actionpack 6.1.7.5 → 7.0.8.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +323 -399
- data/MIT-LICENSE +1 -0
- data/README.rdoc +4 -5
- data/lib/abstract_controller/asset_paths.rb +1 -1
- data/lib/abstract_controller/base.rb +13 -26
- data/lib/abstract_controller/caching/fragments.rb +2 -2
- data/lib/abstract_controller/caching.rb +1 -1
- data/lib/abstract_controller/callbacks.rb +21 -7
- data/lib/abstract_controller/collector.rb +2 -2
- data/lib/abstract_controller/error.rb +1 -1
- data/lib/abstract_controller/helpers.rb +17 -12
- data/lib/abstract_controller/logger.rb +1 -1
- data/lib/abstract_controller/railties/routes_helpers.rb +2 -0
- data/lib/abstract_controller/rendering.rb +9 -11
- data/lib/abstract_controller/translation.rb +27 -4
- data/lib/abstract_controller/url_for.rb +4 -6
- data/lib/action_controller/api.rb +7 -7
- data/lib/action_controller/base.rb +5 -4
- data/lib/action_controller/form_builder.rb +2 -2
- data/lib/action_controller/log_subscriber.rb +4 -3
- data/lib/action_controller/metal/basic_implicit_render.rb +3 -1
- data/lib/action_controller/metal/conditional_get.rb +137 -102
- data/lib/action_controller/metal/content_security_policy.rb +36 -2
- data/lib/action_controller/metal/cookies.rb +1 -1
- data/lib/action_controller/metal/data_streaming.rb +23 -31
- data/lib/action_controller/metal/etag_with_flash.rb +1 -1
- data/lib/action_controller/metal/exceptions.rb +19 -30
- data/lib/action_controller/metal/flash.rb +6 -2
- data/lib/action_controller/metal/head.rb +1 -1
- data/lib/action_controller/metal/helpers.rb +2 -2
- data/lib/action_controller/metal/http_authentication.rb +66 -39
- data/lib/action_controller/metal/instrumentation.rb +57 -52
- data/lib/action_controller/metal/live.rb +43 -2
- data/lib/action_controller/metal/mime_responds.rb +3 -3
- data/lib/action_controller/metal/params_wrapper.rb +20 -11
- data/lib/action_controller/metal/permissions_policy.rb +19 -28
- data/lib/action_controller/metal/redirecting.rb +95 -22
- data/lib/action_controller/metal/renderers.rb +12 -13
- data/lib/action_controller/metal/rendering.rb +121 -9
- data/lib/action_controller/metal/request_forgery_protection.rb +83 -32
- data/lib/action_controller/metal/rescue.rb +5 -4
- data/lib/action_controller/metal/streaming.rb +7 -9
- data/lib/action_controller/metal/strong_parameters.rb +138 -115
- data/lib/action_controller/metal/testing.rb +9 -2
- data/lib/action_controller/metal/url_for.rb +3 -5
- data/lib/action_controller/metal.rb +10 -13
- data/lib/action_controller/railtie.rb +50 -6
- data/lib/action_controller/renderer.rb +1 -20
- data/lib/action_controller/test_case.rb +28 -7
- data/lib/action_controller.rb +2 -5
- data/lib/action_dispatch/http/cache.rb +20 -13
- data/lib/action_dispatch/http/content_security_policy.rb +113 -36
- data/lib/action_dispatch/http/filter_parameters.rb +4 -19
- data/lib/action_dispatch/http/headers.rb +1 -1
- data/lib/action_dispatch/http/mime_negotiation.rb +15 -5
- data/lib/action_dispatch/http/mime_type.rb +9 -11
- data/lib/action_dispatch/http/parameters.rb +5 -5
- data/lib/action_dispatch/http/permissions_policy.rb +17 -1
- data/lib/action_dispatch/http/request.rb +27 -37
- data/lib/action_dispatch/http/response.rb +3 -20
- data/lib/action_dispatch/http/upload.rb +13 -2
- data/lib/action_dispatch/http/url.rb +11 -19
- data/lib/action_dispatch/journey/gtg/builder.rb +11 -12
- data/lib/action_dispatch/journey/gtg/simulator.rb +10 -4
- data/lib/action_dispatch/journey/gtg/transition_table.rb +77 -21
- data/lib/action_dispatch/journey/nodes/node.rb +70 -5
- data/lib/action_dispatch/journey/path/pattern.rb +22 -13
- data/lib/action_dispatch/journey/route.rb +6 -13
- data/lib/action_dispatch/journey/router/utils.rb +2 -2
- data/lib/action_dispatch/journey/router.rb +1 -1
- data/lib/action_dispatch/journey/routes.rb +3 -3
- data/lib/action_dispatch/journey/visualizer/fsm.js +49 -24
- data/lib/action_dispatch/journey/visualizer/index.html.erb +1 -1
- data/lib/action_dispatch/middleware/actionable_exceptions.rb +0 -1
- data/lib/action_dispatch/middleware/cookies.rb +20 -13
- data/lib/action_dispatch/middleware/debug_exceptions.rb +6 -4
- data/lib/action_dispatch/middleware/debug_locks.rb +3 -3
- data/lib/action_dispatch/middleware/exception_wrapper.rb +4 -0
- data/lib/action_dispatch/middleware/executor.rb +3 -0
- data/lib/action_dispatch/middleware/flash.rb +17 -18
- data/lib/action_dispatch/middleware/host_authorization.rb +13 -17
- data/lib/action_dispatch/middleware/remote_ip.rb +20 -8
- data/lib/action_dispatch/middleware/request_id.rb +3 -3
- data/lib/action_dispatch/middleware/server_timing.rb +76 -0
- data/lib/action_dispatch/middleware/session/abstract_store.rb +1 -1
- data/lib/action_dispatch/middleware/session/cookie_store.rb +9 -9
- data/lib/action_dispatch/middleware/show_exceptions.rb +17 -16
- data/lib/action_dispatch/middleware/stack.rb +27 -9
- data/lib/action_dispatch/middleware/static.rb +5 -9
- data/lib/action_dispatch/middleware/templates/rescues/_message_and_suggestions.html.erb +1 -1
- data/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb +4 -11
- data/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb +2 -2
- data/lib/action_dispatch/middleware/templates/rescues/blocked_host.html.erb +10 -5
- data/lib/action_dispatch/middleware/templates/rescues/blocked_host.text.erb +7 -3
- data/lib/action_dispatch/middleware/templates/rescues/diagnostics.html.erb +4 -4
- data/lib/action_dispatch/middleware/templates/rescues/invalid_statement.html.erb +3 -3
- data/lib/action_dispatch/middleware/templates/rescues/layout.erb +28 -18
- data/lib/action_dispatch/middleware/templates/rescues/missing_exact_template.html.erb +3 -3
- data/lib/action_dispatch/middleware/templates/rescues/missing_template.html.erb +3 -3
- data/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb +3 -3
- data/lib/action_dispatch/middleware/templates/rescues/template_error.html.erb +3 -3
- data/lib/action_dispatch/middleware/templates/rescues/unknown_action.html.erb +3 -3
- data/lib/action_dispatch/middleware/templates/routes/_table.html.erb +22 -22
- data/lib/action_dispatch/railtie.rb +8 -2
- data/lib/action_dispatch/request/session.rb +43 -13
- data/lib/action_dispatch/routing/inspector.rb +1 -1
- data/lib/action_dispatch/routing/mapper.rb +82 -83
- data/lib/action_dispatch/routing/redirection.rb +5 -2
- data/lib/action_dispatch/routing/route_set.rb +17 -7
- data/lib/action_dispatch/routing/routes_proxy.rb +1 -1
- data/lib/action_dispatch/routing/url_for.rb +24 -25
- data/lib/action_dispatch/routing.rb +5 -6
- data/lib/action_dispatch/system_test_case.rb +5 -5
- data/lib/action_dispatch/system_testing/browser.rb +3 -13
- data/lib/action_dispatch/system_testing/driver.rb +34 -10
- data/lib/action_dispatch/system_testing/test_helpers/screenshot_helper.rb +11 -7
- data/lib/action_dispatch/system_testing/test_helpers/setup_and_teardown.rb +0 -8
- data/lib/action_dispatch/testing/assertions/response.rb +1 -1
- data/lib/action_dispatch/testing/assertions/routing.rb +3 -2
- data/lib/action_dispatch/testing/assertions.rb +2 -5
- data/lib/action_dispatch/testing/integration.rb +6 -8
- data/lib/action_dispatch/testing/test_process.rb +3 -29
- data/lib/action_dispatch/testing/test_response.rb +20 -2
- data/lib/action_dispatch.rb +1 -0
- data/lib/action_pack/gem_version.rb +5 -5
- data/lib/action_pack/version.rb +1 -1
- metadata +16 -15
data/MIT-LICENSE
CHANGED
@@ -18,3 +18,4 @@ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
|
18
18
|
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
19
|
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
20
|
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
21
|
+
|
data/README.rdoc
CHANGED
@@ -2,9 +2,8 @@
|
|
2
2
|
|
3
3
|
Action Pack is a framework for handling and responding to web requests. It
|
4
4
|
provides mechanisms for *routing* (mapping request URLs to actions), defining
|
5
|
-
*controllers* that implement actions, and generating responses
|
6
|
-
|
7
|
-
provides the view and controller layers in the MVC paradigm.
|
5
|
+
*controllers* that implement actions, and generating responses. In short, Action Pack
|
6
|
+
provides the controller layer in the MVC paradigm.
|
8
7
|
|
9
8
|
It consists of several modules:
|
10
9
|
|
@@ -31,7 +30,7 @@ The latest version of Action Pack can be installed with RubyGems:
|
|
31
30
|
|
32
31
|
$ gem install actionpack
|
33
32
|
|
34
|
-
Source code can be downloaded as part of the Rails project on GitHub:
|
33
|
+
Source code can be downloaded as part of the \Rails project on GitHub:
|
35
34
|
|
36
35
|
* https://github.com/rails/rails/tree/main/actionpack
|
37
36
|
|
@@ -49,7 +48,7 @@ API documentation is at:
|
|
49
48
|
|
50
49
|
* https://api.rubyonrails.org
|
51
50
|
|
52
|
-
Bug reports for the Ruby on Rails project can be filed here:
|
51
|
+
Bug reports for the Ruby on \Rails project can be filed here:
|
53
52
|
|
54
53
|
* https://github.com/rails/rails/issues
|
55
54
|
|
@@ -9,35 +9,21 @@ require "active_support/core_ext/module/attr_internal"
|
|
9
9
|
module AbstractController
|
10
10
|
# Raised when a non-existing controller action is triggered.
|
11
11
|
class ActionNotFound < StandardError
|
12
|
-
attr_reader :controller, :action
|
13
|
-
|
12
|
+
attr_reader :controller, :action # :nodoc:
|
13
|
+
|
14
|
+
def initialize(message = nil, controller = nil, action = nil) # :nodoc:
|
14
15
|
@controller = controller
|
15
16
|
@action = action
|
16
17
|
super(message)
|
17
18
|
end
|
18
19
|
|
19
|
-
|
20
|
-
|
21
|
-
@error = error
|
22
|
-
end
|
23
|
-
|
24
|
-
def corrections
|
25
|
-
if @error.action
|
26
|
-
maybe_these = @error.controller.class.action_methods
|
20
|
+
if defined?(DidYouMean::Correctable) && defined?(DidYouMean::SpellChecker)
|
21
|
+
include DidYouMean::Correctable # :nodoc:
|
27
22
|
|
28
|
-
|
29
|
-
|
30
|
-
}.reverse.first(4)
|
31
|
-
else
|
32
|
-
[]
|
33
|
-
end
|
23
|
+
def corrections # :nodoc:
|
24
|
+
@corrections ||= DidYouMean::SpellChecker.new(dictionary: controller.class.action_methods).correct(action)
|
34
25
|
end
|
35
26
|
end
|
36
|
-
|
37
|
-
# We may not have DYM, and DYM might not let us register error handlers
|
38
|
-
if defined?(DidYouMean) && DidYouMean.respond_to?(:correct_error)
|
39
|
-
DidYouMean.correct_error(self, Correction)
|
40
|
-
end
|
41
27
|
end
|
42
28
|
|
43
29
|
# AbstractController::Base is a low-level API. Nobody should be
|
@@ -164,13 +150,14 @@ module AbstractController
|
|
164
150
|
|
165
151
|
process_action(action_name, *args)
|
166
152
|
end
|
153
|
+
ruby2_keywords(:process)
|
167
154
|
|
168
|
-
# Delegates to the class' ::controller_path
|
155
|
+
# Delegates to the class's ::controller_path.
|
169
156
|
def controller_path
|
170
157
|
self.class.controller_path
|
171
158
|
end
|
172
159
|
|
173
|
-
# Delegates to the class' ::action_methods
|
160
|
+
# Delegates to the class's ::action_methods.
|
174
161
|
def action_methods
|
175
162
|
self.class.action_methods
|
176
163
|
end
|
@@ -191,7 +178,7 @@ module AbstractController
|
|
191
178
|
|
192
179
|
# Tests if a response body is set. Used to determine if the
|
193
180
|
# +process_action+ callback needs to be terminated in
|
194
|
-
#
|
181
|
+
# AbstractController::Callbacks.
|
195
182
|
def performed?
|
196
183
|
response_body
|
197
184
|
end
|
@@ -224,8 +211,8 @@ module AbstractController
|
|
224
211
|
#
|
225
212
|
# Notice that the first argument is the method to be dispatched
|
226
213
|
# which is *not* necessarily the same as the action name.
|
227
|
-
def process_action(
|
228
|
-
send_action(
|
214
|
+
def process_action(...)
|
215
|
+
send_action(...)
|
229
216
|
end
|
230
217
|
|
231
218
|
# Actually call the method associated with the action. Override
|
@@ -142,8 +142,8 @@ module AbstractController
|
|
142
142
|
end
|
143
143
|
end
|
144
144
|
|
145
|
-
def instrument_fragment_cache(name, key) # :nodoc:
|
146
|
-
ActiveSupport::Notifications.instrument("#{name}.#{instrument_name}", instrument_payload(key))
|
145
|
+
def instrument_fragment_cache(name, key, &block) # :nodoc:
|
146
|
+
ActiveSupport::Notifications.instrument("#{name}.#{instrument_name}", instrument_payload(key), &block)
|
147
147
|
end
|
148
148
|
end
|
149
149
|
end
|
@@ -35,12 +35,18 @@ module AbstractController
|
|
35
35
|
skip_after_callbacks_if_terminated: true
|
36
36
|
end
|
37
37
|
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
run_callbacks(:process_action) do
|
42
|
-
super
|
38
|
+
class ActionFilter # :nodoc:
|
39
|
+
def initialize(actions)
|
40
|
+
@actions = Array(actions).map(&:to_s).to_set
|
43
41
|
end
|
42
|
+
|
43
|
+
def match?(controller)
|
44
|
+
@actions.include?(controller.action_name)
|
45
|
+
end
|
46
|
+
|
47
|
+
alias after match?
|
48
|
+
alias before match?
|
49
|
+
alias around match?
|
44
50
|
end
|
45
51
|
|
46
52
|
module ClassMethods
|
@@ -70,8 +76,7 @@ module AbstractController
|
|
70
76
|
|
71
77
|
def _normalize_callback_option(options, from, to) # :nodoc:
|
72
78
|
if from = options.delete(from)
|
73
|
-
|
74
|
-
from = proc { |c| _from.include? c.action_name }
|
79
|
+
from = ActionFilter.new(from)
|
75
80
|
options[to] = Array(options[to]).unshift(from)
|
76
81
|
end
|
77
82
|
end
|
@@ -220,5 +225,14 @@ module AbstractController
|
|
220
225
|
alias_method :"append_#{callback}_action", :"#{callback}_action"
|
221
226
|
end
|
222
227
|
end
|
228
|
+
|
229
|
+
private
|
230
|
+
# Override <tt>AbstractController::Base#process_action</tt> to run the
|
231
|
+
# <tt>process_action</tt> callbacks around the normal behavior.
|
232
|
+
def process_action(...)
|
233
|
+
run_callbacks(:process_action) do
|
234
|
+
super
|
235
|
+
end
|
236
|
+
end
|
223
237
|
end
|
224
238
|
end
|
@@ -10,7 +10,7 @@ module AbstractController
|
|
10
10
|
def #{sym}(*args, &block)
|
11
11
|
custom(Mime[:#{sym}], *args, &block)
|
12
12
|
end
|
13
|
-
ruby2_keywords(:#{sym})
|
13
|
+
ruby2_keywords(:#{sym})
|
14
14
|
RUBY
|
15
15
|
end
|
16
16
|
|
@@ -39,6 +39,6 @@ module AbstractController
|
|
39
39
|
super
|
40
40
|
end
|
41
41
|
end
|
42
|
-
ruby2_keywords(:method_missing)
|
42
|
+
ruby2_keywords(:method_missing)
|
43
43
|
end
|
44
44
|
end
|
@@ -1,6 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require "active_support/dependencies"
|
4
|
+
require "active_support/core_ext/name_error"
|
4
5
|
|
5
6
|
module AbstractController
|
6
7
|
module Helpers
|
@@ -60,13 +61,14 @@ module AbstractController
|
|
60
61
|
# class ApplicationController < ActionController::Base
|
61
62
|
# helper_method :current_user, :logged_in?
|
62
63
|
#
|
63
|
-
#
|
64
|
-
#
|
65
|
-
#
|
64
|
+
# private
|
65
|
+
# def current_user
|
66
|
+
# @current_user ||= User.find_by(id: session[:user])
|
67
|
+
# end
|
66
68
|
#
|
67
|
-
#
|
68
|
-
#
|
69
|
-
#
|
69
|
+
# def logged_in?
|
70
|
+
# current_user != nil
|
71
|
+
# end
|
70
72
|
# end
|
71
73
|
#
|
72
74
|
# In a view:
|
@@ -83,11 +85,14 @@ module AbstractController
|
|
83
85
|
file, line = location.path, location.lineno
|
84
86
|
|
85
87
|
methods.each do |method|
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
88
|
+
# def current_user(*args, &block)
|
89
|
+
# controller.send(:'current_user', *args, &block)
|
90
|
+
# end
|
91
|
+
_helpers_for_modification.class_eval <<~ruby_eval.lines.map(&:strip).join(";"), file, line
|
92
|
+
def #{method}(*args, &block)
|
93
|
+
controller.send(:'#{method}', *args, &block)
|
94
|
+
end
|
95
|
+
ruby2_keywords(:'#{method}')
|
91
96
|
ruby_eval
|
92
97
|
end
|
93
98
|
end
|
@@ -109,7 +114,7 @@ module AbstractController
|
|
109
114
|
# The last two assume that <tt>"foo".camelize</tt> returns "Foo".
|
110
115
|
#
|
111
116
|
# When strings or symbols are passed, the method finds the actual module
|
112
|
-
# object using
|
117
|
+
# object using String#constantize. Therefore, if the module has not been
|
113
118
|
# yet loaded, it has to be autoloadable, which is normally the case.
|
114
119
|
#
|
115
120
|
# Namespaces are supported. The following calls include +Foo::BarHelper+:
|
@@ -18,8 +18,10 @@ module AbstractController
|
|
18
18
|
extend ActiveSupport::Concern
|
19
19
|
include ActionView::ViewPaths
|
20
20
|
|
21
|
-
# Normalizes arguments
|
21
|
+
# Normalizes arguments and options, and then delegates to render_to_body and
|
22
22
|
# sticks the result in <tt>self.response_body</tt>.
|
23
|
+
#
|
24
|
+
# Supported options depend on the underlying +render_to_body+ implementation.
|
23
25
|
def render(*args, &block)
|
24
26
|
options = _normalize_render(*args, &block)
|
25
27
|
rendered_body = render_to_body(options)
|
@@ -32,16 +34,12 @@ module AbstractController
|
|
32
34
|
self.response_body = rendered_body
|
33
35
|
end
|
34
36
|
|
35
|
-
#
|
36
|
-
#
|
37
|
-
# It is similar to render, except that it does not
|
38
|
-
# set the +response_body+ and it should be guaranteed
|
39
|
-
# to always return a string.
|
37
|
+
# Similar to #render, but only returns the rendered template as a string,
|
38
|
+
# instead of setting +self.response_body+.
|
40
39
|
#
|
41
|
-
# If a component extends the semantics of +response_body+
|
42
|
-
#
|
43
|
-
#
|
44
|
-
# overridden in order to still return a string.
|
40
|
+
# If a component extends the semantics of +response_body+ (as ActionController
|
41
|
+
# extends it to be anything that responds to the method each), this method
|
42
|
+
# needs to be overridden in order to still return a string.
|
45
43
|
def render_to_string(*args, &block)
|
46
44
|
options = _normalize_render(*args, &block)
|
47
45
|
render_to_body(options)
|
@@ -51,7 +49,7 @@ module AbstractController
|
|
51
49
|
def render_to_body(options = {})
|
52
50
|
end
|
53
51
|
|
54
|
-
# Returns Content-Type of rendered content.
|
52
|
+
# Returns +Content-Type+ of rendered content.
|
55
53
|
def rendered_format
|
56
54
|
Mime[:text]
|
57
55
|
end
|
@@ -1,12 +1,12 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require "active_support/
|
3
|
+
require "active_support/html_safe_translation"
|
4
4
|
|
5
5
|
module AbstractController
|
6
6
|
module Translation
|
7
7
|
mattr_accessor :raise_on_missing_translations, default: false
|
8
8
|
|
9
|
-
# Delegates to <tt>I18n.translate</tt>.
|
9
|
+
# Delegates to <tt>I18n.translate</tt>.
|
10
10
|
#
|
11
11
|
# When the given key starts with a period, it will be scoped by the current
|
12
12
|
# controller and action. So if you call <tt>translate(".foo")</tt> from
|
@@ -24,14 +24,37 @@ module AbstractController
|
|
24
24
|
end
|
25
25
|
|
26
26
|
i18n_raise = options.fetch(:raise, self.raise_on_missing_translations)
|
27
|
-
|
27
|
+
|
28
|
+
if options[:default]
|
29
|
+
options[:default] = [options[:default]] unless options[:default].is_a?(Array)
|
30
|
+
options[:default] = options[:default].map do |value|
|
31
|
+
value.is_a?(String) ? ERB::Util.html_escape(value) : value
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
unless i18n_raise
|
36
|
+
options[:default] = [] unless options[:default]
|
37
|
+
options[:default] << MISSING_TRANSLATION
|
38
|
+
end
|
39
|
+
|
40
|
+
result = ActiveSupport::HtmlSafeTranslation.translate(key, **options, raise: i18n_raise)
|
41
|
+
|
42
|
+
if result == MISSING_TRANSLATION
|
43
|
+
+"translation missing: #{key}"
|
44
|
+
else
|
45
|
+
result
|
46
|
+
end
|
28
47
|
end
|
29
48
|
alias :t :translate
|
30
49
|
|
31
|
-
# Delegates to <tt>I18n.localize</tt>.
|
50
|
+
# Delegates to <tt>I18n.localize</tt>.
|
32
51
|
def localize(object, **options)
|
33
52
|
I18n.localize(object, **options)
|
34
53
|
end
|
35
54
|
alias :l :localize
|
55
|
+
|
56
|
+
private
|
57
|
+
MISSING_TRANSLATION = -(2**60)
|
58
|
+
private_constant :MISSING_TRANSLATION
|
36
59
|
end
|
37
60
|
end
|
@@ -22,12 +22,10 @@ module AbstractController
|
|
22
22
|
end
|
23
23
|
|
24
24
|
def action_methods
|
25
|
-
@action_methods ||=
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
super
|
30
|
-
end
|
25
|
+
@action_methods ||= if _routes
|
26
|
+
super - _routes.named_routes.helper_names
|
27
|
+
else
|
28
|
+
super
|
31
29
|
end
|
32
30
|
end
|
33
31
|
end
|
@@ -5,7 +5,7 @@ require "action_controller"
|
|
5
5
|
require "action_controller/log_subscriber"
|
6
6
|
|
7
7
|
module ActionController
|
8
|
-
# API Controller is a lightweight version of
|
8
|
+
# API Controller is a lightweight version of ActionController::Base,
|
9
9
|
# created for applications that don't require all functionalities that a complete
|
10
10
|
# \Rails controller provides, allowing you to create controllers with just the
|
11
11
|
# features that you need for API only applications.
|
@@ -32,15 +32,15 @@ module ActionController
|
|
32
32
|
# end
|
33
33
|
#
|
34
34
|
# Request, response, and parameters objects all work the exact same way as
|
35
|
-
#
|
35
|
+
# ActionController::Base.
|
36
36
|
#
|
37
37
|
# == Renders
|
38
38
|
#
|
39
39
|
# The default API Controller stack includes all renderers, which means you
|
40
|
-
# can use <tt>render :json</tt> and
|
40
|
+
# can use <tt>render :json</tt> and siblings freely in your controllers. Keep
|
41
41
|
# in mind that templates are not going to be rendered, so you need to ensure
|
42
42
|
# your controller is calling either <tt>render</tt> or <tt>redirect_to</tt> in
|
43
|
-
# all actions, otherwise it will return 204 No Content
|
43
|
+
# all actions, otherwise it will return <tt>204 No Content</tt>.
|
44
44
|
#
|
45
45
|
# def show
|
46
46
|
# post = Post.find(params[:id])
|
@@ -51,7 +51,7 @@ module ActionController
|
|
51
51
|
#
|
52
52
|
# Redirects are used to move from one action to another. You can use the
|
53
53
|
# <tt>redirect_to</tt> method in your controllers in the same way as in
|
54
|
-
#
|
54
|
+
# ActionController::Base. For example:
|
55
55
|
#
|
56
56
|
# def create
|
57
57
|
# redirect_to root_url and return if not_authorized?
|
@@ -61,7 +61,7 @@ module ActionController
|
|
61
61
|
# == Adding New Behavior
|
62
62
|
#
|
63
63
|
# In some scenarios you may want to add back some functionality provided by
|
64
|
-
#
|
64
|
+
# ActionController::Base that is not present by default in
|
65
65
|
# <tt>ActionController::API</tt>, for instance <tt>MimeResponds</tt>. This
|
66
66
|
# module gives you the <tt>respond_to</tt> method. Adding it is quite simple,
|
67
67
|
# you just need to include the module in a specific controller or in
|
@@ -83,7 +83,7 @@ module ActionController
|
|
83
83
|
# end
|
84
84
|
# end
|
85
85
|
#
|
86
|
-
# Make sure to check the modules included in
|
86
|
+
# Make sure to check the modules included in ActionController::Base
|
87
87
|
# if you want to use any other functionality that is not provided
|
88
88
|
# by <tt>ActionController::API</tt> out of the box.
|
89
89
|
class API < Metal
|
@@ -87,10 +87,11 @@ module ActionController
|
|
87
87
|
#
|
88
88
|
# or you can remove the entire session with +reset_session+.
|
89
89
|
#
|
90
|
-
#
|
91
|
-
#
|
92
|
-
#
|
93
|
-
#
|
90
|
+
# By default, sessions are stored in an encrypted browser cookie (see
|
91
|
+
# ActionDispatch::Session::CookieStore). Thus the user will not be able to
|
92
|
+
# read or edit the session data. However, the user can keep a copy of the
|
93
|
+
# cookie even after it has expired, so you should avoid storing sensitive
|
94
|
+
# information in cookie-based sessions.
|
94
95
|
#
|
95
96
|
# == Responses
|
96
97
|
#
|
@@ -3,7 +3,7 @@
|
|
3
3
|
module ActionController
|
4
4
|
# Override the default form builder for all views rendered by this
|
5
5
|
# controller and any of its descendants. Accepts a subclass of
|
6
|
-
#
|
6
|
+
# ActionView::Helpers::FormBuilder.
|
7
7
|
#
|
8
8
|
# For example, given a form builder:
|
9
9
|
#
|
@@ -36,7 +36,7 @@ module ActionController
|
|
36
36
|
# in the views rendered by this controller and its subclasses.
|
37
37
|
#
|
38
38
|
# ==== Parameters
|
39
|
-
# * <tt>builder</tt> - Default form builder, an instance of
|
39
|
+
# * <tt>builder</tt> - Default form builder, an instance of ActionView::Helpers::FormBuilder
|
40
40
|
def default_form_builder(builder)
|
41
41
|
self._default_form_builder = builder
|
42
42
|
end
|
@@ -56,12 +56,13 @@ module ActionController
|
|
56
56
|
def unpermitted_parameters(event)
|
57
57
|
debug do
|
58
58
|
unpermitted_keys = event.payload[:keys]
|
59
|
-
|
59
|
+
display_unpermitted_keys = unpermitted_keys.map { |e| ":#{e}" }.join(", ")
|
60
|
+
context = event.payload[:context].map { |k, v| "#{k}: #{v}" }.join(", ")
|
61
|
+
color("Unpermitted parameter#{'s' if unpermitted_keys.size > 1}: #{display_unpermitted_keys}. Context: { #{context} }", RED)
|
60
62
|
end
|
61
63
|
end
|
62
64
|
|
63
|
-
%w(write_fragment read_fragment exist_fragment?
|
64
|
-
expire_fragment expire_page write_page).each do |method|
|
65
|
+
%w(write_fragment read_fragment exist_fragment? expire_fragment).each do |method|
|
65
66
|
class_eval <<-METHOD, __FILE__, __LINE__ + 1
|
66
67
|
def #{method}(event)
|
67
68
|
return unless logger.info? && ActionController::Base.enable_fragment_cache_logging
|