actionpack 4.1.16 → 4.2.0.beta1

data/lib/action_controller/metal/url_for.rb

@@ -23,25 +23,24 @@ module ActionController
     include AbstractController::UrlFor
 
     def url_options
-      @_url_options ||= super.reverse_merge(
+      @_url_options ||= {
         :host => request.host,
         :port => request.optional_port,
         :protocol => request.protocol,
-        :_recall => request.symbolized_path_parameters
-      ).freeze
+        :_recall => request.path_parameters
+      }.merge!(super).freeze
 
-      if (same_origin = _routes.equal?(env["action_dispatch.routes"])) ||
+      if (same_origin = _routes.equal?(env["action_dispatch.routes".freeze])) ||
          (script_name = env["ROUTES_#{_routes.object_id}_SCRIPT_NAME"]) ||
-         (original_script_name = env['ORIGINAL_SCRIPT_NAME'])
+         (original_script_name = env['ORIGINAL_SCRIPT_NAME'.freeze])
 
-        @_url_options.dup.tap do |options|
-          if original_script_name
-            options[:original_script_name] = original_script_name
-          else
-            options[:script_name] = same_origin ? request.script_name.dup : script_name
-          end
-          options.freeze
+        options = @_url_options.dup
+        if original_script_name
+          options[:original_script_name] = original_script_name
+        else
+          options[:script_name] = same_origin ? request.script_name.dup : script_name
         end
+        options.freeze
       else
         @_url_options
       end

data/lib/action_controller/model_naming.rb

@@ -6,7 +6,7 @@ module ActionController
     end
 
     def model_name_from_record_or_class(record_or_class)
-      (record_or_class.is_a?(Class) ? record_or_class : convert_to_model(record_or_class).class).model_name
+      convert_to_model(record_or_class).model_name
     end
   end
 end

data/lib/action_controller/railtie.rb

@@ -23,6 +23,10 @@ module ActionController
       options = app.config.action_controller
 
       ActionController::Parameters.permit_all_parameters = options.delete(:permit_all_parameters) { false }
+      if app.config.action_controller[:always_permitted_parameters]
+        ActionController::Parameters.always_permitted_parameters =
+          app.config.action_controller.delete(:always_permitted_parameters)
+      end
       ActionController::Parameters.action_on_unpermitted_parameters = options.delete(:action_on_unpermitted_parameters) do
         (Rails.env.test? || Rails.env.development?) ? :log : false
       end

data/lib/action_controller/test_case.rb

@@ -3,6 +3,8 @@ require 'active_support/core_ext/object/to_query'
 require 'active_support/core_ext/module/anonymous'
 require 'active_support/core_ext/hash/keys'
 
+require 'rails-dom-testing'
+
 module ActionController
   module TemplateAssertions
     extend ActiveSupport::Concern
@@ -12,13 +14,16 @@ module ActionController
       teardown :teardown_subscriptions
     end
 
+    RENDER_TEMPLATE_INSTANCE_VARIABLES = %w{partials templates layouts files}.freeze
+
     def setup_subscriptions
-      @_partials = Hash.new(0)
-      @_templates = Hash.new(0)
-      @_layouts = Hash.new(0)
-      @_files = Hash.new(0)
+      RENDER_TEMPLATE_INSTANCE_VARIABLES.each do |instance_variable|
+        instance_variable_set("@_#{instance_variable}", Hash.new(0))
+      end
+
+      @_subscribers = []
 
-      ActiveSupport::Notifications.subscribe("render_template.action_view") do |_name, _start, _finish, _id, payload|
+      @_subscribers << ActiveSupport::Notifications.subscribe("render_template.action_view") do |_name, _start, _finish, _id, payload|
         path = payload[:layout]
         if path
           @_layouts[path] += 1
@@ -28,42 +33,43 @@ module ActionController
         end
       end
 
-      ActiveSupport::Notifications.subscribe("!render_template.action_view") do |_name, _start, _finish, _id, payload|
-        path = payload[:virtual_path]
-        next unless path
-        partial = path =~ /^.*\/_[^\/]*$/
+      @_subscribers << ActiveSupport::Notifications.subscribe("!render_template.action_view") do |_name, _start, _finish, _id, payload|
+        if virtual_path = payload[:virtual_path]
+          partial = virtual_path =~ /^.*\/_[^\/]*$/
 
-        if partial
-          @_partials[path] += 1
-          @_partials[path.split("/").last] += 1
-        end
-
-        @_templates[path] += 1
-      end
-
-      ActiveSupport::Notifications.subscribe("!render_template.action_view") do |_name, _start, _finish, _id, payload|
-        next if payload[:virtual_path] # files don't have virtual path
+          if partial
+            @_partials[virtual_path] += 1
+            @_partials[virtual_path.split("/").last] += 1
+          end
 
-        path = payload[:identifier]
-        if path
-          @_files[path] += 1
-          @_files[path.split("/").last] += 1
+          @_templates[virtual_path] += 1
+        else
+          path = payload[:identifier]
+          if path
+            @_files[path] += 1
+            @_files[path.split("/").last] += 1
+          end
         end
       end
     end
 
     def teardown_subscriptions
-      ActiveSupport::Notifications.unsubscribe("render_template.action_view")
-      ActiveSupport::Notifications.unsubscribe("!render_template.action_view")
+      @_subscribers.each do |subscriber|
+        ActiveSupport::Notifications.unsubscribe(subscriber)
+      end
     end
 
     def process(*args)
-      @_partials = Hash.new(0)
-      @_templates = Hash.new(0)
-      @_layouts = Hash.new(0)
+      reset_template_assertion
       super
     end
 
+    def reset_template_assertion
+      RENDER_TEMPLATE_INSTANCE_VARIABLES.each do |instance_variable|
+        instance_variable_get("@_#{instance_variable}").clear
+      end
+    end
+
     # Asserts that the request was rendered with the appropriate template file or partials.
     #
     #   # assert that the "new" view template was rendered
@@ -87,6 +93,13 @@ module ActionController
     #   # assert that no partials were rendered
     #   assert_template partial: false
     #
+    #   # assert that a file was rendered
+    #   assert_template file: "README.rdoc"
+    #
+    #   # assert that no file was rendered
+    #   assert_template file: nil
+    #   assert_template file: false
+    #
     # In a view test case, you can also assert that specific locals are passed
     # to partials:
     #
@@ -136,6 +149,8 @@ module ActionController
 
         if options[:file]
           assert_includes @_files.keys, options[:file]
+        elsif options.key?(:file)
+          assert @_files.blank?, "expected no files but #{@_files.keys} was rendered"
         end
 
         if expected_partial = options[:partial]
@@ -197,7 +212,7 @@ module ActionController
           value = value.dup
         end
 
-        if extra_keys.include?(key.to_sym)
+        if extra_keys.include?(key)
           non_path_parameters[key] = value
         else
           if value.is_a?(Array)
@@ -206,7 +221,7 @@ module ActionController
             value = value.to_param
           end
 
-          path_parameters[key.to_s] = value
+          path_parameters[key] = value
         end
       end
 
@@ -231,7 +246,6 @@ module ActionController
       @formats = nil
       @env.delete_if { |k, v| k =~ /^(action_dispatch|rack)\.request/ }
       @env.delete_if { |k, v| k =~ /^action_dispatch\.rescue/ }
-      @symbolized_path_params = nil
       @method = @request_method = nil
       @fullpath = @ip = @remote_ip = @protocol = nil
       @env['action_dispatch.request.query_parameters'] = {}
@@ -430,6 +444,7 @@ module ActionController
       extend ActiveSupport::Concern
       include ActionDispatch::TestProcess
       include ActiveSupport::Testing::ConstantLookup
+      include Rails::Dom::Testing::Assertions
 
       attr_reader :response, :request
 
@@ -453,7 +468,6 @@ module ActionController
         end
 
         def controller_class=(new_class)
-          prepare_controller_class(new_class) if new_class
           self._controller_class = new_class
         end
 
@@ -470,11 +484,6 @@ module ActionController
             Class === constant && constant < ActionController::Metal
           end
         end
-
-        def prepare_controller_class(new_class)
-          new_class.send :include, ActionController::TestCase::RaiseActionExceptions
-        end
-
       end
 
       # Simulate a GET request with the given parameters.
@@ -486,8 +495,8 @@ module ActionController
       # - +session+: A hash of parameters to store in the session. This may be +nil+.
       # - +flash+: A hash of parameters to store in the flash. This may be +nil+.
       #
-      # You can also simulate POST, PATCH, PUT, DELETE, HEAD, and OPTIONS requests with
-      # +post+, +patch+, +put+, +delete+, +head+, and +options+.
+      # You can also simulate POST, PATCH, PUT, DELETE, and HEAD requests with
+      # +post+, +patch+, +put+, +delete+, and +head+.
       #
       # Note that the request method is not verified. The different methods are
       # available to make the tests more expressive.
@@ -548,6 +557,31 @@ module ActionController
         end
       end
 
+      # Simulate a HTTP request to +action+ by specifying request method,
+      # parameters and set/volley the response.
+      #
+      # - +action+: The controller action to call.
+      # - +http_method+: Request method used to send the http request. Possible values
+      #   are +GET+, +POST+, +PATCH+, +PUT+, +DELETE+, +HEAD+. Defaults to +GET+.
+      # - +parameters+: The HTTP parameters. This may be +nil+, a hash, or a
+      #   string that is appropriately encoded (+application/x-www-form-urlencoded+
+      #   or +multipart/form-data+).
+      # - +session+: A hash of parameters to store in the session. This may be +nil+.
+      # - +flash+: A hash of parameters to store in the flash. This may be +nil+.
+      #
+      # Example calling +create+ action and sending two params:
+      #
+      #   process :create, 'POST', user: { name: 'Gaurish Sharma', email: 'user@example.com' }
+      #
+      # Example sending parameters, +nil+ session and setting a flash message:
+      #
+      #   process :view, 'GET', { id: 7 }, nil, { notice: 'This is flash message' }
+      #
+      # To simulate +GET+, +POST+, +PATCH+, +PUT+, +DELETE+ and +HEAD+ requests
+      # prefer using #get, #post, #patch, #put, #delete and #head methods
+      # respectively which will make tests more expressive.
+      #
+      # Note that the request method is not verified.
       def process(action, http_method = 'GET', *args)
         check_required_ivars
 
@@ -556,6 +590,7 @@ module ActionController
         end
 
         parameters, session, flash = args
+        parameters ||= {}
 
         # Ensure that numbers and symbols passed as params are converted to
         # proper params, as is the case when engaging rack.
@@ -565,7 +600,6 @@ module ActionController
 
         unless @controller.respond_to?(:recycle!)
           @controller.extend(Testing::Functional)
-          @controller.class.class_eval { include Testing }
         end
 
         @request.recycle!
@@ -574,7 +608,6 @@ module ActionController
 
         @request.env['REQUEST_METHOD'] = http_method
 
-        parameters ||= {}
         controller_class_name = @controller.class.anonymous? ?
           "anonymous" :
           @controller.class.controller_path
@@ -602,8 +635,11 @@ module ActionController
         @response.prepare!
 
         @assigns = @controller.respond_to?(:view_assigns) ? @controller.view_assigns : {}
-        @request.session['flash'] = @request.flash.to_session_value
-        @request.session.delete('flash') if @request.session['flash'].blank?
+
+        if flash_value = @request.flash.to_session_value
+          @request.session['flash'] = flash_value
+        end
+
         @response
       end
 
@@ -651,6 +687,11 @@ module ActionController
       end
 
       private
+
+      def document_root_element
+        html_document.root
+      end
+
       def check_required_ivars
         # Sanity check for required instance variables so we can give an
         # understandable error message.
@@ -665,12 +706,11 @@ module ActionController
         unless @request.env["PATH_INFO"]
           options = @controller.respond_to?(:url_options) ? @controller.__send__(:url_options).merge(parameters) : parameters
           options.update(
-            :only_path => true,
             :action => action,
             :relative_url_root => nil,
-            :_recall => @request.symbolized_path_parameters)
+            :_recall => @request.path_parameters)
 
-          url, query_string = @routes.url_for(options).split("?", 2)
+          url, query_string = @routes.path_for(options).split("?", 2)
 
           @request.env["SCRIPT_NAME"] = @controller.config.relative_url_root
           @request.env["PATH_INFO"] = url
@@ -679,39 +719,11 @@ module ActionController
       end
 
       def html_format?(parameters)
-        return true unless parameters.is_a?(Hash)
+        return true unless parameters.key?(:format)
         Mime.fetch(parameters[:format]) { Mime['html'] }.html?
       end
     end
 
-    # When the request.remote_addr remains the default for testing, which is 0.0.0.0, the exception is simply raised inline
-    # (skipping the regular exception handling from rescue_action). If the request.remote_addr is anything else, the regular
-    # rescue_action process takes place. This means you can test your rescue_action code by setting remote_addr to something else
-    # than 0.0.0.0.
-    #
-    # The exception is stored in the exception accessor for further inspection.
-    module RaiseActionExceptions
-      def self.included(base) #:nodoc:
-        unless base.method_defined?(:exception) && base.method_defined?(:exception=)
-          base.class_eval do
-            attr_accessor :exception
-            protected :exception, :exception=
-          end
-        end
-      end
-
-      protected
-        def rescue_action_without_handler(e)
-          self.exception = e
-
-          if request.remote_addr == "0.0.0.0"
-            raise(e)
-          else
-            super(e)
-          end
-        end
-    end
-
     include Behavior
   end
 end

data/lib/action_dispatch/http/cache.rb

@@ -92,7 +92,7 @@ module ActionDispatch
         LAST_MODIFIED = "Last-Modified".freeze
         ETAG          = "ETag".freeze
         CACHE_CONTROL = "Cache-Control".freeze
-        SPECIAL_KEYS  = %w[extras no-cache max-age public must-revalidate]
+        SPECIAL_KEYS  = Set.new(%w[extras no-cache max-age public must-revalidate])
 
         def cache_control_segments
           if cache_control = self[CACHE_CONTROL]

data/lib/action_dispatch/http/filter_parameters.rb

@@ -6,8 +6,8 @@ module ActionDispatch
   module Http
     # Allows you to specify sensitive parameters which will be replaced from
     # the request log by looking in the query string of the request and all
-    # subhashes of the params hash to filter. If a block is given, each key and
-    # value of the params hash and all subhashes is passed to it, the value
+    # sub-hashes of the params hash to filter. If a block is given, each key and
+    # value of the params hash and all sub-hashes is passed to it, the value
     # or key can be replaced using String#replace or similar method.
     #
     #   env["action_dispatch.parameter_filter"] = [:password]

data/lib/action_dispatch/http/headers.rb

@@ -1,27 +1,47 @@
 module ActionDispatch
   module Http
+    # Provides access to the request's HTTP headers from the environment.
+    #
+    #   env     = { "CONTENT_TYPE" => "text/plain" }
+    #   headers = ActionDispatch::Http::Headers.new(env)
+    #   headers["Content-Type"] # => "text/plain"
     class Headers
-      CGI_VARIABLES = %w(
-        CONTENT_TYPE CONTENT_LENGTH
-        HTTPS AUTH_TYPE GATEWAY_INTERFACE
-        PATH_INFO PATH_TRANSLATED QUERY_STRING
-        REMOTE_ADDR REMOTE_HOST REMOTE_IDENT REMOTE_USER
-        REQUEST_METHOD SCRIPT_NAME
-        SERVER_NAME SERVER_PORT SERVER_PROTOCOL SERVER_SOFTWARE
-      )
+      CGI_VARIABLES = Set.new(%W[
+        AUTH_TYPE
+        CONTENT_LENGTH
+        CONTENT_TYPE
+        GATEWAY_INTERFACE
+        HTTPS
+        PATH_INFO
+        PATH_TRANSLATED
+        QUERY_STRING
+        REMOTE_ADDR
+        REMOTE_HOST
+        REMOTE_IDENT
+        REMOTE_USER
+        REQUEST_METHOD
+        SCRIPT_NAME
+        SERVER_NAME
+        SERVER_PORT
+        SERVER_PROTOCOL
+        SERVER_SOFTWARE
+      ]).freeze
+
       HTTP_HEADER = /\A[A-Za-z0-9-]+\z/
 
       include Enumerable
       attr_reader :env
 
-      def initialize(env = {})
+      def initialize(env = {}) # :nodoc:
         @env = env
       end
 
+      # Returns the value for the given key mapped to @env.
       def [](key)
         @env[env_name(key)]
       end
 
+      # Sets the given value for the key mapped to @env.
       def []=(key, value)
         @env[env_name(key)] = value
       end
@@ -31,6 +51,13 @@ module ActionDispatch
       end
       alias :include? :key?
 
+      # Returns the value for the given key mapped to @env.
+      #
+      # If the key is not found and an optional code block is not provided,
+      # raises a <tt>KeyError</tt> exception.
+      #
+      # If the code block is provided, then it will be run and
+      # its result returned.
       def fetch(key, *args, &block)
         @env.fetch env_name(key), *args, &block
       end
@@ -39,12 +66,17 @@ module ActionDispatch
         @env.each(&block)
       end
 
+      # Returns a new Http::Headers instance containing the contents of
+      # <tt>headers_or_env</tt> and the original instance.
       def merge(headers_or_env)
         headers = Http::Headers.new(env.dup)
         headers.merge!(headers_or_env)
         headers
       end
 
+      # Adds the contents of <tt>headers_or_env</tt> to original instance
+      # entries; duplicate keys are overwritten with the values from
+      # <tt>headers_or_env</tt>.
       def merge!(headers_or_env)
         headers_or_env.each do |key, value|
           self[env_name(key)] = value
@@ -52,6 +84,8 @@ module ActionDispatch
       end
 
       private
+      # Converts a HTTP header name to an environment variable name if it is
+      # not contained within the headers hash.
       def env_name(key)
         key = key.to_s
         if key =~ HTTP_HEADER