actionpack 4.1.7 → 4.2.1

data/README.rdoc

@@ -32,7 +32,7 @@ The latest version of Action Pack can be installed with RubyGems:
 
 Source code can be downloaded as part of the Rails project on GitHub
 
-* https://github.com/rails/rails/tree/4-1-stable/actionpack
+* https://github.com/rails/rails/tree/4-2-stable/actionpack
 
 
 == License
@@ -48,6 +48,11 @@ API documentation is at
 
 * http://api.rubyonrails.org
 
-Bug reports and feature requests can be filed with the rest for the Ruby on Rails project here:
+Bug reports can be filed for the Ruby on Rails project here:
 
 * https://github.com/rails/rails/issues
+
+Feature requests should be discussed on the rails-core mailing list here:
+
+* https://groups.google.com/forum/?fromgroups#!forum/rubyonrails-core
+

data/lib/abstract_controller/base.rb

@@ -8,7 +8,8 @@ module AbstractController
   class Error < StandardError #:nodoc:
   end
 
-  class ActionNotFound < StandardError #:nodoc:
+  # Raised when a non-existing controller action is triggered.
+  class ActionNotFound < StandardError
   end
 
   # <tt>AbstractController::Base</tt> is a low-level API. Nobody should be
@@ -120,14 +121,14 @@ module AbstractController
     #
     # The actual method that is called is determined by calling
     # #method_for_action. If no method can handle the action, then an
-    # ActionNotFound error is raised.
+    # AbstractController::ActionNotFound error is raised.
     #
     # ==== Returns
     # * <tt>self</tt>
     def process(action, *args)
-      @_action_name = action_name = action.to_s
+      @_action_name = action.to_s
 
-      unless action_name = _find_action_name(action_name)
+      unless action_name = _find_action_name(@_action_name)
         raise ActionNotFound, "The action '#{action}' could not be found for #{self.class.name}"
       end
 
@@ -163,6 +164,14 @@ module AbstractController
       _find_action_name(action_name).present?
     end
 
+    # Returns true if the given controller is capable of rendering
+    # a path. A subclass of +AbstractController::Base+
+    # may return false. An Email controller for example does not
+    # support paths, only full URLs.
+    def self.supports_path?
+      true
+    end
+
     private
 
       # Returns true if the name can be considered an action because
@@ -215,7 +224,8 @@ module AbstractController
       #
       # ==== Returns
       # * <tt>string</tt> - The name of the method that handles the action
-      # * false           - No valid method name could be found. Raise ActionNotFound.
+      # * false           - No valid method name could be found.
+      # Raise AbstractController::ActionNotFound.
       def _find_action_name(action_name)
         _valid_action_name?(action_name) && method_for_action(action_name)
       end
@@ -235,7 +245,7 @@ module AbstractController
       # the case.
       #
       # If none of these conditions are true, and method_for_action
-      # returns nil, an ActionNotFound exception will be raised.
+      # returns nil, an AbstractController::ActionNotFound exception will be raised.
       #
       # ==== Parameters
       # * <tt>action_name</tt> - An action name to find a method name for

data/lib/abstract_controller/callbacks.rb

@@ -42,20 +42,18 @@ module AbstractController
         end
       end
 
-      # Skip before, after, and around action callbacks matching any of the names
-      # Aliased as skip_filter.
+      # Skip before, after, and around action callbacks matching any of the names.
       #
       # ==== Parameters
       # * <tt>names</tt> - A list of valid names that could be used for
       #   callbacks. Note that skipping uses Ruby equality, so it's
       #   impossible to skip a callback defined using an anonymous proc
-      #   using #skip_filter
+      #   using #skip_action_callback
       def skip_action_callback(*names)
         skip_before_action(*names)
         skip_after_action(*names)
         skip_around_action(*names)
       end
-
       alias_method :skip_filter, :skip_action_callback
 
       # Take callback names and an optional callback proc, normalize them,
@@ -85,7 +83,6 @@ module AbstractController
       # :call-seq: before_action(names, block)
       #
       # Append a callback before actions. See _insert_callbacks for parameter details.
-      # Aliased as before_filter.
 
       ##
       # :method: prepend_before_action
@@ -93,7 +90,6 @@ module AbstractController
       # :call-seq: prepend_before_action(names, block)
       #
       # Prepend a callback before actions. See _insert_callbacks for parameter details.
-      # Aliased as prepend_before_filter.
 
       ##
       # :method: skip_before_action
@@ -101,7 +97,6 @@ module AbstractController
       # :call-seq: skip_before_action(names)
       #
       # Skip a callback before actions. See _insert_callbacks for parameter details.
-      # Aliased as skip_before_filter.
 
       ##
       # :method: append_before_action
@@ -109,7 +104,6 @@ module AbstractController
       # :call-seq: append_before_action(names, block)
       #
       # Append a callback before actions. See _insert_callbacks for parameter details.
-      # Aliased as append_before_filter.
 
       ##
       # :method: after_action
@@ -117,7 +111,6 @@ module AbstractController
       # :call-seq: after_action(names, block)
       #
       # Append a callback after actions. See _insert_callbacks for parameter details.
-      # Aliased as after_filter.
 
       ##
       # :method: prepend_after_action
@@ -125,7 +118,6 @@ module AbstractController
       # :call-seq: prepend_after_action(names, block)
       #
       # Prepend a callback after actions. See _insert_callbacks for parameter details.
-      # Aliased as prepend_after_filter.
 
       ##
       # :method: skip_after_action
@@ -133,7 +125,6 @@ module AbstractController
       # :call-seq: skip_after_action(names)
       #
       # Skip a callback after actions. See _insert_callbacks for parameter details.
-      # Aliased as skip_after_filter.
 
       ##
       # :method: append_after_action
@@ -141,7 +132,6 @@ module AbstractController
       # :call-seq: append_after_action(names, block)
       #
       # Append a callback after actions. See _insert_callbacks for parameter details.
-      # Aliased as append_after_filter.
 
       ##
       # :method: around_action
@@ -149,7 +139,6 @@ module AbstractController
       # :call-seq: around_action(names, block)
       #
       # Append a callback around actions. See _insert_callbacks for parameter details.
-      # Aliased as around_filter.
 
       ##
       # :method: prepend_around_action
@@ -157,7 +146,6 @@ module AbstractController
       # :call-seq: prepend_around_action(names, block)
       #
       # Prepend a callback around actions. See _insert_callbacks for parameter details.
-      # Aliased as prepend_around_filter.
 
       ##
       # :method: skip_around_action
@@ -165,7 +153,6 @@ module AbstractController
       # :call-seq: skip_around_action(names)
       #
       # Skip a callback around actions. See _insert_callbacks for parameter details.
-      # Aliased as skip_around_filter.
 
       ##
       # :method: append_around_action
@@ -173,46 +160,36 @@ module AbstractController
       # :call-seq: append_around_action(names, block)
       #
       # Append a callback around actions. See _insert_callbacks for parameter details.
-      # Aliased as append_around_filter.
 
       # set up before_action, prepend_before_action, skip_before_action, etc.
       # for each of before, after, and around.
       [:before, :after, :around].each do |callback|
-        class_eval <<-RUBY_EVAL, __FILE__, __LINE__ + 1
-          # Append a before, after or around callback. See _insert_callbacks
-          # for details on the allowed parameters.
-          def #{callback}_action(*names, &blk)                                                    # def before_action(*names, &blk)
-            _insert_callbacks(names, blk) do |name, options|                                      #   _insert_callbacks(names, blk) do |name, options|
-              set_callback(:process_action, :#{callback}, name, options)                          #     set_callback(:process_action, :before, name, options)
-            end                                                                                   #   end
-          end                                                                                     # end
-
-          alias_method :#{callback}_filter, :#{callback}_action
-
-          # Prepend a before, after or around callback. See _insert_callbacks
-          # for details on the allowed parameters.
-          def prepend_#{callback}_action(*names, &blk)                                            # def prepend_before_action(*names, &blk)
-            _insert_callbacks(names, blk) do |name, options|                                      #   _insert_callbacks(names, blk) do |name, options|
-              set_callback(:process_action, :#{callback}, name, options.merge(:prepend => true))  #     set_callback(:process_action, :before, name, options.merge(:prepend => true))
-            end                                                                                   #   end
-          end                                                                                     # end
-
-          alias_method :prepend_#{callback}_filter, :prepend_#{callback}_action
-
-          # Skip a before, after or around callback. See _insert_callbacks
-          # for details on the allowed parameters.
-          def skip_#{callback}_action(*names)                                                     # def skip_before_action(*names)
-            _insert_callbacks(names) do |name, options|                                           #   _insert_callbacks(names) do |name, options|
-              skip_callback(:process_action, :#{callback}, name, options)                         #     skip_callback(:process_action, :before, name, options)
-            end                                                                                   #   end
-          end                                                                                     # end
-
-          alias_method :skip_#{callback}_filter, :skip_#{callback}_action
-
-          # *_action is the same as append_*_action
-          alias_method :append_#{callback}_action, :#{callback}_action  # alias_method :append_before_action, :before_action
-          alias_method :append_#{callback}_filter, :#{callback}_action  # alias_method :append_before_filter, :before_action
-        RUBY_EVAL
+        define_method "#{callback}_action" do |*names, &blk|
+          _insert_callbacks(names, blk) do |name, options|
+            set_callback(:process_action, callback, name, options)
+          end
+        end
+        alias_method :"#{callback}_filter", :"#{callback}_action"
+
+        define_method "prepend_#{callback}_action" do |*names, &blk|
+          _insert_callbacks(names, blk) do |name, options|
+            set_callback(:process_action, callback, name, options.merge(:prepend => true))
+          end
+        end
+        alias_method :"prepend_#{callback}_filter", :"prepend_#{callback}_action"
+
+        # Skip a before, after or around callback. See _insert_callbacks
+        # for details on the allowed parameters.
+        define_method "skip_#{callback}_action" do |*names|
+          _insert_callbacks(names) do |name, options|
+            skip_callback(:process_action, callback, name, options)
+          end
+        end
+        alias_method :"skip_#{callback}_filter", :"skip_#{callback}_action"
+
+        # *_action is the same as append_*_action
+        alias_method :"append_#{callback}_action", :"#{callback}_action"
+        alias_method :"append_#{callback}_filter", :"#{callback}_action"
       end
     end
   end

data/lib/abstract_controller/helpers.rb

@@ -27,9 +27,6 @@ module AbstractController
     end
 
     module ClassMethods
-      MissingHelperError = ActiveSupport::Deprecation::DeprecatedConstantProxy.new('AbstractController::Helpers::ClassMethods::MissingHelperError',
-                                                                                   'AbstractController::Helpers::MissingHelperError')
-
       # When a class is inherited, wrap its helper module in a new module.
       # This ensures that the parent class's module can be changed
       # independently of the child class's.
@@ -153,7 +150,17 @@ module AbstractController
             rescue LoadError => e
               raise AbstractController::Helpers::MissingHelperError.new(e, file_name)
             end
-            file_name.camelize.constantize
+
+            mod_name = file_name.camelize
+            begin
+              mod_name.constantize
+            rescue LoadError
+              # dependencies.rb gives a similar error message but its wording is
+              # not as clear because it mentions autoloading. To the user all it
+              # matters is that a helper module couldn't be loaded, autoloading
+              # is an internal mechanism that should not leak.
+              raise NameError, "Couldn't find #{mod_name}, expected it to be defined in helpers/#{file_name}.rb"
+            end
           when Module
             arg
           else

data/lib/abstract_controller/railties/routes_helpers.rb

@@ -1,14 +1,14 @@
 module AbstractController
   module Railties
     module RoutesHelpers
-      def self.with(routes)
+      def self.with(routes, include_path_helpers = true)
         Module.new do
           define_method(:inherited) do |klass|
             super(klass)
             if namespace = klass.parents.detect { |m| m.respond_to?(:railtie_routes_url_helpers) }
-              klass.send(:include, namespace.railtie_routes_url_helpers)
+              klass.send(:include, namespace.railtie_routes_url_helpers(include_path_helpers))
             else
-              klass.send(:include, routes.url_helpers)
+              klass.send(:include, routes.url_helpers(include_path_helpers))
             end
           end
         end

data/lib/abstract_controller/url_for.rb

@@ -11,7 +11,7 @@ module AbstractController
 
     def _routes
       raise "In order to use #url_for, you must include routing helpers explicitly. " \
-            "For instance, `include Rails.application.routes.url_helpers"
+            "For instance, `include Rails.application.routes.url_helpers`."
     end
 
     module ClassMethods

data/lib/action_controller/base.rb

@@ -44,7 +44,7 @@ module ActionController
   # The full request object is available via the request accessor and is primarily used to query for HTTP headers:
   #
   #   def server_ip
-  #     location = request.env["SERVER_ADDR"]
+  #     location = request.env["REMOTE_ADDR"]
   #     render plain: "This server hosted at #{location}"
   #   end
   #
@@ -213,6 +213,7 @@ module ActionController
       Rendering,
       Renderers::All,
       ConditionalGet,
+      EtagWithTemplateDigest,
       RackDelegation,
       Caching,
       MimeResponds,

data/lib/action_controller/caching/fragments.rb

@@ -90,7 +90,13 @@ module ActionController
       end
 
       def instrument_fragment_cache(name, key) # :nodoc:
-        ActiveSupport::Notifications.instrument("#{name}.action_controller", :key => key){ yield }
+        payload = {
+          controller: controller_name,
+          action: action_name,
+          key: key
+        }
+
+        ActiveSupport::Notifications.instrument("#{name}.action_controller", payload) { yield }
       end
     end
   end

data/lib/action_controller/caching.rb

@@ -16,7 +16,7 @@ module ActionController
   # All the caching stores from ActiveSupport::Cache are available to be used as backends
   # for Action Controller caching.
   #
-  # Configuration examples (MemoryStore is the default):
+  # Configuration examples (FileStore is the default):
   #
   #   config.action_controller.cache_store = :memory_store
   #   config.action_controller.cache_store = :file_store, '/path/to/cache/directory'

data/lib/action_controller/log_subscriber.rb

@@ -1,4 +1,3 @@
-
 module ActionController
   class LogSubscriber < ActiveSupport::LogSubscriber
     INTERNAL_PARAMS = %w(controller action format _method only_path)
@@ -16,50 +15,51 @@ module ActionController
     end
 
     def process_action(event)
-      return unless logger.info?
-
-      payload   = event.payload
-      additions = ActionController::Base.log_process_action(payload)
-
-      status = payload[:status]
-      if status.nil? && payload[:exception].present?
-        exception_class_name = payload[:exception].first
-        status = ActionDispatch::ExceptionWrapper.status_code_for_exception(exception_class_name)
+      info do
+        payload   = event.payload
+        additions = ActionController::Base.log_process_action(payload)
+
+        status = payload[:status]
+        if status.nil? && payload[:exception].present?
+          exception_class_name = payload[:exception].first
+          status = ActionDispatch::ExceptionWrapper.status_code_for_exception(exception_class_name)
+        end
+        message = "Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{event.duration.round}ms"
+        message << " (#{additions.join(" | ")})" unless additions.blank?
+        message
       end
-      message = "Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{event.duration.round}ms"
-      message << " (#{additions.join(" | ")})" unless additions.blank?
-
-      info(message)
     end
 
     def halted_callback(event)
-      info("Filter chain halted as #{event.payload[:filter].inspect} rendered or redirected")
+      info { "Filter chain halted as #{event.payload[:filter].inspect} rendered or redirected" }
     end
 
     def send_file(event)
-      info("Sent file #{event.payload[:path]} (#{event.duration.round(1)}ms)")
+      info { "Sent file #{event.payload[:path]} (#{event.duration.round(1)}ms)" }
     end
 
     def redirect_to(event)
-      info("Redirected to #{event.payload[:location]}")
+      info { "Redirected to #{event.payload[:location]}" }
     end
 
     def send_data(event)
-      info("Sent data #{event.payload[:filename]} (#{event.duration.round(1)}ms)")
+      info { "Sent data #{event.payload[:filename]} (#{event.duration.round(1)}ms)" }
     end
 
     def unpermitted_parameters(event)
-      unpermitted_keys = event.payload[:keys]
-      debug("Unpermitted parameters: #{unpermitted_keys.join(", ")}")
+      debug do
+        unpermitted_keys = event.payload[:keys]
+        "Unpermitted parameter#{'s' if unpermitted_keys.size > 1}: #{unpermitted_keys.join(", ")}"
+      end
     end
 
     def deep_munge(event)
-      message = "Value for params[:#{event.payload[:keys].join('][:')}] was set "\
-                "to nil, because it was one of [], [null] or [null, null, ...]. "\
-                "Go to http://guides.rubyonrails.org/security.html#unsafe-query-generation "\
-                "for more information."\
-
-      debug(message)
+      debug do
+        "Value for params[:#{event.payload[:keys].join('][:')}] was set "\
+        "to nil, because it was one of [], [null] or [null, null, ...]. "\
+        "Go to http://guides.rubyonrails.org/security.html#unsafe-query-generation "\
+        "for more information."\
+      end
     end
 
     %w(write_fragment read_fragment exist_fragment?

data/lib/action_controller/metal/conditional_get.rb

@@ -13,9 +13,9 @@ module ActionController
     end
 
     module ClassMethods
-      # Allows you to consider additional controller-wide information when generating an etag.
+      # Allows you to consider additional controller-wide information when generating an ETag.
       # For example, if you serve pages tailored depending on who's logged in at the moment, you
-      # may want to add the current user id to be part of the etag to prevent authorized displaying
+      # may want to add the current user id to be part of the ETag to prevent authorized displaying
       # of cached pages.
       #
       #   class InvoicesController < ApplicationController
@@ -32,7 +32,7 @@ module ActionController
       end
     end
 
-    # Sets the etag, +last_modified+, or both on the response and renders a
+    # Sets the +etag+, +last_modified+, or both on the response and renders a
     # <tt>304 Not Modified</tt> response if the request is already fresh.
     #
     # === Parameters:
@@ -41,6 +41,11 @@ module ActionController
     # * <tt>:last_modified</tt>.
     # * <tt>:public</tt> By default the Cache-Control header is private, set this to
     #   +true+ if you want your application to be cachable by other devices (proxy caches).
+    # * <tt>:template</tt> By default, the template digest for the current
+    #   controller/action is included in ETags. If the action renders a
+    #   different template, you can include its digest instead. If the action
+    #   doesn't render a template at all, you can pass <tt>template: false</tt>
+    #   to skip any attempt to check for a template digest.
     #
     # === Example:
     #
@@ -49,11 +54,11 @@ module ActionController
     #     fresh_when(etag: @article, last_modified: @article.created_at, public: true)
     #   end
     #
-    # This will render the show template if the request isn't sending a matching etag or
+    # This will render the show template if the request isn't sending a matching ETag or
     # If-Modified-Since header and just a <tt>304 Not Modified</tt> response if there's a match.
     #
     # You can also just pass a record where +last_modified+ will be set by calling
-    # +updated_at+ and the etag by passing the object itself.
+    # +updated_at+ and the +etag+ by passing the object itself.
     #
     #   def show
     #     @article = Article.find(params[:id])
@@ -66,18 +71,24 @@ module ActionController
     #     @article = Article.find(params[:id])
     #     fresh_when(@article, public: true)
     #   end
+    #
+    # When rendering a different template than the default controller/action
+    # style, you can indicate which digest to include in the ETag:
+    #
+    #   before_action { fresh_when @article, template: 'widgets/show' }
+    #
     def fresh_when(record_or_options, additional_options = {})
       if record_or_options.is_a? Hash
         options = record_or_options
-        options.assert_valid_keys(:etag, :last_modified, :public)
+        options.assert_valid_keys(:etag, :last_modified, :public, :template)
       else
         record  = record_or_options
         options = { etag: record, last_modified: record.try(:updated_at) }.merge!(additional_options)
       end
 
-      response.etag          = combine_etags(options[:etag]) if options[:etag]
-      response.last_modified = options[:last_modified]       if options[:last_modified]
-      response.cache_control[:public] = true                 if options[:public]
+      response.etag          = combine_etags(options)   if options[:etag] || options[:template]
+      response.last_modified = options[:last_modified]  if options[:last_modified]
+      response.cache_control[:public] = true            if options[:public]
 
       head :not_modified if request.fresh?(response)
     end
@@ -93,6 +104,11 @@ module ActionController
     # * <tt>:last_modified</tt>.
     # * <tt>:public</tt> By default the Cache-Control header is private, set this to
     #   +true+ if you want your application to be cachable by other devices (proxy caches).
+    # * <tt>:template</tt> By default, the template digest for the current
+    #   controller/action is included in ETags. If the action renders a
+    #   different template, you can include its digest instead. If the action
+    #   doesn't render a template at all, you can pass <tt>template: false</tt>
+    #   to skip any attempt to check for a template digest.
     #
     # === Example:
     #
@@ -108,7 +124,7 @@ module ActionController
     #   end
     #
     # You can also just pass a record where +last_modified+ will be set by calling
-    # updated_at and the etag by passing the object itself.
+    # +updated_at+ and the +etag+ by passing the object itself.
     #
     #   def show
     #     @article = Article.find(params[:id])
@@ -133,6 +149,14 @@ module ActionController
     #       end
     #     end
     #   end
+    #
+    # When rendering a different template than the default controller/action
+    # style, you can indicate which digest to include in the ETag:
+    #
+    #   def show
+    #     super if stale? @article, template: 'widgets/show'
+    #   end
+    #
     def stale?(record_or_options, additional_options = {})
       fresh_when(record_or_options, additional_options)
       !request.fresh?(response)
@@ -168,8 +192,9 @@ module ActionController
     end
 
     private
-      def combine_etags(etag)
-        [ etag, *etaggers.map { |etagger| instance_exec(&etagger) }.compact ]
+      def combine_etags(options)
+        etags = etaggers.map { |etagger| instance_exec(options, &etagger) }.compact
+        etags.unshift options[:etag]
       end
   end
 end