actionpack 5.1.7 → 5.2.0.beta1

data/README.rdoc

@@ -39,7 +39,7 @@ Source code can be downloaded as part of the Rails project on GitHub
 
 Action Pack is released under the MIT license:
 
-* http://www.opensource.org/licenses/MIT
+* https://opensource.org/licenses/MIT
 
 
 == Support

data/lib/abstract_controller.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "action_pack"
 require "active_support/rails"
 require "active_support/i18n"

data/lib/abstract_controller/asset_paths.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module AbstractController
   module AssetPaths #:nodoc:
     extend ActiveSupport::Concern

data/lib/abstract_controller/base.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "abstract_controller/error"
 require "active_support/configurable"
 require "active_support/descendants_tracker"
@@ -14,8 +16,16 @@ module AbstractController
   # expected to provide their own +render+ method, since rendering means
   # different things depending on the context.
   class Base
+    ##
+    # Returns the body of the HTTP response sent by the controller.
     attr_internal :response_body
+
+    ##
+    # Returns the name of the action this controller is processing.
     attr_internal :action_name
+
+    ##
+    # Returns the formats that can be processed by the controller.
     attr_internal :formats
 
     include ActiveSupport::Configurable
@@ -170,8 +180,6 @@ module AbstractController
       #
       # ==== Parameters
       # * <tt>name</tt> - The name of an action to be tested
-      #
-      # :api: private
       def action_method?(name)
         self.class.action_methods.include?(name)
       end

data/lib/abstract_controller/caching.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module AbstractController
   module Caching
     extend ActiveSupport::Concern
@@ -37,8 +39,7 @@ module AbstractController
       config_accessor :enable_fragment_cache_logging
       self.enable_fragment_cache_logging = false
 
-      class_attribute :_view_cache_dependencies
-      self._view_cache_dependencies = []
+      class_attribute :_view_cache_dependencies, default: []
       helper_method :view_cache_dependencies if respond_to?(:helper_method)
     end
 

data/lib/abstract_controller/caching/fragments.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module AbstractController
   module Caching
     # Fragment caching is used for caching various blocks within
@@ -25,7 +27,10 @@ module AbstractController
 
         self.fragment_cache_keys = []
 
-        helper_method :fragment_cache_key if respond_to?(:helper_method)
+        if respond_to?(:helper_method)
+          helper_method :fragment_cache_key
+          helper_method :combined_fragment_cache_key
+        end
       end
 
       module ClassMethods
@@ -62,17 +67,36 @@ module AbstractController
       # with the specified +key+ value. The key is expanded using
       # ActiveSupport::Cache.expand_cache_key.
       def fragment_cache_key(key)
+        ActiveSupport::Deprecation.warn(<<-MSG.squish)
+          Calling fragment_cache_key directly is deprecated and will be removed in Rails 6.0.
+          All fragment accessors now use the combined_fragment_cache_key method that retains the key as an array,
+          such that the caching stores can interrogate the parts for cache versions used in
+          recyclable cache keys.
+        MSG
+
         head = self.class.fragment_cache_keys.map { |k| instance_exec(&k) }
         tail = key.is_a?(Hash) ? url_for(key).split("://").last : key
         ActiveSupport::Cache.expand_cache_key([*head, *tail], :views)
       end
 
+      # Given a key (as described in +expire_fragment+), returns
+      # a key array suitable for use in reading, writing, or expiring a
+      # cached fragment. All keys begin with <tt>:views</tt>,
+      # followed by ENV["RAILS_CACHE_ID"] or ENV["RAILS_APP_VERSION"] if set,
+      # followed by any controller-wide key prefix values, ending
+      # with the specified +key+ value.
+      def combined_fragment_cache_key(key)
+        head = self.class.fragment_cache_keys.map { |k| instance_exec(&k) }
+        tail = key.is_a?(Hash) ? url_for(key).split("://").last : key
+        [ :views, (ENV["RAILS_CACHE_ID"] || ENV["RAILS_APP_VERSION"]), *head, *tail ].compact
+      end
+
       # Writes +content+ to the location signified by
       # +key+ (see +expire_fragment+ for acceptable formats).
       def write_fragment(key, content, options = nil)
         return content unless cache_configured?
 
-        key = fragment_cache_key(key)
+        key = combined_fragment_cache_key(key)
         instrument_fragment_cache :write_fragment, key do
           content = content.to_str
           cache_store.write(key, content, options)
@@ -85,7 +109,7 @@ module AbstractController
       def read_fragment(key, options = nil)
         return unless cache_configured?
 
-        key = fragment_cache_key(key)
+        key = combined_fragment_cache_key(key)
         instrument_fragment_cache :read_fragment, key do
           result = cache_store.read(key, options)
           result.respond_to?(:html_safe) ? result.html_safe : result
@@ -96,7 +120,7 @@ module AbstractController
       # +key+ exists (see +expire_fragment+ for acceptable formats).
       def fragment_exist?(key, options = nil)
         return unless cache_configured?
-        key = fragment_cache_key(key)
+        key = combined_fragment_cache_key(key)
 
         instrument_fragment_cache :exist_fragment?, key do
           cache_store.exist?(key, options)
@@ -123,7 +147,7 @@ module AbstractController
       # method (or <tt>delete_matched</tt>, for Regexp keys).
       def expire_fragment(key, options = nil)
         return unless cache_configured?
-        key = fragment_cache_key(key) unless key.is_a?(Regexp)
+        key = combined_fragment_cache_key(key) unless key.is_a?(Regexp)
 
         instrument_fragment_cache :expire_fragment, key do
           if key.is_a?(Regexp)
@@ -135,8 +159,7 @@ module AbstractController
       end
 
       def instrument_fragment_cache(name, key) # :nodoc:
-        payload = instrument_payload(key)
-        ActiveSupport::Notifications.instrument("#{name}.#{instrument_name}", payload) { yield }
+        ActiveSupport::Notifications.instrument("#{name}.#{instrument_name}", instrument_payload(key)) { yield }
       end
     end
   end

data/lib/abstract_controller/callbacks.rb

@@ -1,4 +1,26 @@
+# frozen_string_literal: true
+
 module AbstractController
+  # = Abstract Controller Callbacks
+  #
+  # Abstract Controller provides hooks during the life cycle of a controller action.
+  # Callbacks allow you to trigger logic during this cycle. Available callbacks are:
+  #
+  # * <tt>after_action</tt>
+  # * <tt>append_after_action</tt>
+  # * <tt>append_around_action</tt>
+  # * <tt>append_before_action</tt>
+  # * <tt>around_action</tt>
+  # * <tt>before_action</tt>
+  # * <tt>prepend_after_action</tt>
+  # * <tt>prepend_around_action</tt>
+  # * <tt>prepend_before_action</tt>
+  # * <tt>skip_after_action</tt>
+  # * <tt>skip_around_action</tt>
+  # * <tt>skip_before_action</tt>
+  #
+  # NOTE: Calling the same callback multiple times will overwrite previous callback definitions.
+  #
   module Callbacks
     extend ActiveSupport::Concern
 
@@ -9,12 +31,12 @@ module AbstractController
 
     included do
       define_callbacks :process_action,
-                       terminator: ->(controller, result_lambda) { result_lambda.call if result_lambda.is_a?(Proc); controller.performed? },
+                       terminator: ->(controller, result_lambda) { result_lambda.call; controller.performed? },
                        skip_after_callbacks_if_terminated: true
     end
 
-    # Override AbstractController::Base's process_action to run the
-    # process_action callbacks around the normal behavior.
+    # Override <tt>AbstractController::Base#process_action</tt> to run the
+    # <tt>process_action</tt> callbacks around the normal behavior.
     def process_action(*args)
       run_callbacks(:process_action) do
         super

data/lib/abstract_controller/collector.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "action_dispatch/http/mime_type"
 
 module AbstractController

data/lib/abstract_controller/error.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module AbstractController
   class Error < StandardError #:nodoc:
   end

data/lib/abstract_controller/helpers.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support/dependencies"
 
 module AbstractController
@@ -5,11 +7,8 @@ module AbstractController
     extend ActiveSupport::Concern
 
     included do
-      class_attribute :_helpers
-      self._helpers = Module.new
-
-      class_attribute :_helper_methods
-      self._helper_methods = Array.new
+      class_attribute :_helpers, default: Module.new
+      class_attribute :_helper_methods, default: Array.new
     end
 
     class MissingHelperError < LoadError

data/lib/abstract_controller/logger.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support/benchmarkable"
 
 module AbstractController

data/lib/abstract_controller/railties/routes_helpers.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module AbstractController
   module Railties
     module RoutesHelpers

data/lib/abstract_controller/rendering.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "abstract_controller/error"
 require "action_view"
 require "action_view/view_paths"
@@ -18,7 +20,6 @@ module AbstractController
 
     # Normalizes arguments, options and then delegates render_to_body and
     # sticks the result in <tt>self.response_body</tt>.
-    # :api: public
     def render(*args, &block)
       options = _normalize_render(*args, &block)
       rendered_body = render_to_body(options)
@@ -40,19 +41,16 @@ module AbstractController
     # (as ActionController extends it to be anything that
     # responds to the method each), this method needs to be
     # overridden in order to still return a string.
-    # :api: plugin
     def render_to_string(*args, &block)
       options = _normalize_render(*args, &block)
       render_to_body(options)
     end
 
     # Performs the actual template rendering.
-    # :api: public
     def render_to_body(options = {})
     end
 
-    # Returns Content-Type of rendered content
-    # :api: public
+    # Returns Content-Type of rendered content.
     def rendered_format
       Mime[:text]
     end
@@ -63,7 +61,6 @@ module AbstractController
 
     # This method should return a hash with assigns.
     # You can overwrite this configuration per controller.
-    # :api: public
     def view_assigns
       protected_vars = _protected_ivars
       variables      = instance_variables
@@ -74,11 +71,11 @@ module AbstractController
       }
     end
 
+  private
     # Normalize args by converting <tt>render "foo"</tt> to
     # <tt>render :action => "foo"</tt> and <tt>render "foo/bar"</tt> to
     # <tt>render :file => "foo/bar"</tt>.
-    # :api: plugin
-    def _normalize_args(action = nil, options = {})
+    def _normalize_args(action = nil, options = {}) # :doc:
       if action.respond_to?(:permitted?)
         if action.permitted?
           action
@@ -93,20 +90,17 @@ module AbstractController
     end
 
     # Normalize options.
-    # :api: plugin
-    def _normalize_options(options)
+    def _normalize_options(options) # :doc:
       options
     end
 
     # Process extra options.
-    # :api: plugin
-    def _process_options(options)
+    def _process_options(options) # :doc:
       options
     end
 
     # Process the rendered format.
-    # :api: private
-    def _process_format(format)
+    def _process_format(format) # :nodoc:
     end
 
     def _process_variant(options)
@@ -119,8 +113,7 @@ module AbstractController
     end
 
     # Normalize args and options.
-    # :api: private
-    def _normalize_render(*args, &block)
+    def _normalize_render(*args, &block) # :nodoc:
       options = _normalize_args(*args, &block)
       _process_variant(options)
       _normalize_options(options)

data/lib/abstract_controller/translation.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module AbstractController
   module Translation
     # Delegates to <tt>I18n.translate</tt>. Also aliased as <tt>t</tt>.

data/lib/abstract_controller/url_for.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module AbstractController
   # Includes +url_for+ into the host class (e.g. an abstract controller or mailer). The class
   # has to provide a +RouteSet+ by implementing the <tt>_routes</tt> methods. Otherwise, an

data/lib/action_controller.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support/rails"
 require "abstract_controller"
 require "action_dispatch"
@@ -20,6 +22,7 @@ module ActionController
 
   autoload_under "metal" do
     autoload :ConditionalGet
+    autoload :ContentSecurityPolicy
     autoload :Cookies
     autoload :DataStreaming
     autoload :EtagWithTemplateDigest

data/lib/action_controller/api.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "action_view"
 require "action_controller"
 require "action_controller/log_subscriber"

data/lib/action_controller/api/api_rendering.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ActionController
   module ApiRendering
     extend ActiveSupport::Concern

data/lib/action_controller/base.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "action_view"
 require "action_controller/log_subscriber"
 require "action_controller/metal/params_wrapper"
@@ -223,6 +225,7 @@ module ActionController
       Flash,
       FormBuilder,
       RequestForgeryProtection,
+      ContentSecurityPolicy,
       ForceSSL,
       Streaming,
       DataStreaming,

data/lib/action_controller/caching.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ActionController
   # \Caching is a cheap way of speeding up slow applications by keeping the result of
   # calculations, renderings, and database calls around for subsequent requests.

data/lib/action_controller/form_builder.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ActionController
   # Override the default form builder for all views rendered by this
   # controller and any of its descendants. Accepts a subclass of

data/lib/action_controller/log_subscriber.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ActionController
   class LogSubscriber < ActiveSupport::LogSubscriber
     INTERNAL_PARAMS = %w(controller action format _method only_path)
@@ -24,7 +26,7 @@ module ActionController
           exception_class_name = payload[:exception].first
           status = ActionDispatch::ExceptionWrapper.status_code_for_exception(exception_class_name)
         end
-        message = "Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{event.duration.round}ms"
+        message = "Completed #{status} #{Rack::Utils::HTTP_STATUS_CODES[status]} in #{event.duration.round}ms".dup
         message << " (#{additions.join(" | ".freeze)})" unless additions.empty?
         message << "\n\n" if defined?(Rails.env) && Rails.env.development?
 
@@ -60,9 +62,9 @@ module ActionController
       class_eval <<-METHOD, __FILE__, __LINE__ + 1
         def #{method}(event)
           return unless logger.info? && ActionController::Base.enable_fragment_cache_logging
-          key_or_path = event.payload[:key] || event.payload[:path]
+          key         = ActiveSupport::Cache.expand_cache_key(event.payload[:key] || event.payload[:path])
           human_name  = #{method.to_s.humanize.inspect}
-          info("\#{human_name} \#{key_or_path} (\#{event.duration.round(1)}ms)")
+          info("\#{human_name} \#{key} (\#{event.duration.round(1)}ms)")
         end
       METHOD
     end

data/lib/action_controller/metal.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "active_support/core_ext/array/extract_options"
 require "action_dispatch/middleware/stack"
 require "action_dispatch/http/request"
@@ -208,8 +210,7 @@ module ActionController
       @_request.reset_session
     end
 
-    class_attribute :middleware_stack
-    self.middleware_stack = ActionController::MiddlewareStack.new
+    class_attribute :middleware_stack, default: ActionController::MiddlewareStack.new
 
     def self.inherited(base) # :nodoc:
       base.middleware_stack = middleware_stack.dup