actionpack 4.2.10 → 6.1.3.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of actionpack might be problematic. Click here for more details.

Files changed (187) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +291 -479
  3. data/MIT-LICENSE +1 -1
  4. data/README.rdoc +9 -9
  5. data/lib/abstract_controller/asset_paths.rb +2 -0
  6. data/lib/abstract_controller/base.rb +81 -51
  7. data/lib/{action_controller → abstract_controller}/caching/fragments.rb +64 -17
  8. data/lib/abstract_controller/caching.rb +66 -0
  9. data/lib/abstract_controller/callbacks.rb +61 -33
  10. data/lib/abstract_controller/collector.rb +9 -13
  11. data/lib/abstract_controller/error.rb +6 -0
  12. data/lib/abstract_controller/helpers.rb +115 -99
  13. data/lib/abstract_controller/logger.rb +2 -0
  14. data/lib/abstract_controller/railties/routes_helpers.rb +21 -3
  15. data/lib/abstract_controller/rendering.rb +48 -47
  16. data/lib/abstract_controller/translation.rb +17 -8
  17. data/lib/abstract_controller/url_for.rb +2 -0
  18. data/lib/abstract_controller.rb +13 -5
  19. data/lib/action_controller/api/api_rendering.rb +16 -0
  20. data/lib/action_controller/api.rb +150 -0
  21. data/lib/action_controller/base.rb +29 -24
  22. data/lib/action_controller/caching.rb +12 -57
  23. data/lib/action_controller/form_builder.rb +50 -0
  24. data/lib/action_controller/log_subscriber.rb +17 -19
  25. data/lib/action_controller/metal/basic_implicit_render.rb +13 -0
  26. data/lib/action_controller/metal/conditional_get.rb +134 -46
  27. data/lib/action_controller/metal/content_security_policy.rb +51 -0
  28. data/lib/action_controller/metal/cookies.rb +6 -4
  29. data/lib/action_controller/metal/data_streaming.rb +30 -50
  30. data/lib/action_controller/metal/default_headers.rb +17 -0
  31. data/lib/action_controller/metal/etag_with_flash.rb +18 -0
  32. data/lib/action_controller/metal/etag_with_template_digest.rb +21 -16
  33. data/lib/action_controller/metal/exceptions.rb +63 -15
  34. data/lib/action_controller/metal/flash.rb +9 -8
  35. data/lib/action_controller/metal/head.rb +26 -21
  36. data/lib/action_controller/metal/helpers.rb +37 -18
  37. data/lib/action_controller/metal/http_authentication.rb +81 -73
  38. data/lib/action_controller/metal/implicit_render.rb +53 -9
  39. data/lib/action_controller/metal/instrumentation.rb +32 -35
  40. data/lib/action_controller/metal/live.rb +102 -120
  41. data/lib/action_controller/metal/logging.rb +20 -0
  42. data/lib/action_controller/metal/mime_responds.rb +49 -47
  43. data/lib/action_controller/metal/parameter_encoding.rb +82 -0
  44. data/lib/action_controller/metal/params_wrapper.rb +83 -66
  45. data/lib/action_controller/metal/permissions_policy.rb +46 -0
  46. data/lib/action_controller/metal/redirecting.rb +53 -32
  47. data/lib/action_controller/metal/renderers.rb +87 -44
  48. data/lib/action_controller/metal/rendering.rb +77 -50
  49. data/lib/action_controller/metal/request_forgery_protection.rb +267 -103
  50. data/lib/action_controller/metal/rescue.rb +10 -17
  51. data/lib/action_controller/metal/streaming.rb +12 -11
  52. data/lib/action_controller/metal/strong_parameters.rb +714 -186
  53. data/lib/action_controller/metal/testing.rb +2 -17
  54. data/lib/action_controller/metal/url_for.rb +19 -10
  55. data/lib/action_controller/metal.rb +104 -87
  56. data/lib/action_controller/railtie.rb +28 -10
  57. data/lib/action_controller/railties/helpers.rb +3 -1
  58. data/lib/action_controller/renderer.rb +141 -0
  59. data/lib/action_controller/template_assertions.rb +11 -0
  60. data/lib/action_controller/test_case.rb +296 -422
  61. data/lib/action_controller.rb +34 -23
  62. data/lib/action_dispatch/http/cache.rb +107 -56
  63. data/lib/action_dispatch/http/content_disposition.rb +45 -0
  64. data/lib/action_dispatch/http/content_security_policy.rb +286 -0
  65. data/lib/action_dispatch/http/filter_parameters.rb +32 -25
  66. data/lib/action_dispatch/http/filter_redirect.rb +10 -12
  67. data/lib/action_dispatch/http/headers.rb +55 -22
  68. data/lib/action_dispatch/http/mime_negotiation.rb +82 -50
  69. data/lib/action_dispatch/http/mime_type.rb +153 -121
  70. data/lib/action_dispatch/http/mime_types.rb +20 -6
  71. data/lib/action_dispatch/http/parameters.rb +90 -40
  72. data/lib/action_dispatch/http/permissions_policy.rb +173 -0
  73. data/lib/action_dispatch/http/rack_cache.rb +2 -0
  74. data/lib/action_dispatch/http/request.rb +226 -121
  75. data/lib/action_dispatch/http/response.rb +248 -113
  76. data/lib/action_dispatch/http/upload.rb +21 -7
  77. data/lib/action_dispatch/http/url.rb +182 -100
  78. data/lib/action_dispatch/journey/formatter.rb +90 -43
  79. data/lib/action_dispatch/journey/gtg/builder.rb +28 -41
  80. data/lib/action_dispatch/journey/gtg/simulator.rb +11 -16
  81. data/lib/action_dispatch/journey/gtg/transition_table.rb +23 -21
  82. data/lib/action_dispatch/journey/nfa/dot.rb +3 -14
  83. data/lib/action_dispatch/journey/nodes/node.rb +29 -15
  84. data/lib/action_dispatch/journey/parser.rb +17 -16
  85. data/lib/action_dispatch/journey/parser.y +4 -3
  86. data/lib/action_dispatch/journey/parser_extras.rb +12 -4
  87. data/lib/action_dispatch/journey/path/pattern.rb +58 -54
  88. data/lib/action_dispatch/journey/route.rb +100 -32
  89. data/lib/action_dispatch/journey/router/utils.rb +29 -18
  90. data/lib/action_dispatch/journey/router.rb +55 -51
  91. data/lib/action_dispatch/journey/routes.rb +17 -17
  92. data/lib/action_dispatch/journey/scanner.rb +26 -17
  93. data/lib/action_dispatch/journey/visitors.rb +98 -54
  94. data/lib/action_dispatch/journey.rb +5 -5
  95. data/lib/action_dispatch/middleware/actionable_exceptions.rb +46 -0
  96. data/lib/action_dispatch/middleware/callbacks.rb +3 -6
  97. data/lib/action_dispatch/middleware/cookies.rb +347 -217
  98. data/lib/action_dispatch/middleware/debug_exceptions.rb +135 -63
  99. data/lib/action_dispatch/middleware/debug_locks.rb +124 -0
  100. data/lib/action_dispatch/middleware/debug_view.rb +66 -0
  101. data/lib/action_dispatch/middleware/exception_wrapper.rb +115 -71
  102. data/lib/action_dispatch/middleware/executor.rb +21 -0
  103. data/lib/action_dispatch/middleware/flash.rb +78 -54
  104. data/lib/action_dispatch/middleware/host_authorization.rb +130 -0
  105. data/lib/action_dispatch/middleware/public_exceptions.rb +32 -27
  106. data/lib/action_dispatch/middleware/reloader.rb +5 -91
  107. data/lib/action_dispatch/middleware/remote_ip.rb +53 -45
  108. data/lib/action_dispatch/middleware/request_id.rb +17 -10
  109. data/lib/action_dispatch/middleware/session/abstract_store.rb +41 -26
  110. data/lib/action_dispatch/middleware/session/cache_store.rb +24 -14
  111. data/lib/action_dispatch/middleware/session/cookie_store.rb +74 -75
  112. data/lib/action_dispatch/middleware/session/mem_cache_store.rb +8 -2
  113. data/lib/action_dispatch/middleware/show_exceptions.rb +28 -23
  114. data/lib/action_dispatch/middleware/ssl.rb +118 -35
  115. data/lib/action_dispatch/middleware/stack.rb +82 -41
  116. data/lib/action_dispatch/middleware/static.rb +156 -89
  117. data/lib/action_dispatch/middleware/templates/rescues/_actions.html.erb +13 -0
  118. data/lib/action_dispatch/middleware/templates/rescues/_actions.text.erb +0 -0
  119. data/lib/action_dispatch/middleware/templates/rescues/_message_and_suggestions.html.erb +22 -0
  120. data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb +4 -14
  121. data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.text.erb +1 -1
  122. data/lib/action_dispatch/middleware/templates/rescues/{_source.erb → _source.html.erb} +4 -2
  123. data/lib/action_dispatch/middleware/templates/rescues/_source.text.erb +8 -0
  124. data/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb +45 -35
  125. data/lib/action_dispatch/middleware/templates/rescues/blocked_host.html.erb +7 -0
  126. data/lib/action_dispatch/middleware/templates/rescues/blocked_host.text.erb +5 -0
  127. data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb +23 -4
  128. data/lib/action_dispatch/middleware/templates/rescues/diagnostics.text.erb +1 -1
  129. data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +24 -0
  130. data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.text.erb +15 -0
  131. data/lib/action_dispatch/middleware/templates/rescues/layout.erb +105 -8
  132. data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.html.erb +19 -0
  133. data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.text.erb +3 -0
  134. data/lib/action_dispatch/middleware/templates/rescues/missing_template.html.erb +2 -2
  135. data/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb +1 -1
  136. data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +3 -3
  137. data/lib/action_dispatch/middleware/templates/rescues/template_error.text.erb +1 -1
  138. data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb +1 -1
  139. data/lib/action_dispatch/middleware/templates/routes/_route.html.erb +4 -4
  140. data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +87 -64
  141. data/lib/action_dispatch/railtie.rb +27 -13
  142. data/lib/action_dispatch/request/session.rb +109 -61
  143. data/lib/action_dispatch/request/utils.rb +90 -23
  144. data/lib/action_dispatch/routing/endpoint.rb +9 -2
  145. data/lib/action_dispatch/routing/inspector.rb +141 -102
  146. data/lib/action_dispatch/routing/mapper.rb +811 -473
  147. data/lib/action_dispatch/routing/polymorphic_routes.rb +167 -143
  148. data/lib/action_dispatch/routing/redirection.rb +37 -27
  149. data/lib/action_dispatch/routing/route_set.rb +363 -331
  150. data/lib/action_dispatch/routing/routes_proxy.rb +32 -5
  151. data/lib/action_dispatch/routing/url_for.rb +66 -26
  152. data/lib/action_dispatch/routing.rb +36 -36
  153. data/lib/action_dispatch/system_test_case.rb +190 -0
  154. data/lib/action_dispatch/system_testing/browser.rb +86 -0
  155. data/lib/action_dispatch/system_testing/driver.rb +67 -0
  156. data/lib/action_dispatch/system_testing/server.rb +31 -0
  157. data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +138 -0
  158. data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +29 -0
  159. data/lib/action_dispatch/testing/assertion_response.rb +46 -0
  160. data/lib/action_dispatch/testing/assertions/response.rb +44 -22
  161. data/lib/action_dispatch/testing/assertions/routing.rb +47 -31
  162. data/lib/action_dispatch/testing/assertions.rb +6 -4
  163. data/lib/action_dispatch/testing/integration.rb +391 -220
  164. data/lib/action_dispatch/testing/request_encoder.rb +55 -0
  165. data/lib/action_dispatch/testing/test_process.rb +53 -22
  166. data/lib/action_dispatch/testing/test_request.rb +27 -34
  167. data/lib/action_dispatch/testing/test_response.rb +11 -11
  168. data/lib/action_dispatch.rb +35 -21
  169. data/lib/action_pack/gem_version.rb +6 -4
  170. data/lib/action_pack/version.rb +3 -1
  171. data/lib/action_pack.rb +4 -2
  172. metadata +78 -49
  173. data/lib/action_controller/metal/force_ssl.rb +0 -97
  174. data/lib/action_controller/metal/hide_actions.rb +0 -40
  175. data/lib/action_controller/metal/rack_delegation.rb +0 -32
  176. data/lib/action_controller/middleware.rb +0 -39
  177. data/lib/action_controller/model_naming.rb +0 -12
  178. data/lib/action_dispatch/http/parameter_filter.rb +0 -72
  179. data/lib/action_dispatch/journey/backwards.rb +0 -5
  180. data/lib/action_dispatch/journey/nfa/builder.rb +0 -76
  181. data/lib/action_dispatch/journey/nfa/simulator.rb +0 -47
  182. data/lib/action_dispatch/journey/nfa/transition_table.rb +0 -163
  183. data/lib/action_dispatch/journey/router/strexp.rb +0 -27
  184. data/lib/action_dispatch/middleware/params_parser.rb +0 -60
  185. data/lib/action_dispatch/testing/assertions/dom.rb +0 -3
  186. data/lib/action_dispatch/testing/assertions/selector.rb +0 -3
  187. data/lib/action_dispatch/testing/assertions/tag.rb +0 -3
@@ -0,0 +1,150 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "action_view"
4
+ require "action_controller"
5
+ require "action_controller/log_subscriber"
6
+
7
+ module ActionController
8
+ # API Controller is a lightweight version of <tt>ActionController::Base</tt>,
9
+ # created for applications that don't require all functionalities that a complete
10
+ # \Rails controller provides, allowing you to create controllers with just the
11
+ # features that you need for API only applications.
12
+ #
13
+ # An API Controller is different from a normal controller in the sense that
14
+ # by default it doesn't include a number of features that are usually required
15
+ # by browser access only: layouts and templates rendering,
16
+ # flash, assets, and so on. This makes the entire controller stack thinner,
17
+ # suitable for API applications. It doesn't mean you won't have such
18
+ # features if you need them: they're all available for you to include in
19
+ # your application, they're just not part of the default API controller stack.
20
+ #
21
+ # Normally, +ApplicationController+ is the only controller that inherits from
22
+ # <tt>ActionController::API</tt>. All other controllers in turn inherit from
23
+ # +ApplicationController+.
24
+ #
25
+ # A sample controller could look like this:
26
+ #
27
+ # class PostsController < ApplicationController
28
+ # def index
29
+ # posts = Post.all
30
+ # render json: posts
31
+ # end
32
+ # end
33
+ #
34
+ # Request, response, and parameters objects all work the exact same way as
35
+ # <tt>ActionController::Base</tt>.
36
+ #
37
+ # == Renders
38
+ #
39
+ # The default API Controller stack includes all renderers, which means you
40
+ # can use <tt>render :json</tt> and brothers freely in your controllers. Keep
41
+ # in mind that templates are not going to be rendered, so you need to ensure
42
+ # your controller is calling either <tt>render</tt> or <tt>redirect_to</tt> in
43
+ # all actions, otherwise it will return 204 No Content.
44
+ #
45
+ # def show
46
+ # post = Post.find(params[:id])
47
+ # render json: post
48
+ # end
49
+ #
50
+ # == Redirects
51
+ #
52
+ # Redirects are used to move from one action to another. You can use the
53
+ # <tt>redirect_to</tt> method in your controllers in the same way as in
54
+ # <tt>ActionController::Base</tt>. For example:
55
+ #
56
+ # def create
57
+ # redirect_to root_url and return if not_authorized?
58
+ # # do stuff here
59
+ # end
60
+ #
61
+ # == Adding New Behavior
62
+ #
63
+ # In some scenarios you may want to add back some functionality provided by
64
+ # <tt>ActionController::Base</tt> that is not present by default in
65
+ # <tt>ActionController::API</tt>, for instance <tt>MimeResponds</tt>. This
66
+ # module gives you the <tt>respond_to</tt> method. Adding it is quite simple,
67
+ # you just need to include the module in a specific controller or in
68
+ # +ApplicationController+ in case you want it available in your entire
69
+ # application:
70
+ #
71
+ # class ApplicationController < ActionController::API
72
+ # include ActionController::MimeResponds
73
+ # end
74
+ #
75
+ # class PostsController < ApplicationController
76
+ # def index
77
+ # posts = Post.all
78
+ #
79
+ # respond_to do |format|
80
+ # format.json { render json: posts }
81
+ # format.xml { render xml: posts }
82
+ # end
83
+ # end
84
+ # end
85
+ #
86
+ # Make sure to check the modules included in <tt>ActionController::Base</tt>
87
+ # if you want to use any other functionality that is not provided
88
+ # by <tt>ActionController::API</tt> out of the box.
89
+ class API < Metal
90
+ abstract!
91
+
92
+ # Shortcut helper that returns all the ActionController::API modules except
93
+ # the ones passed as arguments:
94
+ #
95
+ # class MyAPIBaseController < ActionController::Metal
96
+ # ActionController::API.without_modules(:UrlFor).each do |left|
97
+ # include left
98
+ # end
99
+ # end
100
+ #
101
+ # This gives better control over what you want to exclude and makes it easier
102
+ # to create an API controller class, instead of listing the modules required
103
+ # manually.
104
+ def self.without_modules(*modules)
105
+ modules = modules.map do |m|
106
+ m.is_a?(Symbol) ? ActionController.const_get(m) : m
107
+ end
108
+
109
+ MODULES - modules
110
+ end
111
+
112
+ MODULES = [
113
+ AbstractController::Rendering,
114
+
115
+ UrlFor,
116
+ Redirecting,
117
+ ApiRendering,
118
+ Renderers::All,
119
+ ConditionalGet,
120
+ BasicImplicitRender,
121
+ StrongParameters,
122
+
123
+ DataStreaming,
124
+ DefaultHeaders,
125
+ Logging,
126
+
127
+ # Before callbacks should also be executed as early as possible, so
128
+ # also include them at the bottom.
129
+ AbstractController::Callbacks,
130
+
131
+ # Append rescue at the bottom to wrap as much as possible.
132
+ Rescue,
133
+
134
+ # Add instrumentations hooks at the bottom, to ensure they instrument
135
+ # all the methods properly.
136
+ Instrumentation,
137
+
138
+ # Params wrapper should come before instrumentation so they are
139
+ # properly showed in logs
140
+ ParamsWrapper
141
+ ]
142
+
143
+ MODULES.each do |mod|
144
+ include mod
145
+ end
146
+
147
+ ActiveSupport.run_load_hooks(:action_controller_api, self)
148
+ ActiveSupport.run_load_hooks(:action_controller, self)
149
+ end
150
+ end
@@ -1,4 +1,6 @@
1
- require 'action_view'
1
+ # frozen_string_literal: true
2
+
3
+ require "action_view"
2
4
  require "action_controller/log_subscriber"
3
5
  require "action_controller/metal/params_wrapper"
4
6
 
@@ -8,7 +10,7 @@ module ActionController
8
10
  # on the controller, which will automatically be made accessible to the web-server through \Rails Routes.
9
11
  #
10
12
  # By default, only the ApplicationController in a \Rails application inherits from <tt>ActionController::Base</tt>. All other
11
- # controllers in turn inherit from ApplicationController. This gives you one class to configure things such as
13
+ # controllers inherit from ApplicationController. This gives you one class to configure things such as
12
14
  # request forgery protection and filtering of sensitive request parameters.
13
15
  #
14
16
  # A sample controller could look like this:
@@ -30,9 +32,9 @@ module ActionController
30
32
  #
31
33
  # Unlike index, the create action will not render a template. After performing its main purpose (creating a
32
34
  # new post), it initiates a redirect instead. This redirect works by returning an external
33
- # "302 Moved" HTTP response that takes the user to the index action.
35
+ # <tt>302 Moved</tt> HTTP response that takes the user to the index action.
34
36
  #
35
- # These two methods represent the two basic action archetypes used in Action Controllers. Get-and-show and do-and-redirect.
37
+ # These two methods represent the two basic action archetypes used in Action Controllers: Get-and-show and do-and-redirect.
36
38
  # Most actions are variations on these themes.
37
39
  #
38
40
  # == Requests
@@ -50,17 +52,17 @@ module ActionController
50
52
  #
51
53
  # == Parameters
52
54
  #
53
- # All request parameters, whether they come from a GET or POST request, or from the URL, are available through the params method
54
- # which returns a hash. For example, an action that was performed through <tt>/posts?category=All&limit=5</tt> will include
55
- # <tt>{ "category" => "All", "limit" => "5" }</tt> in params.
55
+ # All request parameters, whether they come from a query string in the URL or form data submitted through a POST request are
56
+ # available through the <tt>params</tt> method which returns a hash. For example, an action that was performed through
57
+ # <tt>/posts?category=All&limit=5</tt> will include <tt>{ "category" => "All", "limit" => "5" }</tt> in <tt>params</tt>.
56
58
  #
57
59
  # It's also possible to construct multi-dimensional parameter hashes by specifying keys using brackets, such as:
58
60
  #
59
61
  # <input type="text" name="post[name]" value="david">
60
62
  # <input type="text" name="post[address]" value="hyacintvej">
61
63
  #
62
- # A request stemming from a form holding these inputs will include <tt>{ "post" => { "name" => "david", "address" => "hyacintvej" } }</tt>.
63
- # If the address input had been named <tt>post[address][street]</tt>, the params would have included
64
+ # A request coming from a form holding these inputs will include <tt>{ "post" => { "name" => "david", "address" => "hyacintvej" } }</tt>.
65
+ # If the address input had been named <tt>post[address][street]</tt>, the <tt>params</tt> would have included
64
66
  # <tt>{ "post" => { "address" => { "street" => "hyacintvej" } } }</tt>. There's no limit to the depth of the nesting.
65
67
  #
66
68
  # == Sessions
@@ -74,9 +76,9 @@ module ActionController
74
76
  #
75
77
  # session[:person] = Person.authenticate(user_name, password)
76
78
  #
77
- # And retrieved again through the same hash:
79
+ # You can retrieve it again through the same hash:
78
80
  #
79
- # Hello #{session[:person]}
81
+ # "Hello #{session[:person]}"
80
82
  #
81
83
  # For removing objects from the session, you can either assign a single key to +nil+:
82
84
  #
@@ -206,7 +208,6 @@ module ActionController
206
208
  AbstractController::AssetPaths,
207
209
 
208
210
  Helpers,
209
- HideActions,
210
211
  UrlFor,
211
212
  Redirecting,
212
213
  ActionView::Layouts,
@@ -214,23 +215,27 @@ module ActionController
214
215
  Renderers::All,
215
216
  ConditionalGet,
216
217
  EtagWithTemplateDigest,
217
- RackDelegation,
218
+ EtagWithFlash,
218
219
  Caching,
219
220
  MimeResponds,
220
221
  ImplicitRender,
221
222
  StrongParameters,
222
-
223
+ ParameterEncoding,
223
224
  Cookies,
224
225
  Flash,
226
+ FormBuilder,
225
227
  RequestForgeryProtection,
226
- ForceSSL,
228
+ ContentSecurityPolicy,
229
+ PermissionsPolicy,
227
230
  Streaming,
228
231
  DataStreaming,
229
232
  HttpAuthentication::Basic::ControllerMethods,
230
233
  HttpAuthentication::Digest::ControllerMethods,
231
234
  HttpAuthentication::Token::ControllerMethods,
235
+ DefaultHeaders,
236
+ Logging,
232
237
 
233
- # Before callbacks should also be executed the earliest as possible, so
238
+ # Before callbacks should also be executed as early as possible, so
234
239
  # also include them at the bottom.
235
240
  AbstractController::Callbacks,
236
241
 
@@ -249,20 +254,20 @@ module ActionController
249
254
  MODULES.each do |mod|
250
255
  include mod
251
256
  end
257
+ setup_renderer!
252
258
 
253
259
  # Define some internal variables that should not be propagated to the view.
254
- PROTECTED_IVARS = AbstractController::Rendering::DEFAULT_PROTECTED_INSTANCE_VARIABLES + [
255
- :@_status, :@_headers, :@_params, :@_env, :@_response, :@_request,
256
- :@_view_runtime, :@_stream, :@_url_options, :@_action_has_layout ]
257
-
258
- def _protected_ivars # :nodoc:
259
- PROTECTED_IVARS
260
- end
260
+ PROTECTED_IVARS = AbstractController::Rendering::DEFAULT_PROTECTED_INSTANCE_VARIABLES + %i(
261
+ @_params @_response @_request @_config @_url_options @_action_has_layout @_view_context_class
262
+ @_view_renderer @_lookup_context @_routes @_view_runtime @_db_runtime @_helper_proxy
263
+ )
261
264
 
262
- def self.protected_instance_variables
265
+ def _protected_ivars
263
266
  PROTECTED_IVARS
264
267
  end
268
+ private :_protected_ivars
265
269
 
270
+ ActiveSupport.run_load_hooks(:action_controller_base, self)
266
271
  ActiveSupport.run_load_hooks(:action_controller, self)
267
272
  end
268
273
  end
@@ -1,6 +1,4 @@
1
- require 'fileutils'
2
- require 'uri'
3
- require 'set'
1
+ # frozen_string_literal: true
4
2
 
5
3
  module ActionController
6
4
  # \Caching is a cheap way of speeding up slow applications by keeping the result of
@@ -8,7 +6,7 @@ module ActionController
8
6
  #
9
7
  # You can read more about each approach by clicking the modules below.
10
8
  #
11
- # Note: To turn off all caching, set
9
+ # Note: To turn off all caching provided by Action Controller, set
12
10
  # config.action_controller.perform_caching = false
13
11
  #
14
12
  # == \Caching stores
@@ -25,65 +23,22 @@ module ActionController
25
23
  # config.action_controller.cache_store = MyOwnStore.new('parameter')
26
24
  module Caching
27
25
  extend ActiveSupport::Concern
28
- extend ActiveSupport::Autoload
29
-
30
- eager_autoload do
31
- autoload :Fragments
32
- end
33
-
34
- module ConfigMethods
35
- def cache_store
36
- config.cache_store
37
- end
38
-
39
- def cache_store=(store)
40
- config.cache_store = ActiveSupport::Cache.lookup_store(store)
41
- end
42
-
43
- private
44
- def cache_configured?
45
- perform_caching && cache_store
46
- end
47
- end
48
-
49
- include RackDelegation
50
- include AbstractController::Callbacks
51
-
52
- include ConfigMethods
53
- include Fragments
54
26
 
55
27
  included do
56
- extend ConfigMethods
57
-
58
- config_accessor :default_static_extension
59
- self.default_static_extension ||= '.html'
60
-
61
- config_accessor :perform_caching
62
- self.perform_caching = true if perform_caching.nil?
63
-
64
- class_attribute :_view_cache_dependencies
65
- self._view_cache_dependencies = []
66
- helper_method :view_cache_dependencies if respond_to?(:helper_method)
28
+ include AbstractController::Caching
67
29
  end
68
30
 
69
- module ClassMethods
70
- def view_cache_dependency(&dependency)
71
- self._view_cache_dependencies += [dependency]
31
+ private
32
+ def instrument_payload(key)
33
+ {
34
+ controller: controller_name,
35
+ action: action_name,
36
+ key: key
37
+ }
72
38
  end
73
- end
74
-
75
- def view_cache_dependencies
76
- self.class._view_cache_dependencies.map { |dep| instance_exec(&dep) }.compact
77
- end
78
39
 
79
- protected
80
- # Convenience accessor.
81
- def cache(key, options = {}, &block)
82
- if cache_configured?
83
- cache_store.fetch(ActiveSupport::Cache.expand_cache_key(key, :controller), options, &block)
84
- else
85
- yield
86
- end
40
+ def instrument_name
41
+ "action_controller"
87
42
  end
88
43
  end
89
44
  end
@@ -0,0 +1,50 @@
1
+ # frozen_string_literal: true
2
+
3
+ module ActionController
4
+ # Override the default form builder for all views rendered by this
5
+ # controller and any of its descendants. Accepts a subclass of
6
+ # +ActionView::Helpers::FormBuilder+.
7
+ #
8
+ # For example, given a form builder:
9
+ #
10
+ # class AdminFormBuilder < ActionView::Helpers::FormBuilder
11
+ # def special_field(name)
12
+ # end
13
+ # end
14
+ #
15
+ # The controller specifies a form builder as its default:
16
+ #
17
+ # class AdminAreaController < ApplicationController
18
+ # default_form_builder AdminFormBuilder
19
+ # end
20
+ #
21
+ # Then in the view any form using +form_for+ will be an instance of the
22
+ # specified form builder:
23
+ #
24
+ # <%= form_for(@instance) do |builder| %>
25
+ # <%= builder.special_field(:name) %>
26
+ # <% end %>
27
+ module FormBuilder
28
+ extend ActiveSupport::Concern
29
+
30
+ included do
31
+ class_attribute :_default_form_builder, instance_accessor: false
32
+ end
33
+
34
+ module ClassMethods
35
+ # Set the form builder to be used as the default for all forms
36
+ # in the views rendered by this controller and its subclasses.
37
+ #
38
+ # ==== Parameters
39
+ # * <tt>builder</tt> - Default form builder, an instance of +ActionView::Helpers::FormBuilder+
40
+ def default_form_builder(builder)
41
+ self._default_form_builder = builder
42
+ end
43
+ end
44
+
45
+ # Default form builder for the controller
46
+ def default_form_builder
47
+ self.class._default_form_builder
48
+ end
49
+ end
50
+ end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  module ActionController
2
4
  class LogSubscriber < ActiveSupport::LogSubscriber
3
5
  INTERNAL_PARAMS = %w(controller action format _method only_path)
@@ -9,6 +11,7 @@ module ActionController
9
11
  params = payload[:params].except(*INTERNAL_PARAMS)
10
12
  format = payload[:format]
11
13
  format = format.to_s.upcase if format.is_a?(Symbol)
14
+ format = "*/*" if format.nil?
12
15
 
13
16
  info "Processing by #{payload[:controller]}##{payload[:action]} as #{format}"
14
17
  info " Parameters: #{params.inspect}" unless params.empty?
@@ -16,16 +19,20 @@ module ActionController
16
19
 
17
20
  def process_action(event)
18
21
  info do
19
- payload = event.payload
22
+ payload = event.payload
20
23
  additions = ActionController::Base.log_process_action(payload)
21
-
22
24
  status = payload[:status]
23
- if status.nil? && payload[:exception].present?
24
- exception_class_name = payload[:exception].first
25
+
26
+ if status.nil? && (exception_class_name = payload[:exception]&.first)
25
27
  status = ActionDispatch::ExceptionWrapper.status_code_for_exception(exception_class_name)
26
28
  end
27
- message = "Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{event.duration.round}ms"
28
- message << " (#{additions.join(" | ")})" unless additions.blank?
29
+
30
+ additions << "Allocations: #{event.allocations}"
31
+
32
+ message = +"Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{event.duration.round}ms"
33
+ message << " (#{additions.join(" | ")})"
34
+ message << "\n\n" if defined?(Rails.env) && Rails.env.development?
35
+
29
36
  message
30
37
  end
31
38
  end
@@ -49,16 +56,7 @@ module ActionController
49
56
  def unpermitted_parameters(event)
50
57
  debug do
51
58
  unpermitted_keys = event.payload[:keys]
52
- "Unpermitted parameter#{'s' if unpermitted_keys.size > 1}: #{unpermitted_keys.join(", ")}"
53
- end
54
- end
55
-
56
- def deep_munge(event)
57
- debug do
58
- "Value for params[:#{event.payload[:keys].join('][:')}] was set "\
59
- "to nil, because it was one of [], [null] or [null, null, ...]. "\
60
- "Go to http://guides.rubyonrails.org/security.html#unsafe-query-generation "\
61
- "for more information."\
59
+ color("Unpermitted parameter#{'s' if unpermitted_keys.size > 1}: #{unpermitted_keys.map { |e| ":#{e}" }.join(", ")}", RED)
62
60
  end
63
61
  end
64
62
 
@@ -66,10 +64,10 @@ module ActionController
66
64
  expire_fragment expire_page write_page).each do |method|
67
65
  class_eval <<-METHOD, __FILE__, __LINE__ + 1
68
66
  def #{method}(event)
69
- return unless logger.info?
70
- key_or_path = event.payload[:key] || event.payload[:path]
67
+ return unless logger.info? && ActionController::Base.enable_fragment_cache_logging
68
+ key = ActiveSupport::Cache.expand_cache_key(event.payload[:key] || event.payload[:path])
71
69
  human_name = #{method.to_s.humanize.inspect}
72
- info("\#{human_name} \#{key_or_path} (\#{event.duration.round(1)}ms)")
70
+ info("\#{human_name} \#{key} (\#{event.duration.round(1)}ms)")
73
71
  end
74
72
  METHOD
75
73
  end
@@ -0,0 +1,13 @@
1
+ # frozen_string_literal: true
2
+
3
+ module ActionController
4
+ module BasicImplicitRender # :nodoc:
5
+ def send_action(method, *args)
6
+ super.tap { default_render unless performed? }
7
+ end
8
+
9
+ def default_render
10
+ head :no_content
11
+ end
12
+ end
13
+ end