From 9b28a2ff4add8b55a6a80f5fe33b7bb7d4280746 Mon Sep 17 00:00:00 2001 From: Steven Chanin Date: Tue, 9 May 2017 09:40:20 -0700 Subject: [ci skip] explain async queue and rake tasks [ci skip] --- guides/source/active_job_basics.md | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'guides') diff --git a/guides/source/active_job_basics.md b/guides/source/active_job_basics.md index b58ca61848..ee8e652485 100644 --- a/guides/source/active_job_basics.md +++ b/guides/source/active_job_basics.md @@ -310,6 +310,12 @@ UserMailer.welcome(@user).deliver_now UserMailer.welcome(@user).deliver_later ``` +NOTE: Using the asynchronous queue from a rake task (for example, to +send an email using `.deliver_later`) will generally not work because rake will +likely end, causing the in-process thread pool to be deleted, before any/all +of the `.deliver_later` emails are processed. To avoid this problem, use +`.deliver_now` or run a persistent queue in development as well. + Internationalization -------------------- -- cgit v1.2.3 From b9d7bd476893345165e38191612f27ec836c44e7 Mon Sep 17 00:00:00 2001 From: Steven Chanin Date: Tue, 9 May 2017 17:18:16 -0700 Subject: Capitalize Rake --- guides/source/active_job_basics.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'guides') diff --git a/guides/source/active_job_basics.md b/guides/source/active_job_basics.md index ee8e652485..978d1b55a4 100644 --- a/guides/source/active_job_basics.md +++ b/guides/source/active_job_basics.md @@ -310,8 +310,8 @@ UserMailer.welcome(@user).deliver_now UserMailer.welcome(@user).deliver_later ``` -NOTE: Using the asynchronous queue from a rake task (for example, to -send an email using `.deliver_later`) will generally not work because rake will +NOTE: Using the asynchronous queue from a Rake task (for example, to +send an email using `.deliver_later`) will generally not work because Rake will likely end, causing the in-process thread pool to be deleted, before any/all of the `.deliver_later` emails are processed. To avoid this problem, use `.deliver_now` or run a persistent queue in development as well. -- cgit v1.2.3 From de499d6775efb433ff6b6ffb3503f67e18b54ee9 Mon Sep 17 00:00:00 2001 From: Steven Chanin Date: Tue, 9 May 2017 17:20:37 -0700 Subject: remove the phrase as well [ci skip] --- guides/source/active_job_basics.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/active_job_basics.md b/guides/source/active_job_basics.md index 978d1b55a4..443be77934 100644 --- a/guides/source/active_job_basics.md +++ b/guides/source/active_job_basics.md @@ -314,7 +314,7 @@ NOTE: Using the asynchronous queue from a Rake task (for example, to send an email using `.deliver_later`) will generally not work because Rake will likely end, causing the in-process thread pool to be deleted, before any/all of the `.deliver_later` emails are processed. To avoid this problem, use -`.deliver_now` or run a persistent queue in development as well. +`.deliver_now` or run a persistent queue in development. Internationalization -- cgit v1.2.3 From 31fe0ec28db495b955d76ffe75dcc04a5f7705e0 Mon Sep 17 00:00:00 2001 From: Cesar Carruitero Date: Tue, 16 May 2017 00:13:01 -0500 Subject: some typos and rephrasing in system test guide [ci skip] --- guides/source/testing.md | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) (limited to 'guides') diff --git a/guides/source/testing.md b/guides/source/testing.md index c0394f927e..0b5c880962 100644 --- a/guides/source/testing.md +++ b/guides/source/testing.md @@ -600,11 +600,8 @@ Model tests don't have their own superclass like `ActionMailer::TestCase` instea System Testing -------------- -System tests are full-browser tests that can be used to test your application's -JavaScript and user experience. System tests use Capybara as a base. - -System tests allow for running tests in either a real browser or a headless -driver for testing full user interactions with your application. +System tests allows test user interactions with your application, running tests +in either a real or a headless browser. System tests uses Capybara as base. For creating Rails system tests, you use the `test/system` directory in your application. Rails provides a generator to create a system test skeleton for you. @@ -669,8 +666,9 @@ class ApplicationSystemTestCase < ActionDispatch::SystemTestCase end ``` -If your Capybara configuration requires more setup than provided by Rails, all -of that configuration can be put into the `application_system_test_case.rb` file. +If your Capybara configuration requires more setup than provided by Rails, this +additional configuration could be added into `application_system_test_case.rb` +file. Please see [Capybara's documentation](https://github.com/teamcapybara/capybara#setup) for additional settings. @@ -693,9 +691,9 @@ take a screenshot of the browser. Now we're going to add a system test to our blog application. We'll demonstrate writing a system test by visiting the index page and creating a new blog article. -If you used the scaffold generator, a system test skeleton is automatically -created for you. If you did not use the generator start by creating a system -test skeleton. +If you used the scaffold generator, a system test skeleton was automatically +created for you. If you didn't use the scaffold generator, start by creating a +system test skeleton. ```bash $ bin/rails generate system_test articles -- cgit v1.2.3 From 062e5f2b068fbce74102d7301b58a3cd7c5da883 Mon Sep 17 00:00:00 2001 From: Mike Gunderloy Date: Sat, 20 May 2017 04:00:13 -0500 Subject: Add :json type to auto_discovery_link_tag This allows auto_discovery_link_tag to support the JSON Feed standard. See https://jsonfeed.org/version/1 for more information. --- guides/source/action_view_overview.md | 2 +- guides/source/layouts_and_rendering.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'guides') diff --git a/guides/source/action_view_overview.md b/guides/source/action_view_overview.md index c835adeab6..10412128cc 100644 --- a/guides/source/action_view_overview.md +++ b/guides/source/action_view_overview.md @@ -419,7 +419,7 @@ image_tag("rails.png") # => diff --git a/guides/source/layouts_and_rendering.md b/guides/source/layouts_and_rendering.md index 48bb3147f3..caa3d21d23 100644 --- a/guides/source/layouts_and_rendering.md +++ b/guides/source/layouts_and_rendering.md @@ -768,7 +768,7 @@ WARNING: The asset tag helpers do _not_ verify the existence of the assets at th #### Linking to Feeds with the `auto_discovery_link_tag` -The `auto_discovery_link_tag` helper builds HTML that most browsers and feed readers can use to detect the presence of RSS or Atom feeds. It takes the type of the link (`:rss` or `:atom`), a hash of options that are passed through to url_for, and a hash of options for the tag: +The `auto_discovery_link_tag` helper builds HTML that most browsers and feed readers can use to detect the presence of RSS, Atom, or JSON feeds. It takes the type of the link (`:rss`, `:atom`, or `:json`), a hash of options that are passed through to url_for, and a hash of options for the tag: ```erb <%= auto_discovery_link_tag(:rss, {action: "feed"}, -- cgit v1.2.3 From 99209b4ec06b2f87b28de5bd7d02b6ed815994e6 Mon Sep 17 00:00:00 2001 From: Mike Gunderloy Date: Sat, 20 May 2017 09:30:51 -0500 Subject: Update 'Rails on Rack' guide [ci skip] * Adjust middlewares list to match current defaults * application.routes runs on application object, not Rails * Add explanation of Sprockets::Rails::QuietAssets --- guides/source/rails_on_rack.md | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'guides') diff --git a/guides/source/rails_on_rack.md b/guides/source/rails_on_rack.md index f25b185fb5..cef8450ee4 100644 --- a/guides/source/rails_on_rack.md +++ b/guides/source/rails_on_rack.md @@ -110,11 +110,12 @@ use ActiveSupport::Cache::Strategy::LocalCache::Middleware use Rack::Runtime use Rack::MethodOverride use ActionDispatch::RequestId +use ActionDispatch::RemoteIp +use Sprockets::Rails::QuietAssets use Rails::Rack::Logger use ActionDispatch::ShowExceptions use WebConsole::Middleware use ActionDispatch::DebugExceptions -use ActionDispatch::RemoteIp use ActionDispatch::Reloader use ActionDispatch::Callbacks use ActiveRecord::Migration::CheckPending @@ -124,7 +125,7 @@ use ActionDispatch::Flash use Rack::Head use Rack::ConditionalGet use Rack::ETag -run Rails.application.routes +run MyApp.application.routes ``` The default middlewares shown here (and some others) are each summarized in the [Internal Middlewares](#internal-middleware-stack) section, below. @@ -238,6 +239,14 @@ Much of Action Controller's functionality is implemented as Middlewares. The fol * Makes a unique `X-Request-Id` header available to the response and enables the `ActionDispatch::Request#request_id` method. +**`ActionDispatch::RemoteIp`** + +* Checks for IP spoofing attacks. + +**`Sprockets::Rails::QuietAssets`** + +* Suppresses logger output for asset requests. + **`Rails::Rack::Logger`** * Notifies the logs that the request has began. After request is complete, flushes all the logs. @@ -250,10 +259,6 @@ Much of Action Controller's functionality is implemented as Middlewares. The fol * Responsible for logging exceptions and showing a debugging page in case the request is local. -**`ActionDispatch::RemoteIp`** - -* Checks for IP spoofing attacks. - **`ActionDispatch::Reloader`** * Provides prepare and cleanup callbacks, intended to assist with code reloading during development. -- cgit v1.2.3 From 3508909dc8afb76d3781a7282a1cbc4bb5b07a93 Mon Sep 17 00:00:00 2001 From: Kevin Kim Date: Sun, 21 May 2017 02:29:09 -0700 Subject: Fix typo in guides --- guides/source/working_with_javascript_in_rails.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/working_with_javascript_in_rails.md b/guides/source/working_with_javascript_in_rails.md index cf08c5dd1d..290f2a509b 100644 --- a/guides/source/working_with_javascript_in_rails.md +++ b/guides/source/working_with_javascript_in_rails.md @@ -250,7 +250,7 @@ Since it's just a `
`, all of the information on `form_with` also applies. ### Customize remote elements It is possible to customize the behavior of elements with a `data-remote` -attribute without writing a line of JavaScript. Your can specify extra `data-` +attribute without writing a line of JavaScript. You can specify extra `data-` attributes to accomplish this. #### `data-method` -- cgit v1.2.3 From d23fb68e3d4b8cc81e877266aefce95dac562699 Mon Sep 17 00:00:00 2001 From: Mike Gunderloy Date: Sun, 21 May 2017 08:56:24 -0500 Subject: Fix broken external link in security guide. --- guides/source/security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/security.md b/guides/source/security.md index c305350243..1fcb2fc91f 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -796,7 +796,7 @@ In December 2006, 34,000 actual user names and passwords were stolen in a [MySpa INFO: _CSS Injection is actually JavaScript injection, because some browsers (IE, some versions of Safari and others) allow JavaScript in CSS. Think twice about allowing custom CSS in your web application._ -CSS Injection is explained best by the well-known [MySpace Samy worm](http://namb.la/popular/tech.html). This worm automatically sent a friend request to Samy (the attacker) simply by visiting his profile. Within several hours he had over 1 million friend requests, which created so much traffic that MySpace went offline. The following is a technical explanation of that worm. +CSS Injection is explained best by the well-known [MySpace Samy worm](https://samy.pl/popular/tech.html). This worm automatically sent a friend request to Samy (the attacker) simply by visiting his profile. Within several hours he had over 1 million friend requests, which created so much traffic that MySpace went offline. The following is a technical explanation of that worm. MySpace blocked many tags, but allowed CSS. So the worm's author put JavaScript into CSS like this: -- cgit v1.2.3 From ea37cb4cb456d2d2feb5b582f0efd53b80e8e5cd Mon Sep 17 00:00:00 2001 From: Mike Gunderloy Date: Sun, 21 May 2017 09:19:05 -0500 Subject: Update Rails API Application guide to match current code [ci skip] * Adjust list of middlewares loaded by default * Add routing middleware to list to match the list in the Rack guide * Adjust list of Controller modules loaded by default Plus fix one singular/plural mistake --- guides/source/api_app.md | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) (limited to 'guides') diff --git a/guides/source/api_app.md b/guides/source/api_app.md index f373d313cc..64200ec242 100644 --- a/guides/source/api_app.md +++ b/guides/source/api_app.md @@ -206,16 +206,17 @@ An API application comes with the following middleware by default: - `ActiveSupport::Cache::Strategy::LocalCache::Middleware` - `Rack::Runtime` - `ActionDispatch::RequestId` +- `ActionDispatch::RemoteIp` - `Rails::Rack::Logger` - `ActionDispatch::ShowExceptions` - `ActionDispatch::DebugExceptions` -- `ActionDispatch::RemoteIp` - `ActionDispatch::Reloader` - `ActionDispatch::Callbacks` - `ActiveRecord::Migration::CheckPending` - `Rack::Head` - `Rack::ConditionalGet` - `Rack::ETag` +- `MyApi::Application::Routes` See the [internal middleware](rails_on_rack.html#internal-middleware-stack) section of the Rack guide for further information on them. @@ -360,7 +361,7 @@ middleware set, you can remove it with: config.middleware.delete ::Rack::Sendfile ``` -Keep in mind that removing these middleware will remove support for certain +Keep in mind that removing these middlewares will remove support for certain features in Action Controller. Choosing Controller Modules @@ -385,8 +386,9 @@ controller modules by default: hooks defined by Action Controller (see [the instrumentation guide](active_support_instrumentation.html#action-controller) for more information regarding this). -- `ActionController::ParamsWrapper`: Wraps the parameters hash into a nested hash, +- `ActionController::ParamsWrapper`: Wraps the parameters hash into a nested hash, so that you don't have to specify root elements sending POST requests for instance. +- `ActionController::Head`: Support for returning a response with no content, only headers Other plugins may add additional modules. You can get a list of all modules included into `ActionController::API` in the rails console: @@ -394,12 +396,12 @@ included into `ActionController::API` in the rails console: ```bash $ bin/rails c >> ActionController::API.ancestors - ActionController::Metal.ancestors -=> [ActionController::API, - ActiveRecord::Railties::ControllerRuntime, - ActionDispatch::Routing::RouteSet::MountedHelpers, - ActionController::ParamsWrapper, - ... , - AbstractController::Rendering, +=> [ActionController::API, + ActiveRecord::Railties::ControllerRuntime, + ActionDispatch::Routing::RouteSet::MountedHelpers, + ActionController::ParamsWrapper, + ... , + AbstractController::Rendering, ActionView::ViewPaths] ``` -- cgit v1.2.3 From 1a5d93999fe83e45ee98e0e28c77f37b13af669b Mon Sep 17 00:00:00 2001 From: Mike Gunderloy Date: Sun, 21 May 2017 10:00:20 -0500 Subject: Remove obsolete Guides source files [ci skip] * Nested Model Forms guide is out of date, not linked from index, and material is covered in the Form Helpers guide. * Profiling guide was committed as an outline years ago and never actually written. --- guides/source/nested_model_forms.md | 230 ------------------------------------ guides/source/profiling.md | 16 --- 2 files changed, 246 deletions(-) delete mode 100644 guides/source/nested_model_forms.md delete mode 100644 guides/source/profiling.md (limited to 'guides') diff --git a/guides/source/nested_model_forms.md b/guides/source/nested_model_forms.md deleted file mode 100644 index 71efa4b0d0..0000000000 --- a/guides/source/nested_model_forms.md +++ /dev/null @@ -1,230 +0,0 @@ -**DO NOT READ THIS FILE ON GITHUB, GUIDES ARE PUBLISHED ON http://guides.rubyonrails.org.** - -Rails Nested Model Forms -======================== - -Creating a form for a model _and_ its associations can become quite tedious. Therefore Rails provides helpers to assist in dealing with the complexities of generating these forms _and_ the required CRUD operations to create, update, and destroy associations. - -After reading this guide, you will know: - -* do stuff. - --------------------------------------------------------------------------------- - -NOTE: This guide assumes the user knows how to use the [Rails form helpers](form_helpers.html) in general. Also, it's **not** an API reference. For a complete reference please visit [the Rails API documentation](http://api.rubyonrails.org/). - - -Model setup ------------ - -To be able to use the nested model functionality in your forms, the model will need to support some basic operations. - -First of all, it needs to define a writer method for the attribute that corresponds to the association you are building a nested model form for. The `fields_for` form helper will look for this method to decide whether or not a nested model form should be built. - -If the associated object is an array, a form builder will be yielded for each object, else only a single form builder will be yielded. - -Consider a Person model with an associated Address. When asked to yield a nested FormBuilder for the `:address` attribute, the `fields_for` form helper will look for a method on the Person instance named `address_attributes=`. - -### ActiveRecord::Base model - -For an ActiveRecord::Base model and association this writer method is commonly defined with the `accepts_nested_attributes_for` class method: - -#### has_one - -```ruby -class Person < ApplicationRecord - has_one :address - accepts_nested_attributes_for :address -end -``` - -#### belongs_to - -```ruby -class Person < ApplicationRecord - belongs_to :firm - accepts_nested_attributes_for :firm -end -``` - -#### has_many / has_and_belongs_to_many - -```ruby -class Person < ApplicationRecord - has_many :projects - accepts_nested_attributes_for :projects -end -``` - -NOTE: For greater detail on associations see [Active Record Associations](association_basics.html). -For a complete reference on associations please visit the API documentation for [ActiveRecord::Associations::ClassMethods](http://api.rubyonrails.org/classes/ActiveRecord/Associations/ClassMethods.html). - -### Custom model - -As you might have inflected from this explanation, you _don't_ necessarily need an ActiveRecord::Base model to use this functionality. The following examples are sufficient to enable the nested model form behavior: - -#### Single associated object - -```ruby -class Person - def address - Address.new - end - - def address_attributes=(attributes) - # ... - end -end -``` - -#### Association collection - -```ruby -class Person - def projects - [Project.new, Project.new] - end - - def projects_attributes=(attributes) - # ... - end -end -``` - -NOTE: See (TODO) in the advanced section for more information on how to deal with the CRUD operations in your custom model. - -Views ------ - -### Controller code - -A nested model form will _only_ be built if the associated object(s) exist. This means that for a new model instance you would probably want to build the associated object(s) first. - -Consider the following typical RESTful controller which will prepare a new Person instance and its `address` and `projects` associations before rendering the `new` template: - -```ruby -class PeopleController < ApplicationController - def new - @person = Person.new - @person.build_address - 2.times { @person.projects.build } - end - - def create - @person = Person.new(params[:person]) - if @person.save - # ... - end - end -end -``` - -NOTE: Obviously the instantiation of the associated object(s) can become tedious and not DRY, so you might want to move that into the model itself. ActiveRecord::Base provides an `after_initialize` callback which is a good way to refactor this. - -### Form code - -Now that you have a model instance, with the appropriate methods and associated object(s), you can start building the nested model form. - -#### Standard form - -Start out with a regular RESTful form: - -```erb -<%= form_for @person do |f| %> - <%= f.text_field :name %> -<% end %> -``` - -This will generate the following html: - -```html - - - -``` - -#### Nested form for a single associated object - -Now add a nested form for the `address` association: - -```erb -<%= form_for @person do |f| %> - <%= f.text_field :name %> - - <%= f.fields_for :address do |af| %> - <%= af.text_field :street %> - <% end %> -<% end %> -``` - -This generates: - -```html -
- - - -
-``` - -Notice that `fields_for` recognized the `address` as an association for which a nested model form should be built by the way it has namespaced the `name` attribute. - -When this form is posted the Rails parameter parser will construct a hash like the following: - -```ruby -{ - "person" => { - "name" => "Eloy Duran", - "address_attributes" => { - "street" => "Nieuwe Prinsengracht" - } - } -} -``` - -That's it. The controller will simply pass this hash on to the model from the `create` action. The model will then handle building the `address` association for you and automatically save it when the parent (`person`) is saved. - -#### Nested form for a collection of associated objects - -The form code for an association collection is pretty similar to that of a single associated object: - -```erb -<%= form_for @person do |f| %> - <%= f.text_field :name %> - - <%= f.fields_for :projects do |pf| %> - <%= pf.text_field :name %> - <% end %> -<% end %> -``` - -Which generates: - -```html -
- - - - -
-``` - -As you can see it has generated 2 `project name` inputs, one for each new `project` that was built in the controller's `new` action. Only this time the `name` attribute of the input contains a digit as an extra namespace. This will be parsed by the Rails parameter parser as: - -```ruby -{ - "person" => { - "name" => "Eloy Duran", - "projects_attributes" => { - "0" => { "name" => "Project 1" }, - "1" => { "name" => "Project 2" } - } - } -} -``` - -You can basically see the `projects_attributes` hash as an array of attribute hashes, one for each model instance. - -NOTE: The reason that `fields_for` constructed a hash instead of an array is that it won't work for any form nested deeper than one level deep. - -TIP: You _can_ however pass an array to the writer method generated by `accepts_nested_attributes_for` if you're using plain Ruby or some other API access. See (TODO) for more info and example. diff --git a/guides/source/profiling.md b/guides/source/profiling.md deleted file mode 100644 index ce093f78ba..0000000000 --- a/guides/source/profiling.md +++ /dev/null @@ -1,16 +0,0 @@ -*DO NOT READ THIS FILE ON GITHUB, GUIDES ARE PUBLISHED ON http://guides.rubyonrails.org.** - -A Guide to Profiling Rails Applications -======================================= - -This guide covers built-in mechanisms in Rails for profiling your application. - -After reading this guide, you will know: - -* Rails profiling terminology. -* How to write benchmark tests for your application. -* Other benchmarking approaches and plugins. - --------------------------------------------------------------------------------- - - -- cgit v1.2.3 From 4f3955657736796664aa8d6f6d149ef9b213b058 Mon Sep 17 00:00:00 2001 From: dixpac Date: Sat, 13 May 2017 13:56:37 +0200 Subject: Improving docs for callbacks execution order [ci skip] When define callbacks latest definition on the same callback/method overwrites previous ones. --- guides/source/action_controller_overview.md | 3 +++ 1 file changed, 3 insertions(+) (limited to 'guides') diff --git a/guides/source/action_controller_overview.md b/guides/source/action_controller_overview.md index 5d987264f5..22537f960c 100644 --- a/guides/source/action_controller_overview.md +++ b/guides/source/action_controller_overview.md @@ -715,6 +715,9 @@ end Now, the `LoginsController`'s `new` and `create` actions will work as before without requiring the user to be logged in. The `:only` option is used to skip this filter only for these actions, and there is also an `:except` option which works the other way. These options can be used when adding filters too, so you can add a filter which only runs for selected actions in the first place. +NOTE: Calling the same filter multiple times with different options will not work, +since the last filter definition will overwrite the previous ones. + ### After Filters and Around Filters In addition to "before" filters, you can also run filters after an action has been executed, or both before and after. -- cgit v1.2.3 From 65cc7b228d97b717d7d143148c21eaed1a7dafdd Mon Sep 17 00:00:00 2001 From: Mike Gunderloy Date: Sun, 21 May 2017 13:06:33 -0500 Subject: Simplify handling of prerequisites in Getting Started guide [ci skip] Telling people about prerequisites, and then telling them a page later how to check and install those prerequisites, is confusing. This commit removes the list and just handles the software installation in one place. Fixes #28565 --- guides/source/getting_started.md | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'guides') diff --git a/guides/source/getting_started.md b/guides/source/getting_started.md index f3ae5a5b28..5553f08456 100644 --- a/guides/source/getting_started.md +++ b/guides/source/getting_started.md @@ -20,16 +20,7 @@ Guide Assumptions This guide is designed for beginners who want to get started with a Rails application from scratch. It does not assume that you have any prior experience -with Rails. However, to get the most out of it, you need to have some -prerequisites installed: - -* The [Ruby](https://www.ruby-lang.org/en/downloads) language version 2.2.2 or newer. -* Right version of [Development Kit](http://rubyinstaller.org/downloads/), if you - are using Windows. -* The [RubyGems](https://rubygems.org) packaging system, which is installed with - Ruby by default. To learn more about RubyGems, please read the - [RubyGems Guides](http://guides.rubygems.org). -* A working installation of the [SQLite3 Database](https://www.sqlite.org). +with Rails. Rails is a web application framework running on the Ruby programming language. If you have no prior experience with Ruby, you will find a very steep learning @@ -86,6 +77,9 @@ your prompt will look something like `c:\source_code>` ### Installing Rails +Before you install Rails, you should check to make sure that your system has the +proper prerequisites installed. These include Ruby and SQLite3. + Open up a command line prompt. On macOS open Terminal.app, on Windows choose "Run" from your Start menu and type 'cmd.exe'. Any commands prefaced with a dollar sign `$` should be run in the command line. Verify that you have a @@ -96,12 +90,19 @@ $ ruby -v ruby 2.3.1p112 ``` +Rails requires Ruby version 2.2.2 or later. If the version number returned is +less than that number, you'll need to install a fresh copy of Ruby. + TIP: A number of tools exist to help you quickly install Ruby and Ruby on Rails on your system. Windows users can use [Rails Installer](http://railsinstaller.org), while macOS users can use [Tokaido](https://github.com/tokaido/tokaidoapp). For more installation methods for most Operating Systems take a look at [ruby-lang.org](https://www.ruby-lang.org/en/documentation/installation/). +If you are working on Windows, you should also install the +[Ruby Installer Development Kit](http://rubyinstaller.org/downloads/). + +You will also need an installation of the SQLite3 database. Many popular UNIX-like OSes ship with an acceptable version of SQLite3. On Windows, if you installed Rails through Rails Installer, you already have SQLite installed. Others can find installation instructions @@ -127,7 +128,7 @@ run the following: $ rails --version ``` -If it says something like "Rails 5.1.0", you are ready to continue. +If it says something like "Rails 5.1.1", you are ready to continue. ### Creating the Blog Application @@ -1195,7 +1196,7 @@ it look as follows: This time we point the form to the `update` action, which is not defined yet but will be very soon. -Passing the article object to the method, will automagically create url for submitting the edited article form. +Passing the article object to the method, will automagically create url for submitting the edited article form. This option tells Rails that we want this form to be submitted via the `PATCH` HTTP method which is the HTTP method you're expected to use to **update** resources according to the REST protocol. -- cgit v1.2.3 From d414881a342d849d65810a037c0b1baff8538e41 Mon Sep 17 00:00:00 2001 From: Akira Matsuda Date: Mon, 22 May 2017 08:44:42 +0900 Subject: We always + 1 to __LINE__ when class_evaling with << [ci skip] --- guides/source/api_documentation_guidelines.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/api_documentation_guidelines.md b/guides/source/api_documentation_guidelines.md index 3c61754982..c3c7367304 100644 --- a/guides/source/api_documentation_guidelines.md +++ b/guides/source/api_documentation_guidelines.md @@ -281,7 +281,7 @@ Methods created with `(module|class)_eval(STRING)` have a comment by their side ```ruby for severity in Severity.constants - class_eval <<-EOT, __FILE__, __LINE__ + class_eval <<-EOT, __FILE__, __LINE__ + 1 def #{severity.downcase}(message = nil, progname = nil, &block) # def debug(message = nil, progname = nil, &block) add(#{severity}, message, progname, &block) # add(DEBUG, message, progname, &block) end # end -- cgit v1.2.3 From 5a3ba63d9abad86b7f6dd36a92cfaf722e52760b Mon Sep 17 00:00:00 2001 From: Michael Coyne Date: Thu, 23 Feb 2017 13:54:17 -0500 Subject: AEAD encrypted cookies and sessions This commit changes encrypted cookies from AES in CBC HMAC mode to Authenticated Encryption using AES-GCM. It also provides a cookie jar to transparently upgrade encrypted cookies to this new scheme. Some other notable changes include: - There is a new application configuration value: +use_authenticated_cookie_encryption+. When enabled, AEAD encrypted cookies will be used. - +cookies.signed+ does not raise a +TypeError+ now if the name of an encrypted cookie is used. Encrypted cookies using the same key as signed cookies would be verified and serialization would then fail due the message still be encrypted. --- guides/source/configuring.md | 8 ++++++-- guides/source/security.md | 23 +++++++++++++++-------- 2 files changed, 21 insertions(+), 10 deletions(-) (limited to 'guides') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index bf9456a482..6a7eaf00e1 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -456,10 +456,14 @@ to `'http authentication'`. Defaults to `'signed cookie'`. * `config.action_dispatch.encrypted_cookie_salt` sets the encrypted cookies salt -value. Defaults to `'encrypted cookie'`. + value. Defaults to `'encrypted cookie'`. * `config.action_dispatch.encrypted_signed_cookie_salt` sets the signed -encrypted cookies salt value. Defaults to `'signed encrypted cookie'`. + encrypted cookies salt value. Defaults to `'signed encrypted cookie'`. + +* `config.action_dispatch.authenticated_encrypted_cookie_salt` sets the + authenticated encrypted cookie salt. Defaults to `'authenticated encrypted + cookie'`. * `config.action_dispatch.perform_deep_munge` configures whether `deep_munge` method should be performed on the parameters. See [Security Guide](security.html#unsafe-query-generation) diff --git a/guides/source/security.md b/guides/source/security.md index c305350243..61b0c5e368 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -95,16 +95,23 @@ Rails 2 introduced a new default session storage, CookieStore. CookieStore saves * The client can see everything you store in a session, because it is stored in clear-text (actually Base64-encoded, so not encrypted). So, of course, _you don't want to store any secrets here_. To prevent session hash tampering, a digest is calculated from the session with a server-side secret (`secrets.secret_token`) and inserted into the end of the cookie. -However, since Rails 4, the default store is EncryptedCookieStore. With -EncryptedCookieStore the session is encrypted before being stored in a cookie. -This prevents the user from accessing and tampering the content of the cookie. -Thus the session becomes a more secure place to store data. The encryption is -done using a server-side secret key `secrets.secret_key_base` stored in -`config/secrets.yml`. +In Rails 4, encrypted cookies through AES in CBC mode with HMAC using SHA1 for +verification was introduced. This prevents the user from accessing and tampering +the content of the cookie. Thus the session becomes a more secure place to store +data. The encryption is performed using a server-side `secrets.secret_key_base`. +Two salts are used when deriving keys for encryption and verification. These +salts are set via the `config.action_dispatch.encrypted_cookie_salt` and +`config.action_dispatch.encrypted_signed_cookie_salt` configuration values. -That means the security of this storage depends on this secret (and on the digest algorithm, which defaults to SHA1, for compatibility). So _don't use a trivial secret, i.e. a word from a dictionary, or one which is shorter than 30 characters, use `rails secret` instead_. +Rails 5.2 uses AES-GCM for the encryption which couples authentication +and encryption in one faster step and produces shorter ciphertexts. -`secrets.secret_key_base` is used for specifying a key which allows sessions for the application to be verified against a known secure key to prevent tampering. Applications get `secrets.secret_key_base` initialized to a random key present in `config/secrets.yml`, e.g.: +Encrypted cookies are automatically upgraded if the +`config.action_dispatch.use_authenticated_cookie_encryption` is enabled. + +_Do not use a trivial secret, i.e. a word from a dictionary, or one which is shorter than 30 characters! Instead use `rails secret` to generate secret keys!_ + +Applications get `secrets.secret_key_base` initialized to a random key present in `config/secrets.yml`, e.g.: development: secret_key_base: a75d... -- cgit v1.2.3 From 40bdbce191ad90dfea43dad51fac5c4726b89392 Mon Sep 17 00:00:00 2001 From: bogdanvlviv Date: Mon, 15 May 2017 14:17:28 +0000 Subject: Define path with __dir__ ".. with __dir__ we can restore order in the Universe." - by @fxn Related to 5b8738c2df003a96f0e490c43559747618d10f5f --- guides/bug_report_templates/action_controller_gem.rb | 2 +- guides/bug_report_templates/action_controller_master.rb | 2 +- guides/rails_guides/helpers.rb | 2 +- guides/source/generators.md | 4 ++-- guides/source/rails_application_templates.md | 2 +- guides/source/security.md | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) (limited to 'guides') diff --git a/guides/bug_report_templates/action_controller_gem.rb b/guides/bug_report_templates/action_controller_gem.rb index 1d059cc2a5..8b7aa893fd 100644 --- a/guides/bug_report_templates/action_controller_gem.rb +++ b/guides/bug_report_templates/action_controller_gem.rb @@ -15,7 +15,7 @@ require "rack/test" require "action_controller/railtie" class TestApp < Rails::Application - config.root = File.dirname(__FILE__) + config.root = __dir__ config.session_store :cookie_store, key: "cookie_store_key" secrets.secret_token = "secret_token" secrets.secret_key_base = "secret_key_base" diff --git a/guides/bug_report_templates/action_controller_master.rb b/guides/bug_report_templates/action_controller_master.rb index 7644f6fe4a..3dd66c95ec 100644 --- a/guides/bug_report_templates/action_controller_master.rb +++ b/guides/bug_report_templates/action_controller_master.rb @@ -14,7 +14,7 @@ end require "action_controller/railtie" class TestApp < Rails::Application - config.root = File.dirname(__FILE__) + config.root = __dir__ secrets.secret_token = "secret_token" secrets.secret_key_base = "secret_key_base" diff --git a/guides/rails_guides/helpers.rb b/guides/rails_guides/helpers.rb index 2a193ca6b5..520aa7f7cc 100644 --- a/guides/rails_guides/helpers.rb +++ b/guides/rails_guides/helpers.rb @@ -15,7 +15,7 @@ module RailsGuides end def documents_by_section - @documents_by_section ||= YAML.load_file(File.expand_path("../../source/#{@language ? @language + '/' : ''}documents.yaml", __FILE__)) + @documents_by_section ||= YAML.load_file(File.expand_path("../source/#{@language ? @language + '/' : ''}documents.yaml", __dir__)) end def documents_flat diff --git a/guides/source/generators.md b/guides/source/generators.md index a554e08204..d4ed2355d4 100644 --- a/guides/source/generators.md +++ b/guides/source/generators.md @@ -96,7 +96,7 @@ This is the generator just created: ```ruby class InitializerGenerator < Rails::Generators::NamedBase - source_root File.expand_path("../templates", __FILE__) + source_root File.expand_path("templates", __dir__) end ``` @@ -122,7 +122,7 @@ And now let's change the generator to copy this template when invoked: ```ruby class InitializerGenerator < Rails::Generators::NamedBase - source_root File.expand_path("../templates", __FILE__) + source_root File.expand_path("templates", __dir__) def copy_initializer_file copy_file "initializer.rb", "config/initializers/#{file_name}.rb" diff --git a/guides/source/rails_application_templates.md b/guides/source/rails_application_templates.md index 3e99ee7021..e087834a2f 100644 --- a/guides/source/rails_application_templates.md +++ b/guides/source/rails_application_templates.md @@ -277,6 +277,6 @@ relative paths to your template's location. ```ruby def source_paths - [File.expand_path(File.dirname(__FILE__))] + [__dir__] end ``` diff --git a/guides/source/security.md b/guides/source/security.md index 1fcb2fc91f..75522834df 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -356,7 +356,7 @@ send_file('/var/www/uploads/' + params[:filename]) Simply pass a file name like "../../../etc/passwd" to download the server's login information. A simple solution against this, is to _check that the requested file is in the expected directory_: ```ruby -basename = File.expand_path(File.join(File.dirname(__FILE__), '../../files')) +basename = File.expand_path('../../files', __dir__) filename = File.expand_path(File.join(basename, @file.public_filename)) raise if basename != File.expand_path(File.join(File.dirname(filename), '../../../')) -- cgit v1.2.3 From d225f0b94c9d89e8837ee8e98ee3a7837877631b Mon Sep 17 00:00:00 2001 From: willnet Date: Wed, 24 May 2017 13:04:03 +0900 Subject: [ci skip]fix wrong method name in docs --- guides/source/association_basics.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'guides') diff --git a/guides/source/association_basics.md b/guides/source/association_basics.md index 5794bfa666..d8e85497fa 100644 --- a/guides/source/association_basics.md +++ b/guides/source/association_basics.md @@ -599,7 +599,7 @@ class CreateBooks < ActiveRecord::Migration[5.0] t.string :book_number t.integer :author_id end - + add_index :books, :author_id add_foreign_key :books, :authors end @@ -1417,7 +1417,7 @@ If either of these saves fails due to validation errors, then the assignment sta If the parent object (the one declaring the `has_one` association) is unsaved (that is, `new_record?` returns `true`) then the child objects are not saved. They will automatically when the parent object is saved. -If you want to assign an object to a `has_one` association without saving the object, use the `association.build` method. +If you want to assign an object to a `has_one` association without saving the object, use the `build_association` method. ### `has_many` Association Reference -- cgit v1.2.3 From d0854d397ac72e50420e7c86a29db84cc5de4eac Mon Sep 17 00:00:00 2001 From: Mike Gunderloy Date: Wed, 24 May 2017 11:38:57 -0500 Subject: Update information on using Gmail when 2FA is in use [ci skip] --- guides/source/action_mailer_basics.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/action_mailer_basics.md b/guides/source/action_mailer_basics.md index 65146ee7da..baea924c7f 100644 --- a/guides/source/action_mailer_basics.md +++ b/guides/source/action_mailer_basics.md @@ -781,7 +781,8 @@ config.action_mailer.smtp_settings = { enable_starttls_auto: true } ``` Note: As of July 15, 2014, Google increased [its security measures](https://support.google.com/accounts/answer/6010255) and now blocks attempts from apps it deems less secure. -You can change your gmail settings [here](https://www.google.com/settings/security/lesssecureapps) to allow the attempts or +You can change your gmail settings [here](https://www.google.com/settings/security/lesssecureapps) to allow the attempts. If your Gmail account has 2-factor authentication enabled, +then you will need to set an [app password](https://myaccount.google.com/apppasswords) and use that instead of your regular password. Alternatively, you can use another ESP to send email by replacing 'smtp.gmail.com' above with the address of your provider. Mailer Testing -- cgit v1.2.3 From 43b09b0c9ccc70f6514c441970d0d0ac03ce525b Mon Sep 17 00:00:00 2001 From: Makoto Nihei Date: Thu, 25 May 2017 04:26:54 +0900 Subject: [ci skip]fix wrong variable name in docs --- guides/source/association_basics.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/association_basics.md b/guides/source/association_basics.md index d8e85497fa..5c7d1f5365 100644 --- a/guides/source/association_basics.md +++ b/guides/source/association_basics.md @@ -1559,7 +1559,7 @@ The `collection.size` method returns the number of objects in the collection. The `collection.find` method finds objects within the collection. It uses the same syntax and options as `ActiveRecord::Base.find`. ```ruby -@available_books = @author.books.find(1) +@available_book = @author.books.find(1) ``` ##### `collection.where(...)` -- cgit v1.2.3 From c7dd4a7a9f20216091399a30a9750a8cf598798e Mon Sep 17 00:00:00 2001 From: Jon Moss Date: Wed, 24 May 2017 19:40:00 -0400 Subject: Capitalize Gmail `gmail` --> `Gmail` [ci skip] --- guides/source/action_mailer_basics.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/action_mailer_basics.md b/guides/source/action_mailer_basics.md index baea924c7f..7751ac00df 100644 --- a/guides/source/action_mailer_basics.md +++ b/guides/source/action_mailer_basics.md @@ -781,7 +781,7 @@ config.action_mailer.smtp_settings = { enable_starttls_auto: true } ``` Note: As of July 15, 2014, Google increased [its security measures](https://support.google.com/accounts/answer/6010255) and now blocks attempts from apps it deems less secure. -You can change your gmail settings [here](https://www.google.com/settings/security/lesssecureapps) to allow the attempts. If your Gmail account has 2-factor authentication enabled, +You can change your Gmail settings [here](https://www.google.com/settings/security/lesssecureapps) to allow the attempts. If your Gmail account has 2-factor authentication enabled, then you will need to set an [app password](https://myaccount.google.com/apppasswords) and use that instead of your regular password. Alternatively, you can use another ESP to send email by replacing 'smtp.gmail.com' above with the address of your provider. -- cgit v1.2.3 From af41b98577a09c9177b0fae76b7d07d787d02ce3 Mon Sep 17 00:00:00 2001 From: Krzysztof Maicher Date: Thu, 25 May 2017 14:34:50 +0200 Subject: Add ActiveRecord::Relation#or description to guides [ci skip] --- guides/source/active_record_querying.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'guides') diff --git a/guides/source/active_record_querying.md b/guides/source/active_record_querying.md index 26d01d4ede..d1cbe506b4 100644 --- a/guides/source/active_record_querying.md +++ b/guides/source/active_record_querying.md @@ -557,6 +557,19 @@ In other words, this query can be generated by calling `where` with no argument, SELECT * FROM clients WHERE (clients.locked != 1) ``` +### OR Conditions + +`OR` condition between two relations can be build by calling `or` on the first relation +and passing the second one as an argument. + +```ruby +Client.where(locked: true).or(Client.where(orders_count: [1,3,5])) +``` + +```sql +SELECT * FROM clients WHERE (clients.locked = 1 OR clients.orders_count IN (1,3,5)) +``` + Ordering -------- -- cgit v1.2.3 From 9980709c5aa25af7c0fd598bade23c2a9e66efc5 Mon Sep 17 00:00:00 2001 From: Makoto Nihei Date: Sat, 27 May 2017 11:52:18 +0900 Subject: [ci skip]fix wrong variable name in docs --- guides/source/active_record_querying.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/active_record_querying.md b/guides/source/active_record_querying.md index d1cbe506b4..07950c6066 100644 --- a/guides/source/active_record_querying.md +++ b/guides/source/active_record_querying.md @@ -118,7 +118,7 @@ You can also use this method to query for multiple objects. Call the `find` meth ```ruby # Find the clients with primary keys 1 and 10. -client = Client.find([1, 10]) # Or even Client.find(1, 10) +clients = Client.find([1, 10]) # Or even Client.find(1, 10) # => [#, #] ``` -- cgit v1.2.3 From 7cceb729e64b8eef028dab042b79d8def0730372 Mon Sep 17 00:00:00 2001 From: Makoto Nihei Date: Sat, 27 May 2017 12:03:57 +0900 Subject: [ci skip]fix wrong variable name in docs --- guides/source/active_record_querying.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'guides') diff --git a/guides/source/active_record_querying.md b/guides/source/active_record_querying.md index d1cbe506b4..412ad0b006 100644 --- a/guides/source/active_record_querying.md +++ b/guides/source/active_record_querying.md @@ -150,7 +150,7 @@ The `take` method returns `nil` if no record is found and no exception will be r You can pass in a numerical argument to the `take` method to return up to that number of results. For example ```ruby -client = Client.take(2) +clients = Client.take(2) # => [ # #, # # @@ -189,7 +189,7 @@ If your [default scope](active_record_querying.html#applying-a-default-scope) co You can pass in a numerical argument to the `first` method to return up to that number of results. For example ```ruby -client = Client.first(3) +clients = Client.first(3) # => [ # #, # #, @@ -240,7 +240,7 @@ If your [default scope](active_record_querying.html#applying-a-default-scope) co You can pass in a numerical argument to the `last` method to return up to that number of results. For example ```ruby -client = Client.last(3) +clients = Client.last(3) # => [ # #, # #, -- cgit v1.2.3 From 3b2e3f01488581d9e153dcb6b8ef333bda370aa0 Mon Sep 17 00:00:00 2001 From: Christoph Lupprich Date: Sun, 28 May 2017 16:24:43 +0200 Subject: Remove mentions of deprecated callbacks on ActionDispatch::Callbacks ActionDispatch::Callbacks.to_prepare was removed in #27587 [ci skip] --- guides/source/configuring.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'guides') diff --git a/guides/source/configuring.md b/guides/source/configuring.md index bf9456a482..aced401bca 100644 --- a/guides/source/configuring.md +++ b/guides/source/configuring.md @@ -493,8 +493,6 @@ encrypted cookies salt value. Defaults to `'signed encrypted cookie'`. * `ActionDispatch::Callbacks.before` takes a block of code to run before the request. -* `ActionDispatch::Callbacks.to_prepare` takes a block to run after `ActionDispatch::Callbacks.before`, but before the request. Runs for every request in `development` mode, but only once for `production` or environments with `cache_classes` set to `true`. - * `ActionDispatch::Callbacks.after` takes a block of code to run after the request. ### Configuring Action View @@ -1188,7 +1186,7 @@ Below is a comprehensive list of all the initializers found in Rails in the orde * `finisher_hook`: Provides a hook for after the initialization of process of the application is complete, as well as running all the `config.after_initialize` blocks for the application, railties and engines. -* `set_routes_reloader_hook`: Configures Action Dispatch to reload the routes file using `ActionDispatch::Callbacks.to_prepare`. +* `set_routes_reloader_hook`: Configures Action Dispatch to reload the routes file using `ActiveSupport::Callbacks.to_run`. * `disable_dependency_loading`: Disables the automatic dependency loading if the `config.eager_load` is set to `true`. -- cgit v1.2.3 From 9bd7881c2047f59b42f325ed882068cc881cbe48 Mon Sep 17 00:00:00 2001 From: Genadi Samokovarov Date: Mon, 29 May 2017 13:12:48 +0300 Subject: List assert_{,no_}changes in the testing guide This lists the `assert_changes` and `assert_no_changes` methods in the guides. [ci skip] --- guides/source/testing.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'guides') diff --git a/guides/source/testing.md b/guides/source/testing.md index c0394f927e..1db48ed56c 100644 --- a/guides/source/testing.md +++ b/guides/source/testing.md @@ -350,6 +350,8 @@ Rails adds some custom assertions of its own to the `minitest` framework: | --------------------------------------------------------------------------------- | ------- | | [`assert_difference(expressions, difference = 1, message = nil) {...}`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_difference) | Test numeric difference between the return value of an expression as a result of what is evaluated in the yielded block.| | [`assert_no_difference(expressions, message = nil, &block)`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_no_difference) | Asserts that the numeric result of evaluating an expression is not changed before and after invoking the passed in block.| +| [`assert_changes(expressions, message = nil, from:, to:, &block) {...}`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_changes) | Test that the result of evaluating an expression is changed after invoking the passed in block.| +| [`assert_no_changes(expressions, message = nil, &block)`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_no_changes) | Test the result of evaluating an expression is not changed after invoking the passed in block.| | [`assert_nothing_raised { block }`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_nothing_raised) | Ensures that the given block doesn't raise any exceptions.| | [`assert_recognizes(expected_options, path, extras={}, message=nil)`](http://api.rubyonrails.org/classes/ActionDispatch/Assertions/RoutingAssertions.html#method-i-assert_recognizes) | Asserts that the routing of the given path was handled correctly and that the parsed options (given in the expected_options hash) match path. Basically, it asserts that Rails recognizes the route given by expected_options.| | [`assert_generates(expected_path, options, defaults={}, extras = {}, message=nil)`](http://api.rubyonrails.org/classes/ActionDispatch/Assertions/RoutingAssertions.html#method-i-assert_generates) | Asserts that the provided options can be used to generate the provided path. This is the inverse of assert_recognizes. The extras parameter is used to tell the request the names and values of additional request parameters that would be in a query string. The message parameter allows you to specify a custom error message for assertion failures.| -- cgit v1.2.3 From e40c7031844d81379dd7fb530e52156b97df0f9c Mon Sep 17 00:00:00 2001 From: Ryuta Kamizono Date: Tue, 30 May 2017 05:20:58 +0900 Subject: Remove extra block for `assert_changes` [ci skip] --- guides/source/testing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/testing.md b/guides/source/testing.md index 1db48ed56c..e4fc8c7b6e 100644 --- a/guides/source/testing.md +++ b/guides/source/testing.md @@ -350,7 +350,7 @@ Rails adds some custom assertions of its own to the `minitest` framework: | --------------------------------------------------------------------------------- | ------- | | [`assert_difference(expressions, difference = 1, message = nil) {...}`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_difference) | Test numeric difference between the return value of an expression as a result of what is evaluated in the yielded block.| | [`assert_no_difference(expressions, message = nil, &block)`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_no_difference) | Asserts that the numeric result of evaluating an expression is not changed before and after invoking the passed in block.| -| [`assert_changes(expressions, message = nil, from:, to:, &block) {...}`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_changes) | Test that the result of evaluating an expression is changed after invoking the passed in block.| +| [`assert_changes(expressions, message = nil, from:, to:, &block)`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_changes) | Test that the result of evaluating an expression is changed after invoking the passed in block.| | [`assert_no_changes(expressions, message = nil, &block)`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_no_changes) | Test the result of evaluating an expression is not changed after invoking the passed in block.| | [`assert_nothing_raised { block }`](http://api.rubyonrails.org/classes/ActiveSupport/Testing/Assertions.html#method-i-assert_nothing_raised) | Ensures that the given block doesn't raise any exceptions.| | [`assert_recognizes(expected_options, path, extras={}, message=nil)`](http://api.rubyonrails.org/classes/ActionDispatch/Assertions/RoutingAssertions.html#method-i-assert_recognizes) | Asserts that the routing of the given path was handled correctly and that the parsed options (given in the expected_options hash) match path. Basically, it asserts that Rails recognizes the route given by expected_options.| -- cgit v1.2.3 From 980ac58a51a1af0e2acdce0212ad64245929c181 Mon Sep 17 00:00:00 2001 From: Jon Moss Date: Mon, 29 May 2017 19:56:22 -0400 Subject: Grammar fixes [ci skip] --- guides/source/active_record_querying.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'guides') diff --git a/guides/source/active_record_querying.md b/guides/source/active_record_querying.md index aea7515974..3676462788 100644 --- a/guides/source/active_record_querying.md +++ b/guides/source/active_record_querying.md @@ -559,8 +559,8 @@ SELECT * FROM clients WHERE (clients.locked != 1) ### OR Conditions -`OR` condition between two relations can be build by calling `or` on the first relation -and passing the second one as an argument. +`OR` conditions between two relations can be built by calling `or` on the first +relation, and passing the second one as an argument. ```ruby Client.where(locked: true).or(Client.where(orders_count: [1,3,5])) -- cgit v1.2.3 From 6cc153959ac04a39d4081a2cf23e1ff83c4efe3b Mon Sep 17 00:00:00 2001 From: Sam Date: Tue, 30 May 2017 09:14:00 -0400 Subject: Replace therubyracer with mini_racer --- guides/source/asset_pipeline.md | 2 +- guides/source/getting_started.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'guides') diff --git a/guides/source/asset_pipeline.md b/guides/source/asset_pipeline.md index 61b7112247..22b6b278d7 100644 --- a/guides/source/asset_pipeline.md +++ b/guides/source/asset_pipeline.md @@ -868,7 +868,7 @@ pre-existing JavaScript runtimes, you may want to add one to your Gemfile: ```ruby group :production do - gem 'therubyracer' + gem 'mini_racer' end ``` diff --git a/guides/source/getting_started.md b/guides/source/getting_started.md index 5553f08456..21bd4a3d7a 100644 --- a/guides/source/getting_started.md +++ b/guides/source/getting_started.md @@ -208,7 +208,7 @@ TIP: Compiling CoffeeScript and JavaScript asset compression requires you have a JavaScript runtime available on your system, in the absence of a runtime you will see an `execjs` error during asset compilation. Usually macOS and Windows come with a JavaScript runtime installed. -Rails adds the `therubyracer` gem to the generated `Gemfile` in a +Rails adds the `mini_racer` gem to the generated `Gemfile` in a commented line for new apps and you can uncomment if you need it. `therubyrhino` is the recommended runtime for JRuby users and is added by default to the `Gemfile` in apps generated under JRuby. You can investigate -- cgit v1.2.3 From d49866a8d0ae9069d4c875a979de50a61f2ad663 Mon Sep 17 00:00:00 2001 From: Dzianis Dashkevich Date: Thu, 1 Jun 2017 20:48:15 +0300 Subject: Fix articles layout in guides by eliminating W3C validator warnings [ci skip] --- guides/source/getting_started.md | 1 + 1 file changed, 1 insertion(+) (limited to 'guides') diff --git a/guides/source/getting_started.md b/guides/source/getting_started.md index 21bd4a3d7a..6a3a5e465f 100644 --- a/guides/source/getting_started.md +++ b/guides/source/getting_started.md @@ -910,6 +910,7 @@ And then finally, add the view for this action, located at Title Text + <% @articles.each do |article| %> -- cgit v1.2.3 From e42365e129c42bfb60b2960881a1f0c97bd897f0 Mon Sep 17 00:00:00 2001 From: Dzianis Dashkevich Date: Thu, 1 Jun 2017 22:07:31 +0300 Subject: Replace an outdated mention of `jquery_ujs` with `rails-ujs` [ci skip] --- guides/source/getting_started.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'guides') diff --git a/guides/source/getting_started.md b/guides/source/getting_started.md index 6a3a5e465f..49c691c841 100644 --- a/guides/source/getting_started.md +++ b/guides/source/getting_started.md @@ -1490,14 +1490,14 @@ second argument, and then the options as another argument. The `method: :delete` and `data: { confirm: 'Are you sure?' }` options are used as HTML5 attributes so that when the link is clicked, Rails will first show a confirm dialog to the user, and then submit the link with method `delete`. This is done via the -JavaScript file `jquery_ujs` which is automatically included in your +JavaScript file `rails-ujs` which is automatically included in your application's layout (`app/views/layouts/application.html.erb`) when you generated the application. Without this file, the confirmation dialog box won't appear. ![Confirm Dialog](images/getting_started/confirm_dialog.png) -TIP: Learn more about jQuery Unobtrusive Adapter (jQuery UJS) on +TIP: Learn more about Unobtrusive JavaScript on [Working With JavaScript in Rails](working_with_javascript_in_rails.html) guide. Congratulations, you can now create, show, list, update and destroy -- cgit v1.2.3 From 9063007538ffdfb03d35c7bb75218dfd2ddfc56c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mario=20Alberto=20Ch=C3=A1vez?= Date: Thu, 1 Jun 2017 14:58:42 -0500 Subject: SystemTesting::Driver can register capybara-webkit and poltergeist drivers. When using `driver_by` with capybara-webkit or poltergeist, SystemTesting::Driver will register the driver while passing `screen_size` and `options` parameteres. `options` could contain any option supported by the underlying driver. --- guides/source/testing.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'guides') diff --git a/guides/source/testing.md b/guides/source/testing.md index e4fc8c7b6e..21ceeced1d 100644 --- a/guides/source/testing.md +++ b/guides/source/testing.md @@ -660,8 +660,9 @@ end The driver name is a required argument for `driven_by`. The optional arguments that can be passed to `driven_by` are `:using` for the browser (this will only -be used by Selenium), and `:screen_size` to change the size of the screen for -screenshots. +be used by Selenium), `:screen_size` to change the size of the screen for +screenshots, and `:options` which can be used to set options supported by the +driver. ```ruby require "test_helper" -- cgit v1.2.3 From 116b70ca7d45f734b888073e847fec113e9f4a7f Mon Sep 17 00:00:00 2001 From: Koichi ITO Date: Sat, 3 Jun 2017 17:31:39 +0900 Subject: Change default application.js included in new Rails app [ci skip] --- guides/source/asset_pipeline.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'guides') diff --git a/guides/source/asset_pipeline.md b/guides/source/asset_pipeline.md index 22b6b278d7..5d774566dd 100644 --- a/guides/source/asset_pipeline.md +++ b/guides/source/asset_pipeline.md @@ -447,15 +447,15 @@ For example, a new Rails application includes a default ```js // ... -//= require jquery -//= require jquery_ujs +//= require rails-ujs +//= require turbolinks //= require_tree . ``` In JavaScript files, Sprockets directives begin with `//=`. In the above case, the file is using the `require` and the `require_tree` directives. The `require` directive is used to tell Sprockets the files you wish to require. Here, you are -requiring the files `jquery.js` and `jquery_ujs.js` that are available somewhere +requiring the files `rails-ujs.js` and `turbolinks.js` that are available somewhere in the search path for Sprockets. You need not supply the extensions explicitly. Sprockets assumes you are requiring a `.js` file when done from within a `.js` file. -- cgit v1.2.3 From b6b0c99ff3e8ace3f42813154dbe4b8ad6a98e6c Mon Sep 17 00:00:00 2001 From: Genadi Samokovarov Date: Wed, 31 May 2017 12:16:20 +0300 Subject: Use mattr_accessor default: option throughout the project --- guides/source/active_support_core_extensions.md | 8 +++----- guides/source/plugins.md | 6 ++---- 2 files changed, 5 insertions(+), 9 deletions(-) (limited to 'guides') diff --git a/guides/source/active_support_core_extensions.md b/guides/source/active_support_core_extensions.md index 67bed4c8da..e34af8aa8d 100644 --- a/guides/source/active_support_core_extensions.md +++ b/guides/source/active_support_core_extensions.md @@ -940,8 +940,7 @@ The macros `cattr_reader`, `cattr_writer`, and `cattr_accessor` are analogous to ```ruby class MysqlAdapter < AbstractAdapter # Generates class methods to access @@emulate_booleans. - cattr_accessor :emulate_booleans - self.emulate_booleans = true + cattr_accessor :emulate_booleans, default: true end ``` @@ -950,8 +949,7 @@ Instance methods are created as well for convenience, they are just proxies to t ```ruby module ActionView class Base - cattr_accessor :field_error_proc - @@field_error_proc = Proc.new{ ... } + cattr_accessor :field_error_proc, default: Proc.new { ... } end end ``` @@ -963,7 +961,7 @@ Also, you can pass a block to `cattr_*` to set up the attribute with a default v ```ruby class MysqlAdapter < AbstractAdapter # Generates class methods to access @@emulate_booleans with default value of true. - cattr_accessor(:emulate_booleans) { true } + cattr_accessor :emulate_booleans, default: true end ``` diff --git a/guides/source/plugins.md b/guides/source/plugins.md index 760ff431c0..8c2d56ceb8 100644 --- a/guides/source/plugins.md +++ b/guides/source/plugins.md @@ -340,8 +340,7 @@ module Yaffle module ClassMethods def acts_as_yaffle(options = {}) - cattr_accessor :yaffle_text_field - self.yaffle_text_field = (options[:yaffle_text_field] || :last_squawk).to_s + cattr_accessor :yaffle_text_field, default: (options[:yaffle_text_field] || :last_squawk).to_s end end end @@ -411,8 +410,7 @@ module Yaffle module ClassMethods def acts_as_yaffle(options = {}) - cattr_accessor :yaffle_text_field - self.yaffle_text_field = (options[:yaffle_text_field] || :last_squawk).to_s + cattr_accessor :yaffle_text_field, default: (options[:yaffle_text_field] || :last_squawk).to_s include Yaffle::ActsAsYaffle::LocalInstanceMethods end -- cgit v1.2.3 From 7892b717a801e40ee4db1ac6622d844ae6998132 Mon Sep 17 00:00:00 2001 From: Joe Francis Date: Mon, 5 Jun 2017 11:34:40 -0500 Subject: Remove deprecated passing of string to :if/:unless (#29357) Other examples were removed in 53ff5fc62f9d11b6f60d371df959137f4bf40728 [ci skip] --- guides/source/active_record_validations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/active_record_validations.md b/guides/source/active_record_validations.md index 5313361dfd..6eb5de78be 100644 --- a/guides/source/active_record_validations.md +++ b/guides/source/active_record_validations.md @@ -953,7 +953,7 @@ should happen, an `Array` can be used. Moreover, you can apply both `:if` and ```ruby class Computer < ApplicationRecord validates :mouse, presence: true, - if: ["market.retail?", :desktop?], + if: [Proc.new { |c| c.market.retail? }, :desktop?], unless: Proc.new { |c| c.trackpad.present? } end ``` -- cgit v1.2.3 From 2759a53a54fc7d834141adca22f3e76d928a7064 Mon Sep 17 00:00:00 2001 From: Robin Dupret Date: Tue, 6 Jun 2017 17:31:24 +0200 Subject: Tiny documentation fixes [ci skip] --- guides/source/testing.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'guides') diff --git a/guides/source/testing.md b/guides/source/testing.md index 565f40ed37..7abf3af187 100644 --- a/guides/source/testing.md +++ b/guides/source/testing.md @@ -602,8 +602,8 @@ Model tests don't have their own superclass like `ActionMailer::TestCase` instea System Testing -------------- -System tests allows test user interactions with your application, running tests -in either a real or a headless browser. System tests uses Capybara as base. +System tests allow you to test user interactions with your application, running tests +in either a real or a headless browser. System tests uses Capybara under the hood. For creating Rails system tests, you use the `test/system` directory in your application. Rails provides a generator to create a system test skeleton for you. @@ -670,7 +670,7 @@ end ``` If your Capybara configuration requires more setup than provided by Rails, this -additional configuration could be added into `application_system_test_case.rb` +additional configuration could be added into the `application_system_test_case.rb` file. Please see [Capybara's documentation](https://github.com/teamcapybara/capybara#setup) -- cgit v1.2.3 From 42198c5591922dd1853a7b7f7cde803ede6a4198 Mon Sep 17 00:00:00 2001 From: Robin Dupret Date: Tue, 6 Jun 2017 17:33:17 +0200 Subject: Remove invalid entry from the guides index page Commit 1a5d9399 removed the "Profiling Rails Applications" guide but the YAML entry for this guide wasn't. [ci skip] --- guides/source/documents.yaml | 5 ----- 1 file changed, 5 deletions(-) (limited to 'guides') diff --git a/guides/source/documents.yaml b/guides/source/documents.yaml index 2afef57fc2..59205ee465 100644 --- a/guides/source/documents.yaml +++ b/guides/source/documents.yaml @@ -129,11 +129,6 @@ work_in_progress: true url: active_support_instrumentation.html description: This guide explains how to use the instrumentation API inside of Active Support to measure events inside of Rails and other Ruby code. - - - name: Profiling Rails Applications - work_in_progress: true - url: profiling.html - description: This guide explains how to profile your Rails applications to improve performance. - name: Using Rails for API-only Applications url: api_app.html -- cgit v1.2.3 From f59559d70af237f8a52e4ebde34b39d834f2787e Mon Sep 17 00:00:00 2001 From: edwardmp Date: Tue, 6 Jun 2017 23:54:45 +0200 Subject: Update upgrading guide w.r.t. Parameters to use other example method than slice as this has actually been implemented by Parameters --- guides/source/upgrading_ruby_on_rails.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/upgrading_ruby_on_rails.md b/guides/source/upgrading_ruby_on_rails.md index 93864db141..88a7d0a464 100644 --- a/guides/source/upgrading_ruby_on_rails.md +++ b/guides/source/upgrading_ruby_on_rails.md @@ -238,7 +238,7 @@ Run `bin/rails` to see the list of commands available. ### `ActionController::Parameters` No Longer Inherits from `HashWithIndifferentAccess` Calling `params` in your application will now return an object instead of a hash. If your -parameters are already permitted, then you will not need to make any changes. If you are using `slice` +parameters are already permitted, then you will not need to make any changes. If you are using `map` and other methods that depend on being able to read the hash regardless of `permitted?` you will need to upgrade your application to first permit and then convert to a hash. -- cgit v1.2.3 From 75869195725a816822f4403f1eb084162e3eb54b Mon Sep 17 00:00:00 2001 From: Yauheni Dakuka Date: Fri, 9 Jun 2017 14:45:08 +0300 Subject: Fix link in active_record_postgresql.md --- guides/source/active_record_postgresql.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/active_record_postgresql.md b/guides/source/active_record_postgresql.md index 6d07291b07..54f6be006e 100644 --- a/guides/source/active_record_postgresql.md +++ b/guides/source/active_record_postgresql.md @@ -84,7 +84,7 @@ Book.where("array_length(ratings, 1) >= 3") ### Hstore * [type definition](http://www.postgresql.org/docs/current/static/hstore.html) -* [functions and operators](http://www.postgresql.org/docs/current/static/hstore.html#AEN167712) +* [functions and operators](http://www.postgresql.org/docs/current/static/hstore.html#AEN179902) NOTE: You need to enable the `hstore` extension to use hstore. -- cgit v1.2.3 From 3910002deaec89e9af73f37a963eef719e7e0f5d Mon Sep 17 00:00:00 2001 From: Yauheni Dakuka Date: Fri, 9 Jun 2017 14:54:28 +0300 Subject: remove the extra comma in association_basics.md --- guides/source/association_basics.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/association_basics.md b/guides/source/association_basics.md index 5c7d1f5365..b0621be8c3 100644 --- a/guides/source/association_basics.md +++ b/guides/source/association_basics.md @@ -1831,7 +1831,7 @@ The `limit` method lets you restrict the total number of objects that will be fe class Author < ApplicationRecord has_many :recent_books, -> { order('published_at desc').limit(100) }, - class_name: "Book", + class_name: "Book" end ``` -- cgit v1.2.3 From da783d95711655e4bd29c887b7202a12a0c1d65e Mon Sep 17 00:00:00 2001 From: Yauheni Dakuka Date: Fri, 9 Jun 2017 15:32:42 +0300 Subject: [ci skip] Fix link in active_record_postgresql.md --- guides/source/active_record_postgresql.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/active_record_postgresql.md b/guides/source/active_record_postgresql.md index 54f6be006e..041fdacbab 100644 --- a/guides/source/active_record_postgresql.md +++ b/guides/source/active_record_postgresql.md @@ -285,7 +285,7 @@ SELECT n.nspname AS enum_schema, ### UUID * [type definition](http://www.postgresql.org/docs/current/static/datatype-uuid.html) -* [pgcrypto generator function](http://www.postgresql.org/docs/current/static/pgcrypto.html#AEN159361) +* [pgcrypto generator function](http://www.postgresql.org/docs/current/static/pgcrypto.html#AEN182570) * [uuid-ossp generator functions](http://www.postgresql.org/docs/current/static/uuid-ossp.html) NOTE: You need to enable the `pgcrypto` (only PostgreSQL >= 9.4) or `uuid-ossp` -- cgit v1.2.3 From 58de07f70def7b03e7941ecfe993980ca9c4acc7 Mon Sep 17 00:00:00 2001 From: Yohei Yasukawa Date: Sat, 10 Jun 2017 11:42:21 +0900 Subject: [ci skip] Add backquote to :counter_cache option --- guides/source/association_basics.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'guides') diff --git a/guides/source/association_basics.md b/guides/source/association_basics.md index b0621be8c3..bead931529 100644 --- a/guides/source/association_basics.md +++ b/guides/source/association_basics.md @@ -960,7 +960,7 @@ class Author < ApplicationRecord end ``` -NOTE: You only need to specify the :counter_cache option on the `belongs_to` +NOTE: You only need to specify the `:counter_cache` option on the `belongs_to` side of the association. Counter cache columns are added to the containing model's list of read-only attributes through `attr_readonly`. -- cgit v1.2.3 From 43512df990ff1bba30b4b3cfa427b314a0314623 Mon Sep 17 00:00:00 2001 From: Genadi Samokovarov Date: Mon, 29 May 2017 15:44:15 +0300 Subject: Document Module#delegate_missing_to in the guides Added a small section for it in the `Active Support Core Extensions` guide. [ci skip] --- guides/source/active_support_core_extensions.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'guides') diff --git a/guides/source/active_support_core_extensions.md b/guides/source/active_support_core_extensions.md index 67bed4c8da..eb46732127 100644 --- a/guides/source/active_support_core_extensions.md +++ b/guides/source/active_support_core_extensions.md @@ -755,6 +755,8 @@ NOTE: Defined in `active_support/core_ext/module/anonymous.rb`. ### Method Delegation +#### `delegate` + The macro `delegate` offers an easy way to forward methods. Let's imagine that users in some application have login information in the `User` model but name and other data in a separate `Profile` model: @@ -837,6 +839,25 @@ In the previous example the macro generates `avatar_size` rather than `size`. NOTE: Defined in `active_support/core_ext/module/delegation.rb` +#### `delegate_missing_to` + +Imagine you would like to delegate everything missing from the `User` object, +to the `Profile` one. The `delegate_missing_to` macro lets you implement this +in a breeze: + +```ruby +class User < ApplicationRecord + has_one :profile + + delegate_missing_to :profile +end +``` + +The target can be anything callable within the object, e.g. instance variables, +methods, constants, etc. Only the public methods of the target are delegated. + +NOTE: Defined in `active_support/core_ext/module/delegation.rb` + ### Redefining Methods There are cases where you need to define a method with `define_method`, but don't know whether a method with that name already exists. If it does, a warning is issued if they are enabled. No big deal, but not clean either. -- cgit v1.2.3 From 76bb3660242a50fab50a34ad745b4fe9c677b83c Mon Sep 17 00:00:00 2001 From: Vipul A M Date: Sun, 11 Jun 2017 17:51:08 +0530 Subject: Missing dots [ci skip] (#29414) --- guides/source/active_support_core_extensions.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'guides') diff --git a/guides/source/active_support_core_extensions.md b/guides/source/active_support_core_extensions.md index aa81d1eb6f..23f53ac084 100644 --- a/guides/source/active_support_core_extensions.md +++ b/guides/source/active_support_core_extensions.md @@ -856,7 +856,7 @@ end The target can be anything callable within the object, e.g. instance variables, methods, constants, etc. Only the public methods of the target are delegated. -NOTE: Defined in `active_support/core_ext/module/delegation.rb` +NOTE: Defined in `active_support/core_ext/module/delegation.rb`. ### Redefining Methods @@ -864,7 +864,7 @@ There are cases where you need to define a method with `define_method`, but don' The method `redefine_method` prevents such a potential warning, removing the existing method before if needed. -NOTE: Defined in `active_support/core_ext/module/remove_method.rb` +NOTE: Defined in `active_support/core_ext/module/remove_method.rb`. Extensions to `Class` --------------------- @@ -952,7 +952,7 @@ When `:instance_reader` is `false`, the instance predicate returns a `NoMethodEr If you do not want the instance predicate, pass `instance_predicate: false` and it will not be defined. -NOTE: Defined in `active_support/core_ext/class/attribute.rb` +NOTE: Defined in `active_support/core_ext/class/attribute.rb`. #### `cattr_reader`, `cattr_writer`, and `cattr_accessor` @@ -1848,7 +1848,7 @@ as well as adding or subtracting their results from a Time object. For example: (4.months + 5.years).from_now ``` -NOTE: Defined in `active_support/core_ext/numeric/time.rb` +NOTE: Defined in `active_support/core_ext/numeric/time.rb`. ### Formatting -- cgit v1.2.3 From 8426978c54429c28398daca3d14c8b5e52939657 Mon Sep 17 00:00:00 2001 From: Vipul A M Date: Mon, 12 Jun 2017 18:40:36 +0530 Subject: Add brakeman to guides/additional resources. Fixes #29383 [ci skip] (#29427) --- guides/source/security.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'guides') diff --git a/guides/source/security.md b/guides/source/security.md index f69a0c72b0..9b1f28a283 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -1060,6 +1060,7 @@ Additional Resources The security landscape shifts and it is important to keep up to date, because missing a new vulnerability can be catastrophic. You can find additional resources about (Rails) security here: -* Subscribe to the Rails security [mailing list](http://groups.google.com/group/rubyonrails-security) -* [Keep up to date on the other application layers](http://secunia.com/) (they have a weekly newsletter, too) -* A [good security blog](https://www.owasp.org) including the [Cross-Site scripting Cheat Sheet](https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_Sheet) +* Subscribe to the Rails security [mailing list.](http://groups.google.com/group/rubyonrails-security) +* [Brakeman - Rails Security Scanner](http://brakemanscanner.org/)- To perform static security analysis for Rails applications. +* [Keep up to date on the other application layers.](http://secunia.com/) (they have a weekly newsletter, too) +* A [good security blog](https://www.owasp.org) including the [Cross-Site scripting Cheat Sheet.](https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_Sheet) -- cgit v1.2.3 From 0cd957ef453d31218eb99c0149589814cc7ef685 Mon Sep 17 00:00:00 2001 From: Dmytro Vasin Date: Tue, 13 Jun 2017 08:37:03 +0300 Subject: Updated `working with javascript` readme to support the behavior of rails-ujs. --- guides/source/working_with_javascript_in_rails.md | 29 +++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'guides') diff --git a/guides/source/working_with_javascript_in_rails.md b/guides/source/working_with_javascript_in_rails.md index 290f2a509b..35e6aea4cf 100644 --- a/guides/source/working_with_javascript_in_rails.md +++ b/guides/source/working_with_javascript_in_rails.md @@ -376,6 +376,35 @@ browser to submit the form via normal means (i.e. non-AJAX submission) will be canceled and the form will not be submitted at all. This is useful for implementing your own AJAX file upload workaround. +### Rails-ujs event handlers + +Rails 5.1 introduced rails-ujs and dropped jQuery as a dependency. +As a result the Unobtrusive JavaScript (UJS) driver has been rewritten to operate without jQuery. +These introductions cause small changes to `custom events` fired during the request: + +NOTE: Signature of calls to UJS’s event handlers have changed. +Unlike the version with jqeury, all custom events return only one parameter: `event`. +In this parameter, there is an additional attribute `details` which contains an array of extra parameters. + +| Event name | Extra parameters (event.detail) | Fired | +|---------------------|---------------------------------|-------------------------------------------------------------| +| `ajax:before` | | Before the whole ajax business. | +| `ajax:beforeSend` | [xhr, options] | Before the request is sent. | +| `ajax:send` | [xhr] | When the request is sent. | +| `ajax:stopped` | | When the request is stopped. | +| `ajax:success` | [response, status, xhr] | After completion, if the response was a success. | +| `ajax:error` | [response, status, xhr] | After completion, if the response was an error. | +| `ajax:complete` | [xhr, status] | After the request has been completed, no matter the outcome.| + +Example usage: + +```html +document.body.addEventListener('ajax:success', function(event) { + var detail = event.detail; + var data = detail[0], status = detail[1], xhr = detail[2]; +}) +``` + Server-Side Concerns -------------------- -- cgit v1.2.3