actionpack 1.8.1 → 1.9.0

data/lib/action_controller/cgi_ext/raw_post_data_fix.rb

@@ -6,6 +6,8 @@ class CGI #:nodoc:
     # Handles multipart forms (in particular, forms that involve file uploads).
     # Reads query parameters in the @params field, and cookies into @cookies.
     def initialize_query()
+      @cookies = CGI::Cookie::parse((env_table['HTTP_COOKIE'] || env_table['COOKIE']))
+
       if boundary = multipart_form_boundary
         @multipart = true
         @params = read_multipart(boundary, Integer(env_table['CONTENT_LENGTH']))
@@ -13,12 +15,12 @@ class CGI #:nodoc:
         @multipart = false
         @params = CGI::parse(read_query_params || "")
       end
-      
-      @cookies = CGI::Cookie::parse((env_table['HTTP_COOKIE'] || env_table['COOKIE']))
     end
 
     private
-      MULTIPART_FORM_BOUNDARY_RE = %r|\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?|n #"
+      unless defined?(MULTIPART_FORM_BOUNDARY_RE)
+        MULTIPART_FORM_BOUNDARY_RE = %r|\Amultipart/form-data.*boundary=\"?([^\";,]+)\"?|n #"
+      end
 
       def multipart_form_boundary        
         if env_table['REQUEST_METHOD'] == 'POST'
@@ -26,17 +28,33 @@ class CGI #:nodoc:
         end
       end
 
+      def read_params_from_query
+        if defined? MOD_RUBY
+          Apache::request.args || ''
+        else
+          # fixes CGI querystring parsing for POSTs
+          if env_table['QUERY_STRING'].blank? && !env_table['REQUEST_URI'].blank?
+            env_table['QUERY_STRING'] = env_table['REQUEST_URI'].split('?', 2)[1] || ''
+          end
+          env_table['QUERY_STRING']
+        end
+      end
+
+      def read_params_from_post
+        stdinput.binmode if stdinput.respond_to?(:binmode)
+        content = stdinput.read(Integer(env_table['CONTENT_LENGTH'])) || ''
+        env_table['RAW_POST_DATA'] = content.split("&_").first.to_s.freeze # &_ is a fix for Safari Ajax postings that always append \000
+      end
+
       def read_query_params
-        case env_table['REQUEST_METHOD']
-          when 'GET', 'HEAD', 'DELETE', 'OPTIONS'
-            (defined?(MOD_RUBY) ? Apache::request.args : env_table['QUERY_STRING']) || ''
-          when 'POST', 'PUT'
-            stdinput.binmode if stdinput.respond_to?(:binmode)
-            content = stdinput.read(Integer(env_table['CONTENT_LENGTH'])) || ''
-            env_table['RAW_POST_DATA'] = content.split("&_").first.to_s.freeze # &_ is a fix for Safari Ajax postings that always append \000
-          else
+        case env_table['REQUEST_METHOD'].to_s.upcase
+          when 'CMD'
             read_from_cmdline
-          end
+          when 'POST', 'PUT'
+            read_params_from_post
+          else # when 'GET', 'HEAD', 'DELETE', 'OPTIONS'
+            read_params_from_query
+        end
       end
   end # module QueryExtension
 end

data/lib/action_controller/cgi_process.rb

@@ -2,8 +2,10 @@ require 'action_controller/cgi_ext/cgi_ext'
 require 'action_controller/cgi_ext/cookie_performance_fix'
 require 'action_controller/cgi_ext/raw_post_data_fix'
 require 'action_controller/session/drb_store'
-require 'action_controller/session/active_record_store'
 require 'action_controller/session/mem_cache_store'
+if Object.const_defined?(:ActiveRecord)
+  require 'action_controller/session/active_record_store'
+end
 
 module ActionController #:nodoc:
   class Base
@@ -37,8 +39,11 @@ module ActionController #:nodoc:
   class CgiRequest < AbstractRequest #:nodoc:
     attr_accessor :cgi
 
-    DEFAULT_SESSION_OPTIONS =
-      { :database_manager => CGI::Session::PStore, :prefix => "ruby_sess.", :session_path => "/" }
+    DEFAULT_SESSION_OPTIONS = {
+      :database_manager => CGI::Session::PStore,
+      :prefix => "ruby_sess.",
+      :session_path => "/"
+    } unless const_defined?(:DEFAULT_SESSION_OPTIONS)
 
     def initialize(cgi, session_options = {})
       @cgi = cgi
@@ -63,7 +68,11 @@ module ActionController #:nodoc:
     end
 
     def request_parameters
-      CGIMethods.parse_request_parameters(@cgi.params)
+      if formatted_post?
+        CGIMethods.parse_formatted_request_parameters(post_format, env['RAW_POST_DATA'])
+      else
+        CGIMethods.parse_request_parameters(@cgi.params)
+      end
     end
     
     def env
@@ -80,17 +89,34 @@ module ActionController #:nodoc:
     
     def session
       return @session unless @session.nil?
+
       begin
         @session = (@session_options == false ? {} : CGI::Session.new(@cgi, session_options_with_string_keys))
         @session["__valid_session"]
         return @session
       rescue ArgumentError => e
-        @session.delete if @session
+        # TODO: Uncomment this on 0.13.1
+        # if e.message =~ %r{undefined class/module (\w+)}
+        #   begin
+        #     Module.const_missing($1)
+        #   rescue LoadError, NameError => e
+        #     raise(
+        #       ActionController::SessionRestoreError, 
+        #       "Session contained objects where the class definition wasn't available. " +
+        #       "Remember to require classes for all objects kept in the session. " +
+        #       "(Original exception: #{e.message} [#{e.class}])"
+        #     )
+        #   end
+        # 
+        #   retry
+        # else
+        #   raise
+        # end
         raise(
           ActionController::SessionRestoreError, 
           "Session contained objects where the class definition wasn't available. " +
           "Remember to require classes for all objects kept in the session. " +
-          "The session has been deleted. (Original exception: #{e.message} [#{e.class}])"
+          "(Original exception: #{e.message} [#{e.class}])"
         )
       end
     end
@@ -120,21 +146,23 @@ module ActionController #:nodoc:
       super()
     end
 
-    def out
+    def out(output = $stdout)
       convert_content_type!(@headers)
-      $stdout.binmode if $stdout.respond_to?(:binmode)
-      $stdout.sync = false
+      output.binmode      if output.respond_to?(:binmode)
+      output.sync = false if output.respond_to?(:sync=)
       
       begin
-        print @cgi.header(@headers)
+        output.write(@cgi.header(@headers))
 
         if @cgi.send(:env_table)['REQUEST_METHOD'] == 'HEAD'
           return
         elsif @body.respond_to?(:call)
           @body.call(self)
         else
-          print @body
+          output.write(@body)
         end
+
+        output.flush if output.respond_to?(:flush)
       rescue Errno::EPIPE => e
         # lost connection to the FCGI process -- ignore the output, then
       end

data/lib/action_controller/code_generation.rb

@@ -0,0 +1,235 @@
+module ActionController
+  module CodeGeneration #:nodoc:
+    class GenerationError < StandardError #:nodoc:
+    end
+  
+    class Source #:nodoc:
+      attr_reader :lines, :indentation_level
+      IndentationString = '  '
+      def initialize
+        @lines, @indentation_level = [], 0
+      end
+      def line(line)
+        @lines << (IndentationString * @indentation_level + line)
+      end
+      alias :<< :line
+    
+      def indent
+        @indentation_level += 1
+        yield
+        ensure
+        @indentation_level -= 1
+      end
+    
+      def to_s() lines.join("\n") end
+    end
+
+    class CodeGenerator #:nodoc:
+      attr_accessor :source, :locals
+      def initialize(source = nil)
+        @locals = []
+        @source = source || Source.new
+      end
+    
+      BeginKeywords = %w(if unless begin until while def).collect {|kw| kw.to_sym}
+      ResumeKeywords = %w(elsif else rescue).collect {|kw| kw.to_sym}
+      Keywords = BeginKeywords + ResumeKeywords
+    
+      def method_missing(keyword, *text)
+        if Keywords.include? keyword
+          if ResumeKeywords.include? keyword
+            raise GenerationError, "Can only resume with #{keyword} immediately after an end" unless source.lines.last =~ /^\s*end\s*$/ 
+            source.lines.pop # Remove the 'end'
+          end
+      
+          line "#{keyword} #{text.join ' '}"
+          begin source.indent { yield(self.dup) }
+          ensure line 'end'
+          end
+        else
+          super(keyword, *text)
+        end
+      end
+    
+      def line(*args) self.source.line(*args) end
+      alias :<< :line
+      def indent(*args, &block) source(*args, &block) end
+      def to_s() source.to_s end
+    
+      def share_locals_with(other)
+        other.locals = self.locals = (other.locals | locals) 
+      end
+    
+      FieldsToDuplicate = [:locals]
+      def dup
+        copy = self.class.new(source)
+        self.class::FieldsToDuplicate.each do |sym|
+          value = self.send(sym)
+          value = value.dup unless value.nil? || value.is_a?(Numeric)
+          copy.send("#{sym}=", value)
+        end
+        return copy
+      end
+    end
+
+    class RecognitionGenerator < CodeGenerator #:nodoc:
+      Attributes = [:after, :before, :current, :results, :constants, :depth, :move_ahead, :finish_statement]
+      attr_accessor(*Attributes)
+      FieldsToDuplicate = CodeGenerator::FieldsToDuplicate + Attributes
+    
+      def initialize(*args)
+        super(*args)
+        @after, @before = [], []
+        @current = nil
+        @results, @constants = {}, {}
+        @depth = 0
+        @move_ahead = nil
+        @finish_statement = Proc.new {|hash_expr| hash_expr}
+      end
+    
+      def if_next_matches(string, &block)
+        test = Routing.test_condition(next_segment(true), string)
+        self.if(test, &block)
+      end
+    
+      def move_forward(places = 1)
+        dup = self.dup
+        dup.depth += 1
+        dup.move_ahead = places
+        yield dup
+      end
+    
+      def next_segment(assign_inline = false, default = nil)
+        if locals.include?(segment_name)
+          code = segment_name
+        else
+          code = "#{segment_name} = #{path_name}[#{index_name}]"
+          if assign_inline
+            code = "(#{code})"
+          else
+            line(code)
+            code = segment_name
+          end
+        
+          locals << segment_name
+        end
+        code = "(#{code} || #{default.inspect})" if default 
+      
+        return code.to_s
+      end
+    
+      def segment_name() "segment#{depth}".to_sym end
+      def path_name() :path end
+      def index_name
+        move_ahead, @move_ahead = @move_ahead, nil
+        move_ahead ? "index += #{move_ahead}" : 'index'
+      end
+    
+      def continue
+        dup = self.dup
+        dup.before << dup.current
+        dup.current = dup.after.shift
+        dup.go
+      end
+    
+      def go
+        if current then current.write_recognition(self)
+        else self.finish
+        end
+      end 
+    
+      def result(key, expression, delay = false)
+        unless delay
+          line "#{key}_value = #{expression}"
+          expression = "#{key}_value"
+        end
+        results[key] = expression
+      end
+      def constant_result(key, object)
+        constants[key] = object
+      end
+  
+      def finish(ensure_traversal_finished = true)
+        pairs = [] 
+        (results.keys + constants.keys).uniq.each do |key|
+          pairs << "#{key.to_s.inspect} => #{results[key] ? results[key] : constants[key].inspect}"
+        end
+        hash_expr = "{#{pairs.join(', ')}}"
+      
+        statement = finish_statement.call(hash_expr)
+        if ensure_traversal_finished then self.if("! #{next_segment(true)}") {|gp| gp << statement}
+        else self << statement
+        end
+      end
+    end
+  
+    class GenerationGenerator < CodeGenerator #:nodoc:
+      Attributes = [:after, :before, :current, :segments]
+      attr_accessor(*Attributes)
+      FieldsToDuplicate = CodeGenerator::FieldsToDuplicate + Attributes
+    
+      def initialize(*args)
+        super(*args)
+        @after, @before = [], []
+        @current = nil
+        @segments = []
+      end
+    
+      def hash_name() 'hash' end
+      def local_name(key) "#{key}_value" end
+    
+      def hash_value(key, assign = true, default = nil)
+        if locals.include?(local_name(key)) then code = local_name(key)
+        else
+          code = "hash[#{key.to_sym.inspect}]"
+          if assign
+            code = "(#{local_name(key)} = #{code})"
+            locals << local_name(key)
+          end
+        end
+        code = "(#{code} || (#{default.inspect}))" if default
+        return code
+      end 
+    
+      def expire_for_keys(*keys)
+        return if keys.empty?
+        conds = keys.collect {|key| "expire_on[#{key.to_sym.inspect}]"}
+        line "not_expired, #{hash_name} = false, options if not_expired && #{conds.join(' && ')}"
+      end
+    
+      def add_segment(*segments)
+        d = dup
+        d.segments.concat segments
+        yield d
+      end
+    
+      def go
+        if current then current.write_generation(self)
+        else self.finish
+        end
+      end
+    
+      def continue
+        d = dup
+        d.before << d.current
+        d.current = d.after.shift
+        d.go
+      end
+    
+      def finish
+        line %("/#{segments.join('/')}")
+      end
+
+      def check_conditions(conditions)
+        tests = []
+        generator = nil
+        conditions.each do |key, condition|
+          tests << (generator || self).hash_value(key, true) if condition.is_a? Regexp
+          tests << Routing.test_condition((generator || self).hash_value(key, false), condition)
+          generator = self.dup unless generator
+        end
+        return tests.join(' && ')
+      end
+    end
+  end
+end

data/lib/action_controller/cookies.rb

@@ -3,17 +3,17 @@ module ActionController #:nodoc:
   # the cookies being written is what will be sent out will the response. Cookies are read by value (so you won't get the cookie object
   # itself back -- just the value it holds). Examples for writing:
   #
-  #   cookies["user_name"] = "david" # => Will set a simple session cookie
-  #   cookies["login"] = { :value => "XJ-122", :expires => Time.now + 360} # => Will set a cookie that expires in 1 hour
+  #   cookies[:user_name] = "david" # => Will set a simple session cookie
+  #   cookies[:login] = { :value => "XJ-122", :expires => Time.now + 360} # => Will set a cookie that expires in 1 hour
   #   
   # Examples for reading:
   #
-  #   cookies["user_name"] # => "david"
+  #   cookies[:user_name] # => "david"
   #   cookies.size         # => 2
   # 
   # Example for deleting:
   #
-  #   cookies.delete "user_name"
+  #   cookies.delete :user_name
   #
   # All the option symbols for setting cookies are:
   #
@@ -24,10 +24,16 @@ module ActionController #:nodoc:
   # * <tt>secure</tt> - whether this cookie is a secure cookie or not (default to false).
   #   Secure cookies are only transmitted to HTTPS servers.
   module Cookies
-    # Returns the cookie container, which operates as described above.
-    def cookies
-      CookieJar.new(self)
-    end
+    protected
+      # Returns the cookie container, which operates as described above.
+      def cookies
+        CookieJar.new(self)
+      end
+
+      # Deprecated cookie writer method
+      def cookie(*options)
+        @response.headers["cookie"] << CGI::Cookie.new(*options)
+      end
   end
   
   class CookieJar < Hash #:nodoc:

data/lib/action_controller/deprecated_renders_and_redirects.rb

@@ -0,0 +1,76 @@
+module ActionController
+  class Base
+    protected
+      # Works like render, but instead of requiring a full template name, you can get by with specifying the action name. So calling
+      # <tt>render_action "show_many"</tt> in WeblogController#display will render "#{template_root}/weblog/show_many.rhtml" or 
+      # "#{template_root}/weblog/show_many.rxml".
+      def render_action(action_name, status = nil)
+        render :action => action_name, :status => status
+      end
+
+      # Works like render, but disregards the template_root and requires a full path to the template that needs to be rendered. Can be
+      # used like <tt>render_file "/Users/david/Code/Ruby/template"</tt> to render "/Users/david/Code/Ruby/template.rhtml" or
+      # "/Users/david/Code/Ruby/template.rxml".
+      def render_file(template_path, status = nil, use_full_path = false)
+        render :file => template_path, :status => status, :use_full_path => use_full_path
+      end
+
+      # Renders the +template+ string, which is useful for rendering short templates you don't want to bother having a file for. So
+      # you'd call <tt>render_template "Hello, <%= @user.name %>"</tt> to greet the current user. Or if you want to render as Builder
+      # template, you could do <tt>render_template "xml.h1 @user.name", nil, "rxml"</tt>.
+      def render_template(template, status = nil, type = "rhtml")
+        render :inline => template, :status => status, :type => type
+      end
+
+      # Renders the +text+ string without parsing it through any template engine. Useful for rendering static information as it's
+      # considerably faster than rendering through the template engine.
+      # Use block for response body if provided (useful for deferred rendering or streaming output).
+      def render_text(text = nil, status = nil)
+        render :text => text, :status => status
+      end
+
+      # Renders an empty response that can be used when the request is only interested in triggering an effect. Do note that good
+      # HTTP manners mandate that you don't use GET requests to trigger data changes.
+      def render_nothing(status = nil)
+        render :nothing => true, :status => status
+      end
+
+      # Renders the partial specified by <tt>partial_path</tt>, which by default is the name of the action itself. Example:
+      #
+      #   class WeblogController < ActionController::Base
+      #     def show
+      #       render_partial # renders "weblog/_show.r(xml|html)"
+      #     end
+      #   end
+      def render_partial(partial_path = default_template_name, object = nil, local_assigns = {})
+        render :partial => partial_path, :object => object, :locals => local_assigns
+      end
+
+      # Renders a collection of partials using <tt>partial_name</tt> to iterate over the +collection+.
+      def render_partial_collection(partial_name, collection, partial_spacer_template = nil, local_assigns = {})
+        render :partial => partial_name, :collection => collection, :spacer_template => partial_spacer_template, :locals => local_assigns
+      end
+
+      def render_with_layout(template_name = default_template_name, status = nil, layout = nil)
+        render :template => template_name, :status => status, :layout => layout
+      end
+
+      def render_without_layout(template_name = default_template_name, status = nil)
+        render :template => template_name, :status => status, :layout => false
+      end
+
+
+      # Deprecated in favor of calling redirect_to directly with the path.
+      def redirect_to_path(path)
+        redirect_to(path)
+      end
+
+      # Deprecated in favor of calling redirect_to directly with the url. If the resource has moved permanently, it's possible to pass
+      # true as the second parameter and the browser will get "301 Moved Permanently" instead of "302 Found". This can also be done through
+      # just setting the headers["Status"] to "301 Moved Permanently" before using the redirect_to.
+      def redirect_to_url(url, permanently = false)
+        headers["Status"] = "301 Moved Permanently" if permanently
+        redirect_to(url)
+      end
+  end
+end