From 08525e3ef172873a5fa525b27f445012d9e226c3 Mon Sep 17 00:00:00 2001 From: Tim Ruffles Date: Fri, 26 Jul 2013 16:47:18 +0100 Subject: be more specific about csrf token and ajax - not whitelisted outside of jquery-rails [ci skip] --- actionview/lib/action_view/helpers/csrf_helper.rb | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'actionview') diff --git a/actionview/lib/action_view/helpers/csrf_helper.rb b/actionview/lib/action_view/helpers/csrf_helper.rb index eeb0ed94b9..5af92c4ff2 100644 --- a/actionview/lib/action_view/helpers/csrf_helper.rb +++ b/actionview/lib/action_view/helpers/csrf_helper.rb @@ -12,8 +12,11 @@ module ActionView # These are used to generate the dynamic forms that implement non-remote links with # :method. # - # Note that regular forms generate hidden fields, and that Ajax calls are whitelisted, - # so they do not use these tags. + # You don't need to use these tags for regular forms as they generate their own hidden fields. + # + # For AJAX requests other than GETs, extract the "csrf-token" from the meta-tag and send as the + # "X-CSRF-Token" HTTP header. If you are using jQuery with jquery-rails this happens automatically. + # def csrf_meta_tags if protect_against_forgery? [ -- cgit v1.2.3 From 433628a45c2f5dd04b115af1b5579dac75255c67 Mon Sep 17 00:00:00 2001 From: Kassio Borges Date: Sun, 26 Jan 2014 20:05:34 -0200 Subject: Rails config for raise on missing translations Add a config to setup whether raise exception for missing translation or not. --- actionview/CHANGELOG.md | 7 +++++++ actionview/lib/action_view/base.rb | 4 ++++ actionview/lib/action_view/helpers/translation_helper.rb | 8 ++++---- actionview/test/template/translation_helper_test.rb | 10 ++++++++++ 4 files changed, 25 insertions(+), 4 deletions(-) (limited to 'actionview') diff --git a/actionview/CHANGELOG.md b/actionview/CHANGELOG.md index 19877ca8cb..960f867d99 100644 --- a/actionview/CHANGELOG.md +++ b/actionview/CHANGELOG.md @@ -1,3 +1,10 @@ +* Added `config.action_view.raise_on_missing_translations` to define whether an + error should be raised for missing translations. + + Fixes #13196 + + *Kassio Borges* + * Improved ERB dependency detection. New argument types and formattings for the `render` calls can be matched. diff --git a/actionview/lib/action_view/base.rb b/actionview/lib/action_view/base.rb index 8eb7072d0c..455ce531ae 100644 --- a/actionview/lib/action_view/base.rb +++ b/actionview/lib/action_view/base.rb @@ -153,6 +153,10 @@ module ActionView #:nodoc: # Specify default_formats that can be rendered. cattr_accessor :default_formats + # Specify whether an error should be raised for missing translations + cattr_accessor :raise_on_missing_translations + @@raise_on_missing_translations = false + class_attribute :_routes class_attribute :logger diff --git a/actionview/lib/action_view/helpers/translation_helper.rb b/actionview/lib/action_view/helpers/translation_helper.rb index 3ae1df04fe..0bc40874d9 100644 --- a/actionview/lib/action_view/helpers/translation_helper.rb +++ b/actionview/lib/action_view/helpers/translation_helper.rb @@ -38,10 +38,10 @@ module ActionView # If the user has specified rescue_format then pass it all through, otherwise use # raise and do the work ourselves - if options.key?(:raise) || options.key?(:rescue_format) - raise_error = options[:raise] || options[:rescue_format] - else - raise_error = false + options[:raise] ||= ActionView::Base.raise_on_missing_translations + + raise_error = options[:raise] || options.key?(:rescue_format) + unless raise_error options[:raise] = true end diff --git a/actionview/test/template/translation_helper_test.rb b/actionview/test/template/translation_helper_test.rb index 269714fad0..c4770840fb 100644 --- a/actionview/test/template/translation_helper_test.rb +++ b/actionview/test/template/translation_helper_test.rb @@ -53,6 +53,16 @@ class TranslationHelperTest < ActiveSupport::TestCase assert_equal false, translate(:"translations.missing", :rescue_format => nil).html_safe? end + def test_raises_missing_translation_message_with_raise_config_option + ActionView::Base.raise_on_missing_translations = true + + assert_raise(I18n::MissingTranslationData) do + translate("translations.missing") + end + ensure + ActionView::Base.raise_on_missing_translations = false + end + def test_raises_missing_translation_message_with_raise_option assert_raise(I18n::MissingTranslationData) do translate(:"translations.missing", :raise => true) -- cgit v1.2.3 From 02f9f3314244513fce0a94acef08318d67d6707f Mon Sep 17 00:00:00 2001 From: Yves Senn Date: Thu, 30 Jan 2014 11:12:46 +0100 Subject: tidy CHANGELOGs [ci skip] --- actionview/CHANGELOG.md | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'actionview') diff --git a/actionview/CHANGELOG.md b/actionview/CHANGELOG.md index 960f867d99..c370f3df51 100644 --- a/actionview/CHANGELOG.md +++ b/actionview/CHANGELOG.md @@ -1,20 +1,20 @@ * Added `config.action_view.raise_on_missing_translations` to define whether an error should be raised for missing translations. - Fixes #13196 + Fixes #13196. *Kassio Borges* * Improved ERB dependency detection. New argument types and formattings for the `render` calls can be matched. - Fixes #13074 and #13116 + Fixes #13074, #13116. *João Britto* -* Use `display:none` instead of `display:inline` for hidden fields +* Use `display:none` instead of `display:inline` for hidden fields. - Fixes #6403 + Fixes #6403. *Gaelian Ditchburn* @@ -82,11 +82,11 @@ *Yves Senn* -* Use `set_backtrace` instead of instance variable `@backtrace` in ActionView exceptions +* Use `set_backtrace` instead of instance variable `@backtrace` in ActionView exceptions. *Shimpei Makimoto* -* Fix `simple_format` escapes own output when passing `sanitize: true` +* Fix `simple_format` escapes own output when passing `sanitize: true`. *Paul Seidemann* @@ -104,7 +104,9 @@ *Bogdan Gusiev* -* Ability to pass block to `select` helper +* Ability to pass a block to the `select` helper. + + Example: <%= select(report, "campaign_ids") do %> <% available_campaigns.each do |c| -%> @@ -184,7 +186,7 @@ * Fix default rendered format problem when calling `render` without :content_type option. It should return :html. Fix #11393. - *Gleb Mazovetskiy* *Oleg* *kennyj* + *Gleb Mazovetskiy*, *Oleg*, *kennyj* * Fix `link_to` with block and url hashes. -- cgit v1.2.3 From 8c7e8b4f18a18ee616e5351f8fa3581cdee79e23 Mon Sep 17 00:00:00 2001 From: Carlos Antonio da Silva Date: Fri, 31 Jan 2014 08:02:56 -0200 Subject: Minor changelog improvements [ci skip] --- actionview/CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actionview') diff --git a/actionview/CHANGELOG.md b/actionview/CHANGELOG.md index c370f3df51..30dbc20f18 100644 --- a/actionview/CHANGELOG.md +++ b/actionview/CHANGELOG.md @@ -18,7 +18,7 @@ *Gaelian Ditchburn* -* The `video_tag` helper accepts a number as `:size` +* The `video_tag` helper accepts a number as `:size`. The `:size` option of the `video_tag` helper now can be specified with a stringified number. The `width` and `height` attributes of -- cgit v1.2.3 From e8fcd599ba6a301dbddb084f7369320ca3c49ff3 Mon Sep 17 00:00:00 2001 From: Aaron Patterson Date: Fri, 31 Jan 2014 12:00:54 -0800 Subject: only ask for the location filters once --- actionview/lib/action_view.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'actionview') diff --git a/actionview/lib/action_view.rb b/actionview/lib/action_view.rb index 5c729345dc..0eb29b7ebb 100644 --- a/actionview/lib/action_view.rb +++ b/actionview/lib/action_view.rb @@ -28,6 +28,8 @@ require 'action_view/version' module ActionView extend ActiveSupport::Autoload + ENCODING_FLAG = '#.*coding[:=]\s*(\S+)[ \t]*' + eager_autoload do autoload :Base autoload :Context @@ -81,8 +83,6 @@ module ActionView autoload :TestCase - ENCODING_FLAG = '#.*coding[:=]\s*(\S+)[ \t]*' - def self.eager_load! super ActionView::Helpers.eager_load! -- cgit v1.2.3 From 3fbff7811bc7142e6f4142f807dd7b6ebd766a13 Mon Sep 17 00:00:00 2001 From: Aaron Patterson Date: Fri, 31 Jan 2014 12:05:50 -0800 Subject: just require the template resolver LookupContext is eagerly loaded, and FallbackFileSystemResolver is referenced at the class level. Just require the resolver from the eagerly loaded class rather than jumping through autoload hoops --- actionview/lib/action_view.rb | 1 - actionview/lib/action_view/lookup_context.rb | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) (limited to 'actionview') diff --git a/actionview/lib/action_view.rb b/actionview/lib/action_view.rb index 0eb29b7ebb..50712e0830 100644 --- a/actionview/lib/action_view.rb +++ b/actionview/lib/action_view.rb @@ -56,7 +56,6 @@ module ActionView autoload_at "action_view/template/resolver" do autoload :Resolver autoload :PathResolver - autoload :FileSystemResolver autoload :OptimizedFileSystemResolver autoload :FallbackFileSystemResolver end diff --git a/actionview/lib/action_view/lookup_context.rb b/actionview/lib/action_view/lookup_context.rb index e07d9b6314..76c9890776 100644 --- a/actionview/lib/action_view/lookup_context.rb +++ b/actionview/lib/action_view/lookup_context.rb @@ -1,6 +1,7 @@ require 'thread_safe' require 'active_support/core_ext/module/remove_method' require 'active_support/core_ext/module/attribute_accessors' +require 'action_view/template/resolver' module ActionView # = Action View Lookup Context -- cgit v1.2.3 From 4b4db54e6b48813b24c807b0156eb58bc4694cd9 Mon Sep 17 00:00:00 2001 From: Attila Domokos Date: Sun, 2 Feb 2014 10:27:18 -0600 Subject: Adding an documentation example and a test to button_to with path I did not see in the docs that `button_to` supports not only URLs but paths as well. I documented this functionality with a unit tests and added an example to the docs as well. --- actionview/lib/action_view/helpers/url_helper.rb | 5 +++++ actionview/test/template/url_helper_test.rb | 7 +++++++ 2 files changed, 12 insertions(+) (limited to 'actionview') diff --git a/actionview/lib/action_view/helpers/url_helper.rb b/actionview/lib/action_view/helpers/url_helper.rb index 56dd7a4390..3ccace1274 100644 --- a/actionview/lib/action_view/helpers/url_helper.rb +++ b/actionview/lib/action_view/helpers/url_helper.rb @@ -232,6 +232,11 @@ module ActionView # #
# # " # + # <%= button_to "New", new_articles_path %> + # # => "
+ # #
+ # #
" + # # <%= button_to [:make_happy, @user] do %> # Make happy <%= @user.name %> # <% end %> diff --git a/actionview/test/template/url_helper_test.rb b/actionview/test/template/url_helper_test.rb index deba33510a..7e978e15d2 100644 --- a/actionview/test/template/url_helper_test.rb +++ b/actionview/test/template/url_helper_test.rb @@ -56,6 +56,13 @@ class UrlHelperTest < ActiveSupport::TestCase assert_dom_equal %{
}, button_to("Hello", "http://www.example.com") end + def test_button_to_with_path + assert_dom_equal( + %{
}, + button_to("Hello", article_path("Hello".html_safe)) + ) + end + def test_button_to_with_straight_url_and_request_forgery self.request_forgery = true -- cgit v1.2.3 From 5b793a8add2d8fa57cde48ece3a9e20870a398f1 Mon Sep 17 00:00:00 2001 From: Iain Beeston Date: Wed, 12 Feb 2014 17:40:52 +0000 Subject: Added tests to render helper that expect `render partial: @foo` to automatically call @foo.to_partial_path Calling `render @foo` allows local variables but not options to be passed to the partial renderer. The correct way to render an object AND pass options to the partial renderer is to pass the object in the `:partial` parameter. However, there were previously no tests for this behaviour (in `render_helper_test.rb` at least). --- actionview/test/fixtures/customers/_customer.xml.erb | 1 + actionview/test/template/render_test.rb | 10 ++++++++++ 2 files changed, 11 insertions(+) create mode 100644 actionview/test/fixtures/customers/_customer.xml.erb (limited to 'actionview') diff --git a/actionview/test/fixtures/customers/_customer.xml.erb b/actionview/test/fixtures/customers/_customer.xml.erb new file mode 100644 index 0000000000..d3f1e0768f --- /dev/null +++ b/actionview/test/fixtures/customers/_customer.xml.erb @@ -0,0 +1 @@ +<%= greeting %><%= customer.name %> \ No newline at end of file diff --git a/actionview/test/template/render_test.rb b/actionview/test/template/render_test.rb index 055a273cc3..db5d99755c 100644 --- a/actionview/test/template/render_test.rb +++ b/actionview/test/template/render_test.rb @@ -304,6 +304,16 @@ module RenderTestCases assert_equal "Hola: david", @controller_view.render('customer_greeting', :greeting => 'Hola', :customer_greeting => Customer.new("david")) end + def test_render_partial_with_object_uses_render_partial_path + assert_equal "Hello: lifo", + @controller_view.render(:partial => Customer.new("lifo"), :locals => {:greeting => "Hello"}) + end + + def test_render_partial_with_object_and_format_uses_render_partial_path + assert_equal "Hellolifo", + @controller_view.render(:partial => Customer.new("lifo"), :formats => :xml, :locals => {:greeting => "Hello"}) + end + def test_render_partial_using_object assert_equal "Hello: lifo", @controller_view.render(Customer.new("lifo"), :greeting => "Hello") -- cgit v1.2.3 From f9b6b865e60ea770cc34e9946f6df1604f20dd27 Mon Sep 17 00:00:00 2001 From: Lukasz Strzalkowski Date: Thu, 13 Feb 2014 15:59:09 +0100 Subject: Variant negotiation Allow setting `request.variant` as an array - an order in which they will be rendered. For example: request.variant = [:tablet, :phone] respond_to do |format| format.html.none format.html.phone # this gets rendered end --- actionview/lib/action_view/rendering.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actionview') diff --git a/actionview/lib/action_view/rendering.rb b/actionview/lib/action_view/rendering.rb index 99b95fdfb7..7c17220d14 100644 --- a/actionview/lib/action_view/rendering.rb +++ b/actionview/lib/action_view/rendering.rb @@ -94,7 +94,7 @@ module ActionView variant = options[:variant] lookup_context.rendered_format = nil if options[:formats] - lookup_context.variants = [variant] if variant + lookup_context.variants = variant if variant view_renderer.render(view_context, options) end -- cgit v1.2.3 From 5f295aebdbb15e2000cef5c9b8a2e28c5cc3db1b Mon Sep 17 00:00:00 2001 From: Xavier Noria Date: Sat, 15 Feb 2014 10:27:15 +0100 Subject: implements new option :month_format_string for date select helpers [Closes #13618] --- actionview/CHANGELOG.md | 14 ++++++++++ actionview/lib/action_view/helpers/date_helper.rb | 33 ++++++++++++++++------- actionview/test/template/date_helper_test.rb | 10 +++++++ 3 files changed, 48 insertions(+), 9 deletions(-) (limited to 'actionview') diff --git a/actionview/CHANGELOG.md b/actionview/CHANGELOG.md index 30dbc20f18..a0f298a6b1 100644 --- a/actionview/CHANGELOG.md +++ b/actionview/CHANGELOG.md @@ -1,3 +1,17 @@ +* Date select helpers accept a format string for the months selector via the + new option `:month_format_string`. + + When rendered, the format string gets passed keys `:number` (integer), and + `:name` (string), in order to be able to interpolate them as in + + '%{name} (%02d)' + + for example. + + This option is motivated by #13618. + + *Xavier Noria* + * Added `config.action_view.raise_on_missing_translations` to define whether an error should be raised for missing translations. diff --git a/actionview/lib/action_view/helpers/date_helper.rb b/actionview/lib/action_view/helpers/date_helper.rb index 3d091c4a00..698f0ca31c 100644 --- a/actionview/lib/action_view/helpers/date_helper.rb +++ b/actionview/lib/action_view/helpers/date_helper.rb @@ -169,6 +169,9 @@ module ActionView # "2 - February" instead of "February"). # * :use_month_names - Set to an array with 12 month names if you want to customize month names. # Note: You can also use Rails' i18n functionality for this. + # * :month_format_string - Set to a format string. The string gets passed keys +:number+ (integer) + # and +:name+ (string). A format string would be something like "%{name} (%02d)" for example. + # See Kernel.sprintf for documentation on format sequences. # * :date_separator - Specifies a string to separate the date fields. Default is "" (i.e. nothing). # * :start_year - Set the start year for the year select. Default is Date.today.year - 5if # you are creating new record. While editing existing record, :start_year defaults to @@ -850,24 +853,36 @@ module ActionView I18n.translate(key, :locale => @options[:locale]) end - # Lookup month name for number. - # month_name(1) => "January" + # Looks up month names by number (1-based): # - # If :use_month_numbers option is passed - # month_name(1) => 1 + # month_name(1) # => "January" # - # If :use_two_month_numbers option is passed - # month_name(1) => '01' + # If the :use_month_numbers option is passed: # - # If :add_month_numbers option is passed - # month_name(1) => "1 - January" + # month_name(1) # => 1 + # + # If the :use_two_month_numbers option is passed: + # + # month_name(1) # => '01' + # + # If the :add_month_numbers option is passed: + # + # month_name(1) # => "1 - January" + # + # If the :month_format_string option is passed: + # + # month_name(1) # => "January (01)" + # + # depending on the format string. def month_name(number) if @options[:use_month_numbers] number elsif @options[:use_two_digit_numbers] - sprintf "%02d", number + '%02d' % number elsif @options[:add_month_numbers] "#{number} - #{month_names[number]}" + elsif format_string = @options[:month_format_string] + format_string % {number: number, name: month_names[number]} else month_names[number] end diff --git a/actionview/test/template/date_helper_test.rb b/actionview/test/template/date_helper_test.rb index 5f09aef249..6f77c3c99d 100644 --- a/actionview/test/template/date_helper_test.rb +++ b/actionview/test/template/date_helper_test.rb @@ -326,6 +326,16 @@ class DateHelperTest < ActionView::TestCase assert_dom_equal expected, select_month(8, :add_month_numbers => true) end + def test_select_month_with_format_string + expected = %(\n" + + format_string = '%{name} (%02d)' + assert_dom_equal expected, select_month(Time.mktime(2003, 8, 16), :month_format_string => format_string) + assert_dom_equal expected, select_month(8, :month_format_string => format_string) + end + def test_select_month_with_numbers_and_names_with_abbv expected = %(