actionpack 6.1.7.5 → 7.1.3.1

data/lib/action_dispatch/routing/mapper.rb

@@ -4,7 +4,6 @@ require "active_support/core_ext/hash/slice"
 require "active_support/core_ext/enumerable"
 require "active_support/core_ext/array/extract_options"
 require "active_support/core_ext/regexp"
-require "active_support/core_ext/symbol/starts_ends_with"
 require "action_dispatch/routing/redirection"
 require "action_dispatch/routing/endpoint"
 
@@ -13,7 +12,10 @@ module ActionDispatch
     class Mapper
       URL_OPTIONS = [:protocol, :subdomain, :domain, :host, :port]
 
-      class Constraints < Routing::Endpoint #:nodoc:
+      cattr_accessor :route_source_locations, instance_accessor: false, default: false
+      cattr_accessor :backtrace_cleaner, instance_accessor: false, default: ActiveSupport::BacktraceCleaner.new
+
+      class Constraints < Routing::Endpoint # :nodoc:
         attr_reader :app, :constraints
 
         SERVE = ->(app, req) { app.serve req }
@@ -44,7 +46,7 @@ module ActionDispatch
         end
 
         def serve(req)
-          return [ 404, { "X-Cascade" => "pass" }, [] ] unless matches?(req)
+          return [ 404, { Constants::X_CASCADE => "pass" }, [] ] unless matches?(req)
 
           @strategy.call @app, req
         end
@@ -67,11 +69,11 @@ module ActionDispatch
           end
       end
 
-      class Mapping #:nodoc:
+      class Mapping # :nodoc:
         ANCHOR_CHARACTERS_REGEX = %r{\A(\\A|\^)|(\\Z|\\z|\$)\Z}
         OPTIONAL_FORMAT_REGEX = %r{(?:\(\.:format\)+|\.:format|/)\Z}
 
-        attr_reader :requirements, :defaults, :to, :default_controller,
+        attr_reader :path, :requirements, :defaults, :to, :default_controller,
                     :default_action, :required_defaults, :ast, :scope_options
 
         def self.build(scope, set, ast, controller, default_action, to, via, formatted, options_constraints, anchor, options)
@@ -122,31 +124,17 @@ module ActionDispatch
           @to                 = intern(to)
           @default_controller = intern(controller)
           @default_action     = intern(default_action)
-          @ast                = ast
           @anchor             = anchor
           @via                = via
           @internal           = options.delete(:internal)
           @scope_options      = scope_params[:options]
+          ast                 = Journey::Ast.new(ast, formatted)
 
-          path_params = []
-          wildcard_options = {}
-          ast.each do |node|
-            if node.symbol?
-              path_params << node.to_sym
-            elsif formatted != false && node.star?
-              # Add a constraint for wildcard route to make it non-greedy and match the
-              # optional format part of the route by default.
-              wildcard_options[node.name.to_sym] ||= /.+?/
-            elsif node.cat?
-              alter_regex_for_custom_routes(node)
-            end
-          end
-
-          options = wildcard_options.merge!(options)
+          options = ast.wildcard_options.merge!(options)
 
-          options = normalize_options!(options, path_params, scope_params[:module])
+          options = normalize_options!(options, ast.path_params, scope_params[:module])
 
-          split_options = constraints(options, path_params)
+          split_options = constraints(options, ast.path_params)
 
           constraints = scope_params[:constraints].merge Hash[split_options[:constraints] || []]
 
@@ -160,8 +148,8 @@ module ActionDispatch
             @blocks = blocks(options_constraints)
           end
 
-          requirements, conditions = split_constraints path_params, constraints
-          verify_regexp_requirements requirements.map(&:last).grep(Regexp)
+          requirements, conditions = split_constraints ast.path_params, constraints
+          verify_regexp_requirements requirements, ast.wildcard_options
 
           formats = normalize_format(formatted)
 
@@ -169,30 +157,29 @@ module ActionDispatch
           @conditions = Hash[conditions]
           @defaults = formats[:defaults].merge(@defaults).merge(normalize_defaults(options))
 
-          if path_params.include?(:action) && !@requirements.key?(:action)
+          if ast.path_params.include?(:action) && !@requirements.key?(:action)
             @defaults[:action] ||= "index"
           end
 
           @required_defaults = (split_options[:required_defaults] || []).map(&:first)
+
+          ast.requirements = @requirements
+          @path = Journey::Path::Pattern.new(ast, @requirements, JOINED_SEPARATORS, @anchor)
         end
 
+        JOINED_SEPARATORS = SEPARATORS.join # :nodoc:
+
         def make_route(name, precedence)
           Journey::Route.new(name: name, app: application, path: path, constraints: conditions,
                              required_defaults: required_defaults, defaults: defaults,
                              request_method_match: request_method, precedence: precedence,
-                             scope_options: scope_options, internal: @internal)
+                             scope_options: scope_options, internal: @internal, source_location: route_source_location)
         end
 
         def application
           app(@blocks)
         end
 
-        JOINED_SEPARATORS = SEPARATORS.join # :nodoc:
-
-        def path
-          Journey::Path::Pattern.new(@ast, requirements, JOINED_SEPARATORS, @anchor)
-        end
-
         def conditions
           build_conditions @conditions, @set.request_class
         end
@@ -212,24 +199,6 @@ module ActionDispatch
         private :request_method
 
         private
-          # Find all the symbol nodes that are adjacent to literal nodes and alter
-          # the regexp so that Journey will partition them into custom routes.
-          def alter_regex_for_custom_routes(node)
-            if node.left.literal? && node.right.symbol?
-              symbol = node.right
-            elsif node.left.literal? && node.right.cat? && node.right.left.symbol?
-              symbol = node.right.left
-            elsif node.left.symbol? && node.right.literal?
-              symbol = node.left
-            elsif node.left.symbol? && node.right.cat? && node.right.left.literal?
-              symbol = node.left
-            end
-
-            if symbol
-              symbol.regexp = /(?:#{Regexp.union(symbol.regexp, '-')})+/
-            end
-          end
-
           def intern(object)
             object.is_a?(String) ? -object : object
           end
@@ -248,9 +217,16 @@ module ActionDispatch
             if to.respond_to?(:action) || to.respond_to?(:call)
               options
             else
-              to_endpoint = split_to to
-              controller  = to_endpoint[0] || default_controller
-              action      = to_endpoint[1] || default_action
+              if to.nil?
+                controller = default_controller
+                action = default_action
+              elsif to.is_a?(String) && to.include?("#")
+                to_endpoint = to.split("#").map!(&:-@)
+                controller  = to_endpoint[0]
+                action      = to_endpoint[1]
+              else
+                raise ArgumentError, ":to must respond to `action` or `call`, or it must be a String that includes '#'"
+              end
 
               controller = add_controller_module(controller, modyoule)
 
@@ -280,14 +256,18 @@ module ActionDispatch
             end
           end
 
-          def verify_regexp_requirements(requirements)
-            requirements.each do |requirement|
-              if ANCHOR_CHARACTERS_REGEX.match?(requirement.source)
+          def verify_regexp_requirements(requirements, wildcard_options)
+            requirements.each do |requirement, regex|
+              next unless regex.is_a? Regexp
+
+              if ANCHOR_CHARACTERS_REGEX.match?(regex.source)
                 raise ArgumentError, "Regexp anchor characters are not allowed in routing requirements: #{requirement.inspect}"
               end
 
-              if requirement.multiline?
-                raise ArgumentError, "Regexp multiline option is not allowed in routing requirements: #{requirement.inspect}"
+              if regex.multiline?
+                next if wildcard_options.key?(requirement)
+
+                raise ArgumentError, "Regexp multiline option is not allowed in routing requirements: #{regex.inspect}"
               end
             end
           end
@@ -335,14 +315,6 @@ module ActionDispatch
             hash
           end
 
-          def split_to(to)
-            if /#/.match?(to)
-              to.split("#").map!(&:-@)
-            else
-              []
-            end
-          end
-
           def add_controller_module(controller, modyoule)
             if modyoule && !controller.is_a?(Regexp)
               if controller&.start_with?("/")
@@ -386,6 +358,15 @@ module ActionDispatch
           def dispatcher(raise_on_name_error)
             Routing::RouteSet::Dispatcher.new raise_on_name_error
           end
+
+          def route_source_location
+            if Mapper.route_source_locations
+              action_dispatch_dir = File.expand_path("..", __dir__)
+              caller_location = caller_locations.find { |location| !location.path.include?(action_dispatch_dir) }
+              cleaned_path = Mapper.backtrace_cleaner.clean([caller_location.path]).first
+              "#{cleaned_path}:#{caller_location.lineno}" if cleaned_path
+            end
+          end
       end
 
       # Invokes Journey::Router::Utils.normalize_path, then ensures that
@@ -420,10 +401,10 @@ module ActionDispatch
         #
         # If you want to expose your action to both GET and POST, use:
         #
-        #   # sets :controller, :action and :id in params
+        #   # sets :controller, :action, and :id in params
         #   match ':controller/:action/:id', via: [:get, :post]
         #
-        # Note that +:controller+, +:action+ and +:id+ are interpreted as URL
+        # Note that +:controller+, +:action+, and +:id+ are interpreted as URL
         # query parameters and thus available through +params+ in an action.
         #
         # If you want to expose your action to GET, use +get+ in the router:
@@ -639,7 +620,7 @@ module ActionDispatch
           target_as       = name_for_action(options[:as], path)
           options[:via] ||= :all
 
-          match(path, options.merge(to: app, anchor: false, format: false))
+          match(path, { to: app, anchor: false, format: false }.merge(options))
 
           define_generate_prefix(app, target_as) if rails_app
           self
@@ -682,7 +663,7 @@ module ActionDispatch
 
             script_namer = ->(options) do
               prefix_options = options.slice(*_route.segment_keys)
-              prefix_options[:relative_url_root] = ""
+              prefix_options[:script_name] = "" if options[:original_script_name]
 
               if options[:_recall]
                 prefix_options.reverse_merge!(options[:_recall].slice(*_route.segment_keys))
@@ -778,7 +759,7 @@ module ActionDispatch
       #   end
       #
       # This will create a number of routes for each of the posts and comments
-      # controller. For <tt>Admin::PostsController</tt>, Rails will create:
+      # controller. For +Admin::PostsController+, \Rails will create:
       #
       #   GET       /admin/posts
       #   GET       /admin/posts/new
@@ -789,7 +770,7 @@ module ActionDispatch
       #   DELETE    /admin/posts/1
       #
       # If you want to route /posts (without the prefix /admin) to
-      # <tt>Admin::PostsController</tt>, you could use
+      # +Admin::PostsController+, you could use
       #
       #   scope module: "admin" do
       #     resources :posts
@@ -838,7 +819,7 @@ module ActionDispatch
         #
         # Takes same options as <tt>Base#match</tt> and <tt>Resources#resources</tt>.
         #
-        #   # route /posts (without the prefix /admin) to <tt>Admin::PostsController</tt>
+        #   # route /posts (without the prefix /admin) to +Admin::PostsController+
         #   scope module: "admin" do
         #     resources :posts
         #   end
@@ -936,7 +917,7 @@ module ActionDispatch
         #
         # === Options
         #
-        # The +:path+, +:as+, +:module+, +:shallow_path+ and +:shallow_prefix+
+        # The +:path+, +:as+, +:module+, +:shallow_path+, and +:shallow_prefix+
         # options all default to the name of the namespace.
         #
         # For options, see <tt>Base#match</tt>. For +:shallow_path+ option, see
@@ -947,7 +928,7 @@ module ActionDispatch
         #     resources :posts
         #   end
         #
-        #   # maps to <tt>Sekret::PostsController</tt> rather than <tt>Admin::PostsController</tt>
+        #   # maps to +Sekret::PostsController+ rather than +Admin::PostsController+
         #   namespace :admin, module: "sekret" do
         #     resources :posts
         #   end
@@ -956,7 +937,7 @@ module ActionDispatch
         #   namespace :admin, as: "sekret" do
         #     resources :posts
         #   end
-        def namespace(path, options = {})
+        def namespace(path, options = {}, &block)
           path = path.to_s
 
           defaults = {
@@ -967,7 +948,7 @@ module ActionDispatch
           }
 
           path_scope(options.delete(:path) { path }) do
-            scope(defaults.merge!(options)) { yield }
+            scope(defaults.merge!(options), &block)
           end
         end
 
@@ -1026,8 +1007,8 @@ module ActionDispatch
         #    constraints(Iphone) do
         #      resources :iphones
         #    end
-        def constraints(constraints = {})
-          scope(constraints: constraints) { yield }
+        def constraints(constraints = {}, &block)
+          scope(constraints: constraints, &block)
         end
 
         # Allows you to set default parameters for a route, such as this:
@@ -1112,7 +1093,7 @@ module ActionDispatch
 
       # Resource routing allows you to quickly declare all of the common routes
       # for a given resourceful controller. Instead of declaring separate routes
-      # for your +index+, +show+, +new+, +edit+, +create+, +update+ and +destroy+
+      # for your +index+, +show+, +new+, +edit+, +create+, +update+, and +destroy+
       # actions, a resourceful route declares them in a single line of code:
       #
       #  resources :photos
@@ -1156,7 +1137,7 @@ module ActionDispatch
         RESOURCE_OPTIONS  = [:as, :controller, :path, :only, :except, :param, :concerns]
         CANONICAL_ACTIONS = %w(index create new show update destroy)
 
-        class Resource #:nodoc:
+        class Resource # :nodoc:
           attr_reader :controller, :path, :param
 
           def initialize(entities, api_only, shallow, options = {})
@@ -1251,7 +1232,7 @@ module ActionDispatch
           def singleton?; false; end
         end
 
-        class SingletonResource < Resource #:nodoc:
+        class SingletonResource < Resource # :nodoc:
           def initialize(entities, api_only, shallow, options)
             super
             @as         = nil
@@ -1307,6 +1288,16 @@ module ActionDispatch
         #   DELETE    /profile
         #   POST      /profile
         #
+        # If you want instances of a model to work with this resource via
+        # record identification (e.g. in +form_with+ or +redirect_to+), you
+        # will need to call resolve[rdoc-ref:CustomUrls#resolve]:
+        #
+        #   resource :profile
+        #   resolve('Profile') { [:profile] }
+        #
+        #   # Enables this to work with singular routes:
+        #   form_with(model: @profile) {}
+        #
         # === Options
         # Takes same options as resources[rdoc-ref:#resources]
         def resource(*resources, &block)
@@ -1338,7 +1329,7 @@ module ActionDispatch
           self
         end
 
-        # In Rails, a resourceful route provides a mapping between HTTP verbs
+        # In \Rails, a resourceful route provides a mapping between HTTP verbs
         # and URLs and controller actions. By convention, each action also maps
         # to particular CRUD operations in a database. A single entry in the
         # routing file, such as
@@ -1470,7 +1461,7 @@ module ActionDispatch
         #
         # === Examples
         #
-        #   # routes call <tt>Admin::PostsController</tt>
+        #   # routes call +Admin::PostsController+
         #   resources :posts, module: "admin"
         #
         #   # resource actions are at /admin/posts.
@@ -1513,19 +1504,17 @@ module ActionDispatch
         #     end
         #   end
         #
-        # This will enable Rails to recognize paths such as <tt>/photos/search</tt>
+        # This will enable \Rails to recognize paths such as <tt>/photos/search</tt>
         # with GET, and route to the search action of +PhotosController+. It will also
         # create the <tt>search_photos_url</tt> and <tt>search_photos_path</tt>
         # route helpers.
-        def collection
+        def collection(&block)
           unless resource_scope?
             raise ArgumentError, "can't use collection outside resource(s) scope"
           end
 
           with_scope_level(:collection) do
-            path_scope(parent_resource.collection_scope) do
-              yield
-            end
+            path_scope(parent_resource.collection_scope, &block)
           end
         end
 
@@ -1540,7 +1529,7 @@ module ActionDispatch
         # This will recognize <tt>/photos/1/preview</tt> with GET, and route to the
         # preview action of +PhotosController+. It will also create the
         # <tt>preview_photo_url</tt> and <tt>preview_photo_path</tt> helpers.
-        def member
+        def member(&block)
           unless resource_scope?
             raise ArgumentError, "can't use member outside resource(s) scope"
           end
@@ -1548,27 +1537,25 @@ module ActionDispatch
           with_scope_level(:member) do
             if shallow?
               shallow_scope {
-                path_scope(parent_resource.member_scope) { yield }
+                path_scope(parent_resource.member_scope, &block)
               }
             else
-              path_scope(parent_resource.member_scope) { yield }
+              path_scope(parent_resource.member_scope, &block)
             end
           end
         end
 
-        def new
+        def new(&block)
           unless resource_scope?
             raise ArgumentError, "can't use new outside resource(s) scope"
           end
 
           with_scope_level(:new) do
-            path_scope(parent_resource.new_scope(action_path(:new))) do
-              yield
-            end
+            path_scope(parent_resource.new_scope(action_path(:new)), &block)
           end
         end
 
-        def nested
+        def nested(&block)
           unless resource_scope?
             raise ArgumentError, "can't use nested outside resource(s) scope"
           end
@@ -1577,12 +1564,12 @@ module ActionDispatch
             if shallow? && shallow_nesting_depth >= 1
               shallow_scope do
                 path_scope(parent_resource.nested_scope) do
-                  scope(nested_options) { yield }
+                  scope(nested_options, &block)
                 end
               end
             else
               path_scope(parent_resource.nested_scope) do
-                scope(nested_options) { yield }
+                scope(nested_options, &block)
               end
             end
           end
@@ -1608,6 +1595,29 @@ module ActionDispatch
           !parent_resource.singleton? && @scope[:shallow]
         end
 
+        # Loads another routes file with the given +name+ located inside the
+        # +config/routes+ directory. In that file, you can use the normal
+        # routing DSL, but <i>do not</i> surround it with a
+        # +Rails.application.routes.draw+ block.
+        #
+        #   # config/routes.rb
+        #   Rails.application.routes.draw do
+        #     draw :admin                 # Loads `config/routes/admin.rb`
+        #     draw "third_party/some_gem" # Loads `config/routes/third_party/some_gem.rb`
+        #   end
+        #
+        #   # config/routes/admin.rb
+        #   namespace :admin do
+        #     resources :accounts
+        #   end
+        #
+        #   # config/routes/third_party/some_gem.rb
+        #   mount SomeGem::Engine, at: "/some_gem"
+        #
+        # <b>CAUTION:</b> Use this feature with care. Having multiple routes
+        # files can negatively impact discoverability and readability. For most
+        # applications — even those with a few hundred routes — it's easier for
+        # developers to have a single routes file.
         def draw(name)
           path = @draw_paths.find do |_path|
             File.exist? "#{_path}/#{name}.rb"
@@ -1641,7 +1651,7 @@ module ActionDispatch
             when Symbol
               options[:action] = to
             when String
-              if /#/.match?(to)
+              if to.include?("#")
                 options[:to] = to
               else
                 options[:controller] = to
@@ -1664,7 +1674,7 @@ module ActionDispatch
           end
         end
 
-        # You can specify what Rails should route "/" to with the root method:
+        # You can specify what \Rails should route "/" to with the root method:
         #
         #   root to: 'pages#main'
         #
@@ -1676,7 +1686,7 @@ module ActionDispatch
         #
         # You should put the root route at the top of <tt>config/routes.rb</tt>,
         # because this means it will be matched first. As this is the most popular route
-        # of most Rails applications, this is beneficial.
+        # of most \Rails applications, this is beneficial.
         def root(path, options = {})
           if path.is_a?(String)
             options[:to] = path
@@ -1768,10 +1778,10 @@ module ActionDispatch
             @scope = @scope.parent
           end
 
-          def resource_scope(resource)
+          def resource_scope(resource, &block)
             @scope = @scope.new(scope_level_resource: resource)
 
-            controller(resource.resource_scope) { yield }
+            controller(resource.resource_scope, &block)
           ensure
             @scope = @scope.parent
           end
@@ -1889,7 +1899,7 @@ module ActionDispatch
           end
 
           def map_match(paths, options)
-            if options[:on] && !VALID_ON_OPTIONS.include?(options[:on])
+            if (on = options[:on]) && !VALID_ON_OPTIONS.include?(on)
               raise ArgumentError, "Unknown scope #{on.inspect} given to :on"
             end
 
@@ -2300,7 +2310,7 @@ module ActionDispatch
         NULL = Scope.new(nil, nil)
       end
 
-      def initialize(set) #:nodoc:
+      def initialize(set) # :nodoc:
         @set = set
         @draw_paths = set.draw_paths
         @scope = Scope.new(path_names: @set.resources_path_names)

data/lib/action_dispatch/routing/polymorphic_routes.rb

@@ -2,6 +2,8 @@
 
 module ActionDispatch
   module Routing
+    # = Action Dispatch Routing \PolymorphicRoutes
+    #
     # Polymorphic URL helpers are methods for smart resolution to a named route call when
     # given an Active Record model instance. They are to be used in combination with
     # ActionController::Resources.

data/lib/action_dispatch/routing/redirection.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require "action_dispatch/http/request"
-require "active_support/core_ext/uri"
 require "active_support/core_ext/array/extract_options"
 require "rack/utils"
 require "action_controller/metal/exceptions"
@@ -20,10 +18,19 @@ module ActionDispatch
       def redirect?; true; end
 
       def call(env)
-        serve Request.new env
+        ActiveSupport::Notifications.instrument("redirect.action_dispatch") do |payload|
+          request = Request.new(env)
+          response = build_response(request)
+
+          payload[:status] = @status
+          payload[:location] = response.headers["Location"]
+          payload[:request] = request
+
+          response.to_a
+        end
       end
 
-      def serve(req)
+      def build_response(req)
         uri = URI.parse(path(req.path_parameters, req))
 
         unless uri.host
@@ -40,15 +47,15 @@ module ActionDispatch
 
         req.commit_flash
 
-        body = %(<html><body>You are being <a href="#{ERB::Util.unwrapped_html_escape(uri.to_s)}">redirected</a>.</body></html>)
+        body = ""
 
         headers = {
           "Location" => uri.to_s,
-          "Content-Type" => "text/html",
+          "Content-Type" => "text/html; charset=#{ActionDispatch::Response.default_charset}",
           "Content-Length" => body.length.to_s
         }
 
-        [ status, headers, [body] ]
+        ActionDispatch::Response.new(status, headers, body)
       end
 
       def path(params, request)
@@ -61,7 +68,7 @@ module ActionDispatch
 
       private
         def relative_path?(path)
-          path && !path.empty? && path[0] != "/"
+          path && !path.empty? && !path.start_with?("/")
         end
 
         def escape(params)
@@ -144,6 +151,11 @@ module ActionDispatch
       # This will redirect the user, while ignoring certain parts of the request, including query string, etc.
       # <tt>/stories</tt>, <tt>/stories?foo=bar</tt>, etc all redirect to <tt>/posts</tt>.
       #
+      # The redirect will use a <tt>301 Moved Permanently</tt> status code by
+      # default. This can be overridden with the +:status+ option:
+      #
+      #   get "/stories" => redirect("/posts", status: 307)
+      #
       # You can also use interpolation in the supplied redirect argument:
       #
       #   get 'docs/:article', to: redirect('/wiki/%{article}')