::TestCase - include TestProcess - - module Assertions - %w(response selector tag dom routing model).each do |kind| - include ActionController::Assertions.const_get("#{kind.camelize}Assertions") - end - - def clean_backtrace(&block) - yield - rescue ActiveSupport::TestCase::Assertion => error - framework_path = Regexp.new(File.expand_path("#{File.dirname(__FILE__)}/assertions")) - error.backtrace.reject! { |line| File.expand_path(line) =~ framework_path } - raise - end - end - include Assertions - - # When the request.remote_addr remains the default for testing, which is 0.0.0.0, the exception is simply raised inline - # (bystepping the regular exception handling from rescue_action). If the request.remote_addr is anything else, the regular - # rescue_action process takes place. This means you can test your rescue_action code by setting remote_addr to something else - # than 0.0.0.0. - # - # The exception is stored in the exception accessor for further inspection. - module RaiseActionExceptions - protected - attr_accessor :exception - - def rescue_action_without_handler(e) - self.exception = e - - if request.remote_addr == "0.0.0.0" - raise(e) - else - super(e) - end - end - end - - setup :setup_controller_request_and_response - - @@controller_class = nil - - class << self - # Sets the controller class name. Useful if the name can't be inferred from test class. - # Expects +controller_class+ as a constant. Example: tests WidgetController. - def tests(controller_class) - self.controller_class = controller_class - end - - def controller_class=(new_class) - prepare_controller_class(new_class) if new_class - write_inheritable_attribute(:controller_class, new_class) - end - - def controller_class - if current_controller_class = read_inheritable_attribute(:controller_class) - current_controller_class - else - self.controller_class = determine_default_controller_class(name) - end - end - - def determine_default_controller_class(name) - name.sub(/Test$/, '').constantize - rescue NameError - nil - end - - def prepare_controller_class(new_class) - new_class.send :include, RaiseActionExceptions - end - end - - def setup_controller_request_and_response - @request = TestRequest.new - @response = TestResponse.new - - if klass = self.class.controller_class - @controller ||= klass.new rescue nil - end - - if @controller - @controller.request = @request - @controller.params = {} - @controller.send(:initialize_current_url) - end - end - - # Cause the action to be rescued according to the regular rules for rescue_action when the visitor is not local - def rescue_action_in_public! - @request.remote_addr = '208.77.188.166' # example.com - end - end -end diff --git a/actionpack/lib/action_controller/test_process.rb b/actionpack/lib/action_controller/test_process.rb deleted file mode 100644 index 22b97fc157..0000000000 --- a/actionpack/lib/action_controller/test_process.rb +++ /dev/null @@ -1,543 +0,0 @@ -module ActionController #:nodoc: - class TestRequest < Request #:nodoc: - attr_accessor :cookies, :session_options - attr_accessor :query_parameters, :path, :session - attr_accessor :host - - def initialize - super(Rack::MockRequest.env_for("/")) - - @query_parameters = {} - @session = TestSession.new - - initialize_default_values - initialize_containers - end - - def reset_session - @session = TestSession.new - end - - # Wraps raw_post in a StringIO. - def body_stream #:nodoc: - StringIO.new(raw_post) - end - - # Either the RAW_POST_DATA environment variable or the URL-encoded request - # parameters. - def raw_post - @env['RAW_POST_DATA'] ||= begin - data = url_encoded_request_parameters - data.force_encoding(Encoding::BINARY) if data.respond_to?(:force_encoding) - data - end - end - - def port=(number) - @env["SERVER_PORT"] = number.to_i - port(true) - end - - def action=(action_name) - @query_parameters.update({ "action" => action_name }) - @parameters = nil - end - - # Used to check AbstractRequest's request_uri functionality. - # Disables the use of @path and @request_uri so superclass can handle those. - def set_REQUEST_URI(value) - @env["REQUEST_URI"] = value - @request_uri = nil - @path = nil - request_uri(true) - path(true) - end - - def request_uri=(uri) - @request_uri = uri - @path = uri.split("?").first - end - - def accept=(mime_types) - @env["HTTP_ACCEPT"] = Array(mime_types).collect { |mime_types| mime_types.to_s }.join(",") - accepts(true) - end - - def if_modified_since=(last_modified) - @env["HTTP_IF_MODIFIED_SINCE"] = last_modified - end - - def if_none_match=(etag) - @env["HTTP_IF_NONE_MATCH"] = etag - end - - def remote_addr=(addr) - @env['REMOTE_ADDR'] = addr - end - - def request_uri(*args) - @request_uri || super - end - - def path(*args) - @path || super - end - - def assign_parameters(controller_path, action, parameters) - parameters = parameters.symbolize_keys.merge(:controller => controller_path, :action => action) - extra_keys = ActionController::Routing::Routes.extra_keys(parameters) - non_path_parameters = get? ? query_parameters : request_parameters - parameters.each do |key, value| - if value.is_a? Fixnum - value = value.to_s - elsif value.is_a? Array - value = ActionController::Routing::PathSegment::Result.new(value) - end - - if extra_keys.include?(key.to_sym) - non_path_parameters[key] = value - else - path_parameters[key.to_s] = value - end - end - raw_post # populate env['RAW_POST_DATA'] - @parameters = nil # reset TestRequest#parameters to use the new path_parameters - end - - def recycle! - self.query_parameters = {} - self.path_parameters = {} - unmemoize_all - end - - def user_agent=(user_agent) - @env['HTTP_USER_AGENT'] = user_agent - end - - private - def initialize_containers - @cookies = {} - end - - def initialize_default_values - @host = "test.host" - @request_uri = "/" - @env['HTTP_USER_AGENT'] = "Rails Testing" - @env['REMOTE_ADDR'] = "0.0.0.0" - @env["SERVER_PORT"] = 80 - @env['REQUEST_METHOD'] = "GET" - end - - def url_encoded_request_parameters - params = self.request_parameters.dup - - %w(controller action only_path).each do |k| - params.delete(k) - params.delete(k.to_sym) - end - - params.to_query - end - end - - # A refactoring of TestResponse to allow the same behavior to be applied - # to the "real" CgiResponse class in integration tests. - module TestResponseBehavior #:nodoc: - # The response code of the request - def response_code - status.to_s[0,3].to_i rescue 0 - end - - # Returns a String to ensure compatibility with Net::HTTPResponse - def code - status.to_s.split(' ')[0] - end - - def message - status.to_s.split(' ',2)[1] - end - - # Was the response successful? - def success? - (200..299).include?(response_code) - end - - # Was the URL not found? - def missing? - response_code == 404 - end - - # Were we redirected? - def redirect? - (300..399).include?(response_code) - end - - # Was there a server-side error? - def error? - (500..599).include?(response_code) - end - - alias_method :server_error?, :error? - - # Was there a client client? - def client_error? - (400..499).include?(response_code) - end - - # Returns the redirection location or nil - def redirect_url - headers['Location'] - end - - # Does the redirect location match this regexp pattern? - def redirect_url_match?( pattern ) - return false if redirect_url.nil? - p = Regexp.new(pattern) if pattern.class == String - p = pattern if pattern.class == Regexp - return false if p.nil? - p.match(redirect_url) != nil - end - - # Returns the template of the file which was used to - # render this response (or nil) - def rendered - template.instance_variable_get(:@_rendered) - end - - # A shortcut to the flash. Returns an empty hash if no session flash exists. - def flash - session['flash'] || {} - end - - # Do we have a flash? - def has_flash? - !flash.empty? - end - - # Do we have a flash that has contents? - def has_flash_with_contents? - !flash.empty? - end - - # Does the specified flash object exist? - def has_flash_object?(name=nil) - !flash[name].nil? - end - - # Does the specified object exist in the session? - def has_session_object?(name=nil) - !session[name].nil? - end - - # A shortcut to the template.assigns - def template_objects - template.assigns || {} - end - - # Does the specified template object exist? - def has_template_object?(name=nil) - !template_objects[name].nil? - end - - # Returns the response cookies, converted to a Hash of (name => value) pairs - # - # assert_equal 'AuthorOfNewPage', r.cookies['author'] - def cookies - cookies = {} - Array(headers['Set-Cookie']).each do |cookie| - key, value = cookie.split(";").first.split("=") - cookies[key] = value - end - cookies - end - - # Returns binary content (downloadable file), converted to a String - def binary_content - raise "Response body is not a Proc: #{body.inspect}" unless body.kind_of?(Proc) - require 'stringio' - - sio = StringIO.new - body.call(self, sio) - - sio.rewind - sio.read - end - end - - # Integration test methods such as ActionController::Integration::Session#get - # and ActionController::Integration::Session#post return objects of class - # TestResponse, which represent the HTTP response results of the requested - # controller actions. - # - # See Response for more information on controller response objects. - class TestResponse < Response - include TestResponseBehavior - - def recycle! - headers.delete('ETag') - headers.delete('Last-Modified') - end - end - - class TestSession #:nodoc: - attr_accessor :session_id - - def initialize(attributes = nil) - @session_id = '' - @attributes = attributes.nil? ? nil : attributes.stringify_keys - @saved_attributes = nil - end - - def data - @attributes ||= @saved_attributes || {} - end - - def [](key) - data[key.to_s] - end - - def []=(key, value) - data[key.to_s] = value - end - - def update - @saved_attributes = @attributes - end - - def delete - @attributes = nil - end - - def close - update - delete - end - end - - # Essentially generates a modified Tempfile object similar to the object - # you'd get from the standard library CGI module in a multipart - # request. This means you can use an ActionController::TestUploadedFile - # object in the params of a test request in order to simulate - # a file upload. - # - # Usage example, within a functional test: - # post :change_avatar, :avatar => ActionController::TestUploadedFile.new(ActionController::TestCase.fixture_path + '/files/spongebob.png', 'image/png') - # - # Pass a true third parameter to ensure the uploaded file is opened in binary mode (only required for Windows): - # post :change_avatar, :avatar => ActionController::TestUploadedFile.new(ActionController::TestCase.fixture_path + '/files/spongebob.png', 'image/png', :binary) - require 'tempfile' - class TestUploadedFile - # The filename, *not* including the path, of the "uploaded" file - attr_reader :original_filename - - # The content type of the "uploaded" file - attr_accessor :content_type - - def initialize(path, content_type = Mime::TEXT, binary = false) - raise "#{path} file does not exist" unless File.exist?(path) - @content_type = content_type - @original_filename = path.sub(/^.*#{File::SEPARATOR}([^#{File::SEPARATOR}]+)$/) { $1 } - @tempfile = Tempfile.new(@original_filename) - @tempfile.set_encoding(Encoding::BINARY) if @tempfile.respond_to?(:set_encoding) - @tempfile.binmode if binary - FileUtils.copy_file(path, @tempfile.path) - end - - def path #:nodoc: - @tempfile.path - end - - alias local_path path - - def method_missing(method_name, *args, &block) #:nodoc: - @tempfile.__send__(method_name, *args, &block) - end - end - - module TestProcess - def self.included(base) - # Executes a request simulating GET HTTP method and set/volley the response - def get(action, parameters = nil, session = nil, flash = nil) - process(action, parameters, session, flash, "GET") - end - - # Executes a request simulating POST HTTP method and set/volley the response - def post(action, parameters = nil, session = nil, flash = nil) - process(action, parameters, session, flash, "POST") - end - - # Executes a request simulating PUT HTTP method and set/volley the response - def put(action, parameters = nil, session = nil, flash = nil) - process(action, parameters, session, flash, "PUT") - end - - # Executes a request simulating DELETE HTTP method and set/volley the response - def delete(action, parameters = nil, session = nil, flash = nil) - process(action, parameters, session, flash, "DELETE") - end - - # Executes a request simulating HEAD HTTP method and set/volley the response - def head(action, parameters = nil, session = nil, flash = nil) - process(action, parameters, session, flash, "HEAD") - end - end - - def process(action, parameters = nil, session = nil, flash = nil, http_method = 'GET') - # Sanity check for required instance variables so we can give an - # understandable error message. - %w(@controller @request @response).each do |iv_name| - if !(instance_variable_names.include?(iv_name) || instance_variable_names.include?(iv_name.to_sym)) || instance_variable_get(iv_name).nil? - raise "#{iv_name} is nil: make sure you set it in your test's setup method." - end - end - - @request.recycle! - @response.recycle! - - @html_document = nil - @request.env['REQUEST_METHOD'] = http_method - - @request.action = action.to_s - - parameters ||= {} - @request.assign_parameters(@controller.class.controller_path, action.to_s, parameters) - - @request.session = ActionController::TestSession.new(session) unless session.nil? - @request.session["flash"] = ActionController::Flash::FlashHash.new.update(flash) if flash - build_request_uri(action, parameters) - - Base.class_eval { include ProcessWithTest } unless Base < ProcessWithTest - @controller.process_with_test(@request, @response) - end - - def xml_http_request(request_method, action, parameters = nil, session = nil, flash = nil) - @request.env['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' - @request.env['HTTP_ACCEPT'] = [Mime::JS, Mime::HTML, Mime::XML, 'text/xml', Mime::ALL].join(', ') - returning __send__(request_method, action, parameters, session, flash) do - @request.env.delete 'HTTP_X_REQUESTED_WITH' - @request.env.delete 'HTTP_ACCEPT' - end - end - alias xhr :xml_http_request - - def assigns(key = nil) - if key.nil? - @response.template.assigns - else - @response.template.assigns[key.to_s] - end - end - - def session - @request.session - end - - def flash - @response.flash - end - - def cookies - @response.cookies - end - - def redirect_to_url - @response.redirect_url - end - - def build_request_uri(action, parameters) - unless @request.env['REQUEST_URI'] - options = @controller.__send__(:rewrite_options, parameters) - options.update(:only_path => true, :action => action) - - url = ActionController::UrlRewriter.new(@request, parameters) - @request.set_REQUEST_URI(url.rewrite(options)) - end - end - - def html_document - xml = @response.content_type =~ /xml$/ - @html_document ||= HTML::Document.new(@response.body, false, xml) - end - - def find_tag(conditions) - html_document.find(conditions) - end - - def find_all_tag(conditions) - html_document.find_all(conditions) - end - - def method_missing(selector, *args, &block) - if @controller && ActionController::Routing::Routes.named_routes.helpers.include?(selector) - @controller.send(selector, *args, &block) - else - super - end - end - - # Shortcut for ActionController::TestUploadedFile.new(ActionController::TestCase.fixture_path + path, type): - # - # post :change_avatar, :avatar => fixture_file_upload('/files/spongebob.png', 'image/png') - # - # To upload binary files on Windows, pass :binary as the last parameter. - # This will not affect other platforms: - # - # post :change_avatar, :avatar => fixture_file_upload('/files/spongebob.png', 'image/png', :binary) - def fixture_file_upload(path, mime_type = nil, binary = false) - fixture_path = ActionController::TestCase.send(:fixture_path) if ActionController::TestCase.respond_to?(:fixture_path) - ActionController::TestUploadedFile.new("#{fixture_path}#{path}", mime_type, binary) - end - - # A helper to make it easier to test different route configurations. - # This method temporarily replaces ActionController::Routing::Routes - # with a new RouteSet instance. - # - # The new instance is yielded to the passed block. Typically the block - # will create some routes using map.draw { map.connect ... }: - # - # with_routing do |set| - # set.draw do |map| - # map.connect ':controller/:action/:id' - # assert_equal( - # ['/content/10/show', {}], - # map.generate(:controller => 'content', :id => 10, :action => 'show') - # end - # end - # end - # - def with_routing - real_routes = ActionController::Routing::Routes - ActionController::Routing.module_eval { remove_const :Routes } - - temporary_routes = ActionController::Routing::RouteSet.new - ActionController::Routing.module_eval { const_set :Routes, temporary_routes } - - yield temporary_routes - ensure - if ActionController::Routing.const_defined? :Routes - ActionController::Routing.module_eval { remove_const :Routes } - end - ActionController::Routing.const_set(:Routes, real_routes) if real_routes - end - end - - module ProcessWithTest #:nodoc: - def self.included(base) - base.class_eval { attr_reader :assigns } - end - - def process_with_test(*args) - process(*args).tap { set_test_assigns } - end - - private - def set_test_assigns - @assigns = {} - (instance_variable_names - self.class.protected_instance_variables).each do |var| - name, value = var[1..-1], instance_variable_get(var) - @assigns[name] = value - response.template.assigns[name] = value if response - end - end - end -end diff --git a/actionpack/lib/action_controller/testing/assertions/dom.rb b/actionpack/lib/action_controller/testing/assertions/dom.rb new file mode 100644 index 0000000000..5ffe5f1883 --- /dev/null +++ b/actionpack/lib/action_controller/testing/assertions/dom.rb @@ -0,0 +1,39 @@ +module ActionController + module Assertions + module DomAssertions + # Test two HTML strings for equivalency (e.g., identical up to reordering of attributes) + # + # ==== Examples + # + # # assert that the referenced method generates the appropriate HTML string + # assert_dom_equal 'Apples', link_to("Apples", "http://www.example.com") + # + def assert_dom_equal(expected, actual, message = "") + clean_backtrace do + expected_dom = HTML::Document.new(expected).root + actual_dom = HTML::Document.new(actual).root + full_message = build_message(message, " expected to be == to\n.", expected_dom.to_s, actual_dom.to_s) + + assert_block(full_message) { expected_dom == actual_dom } + end + end + + # The negated form of +assert_dom_equivalent+. + # + # ==== Examples + # + # # assert that the referenced method does not generate the specified HTML string + # assert_dom_not_equal 'Apples', link_to("Oranges", "http://www.example.com") + # + def assert_dom_not_equal(expected, actual, message = "") + clean_backtrace do + expected_dom = HTML::Document.new(expected).root + actual_dom = HTML::Document.new(actual).root + full_message = build_message(message, " expected to be != to\n.", expected_dom.to_s, actual_dom.to_s) + + assert_block(full_message) { expected_dom != actual_dom } + end + end + end + end +end diff --git a/actionpack/lib/action_controller/testing/assertions/model.rb b/actionpack/lib/action_controller/testing/assertions/model.rb new file mode 100644 index 0000000000..3a7b39b106 --- /dev/null +++ b/actionpack/lib/action_controller/testing/assertions/model.rb @@ -0,0 +1,21 @@ +module ActionController + module Assertions + module ModelAssertions + # Ensures that the passed record is valid by Active Record standards and + # returns any error messages if it is not. + # + # ==== Examples + # + # # assert that a newly created record is valid + # model = Model.new + # assert_valid(model) + # + def assert_valid(record) + ::ActiveSupport::Deprecation.warn("assert_valid is deprecated. Use assert record.valid? instead", caller) + clean_backtrace do + assert record.valid?, record.errors.full_messages.join("\n") + end + end + end + end +end diff --git a/actionpack/lib/action_controller/testing/assertions/response.rb b/actionpack/lib/action_controller/testing/assertions/response.rb new file mode 100644 index 0000000000..5976090273 --- /dev/null +++ b/actionpack/lib/action_controller/testing/assertions/response.rb @@ -0,0 +1,150 @@ +module ActionController + module Assertions + # A small suite of assertions that test responses from Rails applications. + module ResponseAssertions + # Asserts that the response is one of the following types: + # + # * :success - Status code was 200 + # * :redirect - Status code was in the 300-399 range + # * :missing - Status code was 404 + # * :error - Status code was in the 500-599 range + # + # You can also pass an explicit status number like assert_response(501) + # or its symbolic equivalent assert_response(:not_implemented). + # See ActionController::StatusCodes for a full list. + # + # ==== Examples + # + # # assert that the response was a redirection + # assert_response :redirect + # + # # assert that the response code was status code 401 (unauthorized) + # assert_response 401 + # + def assert_response(type, message = nil) + clean_backtrace do + if [ :success, :missing, :redirect, :error ].include?(type) && @response.send("#{type}?") + assert_block("") { true } # to count the assertion + elsif type.is_a?(Fixnum) && @response.response_code == type + assert_block("") { true } # to count the assertion + elsif type.is_a?(Symbol) && @response.response_code == ActionController::StatusCodes::SYMBOL_TO_STATUS_CODE[type] + assert_block("") { true } # to count the assertion + else + if @response.error? + exception = @response.template.instance_variable_get(:@exception) + exception_message = exception && exception.message + assert_block(build_message(message, "Expected response to be a , but was \n", type, @response.response_code, exception_message.to_s)) { false } + else + assert_block(build_message(message, "Expected response to be a , but was ", type, @response.response_code)) { false } + end + end + end + end + + # Assert that the redirection options passed in match those of the redirect called in the latest action. + # This match can be partial, such that assert_redirected_to(:controller => "weblog") will also + # match the redirection of redirect_to(:controller => "weblog", :action => "show") and so on. + # + # ==== Examples + # + # # assert that the redirection was to the "index" action on the WeblogController + # assert_redirected_to :controller => "weblog", :action => "index" + # + # # assert that the redirection was to the named route login_url + # assert_redirected_to login_url + # + # # assert that the redirection was to the url for @customer + # assert_redirected_to @customer + # + def assert_redirected_to(options = {}, message=nil) + clean_backtrace do + assert_response(:redirect, message) + return true if options == @response.redirected_to + + # Support partial arguments for hash redirections + if options.is_a?(Hash) && @response.redirected_to.is_a?(Hash) + return true if options.all? {|(key, value)| @response.redirected_to[key] == value} + end + + redirected_to_after_normalisation = normalize_argument_to_redirection(@response.redirected_to) + options_after_normalisation = normalize_argument_to_redirection(options) + + if redirected_to_after_normalisation != options_after_normalisation + flunk "Expected response to be a redirect to <#{options_after_normalisation}> but was a redirect to <#{redirected_to_after_normalisation}>" + end + end + end + + # Asserts that the request was rendered with the appropriate template file or partials + # + # ==== Examples + # + # # assert that the "new" view template was rendered + # assert_template "new" + # + # # assert that the "_customer" partial was rendered twice + # assert_template :partial => '_customer', :count => 2 + # + # # assert that no partials were rendered + # assert_template :partial => false + # + def assert_template(options = {}, message = nil) + clean_backtrace do + case options + when NilClass, String + rendered = @response.rendered[:template].to_s + msg = build_message(message, + "expecting but rendering with ", + options, rendered) + assert_block(msg) do + if options.nil? + @response.rendered[:template].blank? + else + rendered.to_s.match(options) + end + end + when Hash + if expected_partial = options[:partial] + partials = @response.rendered[:partials] + if expected_count = options[:count] + found = partials.detect { |p, _| p.to_s.match(expected_partial) } + actual_count = found.nil? ? 0 : found.second + msg = build_message(message, + "expecting ? to be rendered ? time(s) but rendered ? time(s)", + expected_partial, expected_count, actual_count) + assert(actual_count == expected_count.to_i, msg) + else + msg = build_message(message, + "expecting partial but action rendered ", + options[:partial], partials.keys) + assert(partials.keys.any? { |p| p.to_s.match(expected_partial) }, msg) + end + else + assert @response.rendered[:partials].empty?, + "Expected no partials to be rendered" + end + end + end + end + + private + # Proxy to to_param if the object will respond to it. + def parameterize(value) + value.respond_to?(:to_param) ? value.to_param : value + end + + def normalize_argument_to_redirection(fragment) + after_routing = @controller.url_for(fragment) + if after_routing =~ %r{^\w+://.*} + after_routing + else + # FIXME - this should probably get removed. + if after_routing.first != '/' + after_routing = '/' + after_routing + end + @request.protocol + @request.host_with_port + after_routing + end + end + end + end +end diff --git a/actionpack/lib/action_controller/testing/assertions/routing.rb b/actionpack/lib/action_controller/testing/assertions/routing.rb new file mode 100644 index 0000000000..5101751cea --- /dev/null +++ b/actionpack/lib/action_controller/testing/assertions/routing.rb @@ -0,0 +1,146 @@ +module ActionController + module Assertions + # Suite of assertions to test routes generated by Rails and the handling of requests made to them. + module RoutingAssertions + # Asserts that the routing of the given +path+ was handled correctly and that the parsed options (given in the +expected_options+ hash) + # match +path+. Basically, it asserts that Rails recognizes the route given by +expected_options+. + # + # Pass a hash in the second argument (+path+) to specify the request method. This is useful for routes + # requiring a specific HTTP method. The hash should contain a :path with the incoming request path + # and a :method containing the required HTTP verb. + # + # # assert that POSTing to /items will call the create action on ItemsController + # assert_recognizes {:controller => 'items', :action => 'create'}, {:path => 'items', :method => :post} + # + # You can also pass in +extras+ with a hash containing URL parameters that would normally be in the query string. This can be used + # to assert that values in the query string string will end up in the params hash correctly. To test query strings you must use the + # extras argument, appending the query string on the path directly will not work. For example: + # + # # assert that a path of '/items/list/1?view=print' returns the correct options + # assert_recognizes {:controller => 'items', :action => 'list', :id => '1', :view => 'print'}, 'items/list/1', { :view => "print" } + # + # The +message+ parameter allows you to pass in an error message that is displayed upon failure. + # + # ==== Examples + # # Check the default route (i.e., the index action) + # assert_recognizes {:controller => 'items', :action => 'index'}, 'items' + # + # # Test a specific action + # assert_recognizes {:controller => 'items', :action => 'list'}, 'items/list' + # + # # Test an action with a parameter + # assert_recognizes {:controller => 'items', :action => 'destroy', :id => '1'}, 'items/destroy/1' + # + # # Test a custom route + # assert_recognizes {:controller => 'items', :action => 'show', :id => '1'}, 'view/item1' + # + # # Check a Simply RESTful generated route + # assert_recognizes list_items_url, 'items/list' + def assert_recognizes(expected_options, path, extras={}, message=nil) + if path.is_a? Hash + request_method = path[:method] + path = path[:path] + else + request_method = nil + end + + clean_backtrace do + ActionController::Routing::Routes.reload if ActionController::Routing::Routes.empty? + request = recognized_request_for(path, request_method) + + expected_options = expected_options.clone + extras.each_key { |key| expected_options.delete key } unless extras.nil? + + expected_options.stringify_keys! + routing_diff = expected_options.diff(request.path_parameters) + msg = build_message(message, "The recognized options did not match , difference: ", + request.path_parameters, expected_options, expected_options.diff(request.path_parameters)) + assert_block(msg) { request.path_parameters == expected_options } + end + end + + # Asserts that the provided options can be used to generate the provided path. This is the inverse of +assert_recognizes+. + # The +extras+ parameter is used to tell the request the names and values of additional request parameters that would be in + # a query string. The +message+ parameter allows you to specify a custom error message for assertion failures. + # + # The +defaults+ parameter is unused. + # + # ==== Examples + # # Asserts that the default action is generated for a route with no action + # assert_generates "/items", :controller => "items", :action => "index" + # + # # Tests that the list action is properly routed + # assert_generates "/items/list", :controller => "items", :action => "list" + # + # # Tests the generation of a route with a parameter + # assert_generates "/items/list/1", { :controller => "items", :action => "list", :id => "1" } + # + # # Asserts that the generated route gives us our custom route + # assert_generates "changesets/12", { :controller => 'scm', :action => 'show_diff', :revision => "12" } + def assert_generates(expected_path, options, defaults={}, extras = {}, message=nil) + clean_backtrace do + expected_path = "/#{expected_path}" unless expected_path[0] == ?/ + # Load routes.rb if it hasn't been loaded. + ActionController::Routing::Routes.reload if ActionController::Routing::Routes.empty? + + generated_path, extra_keys = ActionController::Routing::Routes.generate_extras(options, defaults) + found_extras = options.reject {|k, v| ! extra_keys.include? k} + + msg = build_message(message, "found extras , not ", found_extras, extras) + assert_block(msg) { found_extras == extras } + + msg = build_message(message, "The generated path did not match ", generated_path, + expected_path) + assert_block(msg) { expected_path == generated_path } + end + end + + # Asserts that path and options match both ways; in other words, it verifies that path generates + # options and then that options generates path. This essentially combines +assert_recognizes+ + # and +assert_generates+ into one step. + # + # The +extras+ hash allows you to specify options that would normally be provided as a query string to the action. The + # +message+ parameter allows you to specify a custom error message to display upon failure. + # + # ==== Examples + # # Assert a basic route: a controller with the default action (index) + # assert_routing '/home', :controller => 'home', :action => 'index' + # + # # Test a route generated with a specific controller, action, and parameter (id) + # assert_routing '/entries/show/23', :controller => 'entries', :action => 'show', id => 23 + # + # # Assert a basic route (controller + default action), with an error message if it fails + # assert_routing '/store', { :controller => 'store', :action => 'index' }, {}, {}, 'Route for store index not generated properly' + # + # # Tests a route, providing a defaults hash + # assert_routing 'controller/action/9', {:id => "9", :item => "square"}, {:controller => "controller", :action => "action"}, {}, {:item => "square"} + # + # # Tests a route with a HTTP method + # assert_routing { :method => 'put', :path => '/product/321' }, { :controller => "product", :action => "update", :id => "321" } + def assert_routing(path, options, defaults={}, extras={}, message=nil) + assert_recognizes(options, path, extras, message) + + controller, default_controller = options[:controller], defaults[:controller] + if controller && controller.include?(?/) && default_controller && default_controller.include?(?/) + options[:controller] = "/#{controller}" + end + + assert_generates(path.is_a?(Hash) ? path[:path] : path, options, defaults, extras, message) + end + + private + # Recognizes the route for a given path. + def recognized_request_for(path, request_method = nil) + path = "/#{path}" unless path.first == '/' + + # Assume given controller + request = ActionController::TestRequest.new + request.env["REQUEST_METHOD"] = request_method.to_s.upcase if request_method + request.path = path + + ActionController::Routing::Routes.recognize(request) + request + end + end + end +end diff --git a/actionpack/lib/action_controller/testing/assertions/selector.rb b/actionpack/lib/action_controller/testing/assertions/selector.rb new file mode 100644 index 0000000000..0d56ea5ef7 --- /dev/null +++ b/actionpack/lib/action_controller/testing/assertions/selector.rb @@ -0,0 +1,632 @@ +#-- +# Copyright (c) 2006 Assaf Arkin (http://labnotes.org) +# Under MIT and/or CC By license. +#++ + +module ActionController + module Assertions + unless const_defined?(:NO_STRIP) + NO_STRIP = %w{pre script style textarea} + end + + # Adds the +assert_select+ method for use in Rails functional + # test cases, which can be used to make assertions on the response HTML of a controller + # action. You can also call +assert_select+ within another +assert_select+ to + # make assertions on elements selected by the enclosing assertion. + # + # Use +css_select+ to select elements without making an assertions, either + # from the response HTML or elements selected by the enclosing assertion. + # + # In addition to HTML responses, you can make the following assertions: + # * +assert_select_rjs+ - Assertions on HTML content of RJS update and insertion operations. + # * +assert_select_encoded+ - Assertions on HTML encoded inside XML, for example for dealing with feed item descriptions. + # * +assert_select_email+ - Assertions on the HTML body of an e-mail. + # + # Also see HTML::Selector to learn how to use selectors. + module SelectorAssertions + # :call-seq: + # css_select(selector) => array + # css_select(element, selector) => array + # + # Select and return all matching elements. + # + # If called with a single argument, uses that argument as a selector + # to match all elements of the current page. Returns an empty array + # if no match is found. + # + # If called with two arguments, uses the first argument as the base + # element and the second argument as the selector. Attempts to match the + # base element and any of its children. Returns an empty array if no + # match is found. + # + # The selector may be a CSS selector expression (String), an expression + # with substitution values (Array) or an HTML::Selector object. + # + # ==== Examples + # # Selects all div tags + # divs = css_select("div") + # + # # Selects all paragraph tags and does something interesting + # pars = css_select("p") + # pars.each do |par| + # # Do something fun with paragraphs here... + # end + # + # # Selects all list items in unordered lists + # items = css_select("ul>li") + # + # # Selects all form tags and then all inputs inside the form + # forms = css_select("form") + # forms.each do |form| + # inputs = css_select(form, "input") + # ... + # end + # + def css_select(*args) + # See assert_select to understand what's going on here. + arg = args.shift + + if arg.is_a?(HTML::Node) + root = arg + arg = args.shift + elsif arg == nil + raise ArgumentError, "First argument is either selector or element to select, but nil found. Perhaps you called assert_select with an element that does not exist?" + elsif @selected + matches = [] + + @selected.each do |selected| + subset = css_select(selected, HTML::Selector.new(arg.dup, args.dup)) + subset.each do |match| + matches << match unless matches.any? { |m| m.equal?(match) } + end + end + + return matches + else + root = response_from_page_or_rjs + end + + case arg + when String + selector = HTML::Selector.new(arg, args) + when Array + selector = HTML::Selector.new(*arg) + when HTML::Selector + selector = arg + else raise ArgumentError, "Expecting a selector as the first argument" + end + + selector.select(root) + end + + # :call-seq: + # assert_select(selector, equality?, message?) + # assert_select(element, selector, equality?, message?) + # + # An assertion that selects elements and makes one or more equality tests. + # + # If the first argument is an element, selects all matching elements + # starting from (and including) that element and all its children in + # depth-first order. + # + # If no element if specified, calling +assert_select+ selects from the + # response HTML unless +assert_select+ is called from within an +assert_select+ block. + # + # When called with a block +assert_select+ passes an array of selected elements + # to the block. Calling +assert_select+ from the block, with no element specified, + # runs the assertion on the complete set of elements selected by the enclosing assertion. + # Alternatively the array may be iterated through so that +assert_select+ can be called + # separately for each element. + # + # + # ==== Example + # If the response contains two ordered lists, each with four list elements then: + # assert_select "ol" do |elements| + # elements.each do |element| + # assert_select element, "li", 4 + # end + # end + # + # will pass, as will: + # assert_select "ol" do + # assert_select "li", 8 + # end + # + # The selector may be a CSS selector expression (String), an expression + # with substitution values, or an HTML::Selector object. + # + # === Equality Tests + # + # The equality test may be one of the following: + # * true - Assertion is true if at least one element selected. + # * false - Assertion is true if no element selected. + # * String/Regexp - Assertion is true if the text value of at least + # one element matches the string or regular expression. + # * Integer - Assertion is true if exactly that number of + # elements are selected. + # * Range - Assertion is true if the number of selected + # elements fit the range. + # If no equality test specified, the assertion is true if at least one + # element selected. + # + # To perform more than one equality tests, use a hash with the following keys: + # * :text - Narrow the selection to elements that have this text + # value (string or regexp). + # * :html - Narrow the selection to elements that have this HTML + # content (string or regexp). + # * :count - Assertion is true if the number of selected elements + # is equal to this value. + # * :minimum - Assertion is true if the number of selected + # elements is at least this value. + # * :maximum - Assertion is true if the number of selected + # elements is at most this value. + # + # If the method is called with a block, once all equality tests are + # evaluated the block is called with an array of all matched elements. + # + # ==== Examples + # + # # At least one form element + # assert_select "form" + # + # # Form element includes four input fields + # assert_select "form input", 4 + # + # # Page title is "Welcome" + # assert_select "title", "Welcome" + # + # # Page title is "Welcome" and there is only one title element + # assert_select "title", {:count=>1, :text=>"Welcome"}, + # "Wrong title or more than one title element" + # + # # Page contains no forms + # assert_select "form", false, "This page must contain no forms" + # + # # Test the content and style + # assert_select "body div.header ul.menu" + # + # # Use substitution values + # assert_select "ol>li#?", /item-\d+/ + # + # # All input fields in the form have a name + # assert_select "form input" do + # assert_select "[name=?]", /.+/ # Not empty + # end + def assert_select(*args, &block) + # Start with optional element followed by mandatory selector. + arg = args.shift + + if arg.is_a?(HTML::Node) + # First argument is a node (tag or text, but also HTML root), + # so we know what we're selecting from. + root = arg + arg = args.shift + elsif arg == nil + # This usually happens when passing a node/element that + # happens to be nil. + raise ArgumentError, "First argument is either selector or element to select, but nil found. Perhaps you called assert_select with an element that does not exist?" + elsif @selected + root = HTML::Node.new(nil) + root.children.concat @selected + else + # Otherwise just operate on the response document. + root = response_from_page_or_rjs + end + + # First or second argument is the selector: string and we pass + # all remaining arguments. Array and we pass the argument. Also + # accepts selector itself. + case arg + when String + selector = HTML::Selector.new(arg, args) + when Array + selector = HTML::Selector.new(*arg) + when HTML::Selector + selector = arg + else raise ArgumentError, "Expecting a selector as the first argument" + end + + # Next argument is used for equality tests. + equals = {} + case arg = args.shift + when Hash + equals = arg + when String, Regexp + equals[:text] = arg + when Integer + equals[:count] = arg + when Range + equals[:minimum] = arg.begin + equals[:maximum] = arg.end + when FalseClass + equals[:count] = 0 + when NilClass, TrueClass + equals[:minimum] = 1 + else raise ArgumentError, "I don't understand what you're trying to match" + end + + # By default we're looking for at least one match. + if equals[:count] + equals[:minimum] = equals[:maximum] = equals[:count] + else + equals[:minimum] = 1 unless equals[:minimum] + end + + # Last argument is the message we use if the assertion fails. + message = args.shift + #- message = "No match made with selector #{selector.inspect}" unless message + if args.shift + raise ArgumentError, "Not expecting that last argument, you either have too many arguments, or they're the wrong type" + end + + matches = selector.select(root) + # If text/html, narrow down to those elements that match it. + content_mismatch = nil + if match_with = equals[:text] + matches.delete_if do |match| + text = "" + text.force_encoding(match_with.encoding) if text.respond_to?(:force_encoding) + stack = match.children.reverse + while node = stack.pop + if node.tag? + stack.concat node.children.reverse + else + content = node.content + content.force_encoding(match_with.encoding) if content.respond_to?(:force_encoding) + text << content + end + end + text.strip! unless NO_STRIP.include?(match.name) + unless match_with.is_a?(Regexp) ? (text =~ match_with) : (text == match_with.to_s) + content_mismatch ||= build_message(message, " expected but was\n.", match_with, text) + true + end + end + elsif match_with = equals[:html] + matches.delete_if do |match| + html = match.children.map(&:to_s).join + html.strip! unless NO_STRIP.include?(match.name) + unless match_with.is_a?(Regexp) ? (html =~ match_with) : (html == match_with.to_s) + content_mismatch ||= build_message(message, " expected but was\n.", match_with, html) + true + end + end + end + # Expecting foo found bar element only if found zero, not if + # found one but expecting two. + message ||= content_mismatch if matches.empty? + # Test minimum/maximum occurrence. + min, max = equals[:minimum], equals[:maximum] + message = message || %(Expected #{count_description(min, max)} matching "#{selector.to_s}", found #{matches.size}.) + assert matches.size >= min, message if min + assert matches.size <= max, message if max + + # If a block is given call that block. Set @selected to allow + # nested assert_select, which can be nested several levels deep. + if block_given? && !matches.empty? + begin + in_scope, @selected = @selected, matches + yield matches + ensure + @selected = in_scope + end + end + + # Returns all matches elements. + matches + end + + def count_description(min, max) #:nodoc: + pluralize = lambda {|word, quantity| word << (quantity == 1 ? '' : 's')} + + if min && max && (max != min) + "between #{min} and #{max} elements" + elsif min && !(min == 1 && max == 1) + "at least #{min} #{pluralize['element', min]}" + elsif max + "at most #{max} #{pluralize['element', max]}" + end + end + + # :call-seq: + # assert_select_rjs(id?) { |elements| ... } + # assert_select_rjs(statement, id?) { |elements| ... } + # assert_select_rjs(:insert, position, id?) { |elements| ... } + # + # Selects content from the RJS response. + # + # === Narrowing down + # + # With no arguments, asserts that one or more elements are updated or + # inserted by RJS statements. + # + # Use the +id+ argument to narrow down the assertion to only statements + # that update or insert an element with that identifier. + # + # Use the first argument to narrow down assertions to only statements + # of that type. Possible values are :replace, :replace_html, + # :show, :hide, :toggle, :remove and + # :insert_html. + # + # Use the argument :insert followed by an insertion position to narrow + # down the assertion to only statements that insert elements in that + # position. Possible values are :top, :bottom, :before + # and :after. + # + # Using the :remove statement, you will be able to pass a block, but it will + # be ignored as there is no HTML passed for this statement. + # + # === Using blocks + # + # Without a block, +assert_select_rjs+ merely asserts that the response + # contains one or more RJS statements that replace or update content. + # + # With a block, +assert_select_rjs+ also selects all elements used in + # these statements and passes them to the block. Nested assertions are + # supported. + # + # Calling +assert_select_rjs+ with no arguments and using nested asserts + # asserts that the HTML content is returned by one or more RJS statements. + # Using +assert_select+ directly makes the same assertion on the content, + # but without distinguishing whether the content is returned in an HTML + # or JavaScript. + # + # ==== Examples + # + # # Replacing the element foo. + # # page.replace 'foo', ... + # assert_select_rjs :replace, "foo" + # + # # Replacing with the chained RJS proxy. + # # page[:foo].replace ... + # assert_select_rjs :chained_replace, 'foo' + # + # # Inserting into the element bar, top position. + # assert_select_rjs :insert, :top, "bar" + # + # # Remove the element bar + # assert_select_rjs :remove, "bar" + # + # # Changing the element foo, with an image. + # assert_select_rjs "foo" do + # assert_select "img[src=/images/logo.gif"" + # end + # + # # RJS inserts or updates a list with four items. + # assert_select_rjs do + # assert_select "ol>li", 4 + # end + # + # # The same, but shorter. + # assert_select "ol>li", 4 + def assert_select_rjs(*args, &block) + rjs_type = args.first.is_a?(Symbol) ? args.shift : nil + id = args.first.is_a?(String) ? args.shift : nil + + # If the first argument is a symbol, it's the type of RJS statement we're looking + # for (update, replace, insertion, etc). Otherwise, we're looking for just about + # any RJS statement. + if rjs_type + if rjs_type == :insert + position = args.shift + id = args.shift + insertion = "insert_#{position}".to_sym + raise ArgumentError, "Unknown RJS insertion type #{position}" unless RJS_STATEMENTS[insertion] + statement = "(#{RJS_STATEMENTS[insertion]})" + else + raise ArgumentError, "Unknown RJS statement type #{rjs_type}" unless RJS_STATEMENTS[rjs_type] + statement = "(#{RJS_STATEMENTS[rjs_type]})" + end + else + statement = "#{RJS_STATEMENTS[:any]}" + end + + # Next argument we're looking for is the element identifier. If missing, we pick + # any element, otherwise we replace it in the statement. + pattern = Regexp.new( + id ? statement.gsub(RJS_ANY_ID, "\"#{id}\"") : statement + ) + + # Duplicate the body since the next step involves destroying it. + matches = nil + case rjs_type + when :remove, :show, :hide, :toggle + matches = @response.body.match(pattern) + else + @response.body.gsub(pattern) do |match| + html = unescape_rjs(match) + matches ||= [] + matches.concat HTML::Document.new(html).root.children.select { |n| n.tag? } + "" + end + end + + if matches + assert_block("") { true } # to count the assertion + if block_given? && !([:remove, :show, :hide, :toggle].include? rjs_type) + begin + in_scope, @selected = @selected, matches + yield matches + ensure + @selected = in_scope + end + end + matches + else + # RJS statement not found. + case rjs_type + when :remove, :show, :hide, :toggle + flunk_message = "No RJS statement that #{rjs_type.to_s}s '#{id}' was rendered." + else + flunk_message = "No RJS statement that replaces or inserts HTML content." + end + flunk args.shift || flunk_message + end + end + + # :call-seq: + # assert_select_encoded(element?) { |elements| ... } + # + # Extracts the content of an element, treats it as encoded HTML and runs + # nested assertion on it. + # + # You typically call this method within another assertion to operate on + # all currently selected elements. You can also pass an element or array + # of elements. + # + # The content of each element is un-encoded, and wrapped in the root + # element +encoded+. It then calls the block with all un-encoded elements. + # + # ==== Examples + # # Selects all bold tags from within the title of an ATOM feed's entries (perhaps to nab a section name prefix) + # assert_select_feed :atom, 1.0 do + # # Select each entry item and then the title item + # assert_select "entry>title" do + # # Run assertions on the encoded title elements + # assert_select_encoded do + # assert_select "b" + # end + # end + # end + # + # + # # Selects all paragraph tags from within the description of an RSS feed + # assert_select_feed :rss, 2.0 do + # # Select description element of each feed item. + # assert_select "channel>item>description" do + # # Run assertions on the encoded elements. + # assert_select_encoded do + # assert_select "p" + # end + # end + # end + def assert_select_encoded(element = nil, &block) + case element + when Array + elements = element + when HTML::Node + elements = [element] + when nil + unless elements = @selected + raise ArgumentError, "First argument is optional, but must be called from a nested assert_select" + end + else + raise ArgumentError, "Argument is optional, and may be node or array of nodes" + end + + fix_content = lambda do |node| + # Gets around a bug in the Rails 1.1 HTML parser. + node.content.gsub(/)?/m) { CGI.escapeHTML($1) } + end + + selected = elements.map do |element| + text = element.children.select{ |c| not c.tag? }.map{ |c| fix_content[c] }.join + root = HTML::Document.new(CGI.unescapeHTML("#{text}")).root + css_select(root, "encoded:root", &block)[0] + end + + begin + old_selected, @selected = @selected, selected + assert_select ":root", &block + ensure + @selected = old_selected + end + end + + # :call-seq: + # assert_select_email { } + # + # Extracts the body of an email and runs nested assertions on it. + # + # You must enable deliveries for this assertion to work, use: + # ActionMailer::Base.perform_deliveries = true + # + # ==== Examples + # + # assert_select_email do + # assert_select "h1", "Email alert" + # end + # + # assert_select_email do + # items = assert_select "ol>li" + # items.each do + # # Work with items here... + # end + # end + # + def assert_select_email(&block) + deliveries = ActionMailer::Base.deliveries + assert !deliveries.empty?, "No e-mail in delivery list" + + for delivery in deliveries + for part in delivery.parts + if part["Content-Type"].to_s =~ /^text\/html\W/ + root = HTML::Document.new(part.body).root + assert_select root, ":root", &block + end + end + end + end + + protected + unless const_defined?(:RJS_STATEMENTS) + RJS_PATTERN_HTML = "\"((\\\\\"|[^\"])*)\"" + RJS_ANY_ID = "\"([^\"])*\"" + RJS_STATEMENTS = { + :chained_replace => "\\$\\(#{RJS_ANY_ID}\\)\\.replace\\(#{RJS_PATTERN_HTML}\\)", + :chained_replace_html => "\\$\\(#{RJS_ANY_ID}\\)\\.update\\(#{RJS_PATTERN_HTML}\\)", + :replace_html => "Element\\.update\\(#{RJS_ANY_ID}, #{RJS_PATTERN_HTML}\\)", + :replace => "Element\\.replace\\(#{RJS_ANY_ID}, #{RJS_PATTERN_HTML}\\)" + } + [:remove, :show, :hide, :toggle].each do |action| + RJS_STATEMENTS[action] = "Element\\.#{action}\\(#{RJS_ANY_ID}\\)" + end + RJS_INSERTIONS = ["top", "bottom", "before", "after"] + RJS_INSERTIONS.each do |insertion| + RJS_STATEMENTS["insert_#{insertion}".to_sym] = "Element.insert\\(#{RJS_ANY_ID}, \\{ #{insertion}: #{RJS_PATTERN_HTML} \\}\\)" + end + RJS_STATEMENTS[:insert_html] = "Element.insert\\(#{RJS_ANY_ID}, \\{ (#{RJS_INSERTIONS.join('|')}): #{RJS_PATTERN_HTML} \\}\\)" + RJS_STATEMENTS[:any] = Regexp.new("(#{RJS_STATEMENTS.values.join('|')})") + RJS_PATTERN_UNICODE_ESCAPED_CHAR = /\\u([0-9a-zA-Z]{4})/ + end + + # +assert_select+ and +css_select+ call this to obtain the content in the HTML + # page, or from all the RJS statements, depending on the type of response. + def response_from_page_or_rjs() + content_type = @response.content_type + + if content_type && Mime::JS =~ content_type + body = @response.body.dup + root = HTML::Node.new(nil) + + while true + next if body.sub!(RJS_STATEMENTS[:any]) do |match| + html = unescape_rjs(match) + matches = HTML::Document.new(html).root.children.select { |n| n.tag? } + root.children.concat matches + "" + end + break + end + + root + else + html_document.root + end + end + + # Unescapes a RJS string. + def unescape_rjs(rjs_string) + # RJS encodes double quotes and line breaks. + unescaped= rjs_string.gsub('\"', '"') + unescaped.gsub!(/\\\//, '/') + unescaped.gsub!('\n', "\n") + unescaped.gsub!('\076', '>') + unescaped.gsub!('\074', '<') + # RJS encodes non-ascii characters. + unescaped.gsub!(RJS_PATTERN_UNICODE_ESCAPED_CHAR) {|u| [$1.hex].pack('U*')} + unescaped + end + end + end +end diff --git a/actionpack/lib/action_controller/testing/assertions/tag.rb b/actionpack/lib/action_controller/testing/assertions/tag.rb new file mode 100644 index 0000000000..80249e0e83 --- /dev/null +++ b/actionpack/lib/action_controller/testing/assertions/tag.rb @@ -0,0 +1,127 @@ +module ActionController + module Assertions + # Pair of assertions to testing elements in the HTML output of the response. + module TagAssertions + # Asserts that there is a tag/node/element in the body of the response + # that meets all of the given conditions. The +conditions+ parameter must + # be a hash of any of the following keys (all are optional): + # + # * :tag: the node type must match the corresponding value + # * :attributes: a hash. The node's attributes must match the + # corresponding values in the hash. + # * :parent: a hash. The node's parent must match the + # corresponding hash. + # * :child: a hash. At least one of the node's immediate children + # must meet the criteria described by the hash. + # * :ancestor: a hash. At least one of the node's ancestors must + # meet the criteria described by the hash. + # * :descendant: a hash. At least one of the node's descendants + # must meet the criteria described by the hash. + # * :sibling: a hash. At least one of the node's siblings must + # meet the criteria described by the hash. + # * :after: a hash. The node must be after any sibling meeting + # the criteria described by the hash, and at least one sibling must match. + # * :before: a hash. The node must be before any sibling meeting + # the criteria described by the hash, and at least one sibling must match. + # * :children: a hash, for counting children of a node. Accepts + # the keys: + # * :count: either a number or a range which must equal (or + # include) the number of children that match. + # * :less_than: the number of matching children must be less + # than this number. + # * :greater_than: the number of matching children must be + # greater than this number. + # * :only: another hash consisting of the keys to use + # to match on the children, and only matching children will be + # counted. + # * :content: the textual content of the node must match the + # given value. This will not match HTML tags in the body of a + # tag--only text. + # + # Conditions are matched using the following algorithm: + # + # * if the condition is a string, it must be a substring of the value. + # * if the condition is a regexp, it must match the value. + # * if the condition is a number, the value must match number.to_s. + # * if the condition is +true+, the value must not be +nil+. + # * if the condition is +false+ or +nil+, the value must be +nil+. + # + # === Examples + # + # # Assert that there is a "span" tag + # assert_tag :tag => "span" + # + # # Assert that there is a "span" tag with id="x" + # assert_tag :tag => "span", :attributes => { :id => "x" } + # + # # Assert that there is a "span" tag using the short-hand + # assert_tag :span + # + # # Assert that there is a "span" tag with id="x" using the short-hand + # assert_tag :span, :attributes => { :id => "x" } + # + # # Assert that there is a "span" inside of a "div" + # assert_tag :tag => "span", :parent => { :tag => "div" } + # + # # Assert that there is a "span" somewhere inside a table + # assert_tag :tag => "span", :ancestor => { :tag => "table" } + # + # # Assert that there is a "span" with at least one "em" child + # assert_tag :tag => "span", :child => { :tag => "em" } + # + # # Assert that there is a "span" containing a (possibly nested) + # # "strong" tag. + # assert_tag :tag => "span", :descendant => { :tag => "strong" } + # + # # Assert that there is a "span" containing between 2 and 4 "em" tags + # # as immediate children + # assert_tag :tag => "span", + # :children => { :count => 2..4, :only => { :tag => "em" } } + # + # # Get funky: assert that there is a "div", with an "ul" ancestor + # # and an "li" parent (with "class" = "enum"), and containing a + # # "span" descendant that contains text matching /hello world/ + # assert_tag :tag => "div", + # :ancestor => { :tag => "ul" }, + # :parent => { :tag => "li", + # :attributes => { :class => "enum" } }, + # :descendant => { :tag => "span", + # :child => /hello world/ } + # + # Please note: +assert_tag+ and +assert_no_tag+ only work + # with well-formed XHTML. They recognize a few tags as implicitly self-closing + # (like br and hr and such) but will not work correctly with tags + # that allow optional closing tags (p, li, td). You must explicitly + # close all of your tags to use these assertions. + def assert_tag(*opts) + clean_backtrace do + opts = opts.size > 1 ? opts.last.merge({ :tag => opts.first.to_s }) : opts.first + tag = find_tag(opts) + assert tag, "expected tag, but no tag found matching #{opts.inspect} in:\n#{@response.body.inspect}" + end + end + + # Identical to +assert_tag+, but asserts that a matching tag does _not_ + # exist. (See +assert_tag+ for a full discussion of the syntax.) + # + # === Examples + # # Assert that there is not a "div" containing a "p" + # assert_no_tag :tag => "div", :descendant => { :tag => "p" } + # + # # Assert that an unordered list is empty + # assert_no_tag :tag => "ul", :descendant => { :tag => "li" } + # + # # Assert that there is not a "p" tag with between 1 to 3 "img" tags + # # as immediate children + # assert_no_tag :tag => "p", + # :children => { :count => 1..3, :only => { :tag => "img" } } + def assert_no_tag(*opts) + clean_backtrace do + opts = opts.size > 1 ? opts.last.merge({ :tag => opts.first.to_s }) : opts.first + tag = find_tag(opts) + assert !tag, "expected no tag, but found tag matching #{opts.inspect} in:\n#{@response.body.inspect}" + end + end + end + end +end diff --git a/actionpack/lib/action_controller/testing/integration.rb b/actionpack/lib/action_controller/testing/integration.rb new file mode 100644 index 0000000000..163ba84a3e --- /dev/null +++ b/actionpack/lib/action_controller/testing/integration.rb @@ -0,0 +1,676 @@ +require 'stringio' +require 'uri' +require 'active_support/test_case' + +module ActionController + module Integration #:nodoc: + # An integration Session instance represents a set of requests and responses + # performed sequentially by some virtual user. Becase you can instantiate + # multiple sessions and run them side-by-side, you can also mimic (to some + # limited extent) multiple simultaneous users interacting with your system. + # + # Typically, you will instantiate a new session using + # IntegrationTest#open_session, rather than instantiating + # Integration::Session directly. + class Session + include Test::Unit::Assertions + include ActionController::TestCase::Assertions + include ActionController::TestProcess + + # Rack application to use + attr_accessor :application + + # The integer HTTP status code of the last request. + attr_reader :status + + # The status message that accompanied the status code of the last request. + attr_reader :status_message + + # The URI of the last request. + attr_reader :path + + # The hostname used in the last request. + attr_accessor :host + + # The remote_addr used in the last request. + attr_accessor :remote_addr + + # The Accept header to send. + attr_accessor :accept + + # A map of the cookies returned by the last response, and which will be + # sent with the next request. + attr_reader :cookies + + # A map of the headers returned by the last response. + attr_reader :headers + + # A reference to the controller instance used by the last request. + attr_reader :controller + + # A reference to the request instance used by the last request. + attr_reader :request + + # A reference to the response instance used by the last request. + attr_reader :response + + # A running counter of the number of requests processed. + attr_accessor :request_count + + class MultiPartNeededException < Exception + end + + # Create and initialize a new Session instance. + def initialize(app = nil) + @application = app || ActionController::Dispatcher.new + reset! + end + + # Resets the instance. This can be used to reset the state information + # in an existing session instance, so it can be used from a clean-slate + # condition. + # + # session.reset! + def reset! + @status = @path = @headers = nil + @result = @status_message = nil + @https = false + @cookies = {} + @controller = @request = @response = nil + @request_count = 0 + + self.host = "www.example.com" + self.remote_addr = "127.0.0.1" + self.accept = "text/xml,application/xml,application/xhtml+xml," + + "text/html;q=0.9,text/plain;q=0.8,image/png," + + "*/*;q=0.5" + + unless defined? @named_routes_configured + # install the named routes in this session instance. + klass = class << self; self; end + Routing::Routes.install_helpers(klass) + + # the helpers are made protected by default--we make them public for + # easier access during testing and troubleshooting. + klass.module_eval { public *Routing::Routes.named_routes.helpers } + @named_routes_configured = true + end + end + + # Specify whether or not the session should mimic a secure HTTPS request. + # + # session.https! + # session.https!(false) + def https!(flag = true) + @https = flag + end + + # Return +true+ if the session is mimicking a secure HTTPS request. + # + # if session.https? + # ... + # end + def https? + @https + end + + # Set the host name to use in the next request. + # + # session.host! "www.example.com" + def host!(name) + @host = name + end + + # Follow a single redirect response. If the last response was not a + # redirect, an exception will be raised. Otherwise, the redirect is + # performed on the location header. + def follow_redirect! + raise "not a redirect! #{@status} #{@status_message}" unless redirect? + get(interpret_uri(headers['location'])) + status + end + + # Performs a request using the specified method, following any subsequent + # redirect. Note that the redirects are followed until the response is + # not a redirect--this means you may run into an infinite loop if your + # redirect loops back to itself. + def request_via_redirect(http_method, path, parameters = nil, headers = nil) + send(http_method, path, parameters, headers) + follow_redirect! while redirect? + status + end + + # Performs a GET request, following any subsequent redirect. + # See +request_via_redirect+ for more information. + def get_via_redirect(path, parameters = nil, headers = nil) + request_via_redirect(:get, path, parameters, headers) + end + + # Performs a POST request, following any subsequent redirect. + # See +request_via_redirect+ for more information. + def post_via_redirect(path, parameters = nil, headers = nil) + request_via_redirect(:post, path, parameters, headers) + end + + # Performs a PUT request, following any subsequent redirect. + # See +request_via_redirect+ for more information. + def put_via_redirect(path, parameters = nil, headers = nil) + request_via_redirect(:put, path, parameters, headers) + end + + # Performs a DELETE request, following any subsequent redirect. + # See +request_via_redirect+ for more information. + def delete_via_redirect(path, parameters = nil, headers = nil) + request_via_redirect(:delete, path, parameters, headers) + end + + # Returns +true+ if the last response was a redirect. + def redirect? + status/100 == 3 + end + + # Performs a GET request with the given parameters. + # + # - +path+: The URI (as a String) on which you want to perform a GET + # request. + # - +parameters+: The HTTP parameters that you want to pass. This may + # be +nil+, + # a Hash, or a String that is appropriately encoded + # (application/x-www-form-urlencoded or + # multipart/form-data). + # - +headers+: Additional HTTP headers to pass, as a Hash. The keys will + # automatically be upcased, with the prefix 'HTTP_' added if needed. + # + # This method returns an Response object, which one can use to + # inspect the details of the response. Furthermore, if this method was + # called from an ActionController::IntegrationTest object, then that + # object's @response instance variable will point to the same + # response object. + # + # You can also perform POST, PUT, DELETE, and HEAD requests with +post+, + # +put+, +delete+, and +head+. + def get(path, parameters = nil, headers = nil) + process :get, path, parameters, headers + end + + # Performs a POST request with the given parameters. See get() for more + # details. + def post(path, parameters = nil, headers = nil) + process :post, path, parameters, headers + end + + # Performs a PUT request with the given parameters. See get() for more + # details. + def put(path, parameters = nil, headers = nil) + process :put, path, parameters, headers + end + + # Performs a DELETE request with the given parameters. See get() for + # more details. + def delete(path, parameters = nil, headers = nil) + process :delete, path, parameters, headers + end + + # Performs a HEAD request with the given parameters. See get() for more + # details. + def head(path, parameters = nil, headers = nil) + process :head, path, parameters, headers + end + + # Performs an XMLHttpRequest request with the given parameters, mirroring + # a request from the Prototype library. + # + # The request_method is :get, :post, :put, :delete or :head; the + # parameters are +nil+, a hash, or a url-encoded or multipart string; + # the headers are a hash. Keys are automatically upcased and prefixed + # with 'HTTP_' if not already. + def xml_http_request(request_method, path, parameters = nil, headers = nil) + headers ||= {} + headers['X-Requested-With'] = 'XMLHttpRequest' + headers['Accept'] ||= [Mime::JS, Mime::HTML, Mime::XML, 'text/xml', Mime::ALL].join(', ') + process(request_method, path, parameters, headers) + end + alias xhr :xml_http_request + + # Returns the URL for the given options, according to the rules specified + # in the application's routes. + def url_for(options) + controller ? + controller.url_for(options) : + generic_url_rewriter.rewrite(options) + end + + private + # Tailors the session based on the given URI, setting the HTTPS value + # and the hostname. + def interpret_uri(path) + location = URI.parse(path) + https! URI::HTTPS === location if location.scheme + host! location.host if location.host + location.query ? "#{location.path}?#{location.query}" : location.path + end + + # Performs the actual request. + def process(method, path, parameters = nil, headers = nil) + data = requestify(parameters) + path = interpret_uri(path) if path =~ %r{://} + path = "/#{path}" unless path[0] == ?/ + @path = path + env = {} + + if method == :get + env["QUERY_STRING"] = data + data = nil + end + + env["QUERY_STRING"] ||= "" + + data = data.is_a?(IO) ? data : StringIO.new(data || '') + + env.update( + "REQUEST_METHOD" => method.to_s.upcase, + "SERVER_NAME" => host, + "SERVER_PORT" => (https? ? "443" : "80"), + "HTTPS" => https? ? "on" : "off", + "rack.url_scheme" => https? ? "https" : "http", + "SCRIPT_NAME" => "", + + "REQUEST_URI" => path, + "PATH_INFO" => path, + "HTTP_HOST" => host, + "REMOTE_ADDR" => remote_addr, + "CONTENT_TYPE" => "application/x-www-form-urlencoded", + "CONTENT_LENGTH" => data ? data.length.to_s : nil, + "HTTP_COOKIE" => encode_cookies, + "HTTP_ACCEPT" => accept, + + "rack.version" => [0,1], + "rack.input" => data, + "rack.errors" => StringIO.new, + "rack.multithread" => true, + "rack.multiprocess" => true, + "rack.run_once" => false, + + "rack.test" => true + ) + + (headers || {}).each do |key, value| + key = key.to_s.upcase.gsub(/-/, "_") + key = "HTTP_#{key}" unless env.has_key?(key) || key =~ /^HTTP_/ + env[key] = value + end + + [ControllerCapture, ActionController::ProcessWithTest].each do |mod| + unless ActionController::Base < mod + ActionController::Base.class_eval { include mod } + end + end + + ActionController::Base.clear_last_instantiation! + + app = Rack::Lint.new(@application) + + status, headers, body = app.call(env) + @request_count += 1 + + @html_document = nil + + @status = status.to_i + @status_message = StatusCodes::STATUS_CODES[@status] + + @headers = Rack::Utils::HeaderHash.new(headers) + + (@headers['Set-Cookie'] || []).each do |cookie| + name, value = cookie.match(/^([^=]*)=([^;]*);/)[1,2] + @cookies[name] = value + end + + @body = "" + body.each { |part| @body << part } + + if @controller = ActionController::Base.last_instantiation + @request = @controller.request + @response = @controller.response + @controller.send(:set_test_assigns) + else + # Decorate responses from Rack Middleware and Rails Metal + # as an Response for the purposes of integration testing + @response = Response.new + @response.status = status.to_s + @response.headers.replace(@headers) + @response.body = @body + end + + # Decorate the response with the standard behavior of the + # TestResponse so that things like assert_response can be + # used in integration tests. + @response.extend(TestResponseBehavior) + + return @status + rescue MultiPartNeededException + boundary = "----------XnJLe9ZIbbGUYtzPQJ16u1" + status = process(method, path, + multipart_body(parameters, boundary), + (headers || {}).merge( + {"CONTENT_TYPE" => "multipart/form-data; boundary=#{boundary}"})) + return status + end + + # Encode the cookies hash in a format suitable for passing to a + # request. + def encode_cookies + cookies.inject("") do |string, (name, value)| + string << "#{name}=#{value}; " + end + end + + # Get a temporary URL writer object + def generic_url_rewriter + env = { + 'REQUEST_METHOD' => "GET", + 'QUERY_STRING' => "", + "REQUEST_URI" => "/", + "HTTP_HOST" => host, + "SERVER_PORT" => https? ? "443" : "80", + "HTTPS" => https? ? "on" : "off" + } + UrlRewriter.new(Request.new(env), {}) + end + + def name_with_prefix(prefix, name) + prefix ? "#{prefix}[#{name}]" : name.to_s + end + + # Convert the given parameters to a request string. The parameters may + # be a string, +nil+, or a Hash. + def requestify(parameters, prefix=nil) + if TestUploadedFile === parameters + raise MultiPartNeededException + elsif Hash === parameters + return nil if parameters.empty? + parameters.map { |k,v| + requestify(v, name_with_prefix(prefix, k)) + }.join("&") + elsif Array === parameters + parameters.map { |v| + requestify(v, name_with_prefix(prefix, "")) + }.join("&") + elsif prefix.nil? + parameters + else + "#{CGI.escape(prefix)}=#{CGI.escape(parameters.to_s)}" + end + end + + def multipart_requestify(params, first=true) + returning Hash.new do |p| + params.each do |key, value| + k = first ? CGI.escape(key.to_s) : "[#{CGI.escape(key.to_s)}]" + if Hash === value + multipart_requestify(value, false).each do |subkey, subvalue| + p[k + subkey] = subvalue + end + else + p[k] = value + end + end + end + end + + def multipart_body(params, boundary) + multipart_requestify(params).map do |key, value| + if value.respond_to?(:original_filename) + File.open(value.path, "rb") do |f| + f.set_encoding(Encoding::BINARY) if f.respond_to?(:set_encoding) + + <<-EOF +--#{boundary}\r +Content-Disposition: form-data; name="#{key}"; filename="#{CGI.escape(value.original_filename)}"\r +Content-Type: #{value.content_type}\r +Content-Length: #{File.stat(value.path).size}\r +\r +#{f.read}\r +EOF + end + else +<<-EOF +--#{boundary}\r +Content-Disposition: form-data; name="#{key}"\r +\r +#{value}\r +EOF + end + end.join("")+"--#{boundary}--\r" + end + end + + # A module used to extend ActionController::Base, so that integration tests + # can capture the controller used to satisfy a request. + module ControllerCapture #:nodoc: + def self.included(base) + base.extend(ClassMethods) + base.class_eval do + class << self + alias_method_chain :new, :capture + end + end + end + + module ClassMethods #:nodoc: + mattr_accessor :last_instantiation + + def clear_last_instantiation! + self.last_instantiation = nil + end + + def new_with_capture(*args) + controller = new_without_capture(*args) + self.last_instantiation ||= controller + controller + end + end + end + + module Runner + # Reset the current session. This is useful for testing multiple sessions + # in a single test case. + def reset! + @integration_session = open_session + end + + %w(get post put head delete cookies assigns + xml_http_request xhr get_via_redirect post_via_redirect).each do |method| + define_method(method) do |*args| + reset! unless @integration_session + # reset the html_document variable, but only for new get/post calls + @html_document = nil unless %w(cookies assigns).include?(method) + returning @integration_session.__send__(method, *args) do + copy_session_variables! + end + end + end + + # Open a new session instance. If a block is given, the new session is + # yielded to the block before being returned. + # + # session = open_session do |sess| + # sess.extend(CustomAssertions) + # end + # + # By default, a single session is automatically created for you, but you + # can use this method to open multiple sessions that ought to be tested + # simultaneously. + def open_session(application = nil) + session = Integration::Session.new(application) + + # delegate the fixture accessors back to the test instance + extras = Module.new { attr_accessor :delegate, :test_result } + if self.class.respond_to?(:fixture_table_names) + self.class.fixture_table_names.each do |table_name| + name = table_name.tr(".", "_") + next unless respond_to?(name) + extras.__send__(:define_method, name) { |*args| + delegate.send(name, *args) + } + end + end + + # delegate add_assertion to the test case + extras.__send__(:define_method, :add_assertion) { + test_result.add_assertion + } + session.extend(extras) + session.delegate = self + session.test_result = @_result + + yield session if block_given? + session + end + + # Copy the instance variables from the current session instance into the + # test instance. + def copy_session_variables! #:nodoc: + return unless @integration_session + %w(controller response request).each do |var| + instance_variable_set("@#{var}", @integration_session.__send__(var)) + end + end + + # Delegate unhandled messages to the current session instance. + def method_missing(sym, *args, &block) + reset! unless @integration_session + returning @integration_session.__send__(sym, *args, &block) do + copy_session_variables! + end + end + end + end + + # An IntegrationTest is one that spans multiple controllers and actions, + # tying them all together to ensure they work together as expected. It tests + # more completely than either unit or functional tests do, exercising the + # entire stack, from the dispatcher to the database. + # + # At its simplest, you simply extend IntegrationTest and write your tests + # using the get/post methods: + # + # require "#{File.dirname(__FILE__)}/test_helper" + # + # class ExampleTest < ActionController::IntegrationTest + # fixtures :people + # + # def test_login + # # get the login page + # get "/login" + # assert_equal 200, status + # + # # post the login and follow through to the home page + # post "/login", :username => people(:jamis).username, + # :password => people(:jamis).password + # follow_redirect! + # assert_equal 200, status + # assert_equal "/home", path + # end + # end + # + # However, you can also have multiple session instances open per test, and + # even extend those instances with assertions and methods to create a very + # powerful testing DSL that is specific for your application. You can even + # reference any named routes you happen to have defined! + # + # require "#{File.dirname(__FILE__)}/test_helper" + # + # class AdvancedTest < ActionController::IntegrationTest + # fixtures :people, :rooms + # + # def test_login_and_speak + # jamis, david = login(:jamis), login(:david) + # room = rooms(:office) + # + # jamis.enter(room) + # jamis.speak(room, "anybody home?") + # + # david.enter(room) + # david.speak(room, "hello!") + # end + # + # private + # + # module CustomAssertions + # def enter(room) + # # reference a named route, for maximum internal consistency! + # get(room_url(:id => room.id)) + # assert(...) + # ... + # end + # + # def speak(room, message) + # xml_http_request "/say/#{room.id}", :message => message + # assert(...) + # ... + # end + # end + # + # def login(who) + # open_session do |sess| + # sess.extend(CustomAssertions) + # who = people(who) + # sess.post "/login", :username => who.username, + # :password => who.password + # assert(...) + # end + # end + # end + class IntegrationTest < ActiveSupport::TestCase + include Integration::Runner + + # Work around a bug in test/unit caused by the default test being named + # as a symbol (:default_test), which causes regex test filters + # (like "ruby test.rb -n /foo/") to fail because =~ doesn't work on + # symbols. + def initialize(name) #:nodoc: + super(name.to_s) + end + + # Work around test/unit's requirement that every subclass of TestCase have + # at least one test method. Note that this implementation extends to all + # subclasses, as well, so subclasses of IntegrationTest may also exist + # without any test methods. + def run(*args) #:nodoc: + return if @method_name == "default_test" + super + end + + # Because of how use_instantiated_fixtures and use_transactional_fixtures + # are defined, we need to treat them as special cases. Otherwise, users + # would potentially have to set their values for both Test::Unit::TestCase + # ActionController::IntegrationTest, since by the time the value is set on + # TestCase, IntegrationTest has already been defined and cannot inherit + # changes to those variables. So, we make those two attributes + # copy-on-write. + + class << self + def use_transactional_fixtures=(flag) #:nodoc: + @_use_transactional_fixtures = true + @use_transactional_fixtures = flag + end + + def use_instantiated_fixtures=(flag) #:nodoc: + @_use_instantiated_fixtures = true + @use_instantiated_fixtures = flag + end + + def use_transactional_fixtures #:nodoc: + @_use_transactional_fixtures ? + @use_transactional_fixtures : + superclass.use_transactional_fixtures + end + + def use_instantiated_fixtures #:nodoc: + @_use_instantiated_fixtures ? + @use_instantiated_fixtures : + superclass.use_instantiated_fixtures + end + end + end +end diff --git a/actionpack/lib/action_controller/testing/performance.rb b/actionpack/lib/action_controller/testing/performance.rb new file mode 100644 index 0000000000..d88180087d --- /dev/null +++ b/actionpack/lib/action_controller/testing/performance.rb @@ -0,0 +1,15 @@ +require 'active_support/testing/performance' +require 'active_support/testing/default' + +module ActionController + # An integration test that runs a code profiler on your test methods. + # Profiling output for combinations of each test method, measurement, and + # output format are written to your tmp/performance directory. + # + # By default, process_time is measured and both flat and graph_html output + # formats are written, so you'll have two output files per test method. + class PerformanceTest < ActionController::IntegrationTest + include ActiveSupport::Testing::Performance + include ActiveSupport::Testing::Default + end +end diff --git a/actionpack/lib/action_controller/testing/process.rb b/actionpack/lib/action_controller/testing/process.rb new file mode 100644 index 0000000000..22b97fc157 --- /dev/null +++ b/actionpack/lib/action_controller/testing/process.rb @@ -0,0 +1,543 @@ +module ActionController #:nodoc: + class TestRequest < Request #:nodoc: + attr_accessor :cookies, :session_options + attr_accessor :query_parameters, :path, :session + attr_accessor :host + + def initialize + super(Rack::MockRequest.env_for("/")) + + @query_parameters = {} + @session = TestSession.new + + initialize_default_values + initialize_containers + end + + def reset_session + @session = TestSession.new + end + + # Wraps raw_post in a StringIO. + def body_stream #:nodoc: + StringIO.new(raw_post) + end + + # Either the RAW_POST_DATA environment variable or the URL-encoded request + # parameters. + def raw_post + @env['RAW_POST_DATA'] ||= begin + data = url_encoded_request_parameters + data.force_encoding(Encoding::BINARY) if data.respond_to?(:force_encoding) + data + end + end + + def port=(number) + @env["SERVER_PORT"] = number.to_i + port(true) + end + + def action=(action_name) + @query_parameters.update({ "action" => action_name }) + @parameters = nil + end + + # Used to check AbstractRequest's request_uri functionality. + # Disables the use of @path and @request_uri so superclass can handle those. + def set_REQUEST_URI(value) + @env["REQUEST_URI"] = value + @request_uri = nil + @path = nil + request_uri(true) + path(true) + end + + def request_uri=(uri) + @request_uri = uri + @path = uri.split("?").first + end + + def accept=(mime_types) + @env["HTTP_ACCEPT"] = Array(mime_types).collect { |mime_types| mime_types.to_s }.join(",") + accepts(true) + end + + def if_modified_since=(last_modified) + @env["HTTP_IF_MODIFIED_SINCE"] = last_modified + end + + def if_none_match=(etag) + @env["HTTP_IF_NONE_MATCH"] = etag + end + + def remote_addr=(addr) + @env['REMOTE_ADDR'] = addr + end + + def request_uri(*args) + @request_uri || super + end + + def path(*args) + @path || super + end + + def assign_parameters(controller_path, action, parameters) + parameters = parameters.symbolize_keys.merge(:controller => controller_path, :action => action) + extra_keys = ActionController::Routing::Routes.extra_keys(parameters) + non_path_parameters = get? ? query_parameters : request_parameters + parameters.each do |key, value| + if value.is_a? Fixnum + value = value.to_s + elsif value.is_a? Array + value = ActionController::Routing::PathSegment::Result.new(value) + end + + if extra_keys.include?(key.to_sym) + non_path_parameters[key] = value + else + path_parameters[key.to_s] = value + end + end + raw_post # populate env['RAW_POST_DATA'] + @parameters = nil # reset TestRequest#parameters to use the new path_parameters + end + + def recycle! + self.query_parameters = {} + self.path_parameters = {} + unmemoize_all + end + + def user_agent=(user_agent) + @env['HTTP_USER_AGENT'] = user_agent + end + + private + def initialize_containers + @cookies = {} + end + + def initialize_default_values + @host = "test.host" + @request_uri = "/" + @env['HTTP_USER_AGENT'] = "Rails Testing" + @env['REMOTE_ADDR'] = "0.0.0.0" + @env["SERVER_PORT"] = 80 + @env['REQUEST_METHOD'] = "GET" + end + + def url_encoded_request_parameters + params = self.request_parameters.dup + + %w(controller action only_path).each do |k| + params.delete(k) + params.delete(k.to_sym) + end + + params.to_query + end + end + + # A refactoring of TestResponse to allow the same behavior to be applied + # to the "real" CgiResponse class in integration tests. + module TestResponseBehavior #:nodoc: + # The response code of the request + def response_code + status.to_s[0,3].to_i rescue 0 + end + + # Returns a String to ensure compatibility with Net::HTTPResponse + def code + status.to_s.split(' ')[0] + end + + def message + status.to_s.split(' ',2)[1] + end + + # Was the response successful? + def success? + (200..299).include?(response_code) + end + + # Was the URL not found? + def missing? + response_code == 404 + end + + # Were we redirected? + def redirect? + (300..399).include?(response_code) + end + + # Was there a server-side error? + def error? + (500..599).include?(response_code) + end + + alias_method :server_error?, :error? + + # Was there a client client? + def client_error? + (400..499).include?(response_code) + end + + # Returns the redirection location or nil + def redirect_url + headers['Location'] + end + + # Does the redirect location match this regexp pattern? + def redirect_url_match?( pattern ) + return false if redirect_url.nil? + p = Regexp.new(pattern) if pattern.class == String + p = pattern if pattern.class == Regexp + return false if p.nil? + p.match(redirect_url) != nil + end + + # Returns the template of the file which was used to + # render this response (or nil) + def rendered + template.instance_variable_get(:@_rendered) + end + + # A shortcut to the flash. Returns an empty hash if no session flash exists. + def flash + session['flash'] || {} + end + + # Do we have a flash? + def has_flash? + !flash.empty? + end + + # Do we have a flash that has contents? + def has_flash_with_contents? + !flash.empty? + end + + # Does the specified flash object exist? + def has_flash_object?(name=nil) + !flash[name].nil? + end + + # Does the specified object exist in the session? + def has_session_object?(name=nil) + !session[name].nil? + end + + # A shortcut to the template.assigns + def template_objects + template.assigns || {} + end + + # Does the specified template object exist? + def has_template_object?(name=nil) + !template_objects[name].nil? + end + + # Returns the response cookies, converted to a Hash of (name => value) pairs + # + # assert_equal 'AuthorOfNewPage', r.cookies['author'] + def cookies + cookies = {} + Array(headers['Set-Cookie']).each do |cookie| + key, value = cookie.split(";").first.split("=") + cookies[key] = value + end + cookies + end + + # Returns binary content (downloadable file), converted to a String + def binary_content + raise "Response body is not a Proc: #{body.inspect}" unless body.kind_of?(Proc) + require 'stringio' + + sio = StringIO.new + body.call(self, sio) + + sio.rewind + sio.read + end + end + + # Integration test methods such as ActionController::Integration::Session#get + # and ActionController::Integration::Session#post return objects of class + # TestResponse, which represent the HTTP response results of the requested + # controller actions. + # + # See Response for more information on controller response objects. + class TestResponse < Response + include TestResponseBehavior + + def recycle! + headers.delete('ETag') + headers.delete('Last-Modified') + end + end + + class TestSession #:nodoc: + attr_accessor :session_id + + def initialize(attributes = nil) + @session_id = '' + @attributes = attributes.nil? ? nil : attributes.stringify_keys + @saved_attributes = nil + end + + def data + @attributes ||= @saved_attributes || {} + end + + def [](key) + data[key.to_s] + end + + def []=(key, value) + data[key.to_s] = value + end + + def update + @saved_attributes = @attributes + end + + def delete + @attributes = nil + end + + def close + update + delete + end + end + + # Essentially generates a modified Tempfile object similar to the object + # you'd get from the standard library CGI module in a multipart + # request. This means you can use an ActionController::TestUploadedFile + # object in the params of a test request in order to simulate + # a file upload. + # + # Usage example, within a functional test: + # post :change_avatar, :avatar => ActionController::TestUploadedFile.new(ActionController::TestCase.fixture_path + '/files/spongebob.png', 'image/png') + # + # Pass a true third parameter to ensure the uploaded file is opened in binary mode (only required for Windows): + # post :change_avatar, :avatar => ActionController::TestUploadedFile.new(ActionController::TestCase.fixture_path + '/files/spongebob.png', 'image/png', :binary) + require 'tempfile' + class TestUploadedFile + # The filename, *not* including the path, of the "uploaded" file + attr_reader :original_filename + + # The content type of the "uploaded" file + attr_accessor :content_type + + def initialize(path, content_type = Mime::TEXT, binary = false) + raise "#{path} file does not exist" unless File.exist?(path) + @content_type = content_type + @original_filename = path.sub(/^.*#{File::SEPARATOR}([^#{File::SEPARATOR}]+)$/) { $1 } + @tempfile = Tempfile.new(@original_filename) + @tempfile.set_encoding(Encoding::BINARY) if @tempfile.respond_to?(:set_encoding) + @tempfile.binmode if binary + FileUtils.copy_file(path, @tempfile.path) + end + + def path #:nodoc: + @tempfile.path + end + + alias local_path path + + def method_missing(method_name, *args, &block) #:nodoc: + @tempfile.__send__(method_name, *args, &block) + end + end + + module TestProcess + def self.included(base) + # Executes a request simulating GET HTTP method and set/volley the response + def get(action, parameters = nil, session = nil, flash = nil) + process(action, parameters, session, flash, "GET") + end + + # Executes a request simulating POST HTTP method and set/volley the response + def post(action, parameters = nil, session = nil, flash = nil) + process(action, parameters, session, flash, "POST") + end + + # Executes a request simulating PUT HTTP method and set/volley the response + def put(action, parameters = nil, session = nil, flash = nil) + process(action, parameters, session, flash, "PUT") + end + + # Executes a request simulating DELETE HTTP method and set/volley the response + def delete(action, parameters = nil, session = nil, flash = nil) + process(action, parameters, session, flash, "DELETE") + end + + # Executes a request simulating HEAD HTTP method and set/volley the response + def head(action, parameters = nil, session = nil, flash = nil) + process(action, parameters, session, flash, "HEAD") + end + end + + def process(action, parameters = nil, session = nil, flash = nil, http_method = 'GET') + # Sanity check for required instance variables so we can give an + # understandable error message. + %w(@controller @request @response).each do |iv_name| + if !(instance_variable_names.include?(iv_name) || instance_variable_names.include?(iv_name.to_sym)) || instance_variable_get(iv_name).nil? + raise "#{iv_name} is nil: make sure you set it in your test's setup method." + end + end + + @request.recycle! + @response.recycle! + + @html_document = nil + @request.env['REQUEST_METHOD'] = http_method + + @request.action = action.to_s + + parameters ||= {} + @request.assign_parameters(@controller.class.controller_path, action.to_s, parameters) + + @request.session = ActionController::TestSession.new(session) unless session.nil? + @request.session["flash"] = ActionController::Flash::FlashHash.new.update(flash) if flash + build_request_uri(action, parameters) + + Base.class_eval { include ProcessWithTest } unless Base < ProcessWithTest + @controller.process_with_test(@request, @response) + end + + def xml_http_request(request_method, action, parameters = nil, session = nil, flash = nil) + @request.env['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' + @request.env['HTTP_ACCEPT'] = [Mime::JS, Mime::HTML, Mime::XML, 'text/xml', Mime::ALL].join(', ') + returning __send__(request_method, action, parameters, session, flash) do + @request.env.delete 'HTTP_X_REQUESTED_WITH' + @request.env.delete 'HTTP_ACCEPT' + end + end + alias xhr :xml_http_request + + def assigns(key = nil) + if key.nil? + @response.template.assigns + else + @response.template.assigns[key.to_s] + end + end + + def session + @request.session + end + + def flash + @response.flash + end + + def cookies + @response.cookies + end + + def redirect_to_url + @response.redirect_url + end + + def build_request_uri(action, parameters) + unless @request.env['REQUEST_URI'] + options = @controller.__send__(:rewrite_options, parameters) + options.update(:only_path => true, :action => action) + + url = ActionController::UrlRewriter.new(@request, parameters) + @request.set_REQUEST_URI(url.rewrite(options)) + end + end + + def html_document + xml = @response.content_type =~ /xml$/ + @html_document ||= HTML::Document.new(@response.body, false, xml) + end + + def find_tag(conditions) + html_document.find(conditions) + end + + def find_all_tag(conditions) + html_document.find_all(conditions) + end + + def method_missing(selector, *args, &block) + if @controller && ActionController::Routing::Routes.named_routes.helpers.include?(selector) + @controller.send(selector, *args, &block) + else + super + end + end + + # Shortcut for ActionController::TestUploadedFile.new(ActionController::TestCase.fixture_path + path, type): + # + # post :change_avatar, :avatar => fixture_file_upload('/files/spongebob.png', 'image/png') + # + # To upload binary files on Windows, pass :binary as the last parameter. + # This will not affect other platforms: + # + # post :change_avatar, :avatar => fixture_file_upload('/files/spongebob.png', 'image/png', :binary) + def fixture_file_upload(path, mime_type = nil, binary = false) + fixture_path = ActionController::TestCase.send(:fixture_path) if ActionController::TestCase.respond_to?(:fixture_path) + ActionController::TestUploadedFile.new("#{fixture_path}#{path}", mime_type, binary) + end + + # A helper to make it easier to test different route configurations. + # This method temporarily replaces ActionController::Routing::Routes + # with a new RouteSet instance. + # + # The new instance is yielded to the passed block. Typically the block + # will create some routes using map.draw { map.connect ... }: + # + # with_routing do |set| + # set.draw do |map| + # map.connect ':controller/:action/:id' + # assert_equal( + # ['/content/10/show', {}], + # map.generate(:controller => 'content', :id => 10, :action => 'show') + # end + # end + # end + # + def with_routing + real_routes = ActionController::Routing::Routes + ActionController::Routing.module_eval { remove_const :Routes } + + temporary_routes = ActionController::Routing::RouteSet.new + ActionController::Routing.module_eval { const_set :Routes, temporary_routes } + + yield temporary_routes + ensure + if ActionController::Routing.const_defined? :Routes + ActionController::Routing.module_eval { remove_const :Routes } + end + ActionController::Routing.const_set(:Routes, real_routes) if real_routes + end + end + + module ProcessWithTest #:nodoc: + def self.included(base) + base.class_eval { attr_reader :assigns } + end + + def process_with_test(*args) + process(*args).tap { set_test_assigns } + end + + private + def set_test_assigns + @assigns = {} + (instance_variable_names - self.class.protected_instance_variables).each do |var| + name, value = var[1..-1], instance_variable_get(var) + @assigns[name] = value + response.template.assigns[name] = value if response + end + end + end +end diff --git a/actionpack/lib/action_controller/testing/test_case.rb b/actionpack/lib/action_controller/testing/test_case.rb new file mode 100644 index 0000000000..c14785ba83 --- /dev/null +++ b/actionpack/lib/action_controller/testing/test_case.rb @@ -0,0 +1,199 @@ +require 'active_support/test_case' +require 'action_controller/testing/process' + +module ActionController + # Superclass for ActionController functional tests. Functional tests allow you to + # test a single controller action per test method. This should not be confused with + # integration tests (see ActionController::IntegrationTest), which are more like + # "stories" that can involve multiple controllers and mutliple actions (i.e. multiple + # different HTTP requests). + # + # == Basic example + # + # Functional tests are written as follows: + # 1. First, one uses the +get+, +post+, +put+, +delete+ or +head+ method to simulate + # an HTTP request. + # 2. Then, one asserts whether the current state is as expected. "State" can be anything: + # the controller's HTTP response, the database contents, etc. + # + # For example: + # + # class BooksControllerTest < ActionController::TestCase + # def test_create + # # Simulate a POST response with the given HTTP parameters. + # post(:create, :book => { :title => "Love Hina" }) + # + # # Assert that the controller tried to redirect us to + # # the created book's URI. + # assert_response :found + # + # # Assert that the controller really put the book in the database. + # assert_not_nil Book.find_by_title("Love Hina") + # end + # end + # + # == Special instance variables + # + # ActionController::TestCase will also automatically provide the following instance + # variables for use in the tests: + # + # @controller:: + # The controller instance that will be tested. + # @request:: + # An ActionController::TestRequest, representing the current HTTP + # request. You can modify this object before sending the HTTP request. For example, + # you might want to set some session properties before sending a GET request. + # @response:: + # An ActionController::TestResponse object, representing the response + # of the last HTTP response. In the above example, @response becomes valid + # after calling +post+. If the various assert methods are not sufficient, then you + # may use this object to inspect the HTTP response in detail. + # + # (Earlier versions of Rails required each functional test to subclass + # Test::Unit::TestCase and define @controller, @request, @response in +setup+.) + # + # == Controller is automatically inferred + # + # ActionController::TestCase will automatically infer the controller under test + # from the test class name. If the controller cannot be inferred from the test + # class name, you can explicity set it with +tests+. + # + # class SpecialEdgeCaseWidgetsControllerTest < ActionController::TestCase + # tests WidgetController + # end + # + # == Testing controller internals + # + # In addition to these specific assertions, you also have easy access to various collections that the regular test/unit assertions + # can be used against. These collections are: + # + # * assigns: Instance variables assigned in the action that are available for the view. + # * session: Objects being saved in the session. + # * flash: The flash objects currently in the session. + # * cookies: Cookies being sent to the user on this request. + # + # These collections can be used just like any other hash: + # + # assert_not_nil assigns(:person) # makes sure that a @person instance variable was set + # assert_equal "Dave", cookies[:name] # makes sure that a cookie called :name was set as "Dave" + # assert flash.empty? # makes sure that there's nothing in the flash + # + # For historic reasons, the assigns hash uses string-based keys. So assigns[:person] won't work, but assigns["person"] will. To + # appease our yearning for symbols, though, an alternative accessor has been devised using a method call instead of index referencing. + # So assigns(:person) will work just like assigns["person"], but again, assigns[:person] will not work. + # + # On top of the collections, you have the complete url that a given action redirected to available in redirect_to_url. + # + # For redirects within the same controller, you can even call follow_redirect and the redirect will be followed, triggering another + # action call which can then be asserted against. + # + # == Manipulating the request collections + # + # The collections described above link to the response, so you can test if what the actions were expected to do happened. But + # sometimes you also want to manipulate these collections in the incoming request. This is really only relevant for sessions + # and cookies, though. For sessions, you just do: + # + # @request.session[:key] = "value" + # @request.cookies["key"] = "value" + # + # == Testing named routes + # + # If you're using named routes, they can be easily tested using the original named routes' methods straight in the test case. + # Example: + # + # assert_redirected_to page_url(:title => 'foo') + class TestCase < ActiveSupport::TestCase + include TestProcess + + module Assertions + %w(response selector tag dom routing model).each do |kind| + include ActionController::Assertions.const_get("#{kind.camelize}Assertions") + end + + def clean_backtrace(&block) + yield + rescue ActiveSupport::TestCase::Assertion => error + framework_path = Regexp.new(File.expand_path("#{File.dirname(__FILE__)}/assertions")) + error.backtrace.reject! { |line| File.expand_path(line) =~ framework_path } + raise + end + end + include Assertions + + # When the request.remote_addr remains the default for testing, which is 0.0.0.0, the exception is simply raised inline + # (bystepping the regular exception handling from rescue_action). If the request.remote_addr is anything else, the regular + # rescue_action process takes place. This means you can test your rescue_action code by setting remote_addr to something else + # than 0.0.0.0. + # + # The exception is stored in the exception accessor for further inspection. + module RaiseActionExceptions + protected + attr_accessor :exception + + def rescue_action_without_handler(e) + self.exception = e + + if request.remote_addr == "0.0.0.0" + raise(e) + else + super(e) + end + end + end + + setup :setup_controller_request_and_response + + @@controller_class = nil + + class << self + # Sets the controller class name. Useful if the name can't be inferred from test class. + # Expects +controller_class+ as a constant. Example: tests WidgetController. + def tests(controller_class) + self.controller_class = controller_class + end + + def controller_class=(new_class) + prepare_controller_class(new_class) if new_class + write_inheritable_attribute(:controller_class, new_class) + end + + def controller_class + if current_controller_class = read_inheritable_attribute(:controller_class) + current_controller_class + else + self.controller_class = determine_default_controller_class(name) + end + end + + def determine_default_controller_class(name) + name.sub(/Test$/, '').constantize + rescue NameError + nil + end + + def prepare_controller_class(new_class) + new_class.send :include, RaiseActionExceptions + end + end + + def setup_controller_request_and_response + @request = TestRequest.new + @response = TestResponse.new + + if klass = self.class.controller_class + @controller ||= klass.new rescue nil + end + + if @controller + @controller.request = @request + @controller.params = {} + @controller.send(:initialize_current_url) + end + end + + # Cause the action to be rescued according to the regular rules for rescue_action when the visitor is not local + def rescue_action_in_public! + @request.remote_addr = '208.77.188.166' # example.com + end + end +end diff --git a/actionpack/lib/action_controller/uploaded_file.rb b/actionpack/lib/action_controller/uploaded_file.rb deleted file mode 100644 index 376ba3621a..0000000000 --- a/actionpack/lib/action_controller/uploaded_file.rb +++ /dev/null @@ -1,44 +0,0 @@ -module ActionController - module UploadedFile - def self.included(base) - base.class_eval do - attr_accessor :original_path, :content_type - alias_method :local_path, :path - end - end - - def self.extended(object) - object.class_eval do - attr_accessor :original_path, :content_type - alias_method :local_path, :path - end - end - - # Take the basename of the upload's original filename. - # This handles the full Windows paths given by Internet Explorer - # (and perhaps other broken user agents) without affecting - # those which give the lone filename. - # The Windows regexp is adapted from Perl's File::Basename. - def original_filename - unless defined? @original_filename - @original_filename = - unless original_path.blank? - if original_path =~ /^(?:.*[:\\\/])?(.*)/m - $1 - else - File.basename original_path - end - end - end - @original_filename - end - end - - class UploadedStringIO < StringIO - include UploadedFile - end - - class UploadedTempfile < Tempfile - include UploadedFile - end -end diff --git a/actionpack/lib/action_controller/url_encoded_pair_parser.rb b/actionpack/lib/action_controller/url_encoded_pair_parser.rb deleted file mode 100644 index 57594c4259..0000000000 --- a/actionpack/lib/action_controller/url_encoded_pair_parser.rb +++ /dev/null @@ -1,155 +0,0 @@ -module ActionController - class UrlEncodedPairParser < StringScanner #:nodoc: - class << self - def parse_query_parameters(query_string) - return {} if query_string.blank? - - pairs = query_string.split('&').collect do |chunk| - next if chunk.empty? - key, value = chunk.split('=', 2) - next if key.empty? - value = value.nil? ? nil : CGI.unescape(value) - [ CGI.unescape(key), value ] - end.compact - - new(pairs).result - end - - def parse_hash_parameters(params) - parser = new - - params = params.dup - until params.empty? - for key, value in params - if key.blank? - params.delete(key) - elsif value.is_a?(Array) - parser.parse(key, get_typed_value(value.shift)) - params.delete(key) if value.empty? - else - parser.parse(key, get_typed_value(value)) - params.delete(key) - end - end - end - - parser.result - end - - private - def get_typed_value(value) - case value - when String - value - when NilClass - '' - when Array - value.map { |v| get_typed_value(v) } - when Hash - if value.has_key?(:tempfile) && value[:filename].any? - upload = value[:tempfile] - upload.extend(UploadedFile) - upload.original_path = value[:filename] - upload.content_type = value[:type] - upload - else - nil - end - else - raise "Unknown form value: #{value.inspect}" - end - end - end - - attr_reader :top, :parent, :result - - def initialize(pairs = []) - super('') - @result = {} - pairs.each { |key, value| parse(key, value) } - end - - KEY_REGEXP = %r{([^\[\]=&]+)} - BRACKETED_KEY_REGEXP = %r{\[([^\[\]=&]+)\]} - - # Parse the query string - def parse(key, value) - self.string = key - @top, @parent = result, nil - - # First scan the bare key - key = scan(KEY_REGEXP) or return - key = post_key_check(key) - - # Then scan as many nestings as present - until eos? - r = scan(BRACKETED_KEY_REGEXP) or return - key = self[1] - key = post_key_check(key) - end - - bind(key, value) - end - - private - # After we see a key, we must look ahead to determine our next action. Cases: - # - # [] follows the key. Then the value must be an array. - # = follows the key. (A value comes next) - # & or the end of string follows the key. Then the key is a flag. - # otherwise, a hash follows the key. - def post_key_check(key) - if scan(/\[\]/) # a[b][] indicates that b is an array - container(key, Array) - nil - elsif check(/\[[^\]]/) # a[b] indicates that a is a hash - container(key, Hash) - nil - else # End of key? We do nothing. - key - end - end - - # Add a container to the stack. - def container(key, klass) - type_conflict! klass, top[key] if top.is_a?(Hash) && top.key?(key) && ! top[key].is_a?(klass) - value = bind(key, klass.new) - type_conflict! klass, value unless value.is_a?(klass) - push(value) - end - - # Push a value onto the 'stack', which is actually only the top 2 items. - def push(value) - @parent, @top = @top, value - end - - # Bind a key (which may be nil for items in an array) to the provided value. - def bind(key, value) - if top.is_a? Array - if key - if top[-1].is_a?(Hash) && ! top[-1].key?(key) - top[-1][key] = value - else - top << {key => value}.with_indifferent_access - end - push top.last - return top[key] - else - top << value - return value - end - elsif top.is_a? Hash - key = CGI.unescape(key) - parent << (@top = {}) if top.key?(key) && parent.is_a?(Array) - top[key] ||= value - return top[key] - else - raise ArgumentError, "Don't know what to do: top is #{top.inspect}" - end - end - - def type_conflict!(klass, value) - raise TypeError, "Conflicting types for parameter containers. Expected an instance of #{klass} but found an instance of #{value.class}. This can be caused by colliding Array and Hash parameters like qs[]=value&qs[key]=value. (The parameters received were #{value.inspect}.)" - end - end -end diff --git a/actionpack/lib/action_controller/url_rewriter.rb b/actionpack/lib/action_controller/url_rewriter.rb deleted file mode 100644 index d86e2db67d..0000000000 --- a/actionpack/lib/action_controller/url_rewriter.rb +++ /dev/null @@ -1,219 +0,0 @@ -module ActionController - # In routes.rb one defines URL-to-controller mappings, but the reverse - # is also possible: an URL can be generated from one of your routing definitions. - # URL generation functionality is centralized in this module. - # - # See ActionController::Routing and ActionController::Resources for general - # information about routing and routes.rb. - # - # Tip: If you need to generate URLs from your models or some other place, - # then ActionController::UrlWriter is what you're looking for. Read on for - # an introduction. - # - # == URL generation from parameters - # - # As you may know, some functions - such as ActionController::Base#url_for - # and ActionView::Helpers::UrlHelper#link_to, can generate URLs given a set - # of parameters. For example, you've probably had the chance to write code - # like this in one of your views: - # - # <%= link_to('Click here', :controller => 'users', - # :action => 'new', :message => 'Welcome!') %> - # - # #=> Generates a link to: /users/new?message=Welcome%21 - # - # link_to, and all other functions that require URL generation functionality, - # actually use ActionController::UrlWriter under the hood. And in particular, - # they use the ActionController::UrlWriter#url_for method. One can generate - # the same path as the above example by using the following code: - # - # include UrlWriter - # url_for(:controller => 'users', - # :action => 'new', - # :message => 'Welcome!', - # :only_path => true) - # # => "/users/new?message=Welcome%21" - # - # Notice the :only_path => true part. This is because UrlWriter has no - # information about the website hostname that your Rails app is serving. So if you - # want to include the hostname as well, then you must also pass the :host - # argument: - # - # include UrlWriter - # url_for(:controller => 'users', - # :action => 'new', - # :message => 'Welcome!', - # :host => 'www.example.com') # Changed this. - # # => "http://www.example.com/users/new?message=Welcome%21" - # - # By default, all controllers and views have access to a special version of url_for, - # that already knows what the current hostname is. So if you use url_for in your - # controllers or your views, then you don't need to explicitly pass the :host - # argument. - # - # For convenience reasons, mailers provide a shortcut for ActionController::UrlWriter#url_for. - # So within mailers, you only have to type 'url_for' instead of 'ActionController::UrlWriter#url_for' - # in full. However, mailers don't have hostname information, and what's why you'll still - # have to specify the :host argument when generating URLs in mailers. - # - # - # == URL generation for named routes - # - # UrlWriter also allows one to access methods that have been auto-generated from - # named routes. For example, suppose that you have a 'users' resource in your - # routes.rb: - # - # map.resources :users - # - # This generates, among other things, the method users_path. By default, - # this method is accessible from your controllers, views and mailers. If you need - # to access this auto-generated method from other places (such as a model), then - # you can do that in two ways. - # - # The first way is to include ActionController::UrlWriter in your class: - # - # class User < ActiveRecord::Base - # include ActionController::UrlWriter # !!! - # - # def name=(value) - # write_attribute('name', value) - # write_attribute('base_uri', users_path) # !!! - # end - # end - # - # The second way is to access them through ActionController::UrlWriter. - # The autogenerated named routes methods are available as class methods: - # - # class User < ActiveRecord::Base - # def name=(value) - # write_attribute('name', value) - # path = ActionController::UrlWriter.users_path # !!! - # write_attribute('base_uri', path) # !!! - # end - # end - module UrlWriter - # The default options for urls written by this writer. Typically a :host - # pair is provided. - mattr_accessor :default_url_options - self.default_url_options = {} - - def self.included(base) #:nodoc: - ActionController::Routing::Routes.install_helpers(base) - base.mattr_accessor :default_url_options - base.default_url_options ||= default_url_options - end - - # Generate a url based on the options provided, default_url_options and the - # routes defined in routes.rb. The following options are supported: - # - # * :only_path - If true, the relative url is returned. Defaults to +false+. - # * :protocol - The protocol to connect to. Defaults to 'http'. - # * :host - Specifies the host the link should be targetted at. - # If :only_path is false, this option must be - # provided either explicitly, or via +default_url_options+. - # * :port - Optionally specify the port to connect to. - # * :anchor - An anchor name to be appended to the path. - # * :skip_relative_url_root - If true, the url is not constructed using the - # +relative_url_root+ set in ActionController::Base.relative_url_root. - # * :trailing_slash - If true, adds a trailing slash, as in "/archive/2009/" - # - # Any other key (:controller, :action, etc.) given to - # +url_for+ is forwarded to the Routes module. - # - # Examples: - # - # url_for :controller => 'tasks', :action => 'testing', :host=>'somehost.org', :port=>'8080' # => 'http://somehost.org:8080/tasks/testing' - # url_for :controller => 'tasks', :action => 'testing', :host=>'somehost.org', :anchor => 'ok', :only_path => true # => '/tasks/testing#ok' - # url_for :controller => 'tasks', :action => 'testing', :trailing_slash=>true # => 'http://somehost.org/tasks/testing/' - # url_for :controller => 'tasks', :action => 'testing', :host=>'somehost.org', :number => '33' # => 'http://somehost.org/tasks/testing?number=33' - def url_for(options) - options = self.class.default_url_options.merge(options) - - url = '' - - unless options.delete(:only_path) - url << (options.delete(:protocol) || 'http') - url << '://' unless url.match("://") - - raise "Missing host to link to! Please provide :host parameter or set default_url_options[:host]" unless options[:host] - - url << options.delete(:host) - url << ":#{options.delete(:port)}" if options.key?(:port) - else - # Delete the unused options to prevent their appearance in the query string. - [:protocol, :host, :port, :skip_relative_url_root].each { |k| options.delete(k) } - end - trailing_slash = options.delete(:trailing_slash) if options.key?(:trailing_slash) - url << ActionController::Base.relative_url_root.to_s unless options[:skip_relative_url_root] - anchor = "##{CGI.escape options.delete(:anchor).to_param.to_s}" if options[:anchor] - generated = Routing::Routes.generate(options, {}) - url << (trailing_slash ? generated.sub(/\?|\z/) { "/" + $& } : generated) - url << anchor if anchor - - url - end - end - - # Rewrites URLs for Base.redirect_to and Base.url_for in the controller. - class UrlRewriter #:nodoc: - RESERVED_OPTIONS = [:anchor, :params, :only_path, :host, :protocol, :port, :trailing_slash, :skip_relative_url_root] - def initialize(request, parameters) - @request, @parameters = request, parameters - end - - def rewrite(options = {}) - rewrite_url(options) - end - - def to_str - "#{@request.protocol}, #{@request.host_with_port}, #{@request.path}, #{@parameters[:controller]}, #{@parameters[:action]}, #{@request.parameters.inspect}" - end - - alias_method :to_s, :to_str - - private - # Given a path and options, returns a rewritten URL string - def rewrite_url(options) - rewritten_url = "" - - unless options[:only_path] - rewritten_url << (options[:protocol] || @request.protocol) - rewritten_url << "://" unless rewritten_url.match("://") - rewritten_url << rewrite_authentication(options) - rewritten_url << (options[:host] || @request.host_with_port) - rewritten_url << ":#{options.delete(:port)}" if options.key?(:port) - end - - path = rewrite_path(options) - rewritten_url << ActionController::Base.relative_url_root.to_s unless options[:skip_relative_url_root] - rewritten_url << (options[:trailing_slash] ? path.sub(/\?|\z/) { "/" + $& } : path) - rewritten_url << "##{options[:anchor]}" if options[:anchor] - - rewritten_url - end - - # Given a Hash of options, generates a route - def rewrite_path(options) - options = options.symbolize_keys - options.update(options[:params].symbolize_keys) if options[:params] - - if (overwrite = options.delete(:overwrite_params)) - options.update(@parameters.symbolize_keys) - options.update(overwrite.symbolize_keys) - end - - RESERVED_OPTIONS.each { |k| options.delete(k) } - - # Generates the query string, too - Routing::Routes.generate(options, @request.symbolized_path_parameters) - end - - def rewrite_authentication(options) - if options[:user] && options[:password] - "#{CGI.escape(options.delete(:user))}:#{CGI.escape(options.delete(:password))}@" - else - "" - end - end - end -end diff --git a/actionpack/lib/action_controller/verification.rb b/actionpack/lib/action_controller/verification.rb deleted file mode 100644 index 7bf09ba6ea..0000000000 --- a/actionpack/lib/action_controller/verification.rb +++ /dev/null @@ -1,130 +0,0 @@ -module ActionController #:nodoc: - module Verification #:nodoc: - def self.included(base) #:nodoc: - base.extend(ClassMethods) - end - - # This module provides a class-level method for specifying that certain - # actions are guarded against being called without certain prerequisites - # being met. This is essentially a special kind of before_filter. - # - # An action may be guarded against being invoked without certain request - # parameters being set, or without certain session values existing. - # - # When a verification is violated, values may be inserted into the flash, and - # a specified redirection is triggered. If no specific action is configured, - # verification failures will by default result in a 400 Bad Request response. - # - # Usage: - # - # class GlobalController < ActionController::Base - # # Prevent the #update_settings action from being invoked unless - # # the 'admin_privileges' request parameter exists. The - # # settings action will be redirected to in current controller - # # if verification fails. - # verify :params => "admin_privileges", :only => :update_post, - # :redirect_to => { :action => "settings" } - # - # # Disallow a post from being updated if there was no information - # # submitted with the post, and if there is no active post in the - # # session, and if there is no "note" key in the flash. The route - # # named category_url will be redirected to if verification fails. - # - # verify :params => "post", :session => "post", "flash" => "note", - # :only => :update_post, - # :add_flash => { "alert" => "Failed to create your message" }, - # :redirect_to => :category_url - # - # Note that these prerequisites are not business rules. They do not examine - # the content of the session or the parameters. That level of validation should - # be encapsulated by your domain model or helper methods in the controller. - module ClassMethods - # Verify the given actions so that if certain prerequisites are not met, - # the user is redirected to a different action. The +options+ parameter - # is a hash consisting of the following key/value pairs: - # - # :params:: - # a single key or an array of keys that must be in the params - # hash in order for the action(s) to be safely called. - # :session:: - # a single key or an array of keys that must be in the session - # in order for the action(s) to be safely called. - # :flash:: - # a single key or an array of keys that must be in the flash in order - # for the action(s) to be safely called. - # :method:: - # a single key or an array of keys--any one of which must match the - # current request method in order for the action(s) to be safely called. - # (The key should be a symbol: :get or :post, for - # example.) - # :xhr:: - # true/false option to ensure that the request is coming from an Ajax - # call or not. - # :add_flash:: - # a hash of name/value pairs that should be merged into the session's - # flash if the prerequisites cannot be satisfied. - # :add_headers:: - # a hash of name/value pairs that should be merged into the response's - # headers hash if the prerequisites cannot be satisfied. - # :redirect_to:: - # the redirection parameters to be used when redirecting if the - # prerequisites cannot be satisfied. You can redirect either to named - # route or to the action in some controller. - # :render:: - # the render parameters to be used when the prerequisites cannot be satisfied. - # :only:: - # only apply this verification to the actions specified in the associated - # array (may also be a single value). - # :except:: - # do not apply this verification to the actions specified in the associated - # array (may also be a single value). - def verify(options={}) - before_filter :only => options[:only], :except => options[:except] do |c| - c.__send__ :verify_action, options - end - end - end - - private - - def verify_action(options) #:nodoc: - if prereqs_invalid?(options) - flash.update(options[:add_flash]) if options[:add_flash] - response.headers.update(options[:add_headers]) if options[:add_headers] - apply_remaining_actions(options) unless performed? - end - end - - def prereqs_invalid?(options) # :nodoc: - verify_presence_of_keys_in_hash_flash_or_params(options) || - verify_method(options) || - verify_request_xhr_status(options) - end - - def verify_presence_of_keys_in_hash_flash_or_params(options) # :nodoc: - [*options[:params] ].find { |v| params[v].nil? } || - [*options[:session]].find { |v| session[v].nil? } || - [*options[:flash] ].find { |v| flash[v].nil? } - end - - def verify_method(options) # :nodoc: - [*options[:method]].all? { |v| request.method != v.to_sym } if options[:method] - end - - def verify_request_xhr_status(options) # :nodoc: - request.xhr? != options[:xhr] unless options[:xhr].nil? - end - - def apply_redirect_to(redirect_to_option) # :nodoc: - (redirect_to_option.is_a?(Symbol) && redirect_to_option != :back) ? self.__send__(redirect_to_option) : redirect_to_option - end - - def apply_remaining_actions(options) # :nodoc: - case - when options[:render] ; render(options[:render]) - when options[:redirect_to] ; redirect_to(apply_redirect_to(options[:redirect_to])) - else head(:bad_request) - end - end - end -end \ No newline at end of file diff --git a/actionpack/lib/action_view/render/partials.rb b/actionpack/lib/action_view/render/partials.rb index aa4c4af213..e337dcb63b 100644 --- a/actionpack/lib/action_view/render/partials.rb +++ b/actionpack/lib/action_view/render/partials.rb @@ -243,6 +243,34 @@ module ActionView end end + def _render_partial_with_block(layout, block, options) + @_proc_for_layout = block + concat(_render_partial(options.merge(:partial => layout))) + ensure + @_proc_for_layout = nil + end + + def _render_partial_with_layout(layout, options) + if layout + prefix = controller && !layout.include?("/") ? controller.controller_path : nil + layout = find_by_parts(layout, formats, prefix, true) + end + content = _render_partial(options) + return _render_content_with_layout(content, layout, options[:locals]) + end + + def _deprecated_ivar_assign(template) + if respond_to?(:controller) + ivar = :"@#{template.variable_name}" + object = + if controller.instance_variable_defined?(ivar) + ActiveSupport::Deprecation::DeprecatedObjectProxy.new( + controller.instance_variable_get(ivar), + "#{ivar} will no longer be implicitly assigned to #{template.variable_name}") + end + end + end + def _array_like_objects array_like = [Array] if defined?(ActiveRecord) diff --git a/actionpack/test/abstract_unit.rb b/actionpack/test/abstract_unit.rb index 30e2d863d0..67c51f01bd 100644 --- a/actionpack/test/abstract_unit.rb +++ b/actionpack/test/abstract_unit.rb @@ -20,8 +20,7 @@ rescue LoadError end require 'action_controller' -require 'action_controller/cgi_ext' -require 'action_controller/test_process' +require 'action_controller/testing/process' require 'action_view/test_case' # Show backtraces for deprecated behavior for quicker cleanup. diff --git a/actionpack/test/controller/send_file_test.rb b/actionpack/test/controller/send_file_test.rb index 5fc79baa44..b703f340a0 100644 --- a/actionpack/test/controller/send_file_test.rb +++ b/actionpack/test/controller/send_file_test.rb @@ -155,7 +155,7 @@ class SendFileTest < ActionController::TestCase define_method "test_default_send_#{method}_status" do @controller.options = { :stream => false } assert_nothing_raised { assert_not_nil process(method) } - assert_equal ActionController::Base::DEFAULT_RENDER_STATUS_CODE, @response.status + assert_equal ActionController::DEFAULT_RENDER_STATUS_CODE, @response.status end end end diff --git a/actionpack/test/controller/test_test.rb b/actionpack/test/controller/test_test.rb index ee7b8ade8c..5708a1768f 100644 --- a/actionpack/test/controller/test_test.rb +++ b/actionpack/test/controller/test_test.rb @@ -612,7 +612,7 @@ class CleanBacktraceTest < ActionController::TestCase end def test_should_clean_assertion_lines_from_backtrace - path = File.expand_path("#{File.dirname(__FILE__)}/../../lib/action_controller") + path = File.expand_path("#{File.dirname(__FILE__)}/../../lib/action_controller/testing") exception = ActiveSupport::TestCase::Assertion.new('message') exception.set_backtrace ["#{path}/abc", "#{path}/assertions/def"] clean_backtrace { raise exception } diff --git a/activesupport/lib/active_support/memoizable.rb b/activesupport/lib/active_support/memoizable.rb index 4ffb5d9520..8e9abeaf91 100644 --- a/activesupport/lib/active_support/memoizable.rb +++ b/activesupport/lib/active_support/memoizable.rb @@ -1,4 +1,42 @@ module ActiveSupport + class ConcurrentHash + def initialize(hash = {}) + @backup_cache = hash.dup + @frozen_cache = hash.dup.freeze + @mutex = Mutex.new + end + + def []=(k,v) + @mutex.synchronize { @backup_cache[k] = v } + @frozen_cache = @backup_cache.dup.freeze + end + + def [](k) + if @frozen_cache.key?(k) + @frozen_cache[k] + else + @mutex.synchronize { @backup_cache[k] } + end + end + + def empty? + @backup_cache.empty? + end + end + + module SafelyMemoizable + def safely_memoize(*symbols) + symbols.each do |symbol| + class_eval <<-RUBY, __FILE__, __LINE__ + 1 + def #{symbol}(*args) + memoized = @_memoized_#{symbol} || ::ActiveSupport::ConcurrentHash.new + memoized[args] ||= memoized_#{symbol}(*args) + end + RUBY + end + end + end + module Memoizable def self.memoized_ivar_for(symbol) "@_memoized_#{symbol.to_s.sub(/\?\Z/, '_query').sub(/!\Z/, '_bang')}".to_sym diff --git a/railties/lib/dispatcher.rb b/railties/lib/dispatcher.rb index 9f8b59aa3d..7f9a6221d9 100644 --- a/railties/lib/dispatcher.rb +++ b/railties/lib/dispatcher.rb @@ -20,5 +20,5 @@ # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. #++ -require 'action_controller/dispatcher' +require 'action_controller/dispatch/dispatcher' Dispatcher = ActionController::Dispatcher -- cgit v1.2.3 From 319ae4628f4e0058de3e40e4ca7791b17e45e70c Mon Sep 17 00:00:00 2001 From: Joshua Peek Date: Tue, 27 Jan 2009 18:54:01 -0600 Subject: Move HTTP libs and middleware into ActionDispatch component --- actionpack/lib/action_controller.rb | 32 +- actionpack/lib/action_controller/base/base.rb | 6 +- actionpack/lib/action_controller/base/headers.rb | 33 -- .../lib/action_controller/dispatch/dispatcher.rb | 4 +- .../lib/action_controller/dispatch/middlewares.rb | 21 + .../action_controller/dispatch/params_parser.rb | 71 --- .../action_controller/dispatch/rack/failsafe.rb | 52 --- .../lib/action_controller/dispatch/rack/lock.rb | 16 - .../dispatch/rack/middleware_stack.rb | 109 ----- .../action_controller/dispatch/rack/middlewares.rb | 21 - .../lib/action_controller/dispatch/request.rb | 492 --------------------- .../action_controller/dispatch/request_parser.rb | 315 ------------- .../lib/action_controller/dispatch/rescue.rb | 4 +- .../lib/action_controller/dispatch/response.rb | 255 ----------- .../action_controller/dispatch/rewindable_input.rb | 28 -- .../lib/action_controller/dispatch/status_codes.rb | 88 ---- .../action_controller/dispatch/uploaded_file.rb | 44 -- .../dispatch/url_encoded_pair_parser.rb | 155 ------- .../lib/action_controller/mime/default_types.rb | 21 - actionpack/lib/action_controller/mime/type.rb | 214 --------- actionpack/lib/action_controller/rack_ext.rb | 3 - actionpack/lib/action_controller/rack_ext/lock.rb | 21 - .../lib/action_controller/rack_ext/multipart.rb | 22 - .../lib/action_controller/rack_ext/parse_query.rb | 18 - .../lib/action_controller/routing/route_set.rb | 2 +- .../action_controller/session/abstract_store.rb | 166 ------- .../lib/action_controller/session/cookie_store.rb | 222 ---------- .../lib/action_controller/session/management.rb | 2 +- .../action_controller/session/mem_cache_store.rb | 51 --- .../testing/assertions/response.rb | 4 +- .../lib/action_controller/testing/integration.rb | 6 +- .../lib/action_controller/testing/process.rb | 4 +- actionpack/lib/action_dispatch.rb | 64 +++ actionpack/lib/action_dispatch/http/headers.rb | 33 ++ actionpack/lib/action_dispatch/http/mime_type.rb | 214 +++++++++ actionpack/lib/action_dispatch/http/mime_types.rb | 21 + actionpack/lib/action_dispatch/http/request.rb | 492 +++++++++++++++++++++ actionpack/lib/action_dispatch/http/response.rb | 255 +++++++++++ .../lib/action_dispatch/http/status_codes.rb | 88 ++++ .../lib/action_dispatch/middleware/failsafe.rb | 52 +++ .../action_dispatch/middleware/params_parser.rb | 71 +++ .../action_dispatch/middleware/rewindable_input.rb | 28 ++ .../middleware/session/abstract_store.rb | 166 +++++++ .../middleware/session/cookie_store.rb | 222 ++++++++++ .../middleware/session/mem_cache_store.rb | 51 +++ actionpack/lib/action_dispatch/rack.rb | 3 + actionpack/lib/action_dispatch/rack/lock.rb | 21 + actionpack/lib/action_dispatch/rack/multipart.rb | 22 + actionpack/lib/action_dispatch/rack/parse_query.rb | 18 + .../lib/action_dispatch/utils/middleware_stack.rb | 109 +++++ .../lib/action_dispatch/utils/uploaded_file.rb | 44 ++ .../utils/url_encoded_pair_parser.rb | 155 +++++++ actionpack/test/controller/dispatcher_test.rb | 2 +- actionpack/test/controller/header_test.rb | 2 +- .../test/controller/middleware_stack_test.rb | 2 +- actionpack/test/controller/rack_test.rb | 10 +- actionpack/test/controller/render_test.rb | 4 +- .../request/multipart_params_parsing_test.rb | 2 +- .../request/url_encoded_params_parsing_test.rb | 2 +- actionpack/test/controller/rescue_test.rb | 2 +- .../test/controller/session/cookie_store_test.rb | 18 +- .../controller/session/mem_cache_store_test.rb | 2 +- activerecord/lib/active_record/session_store.rb | 2 +- 63 files changed, 2193 insertions(+), 2486 deletions(-) delete mode 100644 actionpack/lib/action_controller/base/headers.rb create mode 100644 actionpack/lib/action_controller/dispatch/middlewares.rb delete mode 100644 actionpack/lib/action_controller/dispatch/params_parser.rb delete mode 100644 actionpack/lib/action_controller/dispatch/rack/failsafe.rb delete mode 100644 actionpack/lib/action_controller/dispatch/rack/lock.rb delete mode 100644 actionpack/lib/action_controller/dispatch/rack/middleware_stack.rb delete mode 100644 actionpack/lib/action_controller/dispatch/rack/middlewares.rb delete mode 100755 actionpack/lib/action_controller/dispatch/request.rb delete mode 100644 actionpack/lib/action_controller/dispatch/request_parser.rb delete mode 100644 actionpack/lib/action_controller/dispatch/response.rb delete mode 100644 actionpack/lib/action_controller/dispatch/rewindable_input.rb delete mode 100644 actionpack/lib/action_controller/dispatch/status_codes.rb delete mode 100644 actionpack/lib/action_controller/dispatch/uploaded_file.rb delete mode 100644 actionpack/lib/action_controller/dispatch/url_encoded_pair_parser.rb delete mode 100644 actionpack/lib/action_controller/mime/default_types.rb delete mode 100644 actionpack/lib/action_controller/mime/type.rb delete mode 100644 actionpack/lib/action_controller/rack_ext.rb delete mode 100644 actionpack/lib/action_controller/rack_ext/lock.rb delete mode 100644 actionpack/lib/action_controller/rack_ext/multipart.rb delete mode 100644 actionpack/lib/action_controller/rack_ext/parse_query.rb delete mode 100644 actionpack/lib/action_controller/session/abstract_store.rb delete mode 100644 actionpack/lib/action_controller/session/cookie_store.rb delete mode 100644 actionpack/lib/action_controller/session/mem_cache_store.rb create mode 100644 actionpack/lib/action_dispatch.rb create mode 100644 actionpack/lib/action_dispatch/http/headers.rb create mode 100644 actionpack/lib/action_dispatch/http/mime_type.rb create mode 100644 actionpack/lib/action_dispatch/http/mime_types.rb create mode 100755 actionpack/lib/action_dispatch/http/request.rb create mode 100644 actionpack/lib/action_dispatch/http/response.rb create mode 100644 actionpack/lib/action_dispatch/http/status_codes.rb create mode 100644 actionpack/lib/action_dispatch/middleware/failsafe.rb create mode 100644 actionpack/lib/action_dispatch/middleware/params_parser.rb create mode 100644 actionpack/lib/action_dispatch/middleware/rewindable_input.rb create mode 100644 actionpack/lib/action_dispatch/middleware/session/abstract_store.rb create mode 100644 actionpack/lib/action_dispatch/middleware/session/cookie_store.rb create mode 100644 actionpack/lib/action_dispatch/middleware/session/mem_cache_store.rb create mode 100644 actionpack/lib/action_dispatch/rack.rb create mode 100644 actionpack/lib/action_dispatch/rack/lock.rb create mode 100644 actionpack/lib/action_dispatch/rack/multipart.rb create mode 100644 actionpack/lib/action_dispatch/rack/parse_query.rb create mode 100644 actionpack/lib/action_dispatch/utils/middleware_stack.rb create mode 100644 actionpack/lib/action_dispatch/utils/uploaded_file.rb create mode 100644 actionpack/lib/action_dispatch/utils/url_encoded_pair_parser.rb diff --git a/actionpack/lib/action_controller.rb b/actionpack/lib/action_controller.rb index d973cbb382..eb596ba40e 100644 --- a/actionpack/lib/action_controller.rb +++ b/actionpack/lib/action_controller.rb @@ -31,17 +31,14 @@ rescue LoadError end end -gem 'rack', '>= 0.9.0' -require 'rack' -require 'action_controller/rack_ext' - require File.join(File.dirname(__FILE__), "action_pack") module ActionController # TODO: Review explicit to see if they will automatically be handled by # the initilizer if they are really needed. def self.load_all! - [Base, CGIHandler, CgiRequest, Request, Response, Http::Headers, UrlRewriter, UrlWriter] + [Base, Request, Response, UrlRewriter, UrlWriter] + [ActionDispatch::Http::Headers] end autoload :Base, 'action_controller/base/base' @@ -49,7 +46,6 @@ module ActionController autoload :Caching, 'action_controller/caching' autoload :Cookies, 'action_controller/base/cookies' autoload :Dispatcher, 'action_controller/dispatch/dispatcher' - autoload :Failsafe, 'action_controller/dispatch/rack/failsafe' autoload :Filters, 'action_controller/base/chained/filters' autoload :Flash, 'action_controller/base/chained/flash' autoload :Helpers, 'action_controller/base/helpers' @@ -57,32 +53,21 @@ module ActionController autoload :Integration, 'action_controller/testing/integration' autoload :IntegrationTest, 'action_controller/testing/integration' autoload :Layout, 'action_controller/base/layout' - autoload :Lock, 'action_controller/dispatch/rack/lock' - autoload :MiddlewareStack, 'action_controller/dispatch/rack/middleware_stack' autoload :MimeResponds, 'action_controller/mime/responds' - autoload :ParamsParser, 'action_controller/dispatch/params_parser' autoload :PolymorphicRoutes, 'action_controller/routing/generation/polymorphic_routes' autoload :RecordIdentifier, 'action_controller/record_identifier' autoload :Redirector, 'action_controller/base/redirect' autoload :Renderer, 'action_controller/base/render' - autoload :Request, 'action_controller/dispatch/request' autoload :RequestForgeryProtection, 'action_controller/base/request_forgery_protection' - autoload :RequestParser, 'action_controller/dispatch/request_parser' autoload :Rescue, 'action_controller/dispatch/rescue' autoload :Resources, 'action_controller/routing/resources' autoload :Responder, 'action_controller/base/responder' - autoload :Response, 'action_controller/dispatch/response' - autoload :RewindableInput, 'action_controller/dispatch/rewindable_input' autoload :Routing, 'action_controller/routing' autoload :SessionManagement, 'action_controller/session/management' - autoload :StatusCodes, 'action_controller/dispatch/status_codes' autoload :Streaming, 'action_controller/base/streaming' autoload :TestCase, 'action_controller/testing/test_case' autoload :TestProcess, 'action_controller/testing/process' autoload :Translation, 'action_controller/translation' - autoload :UploadedFile, 'action_controller/dispatch/uploaded_file' - autoload :UploadedStringIO, 'action_controller/dispatch/uploaded_file' - autoload :UploadedTempfile, 'action_controller/dispatch/uploaded_file' autoload :UrlEncodedPairParser, 'action_controller/dispatch/url_encoded_pair_parser' autoload :UrlRewriter, 'action_controller/routing/generation/url_rewriter' autoload :UrlWriter, 'action_controller/routing/generation/url_rewriter' @@ -96,20 +81,9 @@ module ActionController autoload :SelectorAssertions, 'action_controller/testing/assertions/selector' autoload :TagAssertions, 'action_controller/testing/assertions/tag' end - - module Http - autoload :Headers, 'action_controller/base/headers' - end - - module Session - autoload :AbstractStore, 'action_controller/session/abstract_store' - autoload :CookieStore, 'action_controller/session/cookie_store' - autoload :MemCacheStore, 'action_controller/session/mem_cache_store' - end end -autoload :Mime, 'action_controller/mime/type' - autoload :HTML, 'action_controller/vendor/html-scanner' +require 'action_dispatch' require 'action_view' diff --git a/actionpack/lib/action_controller/base/base.rb b/actionpack/lib/action_controller/base/base.rb index 84371643d7..c9c23008cd 100644 --- a/actionpack/lib/action_controller/base/base.rb +++ b/actionpack/lib/action_controller/base/base.rb @@ -232,7 +232,7 @@ module ActionController #:nodoc: # class Base - include StatusCodes + include ActionDispatch::StatusCodes cattr_reader :protected_instance_variables # Controller specific instance variables which will not be accessible inside views. @@ -367,8 +367,8 @@ module ActionController #:nodoc: class << self def call(env) # HACK: For global rescue to have access to the original request and response - request = env["action_controller.rescue.request"] ||= Request.new(env) - response = env["action_controller.rescue.response"] ||= Response.new + request = env["action_controller.rescue.request"] ||= ActionDispatch::Request.new(env) + response = env["action_controller.rescue.response"] ||= ActionDispatch::Response.new process(request, response) end diff --git a/actionpack/lib/action_controller/base/headers.rb b/actionpack/lib/action_controller/base/headers.rb deleted file mode 100644 index 139669c66f..0000000000 --- a/actionpack/lib/action_controller/base/headers.rb +++ /dev/null @@ -1,33 +0,0 @@ -require 'active_support/memoizable' - -module ActionController - module Http - class Headers < ::Hash - extend ActiveSupport::Memoizable - - def initialize(*args) - if args.size == 1 && args[0].is_a?(Hash) - super() - update(args[0]) - else - super - end - end - - def [](header_name) - if include?(header_name) - super - else - super(env_name(header_name)) - end - end - - private - # Converts a HTTP header name to an environment variable name. - def env_name(header_name) - "HTTP_#{header_name.upcase.gsub(/-/, '_')}" - end - memoize :env_name - end - end -end diff --git a/actionpack/lib/action_controller/dispatch/dispatcher.rb b/actionpack/lib/action_controller/dispatch/dispatcher.rb index 714e270781..e205245f13 100644 --- a/actionpack/lib/action_controller/dispatch/dispatcher.rb +++ b/actionpack/lib/action_controller/dispatch/dispatcher.rb @@ -45,8 +45,8 @@ module ActionController end cattr_accessor :middleware - self.middleware = MiddlewareStack.new do |middleware| - middlewares = File.join(File.dirname(__FILE__), "rack", "middlewares.rb") + self.middleware = ActionDispatch::MiddlewareStack.new do |middleware| + middlewares = File.join(File.dirname(__FILE__), "middlewares.rb") middleware.instance_eval(File.read(middlewares)) end diff --git a/actionpack/lib/action_controller/dispatch/middlewares.rb b/actionpack/lib/action_controller/dispatch/middlewares.rb new file mode 100644 index 0000000000..3bf3dbebab --- /dev/null +++ b/actionpack/lib/action_controller/dispatch/middlewares.rb @@ -0,0 +1,21 @@ +use "Rack::Lock", :if => lambda { + !ActionController::Base.allow_concurrency +} + +use "ActionDispatch::Failsafe" + +["ActionDispatch::Session::CookieStore", + "ActionDispatch::Session::MemCacheStore", + "ActiveRecord::SessionStore"].each do |store| + use(store, ActionController::Base.session_options, + :if => lambda { + if session_store = ActionController::Base.session_store + session_store.name == store + end + } + ) +end + +use "ActionDispatch::RewindableInput" +use "ActionDispatch::ParamsParser" +use "Rack::MethodOverride" diff --git a/actionpack/lib/action_controller/dispatch/params_parser.rb b/actionpack/lib/action_controller/dispatch/params_parser.rb deleted file mode 100644 index d269fe07fa..0000000000 --- a/actionpack/lib/action_controller/dispatch/params_parser.rb +++ /dev/null @@ -1,71 +0,0 @@ -module ActionController - class ParamsParser - ActionController::Base.param_parsers[Mime::XML] = :xml_simple - ActionController::Base.param_parsers[Mime::JSON] = :json - - def initialize(app) - @app = app - end - - def call(env) - if params = parse_formatted_parameters(env) - env["action_controller.request.request_parameters"] = params - end - - @app.call(env) - end - - private - def parse_formatted_parameters(env) - request = Request.new(env) - - return false if request.content_length.zero? - - mime_type = content_type_from_legacy_post_data_format_header(env) || request.content_type - strategy = ActionController::Base.param_parsers[mime_type] - - return false unless strategy - - case strategy - when Proc - strategy.call(request.raw_post) - when :xml_simple, :xml_node - body = request.raw_post - body.blank? ? {} : Hash.from_xml(body).with_indifferent_access - when :yaml - YAML.load(request.raw_post) - when :json - body = request.raw_post - if body.blank? - {} - else - data = ActiveSupport::JSON.decode(body) - data = {:_json => data} unless data.is_a?(Hash) - data.with_indifferent_access - end - else - false - end - rescue Exception => e # YAML, XML or Ruby code block errors - raise - { "body" => request.raw_post, - "content_type" => request.content_type, - "content_length" => request.content_length, - "exception" => "#{e.message} (#{e.class})", - "backtrace" => e.backtrace } - end - - def content_type_from_legacy_post_data_format_header(env) - if x_post_format = env['HTTP_X_POST_DATA_FORMAT'] - case x_post_format.to_s.downcase - when 'yaml' - return Mime::YAML - when 'xml' - return Mime::XML - end - end - - nil - end - end -end diff --git a/actionpack/lib/action_controller/dispatch/rack/failsafe.rb b/actionpack/lib/action_controller/dispatch/rack/failsafe.rb deleted file mode 100644 index 567581142c..0000000000 --- a/actionpack/lib/action_controller/dispatch/rack/failsafe.rb +++ /dev/null @@ -1,52 +0,0 @@ -module ActionController - class Failsafe - cattr_accessor :error_file_path - self.error_file_path = Rails.public_path if defined?(Rails.public_path) - - def initialize(app) - @app = app - end - - def call(env) - @app.call(env) - rescue Exception => exception - # Reraise exception in test environment - if env["rack.test"] - raise exception - else - failsafe_response(exception) - end - end - - private - def failsafe_response(exception) - log_failsafe_exception(exception) - [500, {'Content-Type' => 'text/html'}, failsafe_response_body] - rescue Exception => failsafe_error # Logger or IO errors - $stderr.puts "Error during failsafe response: #{failsafe_error}" - end - - def failsafe_response_body - error_path = "#{self.class.error_file_path}/500.html" - if File.exist?(error_path) - File.read(error_path) - else - "

500 Internal Server Error

" - end - end - - def log_failsafe_exception(exception) - message = "/!\\ FAILSAFE /!\\ #{Time.now}\n Status: 500 Internal Server Error\n" - message << " #{exception}\n #{exception.backtrace.join("\n ")}" if exception - failsafe_logger.fatal(message) - end - - def failsafe_logger - if defined?(Rails) && Rails.logger - Rails.logger - else - Logger.new($stderr) - end - end - end -end diff --git a/actionpack/lib/action_controller/dispatch/rack/lock.rb b/actionpack/lib/action_controller/dispatch/rack/lock.rb deleted file mode 100644 index c50762216e..0000000000 --- a/actionpack/lib/action_controller/dispatch/rack/lock.rb +++ /dev/null @@ -1,16 +0,0 @@ -module ActionController - class Lock - FLAG = 'rack.multithread'.freeze - - def initialize(app, lock = Mutex.new) - @app, @lock = app, lock - end - - def call(env) - old, env[FLAG] = env[FLAG], false - @lock.synchronize { @app.call(env) } - ensure - env[FLAG] = old - end - end -end diff --git a/actionpack/lib/action_controller/dispatch/rack/middleware_stack.rb b/actionpack/lib/action_controller/dispatch/rack/middleware_stack.rb deleted file mode 100644 index dbc2fda41e..0000000000 --- a/actionpack/lib/action_controller/dispatch/rack/middleware_stack.rb +++ /dev/null @@ -1,109 +0,0 @@ -module ActionController - class MiddlewareStack < Array - class Middleware - def self.new(klass, *args, &block) - if klass.is_a?(self) - klass - else - super - end - end - - attr_reader :args, :block - - def initialize(klass, *args, &block) - @klass = klass - - options = args.extract_options! - if options.has_key?(:if) - @conditional = options.delete(:if) - else - @conditional = true - end - args << options unless options.empty? - - @args = args - @block = block - end - - def klass - if @klass.is_a?(Class) - @klass - else - @klass.to_s.constantize - end - rescue NameError - @klass - end - - def active? - if @conditional.respond_to?(:call) - @conditional.call - else - @conditional - end - end - - def ==(middleware) - case middleware - when Middleware - klass == middleware.klass - when Class - klass == middleware - else - klass == middleware.to_s.constantize - end - end - - def inspect - str = klass.to_s - args.each { |arg| str += ", #{arg.inspect}" } - str - end - - def build(app) - if block - klass.new(app, *args, &block) - else - klass.new(app, *args) - end - end - end - - def initialize(*args, &block) - super(*args) - block.call(self) if block_given? - end - - def insert(index, *args, &block) - index = self.index(index) unless index.is_a?(Integer) - middleware = Middleware.new(*args, &block) - super(index, middleware) - end - - alias_method :insert_before, :insert - - def insert_after(index, *args, &block) - index = self.index(index) unless index.is_a?(Integer) - insert(index + 1, *args, &block) - end - - def swap(target, *args, &block) - insert_before(target, *args, &block) - delete(target) - end - - def use(*args, &block) - middleware = Middleware.new(*args, &block) - push(middleware) - end - - def active - find_all { |middleware| middleware.active? } - end - - def build(app) - active.reverse.inject(app) { |a, e| e.build(a) } - end - end -end diff --git a/actionpack/lib/action_controller/dispatch/rack/middlewares.rb b/actionpack/lib/action_controller/dispatch/rack/middlewares.rb deleted file mode 100644 index f9cfc2b18e..0000000000 --- a/actionpack/lib/action_controller/dispatch/rack/middlewares.rb +++ /dev/null @@ -1,21 +0,0 @@ -use "Rack::Lock", :if => lambda { - !ActionController::Base.allow_concurrency -} - -use "ActionController::Failsafe" - -["ActionController::Session::CookieStore", - "ActionController::Session::MemCacheStore", - "ActiveRecord::SessionStore"].each do |store| - use(store, ActionController::Base.session_options, - :if => lambda { - if session_store = ActionController::Base.session_store - session_store.name == store - end - } - ) -end - -use "ActionController::RewindableInput" -use "ActionController::ParamsParser" -use "Rack::MethodOverride" diff --git a/actionpack/lib/action_controller/dispatch/request.rb b/actionpack/lib/action_controller/dispatch/request.rb deleted file mode 100755 index f8c77241b9..0000000000 --- a/actionpack/lib/action_controller/dispatch/request.rb +++ /dev/null @@ -1,492 +0,0 @@ -require 'tempfile' -require 'stringio' -require 'strscan' - -require 'active_support/memoizable' -require 'action_controller/cgi_ext' - -module ActionController - class Request < Rack::Request - extend ActiveSupport::Memoizable - - %w[ AUTH_TYPE GATEWAY_INTERFACE - PATH_TRANSLATED REMOTE_HOST - REMOTE_IDENT REMOTE_USER REMOTE_ADDR - SERVER_NAME SERVER_PROTOCOL - - HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING - HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM - HTTP_NEGOTIATE HTTP_PRAGMA HTTP_REFERER HTTP_USER_AGENT ].each do |env| - define_method(env.sub(/^HTTP_/n, '').downcase) do - @env[env] - end - end - - def key?(key) - @env.key?(key) - end - - HTTP_METHODS = %w(get head put post delete options) - HTTP_METHOD_LOOKUP = HTTP_METHODS.inject({}) { |h, m| h[m] = h[m.upcase] = m.to_sym; h } - - # Returns the true HTTP request \method as a lowercase symbol, such as - # :get. If the request \method is not listed in the HTTP_METHODS - # constant above, an UnknownHttpMethod exception is raised. - def request_method - HTTP_METHOD_LOOKUP[super] || raise(UnknownHttpMethod, "#{super}, accepted HTTP methods are #{HTTP_METHODS.to_sentence}") - end - memoize :request_method - - # Returns the HTTP request \method used for action processing as a - # lowercase symbol, such as :post. (Unlike #request_method, this - # method returns :get for a HEAD request because the two are - # functionally equivalent from the application's perspective.) - def method - request_method == :head ? :get : request_method - end - - # Is this a GET (or HEAD) request? Equivalent to request.method == :get. - def get? - method == :get - end - - # Is this a POST request? Equivalent to request.method == :post. - def post? - request_method == :post - end - - # Is this a PUT request? Equivalent to request.method == :put. - def put? - request_method == :put - end - - # Is this a DELETE request? Equivalent to request.method == :delete. - def delete? - request_method == :delete - end - - # Is this a HEAD request? Since request.method sees HEAD as :get, - # this \method checks the actual HTTP \method directly. - def head? - request_method == :head - end - - # Provides access to the request's HTTP headers, for example: - # - # request.headers["Content-Type"] # => "text/plain" - def headers - ActionController::Http::Headers.new(@env) - end - memoize :headers - - # Returns the content length of the request as an integer. - def content_length - super.to_i - end - - # The MIME type of the HTTP request, such as Mime::XML. - # - # For backward compatibility, the post \format is extracted from the - # X-Post-Data-Format HTTP header if present. - def content_type - if @env['CONTENT_TYPE'] =~ /^([^,\;]*)/ - Mime::Type.lookup($1.strip.downcase) - else - nil - end - end - memoize :content_type - - # Returns the accepted MIME type for the request. - def accepts - header = @env['HTTP_ACCEPT'].to_s.strip - - fallback = xhr? ? Mime::JS : Mime::HTML - - if header.empty? - [content_type, fallback, Mime::ALL].compact - else - ret = Mime::Type.parse(header) - if ret.last == Mime::ALL - ret.insert(-2, fallback) - end - ret - end - end - memoize :accepts - - def if_modified_since - if since = env['HTTP_IF_MODIFIED_SINCE'] - Time.rfc2822(since) rescue nil - end - end - memoize :if_modified_since - - def if_none_match - env['HTTP_IF_NONE_MATCH'] - end - - def not_modified?(modified_at) - if_modified_since && modified_at && if_modified_since >= modified_at - end - - def etag_matches?(etag) - if_none_match && if_none_match == etag - end - - # Check response freshness (Last-Modified and ETag) against request - # If-Modified-Since and If-None-Match conditions. If both headers are - # supplied, both must match, or the request is not considered fresh. - def fresh?(response) - case - when if_modified_since && if_none_match - not_modified?(response.last_modified) && etag_matches?(response.etag) - when if_modified_since - not_modified?(response.last_modified) - when if_none_match - etag_matches?(response.etag) - else - false - end - end - - ONLY_ALL = [Mime::ALL].freeze - - # Returns the Mime type for the \format used in the request. - # - # GET /posts/5.xml | request.format => Mime::XML - # GET /posts/5.xhtml | request.format => Mime::HTML - # GET /posts/5 | request.format => Mime::HTML or MIME::JS, or request.accepts.first depending on the value of ActionController::Base.use_accept_header - - def format(view_path = []) - @format ||= - if parameters[:format] - Mime[parameters[:format]] - elsif Base.use_accept_header && !(accepts == ONLY_ALL) - accepts.first - elsif xhr? then Mime::JS - else Mime::HTML - end - end - - def formats - @formats = - if Base.use_accept_header - ret = Array(Mime[parameters[:format]] || accepts) - else - [format] - end - end - - # Sets the \format by string extension, which can be used to force custom formats - # that are not controlled by the extension. - # - # class ApplicationController < ActionController::Base - # before_filter :adjust_format_for_iphone - # - # private - # def adjust_format_for_iphone - # request.format = :iphone if request.env["HTTP_USER_AGENT"][/iPhone/] - # end - # end - def format=(extension) - parameters[:format] = extension.to_s - @format = Mime::Type.lookup_by_extension(parameters[:format]) - end - - # Returns a symbolized version of the :format parameter of the request. - # If no \format is given it returns :jsfor Ajax requests and :html - # otherwise. - def template_format - parameter_format = parameters[:format] - - if parameter_format - parameter_format - elsif xhr? - :js - else - :html - end - end - - def cache_format - parameters[:format] - end - - # Returns true if the request's "X-Requested-With" header contains - # "XMLHttpRequest". (The Prototype Javascript library sends this header with - # every Ajax request.) - def xml_http_request? - !(@env['HTTP_X_REQUESTED_WITH'] !~ /XMLHttpRequest/i) - end - alias xhr? :xml_http_request? - - # Which IP addresses are "trusted proxies" that can be stripped from - # the right-hand-side of X-Forwarded-For - TRUSTED_PROXIES = /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\./i - - # Determines originating IP address. REMOTE_ADDR is the standard - # but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or - # HTTP_X_FORWARDED_FOR are set by proxies so check for these if - # REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma- - # delimited list in the case of multiple chained proxies; the last - # address which is not trusted is the originating IP. - def remote_ip - remote_addr_list = @env['REMOTE_ADDR'] && @env['REMOTE_ADDR'].scan(/[^,\s]+/) - - unless remote_addr_list.blank? - not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES} - return not_trusted_addrs.first unless not_trusted_addrs.empty? - end - remote_ips = @env['HTTP_X_FORWARDED_FOR'] && @env['HTTP_X_FORWARDED_FOR'].split(',') - - if @env.include? 'HTTP_CLIENT_IP' - if ActionController::Base.ip_spoofing_check && remote_ips && !remote_ips.include?(@env['HTTP_CLIENT_IP']) - # We don't know which came from the proxy, and which from the user - raise ActionControllerError.new(< 1 && TRUSTED_PROXIES =~ remote_ips.last.strip - remote_ips.pop - end - - return remote_ips.last.strip - end - - @env['REMOTE_ADDR'] - end - memoize :remote_ip - - # Returns the lowercase name of the HTTP server software. - def server_software - (@env['SERVER_SOFTWARE'] && /^([a-zA-Z]+)/ =~ @env['SERVER_SOFTWARE']) ? $1.downcase : nil - end - memoize :server_software - - # Returns the complete URL used for this request. - def url - protocol + host_with_port + request_uri - end - memoize :url - - # Returns 'https://' if this is an SSL request and 'http://' otherwise. - def protocol - ssl? ? 'https://' : 'http://' - end - memoize :protocol - - # Is this an SSL request? - def ssl? - @env['HTTPS'] == 'on' || @env['HTTP_X_FORWARDED_PROTO'] == 'https' - end - - # Returns the \host for this request, such as "example.com". - def raw_host_with_port - if forwarded = env["HTTP_X_FORWARDED_HOST"] - forwarded.split(/,\s?/).last - else - env['HTTP_HOST'] || "#{env['SERVER_NAME'] || env['SERVER_ADDR']}:#{env['SERVER_PORT']}" - end - end - - # Returns the host for this request, such as example.com. - def host - raw_host_with_port.sub(/:\d+$/, '') - end - memoize :host - - # Returns a \host:\port string for this request, such as "example.com" or - # "example.com:8080". - def host_with_port - "#{host}#{port_string}" - end - memoize :host_with_port - - # Returns the port number of this request as an integer. - def port - if raw_host_with_port =~ /:(\d+)$/ - $1.to_i - else - standard_port - end - end - memoize :port - - # Returns the standard \port number for this request's protocol. - def standard_port - case protocol - when 'https://' then 443 - else 80 - end - end - - # Returns a \port suffix like ":8080" if the \port number of this request - # is not the default HTTP \port 80 or HTTPS \port 443. - def port_string - port == standard_port ? '' : ":#{port}" - end - - # Returns the \domain part of a \host, such as "rubyonrails.org" in "www.rubyonrails.org". You can specify - # a different tld_length, such as 2 to catch rubyonrails.co.uk in "www.rubyonrails.co.uk". - def domain(tld_length = 1) - return nil unless named_host?(host) - - host.split('.').last(1 + tld_length).join('.') - end - - # Returns all the \subdomains as an array, so ["dev", "www"] would be - # returned for "dev.www.rubyonrails.org". You can specify a different tld_length, - # such as 2 to catch ["www"] instead of ["www", "rubyonrails"] - # in "www.rubyonrails.co.uk". - def subdomains(tld_length = 1) - return [] unless named_host?(host) - parts = host.split('.') - parts[0..-(tld_length+2)] - end - - # Returns the query string, accounting for server idiosyncrasies. - def query_string - @env['QUERY_STRING'].present? ? @env['QUERY_STRING'] : (@env['REQUEST_URI'].split('?', 2)[1] || '') - end - memoize :query_string - - # Returns the request URI, accounting for server idiosyncrasies. - # WEBrick includes the full URL. IIS leaves REQUEST_URI blank. - def request_uri - if uri = @env['REQUEST_URI'] - # Remove domain, which webrick puts into the request_uri. - (%r{^\w+\://[^/]+(/.*|$)$} =~ uri) ? $1 : uri - else - # Construct IIS missing REQUEST_URI from SCRIPT_NAME and PATH_INFO. - uri = @env['PATH_INFO'].to_s - - if script_filename = @env['SCRIPT_NAME'].to_s.match(%r{[^/]+$}) - uri = uri.sub(/#{script_filename}\//, '') - end - - env_qs = @env['QUERY_STRING'].to_s - uri += "?#{env_qs}" unless env_qs.empty? - - if uri.blank? - @env.delete('REQUEST_URI') - else - @env['REQUEST_URI'] = uri - end - end - end - memoize :request_uri - - # Returns the interpreted \path to requested resource after all the installation - # directory of this application was taken into account. - def path - path = request_uri.to_s[/\A[^\?]*/] - path.sub!(/\A#{ActionController::Base.relative_url_root}/, '') - path - end - memoize :path - - # Read the request \body. This is useful for web services that need to - # work with raw requests directly. - def raw_post - unless @env.include? 'RAW_POST_DATA' - @env['RAW_POST_DATA'] = body.read(@env['CONTENT_LENGTH'].to_i) - body.rewind if body.respond_to?(:rewind) - end - @env['RAW_POST_DATA'] - end - - # Returns both GET and POST \parameters in a single hash. - def parameters - @parameters ||= request_parameters.merge(query_parameters).update(path_parameters).with_indifferent_access - end - alias_method :params, :parameters - - def path_parameters=(parameters) #:nodoc: - @env["rack.routing_args"] = parameters - @symbolized_path_parameters = @parameters = nil - end - - # The same as path_parameters with explicitly symbolized keys. - def symbolized_path_parameters - @symbolized_path_parameters ||= path_parameters.symbolize_keys - end - - # Returns a hash with the \parameters used to form the \path of the request. - # Returned hash keys are strings: - # - # {'action' => 'my_action', 'controller' => 'my_controller'} - # - # See symbolized_path_parameters for symbolized keys. - def path_parameters - @env["rack.routing_args"] ||= {} - end - - # The request body is an IO input stream. If the RAW_POST_DATA environment - # variable is already set, wrap it in a StringIO. - def body - if raw_post = @env['RAW_POST_DATA'] - raw_post.force_encoding(Encoding::BINARY) if raw_post.respond_to?(:force_encoding) - StringIO.new(raw_post) - else - @env['rack.input'] - end - end - - def form_data? - FORM_DATA_MEDIA_TYPES.include?(content_type.to_s) - end - - # Override Rack's GET method to support nested query strings - def GET - @env["action_controller.request.query_parameters"] ||= UrlEncodedPairParser.parse_query_parameters(query_string) - end - alias_method :query_parameters, :GET - - # Override Rack's POST method to support nested query strings - def POST - @env["action_controller.request.request_parameters"] ||= UrlEncodedPairParser.parse_hash_parameters(super) - end - alias_method :request_parameters, :POST - - def body_stream #:nodoc: - @env['rack.input'] - end - - def session - @env['rack.session'] ||= {} - end - - def session=(session) #:nodoc: - @env['rack.session'] = session - end - - def reset_session - @env['rack.session'] = {} - end - - def session_options - @env['rack.session.options'] ||= {} - end - - def session_options=(options) - @env['rack.session.options'] = options - end - - def server_port - @env['SERVER_PORT'].to_i - end - - private - def named_host?(host) - !(host.nil? || /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.match(host)) - end - end -end diff --git a/actionpack/lib/action_controller/dispatch/request_parser.rb b/actionpack/lib/action_controller/dispatch/request_parser.rb deleted file mode 100644 index d1739ef4d0..0000000000 --- a/actionpack/lib/action_controller/dispatch/request_parser.rb +++ /dev/null @@ -1,315 +0,0 @@ -module ActionController - class RequestParser - def initialize(env) - @env = env - freeze - end - - def request_parameters - @env["action_controller.request_parser.request_parameters"] ||= parse_formatted_request_parameters - end - - def query_parameters - @env["action_controller.request_parser.query_parameters"] ||= self.class.parse_query_parameters(query_string) - end - - # Returns the query string, accounting for server idiosyncrasies. - def query_string - @env['QUERY_STRING'].present? ? @env['QUERY_STRING'] : (@env['REQUEST_URI'].split('?', 2)[1] || '') - end - - # The request body is an IO input stream. If the RAW_POST_DATA environment - # variable is already set, wrap it in a StringIO. - def body - if raw_post = @env['RAW_POST_DATA'] - raw_post.force_encoding(Encoding::BINARY) if raw_post.respond_to?(:force_encoding) - StringIO.new(raw_post) - else - @env['rack.input'] - end - end - - # The raw content type string with its parameters stripped off. - def content_type_without_parameters - self.class.extract_content_type_without_parameters(content_type_with_parameters) - end - - def raw_post - unless @env.include? 'RAW_POST_DATA' - @env['RAW_POST_DATA'] = body.read(content_length) - body.rewind if body.respond_to?(:rewind) - end - @env['RAW_POST_DATA'] - end - - private - - def parse_formatted_request_parameters - return {} if content_length.zero? - - content_type, boundary = self.class.extract_multipart_boundary(content_type_with_parameters) - - # Don't parse params for unknown requests. - return {} if content_type.blank? - - mime_type = Mime::Type.lookup(content_type) - strategy = ActionController::Base.param_parsers[mime_type] - - # Only multipart form parsing expects a stream. - body = (strategy && strategy != :multipart_form) ? raw_post : self.body - - case strategy - when Proc - strategy.call(body) - when :url_encoded_form - self.class.clean_up_ajax_request_body! body - self.class.parse_query_parameters(body) - when :multipart_form - self.class.parse_multipart_form_parameters(body, boundary, content_length, @env) - when :xml_simple, :xml_node - body.blank? ? {} : Hash.from_xml(body).with_indifferent_access - when :yaml - YAML.load(body) - when :json - if body.blank? - {} - else - data = ActiveSupport::JSON.decode(body) - data = {:_json => data} unless data.is_a?(Hash) - data.with_indifferent_access - end - else - {} - end - rescue Exception => e # YAML, XML or Ruby code block errors - raise - { "body" => body, - "content_type" => content_type_with_parameters, - "content_length" => content_length, - "exception" => "#{e.message} (#{e.class})", - "backtrace" => e.backtrace } - end - - def content_length - @env['CONTENT_LENGTH'].to_i - end - - # The raw content type string. Use when you need parameters such as - # charset or boundary which aren't included in the content_type MIME type. - # Overridden by the X-POST_DATA_FORMAT header for backward compatibility. - def content_type_with_parameters - content_type_from_legacy_post_data_format_header || @env['CONTENT_TYPE'].to_s - end - - def content_type_from_legacy_post_data_format_header - if x_post_format = @env['HTTP_X_POST_DATA_FORMAT'] - case x_post_format.to_s.downcase - when 'yaml'; 'application/x-yaml' - when 'xml'; 'application/xml' - end - end - end - - class << self - def parse_query_parameters(query_string) - return {} if query_string.blank? - - pairs = query_string.split('&').collect do |chunk| - next if chunk.empty? - key, value = chunk.split('=', 2) - next if key.empty? - value = value.nil? ? nil : CGI.unescape(value) - [ CGI.unescape(key), value ] - end.compact - - UrlEncodedPairParser.new(pairs).result - end - - def parse_request_parameters(params) - parser = UrlEncodedPairParser.new - - params = params.dup - until params.empty? - for key, value in params - if key.blank? - params.delete key - elsif !key.include?('[') - # much faster to test for the most common case first (GET) - # and avoid the call to build_deep_hash - parser.result[key] = get_typed_value(value[0]) - params.delete key - elsif value.is_a?(Array) - parser.parse(key, get_typed_value(value.shift)) - params.delete key if value.empty? - else - raise TypeError, "Expected array, found #{value.inspect}" - end - end - end - - parser.result - end - - def parse_multipart_form_parameters(body, boundary, body_size, env) - parse_request_parameters(read_multipart(body, boundary, body_size, env)) - end - - def extract_multipart_boundary(content_type_with_parameters) - if content_type_with_parameters =~ MULTIPART_BOUNDARY - ['multipart/form-data', $1.dup] - else - extract_content_type_without_parameters(content_type_with_parameters) - end - end - - def extract_content_type_without_parameters(content_type_with_parameters) - $1.strip.downcase if content_type_with_parameters =~ /^([^,\;]*)/ - end - - def clean_up_ajax_request_body!(body) - body.chop! if body[-1] == 0 - body.gsub!(/&_=$/, '') - end - - - private - def get_typed_value(value) - case value - when String - value - when NilClass - '' - when Array - value.map { |v| get_typed_value(v) } - else - if value.respond_to? :original_filename - # Uploaded file - if value.original_filename - value - # Multipart param - else - result = value.read - value.rewind - result - end - # Unknown value, neither string nor multipart. - else - raise "Unknown form value: #{value.inspect}" - end - end - end - - MULTIPART_BOUNDARY = %r|\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?|n - - EOL = "\015\012" - - def read_multipart(body, boundary, body_size, env) - params = Hash.new([]) - boundary = "--" + boundary - quoted_boundary = Regexp.quote(boundary) - buf = "" - bufsize = 10 * 1024 - boundary_end="" - - # start multipart/form-data - body.binmode if defined? body.binmode - case body - when File - body.set_encoding(Encoding::BINARY) if body.respond_to?(:set_encoding) - when StringIO - body.string.force_encoding(Encoding::BINARY) if body.string.respond_to?(:force_encoding) - end - boundary_size = boundary.size + EOL.size - body_size -= boundary_size - status = body.read(boundary_size) - if nil == status - raise EOFError, "no content body" - elsif boundary + EOL != status - raise EOFError, "bad content body" - end - - loop do - head = nil - content = - if 10240 < body_size - UploadedTempfile.new("CGI") - else - UploadedStringIO.new - end - content.binmode if defined? content.binmode - - until head and /#{quoted_boundary}(?:#{EOL}|--)/n.match(buf) - - if (not head) and /#{EOL}#{EOL}/n.match(buf) - buf = buf.sub(/\A((?:.|\n)*?#{EOL})#{EOL}/n) do - head = $1.dup - "" - end - next - end - - if head and ( (EOL + boundary + EOL).size < buf.size ) - content.print buf[0 ... (buf.size - (EOL + boundary + EOL).size)] - buf[0 ... (buf.size - (EOL + boundary + EOL).size)] = "" - end - - c = if bufsize < body_size - body.read(bufsize) - else - body.read(body_size) - end - if c.nil? || c.empty? - raise EOFError, "bad content body" - end - buf.concat(c) - body_size -= c.size - end - - buf = buf.sub(/\A((?:.|\n)*?)(?:[\r\n]{1,2})?#{quoted_boundary}([\r\n]{1,2}|--)/n) do - content.print $1 - if "--" == $2 - body_size = -1 - end - boundary_end = $2.dup - "" - end - - content.rewind - - head =~ /Content-Disposition:.* filename=(?:"((?:\\.|[^\"])*)"|([^;]*))/ni - if filename = $1 || $2 - if /Mac/ni.match(env['HTTP_USER_AGENT']) and - /Mozilla/ni.match(env['HTTP_USER_AGENT']) and - (not /MSIE/ni.match(env['HTTP_USER_AGENT'])) - filename = CGI.unescape(filename) - end - content.original_path = filename.dup - end - - head =~ /Content-Type: ([^\r]*)/ni - content.content_type = $1.dup if $1 - - head =~ /Content-Disposition:.* name="?([^\";]*)"?/ni - name = $1.dup if $1 - - if params.has_key?(name) - params[name].push(content) - else - params[name] = [content] - end - break if body_size == -1 - end - raise EOFError, "bad boundary end of body part" unless boundary_end=~/--/ - - begin - body.rewind if body.respond_to?(:rewind) - rescue Errno::ESPIPE - # Handles exceptions raised by input streams that cannot be rewound - # such as when using plain CGI under Apache - end - - params - end - end # class << self - end -end diff --git a/actionpack/lib/action_controller/dispatch/rescue.rb b/actionpack/lib/action_controller/dispatch/rescue.rb index 0293e62fc7..df0a976204 100644 --- a/actionpack/lib/action_controller/dispatch/rescue.rb +++ b/actionpack/lib/action_controller/dispatch/rescue.rb @@ -60,8 +60,8 @@ module ActionController #:nodoc: module ClassMethods def call_with_exception(env, exception) #:nodoc: - request = env["action_controller.rescue.request"] ||= ActionController::Request.new(env) - response = env["action_controller.rescue.response"] ||= ActionController::Response.new + request = env["action_controller.rescue.request"] ||= ActionDispatch::Request.new(env) + response = env["action_controller.rescue.response"] ||= ActionDispatch::Response.new new.process(request, response, :rescue_action, exception) end end diff --git a/actionpack/lib/action_controller/dispatch/response.rb b/actionpack/lib/action_controller/dispatch/response.rb deleted file mode 100644 index 27860a6207..0000000000 --- a/actionpack/lib/action_controller/dispatch/response.rb +++ /dev/null @@ -1,255 +0,0 @@ -require 'digest/md5' - -module ActionController # :nodoc: - # Represents an HTTP response generated by a controller action. One can use - # an ActionController::Response object to retrieve the current state - # of the response, or customize the response. An Response object can - # either represent a "real" HTTP response (i.e. one that is meant to be sent - # back to the web browser) or a test response (i.e. one that is generated - # from integration tests). See CgiResponse and TestResponse, respectively. - # - # Response is mostly a Ruby on Rails framework implement detail, and - # should never be used directly in controllers. Controllers should use the - # methods defined in ActionController::Base instead. For example, if you want - # to set the HTTP response's content MIME type, then use - # ActionControllerBase#headers instead of Response#headers. - # - # Nevertheless, integration tests may want to inspect controller responses in - # more detail, and that's when Response can be useful for application - # developers. Integration test methods such as - # ActionController::Integration::Session#get and - # ActionController::Integration::Session#post return objects of type - # TestResponse (which are of course also of type Response). - # - # For example, the following demo integration "test" prints the body of the - # controller response to the console: - # - # class DemoControllerTest < ActionController::IntegrationTest - # def test_print_root_path_to_console - # get('/') - # puts @response.body - # end - # end - class Response < Rack::Response - DEFAULT_HEADERS = { "Cache-Control" => "no-cache" } - attr_accessor :request - - attr_accessor :session, :assigns, :template, :layout - attr_accessor :redirected_to, :redirected_to_method_params - - delegate :default_charset, :to => 'ActionController::Base' - - def initialize - @status = 200 - @header = DEFAULT_HEADERS.dup - - @writer = lambda { |x| @body << x } - @block = nil - - @body = "", - @session, @assigns = [], [] - end - - def location; headers['Location'] end - def location=(url) headers['Location'] = url end - - - # Sets the HTTP response's content MIME type. For example, in the controller - # you could write this: - # - # response.content_type = "text/plain" - # - # If a character set has been defined for this response (see charset=) then - # the character set information will also be included in the content type - # information. - def content_type=(mime_type) - self.headers["Content-Type"] = - if mime_type =~ /charset/ || (c = charset).nil? - mime_type.to_s - else - "#{mime_type}; charset=#{c}" - end - end - - # Returns the response's content MIME type, or nil if content type has been set. - def content_type - content_type = String(headers["Content-Type"] || headers["type"]).split(";")[0] - content_type.blank? ? nil : content_type - end - - # Set the charset of the Content-Type header. Set to nil to remove it. - # If no content type is set, it defaults to HTML. - def charset=(charset) - headers["Content-Type"] = - if charset - "#{content_type || Mime::HTML}; charset=#{charset}" - else - content_type || Mime::HTML.to_s - end - end - - def charset - charset = String(headers["Content-Type"] || headers["type"]).split(";")[1] - charset.blank? ? nil : charset.strip.split("=")[1] - end - - def last_modified - if last = headers['Last-Modified'] - Time.httpdate(last) - end - end - - def last_modified? - headers.include?('Last-Modified') - end - - def last_modified=(utc_time) - headers['Last-Modified'] = utc_time.httpdate - end - - def etag - headers['ETag'] - end - - def etag? - headers.include?('ETag') - end - - def etag=(etag) - if etag.blank? - headers.delete('ETag') - else - headers['ETag'] = %("#{Digest::MD5.hexdigest(ActiveSupport::Cache.expand_cache_key(etag))}") - end - end - - def redirect(url, status) - self.status = status - self.location = url.gsub(/[\r\n]/, '') - self.body = "You are being redirected." - end - - def sending_file? - headers["Content-Transfer-Encoding"] == "binary" - end - - def assign_default_content_type_and_charset! - self.content_type ||= Mime::HTML - self.charset ||= default_charset unless sending_file? - end - - def prepare! - assign_default_content_type_and_charset! - handle_conditional_get! - set_content_length! - convert_content_type! - convert_language! - convert_expires! - convert_cookies! - end - - def each(&callback) - if @body.respond_to?(:call) - @writer = lambda { |x| callback.call(x) } - @body.call(self, self) - elsif @body.is_a?(String) - @body.each_line(&callback) - else - @body.each(&callback) - end - - @writer = callback - @block.call(self) if @block - end - - def write(str) - @writer.call str.to_s - str - end - - # Over Rack::Response#set_cookie to add HttpOnly option - def set_cookie(key, value) - case value - when Hash - domain = "; domain=" + value[:domain] if value[:domain] - path = "; path=" + value[:path] if value[:path] - # According to RFC 2109, we need dashes here. - # N.B.: cgi.rb uses spaces... - expires = "; expires=" + value[:expires].clone.gmtime. - strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires] - secure = "; secure" if value[:secure] - httponly = "; HttpOnly" if value[:http_only] - value = value[:value] - end - value = [value] unless Array === value - cookie = ::Rack::Utils.escape(key) + "=" + - value.map { |v| ::Rack::Utils.escape v }.join("&") + - "#{domain}#{path}#{expires}#{secure}#{httponly}" - - case self["Set-Cookie"] - when Array - self["Set-Cookie"] << cookie - when String - self["Set-Cookie"] = [self["Set-Cookie"], cookie] - when nil - self["Set-Cookie"] = cookie - end - end - - private - def handle_conditional_get! - if etag? || last_modified? - set_conditional_cache_control! - elsif nonempty_ok_response? - self.etag = body - - if request && request.etag_matches?(etag) - self.status = '304 Not Modified' - self.body = '' - end - - set_conditional_cache_control! - end - end - - def nonempty_ok_response? - ok = !status || status.to_s[0..2] == '200' - ok && body.is_a?(String) && !body.empty? - end - - def set_conditional_cache_control! - if headers['Cache-Control'] == DEFAULT_HEADERS['Cache-Control'] - headers['Cache-Control'] = 'private, max-age=0, must-revalidate' - end - end - - def convert_content_type! - headers['Content-Type'] ||= "text/html" - headers['Content-Type'] += "; charset=" + headers.delete('charset') if headers['charset'] - end - - # Don't set the Content-Length for block-based bodies as that would mean - # reading it all into memory. Not nice for, say, a 2GB streaming file. - def set_content_length! - if status && status.to_s[0..2] == '204' - headers.delete('Content-Length') - elsif length = headers['Content-Length'] - headers['Content-Length'] = length.to_s - elsif !body.respond_to?(:call) && (!status || status.to_s[0..2] != '304') - headers["Content-Length"] = body.size.to_s - end - end - - def convert_language! - headers["Content-Language"] = headers.delete("language") if headers["language"] - end - - def convert_expires! - headers["Expires"] = headers.delete("") if headers["expires"] - end - - def convert_cookies! - headers['Set-Cookie'] = Array(headers['Set-Cookie']).compact - end - end -end diff --git a/actionpack/lib/action_controller/dispatch/rewindable_input.rb b/actionpack/lib/action_controller/dispatch/rewindable_input.rb deleted file mode 100644 index 36f655c51e..0000000000 --- a/actionpack/lib/action_controller/dispatch/rewindable_input.rb +++ /dev/null @@ -1,28 +0,0 @@ -module ActionController - class RewindableInput - class RewindableIO < ActiveSupport::BasicObject - def initialize(io) - @io = io - @rewindable = io.is_a?(StringIO) - end - - def method_missing(method, *args, &block) - unless @rewindable - @io = StringIO.new(@io.read) - @rewindable = true - end - - @io.__send__(method, *args, &block) - end - end - - def initialize(app) - @app = app - end - - def call(env) - env['rack.input'] = RewindableIO.new(env['rack.input']) - @app.call(env) - end - end -end diff --git a/actionpack/lib/action_controller/dispatch/status_codes.rb b/actionpack/lib/action_controller/dispatch/status_codes.rb deleted file mode 100644 index 4977c79491..0000000000 --- a/actionpack/lib/action_controller/dispatch/status_codes.rb +++ /dev/null @@ -1,88 +0,0 @@ -module ActionController - module StatusCodes #:nodoc: - # Defines the standard HTTP status codes, by integer, with their - # corresponding default message texts. - # Source: http://www.iana.org/assignments/http-status-codes - STATUS_CODES = { - 100 => "Continue", - 101 => "Switching Protocols", - 102 => "Processing", - - 200 => "OK", - 201 => "Created", - 202 => "Accepted", - 203 => "Non-Authoritative Information", - 204 => "No Content", - 205 => "Reset Content", - 206 => "Partial Content", - 207 => "Multi-Status", - 226 => "IM Used", - - 300 => "Multiple Choices", - 301 => "Moved Permanently", - 302 => "Found", - 303 => "See Other", - 304 => "Not Modified", - 305 => "Use Proxy", - 307 => "Temporary Redirect", - - 400 => "Bad Request", - 401 => "Unauthorized", - 402 => "Payment Required", - 403 => "Forbidden", - 404 => "Not Found", - 405 => "Method Not Allowed", - 406 => "Not Acceptable", - 407 => "Proxy Authentication Required", - 408 => "Request Timeout", - 409 => "Conflict", - 410 => "Gone", - 411 => "Length Required", - 412 => "Precondition Failed", - 413 => "Request Entity Too Large", - 414 => "Request-URI Too Long", - 415 => "Unsupported Media Type", - 416 => "Requested Range Not Satisfiable", - 417 => "Expectation Failed", - 422 => "Unprocessable Entity", - 423 => "Locked", - 424 => "Failed Dependency", - 426 => "Upgrade Required", - - 500 => "Internal Server Error", - 501 => "Not Implemented", - 502 => "Bad Gateway", - 503 => "Service Unavailable", - 504 => "Gateway Timeout", - 505 => "HTTP Version Not Supported", - 507 => "Insufficient Storage", - 510 => "Not Extended" - } - - # Provides a symbol-to-fixnum lookup for converting a symbol (like - # :created or :not_implemented) into its corresponding HTTP status - # code (like 200 or 501). - SYMBOL_TO_STATUS_CODE = STATUS_CODES.inject({}) do |hash, (code, message)| - hash[message.gsub(/ /, "").underscore.to_sym] = code - hash - end - - # Given a status parameter, determine whether it needs to be converted - # to a string. If it is a fixnum, use the STATUS_CODES hash to lookup - # the default message. If it is a symbol, use the SYMBOL_TO_STATUS_CODE - # hash to convert it. - def interpret_status(status) - case status - when Fixnum then - "#{status} #{STATUS_CODES[status]}".strip - when Symbol then - interpret_status(SYMBOL_TO_STATUS_CODE[status] || - "500 Unknown Status #{status.inspect}") - else - status.to_s - end - end - private :interpret_status - - end -end \ No newline at end of file diff --git a/actionpack/lib/action_controller/dispatch/uploaded_file.rb b/actionpack/lib/action_controller/dispatch/uploaded_file.rb deleted file mode 100644 index 376ba3621a..0000000000 --- a/actionpack/lib/action_controller/dispatch/uploaded_file.rb +++ /dev/null @@ -1,44 +0,0 @@ -module ActionController - module UploadedFile - def self.included(base) - base.class_eval do - attr_accessor :original_path, :content_type - alias_method :local_path, :path - end - end - - def self.extended(object) - object.class_eval do - attr_accessor :original_path, :content_type - alias_method :local_path, :path - end - end - - # Take the basename of the upload's original filename. - # This handles the full Windows paths given by Internet Explorer - # (and perhaps other broken user agents) without affecting - # those which give the lone filename. - # The Windows regexp is adapted from Perl's File::Basename. - def original_filename - unless defined? @original_filename - @original_filename = - unless original_path.blank? - if original_path =~ /^(?:.*[:\\\/])?(.*)/m - $1 - else - File.basename original_path - end - end - end - @original_filename - end - end - - class UploadedStringIO < StringIO - include UploadedFile - end - - class UploadedTempfile < Tempfile - include UploadedFile - end -end diff --git a/actionpack/lib/action_controller/dispatch/url_encoded_pair_parser.rb b/actionpack/lib/action_controller/dispatch/url_encoded_pair_parser.rb deleted file mode 100644 index 57594c4259..0000000000 --- a/actionpack/lib/action_controller/dispatch/url_encoded_pair_parser.rb +++ /dev/null @@ -1,155 +0,0 @@ -module ActionController - class UrlEncodedPairParser < StringScanner #:nodoc: - class << self - def parse_query_parameters(query_string) - return {} if query_string.blank? - - pairs = query_string.split('&').collect do |chunk| - next if chunk.empty? - key, value = chunk.split('=', 2) - next if key.empty? - value = value.nil? ? nil : CGI.unescape(value) - [ CGI.unescape(key), value ] - end.compact - - new(pairs).result - end - - def parse_hash_parameters(params) - parser = new - - params = params.dup - until params.empty? - for key, value in params - if key.blank? - params.delete(key) - elsif value.is_a?(Array) - parser.parse(key, get_typed_value(value.shift)) - params.delete(key) if value.empty? - else - parser.parse(key, get_typed_value(value)) - params.delete(key) - end - end - end - - parser.result - end - - private - def get_typed_value(value) - case value - when String - value - when NilClass - '' - when Array - value.map { |v| get_typed_value(v) } - when Hash - if value.has_key?(:tempfile) && value[:filename].any? - upload = value[:tempfile] - upload.extend(UploadedFile) - upload.original_path = value[:filename] - upload.content_type = value[:type] - upload - else - nil - end - else - raise "Unknown form value: #{value.inspect}" - end - end - end - - attr_reader :top, :parent, :result - - def initialize(pairs = []) - super('') - @result = {} - pairs.each { |key, value| parse(key, value) } - end - - KEY_REGEXP = %r{([^\[\]=&]+)} - BRACKETED_KEY_REGEXP = %r{\[([^\[\]=&]+)\]} - - # Parse the query string - def parse(key, value) - self.string = key - @top, @parent = result, nil - - # First scan the bare key - key = scan(KEY_REGEXP) or return - key = post_key_check(key) - - # Then scan as many nestings as present - until eos? - r = scan(BRACKETED_KEY_REGEXP) or return - key = self[1] - key = post_key_check(key) - end - - bind(key, value) - end - - private - # After we see a key, we must look ahead to determine our next action. Cases: - # - # [] follows the key. Then the value must be an array. - # = follows the key. (A value comes next) - # & or the end of string follows the key. Then the key is a flag. - # otherwise, a hash follows the key. - def post_key_check(key) - if scan(/\[\]/) # a[b][] indicates that b is an array - container(key, Array) - nil - elsif check(/\[[^\]]/) # a[b] indicates that a is a hash - container(key, Hash) - nil - else # End of key? We do nothing. - key - end - end - - # Add a container to the stack. - def container(key, klass) - type_conflict! klass, top[key] if top.is_a?(Hash) && top.key?(key) && ! top[key].is_a?(klass) - value = bind(key, klass.new) - type_conflict! klass, value unless value.is_a?(klass) - push(value) - end - - # Push a value onto the 'stack', which is actually only the top 2 items. - def push(value) - @parent, @top = @top, value - end - - # Bind a key (which may be nil for items in an array) to the provided value. - def bind(key, value) - if top.is_a? Array - if key - if top[-1].is_a?(Hash) && ! top[-1].key?(key) - top[-1][key] = value - else - top << {key => value}.with_indifferent_access - end - push top.last - return top[key] - else - top << value - return value - end - elsif top.is_a? Hash - key = CGI.unescape(key) - parent << (@top = {}) if top.key?(key) && parent.is_a?(Array) - top[key] ||= value - return top[key] - else - raise ArgumentError, "Don't know what to do: top is #{top.inspect}" - end - end - - def type_conflict!(klass, value) - raise TypeError, "Conflicting types for parameter containers. Expected an instance of #{klass} but found an instance of #{value.class}. This can be caused by colliding Array and Hash parameters like qs[]=value&qs[key]=value. (The parameters received were #{value.inspect}.)" - end - end -end diff --git a/actionpack/lib/action_controller/mime/default_types.rb b/actionpack/lib/action_controller/mime/default_types.rb deleted file mode 100644 index 2d7fba1173..0000000000 --- a/actionpack/lib/action_controller/mime/default_types.rb +++ /dev/null @@ -1,21 +0,0 @@ -# Build list of Mime types for HTTP responses -# http://www.iana.org/assignments/media-types/ - -Mime::Type.register "*/*", :all -Mime::Type.register "text/plain", :text, [], %w(txt) -Mime::Type.register "text/html", :html, %w( application/xhtml+xml ), %w( xhtml ) -Mime::Type.register "text/javascript", :js, %w( application/javascript application/x-javascript ) -Mime::Type.register "text/css", :css -Mime::Type.register "text/calendar", :ics -Mime::Type.register "text/csv", :csv -Mime::Type.register "application/xml", :xml, %w( text/xml application/x-xml ) -Mime::Type.register "application/rss+xml", :rss -Mime::Type.register "application/atom+xml", :atom -Mime::Type.register "application/x-yaml", :yaml, %w( text/yaml ) - -Mime::Type.register "multipart/form-data", :multipart_form -Mime::Type.register "application/x-www-form-urlencoded", :url_encoded_form - -# http://www.ietf.org/rfc/rfc4627.txt -# http://www.json.org/JSONRequest.html -Mime::Type.register "application/json", :json, %w( text/x-json application/jsonrequest ) \ No newline at end of file diff --git a/actionpack/lib/action_controller/mime/type.rb b/actionpack/lib/action_controller/mime/type.rb deleted file mode 100644 index 23a39dff54..0000000000 --- a/actionpack/lib/action_controller/mime/type.rb +++ /dev/null @@ -1,214 +0,0 @@ -require 'set' - -module Mime - SET = [] - EXTENSION_LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } - LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } - - def self.[](type) - Type.lookup_by_extension(type.to_s) - end - - # Encapsulates the notion of a mime type. Can be used at render time, for example, with: - # - # class PostsController < ActionController::Base - # def show - # @post = Post.find(params[:id]) - # - # respond_to do |format| - # format.html - # format.ics { render :text => post.to_ics, :mime_type => Mime::Type["text/calendar"] } - # format.xml { render :xml => @people.to_xml } - # end - # end - # end - class Type - @@html_types = Set.new [:html, :all] - cattr_reader :html_types - - # These are the content types which browsers can generate without using ajax, flash, etc - # i.e. following a link, getting an image or posting a form. CSRF protection - # only needs to protect against these types. - @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text] - cattr_reader :browser_generated_types - attr_reader :symbol - - @@unverifiable_types = Set.new [:text, :json, :csv, :xml, :rss, :atom, :yaml] - def self.unverifiable_types - ActiveSupport::Deprecation.warn("unverifiable_types is deprecated and has no effect", caller) - @@unverifiable_types - end - - # A simple helper class used in parsing the accept header - class AcceptItem #:nodoc: - attr_accessor :order, :name, :q - - def initialize(order, name, q=nil) - @order = order - @name = name.strip - q ||= 0.0 if @name == Mime::ALL # default wilcard match to end of list - @q = ((q || 1.0).to_f * 100).to_i - end - - def to_s - @name - end - - def <=>(item) - result = item.q <=> q - result = order <=> item.order if result == 0 - result - end - - def ==(item) - name == (item.respond_to?(:name) ? item.name : item) - end - end - - class << self - def lookup(string) - LOOKUP[string] - end - - def lookup_by_extension(extension) - EXTENSION_LOOKUP[extension] - end - - # Registers an alias that's not used on mime type lookup, but can be referenced directly. Especially useful for - # rendering different HTML versions depending on the user agent, like an iPhone. - def register_alias(string, symbol, extension_synonyms = []) - register(string, symbol, [], extension_synonyms, true) - end - - def register(string, symbol, mime_type_synonyms = [], extension_synonyms = [], skip_lookup = false) - Mime.instance_eval { const_set symbol.to_s.upcase, Type.new(string, symbol, mime_type_synonyms) } - - SET << Mime.const_get(symbol.to_s.upcase) - - ([string] + mime_type_synonyms).each { |string| LOOKUP[string] = SET.last } unless skip_lookup - ([symbol.to_s] + extension_synonyms).each { |ext| EXTENSION_LOOKUP[ext] = SET.last } - end - - def parse(accept_header) - if accept_header !~ /,/ - [Mime::Type.lookup(accept_header)] - else - # keep track of creation order to keep the subsequent sort stable - list = [] - accept_header.split(/,/).each_with_index do |header, index| - params, q = header.split(/;\s*q=/) - if params - params.strip! - list << AcceptItem.new(index, params, q) unless params.empty? - end - end - list.sort! - - # Take care of the broken text/xml entry by renaming or deleting it - text_xml = list.index("text/xml") - app_xml = list.index(Mime::XML.to_s) - - if text_xml && app_xml - # set the q value to the max of the two - list[app_xml].q = [list[text_xml].q, list[app_xml].q].max - - # make sure app_xml is ahead of text_xml in the list - if app_xml > text_xml - list[app_xml], list[text_xml] = list[text_xml], list[app_xml] - app_xml, text_xml = text_xml, app_xml - end - - # delete text_xml from the list - list.delete_at(text_xml) - - elsif text_xml - list[text_xml].name = Mime::XML.to_s - end - - # Look for more specific XML-based types and sort them ahead of app/xml - - if app_xml - idx = app_xml - app_xml_type = list[app_xml] - - while(idx < list.length) - type = list[idx] - break if type.q < app_xml_type.q - if type.name =~ /\+xml$/ - list[app_xml], list[idx] = list[idx], list[app_xml] - app_xml = idx - end - idx += 1 - end - end - - list.map! { |i| Mime::Type.lookup(i.name) }.uniq! - list - end - end - end - - def initialize(string, symbol = nil, synonyms = []) - @symbol, @synonyms = symbol, synonyms - @string = string - end - - def to_s - @string - end - - def to_str - to_s - end - - def to_sym - @symbol || @string.to_sym - end - - def ===(list) - if list.is_a?(Array) - (@synonyms + [ self ]).any? { |synonym| list.include?(synonym) } - else - super - end - end - - def ==(mime_type) - return false if mime_type.blank? - (@synonyms + [ self ]).any? do |synonym| - require "ruby-debug" - debugger if mime_type.is_a?(Array) - synonym.to_s == mime_type.to_s || synonym.to_sym == mime_type.to_sym - end - end - - def =~(mime_type) - return false if mime_type.blank? - regexp = Regexp.new(Regexp.quote(mime_type.to_s)) - (@synonyms + [ self ]).any? do |synonym| - synonym.to_s =~ regexp - end - end - - # Returns true if Action Pack should check requests using this Mime Type for possible request forgery. See - # ActionController::RequestForgeryProtection. - def verify_request? - @@browser_generated_types.include?(to_sym) - end - - def html? - @@html_types.include?(to_sym) || @string =~ /html/ - end - - private - def method_missing(method, *args) - if method.to_s =~ /(\w+)\?$/ - $1.downcase.to_sym == to_sym - else - super - end - end - end -end - -require 'action_controller/mime/default_types' diff --git a/actionpack/lib/action_controller/rack_ext.rb b/actionpack/lib/action_controller/rack_ext.rb deleted file mode 100644 index 2ba6654e3d..0000000000 --- a/actionpack/lib/action_controller/rack_ext.rb +++ /dev/null @@ -1,3 +0,0 @@ -require 'action_controller/rack_ext/lock' -require 'action_controller/rack_ext/multipart' -require 'action_controller/rack_ext/parse_query' diff --git a/actionpack/lib/action_controller/rack_ext/lock.rb b/actionpack/lib/action_controller/rack_ext/lock.rb deleted file mode 100644 index 9bf1889065..0000000000 --- a/actionpack/lib/action_controller/rack_ext/lock.rb +++ /dev/null @@ -1,21 +0,0 @@ -module Rack - # Rack::Lock was commited to Rack core - # http://github.com/rack/rack/commit/7409b0c - # Remove this when Rack 1.0 is released - unless defined? Lock - class Lock - FLAG = 'rack.multithread'.freeze - - def initialize(app, lock = Mutex.new) - @app, @lock = app, lock - end - - def call(env) - old, env[FLAG] = env[FLAG], false - @lock.synchronize { @app.call(env) } - ensure - env[FLAG] = old - end - end - end -end diff --git a/actionpack/lib/action_controller/rack_ext/multipart.rb b/actionpack/lib/action_controller/rack_ext/multipart.rb deleted file mode 100644 index 3b142307e9..0000000000 --- a/actionpack/lib/action_controller/rack_ext/multipart.rb +++ /dev/null @@ -1,22 +0,0 @@ -module Rack - module Utils - module Multipart - class << self - def parse_multipart_with_rewind(env) - result = parse_multipart_without_rewind(env) - - begin - env['rack.input'].rewind if env['rack.input'].respond_to?(:rewind) - rescue Errno::ESPIPE - # Handles exceptions raised by input streams that cannot be rewound - # such as when using plain CGI under Apache - end - - result - end - - alias_method_chain :parse_multipart, :rewind - end - end - end -end diff --git a/actionpack/lib/action_controller/rack_ext/parse_query.rb b/actionpack/lib/action_controller/rack_ext/parse_query.rb deleted file mode 100644 index 2f21a57770..0000000000 --- a/actionpack/lib/action_controller/rack_ext/parse_query.rb +++ /dev/null @@ -1,18 +0,0 @@ -# Rack does not automatically cleanup Safari 2 AJAX POST body -# This has not yet been commited to Rack, please +1 this ticket: -# http://rack.lighthouseapp.com/projects/22435/tickets/19 - -module Rack - module Utils - alias_method :parse_query_without_ajax_body_cleanup, :parse_query - module_function :parse_query_without_ajax_body_cleanup - - def parse_query(qs, d = '&;') - qs = qs.dup - qs.chop! if qs[-1] == 0 - qs.gsub!(/&_=$/, '') - parse_query_without_ajax_body_cleanup(qs, d) - end - module_function :parse_query - end -end diff --git a/actionpack/lib/action_controller/routing/route_set.rb b/actionpack/lib/action_controller/routing/route_set.rb index 044ace7de1..70cd1f642d 100644 --- a/actionpack/lib/action_controller/routing/route_set.rb +++ b/actionpack/lib/action_controller/routing/route_set.rb @@ -428,7 +428,7 @@ module ActionController end def call(env) - request = Request.new(env) + request = ActionDispatch::Request.new(env) app = Routing::Routes.recognize(request) app.call(env).to_a end diff --git a/actionpack/lib/action_controller/session/abstract_store.rb b/actionpack/lib/action_controller/session/abstract_store.rb deleted file mode 100644 index bf09fd33c5..0000000000 --- a/actionpack/lib/action_controller/session/abstract_store.rb +++ /dev/null @@ -1,166 +0,0 @@ -require 'rack/utils' - -module ActionController - module Session - class AbstractStore - ENV_SESSION_KEY = 'rack.session'.freeze - ENV_SESSION_OPTIONS_KEY = 'rack.session.options'.freeze - - HTTP_COOKIE = 'HTTP_COOKIE'.freeze - SET_COOKIE = 'Set-Cookie'.freeze - - class SessionHash < Hash - def initialize(by, env) - super() - @by = by - @env = env - @loaded = false - end - - def id - load! unless @loaded - @id - end - - def session_id - ActiveSupport::Deprecation.warn( - "ActionController::Session::AbstractStore::SessionHash#session_id" + - "has been deprecated.Please use #id instead.", caller) - id - end - - def [](key) - load! unless @loaded - super - end - - def []=(key, value) - load! unless @loaded - super - end - - def to_hash - h = {}.replace(self) - h.delete_if { |k,v| v.nil? } - h - end - - def data - ActiveSupport::Deprecation.warn( - "ActionController::Session::AbstractStore::SessionHash#data" + - "has been deprecated.Please use #to_hash instead.", caller) - to_hash - end - - private - def loaded? - @loaded - end - - def load! - @id, session = @by.send(:load_session, @env) - replace(session) - @loaded = true - end - end - - DEFAULT_OPTIONS = { - :key => '_session_id', - :path => '/', - :domain => nil, - :expire_after => nil, - :secure => false, - :httponly => true, - :cookie_only => true - } - - def initialize(app, options = {}) - # Process legacy CGI options - options = options.symbolize_keys - if options.has_key?(:session_path) - options[:path] = options.delete(:session_path) - end - if options.has_key?(:session_key) - options[:key] = options.delete(:session_key) - end - if options.has_key?(:session_http_only) - options[:httponly] = options.delete(:session_http_only) - end - - @app = app - @default_options = DEFAULT_OPTIONS.merge(options) - @key = @default_options[:key] - @cookie_only = @default_options[:cookie_only] - end - - def call(env) - session = SessionHash.new(self, env) - - env[ENV_SESSION_KEY] = session - env[ENV_SESSION_OPTIONS_KEY] = @default_options.dup - - response = @app.call(env) - - session_data = env[ENV_SESSION_KEY] - if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) - options = env[ENV_SESSION_OPTIONS_KEY] - - if session_data.is_a?(AbstractStore::SessionHash) - sid = session_data.id - else - sid = generate_sid - end - - unless set_session(env, sid, session_data.to_hash) - return response - end - - cookie = Rack::Utils.escape(@key) + '=' + Rack::Utils.escape(sid) - cookie << "; domain=#{options[:domain]}" if options[:domain] - cookie << "; path=#{options[:path]}" if options[:path] - if options[:expire_after] - expiry = Time.now + options[:expire_after] - cookie << "; expires=#{expiry.httpdate}" - end - cookie << "; Secure" if options[:secure] - cookie << "; HttpOnly" if options[:httponly] - - headers = response[1] - case a = headers[SET_COOKIE] - when Array - a << cookie - when String - headers[SET_COOKIE] = [a, cookie] - when nil - headers[SET_COOKIE] = cookie - end - end - - response - end - - private - def generate_sid - ActiveSupport::SecureRandom.hex(16) - end - - def load_session(env) - request = Rack::Request.new(env) - sid = request.cookies[@key] - unless @cookie_only - sid ||= request.params[@key] - end - sid, session = get_session(env, sid) - [sid, session] - end - - def get_session(env, sid) - raise '#get_session needs to be implemented.' - end - - def set_session(env, sid, session_data) - raise '#set_session needs to be implemented.' - end - end - end -end diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb deleted file mode 100644 index 6ad6369950..0000000000 --- a/actionpack/lib/action_controller/session/cookie_store.rb +++ /dev/null @@ -1,222 +0,0 @@ -module ActionController - module Session - # This cookie-based session store is the Rails default. Sessions typically - # contain at most a user_id and flash message; both fit within the 4K cookie - # size limit. Cookie-based sessions are dramatically faster than the - # alternatives. - # - # If you have more than 4K of session data or don't want your data to be - # visible to the user, pick another session store. - # - # CookieOverflow is raised if you attempt to store more than 4K of data. - # - # A message digest is included with the cookie to ensure data integrity: - # a user cannot alter his +user_id+ without knowing the secret key - # included in the hash. New apps are generated with a pregenerated secret - # in config/environment.rb. Set your own for old apps you're upgrading. - # - # Session options: - # - # * :secret: An application-wide key string or block returning a - # string called per generated digest. The block is called with the - # CGI::Session instance as an argument. It's important that the secret - # is not vulnerable to a dictionary attack. Therefore, you should choose - # a secret consisting of random numbers and letters and more than 30 - # characters. Examples: - # - # :secret => '449fe2e7daee471bffae2fd8dc02313d' - # :secret => Proc.new { User.current_user.secret_key } - # - # * :digest: The message digest algorithm used to verify session - # integrity defaults to 'SHA1' but may be any digest provided by OpenSSL, - # such as 'MD5', 'RIPEMD160', 'SHA256', etc. - # - # To generate a secret key for an existing application, run - # "rake secret" and set the key in config/environment.rb. - # - # Note that changing digest or secret invalidates all existing sessions! - class CookieStore - # Cookies can typically store 4096 bytes. - MAX = 4096 - SECRET_MIN_LENGTH = 30 # characters - - DEFAULT_OPTIONS = { - :key => '_session_id', - :domain => nil, - :path => "/", - :expire_after => nil, - :httponly => true - }.freeze - - ENV_SESSION_KEY = "rack.session".freeze - ENV_SESSION_OPTIONS_KEY = "rack.session.options".freeze - HTTP_SET_COOKIE = "Set-Cookie".freeze - - # Raised when storing more than 4K of session data. - class CookieOverflow < StandardError; end - - def initialize(app, options = {}) - # Process legacy CGI options - options = options.symbolize_keys - if options.has_key?(:session_path) - options[:path] = options.delete(:session_path) - end - if options.has_key?(:session_key) - options[:key] = options.delete(:session_key) - end - if options.has_key?(:session_http_only) - options[:httponly] = options.delete(:session_http_only) - end - - @app = app - - # The session_key option is required. - ensure_session_key(options[:key]) - @key = options.delete(:key).freeze - - # The secret option is required. - ensure_secret_secure(options[:secret]) - @secret = options.delete(:secret).freeze - - @digest = options.delete(:digest) || 'SHA1' - @verifier = verifier_for(@secret, @digest) - - @default_options = DEFAULT_OPTIONS.merge(options).freeze - - freeze - end - - def call(env) - env[ENV_SESSION_KEY] = AbstractStore::SessionHash.new(self, env) - env[ENV_SESSION_OPTIONS_KEY] = @default_options - - status, headers, body = @app.call(env) - - session_data = env[ENV_SESSION_KEY] - if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) - session_data = marshal(session_data.to_hash) - - raise CookieOverflow if session_data.size > MAX - - options = env[ENV_SESSION_OPTIONS_KEY] - cookie = Hash.new - cookie[:value] = session_data - unless options[:expire_after].nil? - cookie[:expires] = Time.now + options[:expire_after] - end - - cookie = build_cookie(@key, cookie.merge(options)) - case headers[HTTP_SET_COOKIE] - when Array - headers[HTTP_SET_COOKIE] << cookie - when String - headers[HTTP_SET_COOKIE] = [headers[HTTP_SET_COOKIE], cookie] - when nil - headers[HTTP_SET_COOKIE] = cookie - end - end - - [status, headers, body] - end - - private - # Should be in Rack::Utils soon - def build_cookie(key, value) - case value - when Hash - domain = "; domain=" + value[:domain] if value[:domain] - path = "; path=" + value[:path] if value[:path] - # According to RFC 2109, we need dashes here. - # N.B.: cgi.rb uses spaces... - expires = "; expires=" + value[:expires].clone.gmtime. - strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires] - secure = "; secure" if value[:secure] - httponly = "; httponly" if value[:httponly] - value = value[:value] - end - value = [value] unless Array === value - cookie = Rack::Utils.escape(key) + "=" + - value.map { |v| Rack::Utils.escape(v) }.join("&") + - "#{domain}#{path}#{expires}#{secure}#{httponly}" - end - - def load_session(env) - request = Rack::Request.new(env) - session_data = request.cookies[@key] - data = unmarshal(session_data) || persistent_session_id!({}) - [data[:session_id], data] - end - - # Marshal a session hash into safe cookie data. Include an integrity hash. - def marshal(session) - @verifier.generate(persistent_session_id!(session)) - end - - # Unmarshal cookie data to a hash and verify its integrity. - def unmarshal(cookie) - persistent_session_id!(@verifier.verify(cookie)) if cookie - rescue ActiveSupport::MessageVerifier::InvalidSignature - nil - end - - def ensure_session_key(key) - if key.blank? - raise ArgumentError, 'A key is required to write a ' + - 'cookie containing the session data. Use ' + - 'config.action_controller.session = { :key => ' + - '"_myapp_session", :secret => "some secret phrase" } in ' + - 'config/environment.rb' - end - end - - # To prevent users from using something insecure like "Password" we make sure that the - # secret they've provided is at least 30 characters in length. - def ensure_secret_secure(secret) - # There's no way we can do this check if they've provided a proc for the - # secret. - return true if secret.is_a?(Proc) - - if secret.blank? - raise ArgumentError, "A secret is required to generate an " + - "integrity hash for cookie session data. Use " + - "config.action_controller.session = { :key => " + - "\"_myapp_session\", :secret => \"some secret phrase of at " + - "least #{SECRET_MIN_LENGTH} characters\" } " + - "in config/environment.rb" - end - - if secret.length < SECRET_MIN_LENGTH - raise ArgumentError, "Secret should be something secure, " + - "like \"#{ActiveSupport::SecureRandom.hex(16)}\". The value you " + - "provided, \"#{secret}\", is shorter than the minimum length " + - "of #{SECRET_MIN_LENGTH} characters" - end - end - - def verifier_for(secret, digest) - key = secret.respond_to?(:call) ? secret.call : secret - ActiveSupport::MessageVerifier.new(key, digest) - end - - def generate_sid - ActiveSupport::SecureRandom.hex(16) - end - - def persistent_session_id!(data) - (data ||= {}).merge!(inject_persistent_session_id(data)) - end - - def inject_persistent_session_id(data) - requires_session_id?(data) ? { :session_id => generate_sid } : {} - end - - def requires_session_id?(data) - if data - data.respond_to?(:key?) && !data.key?(:session_id) - else - true - end - end - end - end -end diff --git a/actionpack/lib/action_controller/session/management.rb b/actionpack/lib/action_controller/session/management.rb index b556f04649..ffce8e1bd1 100644 --- a/actionpack/lib/action_controller/session/management.rb +++ b/actionpack/lib/action_controller/session/management.rb @@ -26,7 +26,7 @@ module ActionController #:nodoc: if defined? @@session_store @@session_store else - Session::CookieStore + ActionDispatch::Session::CookieStore end end diff --git a/actionpack/lib/action_controller/session/mem_cache_store.rb b/actionpack/lib/action_controller/session/mem_cache_store.rb deleted file mode 100644 index f745715a97..0000000000 --- a/actionpack/lib/action_controller/session/mem_cache_store.rb +++ /dev/null @@ -1,51 +0,0 @@ -begin - require_library_or_gem 'memcache' - - module ActionController - module Session - class MemCacheStore < AbstractStore - def initialize(app, options = {}) - # Support old :expires option - options[:expire_after] ||= options[:expires] - - super - - @default_options = { - :namespace => 'rack:session', - :memcache_server => 'localhost:11211' - }.merge(@default_options) - - @pool = options[:cache] || MemCache.new(@default_options[:memcache_server], @default_options) - unless @pool.servers.any? { |s| s.alive? } - raise "#{self} unable to find server during initialization." - end - @mutex = Mutex.new - - super - end - - private - def get_session(env, sid) - sid ||= generate_sid - begin - session = @pool.get(sid) || {} - rescue MemCache::MemCacheError, Errno::ECONNREFUSED - session = {} - end - [sid, session] - end - - def set_session(env, sid, session_data) - options = env['rack.session.options'] - expiry = options[:expire_after] || 0 - @pool.set(sid, session_data, expiry) - return true - rescue MemCache::MemCacheError, Errno::ECONNREFUSED - return false - end - end - end - end -rescue LoadError - # MemCache wasn't available so neither can the store be -end diff --git a/actionpack/lib/action_controller/testing/assertions/response.rb b/actionpack/lib/action_controller/testing/assertions/response.rb index 5976090273..ca0a9bbf52 100644 --- a/actionpack/lib/action_controller/testing/assertions/response.rb +++ b/actionpack/lib/action_controller/testing/assertions/response.rb @@ -11,7 +11,7 @@ module ActionController # # You can also pass an explicit status number like assert_response(501) # or its symbolic equivalent assert_response(:not_implemented). - # See ActionController::StatusCodes for a full list. + # See ActionDispatch::StatusCodes for a full list. # # ==== Examples # @@ -27,7 +27,7 @@ module ActionController assert_block("") { true } # to count the assertion elsif type.is_a?(Fixnum) && @response.response_code == type assert_block("") { true } # to count the assertion - elsif type.is_a?(Symbol) && @response.response_code == ActionController::StatusCodes::SYMBOL_TO_STATUS_CODE[type] + elsif type.is_a?(Symbol) && @response.response_code == ActionDispatch::StatusCodes::SYMBOL_TO_STATUS_CODE[type] assert_block("") { true } # to count the assertion else if @response.error? diff --git a/actionpack/lib/action_controller/testing/integration.rb b/actionpack/lib/action_controller/testing/integration.rb index 163ba84a3e..0da23f9dc8 100644 --- a/actionpack/lib/action_controller/testing/integration.rb +++ b/actionpack/lib/action_controller/testing/integration.rb @@ -316,7 +316,7 @@ module ActionController @html_document = nil @status = status.to_i - @status_message = StatusCodes::STATUS_CODES[@status] + @status_message = ActionDispatch::StatusCodes::STATUS_CODES[@status] @headers = Rack::Utils::HeaderHash.new(headers) @@ -335,7 +335,7 @@ module ActionController else # Decorate responses from Rack Middleware and Rails Metal # as an Response for the purposes of integration testing - @response = Response.new + @response = ActionDispatch::Response.new @response.status = status.to_s @response.headers.replace(@headers) @response.body = @body @@ -374,7 +374,7 @@ module ActionController "SERVER_PORT" => https? ? "443" : "80", "HTTPS" => https? ? "on" : "off" } - UrlRewriter.new(Request.new(env), {}) + UrlRewriter.new(ActionDispatch::Request.new(env), {}) end def name_with_prefix(prefix, name) diff --git a/actionpack/lib/action_controller/testing/process.rb b/actionpack/lib/action_controller/testing/process.rb index 22b97fc157..199ffb702c 100644 --- a/actionpack/lib/action_controller/testing/process.rb +++ b/actionpack/lib/action_controller/testing/process.rb @@ -1,5 +1,5 @@ module ActionController #:nodoc: - class TestRequest < Request #:nodoc: + class TestRequest < ActionDispatch::Request #:nodoc: attr_accessor :cookies, :session_options attr_accessor :query_parameters, :path, :session attr_accessor :host @@ -270,7 +270,7 @@ module ActionController #:nodoc: # controller actions. # # See Response for more information on controller response objects. - class TestResponse < Response + class TestResponse < ActionDispatch::Response include TestResponseBehavior def recycle! diff --git a/actionpack/lib/action_dispatch.rb b/actionpack/lib/action_dispatch.rb new file mode 100644 index 0000000000..393ccaa795 --- /dev/null +++ b/actionpack/lib/action_dispatch.rb @@ -0,0 +1,64 @@ +#-- +# Copyright (c) 2004-2009 David Heinemeier Hansson +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +#++ + +begin + require 'active_support' +rescue LoadError + activesupport_path = "#{File.dirname(__FILE__)}/../../activesupport/lib" + if File.directory?(activesupport_path) + $:.unshift activesupport_path + require 'active_support' + end +end + +gem 'rack', '>= 0.9.0' +require 'rack' +require 'action_dispatch/rack' + +module ActionDispatch + autoload :Request, 'action_dispatch/http/request' + autoload :Response, 'action_dispatch/http/response' + autoload :StatusCodes, 'action_dispatch/http/status_codes' + + autoload :Failsafe, 'action_dispatch/middleware/failsafe' + autoload :ParamsParser, 'action_dispatch/middleware/params_parser' + autoload :RewindableInput, 'action_dispatch/middleware/rewindable_input' + + autoload :MiddlewareStack, 'action_dispatch/utils/middleware_stack' + autoload :UploadedFile, 'action_dispatch/utils/uploaded_file' + autoload :UploadedStringIO, 'action_dispatch/utils/uploaded_file' + autoload :UploadedTempfile, 'action_dispatch/utils/uploaded_file' + autoload :UrlEncodedPairParser, 'action_dispatch/utils/url_encoded_pair_parser' + + module Http + autoload :Headers, 'action_dispatch/http/headers' + end + + module Session + autoload :AbstractStore, 'action_dispatch/middleware/session/abstract_store' + autoload :CookieStore, 'action_dispatch/middleware/session/cookie_store' + autoload :MemCacheStore, 'action_dispatch/middleware/session/mem_cache_store' + end +end + +autoload :Mime, 'action_dispatch/http/mime_type' diff --git a/actionpack/lib/action_dispatch/http/headers.rb b/actionpack/lib/action_dispatch/http/headers.rb new file mode 100644 index 0000000000..2a41b4dbad --- /dev/null +++ b/actionpack/lib/action_dispatch/http/headers.rb @@ -0,0 +1,33 @@ +require 'active_support/memoizable' + +module ActionDispatch + module Http + class Headers < ::Hash + extend ActiveSupport::Memoizable + + def initialize(*args) + if args.size == 1 && args[0].is_a?(Hash) + super() + update(args[0]) + else + super + end + end + + def [](header_name) + if include?(header_name) + super + else + super(env_name(header_name)) + end + end + + private + # Converts a HTTP header name to an environment variable name. + def env_name(header_name) + "HTTP_#{header_name.upcase.gsub(/-/, '_')}" + end + memoize :env_name + end + end +end diff --git a/actionpack/lib/action_dispatch/http/mime_type.rb b/actionpack/lib/action_dispatch/http/mime_type.rb new file mode 100644 index 0000000000..0a7b1001c8 --- /dev/null +++ b/actionpack/lib/action_dispatch/http/mime_type.rb @@ -0,0 +1,214 @@ +require 'set' + +module Mime + SET = [] + EXTENSION_LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } + LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? } + + def self.[](type) + Type.lookup_by_extension(type.to_s) + end + + # Encapsulates the notion of a mime type. Can be used at render time, for example, with: + # + # class PostsController < ActionController::Base + # def show + # @post = Post.find(params[:id]) + # + # respond_to do |format| + # format.html + # format.ics { render :text => post.to_ics, :mime_type => Mime::Type["text/calendar"] } + # format.xml { render :xml => @people.to_xml } + # end + # end + # end + class Type + @@html_types = Set.new [:html, :all] + cattr_reader :html_types + + # These are the content types which browsers can generate without using ajax, flash, etc + # i.e. following a link, getting an image or posting a form. CSRF protection + # only needs to protect against these types. + @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text] + cattr_reader :browser_generated_types + attr_reader :symbol + + @@unverifiable_types = Set.new [:text, :json, :csv, :xml, :rss, :atom, :yaml] + def self.unverifiable_types + ActiveSupport::Deprecation.warn("unverifiable_types is deprecated and has no effect", caller) + @@unverifiable_types + end + + # A simple helper class used in parsing the accept header + class AcceptItem #:nodoc: + attr_accessor :order, :name, :q + + def initialize(order, name, q=nil) + @order = order + @name = name.strip + q ||= 0.0 if @name == Mime::ALL # default wilcard match to end of list + @q = ((q || 1.0).to_f * 100).to_i + end + + def to_s + @name + end + + def <=>(item) + result = item.q <=> q + result = order <=> item.order if result == 0 + result + end + + def ==(item) + name == (item.respond_to?(:name) ? item.name : item) + end + end + + class << self + def lookup(string) + LOOKUP[string] + end + + def lookup_by_extension(extension) + EXTENSION_LOOKUP[extension] + end + + # Registers an alias that's not used on mime type lookup, but can be referenced directly. Especially useful for + # rendering different HTML versions depending on the user agent, like an iPhone. + def register_alias(string, symbol, extension_synonyms = []) + register(string, symbol, [], extension_synonyms, true) + end + + def register(string, symbol, mime_type_synonyms = [], extension_synonyms = [], skip_lookup = false) + Mime.instance_eval { const_set symbol.to_s.upcase, Type.new(string, symbol, mime_type_synonyms) } + + SET << Mime.const_get(symbol.to_s.upcase) + + ([string] + mime_type_synonyms).each { |string| LOOKUP[string] = SET.last } unless skip_lookup + ([symbol.to_s] + extension_synonyms).each { |ext| EXTENSION_LOOKUP[ext] = SET.last } + end + + def parse(accept_header) + if accept_header !~ /,/ + [Mime::Type.lookup(accept_header)] + else + # keep track of creation order to keep the subsequent sort stable + list = [] + accept_header.split(/,/).each_with_index do |header, index| + params, q = header.split(/;\s*q=/) + if params + params.strip! + list << AcceptItem.new(index, params, q) unless params.empty? + end + end + list.sort! + + # Take care of the broken text/xml entry by renaming or deleting it + text_xml = list.index("text/xml") + app_xml = list.index(Mime::XML.to_s) + + if text_xml && app_xml + # set the q value to the max of the two + list[app_xml].q = [list[text_xml].q, list[app_xml].q].max + + # make sure app_xml is ahead of text_xml in the list + if app_xml > text_xml + list[app_xml], list[text_xml] = list[text_xml], list[app_xml] + app_xml, text_xml = text_xml, app_xml + end + + # delete text_xml from the list + list.delete_at(text_xml) + + elsif text_xml + list[text_xml].name = Mime::XML.to_s + end + + # Look for more specific XML-based types and sort them ahead of app/xml + + if app_xml + idx = app_xml + app_xml_type = list[app_xml] + + while(idx < list.length) + type = list[idx] + break if type.q < app_xml_type.q + if type.name =~ /\+xml$/ + list[app_xml], list[idx] = list[idx], list[app_xml] + app_xml = idx + end + idx += 1 + end + end + + list.map! { |i| Mime::Type.lookup(i.name) }.uniq! + list + end + end + end + + def initialize(string, symbol = nil, synonyms = []) + @symbol, @synonyms = symbol, synonyms + @string = string + end + + def to_s + @string + end + + def to_str + to_s + end + + def to_sym + @symbol || @string.to_sym + end + + def ===(list) + if list.is_a?(Array) + (@synonyms + [ self ]).any? { |synonym| list.include?(synonym) } + else + super + end + end + + def ==(mime_type) + return false if mime_type.blank? + (@synonyms + [ self ]).any? do |synonym| + require "ruby-debug" + debugger if mime_type.is_a?(Array) + synonym.to_s == mime_type.to_s || synonym.to_sym == mime_type.to_sym + end + end + + def =~(mime_type) + return false if mime_type.blank? + regexp = Regexp.new(Regexp.quote(mime_type.to_s)) + (@synonyms + [ self ]).any? do |synonym| + synonym.to_s =~ regexp + end + end + + # Returns true if Action Pack should check requests using this Mime Type for possible request forgery. See + # ActionController::RequestForgeryProtection. + def verify_request? + @@browser_generated_types.include?(to_sym) + end + + def html? + @@html_types.include?(to_sym) || @string =~ /html/ + end + + private + def method_missing(method, *args) + if method.to_s =~ /(\w+)\?$/ + $1.downcase.to_sym == to_sym + else + super + end + end + end +end + +require 'action_dispatch/http/mime_types' diff --git a/actionpack/lib/action_dispatch/http/mime_types.rb b/actionpack/lib/action_dispatch/http/mime_types.rb new file mode 100644 index 0000000000..2d7fba1173 --- /dev/null +++ b/actionpack/lib/action_dispatch/http/mime_types.rb @@ -0,0 +1,21 @@ +# Build list of Mime types for HTTP responses +# http://www.iana.org/assignments/media-types/ + +Mime::Type.register "*/*", :all +Mime::Type.register "text/plain", :text, [], %w(txt) +Mime::Type.register "text/html", :html, %w( application/xhtml+xml ), %w( xhtml ) +Mime::Type.register "text/javascript", :js, %w( application/javascript application/x-javascript ) +Mime::Type.register "text/css", :css +Mime::Type.register "text/calendar", :ics +Mime::Type.register "text/csv", :csv +Mime::Type.register "application/xml", :xml, %w( text/xml application/x-xml ) +Mime::Type.register "application/rss+xml", :rss +Mime::Type.register "application/atom+xml", :atom +Mime::Type.register "application/x-yaml", :yaml, %w( text/yaml ) + +Mime::Type.register "multipart/form-data", :multipart_form +Mime::Type.register "application/x-www-form-urlencoded", :url_encoded_form + +# http://www.ietf.org/rfc/rfc4627.txt +# http://www.json.org/JSONRequest.html +Mime::Type.register "application/json", :json, %w( text/x-json application/jsonrequest ) \ No newline at end of file diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb new file mode 100755 index 0000000000..0da7daacf2 --- /dev/null +++ b/actionpack/lib/action_dispatch/http/request.rb @@ -0,0 +1,492 @@ +require 'tempfile' +require 'stringio' +require 'strscan' + +require 'active_support/memoizable' +require 'action_controller/cgi_ext' + +module ActionDispatch + class Request < Rack::Request + extend ActiveSupport::Memoizable + + %w[ AUTH_TYPE GATEWAY_INTERFACE + PATH_TRANSLATED REMOTE_HOST + REMOTE_IDENT REMOTE_USER REMOTE_ADDR + SERVER_NAME SERVER_PROTOCOL + + HTTP_ACCEPT HTTP_ACCEPT_CHARSET HTTP_ACCEPT_ENCODING + HTTP_ACCEPT_LANGUAGE HTTP_CACHE_CONTROL HTTP_FROM + HTTP_NEGOTIATE HTTP_PRAGMA HTTP_REFERER HTTP_USER_AGENT ].each do |env| + define_method(env.sub(/^HTTP_/n, '').downcase) do + @env[env] + end + end + + def key?(key) + @env.key?(key) + end + + HTTP_METHODS = %w(get head put post delete options) + HTTP_METHOD_LOOKUP = HTTP_METHODS.inject({}) { |h, m| h[m] = h[m.upcase] = m.to_sym; h } + + # Returns the true HTTP request \method as a lowercase symbol, such as + # :get. If the request \method is not listed in the HTTP_METHODS + # constant above, an UnknownHttpMethod exception is raised. + def request_method + HTTP_METHOD_LOOKUP[super] || raise(ActionController::UnknownHttpMethod, "#{super}, accepted HTTP methods are #{HTTP_METHODS.to_sentence}") + end + memoize :request_method + + # Returns the HTTP request \method used for action processing as a + # lowercase symbol, such as :post. (Unlike #request_method, this + # method returns :get for a HEAD request because the two are + # functionally equivalent from the application's perspective.) + def method + request_method == :head ? :get : request_method + end + + # Is this a GET (or HEAD) request? Equivalent to request.method == :get. + def get? + method == :get + end + + # Is this a POST request? Equivalent to request.method == :post. + def post? + request_method == :post + end + + # Is this a PUT request? Equivalent to request.method == :put. + def put? + request_method == :put + end + + # Is this a DELETE request? Equivalent to request.method == :delete. + def delete? + request_method == :delete + end + + # Is this a HEAD request? Since request.method sees HEAD as :get, + # this \method checks the actual HTTP \method directly. + def head? + request_method == :head + end + + # Provides access to the request's HTTP headers, for example: + # + # request.headers["Content-Type"] # => "text/plain" + def headers + Http::Headers.new(@env) + end + memoize :headers + + # Returns the content length of the request as an integer. + def content_length + super.to_i + end + + # The MIME type of the HTTP request, such as Mime::XML. + # + # For backward compatibility, the post \format is extracted from the + # X-Post-Data-Format HTTP header if present. + def content_type + if @env['CONTENT_TYPE'] =~ /^([^,\;]*)/ + Mime::Type.lookup($1.strip.downcase) + else + nil + end + end + memoize :content_type + + # Returns the accepted MIME type for the request. + def accepts + header = @env['HTTP_ACCEPT'].to_s.strip + + fallback = xhr? ? Mime::JS : Mime::HTML + + if header.empty? + [content_type, fallback, Mime::ALL].compact + else + ret = Mime::Type.parse(header) + if ret.last == Mime::ALL + ret.insert(-2, fallback) + end + ret + end + end + memoize :accepts + + def if_modified_since + if since = env['HTTP_IF_MODIFIED_SINCE'] + Time.rfc2822(since) rescue nil + end + end + memoize :if_modified_since + + def if_none_match + env['HTTP_IF_NONE_MATCH'] + end + + def not_modified?(modified_at) + if_modified_since && modified_at && if_modified_since >= modified_at + end + + def etag_matches?(etag) + if_none_match && if_none_match == etag + end + + # Check response freshness (Last-Modified and ETag) against request + # If-Modified-Since and If-None-Match conditions. If both headers are + # supplied, both must match, or the request is not considered fresh. + def fresh?(response) + case + when if_modified_since && if_none_match + not_modified?(response.last_modified) && etag_matches?(response.etag) + when if_modified_since + not_modified?(response.last_modified) + when if_none_match + etag_matches?(response.etag) + else + false + end + end + + ONLY_ALL = [Mime::ALL].freeze + + # Returns the Mime type for the \format used in the request. + # + # GET /posts/5.xml | request.format => Mime::XML + # GET /posts/5.xhtml | request.format => Mime::HTML + # GET /posts/5 | request.format => Mime::HTML or MIME::JS, or request.accepts.first depending on the value of ActionController::Base.use_accept_header + + def format(view_path = []) + @format ||= + if parameters[:format] + Mime[parameters[:format]] + elsif ActionController::Base.use_accept_header && !(accepts == ONLY_ALL) + accepts.first + elsif xhr? then Mime::JS + else Mime::HTML + end + end + + def formats + @formats = + if ActionController::Base.use_accept_header + ret = Array(Mime[parameters[:format]] || accepts) + else + [format] + end + end + + # Sets the \format by string extension, which can be used to force custom formats + # that are not controlled by the extension. + # + # class ApplicationController < ActionController::Base + # before_filter :adjust_format_for_iphone + # + # private + # def adjust_format_for_iphone + # request.format = :iphone if request.env["HTTP_USER_AGENT"][/iPhone/] + # end + # end + def format=(extension) + parameters[:format] = extension.to_s + @format = Mime::Type.lookup_by_extension(parameters[:format]) + end + + # Returns a symbolized version of the :format parameter of the request. + # If no \format is given it returns :jsfor Ajax requests and :html + # otherwise. + def template_format + parameter_format = parameters[:format] + + if parameter_format + parameter_format + elsif xhr? + :js + else + :html + end + end + + def cache_format + parameters[:format] + end + + # Returns true if the request's "X-Requested-With" header contains + # "XMLHttpRequest". (The Prototype Javascript library sends this header with + # every Ajax request.) + def xml_http_request? + !(@env['HTTP_X_REQUESTED_WITH'] !~ /XMLHttpRequest/i) + end + alias xhr? :xml_http_request? + + # Which IP addresses are "trusted proxies" that can be stripped from + # the right-hand-side of X-Forwarded-For + TRUSTED_PROXIES = /^127\.0\.0\.1$|^(10|172\.(1[6-9]|2[0-9]|30|31)|192\.168)\./i + + # Determines originating IP address. REMOTE_ADDR is the standard + # but will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or + # HTTP_X_FORWARDED_FOR are set by proxies so check for these if + # REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma- + # delimited list in the case of multiple chained proxies; the last + # address which is not trusted is the originating IP. + def remote_ip + remote_addr_list = @env['REMOTE_ADDR'] && @env['REMOTE_ADDR'].scan(/[^,\s]+/) + + unless remote_addr_list.blank? + not_trusted_addrs = remote_addr_list.reject {|addr| addr =~ TRUSTED_PROXIES} + return not_trusted_addrs.first unless not_trusted_addrs.empty? + end + remote_ips = @env['HTTP_X_FORWARDED_FOR'] && @env['HTTP_X_FORWARDED_FOR'].split(',') + + if @env.include? 'HTTP_CLIENT_IP' + if ActionController::Base.ip_spoofing_check && remote_ips && !remote_ips.include?(@env['HTTP_CLIENT_IP']) + # We don't know which came from the proxy, and which from the user + raise ActionController::ActionControllerError.new(< 1 && TRUSTED_PROXIES =~ remote_ips.last.strip + remote_ips.pop + end + + return remote_ips.last.strip + end + + @env['REMOTE_ADDR'] + end + memoize :remote_ip + + # Returns the lowercase name of the HTTP server software. + def server_software + (@env['SERVER_SOFTWARE'] && /^([a-zA-Z]+)/ =~ @env['SERVER_SOFTWARE']) ? $1.downcase : nil + end + memoize :server_software + + # Returns the complete URL used for this request. + def url + protocol + host_with_port + request_uri + end + memoize :url + + # Returns 'https://' if this is an SSL request and 'http://' otherwise. + def protocol + ssl? ? 'https://' : 'http://' + end + memoize :protocol + + # Is this an SSL request? + def ssl? + @env['HTTPS'] == 'on' || @env['HTTP_X_FORWARDED_PROTO'] == 'https' + end + + # Returns the \host for this request, such as "example.com". + def raw_host_with_port + if forwarded = env["HTTP_X_FORWARDED_HOST"] + forwarded.split(/,\s?/).last + else + env['HTTP_HOST'] || "#{env['SERVER_NAME'] || env['SERVER_ADDR']}:#{env['SERVER_PORT']}" + end + end + + # Returns the host for this request, such as example.com. + def host + raw_host_with_port.sub(/:\d+$/, '') + end + memoize :host + + # Returns a \host:\port string for this request, such as "example.com" or + # "example.com:8080". + def host_with_port + "#{host}#{port_string}" + end + memoize :host_with_port + + # Returns the port number of this request as an integer. + def port + if raw_host_with_port =~ /:(\d+)$/ + $1.to_i + else + standard_port + end + end + memoize :port + + # Returns the standard \port number for this request's protocol. + def standard_port + case protocol + when 'https://' then 443 + else 80 + end + end + + # Returns a \port suffix like ":8080" if the \port number of this request + # is not the default HTTP \port 80 or HTTPS \port 443. + def port_string + port == standard_port ? '' : ":#{port}" + end + + # Returns the \domain part of a \host, such as "rubyonrails.org" in "www.rubyonrails.org". You can specify + # a different tld_length, such as 2 to catch rubyonrails.co.uk in "www.rubyonrails.co.uk". + def domain(tld_length = 1) + return nil unless named_host?(host) + + host.split('.').last(1 + tld_length).join('.') + end + + # Returns all the \subdomains as an array, so ["dev", "www"] would be + # returned for "dev.www.rubyonrails.org". You can specify a different tld_length, + # such as 2 to catch ["www"] instead of ["www", "rubyonrails"] + # in "www.rubyonrails.co.uk". + def subdomains(tld_length = 1) + return [] unless named_host?(host) + parts = host.split('.') + parts[0..-(tld_length+2)] + end + + # Returns the query string, accounting for server idiosyncrasies. + def query_string + @env['QUERY_STRING'].present? ? @env['QUERY_STRING'] : (@env['REQUEST_URI'].split('?', 2)[1] || '') + end + memoize :query_string + + # Returns the request URI, accounting for server idiosyncrasies. + # WEBrick includes the full URL. IIS leaves REQUEST_URI blank. + def request_uri + if uri = @env['REQUEST_URI'] + # Remove domain, which webrick puts into the request_uri. + (%r{^\w+\://[^/]+(/.*|$)$} =~ uri) ? $1 : uri + else + # Construct IIS missing REQUEST_URI from SCRIPT_NAME and PATH_INFO. + uri = @env['PATH_INFO'].to_s + + if script_filename = @env['SCRIPT_NAME'].to_s.match(%r{[^/]+$}) + uri = uri.sub(/#{script_filename}\//, '') + end + + env_qs = @env['QUERY_STRING'].to_s + uri += "?#{env_qs}" unless env_qs.empty? + + if uri.blank? + @env.delete('REQUEST_URI') + else + @env['REQUEST_URI'] = uri + end + end + end + memoize :request_uri + + # Returns the interpreted \path to requested resource after all the installation + # directory of this application was taken into account. + def path + path = request_uri.to_s[/\A[^\?]*/] + path.sub!(/\A#{ActionController::Base.relative_url_root}/, '') + path + end + memoize :path + + # Read the request \body. This is useful for web services that need to + # work with raw requests directly. + def raw_post + unless @env.include? 'RAW_POST_DATA' + @env['RAW_POST_DATA'] = body.read(@env['CONTENT_LENGTH'].to_i) + body.rewind if body.respond_to?(:rewind) + end + @env['RAW_POST_DATA'] + end + + # Returns both GET and POST \parameters in a single hash. + def parameters + @parameters ||= request_parameters.merge(query_parameters).update(path_parameters).with_indifferent_access + end + alias_method :params, :parameters + + def path_parameters=(parameters) #:nodoc: + @env["rack.routing_args"] = parameters + @symbolized_path_parameters = @parameters = nil + end + + # The same as path_parameters with explicitly symbolized keys. + def symbolized_path_parameters + @symbolized_path_parameters ||= path_parameters.symbolize_keys + end + + # Returns a hash with the \parameters used to form the \path of the request. + # Returned hash keys are strings: + # + # {'action' => 'my_action', 'controller' => 'my_controller'} + # + # See symbolized_path_parameters for symbolized keys. + def path_parameters + @env["rack.routing_args"] ||= {} + end + + # The request body is an IO input stream. If the RAW_POST_DATA environment + # variable is already set, wrap it in a StringIO. + def body + if raw_post = @env['RAW_POST_DATA'] + raw_post.force_encoding(Encoding::BINARY) if raw_post.respond_to?(:force_encoding) + StringIO.new(raw_post) + else + @env['rack.input'] + end + end + + def form_data? + FORM_DATA_MEDIA_TYPES.include?(content_type.to_s) + end + + # Override Rack's GET method to support nested query strings + def GET + @env["action_controller.request.query_parameters"] ||= UrlEncodedPairParser.parse_query_parameters(query_string) + end + alias_method :query_parameters, :GET + + # Override Rack's POST method to support nested query strings + def POST + @env["action_controller.request.request_parameters"] ||= UrlEncodedPairParser.parse_hash_parameters(super) + end + alias_method :request_parameters, :POST + + def body_stream #:nodoc: + @env['rack.input'] + end + + def session + @env['rack.session'] ||= {} + end + + def session=(session) #:nodoc: + @env['rack.session'] = session + end + + def reset_session + @env['rack.session'] = {} + end + + def session_options + @env['rack.session.options'] ||= {} + end + + def session_options=(options) + @env['rack.session.options'] = options + end + + def server_port + @env['SERVER_PORT'].to_i + end + + private + def named_host?(host) + !(host.nil? || /\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.match(host)) + end + end +end diff --git a/actionpack/lib/action_dispatch/http/response.rb b/actionpack/lib/action_dispatch/http/response.rb new file mode 100644 index 0000000000..e1d8ee3527 --- /dev/null +++ b/actionpack/lib/action_dispatch/http/response.rb @@ -0,0 +1,255 @@ +require 'digest/md5' + +module ActionDispatch # :nodoc: + # Represents an HTTP response generated by a controller action. One can use + # an ActionController::Response object to retrieve the current state + # of the response, or customize the response. An Response object can + # either represent a "real" HTTP response (i.e. one that is meant to be sent + # back to the web browser) or a test response (i.e. one that is generated + # from integration tests). See CgiResponse and TestResponse, respectively. + # + # Response is mostly a Ruby on Rails framework implement detail, and + # should never be used directly in controllers. Controllers should use the + # methods defined in ActionController::Base instead. For example, if you want + # to set the HTTP response's content MIME type, then use + # ActionControllerBase#headers instead of Response#headers. + # + # Nevertheless, integration tests may want to inspect controller responses in + # more detail, and that's when Response can be useful for application + # developers. Integration test methods such as + # ActionController::Integration::Session#get and + # ActionController::Integration::Session#post return objects of type + # TestResponse (which are of course also of type Response). + # + # For example, the following demo integration "test" prints the body of the + # controller response to the console: + # + # class DemoControllerTest < ActionController::IntegrationTest + # def test_print_root_path_to_console + # get('/') + # puts @response.body + # end + # end + class Response < Rack::Response + DEFAULT_HEADERS = { "Cache-Control" => "no-cache" } + attr_accessor :request + + attr_accessor :session, :assigns, :template, :layout + attr_accessor :redirected_to, :redirected_to_method_params + + delegate :default_charset, :to => 'ActionController::Base' + + def initialize + @status = 200 + @header = DEFAULT_HEADERS.dup + + @writer = lambda { |x| @body << x } + @block = nil + + @body = "", + @session, @assigns = [], [] + end + + def location; headers['Location'] end + def location=(url) headers['Location'] = url end + + + # Sets the HTTP response's content MIME type. For example, in the controller + # you could write this: + # + # response.content_type = "text/plain" + # + # If a character set has been defined for this response (see charset=) then + # the character set information will also be included in the content type + # information. + def content_type=(mime_type) + self.headers["Content-Type"] = + if mime_type =~ /charset/ || (c = charset).nil? + mime_type.to_s + else + "#{mime_type}; charset=#{c}" + end + end + + # Returns the response's content MIME type, or nil if content type has been set. + def content_type + content_type = String(headers["Content-Type"] || headers["type"]).split(";")[0] + content_type.blank? ? nil : content_type + end + + # Set the charset of the Content-Type header. Set to nil to remove it. + # If no content type is set, it defaults to HTML. + def charset=(charset) + headers["Content-Type"] = + if charset + "#{content_type || Mime::HTML}; charset=#{charset}" + else + content_type || Mime::HTML.to_s + end + end + + def charset + charset = String(headers["Content-Type"] || headers["type"]).split(";")[1] + charset.blank? ? nil : charset.strip.split("=")[1] + end + + def last_modified + if last = headers['Last-Modified'] + Time.httpdate(last) + end + end + + def last_modified? + headers.include?('Last-Modified') + end + + def last_modified=(utc_time) + headers['Last-Modified'] = utc_time.httpdate + end + + def etag + headers['ETag'] + end + + def etag? + headers.include?('ETag') + end + + def etag=(etag) + if etag.blank? + headers.delete('ETag') + else + headers['ETag'] = %("#{Digest::MD5.hexdigest(ActiveSupport::Cache.expand_cache_key(etag))}") + end + end + + def redirect(url, status) + self.status = status + self.location = url.gsub(/[\r\n]/, '') + self.body = "You are being redirected." + end + + def sending_file? + headers["Content-Transfer-Encoding"] == "binary" + end + + def assign_default_content_type_and_charset! + self.content_type ||= Mime::HTML + self.charset ||= default_charset unless sending_file? + end + + def prepare! + assign_default_content_type_and_charset! + handle_conditional_get! + set_content_length! + convert_content_type! + convert_language! + convert_expires! + convert_cookies! + end + + def each(&callback) + if @body.respond_to?(:call) + @writer = lambda { |x| callback.call(x) } + @body.call(self, self) + elsif @body.is_a?(String) + @body.each_line(&callback) + else + @body.each(&callback) + end + + @writer = callback + @block.call(self) if @block + end + + def write(str) + @writer.call str.to_s + str + end + + # Over Rack::Response#set_cookie to add HttpOnly option + def set_cookie(key, value) + case value + when Hash + domain = "; domain=" + value[:domain] if value[:domain] + path = "; path=" + value[:path] if value[:path] + # According to RFC 2109, we need dashes here. + # N.B.: cgi.rb uses spaces... + expires = "; expires=" + value[:expires].clone.gmtime. + strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires] + secure = "; secure" if value[:secure] + httponly = "; HttpOnly" if value[:http_only] + value = value[:value] + end + value = [value] unless Array === value + cookie = ::Rack::Utils.escape(key) + "=" + + value.map { |v| ::Rack::Utils.escape v }.join("&") + + "#{domain}#{path}#{expires}#{secure}#{httponly}" + + case self["Set-Cookie"] + when Array + self["Set-Cookie"] << cookie + when String + self["Set-Cookie"] = [self["Set-Cookie"], cookie] + when nil + self["Set-Cookie"] = cookie + end + end + + private + def handle_conditional_get! + if etag? || last_modified? + set_conditional_cache_control! + elsif nonempty_ok_response? + self.etag = body + + if request && request.etag_matches?(etag) + self.status = '304 Not Modified' + self.body = '' + end + + set_conditional_cache_control! + end + end + + def nonempty_ok_response? + ok = !status || status.to_s[0..2] == '200' + ok && body.is_a?(String) && !body.empty? + end + + def set_conditional_cache_control! + if headers['Cache-Control'] == DEFAULT_HEADERS['Cache-Control'] + headers['Cache-Control'] = 'private, max-age=0, must-revalidate' + end + end + + def convert_content_type! + headers['Content-Type'] ||= "text/html" + headers['Content-Type'] += "; charset=" + headers.delete('charset') if headers['charset'] + end + + # Don't set the Content-Length for block-based bodies as that would mean + # reading it all into memory. Not nice for, say, a 2GB streaming file. + def set_content_length! + if status && status.to_s[0..2] == '204' + headers.delete('Content-Length') + elsif length = headers['Content-Length'] + headers['Content-Length'] = length.to_s + elsif !body.respond_to?(:call) && (!status || status.to_s[0..2] != '304') + headers["Content-Length"] = body.size.to_s + end + end + + def convert_language! + headers["Content-Language"] = headers.delete("language") if headers["language"] + end + + def convert_expires! + headers["Expires"] = headers.delete("") if headers["expires"] + end + + def convert_cookies! + headers['Set-Cookie'] = Array(headers['Set-Cookie']).compact + end + end +end diff --git a/actionpack/lib/action_dispatch/http/status_codes.rb b/actionpack/lib/action_dispatch/http/status_codes.rb new file mode 100644 index 0000000000..cec9d2e3a1 --- /dev/null +++ b/actionpack/lib/action_dispatch/http/status_codes.rb @@ -0,0 +1,88 @@ +module ActionDispatch + module StatusCodes #:nodoc: + # Defines the standard HTTP status codes, by integer, with their + # corresponding default message texts. + # Source: http://www.iana.org/assignments/http-status-codes + STATUS_CODES = { + 100 => "Continue", + 101 => "Switching Protocols", + 102 => "Processing", + + 200 => "OK", + 201 => "Created", + 202 => "Accepted", + 203 => "Non-Authoritative Information", + 204 => "No Content", + 205 => "Reset Content", + 206 => "Partial Content", + 207 => "Multi-Status", + 226 => "IM Used", + + 300 => "Multiple Choices", + 301 => "Moved Permanently", + 302 => "Found", + 303 => "See Other", + 304 => "Not Modified", + 305 => "Use Proxy", + 307 => "Temporary Redirect", + + 400 => "Bad Request", + 401 => "Unauthorized", + 402 => "Payment Required", + 403 => "Forbidden", + 404 => "Not Found", + 405 => "Method Not Allowed", + 406 => "Not Acceptable", + 407 => "Proxy Authentication Required", + 408 => "Request Timeout", + 409 => "Conflict", + 410 => "Gone", + 411 => "Length Required", + 412 => "Precondition Failed", + 413 => "Request Entity Too Large", + 414 => "Request-URI Too Long", + 415 => "Unsupported Media Type", + 416 => "Requested Range Not Satisfiable", + 417 => "Expectation Failed", + 422 => "Unprocessable Entity", + 423 => "Locked", + 424 => "Failed Dependency", + 426 => "Upgrade Required", + + 500 => "Internal Server Error", + 501 => "Not Implemented", + 502 => "Bad Gateway", + 503 => "Service Unavailable", + 504 => "Gateway Timeout", + 505 => "HTTP Version Not Supported", + 507 => "Insufficient Storage", + 510 => "Not Extended" + } + + # Provides a symbol-to-fixnum lookup for converting a symbol (like + # :created or :not_implemented) into its corresponding HTTP status + # code (like 200 or 501). + SYMBOL_TO_STATUS_CODE = STATUS_CODES.inject({}) do |hash, (code, message)| + hash[message.gsub(/ /, "").underscore.to_sym] = code + hash + end + + # Given a status parameter, determine whether it needs to be converted + # to a string. If it is a fixnum, use the STATUS_CODES hash to lookup + # the default message. If it is a symbol, use the SYMBOL_TO_STATUS_CODE + # hash to convert it. + def interpret_status(status) + case status + when Fixnum then + "#{status} #{STATUS_CODES[status]}".strip + when Symbol then + interpret_status(SYMBOL_TO_STATUS_CODE[status] || + "500 Unknown Status #{status.inspect}") + else + status.to_s + end + end + private :interpret_status + + end +end \ No newline at end of file diff --git a/actionpack/lib/action_dispatch/middleware/failsafe.rb b/actionpack/lib/action_dispatch/middleware/failsafe.rb new file mode 100644 index 0000000000..7379a696aa --- /dev/null +++ b/actionpack/lib/action_dispatch/middleware/failsafe.rb @@ -0,0 +1,52 @@ +module ActionDispatch + class Failsafe + cattr_accessor :error_file_path + self.error_file_path = Rails.public_path if defined?(Rails.public_path) + + def initialize(app) + @app = app + end + + def call(env) + @app.call(env) + rescue Exception => exception + # Reraise exception in test environment + if env["rack.test"] + raise exception + else + failsafe_response(exception) + end + end + + private + def failsafe_response(exception) + log_failsafe_exception(exception) + [500, {'Content-Type' => 'text/html'}, failsafe_response_body] + rescue Exception => failsafe_error # Logger or IO errors + $stderr.puts "Error during failsafe response: #{failsafe_error}" + end + + def failsafe_response_body + error_path = "#{self.class.error_file_path}/500.html" + if File.exist?(error_path) + File.read(error_path) + else + "

500 Internal Server Error

" + end + end + + def log_failsafe_exception(exception) + message = "/!\\ FAILSAFE /!\\ #{Time.now}\n Status: 500 Internal Server Error\n" + message << " #{exception}\n #{exception.backtrace.join("\n ")}" if exception + failsafe_logger.fatal(message) + end + + def failsafe_logger + if defined?(Rails) && Rails.logger + Rails.logger + else + Logger.new($stderr) + end + end + end +end diff --git a/actionpack/lib/action_dispatch/middleware/params_parser.rb b/actionpack/lib/action_dispatch/middleware/params_parser.rb new file mode 100644 index 0000000000..6df572268c --- /dev/null +++ b/actionpack/lib/action_dispatch/middleware/params_parser.rb @@ -0,0 +1,71 @@ +module ActionDispatch + class ParamsParser + ActionController::Base.param_parsers[Mime::XML] = :xml_simple + ActionController::Base.param_parsers[Mime::JSON] = :json + + def initialize(app) + @app = app + end + + def call(env) + if params = parse_formatted_parameters(env) + env["action_controller.request.request_parameters"] = params + end + + @app.call(env) + end + + private + def parse_formatted_parameters(env) + request = Request.new(env) + + return false if request.content_length.zero? + + mime_type = content_type_from_legacy_post_data_format_header(env) || request.content_type + strategy = ActionController::Base.param_parsers[mime_type] + + return false unless strategy + + case strategy + when Proc + strategy.call(request.raw_post) + when :xml_simple, :xml_node + body = request.raw_post + body.blank? ? {} : Hash.from_xml(body).with_indifferent_access + when :yaml + YAML.load(request.raw_post) + when :json + body = request.raw_post + if body.blank? + {} + else + data = ActiveSupport::JSON.decode(body) + data = {:_json => data} unless data.is_a?(Hash) + data.with_indifferent_access + end + else + false + end + rescue Exception => e # YAML, XML or Ruby code block errors + raise + { "body" => request.raw_post, + "content_type" => request.content_type, + "content_length" => request.content_length, + "exception" => "#{e.message} (#{e.class})", + "backtrace" => e.backtrace } + end + + def content_type_from_legacy_post_data_format_header(env) + if x_post_format = env['HTTP_X_POST_DATA_FORMAT'] + case x_post_format.to_s.downcase + when 'yaml' + return Mime::YAML + when 'xml' + return Mime::XML + end + end + + nil + end + end +end diff --git a/actionpack/lib/action_dispatch/middleware/rewindable_input.rb b/actionpack/lib/action_dispatch/middleware/rewindable_input.rb new file mode 100644 index 0000000000..ac2194eead --- /dev/null +++ b/actionpack/lib/action_dispatch/middleware/rewindable_input.rb @@ -0,0 +1,28 @@ +module ActionDispatch + class RewindableInput + class RewindableIO < ActiveSupport::BasicObject + def initialize(io) + @io = io + @rewindable = io.is_a?(StringIO) + end + + def method_missing(method, *args, &block) + unless @rewindable + @io = StringIO.new(@io.read) + @rewindable = true + end + + @io.__send__(method, *args, &block) + end + end + + def initialize(app) + @app = app + end + + def call(env) + env['rack.input'] = RewindableIO.new(env['rack.input']) + @app.call(env) + end + end +end diff --git a/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb new file mode 100644 index 0000000000..e745997dda --- /dev/null +++ b/actionpack/lib/action_dispatch/middleware/session/abstract_store.rb @@ -0,0 +1,166 @@ +require 'rack/utils' + +module ActionDispatch + module Session + class AbstractStore + ENV_SESSION_KEY = 'rack.session'.freeze + ENV_SESSION_OPTIONS_KEY = 'rack.session.options'.freeze + + HTTP_COOKIE = 'HTTP_COOKIE'.freeze + SET_COOKIE = 'Set-Cookie'.freeze + + class SessionHash < Hash + def initialize(by, env) + super() + @by = by + @env = env + @loaded = false + end + + def id + load! unless @loaded + @id + end + + def session_id + ActiveSupport::Deprecation.warn( + "ActionController::Session::AbstractStore::SessionHash#session_id" + + "has been deprecated.Please use #id instead.", caller) + id + end + + def [](key) + load! unless @loaded + super + end + + def []=(key, value) + load! unless @loaded + super + end + + def to_hash + h = {}.replace(self) + h.delete_if { |k,v| v.nil? } + h + end + + def data + ActiveSupport::Deprecation.warn( + "ActionController::Session::AbstractStore::SessionHash#data" + + "has been deprecated.Please use #to_hash instead.", caller) + to_hash + end + + private + def loaded? + @loaded + end + + def load! + @id, session = @by.send(:load_session, @env) + replace(session) + @loaded = true + end + end + + DEFAULT_OPTIONS = { + :key => '_session_id', + :path => '/', + :domain => nil, + :expire_after => nil, + :secure => false, + :httponly => true, + :cookie_only => true + } + + def initialize(app, options = {}) + # Process legacy CGI options + options = options.symbolize_keys + if options.has_key?(:session_path) + options[:path] = options.delete(:session_path) + end + if options.has_key?(:session_key) + options[:key] = options.delete(:session_key) + end + if options.has_key?(:session_http_only) + options[:httponly] = options.delete(:session_http_only) + end + + @app = app + @default_options = DEFAULT_OPTIONS.merge(options) + @key = @default_options[:key] + @cookie_only = @default_options[:cookie_only] + end + + def call(env) + session = SessionHash.new(self, env) + + env[ENV_SESSION_KEY] = session + env[ENV_SESSION_OPTIONS_KEY] = @default_options.dup + + response = @app.call(env) + + session_data = env[ENV_SESSION_KEY] + if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) + options = env[ENV_SESSION_OPTIONS_KEY] + + if session_data.is_a?(AbstractStore::SessionHash) + sid = session_data.id + else + sid = generate_sid + end + + unless set_session(env, sid, session_data.to_hash) + return response + end + + cookie = Rack::Utils.escape(@key) + '=' + Rack::Utils.escape(sid) + cookie << "; domain=#{options[:domain]}" if options[:domain] + cookie << "; path=#{options[:path]}" if options[:path] + if options[:expire_after] + expiry = Time.now + options[:expire_after] + cookie << "; expires=#{expiry.httpdate}" + end + cookie << "; Secure" if options[:secure] + cookie << "; HttpOnly" if options[:httponly] + + headers = response[1] + case a = headers[SET_COOKIE] + when Array + a << cookie + when String + headers[SET_COOKIE] = [a, cookie] + when nil + headers[SET_COOKIE] = cookie + end + end + + response + end + + private + def generate_sid + ActiveSupport::SecureRandom.hex(16) + end + + def load_session(env) + request = Rack::Request.new(env) + sid = request.cookies[@key] + unless @cookie_only + sid ||= request.params[@key] + end + sid, session = get_session(env, sid) + [sid, session] + end + + def get_session(env, sid) + raise '#get_session needs to be implemented.' + end + + def set_session(env, sid, session_data) + raise '#set_session needs to be implemented.' + end + end + end +end diff --git a/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb new file mode 100644 index 0000000000..293fbca7cf --- /dev/null +++ b/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb @@ -0,0 +1,222 @@ +module ActionDispatch + module Session + # This cookie-based session store is the Rails default. Sessions typically + # contain at most a user_id and flash message; both fit within the 4K cookie + # size limit. Cookie-based sessions are dramatically faster than the + # alternatives. + # + # If you have more than 4K of session data or don't want your data to be + # visible to the user, pick another session store. + # + # CookieOverflow is raised if you attempt to store more than 4K of data. + # + # A message digest is included with the cookie to ensure data integrity: + # a user cannot alter his +user_id+ without knowing the secret key + # included in the hash. New apps are generated with a pregenerated secret + # in config/environment.rb. Set your own for old apps you're upgrading. + # + # Session options: + # + # * :secret: An application-wide key string or block returning a + # string called per generated digest. The block is called with the + # CGI::Session instance as an argument. It's important that the secret + # is not vulnerable to a dictionary attack. Therefore, you should choose + # a secret consisting of random numbers and letters and more than 30 + # characters. Examples: + # + # :secret => '449fe2e7daee471bffae2fd8dc02313d' + # :secret => Proc.new { User.current_user.secret_key } + # + # * :digest: The message digest algorithm used to verify session + # integrity defaults to 'SHA1' but may be any digest provided by OpenSSL, + # such as 'MD5', 'RIPEMD160', 'SHA256', etc. + # + # To generate a secret key for an existing application, run + # "rake secret" and set the key in config/environment.rb. + # + # Note that changing digest or secret invalidates all existing sessions! + class CookieStore + # Cookies can typically store 4096 bytes. + MAX = 4096 + SECRET_MIN_LENGTH = 30 # characters + + DEFAULT_OPTIONS = { + :key => '_session_id', + :domain => nil, + :path => "/", + :expire_after => nil, + :httponly => true + }.freeze + + ENV_SESSION_KEY = "rack.session".freeze + ENV_SESSION_OPTIONS_KEY = "rack.session.options".freeze + HTTP_SET_COOKIE = "Set-Cookie".freeze + + # Raised when storing more than 4K of session data. + class CookieOverflow < StandardError; end + + def initialize(app, options = {}) + # Process legacy CGI options + options = options.symbolize_keys + if options.has_key?(:session_path) + options[:path] = options.delete(:session_path) + end + if options.has_key?(:session_key) + options[:key] = options.delete(:session_key) + end + if options.has_key?(:session_http_only) + options[:httponly] = options.delete(:session_http_only) + end + + @app = app + + # The session_key option is required. + ensure_session_key(options[:key]) + @key = options.delete(:key).freeze + + # The secret option is required. + ensure_secret_secure(options[:secret]) + @secret = options.delete(:secret).freeze + + @digest = options.delete(:digest) || 'SHA1' + @verifier = verifier_for(@secret, @digest) + + @default_options = DEFAULT_OPTIONS.merge(options).freeze + + freeze + end + + def call(env) + env[ENV_SESSION_KEY] = AbstractStore::SessionHash.new(self, env) + env[ENV_SESSION_OPTIONS_KEY] = @default_options + + status, headers, body = @app.call(env) + + session_data = env[ENV_SESSION_KEY] + if !session_data.is_a?(AbstractStore::SessionHash) || session_data.send(:loaded?) + session_data = marshal(session_data.to_hash) + + raise CookieOverflow if session_data.size > MAX + + options = env[ENV_SESSION_OPTIONS_KEY] + cookie = Hash.new + cookie[:value] = session_data + unless options[:expire_after].nil? + cookie[:expires] = Time.now + options[:expire_after] + end + + cookie = build_cookie(@key, cookie.merge(options)) + case headers[HTTP_SET_COOKIE] + when Array + headers[HTTP_SET_COOKIE] << cookie + when String + headers[HTTP_SET_COOKIE] = [headers[HTTP_SET_COOKIE], cookie] + when nil + headers[HTTP_SET_COOKIE] = cookie + end + end + + [status, headers, body] + end + + private + # Should be in Rack::Utils soon + def build_cookie(key, value) + case value + when Hash + domain = "; domain=" + value[:domain] if value[:domain] + path = "; path=" + value[:path] if value[:path] + # According to RFC 2109, we need dashes here. + # N.B.: cgi.rb uses spaces... + expires = "; expires=" + value[:expires].clone.gmtime. + strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires] + secure = "; secure" if value[:secure] + httponly = "; httponly" if value[:httponly] + value = value[:value] + end + value = [value] unless Array === value + cookie = Rack::Utils.escape(key) + "=" + + value.map { |v| Rack::Utils.escape(v) }.join("&") + + "#{domain}#{path}#{expires}#{secure}#{httponly}" + end + + def load_session(env) + request = Rack::Request.new(env) + session_data = request.cookies[@key] + data = unmarshal(session_data) || persistent_session_id!({}) + [data[:session_id], data] + end + + # Marshal a session hash into safe cookie data. Include an integrity hash. + def marshal(session) + @verifier.generate(persistent_session_id!(session)) + end + + # Unmarshal cookie data to a hash and verify its integrity. + def unmarshal(cookie) + persistent_session_id!(@verifier.verify(cookie)) if cookie + rescue ActiveSupport::MessageVerifier::InvalidSignature + nil + end + + def ensure_session_key(key) + if key.blank? + raise ArgumentError, 'A key is required to write a ' + + 'cookie containing the session data. Use ' + + 'config.action_controller.session = { :key => ' + + '"_myapp_session", :secret => "some secret phrase" } in ' + + 'config/environment.rb' + end + end + + # To prevent users from using something insecure like "Password" we make sure that the + # secret they've provided is at least 30 characters in length. + def ensure_secret_secure(secret) + # There's no way we can do this check if they've provided a proc for the + # secret. + return true if secret.is_a?(Proc) + + if secret.blank? + raise ArgumentError, "A secret is required to generate an " + + "integrity hash for cookie session data. Use " + + "config.action_controller.session = { :key => " + + "\"_myapp_session\", :secret => \"some secret phrase of at " + + "least #{SECRET_MIN_LENGTH} characters\" } " + + "in config/environment.rb" + end + + if secret.length < SECRET_MIN_LENGTH + raise ArgumentError, "Secret should be something secure, " + + "like \"#{ActiveSupport::SecureRandom.hex(16)}\". The value you " + + "provided, \"#{secret}\", is shorter than the minimum length " + + "of #{SECRET_MIN_LENGTH} characters" + end + end + + def verifier_for(secret, digest) + key = secret.respond_to?(:call) ? secret.call : secret + ActiveSupport::MessageVerifier.new(key, digest) + end + + def generate_sid + ActiveSupport::SecureRandom.hex(16) + end + + def persistent_session_id!(data) + (data ||= {}).merge!(inject_persistent_session_id(data)) + end + + def inject_persistent_session_id(data) + requires_session_id?(data) ? { :session_id => generate_sid } : {} + end + + def requires_session_id?(data) + if data + data.respond_to?(:key?) && !data.key?(:session_id) + else + true + end + end + end + end +end diff --git a/actionpack/lib/action_dispatch/middleware/session/mem_cache_store.rb b/actionpack/lib/action_dispatch/middleware/session/mem_cache_store.rb new file mode 100644 index 0000000000..8f448970d9 --- /dev/null +++ b/actionpack/lib/action_dispatch/middleware/session/mem_cache_store.rb @@ -0,0 +1,51 @@ +begin + require_library_or_gem 'memcache' + + module ActionDispatch + module Session + class MemCacheStore < AbstractStore + def initialize(app, options = {}) + # Support old :expires option + options[:expire_after] ||= options[:expires] + + super + + @default_options = { + :namespace => 'rack:session', + :memcache_server => 'localhost:11211' + }.merge(@default_options) + + @pool = options[:cache] || MemCache.new(@default_options[:memcache_server], @default_options) + unless @pool.servers.any? { |s| s.alive? } + raise "#{self} unable to find server during initialization." + end + @mutex = Mutex.new + + super + end + + private + def get_session(env, sid) + sid ||= generate_sid + begin + session = @pool.get(sid) || {} + rescue MemCache::MemCacheError, Errno::ECONNREFUSED + session = {} + end + [sid, session] + end + + def set_session(env, sid, session_data) + options = env['rack.session.options'] + expiry = options[:expire_after] || 0 + @pool.set(sid, session_data, expiry) + return true + rescue MemCache::MemCacheError, Errno::ECONNREFUSED + return false + end + end + end + end +rescue LoadError + # MemCache wasn't available so neither can the store be +end diff --git a/actionpack/lib/action_dispatch/rack.rb b/actionpack/lib/action_dispatch/rack.rb new file mode 100644 index 0000000000..69df9dac06 --- /dev/null +++ b/actionpack/lib/action_dispatch/rack.rb @@ -0,0 +1,3 @@ +require 'action_dispatch/rack/lock' +require 'action_dispatch/rack/multipart' +require 'action_dispatch/rack/parse_query' diff --git a/actionpack/lib/action_dispatch/rack/lock.rb b/actionpack/lib/action_dispatch/rack/lock.rb new file mode 100644 index 0000000000..9bf1889065 --- /dev/null +++ b/actionpack/lib/action_dispatch/rack/lock.rb @@ -0,0 +1,21 @@ +module Rack + # Rack::Lock was commited to Rack core + # http://github.com/rack/rack/commit/7409b0c + # Remove this when Rack 1.0 is released + unless defined? Lock + class Lock + FLAG = 'rack.multithread'.freeze + + def initialize(app, lock = Mutex.new) + @app, @lock = app, lock + end + + def call(env) + old, env[FLAG] = env[FLAG], false + @lock.synchronize { @app.call(env) } + ensure + env[FLAG] = old + end + end + end +end diff --git a/actionpack/lib/action_dispatch/rack/multipart.rb b/actionpack/lib/action_dispatch/rack/multipart.rb new file mode 100644 index 0000000000..3b142307e9 --- /dev/null +++ b/actionpack/lib/action_dispatch/rack/multipart.rb @@ -0,0 +1,22 @@ +module Rack + module Utils + module Multipart + class << self + def parse_multipart_with_rewind(env) + result = parse_multipart_without_rewind(env) + + begin + env['rack.input'].rewind if env['rack.input'].respond_to?(:rewind) + rescue Errno::ESPIPE + # Handles exceptions raised by input streams that cannot be rewound + # such as when using plain CGI under Apache + end + + result + end + + alias_method_chain :parse_multipart, :rewind + end + end + end +end diff --git a/actionpack/lib/action_dispatch/rack/parse_query.rb b/actionpack/lib/action_dispatch/rack/parse_query.rb new file mode 100644 index 0000000000..2f21a57770 --- /dev/null +++ b/actionpack/lib/action_dispatch/rack/parse_query.rb @@ -0,0 +1,18 @@ +# Rack does not automatically cleanup Safari 2 AJAX POST body +# This has not yet been commited to Rack, please +1 this ticket: +# http://rack.lighthouseapp.com/projects/22435/tickets/19 + +module Rack + module Utils + alias_method :parse_query_without_ajax_body_cleanup, :parse_query + module_function :parse_query_without_ajax_body_cleanup + + def parse_query(qs, d = '&;') + qs = qs.dup + qs.chop! if qs[-1] == 0 + qs.gsub!(/&_=$/, '') + parse_query_without_ajax_body_cleanup(qs, d) + end + module_function :parse_query + end +end diff --git a/actionpack/lib/action_dispatch/utils/middleware_stack.rb b/actionpack/lib/action_dispatch/utils/middleware_stack.rb new file mode 100644 index 0000000000..924e3dbbc2 --- /dev/null +++ b/actionpack/lib/action_dispatch/utils/middleware_stack.rb @@ -0,0 +1,109 @@ +module ActionDispatch + class MiddlewareStack < Array + class Middleware + def self.new(klass, *args, &block) + if klass.is_a?(self) + klass + else + super + end + end + + attr_reader :args, :block + + def initialize(klass, *args, &block) + @klass = klass + + options = args.extract_options! + if options.has_key?(:if) + @conditional = options.delete(:if) + else + @conditional = true + end + args << options unless options.empty? + + @args = args + @block = block + end + + def klass + if @klass.is_a?(Class) + @klass + else + @klass.to_s.constantize + end + rescue NameError + @klass + end + + def active? + if @conditional.respond_to?(:call) + @conditional.call + else + @conditional + end + end + + def ==(middleware) + case middleware + when Middleware + klass == middleware.klass + when Class + klass == middleware + else + klass == middleware.to_s.constantize + end + end + + def inspect + str = klass.to_s + args.each { |arg| str += ", #{arg.inspect}" } + str + end + + def build(app) + if block + klass.new(app, *args, &block) + else + klass.new(app, *args) + end + end + end + + def initialize(*args, &block) + super(*args) + block.call(self) if block_given? + end + + def insert(index, *args, &block) + index = self.index(index) unless index.is_a?(Integer) + middleware = Middleware.new(*args, &block) + super(index, middleware) + end + + alias_method :insert_before, :insert + + def insert_after(index, *args, &block) + index = self.index(index) unless index.is_a?(Integer) + insert(index + 1, *args, &block) + end + + def swap(target, *args, &block) + insert_before(target, *args, &block) + delete(target) + end + + def use(*args, &block) + middleware = Middleware.new(*args, &block) + push(middleware) + end + + def active + find_all { |middleware| middleware.active? } + end + + def build(app) + active.reverse.inject(app) { |a, e| e.build(a) } + end + end +end diff --git a/actionpack/lib/action_dispatch/utils/uploaded_file.rb b/actionpack/lib/action_dispatch/utils/uploaded_file.rb new file mode 100644 index 0000000000..97dffa089f --- /dev/null +++ b/actionpack/lib/action_dispatch/utils/uploaded_file.rb @@ -0,0 +1,44 @@ +module ActionDispatch + module UploadedFile + def self.included(base) + base.class_eval do + attr_accessor :original_path, :content_type + alias_method :local_path, :path + end + end + + def self.extended(object) + object.class_eval do + attr_accessor :original_path, :content_type + alias_method :local_path, :path + end + end + + # Take the basename of the upload's original filename. + # This handles the full Windows paths given by Internet Explorer + # (and perhaps other broken user agents) without affecting + # those which give the lone filename. + # The Windows regexp is adapted from Perl's File::Basename. + def original_filename + unless defined? @original_filename + @original_filename = + unless original_path.blank? + if original_path =~ /^(?:.*[:\\\/])?(.*)/m + $1 + else + File.basename original_path + end + end + end + @original_filename + end + end + + class UploadedStringIO < StringIO + include UploadedFile + end + + class UploadedTempfile < Tempfile + include UploadedFile + end +end diff --git a/actionpack/lib/action_dispatch/utils/url_encoded_pair_parser.rb b/actionpack/lib/action_dispatch/utils/url_encoded_pair_parser.rb new file mode 100644 index 0000000000..f2e832a977 --- /dev/null +++ b/actionpack/lib/action_dispatch/utils/url_encoded_pair_parser.rb @@ -0,0 +1,155 @@ +module ActionDispatch + class UrlEncodedPairParser < StringScanner #:nodoc: + class << self + def parse_query_parameters(query_string) + return {} if query_string.blank? + + pairs = query_string.split('&').collect do |chunk| + next if chunk.empty? + key, value = chunk.split('=', 2) + next if key.empty? + value = value.nil? ? nil : CGI.unescape(value) + [ CGI.unescape(key), value ] + end.compact + + new(pairs).result + end + + def parse_hash_parameters(params) + parser = new + + params = params.dup + until params.empty? + for key, value in params + if key.blank? + params.delete(key) + elsif value.is_a?(Array) + parser.parse(key, get_typed_value(value.shift)) + params.delete(key) if value.empty? + else + parser.parse(key, get_typed_value(value)) + params.delete(key) + end + end + end + + parser.result + end + + private + def get_typed_value(value) + case value + when String + value + when NilClass + '' + when Array + value.map { |v| get_typed_value(v) } + when Hash + if value.has_key?(:tempfile) && value[:filename].any? + upload = value[:tempfile] + upload.extend(UploadedFile) + upload.original_path = value[:filename] + upload.content_type = value[:type] + upload + else + nil + end + else + raise "Unknown form value: #{value.inspect}" + end + end + end + + attr_reader :top, :parent, :result + + def initialize(pairs = []) + super('') + @result = {} + pairs.each { |key, value| parse(key, value) } + end + + KEY_REGEXP = %r{([^\[\]=&]+)} + BRACKETED_KEY_REGEXP = %r{\[([^\[\]=&]+)\]} + + # Parse the query string + def parse(key, value) + self.string = key + @top, @parent = result, nil + + # First scan the bare key + key = scan(KEY_REGEXP) or return + key = post_key_check(key) + + # Then scan as many nestings as present + until eos? + r = scan(BRACKETED_KEY_REGEXP) or return + key = self[1] + key = post_key_check(key) + end + + bind(key, value) + end + + private + # After we see a key, we must look ahead to determine our next action. Cases: + # + # [] follows the key. Then the value must be an array. + # = follows the key. (A value comes next) + # & or the end of string follows the key. Then the key is a flag. + # otherwise, a hash follows the key. + def post_key_check(key) + if scan(/\[\]/) # a[b][] indicates that b is an array + container(key, Array) + nil + elsif check(/\[[^\]]/) # a[b] indicates that a is a hash + container(key, Hash) + nil + else # End of key? We do nothing. + key + end + end + + # Add a container to the stack. + def container(key, klass) + type_conflict! klass, top[key] if top.is_a?(Hash) && top.key?(key) && ! top[key].is_a?(klass) + value = bind(key, klass.new) + type_conflict! klass, value unless value.is_a?(klass) + push(value) + end + + # Push a value onto the 'stack', which is actually only the top 2 items. + def push(value) + @parent, @top = @top, value + end + + # Bind a key (which may be nil for items in an array) to the provided value. + def bind(key, value) + if top.is_a? Array + if key + if top[-1].is_a?(Hash) && ! top[-1].key?(key) + top[-1][key] = value + else + top << {key => value}.with_indifferent_access + end + push top.last + return top[key] + else + top << value + return value + end + elsif top.is_a? Hash + key = CGI.unescape(key) + parent << (@top = {}) if top.key?(key) && parent.is_a?(Array) + top[key] ||= value + return top[key] + else + raise ArgumentError, "Don't know what to do: top is #{top.inspect}" + end + end + + def type_conflict!(klass, value) + raise TypeError, "Conflicting types for parameter containers. Expected an instance of #{klass} but found an instance of #{value.class}. This can be caused by colliding Array and Hash parameters like qs[]=value&qs[key]=value. (The parameters received were #{value.inspect}.)" + end + end +end diff --git a/actionpack/test/controller/dispatcher_test.rb b/actionpack/test/controller/dispatcher_test.rb index 7cd4e71aa1..6b409c9ae2 100644 --- a/actionpack/test/controller/dispatcher_test.rb +++ b/actionpack/test/controller/dispatcher_test.rb @@ -46,7 +46,7 @@ class DispatcherTest < Test::Unit::TestCase def test_failsafe_response Dispatcher.any_instance.expects(:dispatch).raises('b00m') - ActionController::Failsafe.any_instance.expects(:log_failsafe_exception) + ActionDispatch::Failsafe.any_instance.expects(:log_failsafe_exception) assert_nothing_raised do assert_equal [ diff --git a/actionpack/test/controller/header_test.rb b/actionpack/test/controller/header_test.rb index 33c14a187c..4f13ea00be 100644 --- a/actionpack/test/controller/header_test.rb +++ b/actionpack/test/controller/header_test.rb @@ -2,7 +2,7 @@ require 'abstract_unit' class HeaderTest < Test::Unit::TestCase def setup - @headers = ActionController::Http::Headers.new("HTTP_CONTENT_TYPE"=>"text/plain") + @headers = ActionDispatch::Http::Headers.new("HTTP_CONTENT_TYPE"=>"text/plain") end def test_content_type_works diff --git a/actionpack/test/controller/middleware_stack_test.rb b/actionpack/test/controller/middleware_stack_test.rb index 2a141697da..e5496c848b 100644 --- a/actionpack/test/controller/middleware_stack_test.rb +++ b/actionpack/test/controller/middleware_stack_test.rb @@ -6,7 +6,7 @@ class MiddlewareStackTest < ActiveSupport::TestCase class BazMiddleware; end def setup - @stack = ActionController::MiddlewareStack.new + @stack = ActionDispatch::MiddlewareStack.new @stack.use FooMiddleware @stack.use BarMiddleware end diff --git a/actionpack/test/controller/rack_test.rb b/actionpack/test/controller/rack_test.rb index 8ad42614b4..c29902c722 100644 --- a/actionpack/test/controller/rack_test.rb +++ b/actionpack/test/controller/rack_test.rb @@ -43,10 +43,10 @@ class BaseRackTest < Test::Unit::TestCase "REDIRECT_STATUS" => "200", "REQUEST_METHOD" => "GET" } - @request = ActionController::Request.new(@env) + @request = ActionDispatch::Request.new(@env) # some Nokia phone browsers omit the space after the semicolon separator. # some developers have grown accustomed to using comma in cookie values. - @alt_cookie_fmt_request = ActionController::Request.new(@env.merge({"HTTP_COOKIE"=>"_session_id=c84ace847,96670c052c6ceb2451fb0f2;is_admin=yes"})) + @alt_cookie_fmt_request = ActionDispatch::Request.new(@env.merge({"HTTP_COOKIE"=>"_session_id=c84ace847,96670c052c6ceb2451fb0f2;is_admin=yes"})) end def default_test; end @@ -195,7 +195,7 @@ class RackRequestNeedsRewoundTest < BaseRackTest @env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded; charset=utf-8' # Read the request body by parsing params. - request = ActionController::Request.new(@env) + request = ActionDispatch::Request.new(@env) request.request_parameters # Should have rewound the body. @@ -206,7 +206,7 @@ end class RackResponseTest < BaseRackTest def setup super - @response = ActionController::Response.new + @response = ActionDispatch::Response.new end def test_simple_output @@ -252,7 +252,7 @@ end class RackResponseHeadersTest < BaseRackTest def setup super - @response = ActionController::Response.new + @response = ActionDispatch::Response.new @response.status = "200 OK" end diff --git a/actionpack/test/controller/render_test.rb b/actionpack/test/controller/render_test.rb index 11b502a564..a339bb524c 100644 --- a/actionpack/test/controller/render_test.rb +++ b/actionpack/test/controller/render_test.rb @@ -1223,7 +1223,7 @@ class RenderTest < ActionController::TestCase assert !@response.headers.include?('Content-Length') assert_response :no_content - ActionController::StatusCodes::SYMBOL_TO_STATUS_CODE.each do |status, code| + ActionDispatch::StatusCodes::SYMBOL_TO_STATUS_CODE.each do |status, code| get :head_with_symbolic_status, :status => status.to_s assert_equal code, @response.response_code assert_response status @@ -1231,7 +1231,7 @@ class RenderTest < ActionController::TestCase end def test_head_with_integer_status - ActionController::StatusCodes::STATUS_CODES.each do |code, message| + ActionDispatch::StatusCodes::STATUS_CODES.each do |code, message| get :head_with_integer_status, :status => code.to_s assert_equal message, @response.message end diff --git a/actionpack/test/controller/request/multipart_params_parsing_test.rb b/actionpack/test/controller/request/multipart_params_parsing_test.rb index 054519d0d2..5b9728cc42 100644 --- a/actionpack/test/controller/request/multipart_params_parsing_test.rb +++ b/actionpack/test/controller/request/multipart_params_parsing_test.rb @@ -215,7 +215,7 @@ class MultipartParamsParsingTest < ActionController::IntegrationTest def with_muck_middleware original_middleware = ActionController::Dispatcher.middleware middleware = original_middleware.dup - middleware.insert_after ActionController::RewindableInput, MuckMiddleware + middleware.insert_after ActionDispatch::RewindableInput, MuckMiddleware ActionController::Dispatcher.middleware = middleware yield ActionController::Dispatcher.middleware = original_middleware diff --git a/actionpack/test/controller/request/url_encoded_params_parsing_test.rb b/actionpack/test/controller/request/url_encoded_params_parsing_test.rb index 89239687de..9f0535bbcc 100644 --- a/actionpack/test/controller/request/url_encoded_params_parsing_test.rb +++ b/actionpack/test/controller/request/url_encoded_params_parsing_test.rb @@ -195,7 +195,7 @@ class UrlEncodedParamsParsingTest < ActionController::IntegrationTest def with_muck_middleware original_middleware = ActionController::Dispatcher.middleware middleware = original_middleware.dup - middleware.insert_after ActionController::RewindableInput, MuckMiddleware + middleware.insert_after ActionDispatch::RewindableInput, MuckMiddleware ActionController::Dispatcher.middleware = middleware yield ActionController::Dispatcher.middleware = original_middleware diff --git a/actionpack/test/controller/rescue_test.rb b/actionpack/test/controller/rescue_test.rb index 9f6b45f065..a2a2a3ee29 100644 --- a/actionpack/test/controller/rescue_test.rb +++ b/actionpack/test/controller/rescue_test.rb @@ -393,7 +393,7 @@ class RescueControllerTest < ActionController::TestCase def test_rescue_dispatcher_exceptions_without_request_set @request.env['REQUEST_URI'] = '/no_way' response = RescueController.call_with_exception(@request.env, ActionController::RoutingError.new("Route not found")) - assert_kind_of ActionController::Response, response + assert_kind_of ActionDispatch::Response, response assert_equal "no way", response.body end diff --git a/actionpack/test/controller/session/cookie_store_test.rb b/actionpack/test/controller/session/cookie_store_test.rb index b6a38f47aa..d77be31c9a 100644 --- a/actionpack/test/controller/session/cookie_store_test.rb +++ b/actionpack/test/controller/session/cookie_store_test.rb @@ -6,7 +6,7 @@ class CookieStoreTest < ActionController::IntegrationTest SessionSecret = 'b3c631c314c0bbca50c1b2843150fe33' DispatcherApp = ActionController::Dispatcher.new - CookieStoreApp = ActionController::Session::CookieStore.new(DispatcherApp, + CookieStoreApp = ActionDispatch::Session::CookieStore.new(DispatcherApp, :key => SessionKey, :secret => SessionSecret) Verifier = ActiveSupport::MessageVerifier.new(SessionSecret, 'SHA1') @@ -51,41 +51,41 @@ class CookieStoreTest < ActionController::IntegrationTest def test_raises_argument_error_if_missing_session_key assert_raise(ArgumentError, nil.inspect) { - ActionController::Session::CookieStore.new(nil, + ActionDispatch::Session::CookieStore.new(nil, :key => nil, :secret => SessionSecret) } assert_raise(ArgumentError, ''.inspect) { - ActionController::Session::CookieStore.new(nil, + ActionDispatch::Session::CookieStore.new(nil, :key => '', :secret => SessionSecret) } end def test_raises_argument_error_if_missing_secret assert_raise(ArgumentError, nil.inspect) { - ActionController::Session::CookieStore.new(nil, + ActionDispatch::Session::CookieStore.new(nil, :key => SessionKey, :secret => nil) } assert_raise(ArgumentError, ''.inspect) { - ActionController::Session::CookieStore.new(nil, + ActionDispatch::Session::CookieStore.new(nil, :key => SessionKey, :secret => '') } end def test_raises_argument_error_if_secret_is_probably_insecure assert_raise(ArgumentError, "password".inspect) { - ActionController::Session::CookieStore.new(nil, + ActionDispatch::Session::CookieStore.new(nil, :key => SessionKey, :secret => "password") } assert_raise(ArgumentError, "secret".inspect) { - ActionController::Session::CookieStore.new(nil, + ActionDispatch::Session::CookieStore.new(nil, :key => SessionKey, :secret => "secret") } assert_raise(ArgumentError, "12345678901234567890123456789".inspect) { - ActionController::Session::CookieStore.new(nil, + ActionDispatch::Session::CookieStore.new(nil, :key => SessionKey, :secret => "12345678901234567890123456789") } end @@ -119,7 +119,7 @@ class CookieStoreTest < ActionController::IntegrationTest def test_close_raises_when_data_overflows with_test_route_set do - assert_raise(ActionController::Session::CookieStore::CookieOverflow) { + assert_raise(ActionDispatch::Session::CookieStore::CookieOverflow) { get '/raise_data_overflow' } end diff --git a/actionpack/test/controller/session/mem_cache_store_test.rb b/actionpack/test/controller/session/mem_cache_store_test.rb index eb896a344c..2e2bf79148 100644 --- a/actionpack/test/controller/session/mem_cache_store_test.rb +++ b/actionpack/test/controller/session/mem_cache_store_test.rb @@ -26,7 +26,7 @@ class MemCacheStoreTest < ActionController::IntegrationTest begin DispatcherApp = ActionController::Dispatcher.new - MemCacheStoreApp = ActionController::Session::MemCacheStore.new( + MemCacheStoreApp = ActionDispatch::Session::MemCacheStore.new( DispatcherApp, :key => '_session_id') diff --git a/activerecord/lib/active_record/session_store.rb b/activerecord/lib/active_record/session_store.rb index 5e45cf65ab..74d91f129e 100644 --- a/activerecord/lib/active_record/session_store.rb +++ b/activerecord/lib/active_record/session_store.rb @@ -40,7 +40,7 @@ module ActiveRecord # # The example SqlBypass class is a generic SQL session store. You may # use it as a basis for high-performance database-specific stores. - class SessionStore < ActionController::Session::AbstractStore + class SessionStore < ActionDispatch::Session::AbstractStore # The default Active Record class. class Session < ActiveRecord::Base ## -- cgit v1.2.3 From 85750f22c90c914a429116fb908990c5a2c68379 Mon Sep 17 00:00:00 2001 From: Joshua Peek Date: Wed, 28 Jan 2009 22:50:46 -0600 Subject: Move dispatch related tests into test/dispatch --- actionpack/Rakefile | 2 +- actionpack/test/controller/header_test.rb | 14 - .../test/controller/middleware_stack_test.rb | 76 ---- actionpack/test/controller/mime_type_test.rb | 93 ----- actionpack/test/controller/rack_test.rb | 280 -------------- .../controller/request/json_params_parsing_test.rb | 45 --- .../request/multipart_params_parsing_test.rb | 223 ----------- .../request/query_string_parsing_test.rb | 120 ------ .../request/url_encoded_params_parsing_test.rb | 220 ----------- .../controller/request/xml_params_parsing_test.rb | 88 ----- actionpack/test/controller/request_test.rb | 407 -------------------- actionpack/test/dispatch/header_test.rb | 16 + actionpack/test/dispatch/middleware_stack_test.rb | 76 ++++ actionpack/test/dispatch/mime_type_test.rb | 96 +++++ actionpack/test/dispatch/rack_test.rb | 279 ++++++++++++++ .../dispatch/request/json_params_parsing_test.rb | 45 +++ .../request/multipart_params_parsing_test.rb | 223 +++++++++++ .../dispatch/request/query_string_parsing_test.rb | 120 ++++++ .../request/url_encoded_params_parsing_test.rb | 220 +++++++++++ .../dispatch/request/xml_params_parsing_test.rb | 88 +++++ actionpack/test/dispatch/request_test.rb | 409 +++++++++++++++++++++ 21 files changed, 1573 insertions(+), 1567 deletions(-) delete mode 100644 actionpack/test/controller/header_test.rb delete mode 100644 actionpack/test/controller/middleware_stack_test.rb delete mode 100644 actionpack/test/controller/mime_type_test.rb delete mode 100644 actionpack/test/controller/rack_test.rb delete mode 100644 actionpack/test/controller/request/json_params_parsing_test.rb delete mode 100644 actionpack/test/controller/request/multipart_params_parsing_test.rb delete mode 100644 actionpack/test/controller/request/query_string_parsing_test.rb delete mode 100644 actionpack/test/controller/request/url_encoded_params_parsing_test.rb delete mode 100644 actionpack/test/controller/request/xml_params_parsing_test.rb delete mode 100644 actionpack/test/controller/request_test.rb create mode 100644 actionpack/test/dispatch/header_test.rb create mode 100644 actionpack/test/dispatch/middleware_stack_test.rb create mode 100644 actionpack/test/dispatch/mime_type_test.rb create mode 100644 actionpack/test/dispatch/rack_test.rb create mode 100644 actionpack/test/dispatch/request/json_params_parsing_test.rb create mode 100644 actionpack/test/dispatch/request/multipart_params_parsing_test.rb create mode 100644 actionpack/test/dispatch/request/query_string_parsing_test.rb create mode 100644 actionpack/test/dispatch/request/url_encoded_params_parsing_test.rb create mode 100644 actionpack/test/dispatch/request/xml_params_parsing_test.rb create mode 100644 actionpack/test/dispatch/request_test.rb diff --git a/actionpack/Rakefile b/actionpack/Rakefile index c389e5a8d6..230a78c069 100644 --- a/actionpack/Rakefile +++ b/actionpack/Rakefile @@ -30,7 +30,7 @@ Rake::TestTask.new(:test_action_pack) do |t| # make sure we include the tests in alphabetical order as on some systems # this will not happen automatically and the tests (as a whole) will error - t.test_files = Dir.glob( "test/[cft]*/**/*_test.rb" ).sort + t.test_files = Dir.glob( "test/[cdft]*/**/*_test.rb" ).sort t.verbose = true #t.warning = true diff --git a/actionpack/test/controller/header_test.rb b/actionpack/test/controller/header_test.rb deleted file mode 100644 index 4f13ea00be..0000000000 --- a/actionpack/test/controller/header_test.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'abstract_unit' - -class HeaderTest < Test::Unit::TestCase - def setup - @headers = ActionDispatch::Http::Headers.new("HTTP_CONTENT_TYPE"=>"text/plain") - end - - def test_content_type_works - assert_equal "text/plain", @headers["Content-Type"] - assert_equal "text/plain", @headers["content-type"] - assert_equal "text/plain", @headers["CONTENT_TYPE"] - assert_equal "text/plain", @headers["HTTP_CONTENT_TYPE"] - end -end diff --git a/actionpack/test/controller/middleware_stack_test.rb b/actionpack/test/controller/middleware_stack_test.rb deleted file mode 100644 index e5496c848b..0000000000 --- a/actionpack/test/controller/middleware_stack_test.rb +++ /dev/null @@ -1,76 +0,0 @@ -require 'abstract_unit' - -class MiddlewareStackTest < ActiveSupport::TestCase - class FooMiddleware; end - class BarMiddleware; end - class BazMiddleware; end - - def setup - @stack = ActionDispatch::MiddlewareStack.new - @stack.use FooMiddleware - @stack.use BarMiddleware - end - - test "use should push middleware as class onto the stack" do - assert_difference "@stack.size" do - @stack.use BazMiddleware - end - assert_equal BazMiddleware, @stack.last.klass - end - - test "use should push middleware as a string onto the stack" do - assert_difference "@stack.size" do - @stack.use "MiddlewareStackTest::BazMiddleware" - end - assert_equal BazMiddleware, @stack.last.klass - end - - test "use should push middleware as a symbol onto the stack" do - assert_difference "@stack.size" do - @stack.use :"MiddlewareStackTest::BazMiddleware" - end - assert_equal BazMiddleware, @stack.last.klass - end - - test "use should push middleware class with arguments onto the stack" do - assert_difference "@stack.size" do - @stack.use BazMiddleware, true, :foo => "bar" - end - assert_equal BazMiddleware, @stack.last.klass - assert_equal([true, {:foo => "bar"}], @stack.last.args) - end - - test "insert inserts middleware at the integer index" do - @stack.insert(1, BazMiddleware) - assert_equal BazMiddleware, @stack[1].klass - end - - test "insert_after inserts middleware after the integer index" do - @stack.insert_after(1, BazMiddleware) - assert_equal BazMiddleware, @stack[2].klass - end - - test "insert_before inserts middleware before another middleware class" do - @stack.insert_before(BarMiddleware, BazMiddleware) - assert_equal BazMiddleware, @stack[1].klass - end - - test "insert_after inserts middleware after another middleware class" do - @stack.insert_after(BarMiddleware, BazMiddleware) - assert_equal BazMiddleware, @stack[2].klass - end - - test "swaps one middleware out for another" do - assert_equal FooMiddleware, @stack[0].klass - @stack.swap(FooMiddleware, BazMiddleware) - assert_equal BazMiddleware, @stack[0].klass - end - - test "active returns all only enabled middleware" do - assert_no_difference "@stack.active.size" do - assert_difference "@stack.size" do - @stack.use BazMiddleware, :if => lambda { false } - end - end - end -end diff --git a/actionpack/test/controller/mime_type_test.rb b/actionpack/test/controller/mime_type_test.rb deleted file mode 100644 index c7faa621d9..0000000000 --- a/actionpack/test/controller/mime_type_test.rb +++ /dev/null @@ -1,93 +0,0 @@ -require 'abstract_unit' - -class MimeTypeTest < Test::Unit::TestCase - Mime::Type.register "image/png", :png - Mime::Type.register "application/pdf", :pdf - - def test_parse_single - Mime::LOOKUP.keys.each do |mime_type| - assert_equal [Mime::Type.lookup(mime_type)], Mime::Type.parse(mime_type) - end - end - - def test_parse_without_q - accept = "text/xml,application/xhtml+xml,text/yaml,application/xml,text/html,image/png,text/plain,application/pdf,*/*" - expect = [Mime::HTML, Mime::XML, Mime::YAML, Mime::PNG, Mime::TEXT, Mime::PDF, Mime::ALL] - assert_equal expect, Mime::Type.parse(accept) - end - - def test_parse_with_q - accept = "text/xml,application/xhtml+xml,text/yaml; q=0.3,application/xml,text/html; q=0.8,image/png,text/plain; q=0.5,application/pdf,*/*; q=0.2" - expect = [Mime::HTML, Mime::XML, Mime::PNG, Mime::PDF, Mime::TEXT, Mime::YAML, Mime::ALL] - assert_equal expect, Mime::Type.parse(accept) - end - - # Accept header send with user HTTP_USER_AGENT: Sunrise/0.42j (Windows XP) - def test_parse_crappy_broken_acceptlines - accept = "text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/*,,*/*;q=0.5" - expect = [Mime::HTML, Mime::XML, "image/*", Mime::TEXT, Mime::ALL] - assert_equal expect, Mime::Type.parse(accept).collect { |c| c.to_s } - end - - # Accept header send with user HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1) - def test_parse_crappy_broken_acceptlines2 - accept = "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, , pronto/1.00.00, sslvpn/1.00.00.00, */*" - expect = ['image/gif', 'image/x-xbitmap', 'image/jpeg','image/pjpeg', 'application/x-shockwave-flash', 'application/vnd.ms-excel', 'application/vnd.ms-powerpoint', 'application/msword', 'pronto/1.00.00', 'sslvpn/1.00.00.00', Mime::ALL ] - assert_equal expect, Mime::Type.parse(accept).collect { |c| c.to_s } - end - - def test_custom_type - Mime::Type.register("image/gif", :gif) - assert_nothing_raised do - Mime::GIF - assert_equal Mime::GIF, Mime::SET.last - end - ensure - Mime.module_eval { remove_const :GIF if const_defined?(:GIF) } - end - - def test_type_should_be_equal_to_symbol - assert_equal Mime::HTML, 'application/xhtml+xml' - assert_equal Mime::HTML, :html - end - - def test_type_convenience_methods - # Don't test Mime::ALL, since it Mime::ALL#html? == true - types = Mime::SET.to_a.map(&:to_sym).uniq - [:all] - - # Remove custom Mime::Type instances set in other tests, like Mime::GIF and Mime::IPHONE - types.delete_if { |type| !Mime.const_defined?(type.to_s.upcase) } - - types.each do |type| - mime = Mime.const_get(type.to_s.upcase) - assert mime.send("#{type}?"), "#{mime.inspect} is not #{type}?" - invalid_types = types - [type] - invalid_types.delete(:html) if Mime::Type.html_types.include?(type) - invalid_types.each { |other_type| assert !mime.send("#{other_type}?"), "#{mime.inspect} is #{other_type}?" } - end - end - - def test_mime_all_is_html - assert Mime::ALL.all?, "Mime::ALL is not all?" - assert Mime::ALL.html?, "Mime::ALL is not html?" - end - - def test_verifiable_mime_types - all_types = Mime::SET.to_a.map(&:to_sym) - all_types.uniq! - # Remove custom Mime::Type instances set in other tests, like Mime::GIF and Mime::IPHONE - all_types.delete_if { |type| !Mime.const_defined?(type.to_s.upcase) } - verified, unverified = all_types.partition { |type| Mime::Type.browser_generated_types.include? type } - assert verified.each { |type| assert Mime.const_get(type.to_s.upcase).verify_request?, "Verifiable Mime Type is not verified: #{type.inspect}" } - assert unverified.each { |type| assert !Mime.const_get(type.to_s.upcase).verify_request?, "Nonverifiable Mime Type is verified: #{type.inspect}" } - end - - def test_regexp_matcher - assert Mime::JS =~ "text/javascript" - assert Mime::JS =~ "application/javascript" - assert Mime::JS !~ "text/html" - assert !(Mime::JS !~ "text/javascript") - assert !(Mime::JS !~ "application/javascript") - assert Mime::HTML =~ 'application/xhtml+xml' - end -end diff --git a/actionpack/test/controller/rack_test.rb b/actionpack/test/controller/rack_test.rb deleted file mode 100644 index c29902c722..0000000000 --- a/actionpack/test/controller/rack_test.rb +++ /dev/null @@ -1,280 +0,0 @@ -require 'abstract_unit' - -class BaseRackTest < Test::Unit::TestCase - def setup - @env = { - "HTTP_MAX_FORWARDS" => "10", - "SERVER_NAME" => "glu.ttono.us", - "FCGI_ROLE" => "RESPONDER", - "AUTH_TYPE" => "Basic", - "HTTP_X_FORWARDED_HOST" => "glu.ttono.us", - "HTTP_ACCEPT_CHARSET" => "UTF-8", - "HTTP_ACCEPT_ENCODING" => "gzip, deflate", - "HTTP_CACHE_CONTROL" => "no-cache, max-age=0", - "HTTP_PRAGMA" => "no-cache", - "HTTP_USER_AGENT" => "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en)", - "PATH_INFO" => "/homepage/", - "HTTP_ACCEPT_LANGUAGE" => "en", - "HTTP_NEGOTIATE" => "trans", - "HTTP_HOST" => "glu.ttono.us:8007", - "HTTP_REFERER" => "http://www.google.com/search?q=glu.ttono.us", - "HTTP_FROM" => "googlebot", - "SERVER_PROTOCOL" => "HTTP/1.1", - "REDIRECT_URI" => "/dispatch.fcgi", - "SCRIPT_NAME" => "/dispatch.fcgi", - "SERVER_ADDR" => "207.7.108.53", - "REMOTE_ADDR" => "207.7.108.53", - "REMOTE_HOST" => "google.com", - "REMOTE_IDENT" => "kevin", - "REMOTE_USER" => "kevin", - "SERVER_SOFTWARE" => "lighttpd/1.4.5", - "HTTP_COOKIE" => "_session_id=c84ace84796670c052c6ceb2451fb0f2; is_admin=yes", - "HTTP_X_FORWARDED_SERVER" => "glu.ttono.us", - "REQUEST_URI" => "/admin", - "DOCUMENT_ROOT" => "/home/kevinc/sites/typo/public", - "PATH_TRANSLATED" => "/home/kevinc/sites/typo/public/homepage/", - "SERVER_PORT" => "8007", - "QUERY_STRING" => "", - "REMOTE_PORT" => "63137", - "GATEWAY_INTERFACE" => "CGI/1.1", - "HTTP_X_FORWARDED_FOR" => "65.88.180.234", - "HTTP_ACCEPT" => "*/*", - "SCRIPT_FILENAME" => "/home/kevinc/sites/typo/public/dispatch.fcgi", - "REDIRECT_STATUS" => "200", - "REQUEST_METHOD" => "GET" - } - @request = ActionDispatch::Request.new(@env) - # some Nokia phone browsers omit the space after the semicolon separator. - # some developers have grown accustomed to using comma in cookie values. - @alt_cookie_fmt_request = ActionDispatch::Request.new(@env.merge({"HTTP_COOKIE"=>"_session_id=c84ace847,96670c052c6ceb2451fb0f2;is_admin=yes"})) - end - - def default_test; end - - private - - def set_content_data(data) - @request.env['REQUEST_METHOD'] = 'POST' - @request.env['CONTENT_LENGTH'] = data.length - @request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded; charset=utf-8' - @request.env['rack.input'] = StringIO.new(data) - end -end - -class RackRequestTest < BaseRackTest - def test_proxy_request - assert_equal 'glu.ttono.us', @request.host_with_port(true) - end - - def test_http_host - @env.delete "HTTP_X_FORWARDED_HOST" - @env['HTTP_HOST'] = "rubyonrails.org:8080" - assert_equal "rubyonrails.org", @request.host(true) - assert_equal "rubyonrails.org:8080", @request.host_with_port(true) - - @env['HTTP_X_FORWARDED_HOST'] = "www.firsthost.org, www.secondhost.org" - assert_equal "www.secondhost.org", @request.host(true) - end - - def test_http_host_with_default_port_overrides_server_port - @env.delete "HTTP_X_FORWARDED_HOST" - @env['HTTP_HOST'] = "rubyonrails.org" - assert_equal "rubyonrails.org", @request.host_with_port(true) - end - - def test_host_with_port_defaults_to_server_name_if_no_host_headers - @env.delete "HTTP_X_FORWARDED_HOST" - @env.delete "HTTP_HOST" - assert_equal "glu.ttono.us:8007", @request.host_with_port(true) - end - - def test_host_with_port_falls_back_to_server_addr_if_necessary - @env.delete "HTTP_X_FORWARDED_HOST" - @env.delete "HTTP_HOST" - @env.delete "SERVER_NAME" - assert_equal "207.7.108.53", @request.host(true) - assert_equal 8007, @request.port(true) - assert_equal "207.7.108.53:8007", @request.host_with_port(true) - end - - def test_host_with_port_if_http_standard_port_is_specified - @env['HTTP_X_FORWARDED_HOST'] = "glu.ttono.us:80" - assert_equal "glu.ttono.us", @request.host_with_port(true) - end - - def test_host_with_port_if_https_standard_port_is_specified - @env['HTTP_X_FORWARDED_PROTO'] = "https" - @env['HTTP_X_FORWARDED_HOST'] = "glu.ttono.us:443" - assert_equal "glu.ttono.us", @request.host_with_port(true) - end - - def test_host_if_ipv6_reference - @env.delete "HTTP_X_FORWARDED_HOST" - @env['HTTP_HOST'] = "[2001:1234:5678:9abc:def0::dead:beef]" - assert_equal "[2001:1234:5678:9abc:def0::dead:beef]", @request.host(true) - end - - def test_host_if_ipv6_reference_with_port - @env.delete "HTTP_X_FORWARDED_HOST" - @env['HTTP_HOST'] = "[2001:1234:5678:9abc:def0::dead:beef]:8008" - assert_equal "[2001:1234:5678:9abc:def0::dead:beef]", @request.host(true) - end - - def test_cgi_environment_variables - assert_equal "Basic", @request.auth_type - assert_equal 0, @request.content_length - assert_equal nil, @request.content_type - assert_equal "CGI/1.1", @request.gateway_interface - assert_equal "*/*", @request.accept - assert_equal "UTF-8", @request.accept_charset - assert_equal "gzip, deflate", @request.accept_encoding - assert_equal "en", @request.accept_language - assert_equal "no-cache, max-age=0", @request.cache_control - assert_equal "googlebot", @request.from - assert_equal "glu.ttono.us", @request.host - assert_equal "trans", @request.negotiate - assert_equal "no-cache", @request.pragma - assert_equal "http://www.google.com/search?q=glu.ttono.us", @request.referer - assert_equal "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en)", @request.user_agent - assert_equal "/homepage/", @request.path_info - assert_equal "/home/kevinc/sites/typo/public/homepage/", @request.path_translated - assert_equal "", @request.query_string - assert_equal "207.7.108.53", @request.remote_addr - assert_equal "google.com", @request.remote_host - assert_equal "kevin", @request.remote_ident - assert_equal "kevin", @request.remote_user - assert_equal :get, @request.request_method - assert_equal "/dispatch.fcgi", @request.script_name - assert_equal "glu.ttono.us", @request.server_name - assert_equal 8007, @request.server_port - assert_equal "HTTP/1.1", @request.server_protocol - assert_equal "lighttpd", @request.server_software - end - - def test_cookie_syntax_resilience - cookies = @request.cookies - assert_equal "c84ace84796670c052c6ceb2451fb0f2", cookies["_session_id"], cookies.inspect - assert_equal "yes", cookies["is_admin"], cookies.inspect - - alt_cookies = @alt_cookie_fmt_request.cookies - #assert_equal "c84ace847,96670c052c6ceb2451fb0f2", alt_cookies["_session_id"], alt_cookies.inspect - assert_equal "yes", alt_cookies["is_admin"], alt_cookies.inspect - end -end - -class RackRequestParamsParsingTest < BaseRackTest - def test_doesnt_break_when_content_type_has_charset - set_content_data 'flamenco=love' - - assert_equal({"flamenco"=> "love"}, @request.request_parameters) - end - - def test_doesnt_interpret_request_uri_as_query_string_when_missing - @request.env['REQUEST_URI'] = 'foo' - assert_equal({}, @request.query_parameters) - end -end - -class RackRequestContentTypeTest < BaseRackTest - def test_html_content_type_verification - @request.env['CONTENT_TYPE'] = Mime::HTML.to_s - assert @request.content_type.verify_request? - end - - def test_xml_content_type_verification - @request.env['CONTENT_TYPE'] = Mime::XML.to_s - assert !@request.content_type.verify_request? - end -end - -class RackRequestNeedsRewoundTest < BaseRackTest - def test_body_should_be_rewound - data = 'foo' - @env['rack.input'] = StringIO.new(data) - @env['CONTENT_LENGTH'] = data.length - @env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded; charset=utf-8' - - # Read the request body by parsing params. - request = ActionDispatch::Request.new(@env) - request.request_parameters - - # Should have rewound the body. - assert_equal 0, request.body.pos - end -end - -class RackResponseTest < BaseRackTest - def setup - super - @response = ActionDispatch::Response.new - end - - def test_simple_output - @response.body = "Hello, World!" - @response.prepare! - - status, headers, body = @response.to_a - assert_equal 200, status - assert_equal({ - "Content-Type" => "text/html; charset=utf-8", - "Cache-Control" => "private, max-age=0, must-revalidate", - "ETag" => '"65a8e27d8879283831b664bd8b7f0ad4"', - "Set-Cookie" => [], - "Content-Length" => "13" - }, headers) - - parts = [] - body.each { |part| parts << part } - assert_equal ["Hello, World!"], parts - end - - def test_streaming_block - @response.body = Proc.new do |response, output| - 5.times { |n| output.write(n) } - end - @response.prepare! - - status, headers, body = @response.to_a - assert_equal 200, status - assert_equal({ - "Content-Type" => "text/html; charset=utf-8", - "Content-Length" => "", - "Cache-Control" => "no-cache", - "Set-Cookie" => [] - }, headers) - - parts = [] - body.each { |part| parts << part } - assert_equal ["0", "1", "2", "3", "4"], parts - end -end - -class RackResponseHeadersTest < BaseRackTest - def setup - super - @response = ActionDispatch::Response.new - @response.status = "200 OK" - end - - def test_content_type - [204, 304].each do |c| - @response.status = c.to_s - assert !response_headers.has_key?("Content-Type"), "#{c} should not have Content-Type header" - end - - [200, 302, 404, 500].each do |c| - @response.status = c.to_s - assert response_headers.has_key?("Content-Type"), "#{c} did not have Content-Type header" - end - end - - def test_status - assert !response_headers.has_key?('Status') - end - - private - def response_headers - @response.prepare! - @response.to_a[1] - end -end diff --git a/actionpack/test/controller/request/json_params_parsing_test.rb b/actionpack/test/controller/request/json_params_parsing_test.rb deleted file mode 100644 index a3dde72c4e..0000000000 --- a/actionpack/test/controller/request/json_params_parsing_test.rb +++ /dev/null @@ -1,45 +0,0 @@ -require 'abstract_unit' - -class JsonParamsParsingTest < ActionController::IntegrationTest - class TestController < ActionController::Base - class << self - attr_accessor :last_request_parameters - end - - def parse - self.class.last_request_parameters = request.request_parameters - head :ok - end - end - - def teardown - TestController.last_request_parameters = nil - end - - test "parses json params for application json" do - assert_parses( - {"person" => {"name" => "David"}}, - "{\"person\": {\"name\": \"David\"}}", { 'CONTENT_TYPE' => 'application/json' } - ) - end - - test "parses json params for application jsonrequest" do - assert_parses( - {"person" => {"name" => "David"}}, - "{\"person\": {\"name\": \"David\"}}", { 'CONTENT_TYPE' => 'application/jsonrequest' } - ) - end - - private - def assert_parses(expected, actual, headers = {}) - with_routing do |set| - set.draw do |map| - map.connect ':action', :controller => "json_params_parsing_test/test" - end - - post "/parse", actual, headers - assert_response :ok - assert_equal(expected, TestController.last_request_parameters) - end - end -end diff --git a/actionpack/test/controller/request/multipart_params_parsing_test.rb b/actionpack/test/controller/request/multipart_params_parsing_test.rb deleted file mode 100644 index 5b9728cc42..0000000000 --- a/actionpack/test/controller/request/multipart_params_parsing_test.rb +++ /dev/null @@ -1,223 +0,0 @@ -require 'abstract_unit' - -class MultipartParamsParsingTest < ActionController::IntegrationTest - class TestController < ActionController::Base - class << self - attr_accessor :last_request_parameters - end - - def parse - self.class.last_request_parameters = request.request_parameters - head :ok - end - - def read - render :text => "File: #{params[:uploaded_data].read}" - end - end - - FIXTURE_PATH = File.dirname(__FILE__) + '/../../fixtures/multipart' - - def teardown - TestController.last_request_parameters = nil - end - - test "parses single parameter" do - assert_equal({ 'foo' => 'bar' }, parse_multipart('single_parameter')) - end - - test "parses bracketed parameters" do - assert_equal({ 'foo' => { 'baz' => 'bar'}}, parse_multipart('bracketed_param')) - end - - test "parses text file" do - params = parse_multipart('text_file') - assert_equal %w(file foo), params.keys.sort - assert_equal 'bar', params['foo'] - - file = params['file'] - assert_kind_of Tempfile, file - assert_equal 'file.txt', file.original_filename - assert_equal "text/plain", file.content_type - assert_equal 'contents', file.read - end - - test "parses boundary problem file" do - params = parse_multipart('boundary_problem_file') - assert_equal %w(file foo), params.keys.sort - - file = params['file'] - foo = params['foo'] - - assert_kind_of Tempfile, file - - assert_equal 'file.txt', file.original_filename - assert_equal "text/plain", file.content_type - - assert_equal 'bar', foo - end - - test "parses large text file" do - params = parse_multipart('large_text_file') - assert_equal %w(file foo), params.keys.sort - assert_equal 'bar', params['foo'] - - file = params['file'] - - assert_kind_of Tempfile, file - - assert_equal 'file.txt', file.original_filename - assert_equal "text/plain", file.content_type - assert ('a' * 20480) == file.read - end - - test "parses binary file" do - params = parse_multipart('binary_file') - assert_equal %w(file flowers foo), params.keys.sort - assert_equal 'bar', params['foo'] - - file = params['file'] - assert_kind_of Tempfile, file - assert_equal 'file.csv', file.original_filename - assert_nil file.content_type - assert_equal 'contents', file.read - - file = params['flowers'] - assert_kind_of Tempfile, file - assert_equal 'flowers.jpg', file.original_filename - assert_equal "image/jpeg", file.content_type - assert_equal 19512, file.size - end - - test "parses mixed files" do - params = parse_multipart('mixed_files') - assert_equal %w(files foo), params.keys.sort - assert_equal 'bar', params['foo'] - - # Ruby CGI doesn't handle multipart/mixed for us. - files = params['files'] - assert_kind_of String, files - files.force_encoding('ASCII-8BIT') if files.respond_to?(:force_encoding) - assert_equal 19756, files.size - end - - test "does not create tempfile if no file has been selected" do - params = parse_multipart('none') - assert_equal %w(files submit-name), params.keys.sort - assert_equal 'Larry', params['submit-name'] - assert_equal nil, params['files'] - end - - test "parses empty upload file" do - params = parse_multipart('empty') - assert_equal %w(files submit-name), params.keys.sort - assert_equal 'Larry', params['submit-name'] - assert params['files'] - assert_equal "", params['files'].read - end - - test "uploads and reads binary file" do - with_test_routing do - fixture = FIXTURE_PATH + "/mona_lisa.jpg" - params = { :uploaded_data => fixture_file_upload(fixture, "image/jpg") } - post '/read', params - expected_length = 'File: '.length + File.size(fixture) - assert_equal expected_length, response.content_length - end - end - - test "uploads and reads file" do - with_test_routing do - post '/read', :uploaded_data => fixture_file_upload(FIXTURE_PATH + "/hello.txt", "text/plain") - assert_equal "File: Hello", response.body - end - end - - # The lint wrapper is used in integration tests - # instead of a normal StringIO class - InputWrapper = Rack::Lint::InputWrapper - - test "parses unwindable stream" do - InputWrapper.any_instance.stubs(:rewind).raises(Errno::ESPIPE) - params = parse_multipart('large_text_file') - assert_equal %w(file foo), params.keys.sort - assert_equal 'bar', params['foo'] - end - - test "uploads and reads file with unwindable input" do - InputWrapper.any_instance.stubs(:rewind).raises(Errno::ESPIPE) - - with_test_routing do - post '/read', :uploaded_data => fixture_file_upload(FIXTURE_PATH + "/hello.txt", "text/plain") - assert_equal "File: Hello", response.body - end - end - - test "passes through rack middleware and uploads file" do - with_muck_middleware do - with_test_routing do - post '/read', :uploaded_data => fixture_file_upload(FIXTURE_PATH + "/hello.txt", "text/plain") - assert_equal "File: Hello", response.body - end - end - end - - test "passes through rack middleware and uploads file with unwindable input" do - InputWrapper.any_instance.stubs(:rewind).raises(Errno::ESPIPE) - - with_muck_middleware do - with_test_routing do - post '/read', :uploaded_data => fixture_file_upload(FIXTURE_PATH + "/hello.txt", "text/plain") - assert_equal "File: Hello", response.body - end - end - end - - private - def fixture(name) - File.open(File.join(FIXTURE_PATH, name), 'rb') do |file| - { "rack.input" => file.read, - "CONTENT_TYPE" => "multipart/form-data; boundary=AaB03x", - "CONTENT_LENGTH" => file.stat.size.to_s } - end - end - - def parse_multipart(name) - with_test_routing do - headers = fixture(name) - post "/parse", headers.delete("rack.input"), headers - assert_response :ok - TestController.last_request_parameters - end - end - - def with_test_routing - with_routing do |set| - set.draw do |map| - map.connect ':action', :controller => "multipart_params_parsing_test/test" - end - yield - end - end - - class MuckMiddleware - def initialize(app) - @app = app - end - - def call(env) - req = Rack::Request.new(env) - req.params # Parse params - @app.call(env) - end - end - - def with_muck_middleware - original_middleware = ActionController::Dispatcher.middleware - middleware = original_middleware.dup - middleware.insert_after ActionDispatch::RewindableInput, MuckMiddleware - ActionController::Dispatcher.middleware = middleware - yield - ActionController::Dispatcher.middleware = original_middleware - end -end diff --git a/actionpack/test/controller/request/query_string_parsing_test.rb b/actionpack/test/controller/request/query_string_parsing_test.rb deleted file mode 100644 index a31e326ddf..0000000000 --- a/actionpack/test/controller/request/query_string_parsing_test.rb +++ /dev/null @@ -1,120 +0,0 @@ -require 'abstract_unit' - -class QueryStringParsingTest < ActionController::IntegrationTest - class TestController < ActionController::Base - class << self - attr_accessor :last_query_parameters - end - - def parse - self.class.last_query_parameters = request.query_parameters - head :ok - end - end - - def teardown - TestController.last_query_parameters = nil - end - - test "query string" do - assert_parses( - {"action" => "create_customer", "full_name" => "David Heinemeier Hansson", "customerId" => "1"}, - "action=create_customer&full_name=David%20Heinemeier%20Hansson&customerId=1" - ) - end - - test "deep query string" do - assert_parses( - {'x' => {'y' => {'z' => '10'}}}, - "x[y][z]=10" - ) - end - - test "deep query string with array" do - assert_parses({'x' => {'y' => {'z' => ['10']}}}, 'x[y][z][]=10') - assert_parses({'x' => {'y' => {'z' => ['10', '5']}}}, 'x[y][z][]=10&x[y][z][]=5') - end - - test "deep query string with array of hash" do - assert_parses({'x' => {'y' => [{'z' => '10'}]}}, 'x[y][][z]=10') - assert_parses({'x' => {'y' => [{'z' => '10', 'w' => '10'}]}}, 'x[y][][z]=10&x[y][][w]=10') - assert_parses({'x' => {'y' => [{'z' => '10', 'v' => {'w' => '10'}}]}}, 'x[y][][z]=10&x[y][][v][w]=10') - end - - test "deep query string with array of hashes with one pair" do - assert_parses({'x' => {'y' => [{'z' => '10'}, {'z' => '20'}]}}, 'x[y][][z]=10&x[y][][z]=20') - end - - test "deep query string with array of hashes with multiple pairs" do - assert_parses( - {'x' => {'y' => [{'z' => '10', 'w' => 'a'}, {'z' => '20', 'w' => 'b'}]}}, - 'x[y][][z]=10&x[y][][w]=a&x[y][][z]=20&x[y][][w]=b' - ) - end - - test "query string with nil" do - assert_parses( - { "action" => "create_customer", "full_name" => ''}, - "action=create_customer&full_name=" - ) - end - - test "query string with array" do - assert_parses( - { "action" => "create_customer", "selected" => ["1", "2", "3"]}, - "action=create_customer&selected[]=1&selected[]=2&selected[]=3" - ) - end - - test "query string with amps" do - assert_parses( - { "action" => "create_customer", "name" => "Don't & Does"}, - "action=create_customer&name=Don%27t+%26+Does" - ) - end - - test "query string with many equal" do - assert_parses( - { "action" => "create_customer", "full_name" => "abc=def=ghi"}, - "action=create_customer&full_name=abc=def=ghi" - ) - end - - test "query string without equal" do - assert_parses({ "action" => nil }, "action") - end - - test "query string with empty key" do - assert_parses( - { "action" => "create_customer", "full_name" => "David Heinemeier Hansson" }, - "action=create_customer&full_name=David%20Heinemeier%20Hansson&=Save" - ) - end - - test "query string with many ampersands" do - assert_parses( - { "action" => "create_customer", "full_name" => "David Heinemeier Hansson"}, - "&action=create_customer&&&full_name=David%20Heinemeier%20Hansson" - ) - end - - test "unbalanced query string with array" do - assert_parses( - {'location' => ["1", "2"], 'age_group' => ["2"]}, - "location[]=1&location[]=2&age_group[]=2" - ) - end - - private - def assert_parses(expected, actual) - with_routing do |set| - set.draw do |map| - map.connect ':action', :controller => "query_string_parsing_test/test" - end - - get "/parse", actual - assert_response :ok - assert_equal(expected, TestController.last_query_parameters) - end - end -end diff --git a/actionpack/test/controller/request/url_encoded_params_parsing_test.rb b/actionpack/test/controller/request/url_encoded_params_parsing_test.rb deleted file mode 100644 index 9f0535bbcc..0000000000 --- a/actionpack/test/controller/request/url_encoded_params_parsing_test.rb +++ /dev/null @@ -1,220 +0,0 @@ -require 'abstract_unit' - -class UrlEncodedParamsParsingTest < ActionController::IntegrationTest - class TestController < ActionController::Base - class << self - attr_accessor :last_request_parameters, :last_request_type - end - - def parse - self.class.last_request_parameters = request.request_parameters - head :ok - end - end - - def teardown - TestController.last_request_parameters = nil - end - - test "parses unbalanced query string with array" do - assert_parses( - {'location' => ["1", "2"], 'age_group' => ["2"]}, - "location[]=1&location[]=2&age_group[]=2" - ) - end - - test "parses nested hash" do - query = [ - "note[viewers][viewer][][type]=User", - "note[viewers][viewer][][id]=1", - "note[viewers][viewer][][type]=Group", - "note[viewers][viewer][][id]=2" - ].join("&") - - expected = { "note" => { "viewers"=>{"viewer"=>[{ "id"=>"1", "type"=>"User"}, {"type"=>"Group", "id"=>"2"} ]} } } - assert_parses(expected, query) - end - - test "parses more complex nesting" do - query = [ - "customers[boston][first][name]=David", - "customers[boston][first][url]=http://David", - "customers[boston][second][name]=Allan", - "customers[boston][second][url]=http://Allan", - "something_else=blah", - "something_nil=", - "something_empty=", - "products[first]=Apple Computer", - "products[second]=Pc", - "=Save" - ].join("&") - - expected = { - "customers" => { - "boston" => { - "first" => { - "name" => "David", - "url" => "http://David" - }, - "second" => { - "name" => "Allan", - "url" => "http://Allan" - } - } - }, - "something_else" => "blah", - "something_empty" => "", - "something_nil" => "", - "products" => { - "first" => "Apple Computer", - "second" => "Pc" - } - } - - assert_parses expected, query - end - - test "parses params with array" do - query = "selected[]=1&selected[]=2&selected[]=3" - expected = { "selected" => [ "1", "2", "3" ] } - assert_parses expected, query - end - - test "parses params with non alphanumeric name" do - query = "a/b[c]=d" - expected = { "a/b" => { "c" => "d" }} - assert_parses expected, query - end - - test "parses params with single brackets in the middle" do - query = "a/b[c]d=e" - expected = { "a/b" => {} } - assert_parses expected, query - end - - test "parses params with separated brackets" do - query = "a/b@[c]d[e]=f" - expected = { "a/b@" => { }} - assert_parses expected, query - end - - test "parses params with separated brackets and array" do - query = "a/b@[c]d[e][]=f" - expected = { "a/b@" => { }} - assert_parses expected, query - end - - test "parses params with unmatched brackets and array" do - query = "a/b@[c][d[e][]=f" - expected = { "a/b@" => { "c" => { }}} - assert_parses expected, query - end - - test "parses params with nil key" do - query = "=&test2=value1" - expected = { "test2" => "value1" } - assert_parses expected, query - end - - test "parses params with array prefix and hashes" do - query = "a[][b][c]=d" - expected = {"a" => [{"b" => {"c" => "d"}}]} - assert_parses expected, query - end - - test "parses params with complex nesting" do - query = "a[][b][c][][d][]=e" - expected = {"a" => [{"b" => {"c" => [{"d" => ["e"]}]}}]} - assert_parses expected, query - end - - test "parses params with file path" do - query = [ - "customers[boston][first][name]=David", - "something_else=blah", - "logo=#{File.expand_path(__FILE__)}" - ].join("&") - - expected = { - "customers" => { - "boston" => { - "first" => { - "name" => "David" - } - } - }, - "something_else" => "blah", - "logo" => File.expand_path(__FILE__), - } - - assert_parses expected, query - end - - test "parses params with Safari 2 trailing null character" do - query = "selected[]=1&selected[]=2&selected[]=3\0" - expected = { "selected" => [ "1", "2", "3" ] } - assert_parses expected, query - end - - test "parses params with Prototype's hack around Safari 2 trailing null character" do - query = "selected[]=1&selected[]=2&selected[]=3&_=" - expected = { "selected" => [ "1", "2", "3" ] } - assert_parses expected, query - end - - test "passes through rack middleware and parses params" do - with_muck_middleware do - assert_parses({ "a" => { "b" => "c" } }, "a[b]=c") - end - end - - # The lint wrapper is used in integration tests - # instead of a normal StringIO class - InputWrapper = Rack::Lint::InputWrapper - - test "passes through rack middleware and parses params with unwindable input" do - InputWrapper.any_instance.stubs(:rewind).raises(Errno::ESPIPE) - with_muck_middleware do - assert_parses({ "a" => { "b" => "c" } }, "a[b]=c") - end - end - - private - class MuckMiddleware - def initialize(app) - @app = app - end - - def call(env) - req = Rack::Request.new(env) - req.params # Parse params - @app.call(env) - end - end - - def with_muck_middleware - original_middleware = ActionController::Dispatcher.middleware - middleware = original_middleware.dup - middleware.insert_after ActionDispatch::RewindableInput, MuckMiddleware - ActionController::Dispatcher.middleware = middleware - yield - ActionController::Dispatcher.middleware = original_middleware - end - - def with_test_routing - with_routing do |set| - set.draw do |map| - map.connect ':action', :controller => "url_encoded_params_parsing_test/test" - end - yield - end - end - - def assert_parses(expected, actual) - with_test_routing do - post "/parse", actual - assert_response :ok - assert_equal(expected, TestController.last_request_parameters) - end - end -end diff --git a/actionpack/test/controller/request/xml_params_parsing_test.rb b/actionpack/test/controller/request/xml_params_parsing_test.rb deleted file mode 100644 index ee764e726e..0000000000 --- a/actionpack/test/controller/request/xml_params_parsing_test.rb +++ /dev/null @@ -1,88 +0,0 @@ -require 'abstract_unit' - -class XmlParamsParsingTest < ActionController::IntegrationTest - class TestController < ActionController::Base - class << self - attr_accessor :last_request_parameters - end - - def parse - self.class.last_request_parameters = request.request_parameters - head :ok - end - end - - def teardown - TestController.last_request_parameters = nil - end - - test "parses hash params" do - with_test_routing do - xml = "David" - post "/parse", xml, default_headers - assert_response :ok - assert_equal({"person" => {"name" => "David"}}, TestController.last_request_parameters) - end - end - - test "parses single file" do - with_test_routing do - xml = "David#{ActiveSupport::Base64.encode64('ABC')}" - post "/parse", xml, default_headers - assert_response :ok - - person = TestController.last_request_parameters - assert_equal "image/jpg", person['person']['avatar'].content_type - assert_equal "me.jpg", person['person']['avatar'].original_filename - assert_equal "ABC", person['person']['avatar'].read - end - end - - test "parses multiple files" do - xml = <<-end_body - - David - - #{ActiveSupport::Base64.encode64('ABC')} - #{ActiveSupport::Base64.encode64('DEF')} - - - end_body - - with_test_routing do - post "/parse", xml, default_headers - assert_response :ok - end - - person = TestController.last_request_parameters - - assert_equal "image/jpg", person['person']['avatars']['avatar'].first.content_type - assert_equal "me.jpg", person['person']['avatars']['avatar'].first.original_filename - assert_equal "ABC", person['person']['avatars']['avatar'].first.read - - assert_equal "image/gif", person['person']['avatars']['avatar'].last.content_type - assert_equal "you.gif", person['person']['avatars']['avatar'].last.original_filename - assert_equal "DEF", person['person']['avatars']['avatar'].last.read - end - - private - def with_test_routing - with_routing do |set| - set.draw do |map| - map.connect ':action', :controller => "xml_params_parsing_test/test" - end - yield - end - end - - def default_headers - {'CONTENT_TYPE' => 'application/xml'} - end -end - -class LegacyXmlParamsParsingTest < XmlParamsParsingTest - private - def default_headers - {'HTTP_X_POST_DATA_FORMAT' => 'xml'} - end -end diff --git a/actionpack/test/controller/request_test.rb b/actionpack/test/controller/request_test.rb deleted file mode 100644 index 7097d08076..0000000000 --- a/actionpack/test/controller/request_test.rb +++ /dev/null @@ -1,407 +0,0 @@ -require 'abstract_unit' - -class RequestTest < ActiveSupport::TestCase - def setup - ActionController::Base.relative_url_root = nil - @request = ActionController::TestRequest.new - end - - def teardown - ActionController::Base.relative_url_root = nil - end - - def test_remote_ip - assert_equal '0.0.0.0', @request.remote_ip - - @request.remote_addr = '1.2.3.4' - assert_equal '1.2.3.4', @request.remote_ip(true) - - @request.remote_addr = '1.2.3.4,3.4.5.6' - assert_equal '1.2.3.4', @request.remote_ip(true) - - @request.env['HTTP_CLIENT_IP'] = '2.3.4.5' - assert_equal '1.2.3.4', @request.remote_ip(true) - - @request.remote_addr = '192.168.0.1' - assert_equal '2.3.4.5', @request.remote_ip(true) - @request.env.delete 'HTTP_CLIENT_IP' - - @request.remote_addr = '1.2.3.4' - @request.env['HTTP_X_FORWARDED_FOR'] = '3.4.5.6' - assert_equal '1.2.3.4', @request.remote_ip(true) - - @request.remote_addr = '127.0.0.1' - @request.env['HTTP_X_FORWARDED_FOR'] = '3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip(true) - - @request.env['HTTP_X_FORWARDED_FOR'] = 'unknown,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip(true) - - @request.env['HTTP_X_FORWARDED_FOR'] = '172.16.0.1,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip(true) - - @request.env['HTTP_X_FORWARDED_FOR'] = '192.168.0.1,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip(true) - - @request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip(true) - - @request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1, 10.0.0.1, 3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip(true) - - @request.env['HTTP_X_FORWARDED_FOR'] = '127.0.0.1,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip(true) - - @request.env['HTTP_X_FORWARDED_FOR'] = 'unknown,192.168.0.1' - assert_equal 'unknown', @request.remote_ip(true) - - @request.env['HTTP_X_FORWARDED_FOR'] = '9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4' - assert_equal '3.4.5.6', @request.remote_ip(true) - - @request.env['HTTP_CLIENT_IP'] = '8.8.8.8' - e = assert_raises(ActionController::ActionControllerError) { - @request.remote_ip(true) - } - assert_match /IP spoofing attack/, e.message - assert_match /HTTP_X_FORWARDED_FOR="9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4"/, e.message - assert_match /HTTP_CLIENT_IP="8.8.8.8"/, e.message - - # turn IP Spoofing detection off. - # This is useful for sites that are aimed at non-IP clients. The typical - # example is WAP. Since the cellular network is not IP based, it's a - # leap of faith to assume that their proxies are ever going to set the - # HTTP_CLIENT_IP/HTTP_X_FORWARDED_FOR headers properly. - ActionController::Base.ip_spoofing_check = false - assert_equal('8.8.8.8', @request.remote_ip(true)) - ActionController::Base.ip_spoofing_check = true - - @request.env['HTTP_X_FORWARDED_FOR'] = '8.8.8.8, 9.9.9.9' - assert_equal '8.8.8.8', @request.remote_ip(true) - - @request.env.delete 'HTTP_CLIENT_IP' - @request.env.delete 'HTTP_X_FORWARDED_FOR' - end - - def test_domains - @request.host = "www.rubyonrails.org" - assert_equal "rubyonrails.org", @request.domain - - @request.host = "www.rubyonrails.co.uk" - assert_equal "rubyonrails.co.uk", @request.domain(2) - - @request.host = "192.168.1.200" - assert_nil @request.domain - - @request.host = "foo.192.168.1.200" - assert_nil @request.domain - - @request.host = "192.168.1.200.com" - assert_equal "200.com", @request.domain - - @request.host = nil - assert_nil @request.domain - end - - def test_subdomains - @request.host = "www.rubyonrails.org" - assert_equal %w( www ), @request.subdomains - - @request.host = "www.rubyonrails.co.uk" - assert_equal %w( www ), @request.subdomains(2) - - @request.host = "dev.www.rubyonrails.co.uk" - assert_equal %w( dev www ), @request.subdomains(2) - - @request.host = "foobar.foobar.com" - assert_equal %w( foobar ), @request.subdomains - - @request.host = "192.168.1.200" - assert_equal [], @request.subdomains - - @request.host = "foo.192.168.1.200" - assert_equal [], @request.subdomains - - @request.host = "192.168.1.200.com" - assert_equal %w( 192 168 1 ), @request.subdomains - - @request.host = nil - assert_equal [], @request.subdomains - end - - def test_port_string - @request.port = 80 - assert_equal "", @request.port_string - - @request.port = 8080 - assert_equal ":8080", @request.port_string - end - - def test_request_uri - @request.env['SERVER_SOFTWARE'] = 'Apache 42.342.3432' - - @request.set_REQUEST_URI "http://www.rubyonrails.org/path/of/some/uri?mapped=1" - assert_equal "/path/of/some/uri?mapped=1", @request.request_uri - assert_equal "/path/of/some/uri", @request.path - - @request.set_REQUEST_URI "http://www.rubyonrails.org/path/of/some/uri" - assert_equal "/path/of/some/uri", @request.request_uri - assert_equal "/path/of/some/uri", @request.path - - @request.set_REQUEST_URI "/path/of/some/uri" - assert_equal "/path/of/some/uri", @request.request_uri - assert_equal "/path/of/some/uri", @request.path - - @request.set_REQUEST_URI "/" - assert_equal "/", @request.request_uri - assert_equal "/", @request.path - - @request.set_REQUEST_URI "/?m=b" - assert_equal "/?m=b", @request.request_uri - assert_equal "/", @request.path - - @request.set_REQUEST_URI "/" - @request.env['SCRIPT_NAME'] = "/dispatch.cgi" - assert_equal "/", @request.request_uri - assert_equal "/", @request.path - - ActionController::Base.relative_url_root = "/hieraki" - @request.set_REQUEST_URI "/hieraki/" - @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" - assert_equal "/hieraki/", @request.request_uri - assert_equal "/", @request.path - ActionController::Base.relative_url_root = nil - - ActionController::Base.relative_url_root = "/collaboration/hieraki" - @request.set_REQUEST_URI "/collaboration/hieraki/books/edit/2" - @request.env['SCRIPT_NAME'] = "/collaboration/hieraki/dispatch.cgi" - assert_equal "/collaboration/hieraki/books/edit/2", @request.request_uri - assert_equal "/books/edit/2", @request.path - ActionController::Base.relative_url_root = nil - - # The following tests are for when REQUEST_URI is not supplied (as in IIS) - @request.env['PATH_INFO'] = "/path/of/some/uri?mapped=1" - @request.env['SCRIPT_NAME'] = nil #"/path/dispatch.rb" - @request.set_REQUEST_URI nil - assert_equal "/path/of/some/uri?mapped=1", @request.request_uri - assert_equal "/path/of/some/uri", @request.path - - ActionController::Base.relative_url_root = '/path' - @request.env['PATH_INFO'] = "/path/of/some/uri?mapped=1" - @request.env['SCRIPT_NAME'] = "/path/dispatch.rb" - @request.set_REQUEST_URI nil - assert_equal "/path/of/some/uri?mapped=1", @request.request_uri(true) - assert_equal "/of/some/uri", @request.path(true) - ActionController::Base.relative_url_root = nil - - @request.env['PATH_INFO'] = "/path/of/some/uri" - @request.env['SCRIPT_NAME'] = nil - @request.set_REQUEST_URI nil - assert_equal "/path/of/some/uri", @request.request_uri - assert_equal "/path/of/some/uri", @request.path - - @request.env['PATH_INFO'] = "/" - @request.set_REQUEST_URI nil - assert_equal "/", @request.request_uri - assert_equal "/", @request.path - - @request.env['PATH_INFO'] = "/?m=b" - @request.set_REQUEST_URI nil - assert_equal "/?m=b", @request.request_uri - assert_equal "/", @request.path - - @request.env['PATH_INFO'] = "/" - @request.env['SCRIPT_NAME'] = "/dispatch.cgi" - @request.set_REQUEST_URI nil - assert_equal "/", @request.request_uri - assert_equal "/", @request.path - - ActionController::Base.relative_url_root = '/hieraki' - @request.env['PATH_INFO'] = "/hieraki/" - @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" - @request.set_REQUEST_URI nil - assert_equal "/hieraki/", @request.request_uri - assert_equal "/", @request.path - ActionController::Base.relative_url_root = nil - - @request.set_REQUEST_URI '/hieraki/dispatch.cgi' - ActionController::Base.relative_url_root = '/hieraki' - assert_equal "/dispatch.cgi", @request.path(true) - ActionController::Base.relative_url_root = nil - - @request.set_REQUEST_URI '/hieraki/dispatch.cgi' - ActionController::Base.relative_url_root = '/foo' - assert_equal "/hieraki/dispatch.cgi", @request.path(true) - ActionController::Base.relative_url_root = nil - - # This test ensures that Rails uses REQUEST_URI over PATH_INFO - ActionController::Base.relative_url_root = nil - @request.env['REQUEST_URI'] = "/some/path" - @request.env['PATH_INFO'] = "/another/path" - @request.env['SCRIPT_NAME'] = "/dispatch.cgi" - assert_equal "/some/path", @request.request_uri(true) - assert_equal "/some/path", @request.path(true) - end - - def test_host_with_default_port - @request.host = "rubyonrails.org" - @request.port = 80 - assert_equal "rubyonrails.org", @request.host_with_port - end - - def test_host_with_non_default_port - @request.host = "rubyonrails.org" - @request.port = 81 - assert_equal "rubyonrails.org:81", @request.host_with_port - end - - def test_server_software - assert_equal nil, @request.server_software(true) - - @request.env['SERVER_SOFTWARE'] = 'Apache3.422' - assert_equal 'apache', @request.server_software(true) - - @request.env['SERVER_SOFTWARE'] = 'lighttpd(1.1.4)' - assert_equal 'lighttpd', @request.server_software(true) - end - - def test_xml_http_request - assert !@request.xml_http_request? - assert !@request.xhr? - - @request.env['HTTP_X_REQUESTED_WITH'] = "DefinitelyNotAjax1.0" - assert !@request.xml_http_request? - assert !@request.xhr? - - @request.env['HTTP_X_REQUESTED_WITH'] = "XMLHttpRequest" - assert @request.xml_http_request? - assert @request.xhr? - end - - def test_reports_ssl - assert !@request.ssl? - @request.env['HTTPS'] = 'on' - assert @request.ssl? - end - - def test_reports_ssl_when_proxied_via_lighttpd - assert !@request.ssl? - @request.env['HTTP_X_FORWARDED_PROTO'] = 'https' - assert @request.ssl? - end - - def test_symbolized_request_methods - [:get, :post, :put, :delete].each do |method| - self.request_method = method - assert_equal method, @request.method - end - end - - def test_invalid_http_method_raises_exception - assert_raises(ActionController::UnknownHttpMethod) do - self.request_method = :random_method - end - end - - def test_allow_method_hacking_on_post - [:get, :head, :options, :put, :post, :delete].each do |method| - self.request_method = method - @request.request_method(true) - assert_equal(method == :head ? :get : method, @request.method) - end - end - - def test_invalid_method_hacking_on_post_raises_exception - assert_raises(ActionController::UnknownHttpMethod) do - self.request_method = :_random_method - @request.request_method(true) - end - end - - def test_restrict_method_hacking - @request.instance_eval { @parameters = { :_method => 'put' } } - [:get, :put, :delete].each do |method| - self.request_method = method - assert_equal method, @request.method - end - end - - def test_head_masquerading_as_get - self.request_method = :head - assert_equal :get, @request.method - assert @request.get? - assert @request.head? - end - - def test_xml_format - @request.instance_eval { @parameters = { :format => 'xml' } } - assert_equal Mime::XML, @request.format - end - - def test_xhtml_format - @request.instance_eval { @parameters = { :format => 'xhtml' } } - assert_equal Mime::HTML, @request.format - end - - def test_txt_format - @request.instance_eval { @parameters = { :format => 'txt' } } - assert_equal Mime::TEXT, @request.format - end - - def test_nil_format - ActionController::Base.use_accept_header, old = - false, ActionController::Base.use_accept_header - - @request.instance_eval { @parameters = {} } - @request.env["HTTP_X_REQUESTED_WITH"] = "XMLHttpRequest" - assert @request.xhr? - assert_equal Mime::JS, @request.format - - ensure - ActionController::Base.use_accept_header = old - end - - def test_content_type - @request.env["CONTENT_TYPE"] = "text/html" - assert_equal Mime::HTML, @request.content_type - end - - def test_format_assignment_should_set_format - @request.instance_eval { self.format = :txt } - assert !@request.format.xml? - @request.instance_eval { self.format = :xml } - assert @request.format.xml? - end - - def test_content_no_type - assert_equal nil, @request.content_type - end - - def test_content_type_xml - @request.env["CONTENT_TYPE"] = "application/xml" - assert_equal Mime::XML, @request.content_type - end - - def test_content_type_with_charset - @request.env["CONTENT_TYPE"] = "application/xml; charset=UTF-8" - assert_equal Mime::XML, @request.content_type - end - - def test_user_agent - assert_not_nil @request.user_agent - end - - def test_parameters - @request.stubs(:request_parameters).returns({ "foo" => 1 }) - @request.stubs(:query_parameters).returns({ "bar" => 2 }) - - assert_equal({"foo" => 1, "bar" => 2}, @request.parameters) - assert_equal({"foo" => 1}, @request.request_parameters) - assert_equal({"bar" => 2}, @request.query_parameters) - end - - protected - def request_method=(method) - @request.env['REQUEST_METHOD'] = method.to_s.upcase - @request.request_method(true) - end -end diff --git a/actionpack/test/dispatch/header_test.rb b/actionpack/test/dispatch/header_test.rb new file mode 100644 index 0000000000..ec6ba494dc --- /dev/null +++ b/actionpack/test/dispatch/header_test.rb @@ -0,0 +1,16 @@ +require 'abstract_unit' + +class HeaderTest < ActiveSupport::TestCase + def setup + @headers = ActionDispatch::Http::Headers.new( + "HTTP_CONTENT_TYPE" => "text/plain" + ) + end + + test "content type" do + assert_equal "text/plain", @headers["Content-Type"] + assert_equal "text/plain", @headers["content-type"] + assert_equal "text/plain", @headers["CONTENT_TYPE"] + assert_equal "text/plain", @headers["HTTP_CONTENT_TYPE"] + end +end diff --git a/actionpack/test/dispatch/middleware_stack_test.rb b/actionpack/test/dispatch/middleware_stack_test.rb new file mode 100644 index 0000000000..e5496c848b --- /dev/null +++ b/actionpack/test/dispatch/middleware_stack_test.rb @@ -0,0 +1,76 @@ +require 'abstract_unit' + +class MiddlewareStackTest < ActiveSupport::TestCase + class FooMiddleware; end + class BarMiddleware; end + class BazMiddleware; end + + def setup + @stack = ActionDispatch::MiddlewareStack.new + @stack.use FooMiddleware + @stack.use BarMiddleware + end + + test "use should push middleware as class onto the stack" do + assert_difference "@stack.size" do + @stack.use BazMiddleware + end + assert_equal BazMiddleware, @stack.last.klass + end + + test "use should push middleware as a string onto the stack" do + assert_difference "@stack.size" do + @stack.use "MiddlewareStackTest::BazMiddleware" + end + assert_equal BazMiddleware, @stack.last.klass + end + + test "use should push middleware as a symbol onto the stack" do + assert_difference "@stack.size" do + @stack.use :"MiddlewareStackTest::BazMiddleware" + end + assert_equal BazMiddleware, @stack.last.klass + end + + test "use should push middleware class with arguments onto the stack" do + assert_difference "@stack.size" do + @stack.use BazMiddleware, true, :foo => "bar" + end + assert_equal BazMiddleware, @stack.last.klass + assert_equal([true, {:foo => "bar"}], @stack.last.args) + end + + test "insert inserts middleware at the integer index" do + @stack.insert(1, BazMiddleware) + assert_equal BazMiddleware, @stack[1].klass + end + + test "insert_after inserts middleware after the integer index" do + @stack.insert_after(1, BazMiddleware) + assert_equal BazMiddleware, @stack[2].klass + end + + test "insert_before inserts middleware before another middleware class" do + @stack.insert_before(BarMiddleware, BazMiddleware) + assert_equal BazMiddleware, @stack[1].klass + end + + test "insert_after inserts middleware after another middleware class" do + @stack.insert_after(BarMiddleware, BazMiddleware) + assert_equal BazMiddleware, @stack[2].klass + end + + test "swaps one middleware out for another" do + assert_equal FooMiddleware, @stack[0].klass + @stack.swap(FooMiddleware, BazMiddleware) + assert_equal BazMiddleware, @stack[0].klass + end + + test "active returns all only enabled middleware" do + assert_no_difference "@stack.active.size" do + assert_difference "@stack.size" do + @stack.use BazMiddleware, :if => lambda { false } + end + end + end +end diff --git a/actionpack/test/dispatch/mime_type_test.rb b/actionpack/test/dispatch/mime_type_test.rb new file mode 100644 index 0000000000..2fdf4819bb --- /dev/null +++ b/actionpack/test/dispatch/mime_type_test.rb @@ -0,0 +1,96 @@ +require 'abstract_unit' + +class MimeTypeTest < ActiveSupport::TestCase + Mime::Type.register "image/png", :png unless defined? Mime::PNG + Mime::Type.register "application/pdf", :pdf unless defined? Mime::PDF + + test "parse single" do + Mime::LOOKUP.keys.each do |mime_type| + assert_equal [Mime::Type.lookup(mime_type)], Mime::Type.parse(mime_type) + end + end + + test "parse without q" do + accept = "text/xml,application/xhtml+xml,text/yaml,application/xml,text/html,image/png,text/plain,application/pdf,*/*" + expect = [Mime::HTML, Mime::XML, Mime::YAML, Mime::PNG, Mime::TEXT, Mime::PDF, Mime::ALL] + assert_equal expect, Mime::Type.parse(accept) + end + + test "parse with q" do + accept = "text/xml,application/xhtml+xml,text/yaml; q=0.3,application/xml,text/html; q=0.8,image/png,text/plain; q=0.5,application/pdf,*/*; q=0.2" + expect = [Mime::HTML, Mime::XML, Mime::PNG, Mime::PDF, Mime::TEXT, Mime::YAML, Mime::ALL] + assert_equal expect, Mime::Type.parse(accept) + end + + # Accept header send with user HTTP_USER_AGENT: Sunrise/0.42j (Windows XP) + test "parse crappy broken acceptlines" do + accept = "text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/*,,*/*;q=0.5" + expect = [Mime::HTML, Mime::XML, "image/*", Mime::TEXT, Mime::ALL] + assert_equal expect, Mime::Type.parse(accept).collect { |c| c.to_s } + end + + # Accept header send with user HTTP_USER_AGENT: Mozilla/4.0 + # (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1) + test "parse crappy broken acceptlines2" do + accept = "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, , pronto/1.00.00, sslvpn/1.00.00.00, */*" + expect = ['image/gif', 'image/x-xbitmap', 'image/jpeg','image/pjpeg', 'application/x-shockwave-flash', 'application/vnd.ms-excel', 'application/vnd.ms-powerpoint', 'application/msword', 'pronto/1.00.00', 'sslvpn/1.00.00.00', Mime::ALL ] + assert_equal expect, Mime::Type.parse(accept).collect { |c| c.to_s } + end + + test "custom type" do + begin + Mime::Type.register("image/gif", :gif) + assert_nothing_raised do + Mime::GIF + assert_equal Mime::GIF, Mime::SET.last + end + ensure + Mime.module_eval { remove_const :GIF if const_defined?(:GIF) } + end + end + + test "type should be equal to symbol" do + assert_equal Mime::HTML, 'application/xhtml+xml' + assert_equal Mime::HTML, :html + end + + test "type convenience methods" do + # Don't test Mime::ALL, since it Mime::ALL#html? == true + types = Mime::SET.to_a.map(&:to_sym).uniq - [:all] + + # Remove custom Mime::Type instances set in other tests, like Mime::GIF and Mime::IPHONE + types.delete_if { |type| !Mime.const_defined?(type.to_s.upcase) } + + types.each do |type| + mime = Mime.const_get(type.to_s.upcase) + assert mime.send("#{type}?"), "#{mime.inspect} is not #{type}?" + invalid_types = types - [type] + invalid_types.delete(:html) if Mime::Type.html_types.include?(type) + invalid_types.each { |other_type| assert !mime.send("#{other_type}?"), "#{mime.inspect} is #{other_type}?" } + end + end + + test "mime all is html" do + assert Mime::ALL.all?, "Mime::ALL is not all?" + assert Mime::ALL.html?, "Mime::ALL is not html?" + end + + test "verifiable mime types" do + all_types = Mime::SET.to_a.map(&:to_sym) + all_types.uniq! + # Remove custom Mime::Type instances set in other tests, like Mime::GIF and Mime::IPHONE + all_types.delete_if { |type| !Mime.const_defined?(type.to_s.upcase) } + verified, unverified = all_types.partition { |type| Mime::Type.browser_generated_types.include? type } + assert verified.each { |type| assert Mime.const_get(type.to_s.upcase).verify_request?, "Verifiable Mime Type is not verified: #{type.inspect}" } + assert unverified.each { |type| assert !Mime.const_get(type.to_s.upcase).verify_request?, "Nonverifiable Mime Type is verified: #{type.inspect}" } + end + + test "regexp matcher" do + assert Mime::JS =~ "text/javascript" + assert Mime::JS =~ "application/javascript" + assert Mime::JS !~ "text/html" + assert !(Mime::JS !~ "text/javascript") + assert !(Mime::JS !~ "application/javascript") + assert Mime::HTML =~ 'application/xhtml+xml' + end +end diff --git a/actionpack/test/dispatch/rack_test.rb b/actionpack/test/dispatch/rack_test.rb new file mode 100644 index 0000000000..df465eba91 --- /dev/null +++ b/actionpack/test/dispatch/rack_test.rb @@ -0,0 +1,279 @@ +require 'abstract_unit' + +# TODO: Merge these tests into RequestTest + +class BaseRackTest < ActiveSupport::TestCase + def setup + @env = { + "HTTP_MAX_FORWARDS" => "10", + "SERVER_NAME" => "glu.ttono.us", + "FCGI_ROLE" => "RESPONDER", + "AUTH_TYPE" => "Basic", + "HTTP_X_FORWARDED_HOST" => "glu.ttono.us", + "HTTP_ACCEPT_CHARSET" => "UTF-8", + "HTTP_ACCEPT_ENCODING" => "gzip, deflate", + "HTTP_CACHE_CONTROL" => "no-cache, max-age=0", + "HTTP_PRAGMA" => "no-cache", + "HTTP_USER_AGENT" => "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en)", + "PATH_INFO" => "/homepage/", + "HTTP_ACCEPT_LANGUAGE" => "en", + "HTTP_NEGOTIATE" => "trans", + "HTTP_HOST" => "glu.ttono.us:8007", + "HTTP_REFERER" => "http://www.google.com/search?q=glu.ttono.us", + "HTTP_FROM" => "googlebot", + "SERVER_PROTOCOL" => "HTTP/1.1", + "REDIRECT_URI" => "/dispatch.fcgi", + "SCRIPT_NAME" => "/dispatch.fcgi", + "SERVER_ADDR" => "207.7.108.53", + "REMOTE_ADDR" => "207.7.108.53", + "REMOTE_HOST" => "google.com", + "REMOTE_IDENT" => "kevin", + "REMOTE_USER" => "kevin", + "SERVER_SOFTWARE" => "lighttpd/1.4.5", + "HTTP_COOKIE" => "_session_id=c84ace84796670c052c6ceb2451fb0f2; is_admin=yes", + "HTTP_X_FORWARDED_SERVER" => "glu.ttono.us", + "REQUEST_URI" => "/admin", + "DOCUMENT_ROOT" => "/home/kevinc/sites/typo/public", + "PATH_TRANSLATED" => "/home/kevinc/sites/typo/public/homepage/", + "SERVER_PORT" => "8007", + "QUERY_STRING" => "", + "REMOTE_PORT" => "63137", + "GATEWAY_INTERFACE" => "CGI/1.1", + "HTTP_X_FORWARDED_FOR" => "65.88.180.234", + "HTTP_ACCEPT" => "*/*", + "SCRIPT_FILENAME" => "/home/kevinc/sites/typo/public/dispatch.fcgi", + "REDIRECT_STATUS" => "200", + "REQUEST_METHOD" => "GET" + } + @request = ActionDispatch::Request.new(@env) + # some Nokia phone browsers omit the space after the semicolon separator. + # some developers have grown accustomed to using comma in cookie values. + @alt_cookie_fmt_request = ActionDispatch::Request.new(@env.merge({"HTTP_COOKIE"=>"_session_id=c84ace847,96670c052c6ceb2451fb0f2;is_admin=yes"})) + end + + private + def set_content_data(data) + @request.env['REQUEST_METHOD'] = 'POST' + @request.env['CONTENT_LENGTH'] = data.length + @request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded; charset=utf-8' + @request.env['rack.input'] = StringIO.new(data) + end +end + +class RackRequestTest < BaseRackTest + test "proxy request" do + assert_equal 'glu.ttono.us', @request.host_with_port(true) + end + + test "http host" do + @env.delete "HTTP_X_FORWARDED_HOST" + @env['HTTP_HOST'] = "rubyonrails.org:8080" + assert_equal "rubyonrails.org", @request.host(true) + assert_equal "rubyonrails.org:8080", @request.host_with_port(true) + + @env['HTTP_X_FORWARDED_HOST'] = "www.firsthost.org, www.secondhost.org" + assert_equal "www.secondhost.org", @request.host(true) + end + + test "http host with default port overrides server port" do + @env.delete "HTTP_X_FORWARDED_HOST" + @env['HTTP_HOST'] = "rubyonrails.org" + assert_equal "rubyonrails.org", @request.host_with_port(true) + end + + test "host with port defaults to server name if no host headers" do + @env.delete "HTTP_X_FORWARDED_HOST" + @env.delete "HTTP_HOST" + assert_equal "glu.ttono.us:8007", @request.host_with_port(true) + end + + test "host with port falls back to server addr if necessary" do + @env.delete "HTTP_X_FORWARDED_HOST" + @env.delete "HTTP_HOST" + @env.delete "SERVER_NAME" + assert_equal "207.7.108.53", @request.host(true) + assert_equal 8007, @request.port(true) + assert_equal "207.7.108.53:8007", @request.host_with_port(true) + end + + test "host with port if http standard port is specified" do + @env['HTTP_X_FORWARDED_HOST'] = "glu.ttono.us:80" + assert_equal "glu.ttono.us", @request.host_with_port(true) + end + + test "host with port if https standard port is specified" do + @env['HTTP_X_FORWARDED_PROTO'] = "https" + @env['HTTP_X_FORWARDED_HOST'] = "glu.ttono.us:443" + assert_equal "glu.ttono.us", @request.host_with_port(true) + end + + test "host if ipv6 reference" do + @env.delete "HTTP_X_FORWARDED_HOST" + @env['HTTP_HOST'] = "[2001:1234:5678:9abc:def0::dead:beef]" + assert_equal "[2001:1234:5678:9abc:def0::dead:beef]", @request.host(true) + end + + test "host if ipv6 reference with port" do + @env.delete "HTTP_X_FORWARDED_HOST" + @env['HTTP_HOST'] = "[2001:1234:5678:9abc:def0::dead:beef]:8008" + assert_equal "[2001:1234:5678:9abc:def0::dead:beef]", @request.host(true) + end + + test "cgi environment variables" do + assert_equal "Basic", @request.auth_type + assert_equal 0, @request.content_length + assert_equal nil, @request.content_type + assert_equal "CGI/1.1", @request.gateway_interface + assert_equal "*/*", @request.accept + assert_equal "UTF-8", @request.accept_charset + assert_equal "gzip, deflate", @request.accept_encoding + assert_equal "en", @request.accept_language + assert_equal "no-cache, max-age=0", @request.cache_control + assert_equal "googlebot", @request.from + assert_equal "glu.ttono.us", @request.host + assert_equal "trans", @request.negotiate + assert_equal "no-cache", @request.pragma + assert_equal "http://www.google.com/search?q=glu.ttono.us", @request.referer + assert_equal "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en)", @request.user_agent + assert_equal "/homepage/", @request.path_info + assert_equal "/home/kevinc/sites/typo/public/homepage/", @request.path_translated + assert_equal "", @request.query_string + assert_equal "207.7.108.53", @request.remote_addr + assert_equal "google.com", @request.remote_host + assert_equal "kevin", @request.remote_ident + assert_equal "kevin", @request.remote_user + assert_equal :get, @request.request_method + assert_equal "/dispatch.fcgi", @request.script_name + assert_equal "glu.ttono.us", @request.server_name + assert_equal 8007, @request.server_port + assert_equal "HTTP/1.1", @request.server_protocol + assert_equal "lighttpd", @request.server_software + end + + test "cookie syntax resilience" do + cookies = @request.cookies + assert_equal "c84ace84796670c052c6ceb2451fb0f2", cookies["_session_id"], cookies.inspect + assert_equal "yes", cookies["is_admin"], cookies.inspect + + alt_cookies = @alt_cookie_fmt_request.cookies + #assert_equal "c84ace847,96670c052c6ceb2451fb0f2", alt_cookies["_session_id"], alt_cookies.inspect + assert_equal "yes", alt_cookies["is_admin"], alt_cookies.inspect + end +end + +class RackRequestParamsParsingTest < BaseRackTest + test "doesnt break when content type has charset" do + set_content_data 'flamenco=love' + + assert_equal({"flamenco"=> "love"}, @request.request_parameters) + end + + test "doesnt interpret request uri as query string when missing" do + @request.env['REQUEST_URI'] = 'foo' + assert_equal({}, @request.query_parameters) + end +end + +class RackRequestContentTypeTest < BaseRackTest + test "html content type verification" do + @request.env['CONTENT_TYPE'] = Mime::HTML.to_s + assert @request.content_type.verify_request? + end + + test "xml content type verification" do + @request.env['CONTENT_TYPE'] = Mime::XML.to_s + assert !@request.content_type.verify_request? + end +end + +class RackRequestNeedsRewoundTest < BaseRackTest + test "body should be rewound" do + data = 'foo' + @env['rack.input'] = StringIO.new(data) + @env['CONTENT_LENGTH'] = data.length + @env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded; charset=utf-8' + + # Read the request body by parsing params. + request = ActionDispatch::Request.new(@env) + request.request_parameters + + # Should have rewound the body. + assert_equal 0, request.body.pos + end +end + +class RackResponseTest < BaseRackTest + def setup + super + @response = ActionDispatch::Response.new + end + + test "simple output" do + @response.body = "Hello, World!" + @response.prepare! + + status, headers, body = @response.to_a + assert_equal 200, status + assert_equal({ + "Content-Type" => "text/html; charset=utf-8", + "Cache-Control" => "private, max-age=0, must-revalidate", + "ETag" => '"65a8e27d8879283831b664bd8b7f0ad4"', + "Set-Cookie" => [], + "Content-Length" => "13" + }, headers) + + parts = [] + body.each { |part| parts << part } + assert_equal ["Hello, World!"], parts + end + + test "streaming block" do + @response.body = Proc.new do |response, output| + 5.times { |n| output.write(n) } + end + @response.prepare! + + status, headers, body = @response.to_a + assert_equal 200, status + assert_equal({ + "Content-Type" => "text/html; charset=utf-8", + "Content-Length" => "", + "Cache-Control" => "no-cache", + "Set-Cookie" => [] + }, headers) + + parts = [] + body.each { |part| parts << part } + assert_equal ["0", "1", "2", "3", "4"], parts + end +end + +class RackResponseHeadersTest < BaseRackTest + def setup + super + @response = ActionDispatch::Response.new + @response.status = "200 OK" + end + + test "content type" do + [204, 304].each do |c| + @response.status = c.to_s + assert !response_headers.has_key?("Content-Type"), "#{c} should not have Content-Type header" + end + + [200, 302, 404, 500].each do |c| + @response.status = c.to_s + assert response_headers.has_key?("Content-Type"), "#{c} did not have Content-Type header" + end + end + + test "status" do + assert !response_headers.has_key?('Status') + end + + private + def response_headers + @response.prepare! + @response.to_a[1] + end +end diff --git a/actionpack/test/dispatch/request/json_params_parsing_test.rb b/actionpack/test/dispatch/request/json_params_parsing_test.rb new file mode 100644 index 0000000000..a3dde72c4e --- /dev/null +++ b/actionpack/test/dispatch/request/json_params_parsing_test.rb @@ -0,0 +1,45 @@ +require 'abstract_unit' + +class JsonParamsParsingTest < ActionController::IntegrationTest + class TestController < ActionController::Base + class << self + attr_accessor :last_request_parameters + end + + def parse + self.class.last_request_parameters = request.request_parameters + head :ok + end + end + + def teardown + TestController.last_request_parameters = nil + end + + test "parses json params for application json" do + assert_parses( + {"person" => {"name" => "David"}}, + "{\"person\": {\"name\": \"David\"}}", { 'CONTENT_TYPE' => 'application/json' } + ) + end + + test "parses json params for application jsonrequest" do + assert_parses( + {"person" => {"name" => "David"}}, + "{\"person\": {\"name\": \"David\"}}", { 'CONTENT_TYPE' => 'application/jsonrequest' } + ) + end + + private + def assert_parses(expected, actual, headers = {}) + with_routing do |set| + set.draw do |map| + map.connect ':action', :controller => "json_params_parsing_test/test" + end + + post "/parse", actual, headers + assert_response :ok + assert_equal(expected, TestController.last_request_parameters) + end + end +end diff --git a/actionpack/test/dispatch/request/multipart_params_parsing_test.rb b/actionpack/test/dispatch/request/multipart_params_parsing_test.rb new file mode 100644 index 0000000000..5b9728cc42 --- /dev/null +++ b/actionpack/test/dispatch/request/multipart_params_parsing_test.rb @@ -0,0 +1,223 @@ +require 'abstract_unit' + +class MultipartParamsParsingTest < ActionController::IntegrationTest + class TestController < ActionController::Base + class << self + attr_accessor :last_request_parameters + end + + def parse + self.class.last_request_parameters = request.request_parameters + head :ok + end + + def read + render :text => "File: #{params[:uploaded_data].read}" + end + end + + FIXTURE_PATH = File.dirname(__FILE__) + '/../../fixtures/multipart' + + def teardown + TestController.last_request_parameters = nil + end + + test "parses single parameter" do + assert_equal({ 'foo' => 'bar' }, parse_multipart('single_parameter')) + end + + test "parses bracketed parameters" do + assert_equal({ 'foo' => { 'baz' => 'bar'}}, parse_multipart('bracketed_param')) + end + + test "parses text file" do + params = parse_multipart('text_file') + assert_equal %w(file foo), params.keys.sort + assert_equal 'bar', params['foo'] + + file = params['file'] + assert_kind_of Tempfile, file + assert_equal 'file.txt', file.original_filename + assert_equal "text/plain", file.content_type + assert_equal 'contents', file.read + end + + test "parses boundary problem file" do + params = parse_multipart('boundary_problem_file') + assert_equal %w(file foo), params.keys.sort + + file = params['file'] + foo = params['foo'] + + assert_kind_of Tempfile, file + + assert_equal 'file.txt', file.original_filename + assert_equal "text/plain", file.content_type + + assert_equal 'bar', foo + end + + test "parses large text file" do + params = parse_multipart('large_text_file') + assert_equal %w(file foo), params.keys.sort + assert_equal 'bar', params['foo'] + + file = params['file'] + + assert_kind_of Tempfile, file + + assert_equal 'file.txt', file.original_filename + assert_equal "text/plain", file.content_type + assert ('a' * 20480) == file.read + end + + test "parses binary file" do + params = parse_multipart('binary_file') + assert_equal %w(file flowers foo), params.keys.sort + assert_equal 'bar', params['foo'] + + file = params['file'] + assert_kind_of Tempfile, file + assert_equal 'file.csv', file.original_filename + assert_nil file.content_type + assert_equal 'contents', file.read + + file = params['flowers'] + assert_kind_of Tempfile, file + assert_equal 'flowers.jpg', file.original_filename + assert_equal "image/jpeg", file.content_type + assert_equal 19512, file.size + end + + test "parses mixed files" do + params = parse_multipart('mixed_files') + assert_equal %w(files foo), params.keys.sort + assert_equal 'bar', params['foo'] + + # Ruby CGI doesn't handle multipart/mixed for us. + files = params['files'] + assert_kind_of String, files + files.force_encoding('ASCII-8BIT') if files.respond_to?(:force_encoding) + assert_equal 19756, files.size + end + + test "does not create tempfile if no file has been selected" do + params = parse_multipart('none') + assert_equal %w(files submit-name), params.keys.sort + assert_equal 'Larry', params['submit-name'] + assert_equal nil, params['files'] + end + + test "parses empty upload file" do + params = parse_multipart('empty') + assert_equal %w(files submit-name), params.keys.sort + assert_equal 'Larry', params['submit-name'] + assert params['files'] + assert_equal "", params['files'].read + end + + test "uploads and reads binary file" do + with_test_routing do + fixture = FIXTURE_PATH + "/mona_lisa.jpg" + params = { :uploaded_data => fixture_file_upload(fixture, "image/jpg") } + post '/read', params + expected_length = 'File: '.length + File.size(fixture) + assert_equal expected_length, response.content_length + end + end + + test "uploads and reads file" do + with_test_routing do + post '/read', :uploaded_data => fixture_file_upload(FIXTURE_PATH + "/hello.txt", "text/plain") + assert_equal "File: Hello", response.body + end + end + + # The lint wrapper is used in integration tests + # instead of a normal StringIO class + InputWrapper = Rack::Lint::InputWrapper + + test "parses unwindable stream" do + InputWrapper.any_instance.stubs(:rewind).raises(Errno::ESPIPE) + params = parse_multipart('large_text_file') + assert_equal %w(file foo), params.keys.sort + assert_equal 'bar', params['foo'] + end + + test "uploads and reads file with unwindable input" do + InputWrapper.any_instance.stubs(:rewind).raises(Errno::ESPIPE) + + with_test_routing do + post '/read', :uploaded_data => fixture_file_upload(FIXTURE_PATH + "/hello.txt", "text/plain") + assert_equal "File: Hello", response.body + end + end + + test "passes through rack middleware and uploads file" do + with_muck_middleware do + with_test_routing do + post '/read', :uploaded_data => fixture_file_upload(FIXTURE_PATH + "/hello.txt", "text/plain") + assert_equal "File: Hello", response.body + end + end + end + + test "passes through rack middleware and uploads file with unwindable input" do + InputWrapper.any_instance.stubs(:rewind).raises(Errno::ESPIPE) + + with_muck_middleware do + with_test_routing do + post '/read', :uploaded_data => fixture_file_upload(FIXTURE_PATH + "/hello.txt", "text/plain") + assert_equal "File: Hello", response.body + end + end + end + + private + def fixture(name) + File.open(File.join(FIXTURE_PATH, name), 'rb') do |file| + { "rack.input" => file.read, + "CONTENT_TYPE" => "multipart/form-data; boundary=AaB03x", + "CONTENT_LENGTH" => file.stat.size.to_s } + end + end + + def parse_multipart(name) + with_test_routing do + headers = fixture(name) + post "/parse", headers.delete("rack.input"), headers + assert_response :ok + TestController.last_request_parameters + end + end + + def with_test_routing + with_routing do |set| + set.draw do |map| + map.connect ':action', :controller => "multipart_params_parsing_test/test" + end + yield + end + end + + class MuckMiddleware + def initialize(app) + @app = app + end + + def call(env) + req = Rack::Request.new(env) + req.params # Parse params + @app.call(env) + end + end + + def with_muck_middleware + original_middleware = ActionController::Dispatcher.middleware + middleware = original_middleware.dup + middleware.insert_after ActionDispatch::RewindableInput, MuckMiddleware + ActionController::Dispatcher.middleware = middleware + yield + ActionController::Dispatcher.middleware = original_middleware + end +end diff --git a/actionpack/test/dispatch/request/query_string_parsing_test.rb b/actionpack/test/dispatch/request/query_string_parsing_test.rb new file mode 100644 index 0000000000..a31e326ddf --- /dev/null +++ b/actionpack/test/dispatch/request/query_string_parsing_test.rb @@ -0,0 +1,120 @@ +require 'abstract_unit' + +class QueryStringParsingTest < ActionController::IntegrationTest + class TestController < ActionController::Base + class << self + attr_accessor :last_query_parameters + end + + def parse + self.class.last_query_parameters = request.query_parameters + head :ok + end + end + + def teardown + TestController.last_query_parameters = nil + end + + test "query string" do + assert_parses( + {"action" => "create_customer", "full_name" => "David Heinemeier Hansson", "customerId" => "1"}, + "action=create_customer&full_name=David%20Heinemeier%20Hansson&customerId=1" + ) + end + + test "deep query string" do + assert_parses( + {'x' => {'y' => {'z' => '10'}}}, + "x[y][z]=10" + ) + end + + test "deep query string with array" do + assert_parses({'x' => {'y' => {'z' => ['10']}}}, 'x[y][z][]=10') + assert_parses({'x' => {'y' => {'z' => ['10', '5']}}}, 'x[y][z][]=10&x[y][z][]=5') + end + + test "deep query string with array of hash" do + assert_parses({'x' => {'y' => [{'z' => '10'}]}}, 'x[y][][z]=10') + assert_parses({'x' => {'y' => [{'z' => '10', 'w' => '10'}]}}, 'x[y][][z]=10&x[y][][w]=10') + assert_parses({'x' => {'y' => [{'z' => '10', 'v' => {'w' => '10'}}]}}, 'x[y][][z]=10&x[y][][v][w]=10') + end + + test "deep query string with array of hashes with one pair" do + assert_parses({'x' => {'y' => [{'z' => '10'}, {'z' => '20'}]}}, 'x[y][][z]=10&x[y][][z]=20') + end + + test "deep query string with array of hashes with multiple pairs" do + assert_parses( + {'x' => {'y' => [{'z' => '10', 'w' => 'a'}, {'z' => '20', 'w' => 'b'}]}}, + 'x[y][][z]=10&x[y][][w]=a&x[y][][z]=20&x[y][][w]=b' + ) + end + + test "query string with nil" do + assert_parses( + { "action" => "create_customer", "full_name" => ''}, + "action=create_customer&full_name=" + ) + end + + test "query string with array" do + assert_parses( + { "action" => "create_customer", "selected" => ["1", "2", "3"]}, + "action=create_customer&selected[]=1&selected[]=2&selected[]=3" + ) + end + + test "query string with amps" do + assert_parses( + { "action" => "create_customer", "name" => "Don't & Does"}, + "action=create_customer&name=Don%27t+%26+Does" + ) + end + + test "query string with many equal" do + assert_parses( + { "action" => "create_customer", "full_name" => "abc=def=ghi"}, + "action=create_customer&full_name=abc=def=ghi" + ) + end + + test "query string without equal" do + assert_parses({ "action" => nil }, "action") + end + + test "query string with empty key" do + assert_parses( + { "action" => "create_customer", "full_name" => "David Heinemeier Hansson" }, + "action=create_customer&full_name=David%20Heinemeier%20Hansson&=Save" + ) + end + + test "query string with many ampersands" do + assert_parses( + { "action" => "create_customer", "full_name" => "David Heinemeier Hansson"}, + "&action=create_customer&&&full_name=David%20Heinemeier%20Hansson" + ) + end + + test "unbalanced query string with array" do + assert_parses( + {'location' => ["1", "2"], 'age_group' => ["2"]}, + "location[]=1&location[]=2&age_group[]=2" + ) + end + + private + def assert_parses(expected, actual) + with_routing do |set| + set.draw do |map| + map.connect ':action', :controller => "query_string_parsing_test/test" + end + + get "/parse", actual + assert_response :ok + assert_equal(expected, TestController.last_query_parameters) + end + end +end diff --git a/actionpack/test/dispatch/request/url_encoded_params_parsing_test.rb b/actionpack/test/dispatch/request/url_encoded_params_parsing_test.rb new file mode 100644 index 0000000000..9f0535bbcc --- /dev/null +++ b/actionpack/test/dispatch/request/url_encoded_params_parsing_test.rb @@ -0,0 +1,220 @@ +require 'abstract_unit' + +class UrlEncodedParamsParsingTest < ActionController::IntegrationTest + class TestController < ActionController::Base + class << self + attr_accessor :last_request_parameters, :last_request_type + end + + def parse + self.class.last_request_parameters = request.request_parameters + head :ok + end + end + + def teardown + TestController.last_request_parameters = nil + end + + test "parses unbalanced query string with array" do + assert_parses( + {'location' => ["1", "2"], 'age_group' => ["2"]}, + "location[]=1&location[]=2&age_group[]=2" + ) + end + + test "parses nested hash" do + query = [ + "note[viewers][viewer][][type]=User", + "note[viewers][viewer][][id]=1", + "note[viewers][viewer][][type]=Group", + "note[viewers][viewer][][id]=2" + ].join("&") + + expected = { "note" => { "viewers"=>{"viewer"=>[{ "id"=>"1", "type"=>"User"}, {"type"=>"Group", "id"=>"2"} ]} } } + assert_parses(expected, query) + end + + test "parses more complex nesting" do + query = [ + "customers[boston][first][name]=David", + "customers[boston][first][url]=http://David", + "customers[boston][second][name]=Allan", + "customers[boston][second][url]=http://Allan", + "something_else=blah", + "something_nil=", + "something_empty=", + "products[first]=Apple Computer", + "products[second]=Pc", + "=Save" + ].join("&") + + expected = { + "customers" => { + "boston" => { + "first" => { + "name" => "David", + "url" => "http://David" + }, + "second" => { + "name" => "Allan", + "url" => "http://Allan" + } + } + }, + "something_else" => "blah", + "something_empty" => "", + "something_nil" => "", + "products" => { + "first" => "Apple Computer", + "second" => "Pc" + } + } + + assert_parses expected, query + end + + test "parses params with array" do + query = "selected[]=1&selected[]=2&selected[]=3" + expected = { "selected" => [ "1", "2", "3" ] } + assert_parses expected, query + end + + test "parses params with non alphanumeric name" do + query = "a/b[c]=d" + expected = { "a/b" => { "c" => "d" }} + assert_parses expected, query + end + + test "parses params with single brackets in the middle" do + query = "a/b[c]d=e" + expected = { "a/b" => {} } + assert_parses expected, query + end + + test "parses params with separated brackets" do + query = "a/b@[c]d[e]=f" + expected = { "a/b@" => { }} + assert_parses expected, query + end + + test "parses params with separated brackets and array" do + query = "a/b@[c]d[e][]=f" + expected = { "a/b@" => { }} + assert_parses expected, query + end + + test "parses params with unmatched brackets and array" do + query = "a/b@[c][d[e][]=f" + expected = { "a/b@" => { "c" => { }}} + assert_parses expected, query + end + + test "parses params with nil key" do + query = "=&test2=value1" + expected = { "test2" => "value1" } + assert_parses expected, query + end + + test "parses params with array prefix and hashes" do + query = "a[][b][c]=d" + expected = {"a" => [{"b" => {"c" => "d"}}]} + assert_parses expected, query + end + + test "parses params with complex nesting" do + query = "a[][b][c][][d][]=e" + expected = {"a" => [{"b" => {"c" => [{"d" => ["e"]}]}}]} + assert_parses expected, query + end + + test "parses params with file path" do + query = [ + "customers[boston][first][name]=David", + "something_else=blah", + "logo=#{File.expand_path(__FILE__)}" + ].join("&") + + expected = { + "customers" => { + "boston" => { + "first" => { + "name" => "David" + } + } + }, + "something_else" => "blah", + "logo" => File.expand_path(__FILE__), + } + + assert_parses expected, query + end + + test "parses params with Safari 2 trailing null character" do + query = "selected[]=1&selected[]=2&selected[]=3\0" + expected = { "selected" => [ "1", "2", "3" ] } + assert_parses expected, query + end + + test "parses params with Prototype's hack around Safari 2 trailing null character" do + query = "selected[]=1&selected[]=2&selected[]=3&_=" + expected = { "selected" => [ "1", "2", "3" ] } + assert_parses expected, query + end + + test "passes through rack middleware and parses params" do + with_muck_middleware do + assert_parses({ "a" => { "b" => "c" } }, "a[b]=c") + end + end + + # The lint wrapper is used in integration tests + # instead of a normal StringIO class + InputWrapper = Rack::Lint::InputWrapper + + test "passes through rack middleware and parses params with unwindable input" do + InputWrapper.any_instance.stubs(:rewind).raises(Errno::ESPIPE) + with_muck_middleware do + assert_parses({ "a" => { "b" => "c" } }, "a[b]=c") + end + end + + private + class MuckMiddleware + def initialize(app) + @app = app + end + + def call(env) + req = Rack::Request.new(env) + req.params # Parse params + @app.call(env) + end + end + + def with_muck_middleware + original_middleware = ActionController::Dispatcher.middleware + middleware = original_middleware.dup + middleware.insert_after ActionDispatch::RewindableInput, MuckMiddleware + ActionController::Dispatcher.middleware = middleware + yield + ActionController::Dispatcher.middleware = original_middleware + end + + def with_test_routing + with_routing do |set| + set.draw do |map| + map.connect ':action', :controller => "url_encoded_params_parsing_test/test" + end + yield + end + end + + def assert_parses(expected, actual) + with_test_routing do + post "/parse", actual + assert_response :ok + assert_equal(expected, TestController.last_request_parameters) + end + end +end diff --git a/actionpack/test/dispatch/request/xml_params_parsing_test.rb b/actionpack/test/dispatch/request/xml_params_parsing_test.rb new file mode 100644 index 0000000000..ee764e726e --- /dev/null +++ b/actionpack/test/dispatch/request/xml_params_parsing_test.rb @@ -0,0 +1,88 @@ +require 'abstract_unit' + +class XmlParamsParsingTest < ActionController::IntegrationTest + class TestController < ActionController::Base + class << self + attr_accessor :last_request_parameters + end + + def parse + self.class.last_request_parameters = request.request_parameters + head :ok + end + end + + def teardown + TestController.last_request_parameters = nil + end + + test "parses hash params" do + with_test_routing do + xml = "David" + post "/parse", xml, default_headers + assert_response :ok + assert_equal({"person" => {"name" => "David"}}, TestController.last_request_parameters) + end + end + + test "parses single file" do + with_test_routing do + xml = "David#{ActiveSupport::Base64.encode64('ABC')}" + post "/parse", xml, default_headers + assert_response :ok + + person = TestController.last_request_parameters + assert_equal "image/jpg", person['person']['avatar'].content_type + assert_equal "me.jpg", person['person']['avatar'].original_filename + assert_equal "ABC", person['person']['avatar'].read + end + end + + test "parses multiple files" do + xml = <<-end_body + + David + + #{ActiveSupport::Base64.encode64('ABC')} + #{ActiveSupport::Base64.encode64('DEF')} + + + end_body + + with_test_routing do + post "/parse", xml, default_headers + assert_response :ok + end + + person = TestController.last_request_parameters + + assert_equal "image/jpg", person['person']['avatars']['avatar'].first.content_type + assert_equal "me.jpg", person['person']['avatars']['avatar'].first.original_filename + assert_equal "ABC", person['person']['avatars']['avatar'].first.read + + assert_equal "image/gif", person['person']['avatars']['avatar'].last.content_type + assert_equal "you.gif", person['person']['avatars']['avatar'].last.original_filename + assert_equal "DEF", person['person']['avatars']['avatar'].last.read + end + + private + def with_test_routing + with_routing do |set| + set.draw do |map| + map.connect ':action', :controller => "xml_params_parsing_test/test" + end + yield + end + end + + def default_headers + {'CONTENT_TYPE' => 'application/xml'} + end +end + +class LegacyXmlParamsParsingTest < XmlParamsParsingTest + private + def default_headers + {'HTTP_X_POST_DATA_FORMAT' => 'xml'} + end +end diff --git a/actionpack/test/dispatch/request_test.rb b/actionpack/test/dispatch/request_test.rb new file mode 100644 index 0000000000..6262763b81 --- /dev/null +++ b/actionpack/test/dispatch/request_test.rb @@ -0,0 +1,409 @@ +require 'abstract_unit' + +class RequestTest < ActiveSupport::TestCase + def setup + ActionController::Base.relative_url_root = nil + @request = ActionController::TestRequest.new + end + + def teardown + ActionController::Base.relative_url_root = nil + end + + test "remote ip" do + assert_equal '0.0.0.0', @request.remote_ip + + @request.remote_addr = '1.2.3.4' + assert_equal '1.2.3.4', @request.remote_ip(true) + + @request.remote_addr = '1.2.3.4,3.4.5.6' + assert_equal '1.2.3.4', @request.remote_ip(true) + + @request.env['HTTP_CLIENT_IP'] = '2.3.4.5' + assert_equal '1.2.3.4', @request.remote_ip(true) + + @request.remote_addr = '192.168.0.1' + assert_equal '2.3.4.5', @request.remote_ip(true) + @request.env.delete 'HTTP_CLIENT_IP' + + @request.remote_addr = '1.2.3.4' + @request.env['HTTP_X_FORWARDED_FOR'] = '3.4.5.6' + assert_equal '1.2.3.4', @request.remote_ip(true) + + @request.remote_addr = '127.0.0.1' + @request.env['HTTP_X_FORWARDED_FOR'] = '3.4.5.6' + assert_equal '3.4.5.6', @request.remote_ip(true) + + @request.env['HTTP_X_FORWARDED_FOR'] = 'unknown,3.4.5.6' + assert_equal '3.4.5.6', @request.remote_ip(true) + + @request.env['HTTP_X_FORWARDED_FOR'] = '172.16.0.1,3.4.5.6' + assert_equal '3.4.5.6', @request.remote_ip(true) + + @request.env['HTTP_X_FORWARDED_FOR'] = '192.168.0.1,3.4.5.6' + assert_equal '3.4.5.6', @request.remote_ip(true) + + @request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1,3.4.5.6' + assert_equal '3.4.5.6', @request.remote_ip(true) + + @request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1, 10.0.0.1, 3.4.5.6' + assert_equal '3.4.5.6', @request.remote_ip(true) + + @request.env['HTTP_X_FORWARDED_FOR'] = '127.0.0.1,3.4.5.6' + assert_equal '3.4.5.6', @request.remote_ip(true) + + @request.env['HTTP_X_FORWARDED_FOR'] = 'unknown,192.168.0.1' + assert_equal 'unknown', @request.remote_ip(true) + + @request.env['HTTP_X_FORWARDED_FOR'] = '9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4' + assert_equal '3.4.5.6', @request.remote_ip(true) + + @request.env['HTTP_CLIENT_IP'] = '8.8.8.8' + e = assert_raises(ActionController::ActionControllerError) { + @request.remote_ip(true) + } + assert_match /IP spoofing attack/, e.message + assert_match /HTTP_X_FORWARDED_FOR="9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4"/, e.message + assert_match /HTTP_CLIENT_IP="8.8.8.8"/, e.message + + # turn IP Spoofing detection off. + # This is useful for sites that are aimed at non-IP clients. The typical + # example is WAP. Since the cellular network is not IP based, it's a + # leap of faith to assume that their proxies are ever going to set the + # HTTP_CLIENT_IP/HTTP_X_FORWARDED_FOR headers properly. + ActionController::Base.ip_spoofing_check = false + assert_equal('8.8.8.8', @request.remote_ip(true)) + ActionController::Base.ip_spoofing_check = true + + @request.env['HTTP_X_FORWARDED_FOR'] = '8.8.8.8, 9.9.9.9' + assert_equal '8.8.8.8', @request.remote_ip(true) + + @request.env.delete 'HTTP_CLIENT_IP' + @request.env.delete 'HTTP_X_FORWARDED_FOR' + end + + test "domains" do + @request.host = "www.rubyonrails.org" + assert_equal "rubyonrails.org", @request.domain + + @request.host = "www.rubyonrails.co.uk" + assert_equal "rubyonrails.co.uk", @request.domain(2) + + @request.host = "192.168.1.200" + assert_nil @request.domain + + @request.host = "foo.192.168.1.200" + assert_nil @request.domain + + @request.host = "192.168.1.200.com" + assert_equal "200.com", @request.domain + + @request.host = nil + assert_nil @request.domain + end + + test "subdomains" do + @request.host = "www.rubyonrails.org" + assert_equal %w( www ), @request.subdomains + + @request.host = "www.rubyonrails.co.uk" + assert_equal %w( www ), @request.subdomains(2) + + @request.host = "dev.www.rubyonrails.co.uk" + assert_equal %w( dev www ), @request.subdomains(2) + + @request.host = "foobar.foobar.com" + assert_equal %w( foobar ), @request.subdomains + + @request.host = "192.168.1.200" + assert_equal [], @request.subdomains + + @request.host = "foo.192.168.1.200" + assert_equal [], @request.subdomains + + @request.host = "192.168.1.200.com" + assert_equal %w( 192 168 1 ), @request.subdomains + + @request.host = nil + assert_equal [], @request.subdomains + end + + test "port string" do + @request.port = 80 + assert_equal "", @request.port_string + + @request.port = 8080 + assert_equal ":8080", @request.port_string + end + + test "request uri" do + @request.env['SERVER_SOFTWARE'] = 'Apache 42.342.3432' + + @request.set_REQUEST_URI "http://www.rubyonrails.org/path/of/some/uri?mapped=1" + assert_equal "/path/of/some/uri?mapped=1", @request.request_uri + assert_equal "/path/of/some/uri", @request.path + + @request.set_REQUEST_URI "http://www.rubyonrails.org/path/of/some/uri" + assert_equal "/path/of/some/uri", @request.request_uri + assert_equal "/path/of/some/uri", @request.path + + @request.set_REQUEST_URI "/path/of/some/uri" + assert_equal "/path/of/some/uri", @request.request_uri + assert_equal "/path/of/some/uri", @request.path + + @request.set_REQUEST_URI "/" + assert_equal "/", @request.request_uri + assert_equal "/", @request.path + + @request.set_REQUEST_URI "/?m=b" + assert_equal "/?m=b", @request.request_uri + assert_equal "/", @request.path + + @request.set_REQUEST_URI "/" + @request.env['SCRIPT_NAME'] = "/dispatch.cgi" + assert_equal "/", @request.request_uri + assert_equal "/", @request.path + + ActionController::Base.relative_url_root = "/hieraki" + @request.set_REQUEST_URI "/hieraki/" + @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" + assert_equal "/hieraki/", @request.request_uri + assert_equal "/", @request.path + ActionController::Base.relative_url_root = nil + + ActionController::Base.relative_url_root = "/collaboration/hieraki" + @request.set_REQUEST_URI "/collaboration/hieraki/books/edit/2" + @request.env['SCRIPT_NAME'] = "/collaboration/hieraki/dispatch.cgi" + assert_equal "/collaboration/hieraki/books/edit/2", @request.request_uri + assert_equal "/books/edit/2", @request.path + ActionController::Base.relative_url_root = nil + + # The following tests are for when REQUEST_URI is not supplied (as in IIS) + @request.env['PATH_INFO'] = "/path/of/some/uri?mapped=1" + @request.env['SCRIPT_NAME'] = nil #"/path/dispatch.rb" + @request.set_REQUEST_URI nil + assert_equal "/path/of/some/uri?mapped=1", @request.request_uri + assert_equal "/path/of/some/uri", @request.path + + ActionController::Base.relative_url_root = '/path' + @request.env['PATH_INFO'] = "/path/of/some/uri?mapped=1" + @request.env['SCRIPT_NAME'] = "/path/dispatch.rb" + @request.set_REQUEST_URI nil + assert_equal "/path/of/some/uri?mapped=1", @request.request_uri(true) + assert_equal "/of/some/uri", @request.path(true) + ActionController::Base.relative_url_root = nil + + @request.env['PATH_INFO'] = "/path/of/some/uri" + @request.env['SCRIPT_NAME'] = nil + @request.set_REQUEST_URI nil + assert_equal "/path/of/some/uri", @request.request_uri + assert_equal "/path/of/some/uri", @request.path + + @request.env['PATH_INFO'] = "/" + @request.set_REQUEST_URI nil + assert_equal "/", @request.request_uri + assert_equal "/", @request.path + + @request.env['PATH_INFO'] = "/?m=b" + @request.set_REQUEST_URI nil + assert_equal "/?m=b", @request.request_uri + assert_equal "/", @request.path + + @request.env['PATH_INFO'] = "/" + @request.env['SCRIPT_NAME'] = "/dispatch.cgi" + @request.set_REQUEST_URI nil + assert_equal "/", @request.request_uri + assert_equal "/", @request.path + + ActionController::Base.relative_url_root = '/hieraki' + @request.env['PATH_INFO'] = "/hieraki/" + @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" + @request.set_REQUEST_URI nil + assert_equal "/hieraki/", @request.request_uri + assert_equal "/", @request.path + ActionController::Base.relative_url_root = nil + + @request.set_REQUEST_URI '/hieraki/dispatch.cgi' + ActionController::Base.relative_url_root = '/hieraki' + assert_equal "/dispatch.cgi", @request.path(true) + ActionController::Base.relative_url_root = nil + + @request.set_REQUEST_URI '/hieraki/dispatch.cgi' + ActionController::Base.relative_url_root = '/foo' + assert_equal "/hieraki/dispatch.cgi", @request.path(true) + ActionController::Base.relative_url_root = nil + + # This test ensures that Rails uses REQUEST_URI over PATH_INFO + ActionController::Base.relative_url_root = nil + @request.env['REQUEST_URI'] = "/some/path" + @request.env['PATH_INFO'] = "/another/path" + @request.env['SCRIPT_NAME'] = "/dispatch.cgi" + assert_equal "/some/path", @request.request_uri(true) + assert_equal "/some/path", @request.path(true) + end + + test "host with default port" do + @request.host = "rubyonrails.org" + @request.port = 80 + assert_equal "rubyonrails.org", @request.host_with_port + end + + test "host with non default port" do + @request.host = "rubyonrails.org" + @request.port = 81 + assert_equal "rubyonrails.org:81", @request.host_with_port + end + + test "server software" do + assert_equal nil, @request.server_software(true) + + @request.env['SERVER_SOFTWARE'] = 'Apache3.422' + assert_equal 'apache', @request.server_software(true) + + @request.env['SERVER_SOFTWARE'] = 'lighttpd(1.1.4)' + assert_equal 'lighttpd', @request.server_software(true) + end + + test "xml http request" do + assert !@request.xml_http_request? + assert !@request.xhr? + + @request.env['HTTP_X_REQUESTED_WITH'] = "DefinitelyNotAjax1.0" + assert !@request.xml_http_request? + assert !@request.xhr? + + @request.env['HTTP_X_REQUESTED_WITH'] = "XMLHttpRequest" + assert @request.xml_http_request? + assert @request.xhr? + end + + test "reports ssl" do + assert !@request.ssl? + @request.env['HTTPS'] = 'on' + assert @request.ssl? + end + + test "reports ssl when proxied via lighttpd" do + assert !@request.ssl? + @request.env['HTTP_X_FORWARDED_PROTO'] = 'https' + assert @request.ssl? + end + + test "symbolized request methods" do + [:get, :post, :put, :delete].each do |method| + self.request_method = method + assert_equal method, @request.method + end + end + + test "invalid http method raises exception" do + assert_raises(ActionController::UnknownHttpMethod) do + self.request_method = :random_method + end + end + + test "allow method hacking on post" do + [:get, :head, :options, :put, :post, :delete].each do |method| + self.request_method = method + @request.request_method(true) + assert_equal(method == :head ? :get : method, @request.method) + end + end + + test "invalid method hacking on post raises exception" do + assert_raises(ActionController::UnknownHttpMethod) do + self.request_method = :_random_method + @request.request_method(true) + end + end + + test "restrict method hacking" do + @request.instance_eval { @parameters = { :_method => 'put' } } + [:get, :put, :delete].each do |method| + self.request_method = method + assert_equal method, @request.method + end + end + + test "head masquerading as get" do + self.request_method = :head + assert_equal :get, @request.method + assert @request.get? + assert @request.head? + end + + test "xml format" do + @request.instance_eval { @parameters = { :format => 'xml' } } + assert_equal Mime::XML, @request.format + end + + test "xhtml format" do + @request.instance_eval { @parameters = { :format => 'xhtml' } } + assert_equal Mime::HTML, @request.format + end + + test "txt format" do + @request.instance_eval { @parameters = { :format => 'txt' } } + assert_equal Mime::TEXT, @request.format + end + + test "nil format" do + begin + ActionController::Base.use_accept_header, old = + false, ActionController::Base.use_accept_header + + @request.instance_eval { @parameters = {} } + @request.env["HTTP_X_REQUESTED_WITH"] = "XMLHttpRequest" + assert @request.xhr? + assert_equal Mime::JS, @request.format + + ensure + ActionController::Base.use_accept_header = old + end + end + + test "content type" do + @request.env["CONTENT_TYPE"] = "text/html" + assert_equal Mime::HTML, @request.content_type + end + + test "format assignment should set format" do + @request.instance_eval { self.format = :txt } + assert !@request.format.xml? + @request.instance_eval { self.format = :xml } + assert @request.format.xml? + end + + test "content no type" do + assert_equal nil, @request.content_type + end + + test "content type xml" do + @request.env["CONTENT_TYPE"] = "application/xml" + assert_equal Mime::XML, @request.content_type + end + + test "content type with charset" do + @request.env["CONTENT_TYPE"] = "application/xml; charset=UTF-8" + assert_equal Mime::XML, @request.content_type + end + + test "user agent" do + assert_not_nil @request.user_agent + end + + test "parameters" do + @request.stubs(:request_parameters).returns({ "foo" => 1 }) + @request.stubs(:query_parameters).returns({ "bar" => 2 }) + + assert_equal({"foo" => 1, "bar" => 2}, @request.parameters) + assert_equal({"foo" => 1}, @request.request_parameters) + assert_equal({"bar" => 2}, @request.query_parameters) + end + + protected + def request_method=(method) + @request.env['REQUEST_METHOD'] = method.to_s.upcase + @request.request_method(true) + end +end -- cgit v1.2.3