actionpack 2.1.2 → 2.2.2

data/lib/action_controller/request_forgery_protection.rb

@@ -17,7 +17,7 @@ module ActionController #:nodoc:
     # forged link from another site, is done by embedding a token based on the session (which an attacker wouldn't know) in all
     # forms and Ajax requests generated by Rails and then verifying the authenticity of that token in the controller.  Only
     # HTML/JavaScript requests are checked, so this will not protect your XML API (presumably you'll have a different authentication
-    # scheme there anyway).  Also, GET requests are not protected as these should be indempotent anyway.
+    # scheme there anyway).  Also, GET requests are not protected as these should be idempotent anyway.
     #
     # This is turned on with the <tt>protect_from_forgery</tt> method, which will check the token and raise an
     # ActionController::InvalidAuthenticityToken if it doesn't match what was expected. You can customize the error message in
@@ -99,7 +99,7 @@ module ActionController #:nodoc:
       end
     
       def verifiable_request_format?
-        request.content_type.nil? || request.content_type.verify_request?
+        !request.content_type.nil? && request.content_type.verify_request?
       end
     
       # Sets the token value for the current session.  Pass a <tt>:secret</tt> option

data/lib/action_controller/rescue.rb

@@ -41,10 +41,9 @@ module ActionController #:nodoc:
       base.rescue_templates = Hash.new(DEFAULT_RESCUE_TEMPLATE)
       base.rescue_templates.update DEFAULT_RESCUE_TEMPLATES
 
-      base.class_inheritable_array :rescue_handlers
-      base.rescue_handlers = []
-
       base.extend(ClassMethods)
+      base.send :include, ActiveSupport::Rescuable
+
       base.class_eval do
         alias_method_chain :perform_action, :rescue
       end
@@ -54,78 +53,12 @@ module ActionController #:nodoc:
       def process_with_exception(request, response, exception) #:nodoc:
         new.process(request, response, :rescue_action, exception)
       end
-
-      # Rescue exceptions raised in controller actions.
-      #
-      # <tt>rescue_from</tt> receives a series of exception classes or class
-      # names, and a trailing <tt>:with</tt> option with the name of a method
-      # or a Proc object to be called to handle them. Alternatively a block can
-      # be given.
-      #
-      # Handlers that take one argument will be called with the exception, so
-      # that the exception can be inspected when dealing with it.
-      #
-      # Handlers are inherited. They are searched from right to left, from
-      # bottom to top, and up the hierarchy. The handler of the first class for
-      # which <tt>exception.is_a?(klass)</tt> holds true is the one invoked, if
-      # any.
-      #
-      #   class ApplicationController < ActionController::Base
-      #     rescue_from User::NotAuthorized, :with => :deny_access # self defined exception
-      #     rescue_from ActiveRecord::RecordInvalid, :with => :show_errors
-      #
-      #     rescue_from 'MyAppError::Base' do |exception|
-      #       render :xml => exception, :status => 500
-      #     end
-      #
-      #     protected
-      #       def deny_access
-      #         ...
-      #       end
-      #
-      #       def show_errors(exception)
-      #         exception.record.new_record? ? ...
-      #       end
-      #   end
-      def rescue_from(*klasses, &block)
-        options = klasses.extract_options!
-        unless options.has_key?(:with)
-          block_given? ? options[:with] = block : raise(ArgumentError, "Need a handler. Supply an options hash that has a :with key as the last argument.")
-        end
-
-        klasses.each do |klass|
-          key = if klass.is_a?(Class) && klass <= Exception
-            klass.name
-          elsif klass.is_a?(String)
-            klass
-          else
-            raise(ArgumentError, "#{klass} is neither an Exception nor a String")
-          end
-
-          # Order is important, we put the pair at the end. When dealing with an
-          # exception we will follow the documented order going from right to left.
-          rescue_handlers << [key, options[:with]]
-        end
-      end
     end
 
     protected
       # Exception handler called when the performance of an action raises an exception.
       def rescue_action(exception)
-        log_error(exception) if logger
-        erase_results if performed?
-
-        # Let the exception alter the response if it wants.
-        # For example, MethodNotAllowed sets the Allow header.
-        if exception.respond_to?(:handle_response!)
-          exception.handle_response!(response)
-        end
-
-        if consider_all_requests_local || local_request?
-          rescue_action_locally(exception)
-        else
-          rescue_action_in_public(exception)
-        end
+        rescue_with_handler(exception) || rescue_action_without_handler(exception)
       end
 
       # Overwrite to implement custom logging of errors. By default logs as fatal.
@@ -144,7 +77,7 @@ module ActionController #:nodoc:
       end
 
       # Overwrite to implement public exception handling (for requests answering false to <tt>local_request?</tt>).  By
-      # default will call render_optional_error_file.  Override this method to provide more user friendly error messages.s
+      # default will call render_optional_error_file.  Override this method to provide more user friendly error messages.
       def rescue_action_in_public(exception) #:doc:
         render_optional_error_file response_code_for_rescue(exception)
       end
@@ -173,26 +106,28 @@ module ActionController #:nodoc:
       # Render detailed diagnostics for unhandled exceptions rescued from
       # a controller action.
       def rescue_action_locally(exception)
-        add_variables_to_assigns
         @template.instance_variable_set("@exception", exception)
         @template.instance_variable_set("@rescues_path", File.dirname(rescues_path("stub")))
-        @template.send!(:assign_variables_from_controller)
-
-        @template.instance_variable_set("@contents", @template.render_file(template_path_for_local_rescue(exception), false))
+        @template.instance_variable_set("@contents", @template.render(:file => template_path_for_local_rescue(exception)))
 
         response.content_type = Mime::HTML
         render_for_file(rescues_path("layout"), response_code_for_rescue(exception))
       end
 
-      # Tries to rescue the exception by looking up and calling a registered handler.
-      def rescue_action_with_handler(exception)
-        if handler = handler_for_rescue(exception)
-          if handler.arity != 0
-            handler.call(exception)
-          else
-            handler.call
-          end
-          true # don't rely on the return value of the handler
+      def rescue_action_without_handler(exception)
+        log_error(exception) if logger
+        erase_results if performed?
+
+        # Let the exception alter the response if it wants.
+        # For example, MethodNotAllowed sets the Allow header.
+        if exception.respond_to?(:handle_response!)
+          exception.handle_response!(response)
+        end
+
+        if consider_all_requests_local || local_request?
+          rescue_action_locally(exception)
+        else
+          rescue_action_in_public(exception)
         end
       end
 
@@ -200,7 +135,7 @@ module ActionController #:nodoc:
       def perform_action_with_rescue #:nodoc:
         perform_action_without_rescue
       rescue Exception => exception
-        rescue_action_with_handler(exception) || rescue_action(exception)
+        rescue_action(exception)
       end
 
       def rescues_path(template_name)
@@ -215,36 +150,6 @@ module ActionController #:nodoc:
         rescue_responses[exception.class.name]
       end
 
-      def handler_for_rescue(exception)
-        # We go from right to left because pairs are pushed onto rescue_handlers
-        # as rescue_from declarations are found.
-        _, handler = *rescue_handlers.reverse.detect do |klass_name, handler|
-          # The purpose of allowing strings in rescue_from is to support the
-          # declaration of handler associations for exception classes whose
-          # definition is yet unknown.
-          #
-          # Since this loop needs the constants it would be inconsistent to
-          # assume they should exist at this point. An early raised exception
-          # could trigger some other handler and the array could include
-          # precisely a string whose corresponding constant has not yet been
-          # seen. This is why we are tolerant to unknown constants.
-          #
-          # Note that this tolerance only matters if the exception was given as
-          # a string, otherwise a NameError will be raised by the interpreter
-          # itself when rescue_from CONSTANT is executed.
-          klass = self.class.const_get(klass_name) rescue nil
-          klass ||= klass_name.constantize rescue nil
-          exception.is_a?(klass) if klass
-        end
-
-        case handler
-        when Symbol
-          method(handler)
-        when Proc
-          handler.bind(self)
-        end
-      end
-
       def clean_backtrace(exception)
         if backtrace = exception.backtrace
           if defined?(RAILS_ROOT)

data/lib/action_controller/resources.rb

@@ -1,23 +1,23 @@
 module ActionController
   # == Overview
   #
-  # ActionController::Resources are a way of defining RESTful resources.  A RESTful resource, in basic terms,
+  # ActionController::Resources are a way of defining RESTful \resources.  A RESTful \resource, in basic terms,
   # is something that can be pointed at and it will respond with a representation of the data requested.
   # In real terms this could mean a user with a browser requests an HTML page, or that a desktop application
   # requests XML data.
   #
   # RESTful design is based on the assumption that there are four generic verbs that a user of an
-  # application can request from a resource (the noun).
+  # application can request from a \resource (the noun).
   #
-  # Resources can be requested using four basic HTTP verbs (GET, POST, PUT, DELETE), the method used
+  # \Resources can be requested using four basic HTTP verbs (GET, POST, PUT, DELETE), the method used
   # denotes the type of action that should take place.
   #
   # === The Different Methods and their Usage
   #
-  # +GET+     Requests for a resource, no saving or editing of a resource should occur in a GET request
-  # +POST+    Creation of resources
-  # +PUT+     Editing of attributes on a resource
-  # +DELETE+  Deletion of a resource
+  # * GET    - Requests for a \resource, no saving or editing of a \resource should occur in a GET request.
+  # * POST   - Creation of \resources.
+  # * PUT    - Editing of attributes on a \resource.
+  # * DELETE - Deletion of a \resource.
   #
   # === Examples
   #
@@ -42,7 +42,11 @@ module ActionController
   #
   # Read more about REST at http://en.wikipedia.org/wiki/Representational_State_Transfer
   module Resources
+    INHERITABLE_OPTIONS = :namespace, :shallow, :actions
+
     class Resource #:nodoc:
+      DEFAULT_ACTIONS = :index, :create, :new, :edit, :show, :update, :destroy
+
       attr_reader :collection_methods, :member_methods, :new_methods
       attr_reader :path_prefix, :name_prefix, :path_segment
       attr_reader :plural, :singular
@@ -57,6 +61,7 @@ module ActionController
 
         arrange_actions
         add_default_actions
+        set_allowed_actions
         set_prefixes
       end
 
@@ -72,7 +77,7 @@ module ActionController
       end
 
       def conditions
-        @conditions = @options[:conditions] || {}
+        @conditions ||= @options[:conditions] || {}
       end
 
       def path
@@ -80,21 +85,29 @@ module ActionController
       end
 
       def new_path
-        new_action = self.options[:path_names][:new] if self.options[:path_names]
+        new_action   = self.options[:path_names][:new] if self.options[:path_names]
         new_action ||= Base.resources_path_names[:new]
-        @new_path ||= "#{path}/#{new_action}"
+        @new_path  ||= "#{path}/#{new_action}"
+      end
+
+      def shallow_path_prefix
+        @shallow_path_prefix ||= "#{path_prefix unless @options[:shallow]}"
       end
 
       def member_path
-        @member_path ||= "#{path}/:id"
+        @member_path ||= "#{shallow_path_prefix}/#{path_segment}/:id"
       end
 
       def nesting_path_prefix
-        @nesting_path_prefix ||= "#{path}/:#{singular}_id"
+        @nesting_path_prefix ||= "#{shallow_path_prefix}/#{path_segment}/:#{singular}_id"
+      end
+
+      def shallow_name_prefix
+        @shallow_name_prefix ||= "#{name_prefix unless @options[:shallow]}"
       end
 
       def nesting_name_prefix
-        "#{name_prefix}#{singular}_"
+        "#{shallow_name_prefix}#{singular}_"
       end
 
       def action_separator
@@ -105,6 +118,10 @@ module ActionController
         @singular.to_s == @plural.to_s
       end
 
+      def has_action?(action)
+        !DEFAULT_ACTIONS.include?(action) || @options[:actions].nil? || @options[:actions].include?(action)
+      end
+
       protected
         def arrange_actions
           @collection_methods = arrange_actions_by_methods(options.delete(:collection))
@@ -117,6 +134,25 @@ module ActionController
           add_default_action(new_methods, :get, :new)
         end
 
+        def set_allowed_actions
+          only    = @options.delete(:only)
+          except  = @options.delete(:except)
+
+          if only && except
+            raise ArgumentError, 'Please supply either :only or :except, not both.'
+          elsif only == :all || except == :none
+            options[:actions] = DEFAULT_ACTIONS
+          elsif only == :none || except == :all
+            options[:actions] = []
+          elsif only
+            options[:actions] = DEFAULT_ACTIONS & Array(only).map(&:to_sym)
+          elsif except
+            options[:actions] = DEFAULT_ACTIONS - Array(except).map(&:to_sym)
+          else
+            # leave options[:actions] alone
+          end
+        end
+
         def set_prefixes
           @path_prefix = options.delete(:path_prefix)
           @name_prefix = options.delete(:name_prefix)
@@ -141,12 +177,14 @@ module ActionController
         super
       end
 
+      alias_method :shallow_path_prefix, :path_prefix
+      alias_method :shallow_name_prefix, :name_prefix
       alias_method :member_path,         :path
       alias_method :nesting_path_prefix, :path
     end
 
     # Creates named routes for implementing verb-oriented controllers
-    # for a collection resource.
+    # for a collection \resource.
     #
     # For example:
     #
@@ -238,23 +276,24 @@ module ActionController
     #
     # The +resources+ method accepts the following options to customize the resulting routes:
     # * <tt>:collection</tt> - Add named routes for other actions that operate on the collection.
-    #   Takes a hash of <tt>#{action} => #{method}</tt>, where method is <tt>:get</tt>/<tt>:post</tt>/<tt>:put</tt>/<tt>:delete</tt>
-    #   or <tt>:any</tt> if the method does not matter.  These routes map to a URL like /messages/rss, with a route of +rss_messages_url+.
+    #   Takes a hash of <tt>#{action} => #{method}</tt>, where method is <tt>:get</tt>/<tt>:post</tt>/<tt>:put</tt>/<tt>:delete</tt>,
+    #   an array of any of the previous, or <tt>:any</tt> if the method does not matter.
+    #   These routes map to a URL like /messages/rss, with a route of +rss_messages_url+.
     # * <tt>:member</tt> - Same as <tt>:collection</tt>, but for actions that operate on a specific member.
-    # * <tt>:new</tt> - Same as <tt>:collection</tt>, but for actions that operate on the new resource action.
+    # * <tt>:new</tt> - Same as <tt>:collection</tt>, but for actions that operate on the new \resource action.
     # * <tt>:controller</tt> - Specify the controller name for the routes.
     # * <tt>:singular</tt> - Specify the singular name used in the member routes.
     # * <tt>:requirements</tt> - Set custom routing parameter requirements.
-    # * <tt>:conditions</tt> - Specify custom routing recognition conditions.  Resources sets the <tt>:method</tt> value for the method-specific routes.
-    # * <tt>:as</tt> - Specify a different resource name to use in the URL path. For example:
+    # * <tt>:conditions</tt> - Specify custom routing recognition conditions.  \Resources sets the <tt>:method</tt> value for the method-specific routes.
+    # * <tt>:as</tt> - Specify a different \resource name to use in the URL path. For example:
     #     # products_path == '/productos'
     #     map.resources :products, :as => 'productos' do |product|
     #       # product_reviews_path(product) == '/productos/1234/comentarios'
     #       product.resources :product_reviews, :as => 'comentarios'
     #     end
     #
-    # * <tt>:has_one</tt> - Specify nested resources, this is a shorthand for mapping singleton resources beneath the current.
-    # * <tt>:has_many</tt> - Same has <tt>:has_one</tt>, but for plural resources.
+    # * <tt>:has_one</tt> - Specify nested \resources, this is a shorthand for mapping singleton \resources beneath the current.
+    # * <tt>:has_many</tt> - Same has <tt>:has_one</tt>, but for plural \resources.
     #
     #   You may directly specify the routing association with +has_one+ and +has_many+ like:
     #
@@ -277,18 +316,18 @@ module ActionController
     #
     # * <tt>:path_prefix</tt> - Set a prefix to the routes with required route variables.
     #
-    #   Weblog comments usually belong to a post, so you might use resources like:
+    #   Weblog comments usually belong to a post, so you might use +resources+ like:
     #
     #     map.resources :articles
     #     map.resources :comments, :path_prefix => '/articles/:article_id'
     #
-    #   You can nest resources calls to set this automatically:
+    #   You can nest +resources+ calls to set this automatically:
     #
     #     map.resources :articles do |article|
     #       article.resources :comments
     #     end
     #
-    #   The comment resources work the same, but must now include a value for <tt>:article_id</tt>.
+    #   The comment \resources work the same, but must now include a value for <tt>:article_id</tt>.
     #
     #     article_comments_url(@article)
     #     article_comment_url(@article, @comment)
@@ -296,23 +335,71 @@ module ActionController
     #     article_comments_url(:article_id => @article)
     #     article_comment_url(:article_id => @article, :id => @comment)
     #
+    #   If you don't want to load all objects from the database you might want to use the <tt>article_id</tt> directly:
+    #
+    #     articles_comments_url(@comment.article_id, @comment)
+    #
     # * <tt>:name_prefix</tt> - Define a prefix for all generated routes, usually ending in an underscore.
     #   Use this if you have named routes that may clash.
     #
     #     map.resources :tags, :path_prefix => '/books/:book_id', :name_prefix => 'book_'
     #     map.resources :tags, :path_prefix => '/toys/:toy_id',   :name_prefix => 'toy_'
     #
-    # You may also use <tt>:name_prefix</tt> to override the generic named routes in a nested resource:
-    # 
+    # You may also use <tt>:name_prefix</tt> to override the generic named routes in a nested \resource:
+    #
     #   map.resources :articles do |article|
     #     article.resources :comments, :name_prefix => nil
-    #   end 
-    # 
-    # This will yield named resources like so:
-    # 
+    #   end
+    #
+    # This will yield named \resources like so:
+    #
     #   comments_url(@article)
     #   comment_url(@article, @comment)
     #
+    # * <tt>:shallow</tt> - If true, paths for nested resources which reference a specific member
+    #   (ie. those with an :id parameter) will not use the parent path prefix or name prefix.
+    #
+    # The <tt>:shallow</tt> option is inherited by any nested resource(s).
+    #
+    # For example, 'users', 'posts' and 'comments' all use shallow paths with the following nested resources:
+    #
+    #   map.resources :users, :shallow => true do |user|
+    #     user.resources :posts do |post|
+    #       post.resources :comments
+    #     end
+    #   end
+    #   # --> GET /users/1/posts (maps to the PostsController#index action as usual)
+    #   #     also adds the usual named route called "user_posts"
+    #   # --> GET /posts/2 (maps to the PostsController#show action as if it were not nested)
+    #   #     also adds the named route called "post"
+    #   # --> GET /posts/2/comments (maps to the CommentsController#index action)
+    #   #     also adds the named route called "post_comments"
+    #   # --> GET /comments/2 (maps to the CommentsController#show action as if it were not nested)
+    #   #     also adds the named route called "comment"
+    #
+    # You may also use <tt>:shallow</tt> in combination with the +has_one+ and +has_many+ shorthand notations like:
+    #
+    #   map.resources :users, :has_many => { :posts => :comments }, :shallow => true
+    #
+    # * <tt>:only</tt> and <tt>:except</tt> - Specify which of the seven default actions should be routed to.
+    #
+    # <tt>:only</tt> and <tt>:except</tt> may be set to <tt>:all</tt>, <tt>:none</tt>, an action name or a
+    # list of action names. By default, routes are generated for all seven actions.
+    #
+    # For example:
+    #
+    #   map.resources :posts, :only => [:index, :show] do |post|
+    #     post.resources :comments, :except => [:update, :destroy]
+    #   end
+    #   # --> GET /posts (maps to the PostsController#index action)
+    #   # --> POST /posts (fails)
+    #   # --> GET /posts/1 (maps to the PostsController#show action)
+    #   # --> DELETE /posts/1 (fails)
+    #   # --> POST /posts/1/comments (maps to the CommentsController#create action)
+    #   # --> PUT /posts/1/comments/1 (fails)
+    #
+    # The <tt>:only</tt> and <tt>:except</tt> options are inherited by any nested resource(s).
+    #
     # If <tt>map.resources</tt> is called with multiple resources, they all get the same options applied.
     #
     # Examples:
@@ -345,28 +432,28 @@ module ActionController
     #
     # The +resources+ method sets HTTP method restrictions on the routes it generates. For example, making an
     # HTTP POST on <tt>new_message_url</tt> will raise a RoutingError exception. The default route in
-    # <tt>config/routes.rb</tt> overrides this and allows invalid HTTP methods for resource routes.
+    # <tt>config/routes.rb</tt> overrides this and allows invalid HTTP methods for \resource routes.
     def resources(*entities, &block)
       options = entities.extract_options!
       entities.each { |entity| map_resource(entity, options.dup, &block) }
     end
 
-    # Creates named routes for implementing verb-oriented controllers for a singleton resource.
-    # A singleton resource is global to its current context.  For unnested singleton resources,
-    # the resource is global to the current user visiting the application, such as a user's
-    # /account profile.  For nested singleton resources, the resource is global to its parent
-    # resource, such as a <tt>projects</tt> resource that <tt>has_one :project_manager</tt>.
-    # The <tt>project_manager</tt> should be mapped as a singleton resource under <tt>projects</tt>:
+    # Creates named routes for implementing verb-oriented controllers for a singleton \resource.
+    # A singleton \resource is global to its current context.  For unnested singleton \resources,
+    # the \resource is global to the current user visiting the application, such as a user's
+    # <tt>/account</tt> profile.  For nested singleton \resources, the \resource is global to its parent
+    # \resource, such as a <tt>projects</tt> \resource that <tt>has_one :project_manager</tt>.
+    # The <tt>project_manager</tt> should be mapped as a singleton \resource under <tt>projects</tt>:
     #
     #   map.resources :projects do |project|
     #     project.resource :project_manager
     #   end
     #
-    # See map.resources for general conventions.  These are the main differences:
-    # * A singular name is given to map.resource.  The default controller name is still taken from the plural name.
+    # See +resources+ for general conventions.  These are the main differences:
+    # * A singular name is given to <tt>map.resource</tt>.  The default controller name is still taken from the plural name.
     # * To specify a custom plural name, use the <tt>:plural</tt> option.  There is no <tt>:singular</tt> option.
-    # * No default index route is created for the singleton resource controller.
-    # * When nesting singleton resources, only the singular name is used as the path prefix (example: 'account/messages/1')
+    # * No default index route is created for the singleton \resource controller.
+    # * When nesting singleton \resources, only the singular name is used as the path prefix (example: 'account/messages/1')
     #
     # For example:
     #
@@ -438,7 +525,7 @@ module ActionController
           map_associations(resource, options)
 
           if block_given?
-            with_options(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix, :namespace => options[:namespace], &block)
+            with_options(options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix), &block)
           end
         end
       end
@@ -455,67 +542,75 @@ module ActionController
           map_associations(resource, options)
 
           if block_given?
-            with_options(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix, :namespace => options[:namespace], &block)
+            with_options(options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix), &block)
           end
         end
       end
 
       def map_associations(resource, options)
+        map_has_many_associations(resource, options.delete(:has_many), options) if options[:has_many]
+
         path_prefix = "#{options.delete(:path_prefix)}#{resource.nesting_path_prefix}"
         name_prefix = "#{options.delete(:name_prefix)}#{resource.nesting_name_prefix}"
 
-        Array(options[:has_many]).each do |association|
-          resources(association, :path_prefix => path_prefix, :name_prefix => name_prefix, :namespace => options[:namespace])
+        Array(options[:has_one]).each do |association|
+          resource(association, options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => path_prefix, :name_prefix => name_prefix))
         end
+      end
 
-        Array(options[:has_one]).each do |association|
-          resource(association, :path_prefix => path_prefix, :name_prefix => name_prefix, :namespace => options[:namespace])
+      def map_has_many_associations(resource, associations, options)
+        case associations
+        when Hash
+          associations.each do |association,has_many|
+            map_has_many_associations(resource, association, options.merge(:has_many => has_many))
+          end
+        when Array
+          associations.each do |association|
+            map_has_many_associations(resource, association, options)
+          end
+        when Symbol, String
+          resources(associations, options.slice(*INHERITABLE_OPTIONS).merge(:path_prefix => resource.nesting_path_prefix, :name_prefix => resource.nesting_name_prefix, :has_many => options[:has_many]))
+        else
         end
       end
 
       def map_collection_actions(map, resource)
         resource.collection_methods.each do |method, actions|
           actions.each do |action|
-            action_options = action_options_for(action, resource, method)
-            map.named_route("#{action}_#{resource.name_prefix}#{resource.plural}", "#{resource.path}#{resource.action_separator}#{action}", action_options)
-            map.named_route("formatted_#{action}_#{resource.name_prefix}#{resource.plural}", "#{resource.path}#{resource.action_separator}#{action}.:format", action_options)
+            [method].flatten.each do |m|
+              map_resource_routes(map, resource, action, "#{resource.path}#{resource.action_separator}#{action}", "#{action}_#{resource.name_prefix}#{resource.plural}", m)
+            end
           end
         end
       end
 
       def map_default_collection_actions(map, resource)
-        index_action_options = action_options_for("index", resource)
         index_route_name = "#{resource.name_prefix}#{resource.plural}"
 
         if resource.uncountable?
           index_route_name << "_index"
         end
 
-        map.named_route(index_route_name, resource.path, index_action_options)
-        map.named_route("formatted_#{index_route_name}", "#{resource.path}.:format", index_action_options)
-
-        create_action_options = action_options_for("create", resource)
-        map.connect(resource.path, create_action_options)
-        map.connect("#{resource.path}.:format", create_action_options)
+        map_resource_routes(map, resource, :index, resource.path, index_route_name)
+        map_resource_routes(map, resource, :create, resource.path, index_route_name)
       end
 
       def map_default_singleton_actions(map, resource)
-        create_action_options = action_options_for("create", resource)
-        map.connect(resource.path, create_action_options)
-        map.connect("#{resource.path}.:format", create_action_options)
+        map_resource_routes(map, resource, :create, resource.path, "#{resource.shallow_name_prefix}#{resource.singular}")
       end
 
       def map_new_actions(map, resource)
         resource.new_methods.each do |method, actions|
           actions.each do |action|
-            action_options = action_options_for(action, resource, method)
-            if action == :new
-              map.named_route("new_#{resource.name_prefix}#{resource.singular}", resource.new_path, action_options)
-              map.named_route("formatted_new_#{resource.name_prefix}#{resource.singular}", "#{resource.new_path}.:format", action_options)
-            else
-              map.named_route("#{action}_new_#{resource.name_prefix}#{resource.singular}", "#{resource.new_path}#{resource.action_separator}#{action}", action_options)
-              map.named_route("formatted_#{action}_new_#{resource.name_prefix}#{resource.singular}", "#{resource.new_path}#{resource.action_separator}#{action}.:format", action_options)
+            route_path = resource.new_path
+            route_name = "new_#{resource.name_prefix}#{resource.singular}"
+
+            unless action == :new
+              route_path = "#{route_path}#{resource.action_separator}#{action}"
+              route_name = "#{action}_#{route_name}"
             end
+
+            map_resource_routes(map, resource, action, route_path, route_name, method)
           end
         end
       end
@@ -523,27 +618,34 @@ module ActionController
       def map_member_actions(map, resource)
         resource.member_methods.each do |method, actions|
           actions.each do |action|
-            action_options = action_options_for(action, resource, method)
-
-            action_path = resource.options[:path_names][action] if resource.options[:path_names].is_a?(Hash)
-            action_path ||= Base.resources_path_names[action] || action
+            [method].flatten.each do |m|
+              action_path = resource.options[:path_names][action] if resource.options[:path_names].is_a?(Hash)
+              action_path ||= Base.resources_path_names[action] || action
 
-            map.named_route("#{action}_#{resource.name_prefix}#{resource.singular}", "#{resource.member_path}#{resource.action_separator}#{action_path}", action_options)
-            map.named_route("formatted_#{action}_#{resource.name_prefix}#{resource.singular}", "#{resource.member_path}#{resource.action_separator}#{action_path}.:format",action_options)
+              map_resource_routes(map, resource, action, "#{resource.member_path}#{resource.action_separator}#{action_path}", "#{action}_#{resource.shallow_name_prefix}#{resource.singular}", m)
+            end
           end
         end
 
-        show_action_options = action_options_for("show", resource)
-        map.named_route("#{resource.name_prefix}#{resource.singular}", resource.member_path, show_action_options)
-        map.named_route("formatted_#{resource.name_prefix}#{resource.singular}", "#{resource.member_path}.:format", show_action_options)
-
-        update_action_options = action_options_for("update", resource)
-        map.connect(resource.member_path, update_action_options)
-        map.connect("#{resource.member_path}.:format", update_action_options)
+        route_path = "#{resource.shallow_name_prefix}#{resource.singular}"
+        map_resource_routes(map, resource, :show, resource.member_path, route_path)
+        map_resource_routes(map, resource, :update, resource.member_path, route_path)
+        map_resource_routes(map, resource, :destroy, resource.member_path, route_path)
+      end
 
-        destroy_action_options = action_options_for("destroy", resource)
-        map.connect(resource.member_path, destroy_action_options)
-        map.connect("#{resource.member_path}.:format", destroy_action_options)
+      def map_resource_routes(map, resource, action, route_path, route_name = nil, method = nil)
+        if resource.has_action?(action)
+          action_options = action_options_for(action, resource, method)
+          formatted_route_path = "#{route_path}.:format"
+
+          if route_name && @set.named_routes[route_name.to_sym].nil?
+            map.named_route(route_name, route_path, action_options)
+            map.named_route("formatted_#{route_name}", formatted_route_path, action_options)
+          else
+            map.connect(route_path, action_options)
+            map.connect(formatted_route_path, action_options)
+          end
+        end
       end
 
       def add_conditions_for(conditions, method)
@@ -555,6 +657,7 @@ module ActionController
       def action_options_for(action, resource, method = nil)
         default_options = { :action => action.to_s }
         require_id = !resource.kind_of?(SingletonResource)
+
         case default_options[:action]
           when "index", "new"; default_options.merge(add_conditions_for(resource.conditions, method || :get)).merge(resource.requirements)
           when "create";       default_options.merge(add_conditions_for(resource.conditions, method || :post)).merge(resource.requirements)