actionpack 4.2.11.1 → 6.0.3

data/lib/action_dispatch/request/session.rb

@@ -1,95 +1,113 @@
-require 'rack/session/abstract/id'
+# frozen_string_literal: true
+
+require "rack/session/abstract/id"
 
 module ActionDispatch
-  class Request < Rack::Request
+  class Request
     # Session is responsible for lazily loading the session from store.
     class Session # :nodoc:
-      ENV_SESSION_KEY         = Rack::Session::Abstract::ENV_SESSION_KEY # :nodoc:
-      ENV_SESSION_OPTIONS_KEY = Rack::Session::Abstract::ENV_SESSION_OPTIONS_KEY # :nodoc:
+      ENV_SESSION_KEY         = Rack::RACK_SESSION # :nodoc:
+      ENV_SESSION_OPTIONS_KEY = Rack::RACK_SESSION_OPTIONS # :nodoc:
 
-      # Singleton object used to determine if an optional param wasn't specified
+      # Singleton object used to determine if an optional param wasn't specified.
       Unspecified = Object.new
 
-      def self.create(store, env, default_options)
-        session_was = find env
-        session     = Request::Session.new(store, env)
+      # Creates a session hash, merging the properties of the previous session if any.
+      def self.create(store, req, default_options)
+        session_was = find req
+        session     = Request::Session.new(store, req)
         session.merge! session_was if session_was
 
-        set(env, session)
-        Options.set(env, Request::Session::Options.new(store, env, default_options))
+        set(req, session)
+        Options.set(req, Request::Session::Options.new(store, default_options))
         session
       end
 
-      def self.find(env)
-        env[ENV_SESSION_KEY]
+      def self.find(req)
+        req.get_header ENV_SESSION_KEY
       end
 
-      def self.set(env, session)
-        env[ENV_SESSION_KEY] = session
+      def self.set(req, session)
+        req.set_header ENV_SESSION_KEY, session
       end
 
       class Options #:nodoc:
-        def self.set(env, options)
-          env[ENV_SESSION_OPTIONS_KEY] = options
+        def self.set(req, options)
+          req.set_header ENV_SESSION_OPTIONS_KEY, options
         end
 
-        def self.find(env)
-          env[ENV_SESSION_OPTIONS_KEY]
+        def self.find(req)
+          req.get_header ENV_SESSION_OPTIONS_KEY
         end
 
-        def initialize(by, env, default_options)
+        def initialize(by, default_options)
           @by       = by
-          @env      = env
           @delegate = default_options.dup
         end
 
         def [](key)
-          if key == :id
-            @delegate.fetch(key) {
-              @delegate[:id] = @by.send(:extract_session_id, @env)
-            }
-          else
-            @delegate[key]
-          end
+          @delegate[key]
+        end
+
+        def id(req)
+          @delegate.fetch(:id) {
+            @by.send(:extract_session_id, req)
+          }
         end
 
-        def []=(k,v);         @delegate[k] = v; end
+        def []=(k, v);        @delegate[k] = v; end
         def to_hash;          @delegate.dup; end
         def values_at(*args); @delegate.values_at(*args); end
       end
 
-      def initialize(by, env)
+      def initialize(by, req)
         @by       = by
-        @env      = env
+        @req      = req
         @delegate = {}
         @loaded   = false
-        @exists   = nil # we haven't checked yet
+        @exists   = nil # We haven't checked yet.
       end
 
       def id
-        options[:id]
+        options.id(@req)
       end
 
       def options
-        Options.find @env
+        Options.find @req
       end
 
       def destroy
         clear
         options = self.options || {}
-        new_sid = @by.send(:destroy_session, @env, options[:id], options)
-        options[:id] = new_sid # Reset session id with a new value or nil
+        @by.send(:delete_session, @req, options.id(@req), options)
 
-        # Load the new sid to be written with the response
+        # Load the new sid to be written with the response.
         @loaded = false
         load_for_write!
       end
 
+      # Returns value of the key stored in the session or
+      # +nil+ if the given key is not found in the session.
       def [](key)
         load_for_read!
-        @delegate[key.to_s]
+        key = key.to_s
+
+        if key == "session_id"
+          id&.public_id
+        else
+          @delegate[key]
+        end
+      end
+
+      # Returns the nested value specified by the sequence of keys, returning
+      # +nil+ if any intermediate step is +nil+.
+      def dig(*keys)
+        load_for_read!
+        keys = keys.map.with_index { |key, i| i.zero? ? key.to_s : key }
+        @delegate.dig(*keys)
       end
 
+      # Returns true if the session has the given key or false.
       def has_key?(key)
         load_for_read!
         @delegate.key?(key.to_s)
@@ -97,40 +115,73 @@ module ActionDispatch
       alias :key? :has_key?
       alias :include? :has_key?
 
+      # Returns keys of the session as Array.
       def keys
+        load_for_read!
         @delegate.keys
       end
 
+      # Returns values of the session as Array.
       def values
+        load_for_read!
         @delegate.values
       end
 
+      # Writes given value to given key of the session.
       def []=(key, value)
         load_for_write!
         @delegate[key.to_s] = value
       end
 
+      # Clears the session.
       def clear
         load_for_write!
         @delegate.clear
       end
 
+      # Returns the session as Hash.
       def to_hash
         load_for_read!
-        @delegate.dup.delete_if { |_,v| v.nil? }
-      end
-
+        @delegate.dup.delete_if { |_, v| v.nil? }
+      end
+      alias :to_h :to_hash
+
+      # Updates the session with given Hash.
+      #
+      #   session.to_hash
+      #   # => {"session_id"=>"e29b9ea315edf98aad94cc78c34cc9b2"}
+      #
+      #   session.update({ "foo" => "bar" })
+      #   # => {"session_id"=>"e29b9ea315edf98aad94cc78c34cc9b2", "foo" => "bar"}
+      #
+      #   session.to_hash
+      #   # => {"session_id"=>"e29b9ea315edf98aad94cc78c34cc9b2", "foo" => "bar"}
       def update(hash)
         load_for_write!
         @delegate.update stringify_keys(hash)
       end
 
+      # Deletes given key from the session.
       def delete(key)
         load_for_write!
         @delegate.delete key.to_s
       end
 
-      def fetch(key, default=Unspecified, &block)
+      # Returns value of the given key from the session, or raises +KeyError+
+      # if can't find the given key and no default value is set.
+      # Returns default value if specified.
+      #
+      #   session.fetch(:foo)
+      #   # => KeyError: key not found: "foo"
+      #
+      #   session.fetch(:foo, :bar)
+      #   # => :bar
+      #
+      #   session.fetch(:foo) do
+      #     :bar
+      #   end
+      #   # => :bar
+      def fetch(key, default = Unspecified, &block)
         load_for_read!
         if default == Unspecified
           @delegate.fetch(key.to_s, &block)
@@ -149,7 +200,7 @@ module ActionDispatch
 
       def exists?
         return @exists unless @exists.nil?
-        @exists = @by.send(:session_exists?, @env)
+        @exists = @by.send(:session_exists?, @req)
       end
 
       def loaded?
@@ -166,28 +217,31 @@ module ActionDispatch
         @delegate.merge!(other)
       end
 
-      private
-
-      def load_for_read!
-        load! if !loaded? && exists?
+      def each(&block)
+        to_hash.each(&block)
       end
 
-      def load_for_write!
-        load! unless loaded?
-      end
+      private
+        def load_for_read!
+          load! if !loaded? && exists?
+        end
 
-      def load!
-        id, session = @by.load_session @env
-        options[:id] = id
-        @delegate.replace(stringify_keys(session))
-        @loaded = true
-      end
+        def load_for_write!
+          load! unless loaded?
+        end
 
-      def stringify_keys(other)
-        other.each_with_object({}) { |(key, value), hash|
-          hash[key.to_s] = value
-        }
-      end
+        def load!
+          id, session = @by.load_session @req
+          options[:id] = id
+          @delegate.replace(stringify_keys(session))
+          @loaded = true
+        end
+
+        def stringify_keys(other)
+          other.each_with_object({}) { |(key, value), hash|
+            hash[key.to_s] = value
+          }
+        end
     end
   end
 end

data/lib/action_dispatch/request/utils.rb

@@ -1,35 +1,78 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/hash/indifferent_access"
+
 module ActionDispatch
-  class Request < Rack::Request
+  class Request
     class Utils # :nodoc:
+      mattr_accessor :perform_deep_munge, default: true
+
+      def self.each_param_value(params, &block)
+        case params
+        when Array
+          params.each { |element| each_param_value(element, &block) }
+        when Hash
+          params.each_value { |value| each_param_value(value, &block) }
+        when String
+          block.call params
+        end
+      end
 
-      mattr_accessor :perform_deep_munge
-      self.perform_deep_munge = true
-
-      class << self
-        # Remove nils from the params hash
-        def deep_munge(hash, keys = [])
-          return hash unless perform_deep_munge
-
-          hash.each do |k, v|
-            keys << k
-            case v
-            when Array
-              v.grep(Hash) { |x| deep_munge(x, keys) }
-              v.compact!
-              if v.empty?
-                hash[k] = nil
-                ActiveSupport::Notifications.instrument("deep_munge.action_controller", keys: keys)
-              end
-            when Hash
-              deep_munge(v, keys)
+      def self.normalize_encode_params(params)
+        if perform_deep_munge
+          NoNilParamEncoder.normalize_encode_params params
+        else
+          ParamEncoder.normalize_encode_params params
+        end
+      end
+
+      def self.check_param_encoding(params)
+        case params
+        when Array
+          params.each { |element| check_param_encoding(element) }
+        when Hash
+          params.each_value { |value| check_param_encoding(value) }
+        when String
+          unless params.valid_encoding?
+            # Raise Rack::Utils::InvalidParameterError for consistency with Rack.
+            # ActionDispatch::Request#GET will re-raise as a BadRequest error.
+            raise Rack::Utils::InvalidParameterError, "Invalid encoding for parameter: #{params.scrub}"
+          end
+        end
+      end
+
+      class ParamEncoder # :nodoc:
+        # Convert nested Hash to HashWithIndifferentAccess.
+        def self.normalize_encode_params(params)
+          case params
+          when Array
+            handle_array params
+          when Hash
+            if params.has_key?(:tempfile)
+              ActionDispatch::Http::UploadedFile.new(params)
+            else
+              params.each_with_object({}) do |(key, val), new_hash|
+                new_hash[key] = normalize_encode_params(val)
+              end.with_indifferent_access
             end
-            keys.pop
+          else
+            params
           end
+        end
 
-          hash
+        def self.handle_array(params)
+          params.map! { |el| normalize_encode_params(el) }
+        end
+      end
+
+      # Remove nils from the params hash.
+      class NoNilParamEncoder < ParamEncoder # :nodoc:
+        def self.handle_array(params)
+          list = super
+          list.compact!
+          list
         end
       end
     end
   end
 end
-

data/lib/action_dispatch/routing/endpoint.rb

@@ -1,10 +1,17 @@
+# frozen_string_literal: true
+
 module ActionDispatch
   module Routing
     class Endpoint # :nodoc:
       def dispatcher?;   false; end
       def redirect?;     false; end
-      def matches?(req); true;  end
-      def app;           self;  end
+      def matches?(req);  true; end
+      def app;            self; end
+      def rack_app;        app; end
+
+      def engine?
+        rack_app.is_a?(Class) && rack_app < Rails::Engine
+      end
     end
   end
 end