actionpack 4.2.8 → 5.2.4.2

data/lib/action_controller/metal/testing.rb

@@ -1,31 +1,16 @@
+# frozen_string_literal: true
+
 module ActionController
   module Testing
     extend ActiveSupport::Concern
 
-    include RackDelegation
-
-    # TODO : Rewrite tests using controller.headers= to use Rack env
-    def headers=(new_headers)
-      @_response ||= ActionDispatch::Response.new
-      @_response.headers.replace(new_headers)
-    end
-
     # Behavior specific to functional tests
     module Functional # :nodoc:
-      def set_response!(request)
-      end
-
       def recycle!
         @_url_options = nil
         self.formats = nil
         self.params = nil
       end
     end
-
-    module ClassMethods
-      def before_filters
-        _process_action_callbacks.find_all{|x| x.kind == :before}.map{|x| x.name}
-      end
-    end
   end
 end

data/lib/action_controller/metal/url_for.rb

@@ -1,10 +1,15 @@
+# frozen_string_literal: true
+
 module ActionController
   # Includes +url_for+ into the host class. The class has to provide a +RouteSet+ by implementing
   # the <tt>_routes</tt> method. Otherwise, an exception will be raised.
   #
   # In addition to <tt>AbstractController::UrlFor</tt>, this module accesses the HTTP layer to define
-  # url options like the +host+. In order to do so, this module requires the host class
-  # to implement +env+ and +request+, which need to be a Rack-compatible.
+  # URL options like the +host+. In order to do so, this module requires the host class
+  # to implement +env+ which needs to be Rack-compatible and +request+
+  # which is either an instance of +ActionDispatch::Request+ or an object
+  # that responds to the +host+, +optional_port+, +protocol+ and
+  # +symbolized_path_parameter+ methods.
   #
   #   class RootUrl
   #     include ActionController::UrlFor
@@ -24,21 +29,25 @@ module ActionController
 
     def url_options
       @_url_options ||= {
-        :host => request.host,
-        :port => request.optional_port,
-        :protocol => request.protocol,
-        :_recall => request.path_parameters
+        host: request.host,
+        port: request.optional_port,
+        protocol: request.protocol,
+        _recall: request.path_parameters
       }.merge!(super).freeze
 
-      if (same_origin = _routes.equal?(env["action_dispatch.routes".freeze])) ||
-         (script_name = env["ROUTES_#{_routes.object_id}_SCRIPT_NAME"]) ||
-         (original_script_name = env['ORIGINAL_SCRIPT_NAME'.freeze])
+      if (same_origin = _routes.equal?(request.routes)) ||
+         (script_name = request.engine_script_name(_routes)) ||
+         (original_script_name = request.original_script_name)
 
         options = @_url_options.dup
         if original_script_name
           options[:original_script_name] = original_script_name
         else
-          options[:script_name] = same_origin ? request.script_name.dup : script_name
+          if same_origin
+            options[:script_name] = request.script_name.empty? ? "".freeze : request.script_name.dup
+          else
+            options[:script_name] = script_name
+          end
         end
         options.freeze
       else

data/lib/action_controller/railtie.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "rails"
 require "action_controller"
 require "action_dispatch/railtie"
@@ -11,7 +13,7 @@ module ActionController
 
     config.eager_load_namespaces << ActionController
 
-    initializer "action_controller.assets_config", :group => :all do |app|
+    initializer "action_controller.assets_config", group: :all do |app|
       app.config.action_controller.assets_dir ||= app.config.paths["public"].first
     end
 
@@ -22,13 +24,15 @@ module ActionController
     initializer "action_controller.parameters_config" do |app|
       options = app.config.action_controller
 
-      ActionController::Parameters.permit_all_parameters = options.delete(:permit_all_parameters) { false }
-      if app.config.action_controller[:always_permitted_parameters]
-        ActionController::Parameters.always_permitted_parameters =
-          app.config.action_controller.delete(:always_permitted_parameters)
-      end
-      ActionController::Parameters.action_on_unpermitted_parameters = options.delete(:action_on_unpermitted_parameters) do
-        (Rails.env.test? || Rails.env.development?) ? :log : false
+      ActiveSupport.on_load(:action_controller, run_once: true) do
+        ActionController::Parameters.permit_all_parameters = options.delete(:permit_all_parameters) { false }
+        if app.config.action_controller[:always_permitted_parameters]
+          ActionController::Parameters.always_permitted_parameters =
+            app.config.action_controller.delete(:always_permitted_parameters)
+        end
+        ActionController::Parameters.action_on_unpermitted_parameters = options.delete(:action_on_unpermitted_parameters) do
+          (Rails.env.test? || Rails.env.development?) ? :log : false
+        end
       end
     end
 
@@ -42,7 +46,7 @@ module ActionController
       options.javascripts_dir ||= paths["public/javascripts"].first
       options.stylesheets_dir ||= paths["public/stylesheets"].first
 
-      # Ensure readers methods get compiled
+      # Ensure readers methods get compiled.
       options.asset_host        ||= app.config.asset_host
       options.relative_url_root ||= app.config.relative_url_root
 
@@ -51,7 +55,7 @@ module ActionController
         extend ::AbstractController::Railties::RoutesHelpers.with(app.routes)
         extend ::ActionController::Railties::Helpers
 
-        options.each do |k,v|
+        options.each do |k, v|
           k = "#{k}="
           if respond_to?(k)
             send(k, v)
@@ -67,5 +71,19 @@ module ActionController
         config.compile_methods! if config.respond_to?(:compile_methods!)
       end
     end
+
+    initializer "action_controller.request_forgery_protection" do |app|
+      ActiveSupport.on_load(:action_controller_base) do
+        if app.config.action_controller.default_protect_from_forgery
+          protect_from_forgery with: :exception
+        end
+      end
+    end
+
+    initializer "action_controller.eager_load_actions" do
+      ActiveSupport.on_load(:after_initialize) do
+        ActionController::Metal.descendants.each(&:action_methods) if config.eager_load
+      end
+    end
   end
 end

data/lib/action_controller/railties/helpers.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ActionController
   module Railties
     module Helpers

data/lib/action_controller/renderer.rb

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/hash/keys"
+
+module ActionController
+  # ActionController::Renderer allows you to render arbitrary templates
+  # without requirement of being in controller actions.
+  #
+  # You get a concrete renderer class by invoking ActionController::Base#renderer.
+  # For example:
+  #
+  #   ApplicationController.renderer
+  #
+  # It allows you to call method #render directly.
+  #
+  #   ApplicationController.renderer.render template: '...'
+  #
+  # You can use this shortcut in a controller, instead of the previous example:
+  #
+  #   ApplicationController.render template: '...'
+  #
+  # #render allows you to use the same options that you can use when rendering in a controller.
+  # For example:
+  #
+  #   FooController.render :action, locals: { ... }, assigns: { ... }
+  #
+  # The template will be rendered in a Rack environment which is accessible through
+  # ActionController::Renderer#env. You can set it up in two ways:
+  #
+  # *  by changing renderer defaults, like
+  #
+  #       ApplicationController.renderer.defaults # => hash with default Rack environment
+  #
+  # *  by initializing an instance of renderer by passing it a custom environment.
+  #
+  #       ApplicationController.renderer.new(method: 'post', https: true)
+  #
+  class Renderer
+    attr_reader :defaults, :controller
+
+    DEFAULTS = {
+      http_host: "example.org",
+      https: false,
+      method: "get",
+      script_name: "",
+      input: ""
+    }.freeze
+
+    # Create a new renderer instance for a specific controller class.
+    def self.for(controller, env = {}, defaults = DEFAULTS.dup)
+      new(controller, env, defaults)
+    end
+
+    # Create a new renderer for the same controller but with a new env.
+    def new(env = {})
+      self.class.new controller, env, defaults
+    end
+
+    # Create a new renderer for the same controller but with new defaults.
+    def with_defaults(defaults)
+      self.class.new controller, @env, self.defaults.merge(defaults)
+    end
+
+    # Accepts a custom Rack environment to render templates in.
+    # It will be merged with the default Rack environment defined by
+    # +ActionController::Renderer::DEFAULTS+.
+    def initialize(controller, env, defaults)
+      @controller = controller
+      @defaults = defaults
+      @env = normalize_keys defaults.merge(env)
+    end
+
+    # Render templates with any options from ActionController::Base#render_to_string.
+    def render(*args)
+      raise "missing controller" unless controller
+
+      request = ActionDispatch::Request.new @env
+      request.routes = controller._routes
+
+      instance = controller.new
+      instance.set_request! request
+      instance.set_response! controller.make_response!(request)
+      instance.render_to_string(*args)
+    end
+
+    private
+      def normalize_keys(env)
+        new_env = {}
+        env.each_pair { |k, v| new_env[rack_key_for(k)] = rack_value_for(k, v) }
+        new_env["rack.url_scheme"] = new_env["HTTPS"] == "on" ? "https" : "http"
+        new_env
+      end
+
+      RACK_KEY_TRANSLATION = {
+        http_host:   "HTTP_HOST",
+        https:       "HTTPS",
+        method:      "REQUEST_METHOD",
+        script_name: "SCRIPT_NAME",
+        input:       "rack.input"
+      }
+
+      IDENTITY = ->(_) { _ }
+
+      RACK_VALUE_TRANSLATION = {
+        https: ->(v) { v ? "on" : "off" },
+        method: ->(v) { v.upcase },
+      }
+
+      def rack_key_for(key)
+        RACK_KEY_TRANSLATION.fetch(key, key.to_s)
+      end
+
+      def rack_value_for(key, value)
+        RACK_VALUE_TRANSLATION.fetch(key, IDENTITY).call value
+      end
+  end
+end

data/lib/action_controller/template_assertions.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module ActionController
+  module TemplateAssertions
+    def assert_template(options = {}, message = nil)
+      raise NoMethodError,
+        "assert_template has been extracted to a gem. To continue using it,
+        add `gem 'rails-controller-testing'` to your Gemfile."
+    end
+  end
+end

data/lib/action_controller/test_case.rb

@@ -1,224 +1,81 @@
-require 'rack/session/abstract/id'
-require 'active_support/core_ext/object/to_query'
-require 'active_support/core_ext/module/anonymous'
-require 'active_support/core_ext/hash/keys'
-require 'active_support/deprecation'
-
-require 'rails-dom-testing'
+# frozen_string_literal: true
+
+require "rack/session/abstract/id"
+require "active_support/core_ext/hash/conversions"
+require "active_support/core_ext/object/to_query"
+require "active_support/core_ext/module/anonymous"
+require "active_support/core_ext/module/redefine_method"
+require "active_support/core_ext/hash/keys"
+require "active_support/testing/constant_lookup"
+require "action_controller/template_assertions"
+require "rails-dom-testing"
 
 module ActionController
-  module TemplateAssertions
-    extend ActiveSupport::Concern
+  class Metal
+    include Testing::Functional
+  end
 
-    included do
-      setup :setup_subscriptions
-      teardown :teardown_subscriptions
+  module Live
+    # Disable controller / rendering threads in tests. User tests can access
+    # the database on the main thread, so they could open a txn, then the
+    # controller thread will open a new connection and try to access data
+    # that's only visible to the main thread's txn. This is the problem in #23483.
+    silence_redefinition_of_method :new_controller_thread
+    def new_controller_thread # :nodoc:
+      yield
     end
+  end
 
-    RENDER_TEMPLATE_INSTANCE_VARIABLES = %w{partials templates layouts files}.freeze
-
-    def setup_subscriptions
-      RENDER_TEMPLATE_INSTANCE_VARIABLES.each do |instance_variable|
-        instance_variable_set("@_#{instance_variable}", Hash.new(0))
-      end
-
-      @_subscribers = []
-
-      @_subscribers << ActiveSupport::Notifications.subscribe("render_template.action_view") do |_name, _start, _finish, _id, payload|
-        path = payload[:layout]
-        if path
-          @_layouts[path] += 1
-          if path =~ /^layouts\/(.*)/
-            @_layouts[$1] += 1
-          end
-        end
-      end
-
-      @_subscribers << ActiveSupport::Notifications.subscribe("!render_template.action_view") do |_name, _start, _finish, _id, payload|
-        if virtual_path = payload[:virtual_path]
-          partial = virtual_path =~ /^.*\/_[^\/]*$/
-
-          if partial
-            @_partials[virtual_path] += 1
-            @_partials[virtual_path.split("/").last] += 1
-          end
+  # ActionController::TestCase will be deprecated and moved to a gem in Rails 5.1.
+  # Please use ActionDispatch::IntegrationTest going forward.
+  class TestRequest < ActionDispatch::TestRequest #:nodoc:
+    DEFAULT_ENV = ActionDispatch::TestRequest::DEFAULT_ENV.dup
+    DEFAULT_ENV.delete "PATH_INFO"
 
-          @_templates[virtual_path] += 1
-        else
-          path = payload[:identifier]
-          if path
-            @_files[path] += 1
-            @_files[path.split("/").last] += 1
-          end
-        end
-      end
+    def self.new_session
+      TestSession.new
     end
 
-    def teardown_subscriptions
-      return unless defined?(@_subscribers)
-
-      @_subscribers.each do |subscriber|
-        ActiveSupport::Notifications.unsubscribe(subscriber)
-      end
-    end
+    attr_reader :controller_class
 
-    def process(*args)
-      reset_template_assertion
-      super
+    # Create a new test request with default `env` values.
+    def self.create(controller_class)
+      env = {}
+      env = Rails.application.env_config.merge(env) if defined?(Rails.application) && Rails.application
+      env["rack.request.cookie_hash"] = {}.with_indifferent_access
+      new(default_env.merge(env), new_session, controller_class)
     end
 
-    def reset_template_assertion
-      RENDER_TEMPLATE_INSTANCE_VARIABLES.each do |instance_variable|
-        ivar_name = "@_#{instance_variable}"
-        if instance_variable_defined?(ivar_name)
-          instance_variable_get(ivar_name).clear
-        end
-      end
+    def self.default_env
+      DEFAULT_ENV
     end
+    private_class_method :default_env
 
-    # Asserts that the request was rendered with the appropriate template file or partials.
-    #
-    #   # assert that the "new" view template was rendered
-    #   assert_template "new"
-    #
-    #   # assert that the exact template "admin/posts/new" was rendered
-    #   assert_template %r{\Aadmin/posts/new\Z}
-    #
-    #   # assert that the layout 'admin' was rendered
-    #   assert_template layout: 'admin'
-    #   assert_template layout: 'layouts/admin'
-    #   assert_template layout: :admin
-    #
-    #   # assert that no layout was rendered
-    #   assert_template layout: nil
-    #   assert_template layout: false
-    #
-    #   # assert that the "_customer" partial was rendered twice
-    #   assert_template partial: '_customer', count: 2
-    #
-    #   # assert that no partials were rendered
-    #   assert_template partial: false
-    #
-    #   # assert that a file was rendered
-    #   assert_template file: "README.rdoc"
-    #
-    #   # assert that no file was rendered
-    #   assert_template file: nil
-    #   assert_template file: false
-    #
-    # In a view test case, you can also assert that specific locals are passed
-    # to partials:
-    #
-    #   # assert that the "_customer" partial was rendered with a specific object
-    #   assert_template partial: '_customer', locals: { customer: @customer }
-    def assert_template(options = {}, message = nil)
-      # Force body to be read in case the template is being streamed.
-      response.body
-
-      case options
-      when NilClass, Regexp, String, Symbol
-        options = options.to_s if Symbol === options
-        rendered = @_templates
-        msg = message || sprintf("expecting <%s> but rendering with <%s>",
-                options.inspect, rendered.keys)
-        matches_template =
-          case options
-          when String
-            !options.empty? && rendered.any? do |t, num|
-              options_splited = options.split(File::SEPARATOR)
-              t_splited = t.split(File::SEPARATOR)
-              t_splited.last(options_splited.size) == options_splited
-            end
-          when Regexp
-            rendered.any? { |t,num| t.match(options) }
-          when NilClass
-            rendered.blank?
-          end
-        assert matches_template, msg
-      when Hash
-        options.assert_valid_keys(:layout, :partial, :locals, :count, :file)
-
-        if options.key?(:layout)
-          expected_layout = options[:layout]
-          msg = message || sprintf("expecting layout <%s> but action rendered <%s>",
-                  expected_layout, @_layouts.keys)
-
-          case expected_layout
-          when String, Symbol
-            assert_includes @_layouts.keys, expected_layout.to_s, msg
-          when Regexp
-            assert(@_layouts.keys.any? {|l| l =~ expected_layout }, msg)
-          when nil, false
-            assert(@_layouts.empty?, msg)
-          end
-        end
+    def initialize(env, session, controller_class)
+      super(env)
 
-        if options[:file]
-          assert_includes @_files.keys, options[:file]
-        elsif options.key?(:file)
-          assert @_files.blank?, "expected no files but #{@_files.keys} was rendered"
-        end
-
-        if expected_partial = options[:partial]
-          if expected_locals = options[:locals]
-            if defined?(@_rendered_views)
-              view = expected_partial.to_s.sub(/^_/, '').sub(/\/_(?=[^\/]+\z)/, '/')
-
-              partial_was_not_rendered_msg = "expected %s to be rendered but it was not." % view
-              assert_includes @_rendered_views.rendered_views, view, partial_was_not_rendered_msg
-
-              msg = 'expecting %s to be rendered with %s but was with %s' % [expected_partial,
-                                                                             expected_locals,
-                                                                             @_rendered_views.locals_for(view)]
-              assert(@_rendered_views.view_rendered?(view, options[:locals]), msg)
-            else
-              warn "the :locals option to #assert_template is only supported in a ActionView::TestCase"
-            end
-          elsif expected_count = options[:count]
-            actual_count = @_partials[expected_partial]
-            msg = message || sprintf("expecting %s to be rendered %s time(s) but rendered %s time(s)",
-                     expected_partial, expected_count, actual_count)
-            assert(actual_count == expected_count.to_i, msg)
-          else
-            msg = message || sprintf("expecting partial <%s> but action rendered <%s>",
-                    options[:partial], @_partials.keys)
-            assert_includes @_partials, expected_partial, msg
-          end
-        elsif options.key?(:partial)
-          assert @_partials.empty?,
-            "Expected no partials to be rendered"
-        end
-      else
-        raise ArgumentError, "assert_template only accepts a String, Symbol, Hash, Regexp, or nil"
-      end
+      self.session = session
+      self.session_options = TestSession::DEFAULT_OPTIONS.dup
+      @controller_class = controller_class
+      @custom_param_parsers = {
+        xml: lambda { |raw_post| Hash.from_xml(raw_post)["hash"] }
+      }
     end
-  end
-
-  class TestRequest < ActionDispatch::TestRequest #:nodoc:
-    DEFAULT_ENV = ActionDispatch::TestRequest::DEFAULT_ENV.dup
-    DEFAULT_ENV.delete 'PATH_INFO'
 
-    def initialize(env = {})
-      super
+    def query_string=(string)
+      set_header Rack::QUERY_STRING, string
+    end
 
-      self.session = TestSession.new
-      self.session_options = TestSession::DEFAULT_OPTIONS.merge(:id => SecureRandom.hex(16))
+    def content_type=(type)
+      set_header "CONTENT_TYPE", type
     end
 
-    def assign_parameters(routes, controller_path, action, parameters = {})
-      parameters = parameters.symbolize_keys.merge(:controller => controller_path, :action => action)
-      extra_keys = routes.extra_keys(parameters)
-      non_path_parameters = get? ? query_parameters : request_parameters
-      parameters.each do |key, value|
-        if value.is_a?(Array) && (value.frozen? || value.any?(&:frozen?))
-          value = value.map{ |v| v.duplicable? ? v.dup : v }
-        elsif value.is_a?(Hash) && (value.frozen? || value.any?{ |k,v| v.frozen? })
-          value = Hash[value.map{ |k,v| [k, v.duplicable? ? v.dup : v] }]
-        elsif value.frozen? && value.duplicable?
-          value = value.dup
-        end
+    def assign_parameters(routes, controller_path, action, parameters, generated_path, query_string_keys)
+      non_path_parameters = {}
+      path_parameters = {}
 
-        if extra_keys.include?(key)
+      parameters.each do |key, value|
+        if query_string_keys.include?(key)
           non_path_parameters[key] = value
         else
           if value.is_a?(Array)
@@ -231,72 +88,89 @@ module ActionController
         end
       end
 
-      # Clear the combined params hash in case it was already referenced.
-      @env.delete("action_dispatch.request.parameters")
+      if get?
+        if query_string.blank?
+          self.query_string = non_path_parameters.to_query
+        end
+      else
+        if ENCODER.should_multipart?(non_path_parameters)
+          self.content_type = ENCODER.content_type
+          data = ENCODER.build_multipart non_path_parameters
+        else
+          fetch_header("CONTENT_TYPE") do |k|
+            set_header k, "application/x-www-form-urlencoded"
+          end
 
-      # Clear the filter cache variables so they're not stale
-      @filtered_parameters = @filtered_env = @filtered_path = nil
+          case content_mime_type.to_sym
+          when nil
+            raise "Unknown Content-Type: #{content_type}"
+          when :json
+            data = ActiveSupport::JSON.encode(non_path_parameters)
+          when :xml
+            data = non_path_parameters.to_xml
+          when :url_encoded_form
+            data = non_path_parameters.to_query
+          else
+            @custom_param_parsers[content_mime_type.symbol] = ->(_) { non_path_parameters }
+            data = non_path_parameters.to_query
+          end
+        end
 
-      params = self.request_parameters.dup
-      %w(controller action only_path).each do |k|
-        params.delete(k)
-        params.delete(k.to_sym)
+        data_stream = StringIO.new(data)
+        set_header "CONTENT_LENGTH", data_stream.length.to_s
+        set_header "rack.input", data_stream
       end
-      data = params.to_query
 
-      @env['CONTENT_LENGTH'] = data.length.to_s
-      @env['rack.input'] = StringIO.new(data)
-    end
+      fetch_header("PATH_INFO") do |k|
+        set_header k, generated_path
+      end
+      path_parameters[:controller] = controller_path
+      path_parameters[:action] = action
 
-    def recycle!
-      @formats = nil
-      @env.delete_if { |k, v| k =~ /^(action_dispatch|rack)\.request/ }
-      @env.delete_if { |k, v| k =~ /^action_dispatch\.rescue/ }
-      @method = @request_method = nil
-      @fullpath = @ip = @remote_ip = @protocol = nil
-      @env['action_dispatch.request.query_parameters'] = {}
-      @set_cookies ||= {}
-      @set_cookies.update(Hash[cookie_jar.instance_variable_get("@set_cookies").map{ |k,o| [k,o[:value]] }])
-      deleted_cookies = cookie_jar.instance_variable_get("@delete_cookies")
-      @set_cookies.reject!{ |k,v| deleted_cookies.include?(k) }
-      cookie_jar.update(rack_cookies)
-      cookie_jar.update(cookies)
-      cookie_jar.update(@set_cookies)
-      cookie_jar.recycle!
+      self.path_parameters = path_parameters
     end
 
-    private
+    ENCODER = Class.new do
+      include Rack::Test::Utils
+
+      def should_multipart?(params)
+        # FIXME: lifted from Rack-Test. We should push this separation upstream.
+        multipart = false
+        query = lambda { |value|
+          case value
+          when Array
+            value.each(&query)
+          when Hash
+            value.values.each(&query)
+          when Rack::Test::UploadedFile
+            multipart = true
+          end
+        }
+        params.values.each(&query)
+        multipart
+      end
 
-    def default_env
-      DEFAULT_ENV
-    end
-  end
+      public :build_multipart
 
-  class TestResponse < ActionDispatch::TestResponse
-    def recycle!
-      initialize
-    end
-  end
+      def content_type
+        "multipart/form-data; boundary=#{Rack::Test::MULTIPART_BOUNDARY}"
+      end
+    end.new
 
-  class LiveTestResponse < Live::Response
-    def recycle!
-      @body = nil
-      initialize
-    end
+    private
 
-    def body
-      @body ||= super
-    end
+      def params_parsers
+        super.merge @custom_param_parsers
+      end
+  end
 
+  class LiveTestResponse < Live::Response
     # Was the response successful?
     alias_method :success?, :successful?
 
     # Was the URL not found?
     alias_method :missing?, :not_found?
 
-    # Were we redirected?
-    alias_method :redirect?, :redirection?
-
     # Was there a server-side error?
     alias_method :error?, :server_error?
   end
@@ -304,7 +178,7 @@ module ActionController
   # Methods #destroy and #load! are overridden to avoid calling methods on the
   # @store object, which does not exist for the TestSession class.
   class TestSession < Rack::Session::Abstract::SessionHash #:nodoc:
-    DEFAULT_OPTIONS = Rack::Session::Abstract::ID::DEFAULT_OPTIONS
+    DEFAULT_OPTIONS = Rack::Session::Abstract::Persisted::DEFAULT_OPTIONS
 
     def initialize(session = {})
       super(nil, nil)
@@ -341,10 +215,18 @@ module ActionController
   end
 
   # Superclass for ActionController functional tests. Functional tests allow you to
-  # test a single controller action per test method. This should not be confused with
-  # integration tests (see ActionDispatch::IntegrationTest), which are more like
-  # "stories" that can involve multiple controllers and multiple actions (i.e. multiple
-  # different HTTP requests).
+  # test a single controller action per test method.
+  #
+  # == Use integration style controller tests over functional style controller tests.
+  #
+  # Rails discourages the use of functional tests in favor of integration tests
+  # (use ActionDispatch::IntegrationTest).
+  #
+  # New Rails applications no longer generate functional style controller tests and they should
+  # only be used for backward compatibility. Integration style controller tests perform actual
+  # requests, whereas functional style controller tests merely simulate a request. Besides,
+  # integration tests are as fast as functional tests and provide lot of helpers such as +as+,
+  # +parsed_body+ for effective testing of controller actions including even API endpoints.
   #
   # == Basic example
   #
@@ -359,13 +241,13 @@ module ActionController
   #   class BooksControllerTest < ActionController::TestCase
   #     def test_create
   #       # Simulate a POST response with the given HTTP parameters.
-  #       post(:create, book: { title: "Love Hina" })
+  #       post(:create, params: { book: { title: "Love Hina" }})
   #
-  #       # Assert that the controller tried to redirect us to
+  #       # Asserts that the controller tried to redirect us to
   #       # the created book's URI.
   #       assert_response :found
   #
-  #       # Assert that the controller really put the book in the database.
+  #       # Asserts that the controller really put the book in the database.
   #       assert_not_nil Book.find_by(title: "Love Hina")
   #     end
   #   end
@@ -374,7 +256,7 @@ module ActionController
   #
   #   def test_create
   #     json = {book: { title: "Love Hina" }}.to_json
-  #     post :create, json
+  #     post :create, body: json
   #   end
   #
   # == Special instance variables
@@ -389,7 +271,7 @@ module ActionController
   #      request. You can modify this object before sending the HTTP request. For example,
   #      you might want to set some session properties before sending a GET request.
   # <b>@response</b>::
-  #      An ActionController::TestResponse object, representing the response
+  #      An ActionDispatch::TestResponse object, representing the response
   #      of the last HTTP response. In the above example, <tt>@response</tt> becomes valid
   #      after calling +post+. If the various assert methods are not sufficient, then you
   #      may use this object to inspect the HTTP response in detail.
@@ -412,22 +294,16 @@ module ActionController
   # In addition to these specific assertions, you also have easy access to various collections that the regular test/unit assertions
   # can be used against. These collections are:
   #
-  # * assigns: Instance variables assigned in the action that are available for the view.
   # * session: Objects being saved in the session.
   # * flash: The flash objects currently in the session.
   # * cookies: \Cookies being sent to the user on this request.
   #
   # These collections can be used just like any other hash:
   #
-  #   assert_not_nil assigns(:person) # makes sure that a @person instance variable was set
   #   assert_equal "Dave", cookies[:name] # makes sure that a cookie called :name was set as "Dave"
   #   assert flash.empty? # makes sure that there's nothing in the flash
   #
-  # For historic reasons, the assigns hash uses string-based keys. So <tt>assigns[:person]</tt> won't work, but <tt>assigns["person"]</tt> will. To
-  # appease our yearning for symbols, though, an alternative accessor has been devised using a method call instead of index referencing.
-  # So <tt>assigns(:person)</tt> will work just like <tt>assigns["person"]</tt>, but again, <tt>assigns[:person]</tt> will not work.
-  #
-  # On top of the collections, you have the complete url that a given action redirected to available in <tt>redirect_to_url</tt>.
+  # On top of the collections, you have the complete URL that a given action redirected to available in <tt>redirect_to_url</tt>.
   #
   # For redirects within the same controller, you can even call follow_redirect and the redirect will be followed, triggering another
   # action call which can then be asserted against.
@@ -459,7 +335,6 @@ module ActionController
       attr_reader :response, :request
 
       module ClassMethods
-
         # Sets the controller class name. Useful if the name can't be inferred from test class.
         # Normalizes +controller_class+ before using.
         #
@@ -482,7 +357,7 @@ module ActionController
         end
 
         def controller_class
-          if current_controller_class = self._controller_class
+          if current_controller_class = _controller_class
             current_controller_class
           else
             self.controller_class = determine_default_controller_class(name)
@@ -499,169 +374,197 @@ module ActionController
       # Simulate a GET request with the given parameters.
       #
       # - +action+: The controller action to call.
-      # - +parameters+: The HTTP parameters that you want to pass. This may
-      #   be +nil+, a hash, or a string that is appropriately encoded
+      # - +params+: The hash with HTTP parameters that you want to pass. This may be +nil+.
+      # - +body+: The request body with a string that is appropriately encoded
       #   (<tt>application/x-www-form-urlencoded</tt> or <tt>multipart/form-data</tt>).
       # - +session+: A hash of parameters to store in the session. This may be +nil+.
       # - +flash+: A hash of parameters to store in the flash. This may be +nil+.
       #
       # You can also simulate POST, PATCH, PUT, DELETE, and HEAD requests with
       # +post+, +patch+, +put+, +delete+, and +head+.
+      # Example sending parameters, session and setting a flash message:
+      #
+      #   get :show,
+      #     params: { id: 7 },
+      #     session: { user_id: 1 },
+      #     flash: { notice: 'This is flash message' }
       #
       # Note that the request method is not verified. The different methods are
       # available to make the tests more expressive.
-      def get(action, *args)
-        process(action, "GET", *args)
+      def get(action, **args)
+        res = process(action, method: "GET", **args)
+        cookies.update res.cookies
+        res
       end
 
       # Simulate a POST request with the given parameters and set/volley the response.
       # See +get+ for more details.
-      def post(action, *args)
-        process(action, "POST", *args)
+      def post(action, **args)
+        process(action, method: "POST", **args)
       end
 
       # Simulate a PATCH request with the given parameters and set/volley the response.
       # See +get+ for more details.
-      def patch(action, *args)
-        process(action, "PATCH", *args)
+      def patch(action, **args)
+        process(action, method: "PATCH", **args)
       end
 
       # Simulate a PUT request with the given parameters and set/volley the response.
       # See +get+ for more details.
-      def put(action, *args)
-        process(action, "PUT", *args)
+      def put(action, **args)
+        process(action, method: "PUT", **args)
       end
 
       # Simulate a DELETE request with the given parameters and set/volley the response.
       # See +get+ for more details.
-      def delete(action, *args)
-        process(action, "DELETE", *args)
+      def delete(action, **args)
+        process(action, method: "DELETE", **args)
       end
 
       # Simulate a HEAD request with the given parameters and set/volley the response.
       # See +get+ for more details.
-      def head(action, *args)
-        process(action, "HEAD", *args)
-      end
-
-      def xml_http_request(request_method, action, parameters = nil, session = nil, flash = nil)
-        @request.env['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
-        @request.env['HTTP_ACCEPT'] ||=  [Mime::JS, Mime::HTML, Mime::XML, 'text/xml', Mime::ALL].join(', ')
-        __send__(request_method, action, parameters, session, flash).tap do
-          @request.env.delete 'HTTP_X_REQUESTED_WITH'
-          @request.env.delete 'HTTP_ACCEPT'
-        end
-      end
-      alias xhr :xml_http_request
-
-      def paramify_values(hash_or_array_or_value)
-        case hash_or_array_or_value
-        when Hash
-          Hash[hash_or_array_or_value.map{|key, value| [key, paramify_values(value)] }]
-        when Array
-          hash_or_array_or_value.map {|i| paramify_values(i)}
-        when Rack::Test::UploadedFile, ActionDispatch::Http::UploadedFile
-          hash_or_array_or_value
-        else
-          hash_or_array_or_value.to_param
-        end
+      def head(action, **args)
+        process(action, method: "HEAD", **args)
       end
 
-      # Simulate a HTTP request to +action+ by specifying request method,
+      # Simulate an HTTP request to +action+ by specifying request method,
       # parameters and set/volley the response.
       #
       # - +action+: The controller action to call.
-      # - +http_method+: Request method used to send the http request. Possible values
-      #   are +GET+, +POST+, +PATCH+, +PUT+, +DELETE+, +HEAD+. Defaults to +GET+.
-      # - +parameters+: The HTTP parameters. This may be +nil+, a hash, or a
-      #   string that is appropriately encoded (+application/x-www-form-urlencoded+
-      #   or +multipart/form-data+).
+      # - +method+: Request method used to send the HTTP request. Possible values
+      #   are +GET+, +POST+, +PATCH+, +PUT+, +DELETE+, +HEAD+. Defaults to +GET+. Can be a symbol.
+      # - +params+: The hash with HTTP parameters that you want to pass. This may be +nil+.
+      # - +body+: The request body with a string that is appropriately encoded
+      #   (<tt>application/x-www-form-urlencoded</tt> or <tt>multipart/form-data</tt>).
       # - +session+: A hash of parameters to store in the session. This may be +nil+.
       # - +flash+: A hash of parameters to store in the flash. This may be +nil+.
+      # - +format+: Request format. Defaults to +nil+. Can be string or symbol.
+      # - +as+: Content type. Defaults to +nil+. Must be a symbol that corresponds
+      #   to a mime type.
       #
       # Example calling +create+ action and sending two params:
       #
-      #   process :create, 'POST', user: { name: 'Gaurish Sharma', email: 'user@example.com' }
-      #
-      # Example sending parameters, +nil+ session and setting a flash message:
-      #
-      #   process :view, 'GET', { id: 7 }, nil, { notice: 'This is flash message' }
+      #   process :create,
+      #     method: 'POST',
+      #     params: {
+      #       user: { name: 'Gaurish Sharma', email: 'user@example.com' }
+      #     },
+      #     session: { user_id: 1 },
+      #     flash: { notice: 'This is flash message' }
       #
       # To simulate +GET+, +POST+, +PATCH+, +PUT+, +DELETE+ and +HEAD+ requests
       # prefer using #get, #post, #patch, #put, #delete and #head methods
       # respectively which will make tests more expressive.
       #
       # Note that the request method is not verified.
-      def process(action, http_method = 'GET', *args)
+      def process(action, method: "GET", params: nil, session: nil, body: nil, flash: {}, format: nil, xhr: false, as: nil)
         check_required_ivars
 
-        if args.first.is_a?(String) && http_method != 'HEAD'
-          @request.env['RAW_POST_DATA'] = args.shift
-        end
+        action = action.to_s.dup
+        http_method = method.to_s.upcase
 
-        parameters, session, flash = args
-        parameters ||= {}
+        @html_document = nil
 
-        # Ensure that numbers and symbols passed as params are converted to
-        # proper params, as is the case when engaging rack.
-        parameters = paramify_values(parameters) if html_format?(parameters)
+        cookies.update(@request.cookies)
+        cookies.update_cookies_from_jar
+        @request.set_header "HTTP_COOKIE", cookies.to_header
+        @request.delete_header "action_dispatch.cookies"
 
-        @html_document = nil
-        @html_scanner_document = nil
+        @request          = TestRequest.new scrub_env!(@request.env), @request.session, @controller.class
+        @response         = build_response @response_klass
+        @response.request = @request
+        @controller.recycle!
 
-        unless @controller.respond_to?(:recycle!)
-          @controller.extend(Testing::Functional)
+        if body
+          @request.set_header "RAW_POST_DATA", body
         end
 
-        @request.recycle!
-        @response.recycle!
-        @controller.recycle!
+        @request.set_header "REQUEST_METHOD", http_method
 
-        @request.env['REQUEST_METHOD'] = http_method
+        if as
+          @request.content_type = Mime[as].to_s
+          format ||= as
+        end
+
+        parameters = (params || {}).symbolize_keys
+
+        if format
+          parameters[:format] = format
+        end
 
-        controller_class_name = @controller.class.anonymous? ?
-          "anonymous" :
-          @controller.class.controller_path
+        generated_extras = @routes.generate_extras(parameters.merge(controller: controller_class_name, action: action))
+        generated_path = generated_path(generated_extras)
+        query_string_keys = query_parameter_names(generated_extras)
 
-        @request.assign_parameters(@routes, controller_class_name, action.to_s, parameters)
+        @request.assign_parameters(@routes, controller_class_name, action, parameters, generated_path, query_string_keys)
 
         @request.session.update(session) if session
         @request.flash.update(flash || {})
 
-        @controller.request  = @request
-        @controller.response = @response
-
-        build_request_uri(action, parameters)
+        if xhr
+          @request.set_header "HTTP_X_REQUESTED_WITH", "XMLHttpRequest"
+          @request.fetch_header("HTTP_ACCEPT") do |k|
+            @request.set_header k, [Mime[:js], Mime[:html], Mime[:xml], "text/xml", "*/*"].join(", ")
+          end
+        end
 
-        name = @request.parameters[:action]
+        @request.fetch_header("SCRIPT_NAME") do |k|
+          @request.set_header k, @controller.config.relative_url_root
+        end
 
-        @controller.recycle!
-        @controller.process(name)
+        begin
+          @controller.recycle!
+          @controller.dispatch(action, @request, @response)
+        ensure
+          @request = @controller.request
+          @response = @controller.response
+
+          if @request.have_cookie_jar?
+            unless @request.cookie_jar.committed?
+              @request.cookie_jar.write(@response)
+              cookies.update(@request.cookie_jar.instance_variable_get(:@cookies))
+            end
+          end
+          @response.prepare!
 
-        if cookies = @request.env['action_dispatch.cookies']
-          unless @response.committed?
-            cookies.write(@response)
+          if flash_value = @request.flash.to_session_value
+            @request.session["flash"] = flash_value
+          else
+            @request.session.delete("flash")
           end
-        end
-        @response.prepare!
 
-        @assigns = @controller.respond_to?(:view_assigns) ? @controller.view_assigns : {}
+          if xhr
+            @request.delete_header "HTTP_X_REQUESTED_WITH"
+            @request.delete_header "HTTP_ACCEPT"
+          end
+          @request.query_string = ""
 
-        if flash_value = @request.flash.to_session_value
-          @request.session['flash'] = flash_value
+          @response.sent!
         end
 
         @response
       end
 
+      def controller_class_name
+        @controller.class.anonymous? ? "anonymous" : @controller.class.controller_path
+      end
+
+      def generated_path(generated_extras)
+        generated_extras[0]
+      end
+
+      def query_parameter_names(generated_extras)
+        generated_extras[1] + [:controller, :action]
+      end
+
       def setup_controller_request_and_response
         @controller = nil unless defined? @controller
 
-        response_klass = TestResponse
+        @response_klass = ActionDispatch::TestResponse
 
         if klass = self.class.controller_class
           if klass < ActionController::Live
-            response_klass = LiveTestResponse
+            @response_klass = LiveTestResponse
           end
           unless @controller
             begin
@@ -672,8 +575,8 @@ module ActionController
           end
         end
 
-        @request          = build_request
-        @response         = build_response response_klass
+        @request          = TestRequest.create(@controller.class)
+        @response         = build_response @response_klass
         @response.request = @request
 
         if @controller
@@ -682,12 +585,8 @@ module ActionController
         end
       end
 
-      def build_request
-        TestRequest.new
-      end
-
       def build_response(klass)
-        klass.new
+        klass.create
       end
 
       included do
@@ -695,65 +594,35 @@ module ActionController
         include ActionDispatch::Assertions
         class_attribute :_controller_class
         setup :setup_controller_request_and_response
+        ActiveSupport.run_load_hooks(:action_controller_test_case, self)
       end
 
       private
 
-      def document_root_element
-        html_document.root
-      end
+        def scrub_env!(env)
+          env.delete_if { |k, v| k =~ /^(action_dispatch|rack)\.request/ }
+          env.delete_if { |k, v| k =~ /^action_dispatch\.rescue/ }
+          env.delete "action_dispatch.request.query_parameters"
+          env.delete "action_dispatch.request.request_parameters"
+          env["rack.input"] = StringIO.new
+          env.delete "CONTENT_LENGTH"
+          env.delete "RAW_POST_DATA"
+          env
+        end
 
-      def check_required_ivars
-        # Sanity check for required instance variables so we can give an
-        # understandable error message.
-        [:@routes, :@controller, :@request, :@response].each do |iv_name|
-          if !instance_variable_defined?(iv_name) || instance_variable_get(iv_name).nil?
-            raise "#{iv_name} is nil: make sure you set it in your test's setup method."
-          end
+        def document_root_element
+          html_document.root
         end
-      end
 
-      def build_request_uri(action, parameters)
-        unless @request.env["PATH_INFO"]
-          options = @controller.respond_to?(:url_options) ? @controller.__send__(:url_options).merge(parameters) : parameters
-          options.update(
-            :action => action,
-            :relative_url_root => nil,
-            :_recall => @request.path_parameters)
-
-          if route_name = options.delete(:use_route)
-            ActiveSupport::Deprecation.warn <<-MSG.squish
-              Passing the `use_route` option in functional tests are deprecated.
-              Support for this option in the `process` method (and the related
-              `get`, `head`, `post`, `patch`, `put` and `delete` helpers) will
-              be removed in the next version without replacement.
-
-              Functional tests are essentially unit tests for controllers and
-              they should not require knowledge to how the application's routes
-              are configured. Instead, you should explicitly pass the appropiate
-              params to the `process` method.
-
-              Previously the engines guide also contained an incorrect example
-              that recommended using this option to test an engine's controllers
-              within the dummy application. That recommendation was incorrect
-              and has since been corrected. Instead, you should override the
-              `@routes` variable in the test case with `Foo::Engine.routes`. See
-              the updated engines guide for details.
-            MSG
+        def check_required_ivars
+          # Sanity check for required instance variables so we can give an
+          # understandable error message.
+          [:@routes, :@controller, :@request, :@response].each do |iv_name|
+            if !instance_variable_defined?(iv_name) || instance_variable_get(iv_name).nil?
+              raise "#{iv_name} is nil: make sure you set it in your test's setup method."
+            end
           end
-
-          url, query_string = @routes.path_for(options, route_name).split("?", 2)
-
-          @request.env["SCRIPT_NAME"] = @controller.config.relative_url_root
-          @request.env["PATH_INFO"] = url
-          @request.env["QUERY_STRING"] = query_string || ""
         end
-      end
-
-      def html_format?(parameters)
-        return true unless parameters.key?(:format)
-        Mime.fetch(parameters[:format]) { Mime['html'] }.html?
-      end
     end
 
     include Behavior