actionpack 3.1.12 → 3.2.0.rc1

data/lib/action_view/helpers/debug_helper.rb

@@ -30,7 +30,7 @@ module ActionView
         begin
           Marshal::dump(object)
           "<pre class='debug_dump'>#{h(object.to_yaml).gsub("  ", "&nbsp; ")}</pre>".html_safe
-        rescue Exception # errors from Marshal or YAML
+        rescue Exception  # errors from Marshal or YAML
           # Object couldn't be dumped, perhaps because of singleton methods -- this is the fallback
           "<code class='debug_dump'>#{h(object.inspect)}</code>".html_safe
         end

data/lib/action_view/helpers/form_helper.rb

@@ -158,6 +158,9 @@ module ActionView
       # * <tt>:url</tt> - The URL the form is submitted to. It takes the same
       #   fields you pass to +url_for+ or +link_to+. In particular you may pass
       #   here a named route directly as well. Defaults to the current action.
+      # * <tt>:namespace</tt> - A namespace for your form to ensure uniqueness of
+      #   id attributes on form elements. The namespace attribute will be prefixed
+      #   with underscore on the generated HTML id.
       # * <tt>:html</tt> - Optional HTML attributes for the form tag.
       #
       # Also note that +form_for+ doesn't create an exclusive scope. It's still
@@ -384,8 +387,8 @@ module ActionView
         as = options[:as]
         action, method = object.respond_to?(:persisted?) && object.persisted? ? [:edit, :put] : [:new, :post]
         options[:html].reverse_merge!(
-          :class  => as ? "#{as}_#{action}" : dom_class(object, action),
-          :id     => as ? "#{as}_#{action}" : dom_id(object, action),
+          :class  => as ? "#{action}_#{as}" : dom_class(object, action),
+          :id     => as ? "#{action}_#{as}" : [options[:namespace], dom_id(object, action)].compact.join("_").presence,
           :method => method
         )
 
@@ -518,6 +521,18 @@ module ActionView
       #     end
       #   end
       #
+      # Note that the <tt>projects_attributes=</tt> writer method is in fact
+      # required for fields_for to correctly identify <tt>:projects</tt> as a
+      # collection, and the correct indices to be set in the form markup.
+      #
+      # When projects is already an association on Person you can use
+      # +accepts_nested_attributes_for+ to define the writer method for you:
+      #
+      #   class Person < ActiveRecord::Base
+      #     has_many :projects
+      #     accepts_nested_attributes_for :projects
+      #   end
+      #
       # This model can now be used with a nested fields_for. The block given to
       # the nested fields_for call will be repeated for each instance in the
       # collection:
@@ -848,8 +863,8 @@ module ActionView
       end
 
       # Returns an input of type "search" for accessing a specified attribute (identified by +method+) on an object
-      # assigned to the template (identified by +object+). Inputs of type "search" may be styled differently by
-      # some browsers
+      # assigned to the template (identified by +object_name+). Inputs of type "search" may be styled differently by
+      # some browsers.
       #
       # ==== Examples
       #
@@ -868,7 +883,7 @@ module ActionView
       #   # => <input autosave="false" id="user_name" incremental="true" name="user[name]" onsearch="true" size="30" type="search" />
       #   search_field(:user, :name, :autosave => true, :onsearch => true)
       #   # => <input autosave="com.example.www" id="user_name" incremental="true" name="user[name]" onsearch="true" results="10" size="30" type="search" />
-      
+      #
       def search_field(object_name, method, options = {})
         options = options.stringify_keys
 
@@ -890,7 +905,7 @@ module ActionView
       #
       #   telephone_field("user", "phone")
       #   # => <input id="user_phone" name="user[phone]" size="30" type="tel" />
-
+      #
       def telephone_field(object_name, method, options = {})
         InstanceTag.new(object_name, method, self, options.delete(:object)).to_input_field_tag("tel", options)
       end
@@ -900,7 +915,7 @@ module ActionView
       #
       #   url_field("user", "homepage")
       #   # => <input id="user_homepage" size="30" name="user[homepage]" type="url" />
-
+      #
       def url_field(object_name, method, options = {})
         InstanceTag.new(object_name, method, self, options.delete(:object)).to_input_field_tag("url", options)
       end
@@ -909,7 +924,7 @@ module ActionView
       #
       #   email_field("user", "address")
       #   # => <input id="user_address" size="30" name="user[address]" type="email" />
-      
+      #
       def email_field(object_name, method, options = {})
         InstanceTag.new(object_name, method, self, options.delete(:object)).to_input_field_tag("email", options)
       end
@@ -948,7 +963,7 @@ module ActionView
     end
 
     class InstanceTag
-      include Helpers::CaptureHelper, Context, Helpers::TagHelper, Helpers::FormTagHelper
+      include Helpers::TagHelper, Helpers::FormTagHelper
 
       attr_reader :object, :method_name, :object_name
 
@@ -959,6 +974,7 @@ module ActionView
       def initialize(object_name, method_name, template_object, object = nil)
         @object_name, @method_name = object_name.to_s.dup, method_name.to_s.dup
         @template_object = template_object
+
         @object_name.sub!(/\[\]$/,"") || @object_name.sub!(/\[\]\]$/,"]")
         @object = retrieve_object(object)
         @auto_index = retrieve_autoindex(Regexp.last_match.pre_match) if Regexp.last_match
@@ -977,10 +993,11 @@ module ActionView
 
         add_default_name_and_id_for_value(tag_value, name_and_id)
         options.delete("index")
+        options.delete("namespace")
         options["for"] ||= name_and_id["id"]
 
         if block_given?
-          label_tag(name_and_id["id"], options, &block)
+          @template_object.label_tag(name_and_id["id"], options, &block)
         else
           content = if text.blank?
             object_name.gsub!(/\[(.*)_attributes\]\[\d\]/, '.\1')
@@ -1023,6 +1040,8 @@ module ActionView
 
       def to_number_field_tag(field_type, options = {})
         options = options.stringify_keys
+        options['size'] ||= nil
+
         if range = options.delete("in") || options.delete("within")
           options.update("min" => range.min, "max" => range.max)
         end
@@ -1181,6 +1200,7 @@ module ActionView
             options["name"] ||= tag_name + (options['multiple'] ? '[]' : '')
             options["id"] = options.fetch("id"){ tag_id }
           end
+          options["id"] = [options.delete('namespace'), options["id"]].compact.join("_").presence
         end
 
         def tag_name
@@ -1223,8 +1243,12 @@ module ActionView
         parent_builder.multipart = multipart if parent_builder
       end
 
-      def self.model_name
-        @model_name ||= Struct.new(:partial_path).new(name.demodulize.underscore.sub!(/_builder$/, ''))
+      def self._to_partial_path
+        @_to_partial_path ||= name.demodulize.underscore.sub!(/_builder$/, '')
+      end
+
+      def to_partial_path
+        self.class._to_partial_path
       end
 
       def to_model
@@ -1235,7 +1259,7 @@ module ActionView
         @nested_child_index = {}
         @object_name, @object, @template, @options, @proc = object_name, object, template, options, proc
         @parent_builder = options[:parent_builder]
-        @default_options = @options ? @options.slice(:index) : {}
+        @default_options = @options ? @options.slice(:index, :namespace) : {}
         if @object_name.to_s.match(/\[\]$/)
           if object ||= @template.instance_variable_get("@#{Regexp.last_match.pre_match}") and object.respond_to?(:to_param)
             @auto_index = object.to_param
@@ -1262,6 +1286,7 @@ module ActionView
         fields_options, record_object = record_object, nil if record_object.is_a?(Hash) && record_object.extractable_options?
         fields_options[:builder] ||= options[:builder]
         fields_options[:parent_builder] = self
+        fields_options[:namespace] = fields_options[:parent_builder].options[:namespace]
 
         case record_name
         when String, Symbol
@@ -1339,6 +1364,39 @@ module ActionView
         @template.submit_tag(value, options)
       end
 
+      # Add the submit button for the given form. When no value is given, it checks
+      # if the object is a new resource or not to create the proper label:
+      #
+      #   <%= form_for @post do |f| %>
+      #     <%= f.button %>
+      #   <% end %>
+      #
+      # In the example above, if @post is a new record, it will use "Create Post" as
+      # submit button label, otherwise, it uses "Update Post".
+      #
+      # Those labels can be customized using I18n, under the helpers.submit key and accept
+      # the %{model} as translation interpolation:
+      #
+      #   en:
+      #     helpers:
+      #       button:
+      #         create: "Create a %{model}"
+      #         update: "Confirm changes to %{model}"
+      #
+      # It also searches for a key specific for the given object:
+      #
+      #   en:
+      #     helpers:
+      #       button:
+      #         post:
+      #           create: "Add %{model}"
+      #
+      def button(value=nil, options={})
+        value, options = nil, value if value.is_a?(Hash)
+        value ||= submit_default_value
+        @template.button_tag(value, options)
+      end
+
       def emitted_hidden_id?
         @emitted_hidden_id ||= nil
       end

data/lib/action_view/helpers/form_options_helper.rb

@@ -105,7 +105,10 @@ module ActionView
 
       # Create a select tag and a series of contained option tags for the provided object and method.
       # The option currently held by the object will be selected, provided that the object is available.
-      # See options_for_select for the required format of the choices parameter.
+      #
+      # There are two possible formats for the choices parameter, corresponding to other helpers' output:
+      #   * A flat collection: see options_for_select
+      #   * A nested collection: see grouped_options_for_select
       #
       # Example with @post.person_id => 1:
       #   select("post", "person_id", Person.all.collect {|p| [ p.name, p.id ] }, { :include_blank => true })
@@ -125,9 +128,31 @@ module ActionView
       # This allows the user to submit a form page more than once with the expected results of creating multiple records.
       # In addition, this allows a single partial to be used to generate form inputs for both edit and create forms.
       #
-      # By default, <tt>post.person_id</tt> is the selected option.  Specify <tt>:selected => value</tt> to use a different selection
+      # By default, <tt>post.person_id</tt> is the selected option. Specify <tt>:selected => value</tt> to use a different selection
       # or <tt>:selected => nil</tt> to leave all options unselected. Similarly, you can specify values to be disabled in the option
       # tags by specifying the <tt>:disabled</tt> option. This can either be a single value or an array of values to be disabled.
+      #
+      # ==== Gotcha
+      #
+      # The HTML specification says when +multiple+ parameter passed to select and all options got deselected 
+      # web browsers do not send any value to server. Unfortunately this introduces a gotcha:
+      # if an +User+ model has many +roles+ and have +role_ids+ accessor, and in the form that edits roles of the user
+      # the user deselects all roles from +role_ids+ multiple select box, no +role_ids+ parameter is sent. So,
+      # any mass-assignment idiom like
+      #
+      #   @user.update_attributes(params[:user])
+      #
+      # wouldn't update roles.
+      #
+      # To prevent this the helper generates an auxiliary hidden field before
+      # every multiple select. The hidden field has the same name as multiple select and blank value.
+      #
+      # This way, the client either sends only the hidden field (representing
+      # the deselected multiple select box), or both fields. Since the HTML specification
+      # says key/value pairs have to be sent in the same order they appear in the
+      # form, and parameters extraction gets the last occurrence of any repeated
+      # key in the query string, that works for ordinary forms.
+      #
       def select(object, method, choices, options = {}, html_options = {})
         InstanceTag.new(object, method, self, options.delete(:object)).to_select_tag(choices, options, html_options)
       end
@@ -255,7 +280,7 @@ module ActionView
       # Accepts a container (hash, array, enumerable, your type) and returns a string of option tags. Given a container
       # where the elements respond to first and last (such as a two-element array), the "lasts" serve as option values and
       # the "firsts" as option text. Hashes are turned into this form automatically, so the keys become "firsts" and values
-      # become lasts. If +selected+ is specified, the matching "last" or element will get the selected option-tag.  +selected+
+      # become lasts. If +selected+ is specified, the matching "last" or element will get the selected option-tag. +selected+
       # may also be an array of values to be selected when using a multiple select.
       #
       # Examples (call, result):
@@ -406,13 +431,13 @@ module ActionView
       # wraps them with <tt><optgroup></tt> tags.
       #
       # Parameters:
-      # * +grouped_options+ - Accepts a nested array or hash of strings.  The first value serves as the
+      # * +grouped_options+ - Accepts a nested array or hash of strings. The first value serves as the
       #   <tt><optgroup></tt> label while the second value must be an array of options. The second value can be a
       #   nested array of text-value pairs. See <tt>options_for_select</tt> for more info.
       #    Ex. ["North America",[["United States","US"],["Canada","CA"]]]
       # * +selected_key+ - A value equal to the +value+ attribute for one of the <tt><option></tt> tags,
       #   which will have the +selected+ attribute set. Note: It is possible for this value to match multiple options
-      #   as you might have the same option in multiple groups.  Each will then get <tt>selected="selected"</tt>.
+      #   as you might have the same option in multiple groups. Each will then get <tt>selected="selected"</tt>.
       # * +prompt+ - set to true or a prompt string. When the select element doesn't have a value yet, this
       #   prepends an option with a generic prompt - "Please select" - or the given prompt string.
       #
@@ -552,56 +577,62 @@ module ActionView
       include FormOptionsHelper
 
       def to_select_tag(choices, options, html_options)
-        html_options = html_options.stringify_keys
-        add_default_name_and_id(html_options)
-        value = value(object)
-        selected_value = options.has_key?(:selected) ? options[:selected] : value
-        disabled_value = options.has_key?(:disabled) ? options[:disabled] : nil
-        content_tag("select", add_options(options_for_select(choices, :selected => selected_value, :disabled => disabled_value), options, selected_value), html_options)
+        selected_value = options.has_key?(:selected) ? options[:selected] : value(object)
+
+        # Grouped choices look like this:
+        #
+        #   [nil, []]
+        #   { nil => [] }
+        #
+        if !choices.empty? && Array === choices.first.last
+          option_tags = grouped_options_for_select(choices, :selected => selected_value, :disabled => options[:disabled])
+        else
+          option_tags = options_for_select(choices, :selected => selected_value, :disabled => options[:disabled])
+        end
+
+        select_content_tag(option_tags, options, html_options)
       end
 
       def to_collection_select_tag(collection, value_method, text_method, options, html_options)
-        html_options = html_options.stringify_keys
-        add_default_name_and_id(html_options)
-        value = value(object)
-        disabled_value = options.has_key?(:disabled) ? options[:disabled] : nil
-        selected_value = options.has_key?(:selected) ? options[:selected] : value
-        content_tag(
-          "select", add_options(options_from_collection_for_select(collection, value_method, text_method, :selected => selected_value, :disabled => disabled_value), options, value), html_options
+        selected_value = options.has_key?(:selected) ? options[:selected] : value(object)
+        select_content_tag(
+          options_from_collection_for_select(collection, value_method, text_method, :selected => selected_value, :disabled => options[:disabled]), options, html_options
         )
       end
 
       def to_grouped_collection_select_tag(collection, group_method, group_label_method, option_key_method, option_value_method, options, html_options)
-        html_options = html_options.stringify_keys
-        add_default_name_and_id(html_options)
-        value = value(object)
-        content_tag(
-          "select", add_options(option_groups_from_collection_for_select(collection, group_method, group_label_method, option_key_method, option_value_method, value), options, value), html_options
+        select_content_tag(
+          option_groups_from_collection_for_select(collection, group_method, group_label_method, option_key_method, option_value_method, value(object)), options, html_options
         )
       end
 
       def to_time_zone_select_tag(priority_zones, options, html_options)
-        html_options = html_options.stringify_keys
-        add_default_name_and_id(html_options)
-        value = value(object)
-        content_tag("select",
-          add_options(
-            time_zone_options_for_select(value || options[:default], priority_zones, options[:model] || ActiveSupport::TimeZone),
-            options, value
-          ), html_options
+        select_content_tag(
+            time_zone_options_for_select(value(object) || options[:default], priority_zones, options[:model] || ActiveSupport::TimeZone), options, html_options
         )
       end
 
       private
         def add_options(option_tags, options, value = nil)
           if options[:include_blank]
-            option_tags = content_tag('option', options[:include_blank].kind_of?(String) ? options[:include_blank] : nil, :value => '') + "\n" + option_tags
+            option_tags = "<option value=\"\">#{ERB::Util.html_escape(options[:include_blank]) if options[:include_blank].kind_of?(String)}</option>\n" + option_tags
           end
           if value.blank? && options[:prompt]
             prompt = options[:prompt].kind_of?(String) ? options[:prompt] : I18n.translate('helpers.select.prompt', :default => 'Please select')
-            option_tags = content_tag('option', prompt, :value => '') + "\n" + option_tags
+            option_tags = "<option value=\"\">#{ERB::Util.html_escape(prompt)}</option>\n" + option_tags
+          end
+          option_tags.html_safe
+        end
+
+        def select_content_tag(option_tags, options, html_options)
+          html_options = html_options.stringify_keys
+          add_default_name_and_id(html_options)
+          select = content_tag("select", add_options(option_tags, options, value(object)), html_options)
+          if html_options["multiple"]
+            tag("input", :disabled => html_options["disabled"], :name => html_options["name"], :type => "hidden", :value => "") + select 
+          else
+            select
           end
-          option_tags
         end
     end
 

data/lib/action_view/helpers/form_tag_helper.rb

@@ -114,11 +114,11 @@ module ActionView
         html_name = (options[:multiple] == true && !name.to_s.ends_with?("[]")) ? "#{name}[]" : name
 
         if options.delete(:include_blank)
-          option_tags = content_tag(:option, '', :value => '').safe_concat(option_tags)
+          option_tags = "<option value=\"\"></option>".html_safe + option_tags
         end
 
         if prompt = options.delete(:prompt)
-          option_tags = content_tag(:option, prompt, :value => '').safe_concat(option_tags)
+          option_tags = "<option value=\"\">#{prompt}</option>".html_safe + option_tags
         end
 
         content_tag :select, option_tags, { "name" => html_name, "id" => sanitize_to_id(name) }.update(options.stringify_keys)
@@ -177,9 +177,12 @@ module ActionView
       #   label_tag 'name', nil, :class => 'small_label'
       #   # => <label for="name" class="small_label">Name</label>
       def label_tag(name = nil, content_or_options = nil, options = nil, &block)
-        options = content_or_options if block_given? && content_or_options.is_a?(Hash)
-        options ||= {}
-        options.stringify_keys!
+        if block_given? && content_or_options.is_a?(Hash)
+          options = content_or_options = content_or_options.stringify_keys
+        else
+          options ||= {}
+          options = options.stringify_keys
+        end
         options["for"] = sanitize_to_id(name) unless name.blank? || options.has_key?("for")
         content_tag :label, content_or_options || name.to_s.humanize, options, &block
       end
@@ -204,7 +207,7 @@ module ActionView
         text_field_tag(name, value, options.stringify_keys.update("type" => "hidden"))
       end
 
-      # Creates a file upload field.  If you are using file uploads then you will also need
+      # Creates a file upload field. If you are using file uploads then you will also need
       # to set the multipart option for the form tag:
       #
       #   <%= form_tag '/upload', :multipart => true do %>
@@ -304,7 +307,7 @@ module ActionView
       #   text_area_tag 'comment', nil, :class => 'comment_input'
       #   # => <textarea class="comment_input" id="comment" name="comment"></textarea>
       def text_area_tag(name, content = nil, options = {})
-        options.stringify_keys!
+        options = options.stringify_keys
 
         if size = options.delete("size")
           options["cols"], options["rows"] = size.split("x") if size.respond_to?(:split)
@@ -407,7 +410,7 @@ module ActionView
       #         data-confirm="Are you sure?" />
       #
       def submit_tag(value = "Save changes", options = {})
-        options.stringify_keys!
+        options = options.stringify_keys
 
         if disable_with = options.delete("disable_with")
           options["data-disable-with"] = disable_with
@@ -417,7 +420,7 @@ module ActionView
           options["data-confirm"] = confirm
         end
 
-        tag :input, { "type" => "submit", "name" => "commit", "value" => value }.update(options.stringify_keys)
+        tag :input, { "type" => "submit", "name" => "commit", "value" => value }.update(options)
       end
 
       # Creates a button element that defines a <tt>submit</tt> button,
@@ -458,7 +461,7 @@ module ActionView
       def button_tag(content_or_options = nil, options = nil, &block)
         options = content_or_options if block_given? && content_or_options.is_a?(Hash)
         options ||= {}
-        options.stringify_keys!
+        options = options.stringify_keys
 
         if disable_with = options.delete("disable_with")
           options["data-disable-with"] = disable_with
@@ -497,13 +500,13 @@ module ActionView
       #   image_submit_tag("agree.png", :disabled => true, :class => "agree_disagree_button")
       #   # => <input class="agree_disagree_button" disabled="disabled" src="/images/agree.png" type="image" />
       def image_submit_tag(source, options = {})
-        options.stringify_keys!
+        options = options.stringify_keys
 
         if confirm = options.delete("confirm")
           options["data-confirm"] = confirm
         end
 
-        tag :input, { "type" => "image", "src" => path_to_image(source) }.update(options.stringify_keys)
+        tag :input, { "type" => "image", "src" => path_to_image(source) }.update(options)
       end
 
       # Creates a field set for grouping HTML form elements.
@@ -579,7 +582,7 @@ module ActionView
       #
       # ==== Examples
       #   number_field_tag 'quantity', nil, :in => 1...10
-      #   => <input id="quantity" name="quantity" min="1" max="9" />
+      #   => <input id="quantity" name="quantity" min="1" max="9" type="number" />
       def number_field_tag(name, value = nil, options = {})
         options = options.stringify_keys
         options["type"] ||= "number"
@@ -597,6 +600,12 @@ module ActionView
         number_field_tag(name, value, options.stringify_keys.update("type" => "range"))
       end
 
+      # Creates the hidden UTF8 enforcer tag. Override this method in a helper
+      # to customize the tag.
+      def utf8_enforcer_tag
+        tag(:input, :type => "hidden", :name => "utf8", :value => "&#x2713;".html_safe)
+      end
+
       private
         def html_options_for_form(url_for_options, options)
           options.stringify_keys.tap do |html_options|
@@ -611,9 +620,6 @@ module ActionView
         end
 
         def extra_tags_for_form(html_options)
-          snowman_tag = tag(:input, :type => "hidden",
-                            :name => "utf8", :value => "&#x2713;".html_safe)
-
           authenticity_token = html_options.delete("authenticity_token")
           method = html_options.delete("method").to_s
 
@@ -629,7 +635,7 @@ module ActionView
               tag(:input, :type => "hidden", :name => "_method", :value => method) + token_tag(authenticity_token)
           end
 
-          tags = snowman_tag << method_tag
+          tags = utf8_enforcer_tag << method_tag
           content_tag(:div, tags, :style => 'margin:0;padding:0;display:inline')
         end
 
@@ -650,7 +656,7 @@ module ActionView
           if token == false || !protect_against_forgery?
             ''
           else
-            token = form_authenticity_token if token.nil?
+            token ||= form_authenticity_token
             tag(:input, :type => "hidden", :name => request_forgery_protection_token.to_s, :value => token)
           end
         end