actionpack 4.0.13 → 4.1.0.beta1

data/lib/action_controller/base.rb

@@ -1,9 +1,10 @@
+require 'action_view'
 require "action_controller/log_subscriber"
 require "action_controller/metal/params_wrapper"
 
 module ActionController
   # Action Controllers are the core of a web request in \Rails. They are made up of one or more actions that are executed
-  # on request and then either render a template or redirect to another action. An action is defined as a public method
+  # on request and then either it renders a template or redirects to another action. An action is defined as a public method
   # on the controller, which will automatically be made accessible to the web-server through \Rails Routes.
   #
   # By default, only the ApplicationController in a \Rails application inherits from <tt>ActionController::Base</tt>. All other
@@ -200,7 +201,7 @@ module ActionController
     end
 
     MODULES = [
-      AbstractController::Layouts,
+      AbstractController::Rendering,
       AbstractController::Translation,
       AbstractController::AssetPaths,
 
@@ -208,6 +209,7 @@ module ActionController
       HideActions,
       UrlFor,
       Redirecting,
+      ActionView::Layouts,
       Rendering,
       Renderers::All,
       ConditionalGet,
@@ -223,7 +225,6 @@ module ActionController
       ForceSSL,
       Streaming,
       DataStreaming,
-      RecordIdentifier,
       HttpAuthentication::Basic::ControllerMethods,
       HttpAuthentication::Digest::ControllerMethods,
       HttpAuthentication::Token::ControllerMethods,
@@ -249,10 +250,17 @@ module ActionController
     end
 
     # Define some internal variables that should not be propagated to the view.
-    self.protected_instance_variables = [
+    PROTECTED_IVARS = AbstractController::Rendering::DEFAULT_PROTECTED_INSTANCE_VARIABLES + [
       :@_status, :@_headers, :@_params, :@_env, :@_response, :@_request,
-      :@_view_runtime, :@_stream, :@_url_options, :@_action_has_layout
-    ]
+      :@_view_runtime, :@_stream, :@_url_options, :@_action_has_layout ]
+
+    def _protected_ivars # :nodoc:
+      PROTECTED_IVARS
+    end
+
+    def self.protected_instance_variables
+      PROTECTED_IVARS
+    end
 
     ActiveSupport.run_load_hooks(:action_controller, self)
   end

data/lib/action_controller/caching.rb

@@ -9,7 +9,7 @@ module ActionController
   # You can read more about each approach by clicking the modules below.
   #
   # Note: To turn off all caching, set
-  #   config.action_controller.perform_caching = false.
+  #   config.action_controller.perform_caching = false
   #
   # == \Caching stores
   #
@@ -58,16 +58,6 @@ module ActionController
       config_accessor :default_static_extension
       self.default_static_extension ||= '.html'
 
-      def self.page_cache_extension=(extension)
-        ActiveSupport::Deprecation.deprecation_warning(:page_cache_extension, :default_static_extension)
-        self.default_static_extension = extension
-      end
-
-      def self.page_cache_extension
-        ActiveSupport::Deprecation.deprecation_warning(:page_cache_extension, :default_static_extension)
-        default_static_extension
-      end
-
       config_accessor :perform_caching
       self.perform_caching = true if perform_caching.nil?
 

data/lib/action_controller/log_subscriber.rb

@@ -33,7 +33,7 @@ module ActionController
     end
 
     def halted_callback(event)
-      info("Filter chain halted as #{event.payload[:filter]} rendered or redirected")
+      info("Filter chain halted as #{event.payload[:filter].inspect} rendered or redirected")
     end
 
     def send_file(event)

data/lib/action_controller/metal.rb

@@ -231,9 +231,5 @@ module ActionController
         new.dispatch(name, klass.new(env))
       end
     end
-
-    def _status_code
-      @_status
-    end
   end
 end

data/lib/action_controller/metal/flash.rb

@@ -11,6 +11,23 @@ module ActionController #:nodoc:
     end
 
     module ClassMethods
+      # Creates new flash types. You can pass as many types as you want to create
+      # flash types other than the default <tt>alert</tt> and <tt>notice</tt> in
+      # your controllers and views. For instance:
+      #
+      #   # in application_controller.rb
+      #   class ApplicationController < ActionController::Base
+      #     add_flash_types :warning
+      #   end
+      #
+      #   # in your controller
+      #   redirect_to user_path(@user), warning: "Incomplete profile"
+      #
+      #   # in your view
+      #   <%= warning %>
+      #
+      # This method will automatically define a new method for each of the given
+      # names, and it will be available in your views.
       def add_flash_types(*types)
         types.each do |type|
           next if _flash_types.include?(type)

data/lib/action_controller/metal/force_ssl.rb

@@ -48,7 +48,7 @@ module ActionController
       # You can pass any of the following options to affect the redirect status and response
       # * <tt>status</tt>     - Redirect with a custom status (default is 301 Moved Permanently)
       # * <tt>flash</tt>      - Set a flash message when redirecting
-      # * <tt>alert</tt>      - Set a alert message when redirecting
+      # * <tt>alert</tt>      - Set an alert message when redirecting
       # * <tt>notice</tt>     - Set a notice message when redirecting
       #
       # ==== Action Options

data/lib/action_controller/metal/head.rb

@@ -1,7 +1,5 @@
 module ActionController
   module Head
-    extend ActiveSupport::Concern
-
     # Return a response that has no content (merely headers). The options
     # argument is interpreted to be a hash of header names and values.
     # This allows you to easily return a response that consists only of
@@ -29,7 +27,7 @@ module ActionController
       self.status = status
       self.location = url_for(location) if location
 
-      if include_content?(self._status_code)
+      if include_content?(self.status)
         self.content_type = content_type || (Mime[formats.first] if formats)
         self.response.charset = false if self.response
         self.response_body = " "

data/lib/action_controller/metal/helpers.rb

@@ -5,7 +5,7 @@ module ActionController
   #
   # In addition to using the standard template helpers provided, creating custom helpers to
   # extract complicated logic or reusable functionality is strongly encouraged. By default, each controller
-  # will include all helpers.
+  # will include all helpers. These helpers are only accessible on the controller through <tt>.helpers</tt>
   #
   # In previous versions of \Rails the controller will include a helper whose
   # name matches that of the controller, e.g., <tt>MyController</tt> will automatically
@@ -73,7 +73,11 @@ module ActionController
 
       # Provides a proxy to access helpers methods from outside the view.
       def helpers
-        @helper_proxy ||= ActionView::Base.new.extend(_helpers)
+        @helper_proxy ||= begin 
+          proxy = ActionView::Base.new
+          proxy.config = config.inheritable_copy
+          proxy.extend(_helpers)
+        end
       end
 
       # Overwrite modules_for_helpers to accept :all as argument, which loads

data/lib/action_controller/metal/http_authentication.rb

@@ -96,7 +96,7 @@ module ActionController
       end
 
       def user_name_and_password(request)
-        decode_credentials(request).split(':', 2)
+        decode_credentials(request).split(/:/, 2)
       end
 
       def decode_credentials(request)
@@ -109,8 +109,8 @@ module ActionController
 
       def authentication_request(controller, realm)
         controller.headers["WWW-Authenticate"] = %(Basic realm="#{realm.gsub(/"/, "")}")
-        controller.status = 401
         controller.response_body = "HTTP Basic: Access denied.\n"
+        controller.status = 401
       end
     end
 
@@ -244,8 +244,8 @@ module ActionController
       def authentication_request(controller, realm, message = nil)
         message ||= "HTTP Digest: Access denied.\n"
         authentication_header(controller, realm)
-        controller.status = 401
         controller.response_body = message
+        controller.status = 401
       end
 
       def secret_token(request)
@@ -385,7 +385,6 @@ module ActionController
     #
     #   RewriteRule ^(.*)$ dispatch.fcgi [E=X-HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L]
     module Token
-      TOKEN_KEY = 'token='
       TOKEN_REGEX = /^Token /
       AUTHN_PAIR_DELIMITERS = /(?:,|;|\t+)/
       extend self
@@ -438,7 +437,7 @@ module ActionController
         authorization_request = request.authorization.to_s
         if authorization_request[TOKEN_REGEX]
           params = token_params_from authorization_request
-          [params.shift[1], Hash[params].with_indifferent_access]
+          [params.shift.last, Hash[params].with_indifferent_access]
         end
       end
 
@@ -453,20 +452,14 @@ module ActionController
 
       # This removes the `"` characters wrapping the value.
       def rewrite_param_values(array_params)
-        array_params.each { |param| (param[1] || "").gsub! %r/^"|"$/, '' }
+        array_params.each { |param| param.last.gsub! %r/^"|"$/, '' }
       end
 
       # This method takes an authorization body and splits up the key-value
       # pairs by the standardized `:`, `;`, or `\t` delimiters defined in
       # `AUTHN_PAIR_DELIMITERS`.
       def raw_params(auth)
-        _raw_params = auth.sub(TOKEN_REGEX, '').split(/\s*#{AUTHN_PAIR_DELIMITERS}\s*/)
-
-        if !(_raw_params.first =~ %r{\A#{TOKEN_KEY}})
-          _raw_params[0] = "#{TOKEN_KEY}#{_raw_params.first}"
-        end
-
-        _raw_params
+        auth.sub(TOKEN_REGEX, '').split(/"\s*#{AUTHN_PAIR_DELIMITERS}\s*/)
       end
 
       # Encodes the given token and options into an Authorization header value.
@@ -476,7 +469,7 @@ module ActionController
       #
       # Returns String.
       def encode_credentials(token, options = {})
-        values = ["#{TOKEN_KEY}#{token.to_s.inspect}"] + options.map do |key, value|
+        values = ["token=#{token.to_s.inspect}"] + options.map do |key, value|
           "#{key}=#{value.to_s.inspect}"
         end
         "Token #{values * ", "}"

data/lib/action_controller/metal/instrumentation.rb

@@ -67,7 +67,7 @@ module ActionController
 
   private
 
-    # A hook invoked everytime a before callback is halted.
+    # A hook invoked every time a before callback is halted.
     def halted_callback_hook(filter)
       ActiveSupport::Notifications.instrument("halted_callback.action_controller", :filter => filter)
     end

data/lib/action_controller/metal/live.rb

@@ -1,5 +1,6 @@
 require 'action_dispatch/http/response'
 require 'delegate'
+require 'active_support/json'
 
 module ActionController
   # Mix this module in to your controller, and all actions in that controller
@@ -32,6 +33,79 @@ module ActionController
   # the main thread. Make sure your actions are thread safe, and this shouldn't
   # be a problem (don't share state across threads, etc).
   module Live
+    # This class provides the ability to write an SSE (Server Sent Event)
+    # to an IO stream. The class is initialized with a stream and can be used
+    # to either write a JSON string or an object which can be converted to JSON.
+    #
+    # Writing an object will convert it into standard SSE format with whatever
+    # options you have configured. You may choose to set the following options:
+    #
+    #   1) Event. If specified, an event with this name will be dispatched on
+    #   the browser.
+    #   2) Retry. The reconnection time in milliseconds used when attempting
+    #   to send the event.
+    #   3) Id. If the connection dies while sending an SSE to the browser, then
+    #   the server will receive a +Last-Event-ID+ header with value equal to +id+.
+    #
+    # After setting an option in the constructor of the SSE object, all future
+    # SSEs sent across the stream will use those options unless overridden.
+    #
+    # Example Usage:
+    #
+    #   class MyController < ActionController::Base
+    #     include ActionController::Live
+    #
+    #     def index
+    #       response.headers['Content-Type'] = 'text/event-stream'
+    #       sse = SSE.new(response.stream, retry: 300, event: "event-name")
+    #       sse.write({ name: 'John'})
+    #       sse.write({ name: 'John'}, id: 10)
+    #       sse.write({ name: 'John'}, id: 10, event: "other-event")
+    #       sse.write({ name: 'John'}, id: 10, event: "other-event", retry: 500)
+    #     ensure
+    #       sse.close
+    #     end
+    #   end
+    #
+    # Note: SSEs are not currently supported by IE. However, they are supported
+    # by Chrome, Firefox, Opera, and Safari.
+    class SSE
+
+      WHITELISTED_OPTIONS = %w( retry event id )
+
+      def initialize(stream, options = {})
+        @stream = stream
+        @options = options
+      end
+
+      def close
+        @stream.close
+      end
+
+      def write(object, options = {})
+        case object
+        when String
+          perform_write(object, options)
+        else
+          perform_write(ActiveSupport::JSON.encode(object), options)
+        end
+      end
+
+      private
+
+        def perform_write(json, options)
+          current_options = @options.merge(options).stringify_keys
+
+          WHITELISTED_OPTIONS.each do |option_name|
+            if (option_value = current_options[option_name])
+              @stream.write "#{option_name}: #{option_value}\n"
+            end
+          end
+
+          @stream.write "data: #{json}\n\n"
+        end
+    end
+
     class Buffer < ActionDispatch::Response::Buffer #:nodoc:
       def initialize(response)
         @error_callback = nil

data/lib/action_controller/metal/mime_responds.rb

@@ -181,13 +181,50 @@ module ActionController #:nodoc:
     #     end
     #   end
     #
+    # Formats can have different variants.
+    #
+    # The request variant is a specialization of the request format, like <tt>:tablet</tt>,
+    # <tt>:phone</tt>, or <tt>:desktop</tt>.
+    #
+    # We often want to render different html/json/xml templates for phones,
+    # tablets, and desktop browsers. Variants make it easy.
+    #
+    # You can set the variant in a +before_action+:
+    #
+    #   request.variant = :tablet if request.user_agent =~ /iPad/
+    #
+    # Respond to variants in the action just like you respond to formats:
+    #
+    #   respond_to do |format|
+    #     format.html do |variant|
+    #       variant.tablet # renders app/views/projects/show.html+tablet.erb
+    #       variant.phone { extra_setup; render ... }
+    #       variant.none  { special_setup } # executed only if there is no variant set
+    #     end
+    #   end
+    #
+    # Provide separate templates for each format and variant:
+    #
+    #   app/views/projects/show.html.erb
+    #   app/views/projects/show.html+tablet.erb
+    #   app/views/projects/show.html+phone.erb
+    #
+    # When you're not sharing any code within the format, you can simplify defining variants
+    # using the inline syntax:
+    #
+    #   respond_to do |format|
+    #     format.js         { render "trash" }
+    #     format.html.phone { redirect_to progress_path }
+    #     format.html.none  { render "trash" }
+    #   end
+    #
     # Be sure to check the documentation of +respond_with+ and
     # <tt>ActionController::MimeResponds.respond_to</tt> for more examples.
     def respond_to(*mimes, &block)
       raise ArgumentError, "respond_to takes either types or a block, never both" if mimes.any? && block_given?
 
       if collector = retrieve_collector_from_mimes(mimes, &block)
-        response = collector.response
+        response = collector.response(request.variant)
         response ? response.call : render({})
       end
     end
@@ -260,7 +297,7 @@ module ActionController #:nodoc:
     # * for other requests - i.e. data formats such as xml, json, csv etc, if
     #   the resource passed to +respond_with+ responds to <code>to_<format></code>,
     #   the method attempts to render the resource in the requested format
-    #   directly, e.g. for an xml request, the response is equivalent to calling 
+    #   directly, e.g. for an xml request, the response is equivalent to calling
     #   <code>render xml: resource</code>.
     #
     # === Nested resources
@@ -321,12 +358,15 @@ module ActionController #:nodoc:
     # 2. <tt>:action</tt> - overwrites the default render action used after an
     #    unsuccessful html +post+ request.
     def respond_with(*resources, &block)
-      raise "In order to use respond_with, first you need to declare the formats your " \
-            "controller responds to in the class level" if self.class.mimes_for_respond_to.empty?
+      if self.class.mimes_for_respond_to.empty?
+        raise "In order to use respond_with, first you need to declare the " \
+          "formats your controller responds to in the class level."
+      end
 
       if collector = retrieve_collector_from_mimes(&block)
         options = resources.size == 1 ? {} : resources.extract_options!
-        options[:default_response] = collector.response
+        options = options.clone
+        options[:default_response] = collector.response(request.variant)
         (options.delete(:responder) || self.class.responder).call(self, resources, options)
       end
     end
@@ -364,9 +404,7 @@ module ActionController #:nodoc:
       format = collector.negotiate_format(request)
 
       if format
-        self.content_type ||= format.to_s
-        lookup_context.formats = [format.to_sym]
-        lookup_context.rendered_format = lookup_context.formats.first
+        _process_format(format)
         collector
       else
         raise ActionController::UnknownFormat
@@ -397,11 +435,12 @@ module ActionController #:nodoc:
     # request, with this response then being accessible by calling #response.
     class Collector
       include AbstractController::Collector
-      attr_accessor :order, :format
+      attr_accessor :format
 
       def initialize(mimes)
-        @order, @responses = [], {}
-        mimes.each { |mime| send(mime) }
+        @responses = {}
+
+        mimes.each { |mime| @responses["Mime::#{mime.upcase}".constantize] = nil }
       end
 
       def any(*args, &block)
@@ -415,16 +454,54 @@ module ActionController #:nodoc:
 
       def custom(mime_type, &block)
         mime_type = Mime::Type.lookup(mime_type.to_s) unless mime_type.is_a?(Mime::Type)
-        @order << mime_type
-        @responses[mime_type] ||= block
+        @responses[mime_type] ||= if block_given?
+          block
+        else
+          VariantCollector.new
+        end
       end
 
-      def response
-        @responses.fetch(format, @responses[Mime::ALL])
+      def response(variant)
+        response = @responses.fetch(format, @responses[Mime::ALL])
+        if response.is_a?(VariantCollector)
+          response.variant(variant)
+        elsif response.nil? || response.arity == 0
+          response
+        else
+          lambda { response.call VariantFilter.new(variant) }
+        end
       end
 
       def negotiate_format(request)
-        @format = request.negotiate_mime(order)
+        @format = request.negotiate_mime(@responses.keys)
+      end
+
+      #Used for inline syntax
+      class VariantCollector #:nodoc:
+        def initialize
+          @variants = {}
+        end
+
+        def method_missing(name, *args, &block)
+          @variants[name] = block if block_given?
+        end
+
+        def variant(name)
+          @variants[name.nil? ? :none : name]
+        end
+      end
+
+      #Used for nested block syntax
+      class VariantFilter #:nodoc:
+        def initialize(variant)
+          @variant = variant
+        end
+
+        def method_missing(name)
+          if block_given?
+            yield if name == @variant || (name == :none && @variant.nil?)
+          end
+        end
       end
     end
   end