From 70779a08a0bec1b890c1b7d77114dedc7f1b69e2 Mon Sep 17 00:00:00 2001 From: Sebastian Martinez Date: Mon, 28 Mar 2011 22:46:13 -0300 Subject: Updated Basic Authentication guides to reflect new Base.http_basic_authenticate_with method --- .../source/action_controller_overview.textile | 17 +++----------- railties/guides/source/getting_started.textile | 27 ++++------------------ 2 files changed, 8 insertions(+), 36 deletions(-) diff --git a/railties/guides/source/action_controller_overview.textile b/railties/guides/source/action_controller_overview.textile index 178d98c2d6..9dffdce8de 100644 --- a/railties/guides/source/action_controller_overview.textile +++ b/railties/guides/source/action_controller_overview.textile @@ -615,26 +615,15 @@ Rails comes with two built-in HTTP authentication mechanisms: h4. HTTP Basic Authentication -HTTP basic authentication is an authentication scheme that is supported by the majority of browsers and other HTTP clients. As an example, consider an administration section which will only be available by entering a username and a password into the browser's HTTP basic dialog window. Using the built-in authentication is quite easy and only requires you to use one method, +authenticate_or_request_with_http_basic+. +HTTP basic authentication is an authentication scheme that is supported by the majority of browsers and other HTTP clients. As an example, consider an administration section which will only be available by entering a username and a password into the browser's HTTP basic dialog window. Using the built-in authentication is quite easy and only requires you to use one method, +http_basic_authenticate_with+. class AdminController < ApplicationController - USERNAME, PASSWORD = "humbaba", "5baa61e4" - - before_filter :authenticate - - private - - def authenticate - authenticate_or_request_with_http_basic do |username, password| - username == USERNAME && - Digest::SHA1.hexdigest(password) == PASSWORD - end - end + http_basic_authenticate_with :name => "humbaba", "5baa61e4" end -With this in place, you can create namespaced controllers that inherit from +AdminController+. The before filter will thus be run for all actions in those controllers, protecting them with HTTP basic authentication. +With this in place, you can create namespaced controllers that inherit from +AdminController+. The filter will thus be run for all actions in those controllers, protecting them with HTTP basic authentication. h4. HTTP Digest Authentication diff --git a/railties/guides/source/getting_started.textile b/railties/guides/source/getting_started.textile index 0661549644..0bc2d9144e 100644 --- a/railties/guides/source/getting_started.textile +++ b/railties/guides/source/getting_started.textile @@ -1201,33 +1201,16 @@ h3. Security If you were to publish your blog online, anybody would be able to add, edit and delete posts or delete comments. -Rails provides a very simple HTTP authentication system that will work nicely in this situation. First, we enable simple HTTP based authentication in our app/controllers/application_controller.rb: +Rails provides a very simple HTTP authentication system that will work nicely in this situation. - -class ApplicationController < ActionController::Base - protect_from_forgery - - private - - def authenticate - authenticate_or_request_with_http_basic do |user_name, password| - user_name == 'admin' && password == 'password' - end - end - -end - - -You can obviously change the username and password to whatever you want. We put this method inside of +ApplicationController+ so that it is available to all of our controllers. - -Then in the +PostsController+ we need to have a way to block access to the various actions if the person is not authenticated, here we can use the Rails before_filter method, which allows us to specify that Rails must run a method and only then allow access to the requested action if that method allows it. +In the +PostsController+ we need to have a way to block access to the various actions if the person is not authenticated, here we can use the Rails http_basic_authenticate_with method, allowing access to the requested action if that method allows it. -To use the before filter, we specify it at the top of our +PostsController+, in this case, we want the user to be authenticated on every action, except for +index+ and +show+, so we write that: +To use the authentication system, we specify it at the top of our +PostsController+, in this case, we want the user to be authenticated on every action, except for +index+ and +show+, so we write that: class PostsController < ApplicationController - before_filter :authenticate, :except => [:index, :show] + http_basic_authenticate_with :name => "dhh", "secret", :except => :index # GET /posts # GET /posts.xml @@ -1242,7 +1225,7 @@ We also only want to allow authenticated users to delete comments, so in the +Co class CommentsController < ApplicationController - before_filter :authenticate, :only => :destroy + http_basic_authenticate_with :name => "dhh", "secret", :only => :destroy def create @post = Post.find(params[:post_id]) -- cgit v1.2.3 From 54af8dfbfc4122494235d817cd98b83874241215 Mon Sep 17 00:00:00 2001 From: Sebastian Martinez Date: Mon, 28 Mar 2011 22:49:43 -0300 Subject: Fix Basic Authentication examples --- railties/guides/source/action_controller_overview.textile | 2 +- railties/guides/source/getting_started.textile | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/railties/guides/source/action_controller_overview.textile b/railties/guides/source/action_controller_overview.textile index 9dffdce8de..496dc7224b 100644 --- a/railties/guides/source/action_controller_overview.textile +++ b/railties/guides/source/action_controller_overview.textile @@ -619,7 +619,7 @@ HTTP basic authentication is an authentication scheme that is supported by the m class AdminController < ApplicationController - http_basic_authenticate_with :name => "humbaba", "5baa61e4" + http_basic_authenticate_with :name => "humbaba", :password => "5baa61e4" end diff --git a/railties/guides/source/getting_started.textile b/railties/guides/source/getting_started.textile index 0bc2d9144e..1122a4b9e3 100644 --- a/railties/guides/source/getting_started.textile +++ b/railties/guides/source/getting_started.textile @@ -1210,7 +1210,7 @@ To use the authentication system, we specify it at the top of our +PostsControll class PostsController < ApplicationController - http_basic_authenticate_with :name => "dhh", "secret", :except => :index + http_basic_authenticate_with :name => "dhh", :password => "secret", :except => :index # GET /posts # GET /posts.xml @@ -1225,7 +1225,7 @@ We also only want to allow authenticated users to delete comments, so in the +Co class CommentsController < ApplicationController - http_basic_authenticate_with :name => "dhh", "secret", :only => :destroy + http_basic_authenticate_with :name => "dhh", :password => "secret", :only => :destroy def create @post = Post.find(params[:post_id]) -- cgit v1.2.3 From d5dc02b5e88324bdbd274a5008a1d6b7a2f6f9d7 Mon Sep 17 00:00:00 2001 From: ozzyaaron Date: Tue, 29 Mar 2011 11:22:16 +0800 Subject: Added back the Callback debugging section by interrogating the _*_callbacks method --- activerecord/lib/active_record/callbacks.rb | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/activerecord/lib/active_record/callbacks.rb b/activerecord/lib/active_record/callbacks.rb index 86d58df99b..a175bf003c 100644 --- a/activerecord/lib/active_record/callbacks.rb +++ b/activerecord/lib/active_record/callbacks.rb @@ -214,6 +214,24 @@ module ActiveRecord # needs to be aware of it because an ordinary +save+ will raise such exception # instead of quietly returning +false+. # + # == Debugging callbacks + # + # The callback chain is accessible via the _*_callbacks method on an object. ActiveModel Callbacks support + # :before, :after and :around as values for the kind property. The kind property + # defines what part of the chain the callback runs in. + # + # To find all callbacks in the before_save callback chain: + # + # Topic._save_callbacks.select { |cb| cb.kind.eql?(:before) } + # + # Returns an array of callback objects that form the before_save chain. + # + # To further check if the before_save chain contains a proc defined as rest_when_dead use the filter property of the callback object: + # + # Topic._save_callbacks.select { |cb| cb.kind.eql?(:before) }.collect(&:filter).include?(:rest_when_dead) + # + # Returns true or false depending on whether the proc is contained in the before_save callback chain on a Topic model. + # module Callbacks extend ActiveSupport::Concern -- cgit v1.2.3 From cc446d6c9f10a6258da958ecc8948ef478d9407c Mon Sep 17 00:00:00 2001 From: Gabriel Horner Date: Mon, 28 Mar 2011 23:48:17 -0400 Subject: Add docs for ActionController::Metal class methods --- actionpack/lib/action_controller/metal.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/actionpack/lib/action_controller/metal.rb b/actionpack/lib/action_controller/metal.rb index e5db31061b..585bd5e5ab 100644 --- a/actionpack/lib/action_controller/metal.rb +++ b/actionpack/lib/action_controller/metal.rb @@ -201,19 +201,23 @@ module ActionController class_attribute :middleware_stack self.middleware_stack = ActionController::MiddlewareStack.new - def self.inherited(base) + def self.inherited(base) #nodoc: base.middleware_stack = self.middleware_stack.dup super end + # Adds given middleware class and its args to bottom of middleware_stack def self.use(*args, &block) middleware_stack.use(*args, &block) end + # Alias for middleware_stack def self.middleware middleware_stack end + # Makes the controller a rack endpoint that points to the action in + # the given env's action_dispatch.request.path_parameters key. def self.call(env) action(env['action_dispatch.request.path_parameters'][:action]).call(env) end -- cgit v1.2.3 From 07054fe369b0d30562642f15140f7c863dfc4328 Mon Sep 17 00:00:00 2001 From: John Firebaugh Date: Mon, 28 Mar 2011 22:17:20 -0700 Subject: Fix grammar, formatting, and cross references --- actionpack/lib/action_dispatch/testing/integration.rb | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/actionpack/lib/action_dispatch/testing/integration.rb b/actionpack/lib/action_dispatch/testing/integration.rb index 5c6416a19e..4706112a06 100644 --- a/actionpack/lib/action_dispatch/testing/integration.rb +++ b/actionpack/lib/action_dispatch/testing/integration.rb @@ -26,31 +26,31 @@ module ActionDispatch # object's @response instance variable will point to the same # response object. # - # You can also perform POST, PUT, DELETE, and HEAD requests with +post+, - # +put+, +delete+, and +head+. + # You can also perform POST, PUT, DELETE, and HEAD requests with +#post+, + # +#put+, +#delete+, and +#head+. def get(path, parameters = nil, headers = nil) process :get, path, parameters, headers end - # Performs a POST request with the given parameters. See get() for more + # Performs a POST request with the given parameters. See +#get+ for more # details. def post(path, parameters = nil, headers = nil) process :post, path, parameters, headers end - # Performs a PUT request with the given parameters. See get() for more + # Performs a PUT request with the given parameters. See +#get+ for more # details. def put(path, parameters = nil, headers = nil) process :put, path, parameters, headers end - # Performs a DELETE request with the given parameters. See get() for + # Performs a DELETE request with the given parameters. See +#get+ for # more details. def delete(path, parameters = nil, headers = nil) process :delete, path, parameters, headers end - # Performs a HEAD request with the given parameters. See get() for more + # Performs a HEAD request with the given parameters. See +#get+ for more # details. def head(path, parameters = nil, headers = nil) process :head, path, parameters, headers @@ -59,7 +59,7 @@ module ActionDispatch # Performs an XMLHttpRequest request with the given parameters, mirroring # a request from the Prototype library. # - # The request_method is :get, :post, :put, :delete or :head; the + # The request_method is +:get+, +:post+, +:put+, +:delete+ or +:head+; the # parameters are +nil+, a hash, or a url-encoded or multipart string; # the headers are a hash. Keys are automatically upcased and prefixed # with 'HTTP_' if not already. @@ -384,7 +384,7 @@ module ActionDispatch end end - # An test that spans multiple controllers and actions, + # An integration test spans multiple controllers and actions, # tying them all together to ensure they work together as expected. It tests # more completely than either unit or functional tests do, exercising the # entire stack, from the dispatcher to the database. -- cgit v1.2.3 From b671e4d86aa77af6a85ed454f7904ceaf40cc4ce Mon Sep 17 00:00:00 2001 From: John Firebaugh Date: Mon, 28 Mar 2011 22:31:05 -0700 Subject: Fix formatting and broken markup --- activemodel/lib/active_model/errors.rb | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/activemodel/lib/active_model/errors.rb b/activemodel/lib/active_model/errors.rb index c2f0228785..f3ec406ec8 100644 --- a/activemodel/lib/active_model/errors.rb +++ b/activemodel/lib/active_model/errors.rb @@ -278,19 +278,18 @@ module ActiveModel # When using inheritance in your models, it will check all the inherited # models too, but only if the model itself hasn't been found. Say you have # class Admin < User; end and you wanted the translation for - # the :blank error +message+ for the title +attribute+, + # the :blank error message for the title attribute, # it looks for these translations: # - #
    - #
  1. activemodel.errors.models.admin.attributes.title.blank
    2. - #
  2. activemodel.errors.models.admin.blank
    3. - #
  3. activemodel.errors.models.user.attributes.title.blank
    4. - #
  4. activemodel.errors.models.user.blank
    5. - #
  5. any default you provided through the +options+ hash (in the activemodel.errors scope)
    6. - #
  6. activemodel.errors.messages.blank
    7. - #
  7. errors.attributes.title.blank
    8. - #
  8. errors.messages.blank
    9. - #
+ # * activemodel.errors.models.admin.attributes.title.blank + # * activemodel.errors.models.admin.blank + # * activemodel.errors.models.user.attributes.title.blank + # * activemodel.errors.models.user.blank + # * any default you provided through the +options+ hash (in the activemodel.errors scope) + # * activemodel.errors.messages.blank + # * errors.attributes.title.blank + # * errors.messages.blank + # def generate_message(attribute, type = :invalid, options = {}) type = options.delete(:message) if options[:message].is_a?(Symbol) -- cgit v1.2.3 From 9fdfe2ec1e4451b9dd4c3cdfdf22c895659f53e7 Mon Sep 17 00:00:00 2001 From: mhutchin Date: Tue, 29 Mar 2011 00:39:33 -0700 Subject: Fixed typo and improved readability. --- railties/guides/source/testing.textile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/railties/guides/source/testing.textile b/railties/guides/source/testing.textile index d3f72509c6..d937f30609 100644 --- a/railties/guides/source/testing.textile +++ b/railties/guides/source/testing.textile @@ -748,7 +748,8 @@ You don't need to set up and run your tests by hand on a test-by-test basis. Rai h3. Brief Note About +Test::Unit+ -Ruby ships with a boat load of libraries. One little gem of a library is +Test::Unit+, a framework for unit testing in Ruby. All the basic assertions discussed above are actually defined in +Test::Unit::Assertions+. The class +ActiveSupport::TestCase+ which we have been using in our unit and functional tests extends +Test::Unit::TestCase+ that it is how we can use all the basic assertions in our tests. +Ruby ships with a boat load of libraries. One little gem of a library is +Test::Unit+, a framework for unit testing in Ruby. All the basic assertions discussed above are actually defined in +Test::Unit::Assertions+. The class +ActiveSupport::TestCase+ which we have been using in our unit and functional tests extends +Test::Unit::TestCase+, allowing +us to use all of the basic assertions in our tests. NOTE: For more information on +Test::Unit+, refer to "test/unit Documentation":http://ruby-doc.org/stdlib/libdoc/test/unit/rdoc/ -- cgit v1.2.3 From ff09d4bd5b19d478def54648251c78d97027040c Mon Sep 17 00:00:00 2001 From: mhutchin Date: Tue, 29 Mar 2011 01:50:00 -0700 Subject: Minor rephrasing to improve grammar and readability. --- railties/guides/source/layout.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/railties/guides/source/layout.html.erb b/railties/guides/source/layout.html.erb index f2681c6461..911655e0f4 100644 --- a/railties/guides/source/layout.html.erb +++ b/railties/guides/source/layout.html.erb @@ -111,7 +111,7 @@

Feedback

- You're encouraged to help in keeping the quality of this guide. + You're encouraged to help improve the quality of this guide.

If you see any typos or factual errors you are confident to -- cgit v1.2.3 From 45d5d6b2683be263ae9c977324633972f318b814 Mon Sep 17 00:00:00 2001 From: Eadz Date: Sat, 19 Mar 2011 00:00:50 -0700 Subject: Documented undocumented feature: Class methods on your model are automatically available on scopes --- activerecord/lib/active_record/named_scope.rb | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/activerecord/lib/active_record/named_scope.rb b/activerecord/lib/active_record/named_scope.rb index d291632260..a445f68790 100644 --- a/activerecord/lib/active_record/named_scope.rb +++ b/activerecord/lib/active_record/named_scope.rb @@ -99,6 +99,28 @@ module ActiveRecord # # Article.published.new.published # => true # Article.published.create.published # => true + # + # Class methods on your model are automatically available + # on scopes + # + # class Article < ActiveRecord::Base + # scope :pubished, where(:published => true) + # scope :featured, where(:featured => true) + # + # def self.latest_article + # order('published_at desc').first + # end + # + # def self.titles + # map{|article| article.title} + # end + # + # end + # + # Example usage: + # Article.published.featured.latest_article + # Article.featured.titles + def scope(name, scope_options = {}) name = name.to_sym valid_scope_name?(name) -- cgit v1.2.3 From 6a1715111e16e07a30bd61eaecf059fd90732e59 Mon Sep 17 00:00:00 2001 From: Eadz Date: Sat, 19 Mar 2011 00:02:53 -0700 Subject: add space to conform with style --- activerecord/lib/active_record/named_scope.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/activerecord/lib/active_record/named_scope.rb b/activerecord/lib/active_record/named_scope.rb index a445f68790..9c0652c3a0 100644 --- a/activerecord/lib/active_record/named_scope.rb +++ b/activerecord/lib/active_record/named_scope.rb @@ -112,7 +112,7 @@ module ActiveRecord # end # # def self.titles - # map{|article| article.title} + # map {|article| article.title} # end # # end -- cgit v1.2.3 From 7a34ab7d60756856b79d2f8ef33ac843a78b70ad Mon Sep 17 00:00:00 2001 From: Ryan Bigg Date: Thu, 31 Mar 2011 06:46:02 +1100 Subject: Fix typo in named_scope documentation --- activerecord/lib/active_record/named_scope.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/activerecord/lib/active_record/named_scope.rb b/activerecord/lib/active_record/named_scope.rb index 9c0652c3a0..603a0c169a 100644 --- a/activerecord/lib/active_record/named_scope.rb +++ b/activerecord/lib/active_record/named_scope.rb @@ -104,7 +104,7 @@ module ActiveRecord # on scopes # # class Article < ActiveRecord::Base - # scope :pubished, where(:published => true) + # scope :published, where(:published => true) # scope :featured, where(:featured => true) # # def self.latest_article -- cgit v1.2.3 From 04d5decfd3c8f899df462bfc7f1ccb9770542a97 Mon Sep 17 00:00:00 2001 From: Ryan Bigg Date: Thu, 31 Mar 2011 06:47:01 +1100 Subject: Cleanup of named_scope documentation --- activerecord/lib/active_record/named_scope.rb | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/activerecord/lib/active_record/named_scope.rb b/activerecord/lib/active_record/named_scope.rb index 603a0c169a..8eb87f7b7a 100644 --- a/activerecord/lib/active_record/named_scope.rb +++ b/activerecord/lib/active_record/named_scope.rb @@ -101,24 +101,25 @@ module ActiveRecord # Article.published.create.published # => true # # Class methods on your model are automatically available - # on scopes - # + # on scopes. Assuming the following setup: + # # class Article < ActiveRecord::Base # scope :published, where(:published => true) # scope :featured, where(:featured => true) - # + # # def self.latest_article - # order('published_at desc').first + # order('published_at desc').first # end - # + # # def self.titles # map {|article| article.title} # end # # end - # - # Example usage: - # Article.published.featured.latest_article + # + # We are able to call the methods like this: + # + # Article.published.featured.latest_article # Article.featured.titles def scope(name, scope_options = {}) -- cgit v1.2.3 From cf07da0929bbeaaeb68cbafbb600727b3bda470e Mon Sep 17 00:00:00 2001 From: Ryan Bigg Date: Thu, 31 Mar 2011 06:59:48 +1100 Subject: Symbol to proc is preferred over longer form of map --- activerecord/lib/active_record/named_scope.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/activerecord/lib/active_record/named_scope.rb b/activerecord/lib/active_record/named_scope.rb index 8eb87f7b7a..d5fff65303 100644 --- a/activerecord/lib/active_record/named_scope.rb +++ b/activerecord/lib/active_record/named_scope.rb @@ -112,7 +112,7 @@ module ActiveRecord # end # # def self.titles - # map {|article| article.title} + # map(&:title) # end # # end -- cgit v1.2.3 From f44d85a030f6e22421b26f0d5a0c869fae3efe5f Mon Sep 17 00:00:00 2001 From: Josiah Ivey Date: Thu, 31 Mar 2011 00:16:45 -0500 Subject: Grammar tweaks to the guides guidelines --- .../source/ruby_on_rails_guides_guidelines.textile | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/railties/guides/source/ruby_on_rails_guides_guidelines.textile b/railties/guides/source/ruby_on_rails_guides_guidelines.textile index 6576758856..8e55780dca 100644 --- a/railties/guides/source/ruby_on_rails_guides_guidelines.textile +++ b/railties/guides/source/ruby_on_rails_guides_guidelines.textile @@ -10,10 +10,10 @@ Guides are written in "Textile":http://www.textism.com/tools/textile/. There's c h3. Prologue -Each guide should start with motivational text at the top. That's the little introduction in the blue area. The prologue should tell the readers what's the guide about, and what will they learn. See for example the "Routing Guide":routing.html. +Each guide should start with motivational text at the top (that's the little introduction in the blue area.) The prologue should tell the reader what the guide is about, and what they will learn. See for example the "Routing Guide":routing.html. h3. Titles - + The title of every guide uses +h2+, guide sections use +h3+, subsections +h4+, etc. Capitalize all words except for internal articles, prepositions, conjunctions, and forms of the verb to be: @@ -23,7 +23,7 @@ h5. Middleware Stack is an Array h5. When are Objects Saved? -Use same typography as in regular text: +Use the same typography as in regular text: h6. The +:content_type+ Option @@ -42,13 +42,13 @@ Those guidelines apply also to guides. h3. HTML Generation -To generate all the guides just cd into the +railties+ directory and execute +To generate all the guides, just +cd+ into the +railties+ directory and execute: bundle exec rake generate_guides -You'll need the gems erubis, i18n, and RedCloth. +(You may need to run +bundle install+ first to install the required gems.) To process +my_guide.textile+ and nothing else use the +ONLY+ environment variable: @@ -56,13 +56,13 @@ To process +my_guide.textile+ and nothing else use the +ONLY+ environment variab bundle exec rake generate_guides ONLY=my_guide -Although by default guides that have not been modified are not processed, so +ONLY+ is rarely needed in practice. +By default, guides that have not been modified are not processed, so +ONLY+ is rarely needed in practice. To force process of all the guides, pass +ALL=1+. -It is also recommended that you work with +WARNINGS=1+, this detects duplicate IDs and warns about broken internal links. +It is also recommended that you work with +WARNINGS=1+. This detects duplicate IDs and warns about broken internal links. -If you want to generate guides in languages other than English, you can keep them in a separate directory under +source+ (eg. source/es) and use the +LANGUAGE+ environment variable. +If you want to generate guides in languages other than English, you can keep them in a separate directory under +source+ (eg. source/es) and use the +LANGUAGE+ environment variable: rake generate_guides LANGUAGE=es @@ -70,7 +70,7 @@ rake generate_guides LANGUAGE=es h3. HTML Validation -Please do validate the generated HTML with +Please validate the generated HTML with: rake validate_guides @@ -80,4 +80,5 @@ Particularly, titles get an ID generated from their content and this often leads h3. Changelog +* March 31, 2011: grammar tweaks by "Josiah Ivey":http://twitter.com/josiahivey * October 5, 2010: ported from the docrails wiki and revised by "Xavier Noria":credits.html#fxn -- cgit v1.2.3