actionpack 1.8.1 → 1.9.0

data/lib/action_controller/scaffolding.rb

@@ -27,12 +27,12 @@ module ActionController
     #    end
     #  
     #    def show
-    #      @entry = Entry.find(@params["id"])
+    #      @entry = Entry.find(params[:id])
     #      render_scaffold
     #    end
     #    
     #    def destroy
-    #      Entry.find(@params["id"]).destroy
+    #      Entry.find(params[:id]).destroy
     #      redirect_to :action => "list"
     #    end
     #    
@@ -42,9 +42,9 @@ module ActionController
     #    end
     #    
     #    def create
-    #      @entry = Entry.new(@params["entry"])
+    #      @entry = Entry.new(params[:entry])
     #      if @entry.save
-    #        flash["notice"] = "Entry was successfully created"
+    #        flash[:notice] = "Entry was successfully created"
     #        redirect_to :action => "list"
     #      else
     #        render_scaffold('new')
@@ -52,17 +52,17 @@ module ActionController
     #    end
     #    
     #    def edit
-    #      @entry = Entry.find(@params["id"])
+    #      @entry = Entry.find(params[:id])
     #      render_scaffold
     #    end
     #    
     #    def update
-    #      @entry = Entry.find(@params["entry"]["id"])
-    #      @entry.attributes = @params["entry"]
+    #      @entry = Entry.find(params[:id])
+    #      @entry.attributes = params[:entry]
     #  
     #      if @entry.save
-    #        flash["notice"] = "Entry was successfully updated"
-    #        redirect_to :action => "show/" + @entry.id.to_s
+    #        flash[:notice] = "Entry was successfully updated"
+    #        redirect_to :action => "show", :id => @entry
     #      else
     #        render_scaffold('edit')
     #      end
@@ -84,9 +84,9 @@ module ActionController
       def scaffold(model_id, options = {})
         validate_options([ :class_name, :suffix ], options.keys)
 
-        singular_name = model_id.id2name
-        class_name    = options[:class_name] || Inflector.camelize(singular_name)
-        plural_name   = Inflector.pluralize(singular_name)
+        singular_name = model_id.to_s
+        class_name    = options[:class_name] || singular_name.camelize
+        plural_name   = singular_name.pluralize
         suffix        = options[:suffix] ? "_#{singular_name}" : ""
 
         unless options[:suffix]
@@ -99,17 +99,17 @@ module ActionController
         
         module_eval <<-"end_eval", __FILE__, __LINE__
           def list#{suffix}
-            @#{singular_name}_pages, @#{plural_name} = paginate :#{singular_name}, :per_page => 10
+            @#{singular_name}_pages, @#{plural_name} = paginate :#{plural_name}, :per_page => 10
             render#{suffix}_scaffold "list#{suffix}"
           end
 
           def show#{suffix}
-            @#{singular_name} = #{class_name}.find(@params["id"])
+            @#{singular_name} = #{class_name}.find(params[:id])
             render#{suffix}_scaffold
           end
           
           def destroy#{suffix}
-            #{class_name}.find(@params["id"]).destroy
+            #{class_name}.find(params[:id]).destroy
             redirect_to :action => "list#{suffix}"
           end
           
@@ -119,9 +119,9 @@ module ActionController
           end
           
           def create#{suffix}
-            @#{singular_name} = #{class_name}.new(@params["#{singular_name}"])
+            @#{singular_name} = #{class_name}.new(params[:#{singular_name}])
             if @#{singular_name}.save
-              flash["notice"] = "#{class_name} was successfully created"
+              flash[:notice] = "#{class_name} was successfully created"
               redirect_to :action => "list#{suffix}"
             else
               render#{suffix}_scaffold('new')
@@ -129,17 +129,17 @@ module ActionController
           end
           
           def edit#{suffix}
-            @#{singular_name} = #{class_name}.find(@params["id"])
+            @#{singular_name} = #{class_name}.find(params[:id])
             render#{suffix}_scaffold
           end
           
           def update#{suffix}
-            @#{singular_name} = #{class_name}.find(@params["#{singular_name}"]["id"])
-            @#{singular_name}.attributes = @params["#{singular_name}"]
+            @#{singular_name} = #{class_name}.find(params[:id])
+            @#{singular_name}.attributes = params[:#{singular_name}]
 
             if @#{singular_name}.save
-              flash["notice"] = "#{class_name} was successfully updated"
-              redirect_to :action => "show#{suffix}", :id => @#{singular_name}.id.to_s
+              flash[:notice] = "#{class_name} was successfully updated"
+              redirect_to :action => "show#{suffix}", :id => @#{singular_name}
             else
               render#{suffix}_scaffold('edit')
             end
@@ -148,7 +148,7 @@ module ActionController
           private
             def render#{suffix}_scaffold(action = caller_method_name(caller))
               if template_exists?("\#{self.class.controller_path}/\#{action}")
-                render_action(action)
+                render(:action => action)
               else
                 @scaffold_class = #{class_name}
                 @scaffold_singular_name, @scaffold_plural_name = "#{singular_name}", "#{plural_name}"
@@ -156,10 +156,15 @@ module ActionController
                 add_instance_variables_to_assigns
 
                 @content_for_layout = @template.render_file(scaffold_path(action.sub(/#{suffix}$/, "")), false)
-                self.active_layout ? render_file(self.active_layout, "200 OK", true) : render_file(scaffold_path("layout"))
+
+                if !active_layout.nil?
+                  render :file => active_layout, :use_full_path => true
+                else
+                  render :file => scaffold_path("layout")
+                end
               end
             end
-            
+
             def scaffold_path(template_name)
               File.dirname(__FILE__) + "/templates/scaffolds/" + template_name + ".rhtml"
             end

data/lib/action_controller/session/active_record_store.rb

@@ -1,82 +1,283 @@
-begin
-
-require 'active_record'
 require 'cgi'
 require 'cgi/session'
+require 'digest/md5'
 require 'base64'
 
-# Contributed by Tim Bates
 class CGI
   class Session
-    # Active Record database-based session storage class.
+    # A session store backed by an Active Record class.
+    #
+    # A default class is provided, but any object duck-typing to an Active
+    # Record +Session+ class with text +session_id+ and +data+ attributes
+    # may be used as the backing store.
+    #
+    # The default assumes a +sessions+ tables with columns +id+ (numeric
+    # primary key), +session_id+ (text), and +data+ (text).  Session data is
+    # marshaled to +data+.  +session_id+ should be indexed for speedy lookups.
     #
-    # Implements session storage in a database using the ActiveRecord ORM library. Assumes that the database
-    # has a table called +sessions+ with columns +id+ (numeric, primary key), +sessid+ and +data+ (text).
-    # The session data is stored in the +data+ column in the binary Marshal format; the user is responsible for ensuring that
-    # only data that can be Marshaled is stored in the session.
+    # Since the default class is a simple Active Record, you get timestamps
+    # for free if you add +created_at+ and +updated_at+ datetime columns to
+    # the +sessions+ table, making periodic session expiration a snap.
     #
-    # Adding +created_at+ or +updated_at+ datetime columns to the sessions table will enable stamping of the data, which can
-    # be used to clear out old sessions.
+    # You may provide your own session class, whether a feature-packed
+    # Active Record or a bare-metal high-performance SQL store, by setting
+    #   +CGI::Session::ActiveRecordStore.session_class = MySessionClass+
+    # You must implement these methods:
+    #   self.find_by_session_id(session_id)
+    #   initialize(hash_of_session_id_and_data)
+    #   attr_reader :session_id
+    #   attr_accessor :data
+    #   save!
+    #   destroy
     #
-    # It's highly recommended to have an index on the sessid column to improve performance.
+    # The fast SqlBypass class is a generic SQL session store.  You may
+    # use it as a basis for high-performance database-specific stores.
     class ActiveRecordStore
-      # The ActiveRecord class which corresponds to the database table.
+      # The default Active Record class.
       class Session < ActiveRecord::Base
+        before_save   :marshal_data!
+        before_update :data_changed?
+
+        class << self
+          # Hook to set up sessid compatibility.
+          def find_by_session_id(session_id)
+            setup_sessid_compatibility!
+            find_by_session_id(session_id)
+          end
+
+          def marshal(data)     Base64.encode64(Marshal.dump(data)) end
+          def unmarshal(data)   Marshal.load(Base64.decode64(data)) end
+          def fingerprint(data) Digest::MD5.hexdigest(data)         end
+
+          def create_table!
+            connection.execute <<-end_sql
+              CREATE TABLE #{table_name} (
+                id INTEGER PRIMARY KEY,
+                #{connection.quote_column_name('session_id')} TEXT UNIQUE,
+                #{connection.quote_column_name('data')} TEXT
+              )
+            end_sql
+          end
+
+          def drop_table!
+            connection.execute "DROP TABLE #{table_name}"
+          end
+
+          private
+            # Compatibility with tables using sessid instead of session_id.
+            def setup_sessid_compatibility!
+              # Reset column info since it may be stale.
+              reset_column_information
+              if columns_hash['sessid']
+                def self.find_by_session_id(*args)
+                  find_by_sessid(*args)
+                end
+
+                define_method(:session_id)  { sessid }
+                define_method(:session_id=) { |session_id| self.sessid = session_id }
+              else
+                def self.find_by_session_id(session_id)
+                  find :first, :conditions => ["session_id #{attribute_condition(session_id)}", session_id]
+                end
+              end
+            end
+        end
+
+        # Lazy-unmarshal session state.  Take a fingerprint so we can detect
+        # whether to save changes later.
+        def data
+          unless @data
+            case @data = read_attribute('data')
+              when String
+                @fingerprint = self.class.fingerprint(@data)
+                @data = self.class.unmarshal(@data)
+              when nil
+                @data = {}
+                @fingerprint = nil
+            end
+          end
+          @data
+        end
+
+        private
+          def marshal_data!
+            write_attribute('data', self.class.marshal(@data || {}))
+          end
+
+          def data_changed?
+            old_fingerprint, @fingerprint = @fingerprint, self.class.fingerprint(read_attribute('data'))
+            old_fingerprint != @fingerprint
+          end
       end
 
-      # Create a new ActiveRecordStore instance. This constructor is used internally by CGI::Session.
-      # The user does not generally need to call it directly.
+      # A barebones session store which duck-types with the default session
+      # store but bypasses Active Record and issues SQL directly.
       #
-      # +session+ is the session for which this instance is being created.
+      # The database connection, table name, and session id and data columns
+      # are configurable class attributes.  Marshaling and unmarshaling
+      # are implemented as class methods that you may override.  By default,
+      # marshaling data is +Base64.encode64(Marshal.dump(data))+ and
+      # unmarshaling data is +Marshal.load(Base64.decode64(data))+.
       #
-      # +option+ is currently ignored as no options are recognized.
-      #
-      # This session's ActiveRecord database row will be created if it does not exist, or opened if it does.
-      def initialize(session, option=nil)
-        ActiveRecord::Base.silence do
-          @session = Session.find_by_sessid(session.session_id) || Session.new("sessid" => session.session_id, "data" => marshalize({}))
-          @data    = unmarshalize(@session.data)
+      # This marshaling behavior is intended to store the widest range of
+      # binary session data in a +text+ column.  For higher performance,
+      # store in a +blob+ column instead and forgo the Base64 encoding.
+      class SqlBypass
+        # Use the ActiveRecord::Base.connection by default.
+        cattr_accessor :connection
+        def self.connection
+          @@connection ||= ActiveRecord::Base.connection
         end
-      end
 
-      # Update and close the session's ActiveRecord object.
-      def close
-        return unless @session
-        update
-        @session = nil
+        # The table name defaults to 'sessions'.
+        cattr_accessor :table_name
+        @@table_name = 'sessions'
+
+        # The session id field defaults to 'session_id'.
+        cattr_accessor :session_id_column
+        @@session_id_column = 'session_id'
+
+        # The data field defaults to 'data'.
+        cattr_accessor :data_column
+        @@data_column = 'data'
+
+        class << self
+          # Look up a session by id and unmarshal its data if found.
+          def find_by_session_id(session_id)
+            if record = @@connection.select_one("SELECT * FROM #{@@table_name} WHERE #{@@session_id_column}=#{@@connection.quote(session_id)}")
+              new(:session_id => session_id, :marshaled_data => record['data'])
+            end
+          end
+
+          def marshal(data)     Base64.encode64(Marshal.dump(data)) end
+          def unmarshal(data)   Marshal.load(Base64.decode64(data)) end
+          def fingerprint(data) Digest::MD5.hexdigest(data)         end
+
+          def create_table!
+            @@connection.execute <<-end_sql
+              CREATE TABLE #{table_name} (
+                id INTEGER PRIMARY KEY,
+                #{@@connection.quote_column_name(session_id_column)} TEXT UNIQUE,
+                #{@@connection.quote_column_name(data_column)} TEXT
+              )
+            end_sql
+          end
+
+          def drop_table!
+            @@connection.execute "DROP TABLE #{table_name}"
+          end
+        end
+
+        attr_reader :session_id
+        attr_writer :data
+
+        # Look for normal and marshaled data, self.find_by_session_id's way of
+        # telling us to postpone unmarshaling until the data is requested.
+        # We need to handle a normal data attribute in case of a new record.
+        def initialize(attributes)
+          @session_id, @data, @marshaled_data = attributes[:session_id], attributes[:data], attributes[:marshaled_data]
+          @new_record = @marshaled_data.nil?
+        end
+
+        def new_record?
+          @new_record
+        end
+
+        # Lazy-unmarshal session state.  Take a fingerprint so we can detect
+        # whether to save changes later.
+        def data
+          unless @data
+            if @marshaled_data
+              @fingerprint = self.class.fingerprint(@marshaled_data)
+              @data, @marshaled_data = self.class.unmarshal(@marshaled_data), nil
+            else
+              @data = {}
+              @fingerprint = nil
+            end
+          end
+          @data
+        end
+
+        def save!
+          marshaled_data = self.class.marshal(data)
+          if @new_record
+            @new_record = false
+            @@connection.update <<-end_sql, 'Create session'
+              INSERT INTO #{@@table_name} (
+                #{@@connection.quote_column_name(@@session_id_column)},
+                #{@@connection.quote_column_name(@@data_column)} )
+              VALUES (
+                #{@@connection.quote(session_id)},
+                #{@@connection.quote(marshaled_data)} )
+            end_sql
+          else
+            old_fingerprint, @fingerprint = @fingerprint, self.class.fingerprint(marshaled_data)
+            if old_fingerprint != @fingerprint
+              @@connection.update <<-end_sql, 'Update session'
+                UPDATE #{@@table_name}
+                SET #{@@connection.quote_column_name(@@data_column)}=#{@@connection.quote(marshaled_data)}
+                WHERE #{@@connection.quote_column_name(@@session_id_column)}=#{@@connection.quote(session_id)}
+              end_sql
+            end
+          end
+        end
+
+        def destroy
+          unless @new_record
+            @@connection.delete <<-end_sql, 'Destroy session'
+              DELETE FROM #{@@table_name}
+              WHERE #{@@connection.quote_column_name(@@session_id_column)}=#{@@connection.quote(session_id)}
+            end_sql
+          end
+        end
       end
 
-      # Close and destroy the session's ActiveRecord object.
-      def delete
-        return unless @session
-        @session.destroy
-        @session = nil
+      # The class used for session storage.  Defaults to
+      # CGI::Session::ActiveRecordStore::Session.
+      cattr_accessor :session_class
+      @@session_class = Session
+
+      # Find or instantiate a session given a CGI::Session.
+      def initialize(session, option = nil)
+        session_id = session.session_id
+        unless @session = @@session_class.find_by_session_id(session_id)
+          unless session.new_session
+            raise CGI::Session::NoSession, 'uninitialized session'
+          end
+          @session = @@session_class.new(:session_id => session_id, :data => {})
+        end
       end
 
-      # Restore session state from the session's ActiveRecord object.
+      # Restore session state.  The session model handles unmarshaling.
       def restore
-        return unless @session
-        @data = unmarshalize(@session.data)
+        if @session
+          @session.data
+        end
       end
 
-      # Save session state in the session's ActiveRecord object.
+      # Save session store.
       def update
-        return unless @session
-        ActiveRecord::Base.silence { @session.update_attribute "data", marshalize(@data) }
+        if @session
+          ActiveRecord::Base.silence { @session.save! }
+        end
       end
 
-      private
-        def unmarshalize(data)
-          Marshal.load(Base64.decode64(data))
+      # Save and close the session store.
+      def close
+        if @session
+          update
+          @session = nil
         end
+      end
 
-        def marshalize(data)
-          Base64.encode64(Marshal.dump(data))
+      # Delete and close the session store.
+      def delete
+        if @session
+          ActiveRecord::Base.silence { @session.destroy }
+          @session = nil
         end
-    end #ActiveRecordStore
-  end #Session
-end #CGI
+      end
+    end
 
-rescue LoadError
-  # Couldn't load Active Record, so don't make this store available
+  end
 end