actionpack 1.9.1 → 1.10.1

data/lib/action_controller/rescue.rb

@@ -24,8 +24,8 @@ module ActionController #:nodoc:
     protected
       # Exception handler called when the performance of an action raises an exception.
       def rescue_action(exception)
-        log_error(exception) unless logger.nil?
-        erase_render_results if performed?
+        log_error(exception) if logger
+        erase_results if performed?
 
         if consider_all_requests_local || local_request?
           rescue_action_locally(exception)
@@ -65,10 +65,12 @@ module ActionController #:nodoc:
 
       # Renders a detailed diagnostics screen on action exceptions. 
       def rescue_action_locally(exception)
-        @exception = exception
-        @rescues_path = File.dirname(__FILE__) + "/templates/rescues/"
         add_variables_to_assigns
-        @contents = @template.render_file(template_path_for_local_rescue(exception), false)
+        @template.instance_variable_set("@exception", exception)
+        @template.instance_variable_set("@rescues_path", File.dirname(__FILE__) + "/templates/rescues/")    
+        @template.send(:assign_variables_from_controller)
+
+        @template.instance_variable_set("@contents", @template.render_file(template_path_for_local_rescue(exception), false))
     
         @headers["Content-Type"] = "text/html"
         render_file(rescues_path("layout"), response_code_for_rescue(exception))
@@ -93,7 +95,7 @@ module ActionController #:nodoc:
                   callstack.slice!(0) if callstack.first["rescue.rb"]
                   file, line, method = *callstack.first.match(/^(.+?):(\d+)(?::in `(.*?)')?/).captures
 
-                  message = "Exception at #{file}:#{line}#{" in `#{method}'" if method}."
+                  message = "Exception at #{file}:#{line}#{" in `#{method}'" if method}." # `� ( for ruby-mode)
 
                   Breakpoint.handle_breakpoint(context, message, file, line)
                 end

data/lib/action_controller/routing.rb

@@ -19,22 +19,30 @@ module ActionController
         end
       end
 
-      def treat_hash(hash)
+      def treat_hash(hash, keys_to_delete = [])
         k = v = nil
         hash.each do |k, v|
-          hash[k] = (v.respond_to? :to_param) ? v.to_param.to_s : v.to_s 
+          if v then hash[k] = (v.respond_to? :to_param) ? v.to_param.to_s : v.to_s
+          else
+            hash.delete k
+            keys_to_delete << k
+          end
         end
         hash
       end
-    end
-
-    class << self
+      
       def test_condition(expression, condition)
         case condition
           when String then "(#{expression} == #{condition.inspect})"
           when Regexp then
             condition = Regexp.new("^#{condition.source}$") unless /^\^.*\$$/ =~ condition.source 
             "(#{condition.inspect} =~ #{expression})"
+          when Array then
+            conds = condition.collect do |condition|
+              cond = test_condition(expression, condition)
+              (cond[0, 1] == '(' && cond[-1, 1] == ')') ? cond : "(#{cond})"
+            end
+            "(#{conds.join(' || ')})"
           when true then expression
           when nil then "! #{expression}"
           else
@@ -184,7 +192,14 @@ module ActionController
         g << "controller_result = ::ActionController::Routing::ControllerComponent.traverse_to_controller(#{g.path_name}, #{g.index_name})" 
         g.if('controller_result') do |gp|
           gp << 'controller_value, segments_to_controller = controller_result'
-          gp.move_forward('segments_to_controller') {|gpp| yield gpp, :constraint}
+          if condition
+            gp << "controller_path = #{gp.path_name}[#{gp.index_name},segments_to_controller].join('/')"
+            gp.if(Routing.test_condition("controller_path", condition)) do |gpp|
+              gpp.move_forward('segments_to_controller') {|gppp| yield gppp, :constraint}
+            end
+          else
+            gp.move_forward('segments_to_controller') {|gpp| yield gpp, :constraint}
+          end
         end
       end
 
@@ -253,7 +268,7 @@ module ActionController
         g.finish(false)
       end
   
-      class Result < ::Array
+      class Result < ::Array #:nodoc:
         def to_s() join '/' end
         def self.new_escaped(strings)
           new strings.collect {|str| CGI.unescape str}
@@ -272,6 +287,7 @@ module ActionController
         defaults, conditions = initialize_hashes options.dup
         @defaults = defaults.dup
         configure_components(defaults, conditions)
+        add_default_requirements
         initialize_keys
       end
   
@@ -283,9 +299,16 @@ module ActionController
         generator.before, generator.current, generator.after = [], components.first, (components[1..-1] || [])
 
         if known.empty? then generator.go
-        else generator.if(generator.check_conditions(known)) {|gp| gp.go }
+        else
+          # Alter the conditions to allow :action => 'index' to also catch :action => nil
+          altered_known = known.collect do |k, v|
+            if k == :action && v== 'index' then [k, [nil, 'index']]
+            else [k, v]
+            end
+          end
+          generator.if(generator.check_conditions(altered_known)) {|gp| gp.go }
         end
-    
+        
         generator
       end
   
@@ -324,7 +347,6 @@ module ActionController
       end
   
       protected
-  
         def initialize_components(path)
           path = path.split('/') if path.is_a? String
           path.shift if path.first.blank?
@@ -356,6 +378,11 @@ module ActionController
             component.condition = conditions[component.key] if conditions.key?(component.key)
           end
         end
+        
+        def add_default_requirements
+          component_keys = components.collect {|c| c.key}
+          known[:action] ||= 'index' unless component_keys.include? :action
+        end
     end
 
     class RouteSet #:nodoc:
@@ -377,17 +404,15 @@ module ActionController
           options[:controller] = Routing.controller_relative_to(controller, recall_controller)
         end
         options = recall.dup if options.empty? # XXX move to url_rewriter?
-        Routing.treat_hash(options) # XXX Move inwards (to generated code) or inline?
+        
+        keys_to_delete = []
+        Routing.treat_hash(options, keys_to_delete)
+        
         merged = recall.merge(options)
+        keys_to_delete.each {|key| merged.delete key}
         expire_on = Routing.expiry_hash(options, recall)
     
-        path, keys = generate_path(merged, options, expire_on)
-    
-        # Factor out?
-        extras = {}
-        k = nil
-        keys.each {|k| extras[k] = options[k]} 
-        [path, extras]
+        generate_path(merged, options, expire_on)
       end
       
       def generate_path(merged, options, expire_on)
@@ -557,16 +582,24 @@ module ActionController
   
       def each(&block) @routes.each(&block) end
       
-      def method_missing(name, *args)
-        return super(name, *args) unless (1..2).include?(args.length)
-      
-        route = connect(*args)
+      # Defines a new named route with the provided name and arguments.
+      # This method need only be used when you wish to use a name that a RouteSet instance
+      # method exists for, such as categories.
+      #
+      # For example, map.categories '/categories', :controller => 'categories' will not work
+      # due to RouteSet#categories.
+      def named_route(name, path, hash = {})
+        route = connect(path, hash)
         NamedRoutes.name_route(route, name)
         route
       end
+      
+      def method_missing(name, *args)
+        (1..2).include?(args.length) ? named_route(name, *args) : super(name, *args)
+      end
 
       def extra_keys(options, recall = {})
-        generate(options.dup, recall).last.keys
+        generate(options.dup, recall).last
       end
     end
 
@@ -582,12 +615,27 @@ module ActionController
         def url_helper_name(name)
           "#{name}_url"
         end
-
-        def name_route(route, name)
-          hash = route.defaults.merge(route.known).symbolize_keys
+        
+        def known_hash_for_route(route)
+          hash = route.known.symbolize_keys
+          route.defaults.each do |key, value|
+            hash[key.to_sym] ||= value if value
+          end
           hash[:controller] = "/#{hash[:controller]}"
-      
-          define_method(hash_access_name(name)) { hash }
+          
+          hash
+        end
+        
+        def define_hash_access_method(route, name)
+          hash = known_hash_for_route(route)
+          define_method(hash_access_name(name)) do |*args|
+            args.first ? hash.merge(args.first) : hash
+          end
+        end
+        
+        def name_route(route, name)
+          define_hash_access_method(route, name)
+          
           module_eval(%{def #{url_helper_name name}(options = {})
             url_for(#{hash_access_name(name)}.merge(options))
           end}, "generated/routing/named_routes/#{name}.rb")
@@ -595,6 +643,7 @@ module ActionController
           protected url_helper_name(name), hash_access_name(name)
       
           Helpers << url_helper_name(name).to_sym
+          Helpers << hash_access_name(name).to_sym
           Helpers.uniq!
         end
     

data/lib/action_controller/scaffolding.rb

@@ -82,7 +82,7 @@ module ActionController
       # make <tt>scaffold :post, :suffix => true</tt> use method names like list_post, show_post, and create_post 
       # instead of just list, show, and post. If suffix is used, then no index method is added.
       def scaffold(model_id, options = {})
-        validate_options([ :class_name, :suffix ], options.keys)
+        options.assert_valid_keys(:class_name, :suffix)
 
         singular_name = model_id.to_s
         class_name    = options[:class_name] || singular_name.camelize
@@ -146,21 +146,24 @@ module ActionController
           end
           
           private
-            def render#{suffix}_scaffold(action = caller_method_name(caller))
+            def render#{suffix}_scaffold(action=nil)
+              action ||= caller_method_name(caller)
+              # logger.info ("testing template:" + "\#{self.class.controller_path}/\#{action}") if logger
+              
               if template_exists?("\#{self.class.controller_path}/\#{action}")
-                render(:action => action)
+                render_action(action)
               else
                 @scaffold_class = #{class_name}
                 @scaffold_singular_name, @scaffold_plural_name = "#{singular_name}", "#{plural_name}"
                 @scaffold_suffix = "#{suffix}"
                 add_instance_variables_to_assigns
 
-                @content_for_layout = @template.render_file(scaffold_path(action.sub(/#{suffix}$/, "")), false)
+                @template.instance_variable_set("@content_for_layout", @template.render_file(scaffold_path(action.sub(/#{suffix}$/, "")), false))
 
                 if !active_layout.nil?
-                  render :file => active_layout, :use_full_path => true
+                  render_file(active_layout, nil, true)
                 else
-                  render :file => scaffold_path("layout")
+                  render_file(scaffold_path("layout"))
                 end
               end
             end
@@ -173,14 +176,7 @@ module ActionController
               caller.first.scan(/`(.*)'/).first.first # ' ruby-mode
             end
         end_eval
-      end
-
-      private
-        # Raises an exception if an invalid option has been specified to prevent misspellings from slipping through 
-        def validate_options(valid_option_keys, supplied_option_keys)
-          unknown_option_keys = supplied_option_keys - valid_option_keys
-          raise(ActionController::ActionControllerError, "Unknown options: #{unknown_option_keys}") unless unknown_option_keys.empty?
-        end        
+      end      
     end
   end
 end

data/lib/action_controller/session/active_record_store.rb

@@ -12,8 +12,9 @@ class CGI
     # may be used as the backing store.
     #
     # The default assumes a +sessions+ tables with columns +id+ (numeric
-    # primary key), +session_id+ (text), and +data+ (text).  Session data is
-    # marshaled to +data+.  +session_id+ should be indexed for speedy lookups.
+    # primary key), +session_id+ (text, or longtext if your session data exceeds 65K), 
+    # and +data+ (text).  Session data is marshaled to +data+.  +session_id+ should be 
+    # indexed for speedy lookups.
     #
     # Since the default class is a simple Active Record, you get timestamps
     # for free if you add +created_at+ and +updated_at+ datetime columns to
@@ -32,13 +33,28 @@ class CGI
     #
     # The fast SqlBypass class is a generic SQL session store.  You may
     # use it as a basis for high-performance database-specific stores.
+    #
+    # If the data you are attempting to write to the +data+ column is larger
+    # than the column's size limit, ActionController::SessionOverflowError 
+    # will be raised.
     class ActiveRecordStore
       # The default Active Record class.
       class Session < ActiveRecord::Base
         before_save   :marshal_data!
+        before_save   :ensure_data_not_too_big
         before_update :data_changed?
 
         class << self
+
+          # Don't try to reload ARStore::Session in dev mode.
+          def reloadable? #:nodoc:
+            false
+          end
+          
+          def data_column_size_limit
+            columns_hash['data'].limit
+          end
+
           # Hook to set up sessid compatibility.
           def find_by_session_id(session_id)
             setup_sessid_compatibility!
@@ -54,7 +70,7 @@ class CGI
               CREATE TABLE #{table_name} (
                 id INTEGER PRIMARY KEY,
                 #{connection.quote_column_name('session_id')} TEXT UNIQUE,
-                #{connection.quote_column_name('data')} TEXT
+                #{connection.quote_column_name('data')} TEXT(255)
               )
             end_sql
           end
@@ -108,6 +124,15 @@ class CGI
             old_fingerprint, @fingerprint = @fingerprint, self.class.fingerprint(read_attribute('data'))
             old_fingerprint != @fingerprint
           end
+
+          # Ensures that the data about to be stored in the database is not
+          # larger than the data storage column. Raises
+          # ActionController::SessionOverflowError.
+          def ensure_data_not_too_big
+            return unless limit = self.class.data_column_size_limit
+            raise ActionController::SessionOverflowError, ActionController::SessionOverflowError::DEFAULT_MESSAGE if read_attribute('data').size > limit
+          end
+
       end
 
       # A barebones session store which duck-types with the default session
@@ -125,9 +150,6 @@ class CGI
       class SqlBypass
         # Use the ActiveRecord::Base.connection by default.
         cattr_accessor :connection
-        def self.connection
-          @@connection ||= ActiveRecord::Base.connection
-        end
 
         # The table name defaults to 'sessions'.
         cattr_accessor :table_name
@@ -142,6 +164,11 @@ class CGI
         @@data_column = 'data'
 
         class << self
+
+          def connection
+            @@connection ||= ActiveRecord::Base.connection
+          end
+
           # Look up a session by id and unmarshal its data if found.
           def find_by_session_id(session_id)
             if record = @@connection.select_one("SELECT * FROM #{@@table_name} WHERE #{@@session_id_column}=#{@@connection.quote(session_id)}")
@@ -200,6 +227,7 @@ class CGI
 
         def save
           marshaled_data = self.class.marshal(data)
+
           if @new_record
             @new_record = false
             @@connection.update <<-end_sql, 'Create session'
@@ -230,6 +258,7 @@ class CGI
             end_sql
           end
         end
+
       end
 
       # The class used for session storage.  Defaults to
@@ -277,7 +306,7 @@ class CGI
           @session = nil
         end
       end
-    end
 
+    end
   end
 end

data/lib/action_controller/session_management.rb

@@ -0,0 +1,126 @@
+require 'action_controller/session/drb_store'
+require 'action_controller/session/mem_cache_store'
+if Object.const_defined?(:ActiveRecord)
+  require 'action_controller/session/active_record_store'
+end
+
+module ActionController #:nodoc:
+  module SessionManagement #:nodoc:
+    def self.append_features(base)
+      super
+      base.extend(ClassMethods)
+      base.send(:alias_method, :process_without_session_management_support, :process)
+      base.send(:alias_method, :process, :process_with_session_management_support)
+      base.after_filter(:clear_persistant_model_associations)
+    end
+
+    module ClassMethods
+      # Set the session store to be used for keeping the session data between requests. The default is using the
+      # file system, but you can also specify one of the other included stores (:active_record_store, :drb_store, 
+      # :mem_cache_store, or :memory_store) or use your own class.
+      def session_store=(store)
+        ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager] =
+          store.is_a?(Symbol) ? CGI::Session.const_get(store == :drb_store ? "DRbStore" : store.to_s.camelize) : store
+      end
+
+      # Returns the session store class currently used.
+      def session_store
+        ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:database_manager]
+      end
+
+      # Returns the hash used to configure the session. Example use:
+      #
+      #   ActionController::Base.session_options[:session_secure] = true # session only available over HTTPS
+      def session_options
+        ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS
+      end
+      
+      # Specify how sessions ought to be managed for a subset of the actions on
+      # the controller. Like filters, you can specify <tt>:only</tt> and
+      # <tt>:except</tt> clauses to restrict the subset, otherwise options
+      # apply to all actions on this controller.
+      #
+      # The session options are inheritable, as well, so if you specify them in
+      # a parent controller, they apply to controllers that extend the parent.
+      #
+      # Usage:
+      #
+      #   # turn off session management for all actions.
+      #   session :off
+      #
+      #   # turn off session management for all actions _except_ foo and bar.
+      #   session :off, :except => %w(foo bar)
+      #
+      #   # turn off session management for only the foo and bar actions.
+      #   session :off, :only => %w(foo bar)
+      #
+      #   # the session will only work over HTTPS, but only for the foo action
+      #   session :only => :foo, :session_secure => true
+      #
+      #   # the session will only be disabled for 'foo', and only if it is
+      #   # requested as a web service
+      #   session :off, :only => :foo,
+      #           :if => Proc.new { |req| req.parameters[:ws] }
+      #
+      # All session options described for ActionController::Base.process_cgi
+      # are valid arguments.
+      def session(*args)
+        options = Hash === args.last ? args.pop : {}
+
+        options[:disabled] = true if !args.empty?
+        options[:only] = [*options[:only]].map { |o| o.to_s } if options[:only]
+        options[:except] = [*options[:except]].map { |o| o.to_s } if options[:except]
+        if options[:only] && options[:except]
+          raise ArgumentError, "only one of either :only or :except are allowed"
+        end
+
+        write_inheritable_array("session_options", [options])
+      end
+
+      def cached_session_options #:nodoc:
+        @session_options ||= read_inheritable_attribute("session_options") || []
+      end
+
+      def session_options_for(request, action) #:nodoc:
+        if (session_options = cached_session_options).empty?
+          {}
+        else
+          options = {}
+
+          action = action.to_s
+          session_options.each do |opts|
+            next if opts[:if] && !opts[:if].call(request)
+            if opts[:only] && opts[:only].include?(action)
+              options.merge!(opts)
+            elsif opts[:except] && !opts[:except].include?(action)
+              options.merge!(opts)
+            elsif !opts[:only] && !opts[:except]
+              options.merge!(opts)
+            end
+          end
+          
+          if options.empty? then options
+          else
+            options.delete :only
+            options.delete :except
+            options.delete :if
+            options[:disabled] ? false : options
+          end
+        end
+      end
+    end
+
+    def process_with_session_management_support(request, response, method = :perform_action, *arguments) #:nodoc:
+      action = request.parameters["action"] || "index"
+      request.session_options = self.class.session_options_for(request, action)
+      process_without_session_management_support(request, response, method, *arguments)
+    end
+  
+    private
+      def clear_persistant_model_associations #:doc:
+        if session = @session.instance_variable_get("@data")
+          session.each { |key, obj| obj.clear_association_cache if obj.respond_to?(:clear_association_cache) }
+        end
+      end
+  end
+end