actionpack 2.3.18 → 3.0.0.beta

data/lib/action_controller/metal/configuration.rb

@@ -0,0 +1,28 @@
+module ActionController
+  module Configuration
+    extend ActiveSupport::Concern
+    
+    def config
+      @config ||= self.class.config
+    end
+    
+    def config=(config)
+      @config = config
+    end
+    
+    module ClassMethods
+      def default_config
+        @default_config ||= {}
+      end
+      
+      def config
+        self.config ||= default_config
+      end
+      
+      def config=(config)
+        @config = ActiveSupport::OrderedHash.new
+        @config.merge!(config)
+      end
+    end
+  end
+end

data/lib/action_controller/metal/cookies.rb

@@ -0,0 +1,17 @@
+module ActionController #:nodoc:
+  module Cookies
+    extend ActiveSupport::Concern
+
+    include RackDelegation
+
+    included do
+      helper_method :cookies
+      cattr_accessor :cookie_verifier_secret
+    end
+    
+    private
+      def cookies
+        request.cookie_jar
+      end
+  end
+end

data/lib/action_controller/metal/exceptions.rb

@@ -0,0 +1,46 @@
+module ActionController
+  class ActionControllerError < StandardError #:nodoc:
+  end
+
+  class RenderError < ActionControllerError #:nodoc:
+  end
+
+  class RoutingError < ActionControllerError #:nodoc:
+    attr_reader :failures
+    def initialize(message, failures=[])
+      super(message)
+      @failures = failures
+    end
+  end
+
+  class MethodNotAllowed < ActionControllerError #:nodoc:
+    attr_reader :allowed_methods
+
+    def initialize(*allowed_methods)
+      super("Only #{allowed_methods.to_sentence(:locale => :en)} requests are allowed.")
+    end
+  end
+
+  class NotImplemented < MethodNotAllowed #:nodoc:
+  end
+
+  class UnknownController < ActionControllerError #:nodoc:
+  end
+
+  class MissingFile < ActionControllerError #:nodoc:
+  end
+
+  class RenderError < ActionControllerError #:nodoc:
+  end
+
+  class SessionOverflowError < ActionControllerError #:nodoc:
+    DEFAULT_MESSAGE = 'Your session data is larger than the data column in which it is to be stored. You must increase the size of your data column if you intend to store large data.'
+
+    def initialize(message = nil)
+      super(message || DEFAULT_MESSAGE)
+    end
+  end
+
+  class UnknownHttpMethod < ActionControllerError #:nodoc:
+  end
+end

data/lib/action_controller/metal/flash.rb

@@ -0,0 +1,28 @@
+module ActionController #:nodoc:
+  module Flash
+    extend ActiveSupport::Concern
+
+    included do
+      delegate :flash, :to => :request
+      delegate :alert, :notice, :to => "request.flash"
+      helper_method :alert, :notice
+    end
+
+    protected
+      def redirect_to(options = {}, response_status_and_flash = {}) #:doc:
+        if alert = response_status_and_flash.delete(:alert)
+          flash[:alert] = alert
+        end
+
+        if notice = response_status_and_flash.delete(:notice)
+          flash[:notice] = notice
+        end
+
+        if other_flashes = response_status_and_flash.delete(:flash)
+          flash.update(other_flashes)
+        end
+
+        super(options, response_status_and_flash)
+      end
+  end
+end

data/lib/action_controller/metal/head.rb

@@ -0,0 +1,33 @@
+module ActionController
+  module Head
+    extend ActiveSupport::Concern
+    include ActionController::UrlFor
+
+    # Return a response that has no content (merely headers). The options
+    # argument is interpreted to be a hash of header names and values.
+    # This allows you to easily return a response that consists only of
+    # significant headers:
+    #
+    #   head :created, :location => person_path(@person)
+    #
+    # It can also be used to return exceptional conditions:
+    #
+    #   return head(:method_not_allowed) unless request.post?
+    #   return head(:bad_request) unless valid_request?
+    #   render
+    def head(status, options = {})
+      options, status = status, nil if status.is_a?(Hash)
+      status ||= options.delete(:status) || :ok
+      location = options.delete(:location)
+
+      options.each do |key, value|
+        headers[key.to_s.dasherize.split(/-/).map { |v| v.capitalize }.join("-")] = value.to_s
+      end
+
+      self.status = status
+      self.location = url_for(location) if location
+      self.content_type = Mime[formats.first]
+      self.response_body = " "
+    end
+  end
+end

data/lib/action_controller/metal/helpers.rb

@@ -0,0 +1,116 @@
+require 'active_support/core_ext/class/attribute'
+
+module ActionController
+  # The Rails framework provides a large number of helpers for working with +assets+, +dates+, +forms+,
+  # +numbers+ and model objects, to name a few. These helpers are available to all templates
+  # by default.
+  #
+  # In addition to using the standard template helpers provided in the Rails framework, creating custom helpers to
+  # extract complicated logic or reusable functionality is strongly encouraged. By default, the controller will
+  # include a helper whose name matches that of the controller, e.g., <tt>MyController</tt> will automatically
+  # include <tt>MyHelper</tt>.
+  #
+  # Additional helpers can be specified using the +helper+ class method in <tt>ActionController::Base</tt> or any
+  # controller which inherits from it.
+  #
+  # ==== Examples
+  # The +to_s+ method from the Time class can be wrapped in a helper method to display a custom message if
+  # the Time object is blank:
+  #
+  #   module FormattedTimeHelper
+  #     def format_time(time, format=:long, blank_message="&nbsp;")
+  #       time.blank? ? blank_message : time.to_s(format)
+  #     end
+  #   end
+  #
+  # FormattedTimeHelper can now be included in a controller, using the +helper+ class method:
+  #
+  #   class EventsController < ActionController::Base
+  #     helper FormattedTimeHelper
+  #     def index
+  #       @events = Event.find(:all)
+  #     end
+  #   end
+  #
+  # Then, in any view rendered by <tt>EventController</tt>, the <tt>format_time</tt> method can be called:
+  #
+  #   <% @events.each do |event| -%>
+  #     <p>
+  #       <% format_time(event.time, :short, "N/A") %> | <%= event.name %>
+  #     </p>
+  #   <% end -%>
+  #
+  # Finally, assuming we have two event instances, one which has a time and one which does not,
+  # the output might look like this:
+  #
+  #   23 Aug 11:30 | Carolina Railhawks Soccer Match
+  #   N/A | Carolina Railhaws Training Workshop
+  #
+  module Helpers
+    extend ActiveSupport::Concern
+
+    include AbstractController::Helpers
+
+    included do
+      class_attribute :helpers_path
+      self.helpers_path = []
+    end
+
+    module ClassMethods
+      def helpers_dir
+        ActiveSupport::Deprecation.warn "helpers_dir is deprecated, use helpers_path instead"
+        self.helpers_path
+      end
+
+      def helpers_dir=(value)
+        ActiveSupport::Deprecation.warn "helpers_dir= is deprecated, use helpers_path= instead"
+        self.helpers_path = Array(value)
+      end
+
+      # Declares helper accessors for controller attributes. For example, the
+      # following adds new +name+ and <tt>name=</tt> instance methods to a
+      # controller and makes them available to the view:
+      #   helper_attr :name
+      #   attr_accessor :name
+      #
+      # ==== Parameters
+      # *attrs<Array[String, Symbol]>:: Names of attributes to be converted
+      #   into helpers.
+      def helper_attr(*attrs)
+        attrs.flatten.each { |attr| helper_method(attr, "#{attr}=") }
+      end
+
+      # Provides a proxy to access helpers methods from outside the view.
+      def helpers
+        @helper_proxy ||= ActionView::Base.new.extend(_helpers)
+      end
+
+      private
+        # Overwrite _modules_for_helpers to accept :all as argument, which loads
+        # all helpers in helpers_dir.
+        #
+        # ==== Parameters
+        # args<Array[String, Symbol, Module, all]>:: A list of helpers
+        #
+        # ==== Returns
+        # Array[Module]:: A normalized list of modules for the list of
+        #   helpers provided.
+        def _modules_for_helpers(args)
+          args += all_application_helpers if args.delete(:all)
+          super(args)
+        end
+
+        # Extract helper names from files in app/helpers/**/*_helper.rb
+        def all_application_helpers
+          helpers = []
+          helpers_path.each do |path|
+            extract  = /^#{Regexp.quote(path)}\/?(.*)_helper.rb$/
+            helpers += Dir["#{path}/**/*_helper.rb"].map { |file| file.sub(extract, '\1') }
+          end
+          helpers.sort!
+          helpers.uniq!
+          helpers
+        end
+    end
+  end
+end

data/lib/action_controller/metal/hide_actions.rb

@@ -0,0 +1,50 @@
+require 'active_support/core_ext/class/attribute'
+
+module ActionController
+  # ActionController::HideActions adds the ability to prevent public methods on a controller
+  # to be called as actions.
+  module HideActions
+    extend ActiveSupport::Concern
+
+    included do
+      class_attribute :hidden_actions
+      self.hidden_actions = Set.new
+    end
+
+  private
+
+    # Overrides AbstractController::Base#action_method? to return false if the
+    # action name is in the list of hidden actions.
+    def action_method?(action_name)
+      self.class.visible_action?(action_name) do
+        !self.class.hidden_actions.include?(action_name) && super
+      end
+    end
+
+    module ClassMethods
+      # Sets all of the actions passed in as hidden actions.
+      #
+      # ==== Parameters
+      # *args<#to_s>:: A list of actions
+      def hide_action(*args)
+        self.hidden_actions = hidden_actions.dup.merge(args.map(&:to_s))
+      end
+
+      def inherited(klass)
+        klass.instance_variable_set("@visible_actions", {})
+        super
+      end
+
+      def visible_action?(action_name)
+        return @visible_actions[action_name] if @visible_actions.key?(action_name)
+        @visible_actions[action_name] = yield
+      end
+
+      # Overrides AbstractController::Base#action_methods to remove any methods
+      # that are listed as hidden methods.
+      def action_methods
+        @action_methods ||= Set.new(super.reject {|name| hidden_actions.include?(name)})
+      end
+    end
+  end
+end

data/lib/action_controller/{http_authentication.rb → metal/http_authentication.rb}

@@ -1,3 +1,5 @@
+require 'active_support/base64'
+
 module ActionController
   module HttpAuthentication
     # Makes it dead easy to do HTTP Basic authentication.
@@ -113,7 +115,7 @@ module ActionController
         end
 
         def authenticate_with_http_basic(&login_procedure)
-          HttpAuthentication::Basic.authenticate(self, &login_procedure)
+          HttpAuthentication::Basic.authenticate(request, &login_procedure)
         end
 
         def request_http_basic_authentication(realm = "Application")
@@ -121,9 +123,9 @@ module ActionController
         end
       end
 
-      def authenticate(controller, &login_procedure)
-        unless authorization(controller.request).blank?
-          login_procedure.call(*user_name_and_password(controller.request))
+      def authenticate(request, &login_procedure)
+        unless authorization(request).blank?
+          login_procedure.call(*user_name_and_password(request))
         end
       end
 
@@ -148,7 +150,8 @@ module ActionController
 
       def authentication_request(controller, realm)
         controller.headers["WWW-Authenticate"] = %(Basic realm="#{realm.gsub(/"/, "")}")
-        controller.__send__ :render, :text => "HTTP Basic: Access denied.\n", :status => :unauthorized
+        controller.response_body = "HTTP Basic: Access denied.\n"
+        controller.status = 401
       end
     end
 
@@ -162,7 +165,7 @@ module ActionController
 
         # Authenticate with HTTP Digest, returns true or false
         def authenticate_with_http_digest(realm = "Application", &password_procedure)
-          HttpAuthentication::Digest.authenticate(self, realm, &password_procedure)
+          HttpAuthentication::Digest.authenticate(request, realm, &password_procedure)
         end
 
         # Render output including the HTTP Digest authentication header
@@ -172,8 +175,8 @@ module ActionController
       end
 
       # Returns false on a valid response, true otherwise
-      def authenticate(controller, realm, &password_procedure)
-        authorization(controller.request) && validate_digest_response(controller.request, realm, &password_procedure)
+      def authenticate(request, realm, &password_procedure)
+        authorization(request) && validate_digest_response(request, realm, &password_procedure)
       end
 
       def authorization(request)
@@ -227,9 +230,9 @@ module ActionController
       end
 
       def decode_credentials(header)
-        header.to_s.gsub(/^Digest\s+/,'').split(',').inject({}.with_indifferent_access) do |hash, pair|
+        header.to_s.gsub(/^Digest\s+/,'').split(',').inject({}) do |hash, pair|
           key, value = pair.split('=', 2)
-          hash[key.strip] = value.to_s.gsub(/^"|"$/,'').gsub(/'/, '')
+          hash[key.strip.to_sym] = value.to_s.gsub(/^"|"$/,'').gsub(/'/, '')
           hash
         end
       end
@@ -241,7 +244,8 @@ module ActionController
       def authentication_request(controller, realm, message = nil)
         message ||= "HTTP Digest: Access denied.\n"
         authentication_header(controller, realm)
-        controller.__send__ :render, :text => message, :status => :unauthorized
+        controller.response_body = message
+        controller.status = 401
       end
 
       # Uses an MD5 digest based on time to generate a value to be used only once.
@@ -275,12 +279,12 @@ module ActionController
       #
       # The nonce is opaque to the client. Composed of Time, and hash of Time with secret
       # key from the Rails session secret generated upon creation of project. Ensures
-      # the time cannot be modifed by client.
+      # the time cannot be modified by client.
       def nonce(time = Time.now)
         t = time.to_i
         hashed = [t, secret_key]
         digest = ::Digest::MD5.hexdigest(hashed.join(":"))
-        Base64.encode64("#{t}:#{digest}").gsub("\n", '')
+        ActiveSupport::Base64.encode64("#{t}:#{digest}").gsub("\n", '')
       end
 
       # Might want a shorter timeout depending on whether the request
@@ -289,8 +293,7 @@ module ActionController
       # allow a user to use new nonce without prompting user again for their
       # username and password.
       def validate_nonce(request, value, seconds_to_timeout=5*60)
-        return false if value.nil?
-        t = Base64.decode64(value).split(":").first.to_i
+        t = ActiveSupport::Base64.decode64(value).split(":").first.to_i
         nonce(t) == value && (t - Time.now.to_i).abs <= seconds_to_timeout
       end
 

data/lib/action_controller/metal/instrumentation.rb

@@ -0,0 +1,99 @@
+require 'abstract_controller/logger'
+
+module ActionController
+  # Adds instrumentation to several ends in ActionController::Base. It also provides
+  # some hooks related with process_action, this allows an ORM like ActiveRecord
+  # and/or DataMapper to plug in ActionController and show related information.
+  #
+  # Check ActiveRecord::Railties::ControllerRuntime for an example.
+  module Instrumentation
+    extend ActiveSupport::Concern
+
+    include AbstractController::Logger
+
+    attr_internal :view_runtime
+
+    def process_action(action, *args)
+      raw_payload = {
+        :controller => self.class.name,
+        :action     => self.action_name,
+        :params     => request.filtered_parameters,
+        :formats    => request.formats.map(&:to_sym),
+        :method     => request.method,
+        :path       => (request.request_uri rescue "unknown")
+      }
+
+      ActiveSupport::Notifications.instrument("action_controller.start_processing", raw_payload.dup)
+
+      ActiveSupport::Notifications.instrument("action_controller.process_action", raw_payload) do |payload|
+        result = super
+        payload[:status] = response.status
+        append_info_to_payload(payload)
+        result
+      end
+    end
+
+    def render(*args)
+      render_output = nil
+      self.view_runtime = cleanup_view_runtime do
+        Benchmark.ms { render_output = super }
+      end
+      render_output
+    end
+
+    def send_file(path, options={})
+      ActiveSupport::Notifications.instrument("action_controller.send_file",
+        options.merge(:path => path)) do
+        super
+      end
+    end
+
+    def send_data(data, options = {})
+      ActiveSupport::Notifications.instrument("action_controller.send_data", options) do
+        super
+      end
+    end
+
+    def redirect_to(*args)
+      ActiveSupport::Notifications.instrument("action_controller.redirect_to") do |payload|
+        result = super
+        payload[:status]   = self.status
+        payload[:location] = self.location
+        result
+      end
+    end
+
+  protected
+
+    # A hook which allows you to clean up any time taken into account in
+    # views wrongly, like database querying time.
+    #
+    #   def cleanup_view_runtime
+    #     super - time_taken_in_something_expensive
+    #   end
+    #
+    # :api: plugin
+    def cleanup_view_runtime #:nodoc:
+      yield
+    end
+
+    # Everytime after an action is processed, this method is invoked
+    # with the payload, so you can add more information.
+    # :api: plugin
+    def append_info_to_payload(payload) #:nodoc:
+      payload[:view_runtime] = view_runtime
+    end
+
+    module ClassMethods
+      # A hook which allows other frameworks to log what happened during
+      # controller process action. This method should return an array
+      # with the messages to be added.
+      # :api: plugin
+      def log_process_action(payload) #:nodoc:
+        messages, view_runtime = [], payload[:view_runtime]
+        messages << ("Views: %.1fms" % view_runtime.to_f) if view_runtime
+        messages
+      end
+    end
+  end
+end