actionpack_csi 2.3.5.p6

data/lib/action_controller/mime_type.rb

@@ -0,0 +1,212 @@
+require 'set'
+
+module Mime
+  SET              = []
+  EXTENSION_LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? }
+  LOOKUP           = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? }
+
+  # Encapsulates the notion of a mime type. Can be used at render time, for example, with:
+  #
+  #   class PostsController < ActionController::Base
+  #     def show
+  #       @post = Post.find(params[:id])
+  #
+  #       respond_to do |format|
+  #         format.html
+  #         format.ics { render :text => post.to_ics, :mime_type => Mime::Type["text/calendar"]  }
+  #         format.xml { render :xml => @people.to_xml }
+  #       end
+  #     end
+  #   end
+  class Type
+    @@html_types = Set.new [:html, :all]
+    cattr_reader :html_types
+
+    # These are the content types which browsers can generate without using ajax, flash, etc
+    # i.e. following a link, getting an image or posting a form.  CSRF protection
+    # only needs to protect against these types.
+    @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text]
+    cattr_reader :browser_generated_types
+
+
+    @@unverifiable_types = Set.new [:text, :json, :csv, :xml, :rss, :atom, :yaml]
+    def self.unverifiable_types
+      ActiveSupport::Deprecation.warn("unverifiable_types is deprecated and has no effect", caller)
+      @@unverifiable_types
+    end
+
+    # A simple helper class used in parsing the accept header
+    class AcceptItem #:nodoc:
+      attr_accessor :order, :name, :q
+
+      def initialize(order, name, q=nil)
+        @order = order
+        @name = name.strip
+        q ||= 0.0 if @name == Mime::ALL # default wilcard match to end of list
+        @q = ((q || 1.0).to_f * 100).to_i
+      end
+
+      def to_s
+        @name
+      end
+
+      def <=>(item)
+        result = item.q <=> q
+        result = order <=> item.order if result == 0
+        result
+      end
+
+      def ==(item)
+        name == (item.respond_to?(:name) ? item.name : item)
+      end
+    end
+
+    class << self
+      def lookup(string)
+        LOOKUP[string]
+      end
+
+      def lookup_by_extension(extension)
+        EXTENSION_LOOKUP[extension]
+      end
+
+      # Registers an alias that's not used on mime type lookup, but can be referenced directly. Especially useful for
+      # rendering different HTML versions depending on the user agent, like an iPhone.
+      def register_alias(string, symbol, extension_synonyms = [])
+        register(string, symbol, [], extension_synonyms, true)
+      end
+
+      def register(string, symbol, mime_type_synonyms = [], extension_synonyms = [], skip_lookup = false)
+        Mime.instance_eval { const_set symbol.to_s.upcase, Type.new(string, symbol, mime_type_synonyms) }
+
+        SET << Mime.const_get(symbol.to_s.upcase)
+
+        ([string] + mime_type_synonyms).each { |string| LOOKUP[string] = SET.last } unless skip_lookup
+        ([symbol.to_s] + extension_synonyms).each { |ext| EXTENSION_LOOKUP[ext] = SET.last }
+      end
+
+      def parse(accept_header)
+        if accept_header !~ /,/
+          [Mime::Type.lookup(accept_header)]
+        else
+          # keep track of creation order to keep the subsequent sort stable
+          list = []
+          accept_header.split(/,/).each_with_index do |header, index| 
+            params, q = header.split(/;\s*q=/)       
+            if params
+              params.strip!          
+              list << AcceptItem.new(index, params, q) unless params.empty?
+            end
+          end
+          list.sort!
+
+          # Take care of the broken text/xml entry by renaming or deleting it
+          text_xml = list.index("text/xml")
+          app_xml = list.index(Mime::XML.to_s)
+
+          if text_xml && app_xml
+            # set the q value to the max of the two
+            list[app_xml].q = [list[text_xml].q, list[app_xml].q].max
+
+            # make sure app_xml is ahead of text_xml in the list
+            if app_xml > text_xml
+              list[app_xml], list[text_xml] = list[text_xml], list[app_xml]
+              app_xml, text_xml = text_xml, app_xml
+            end
+
+            # delete text_xml from the list
+            list.delete_at(text_xml)
+
+          elsif text_xml
+            list[text_xml].name = Mime::XML.to_s
+          end
+
+          # Look for more specific XML-based types and sort them ahead of app/xml
+
+          if app_xml
+            idx = app_xml
+            app_xml_type = list[app_xml]
+
+            while(idx < list.length)
+              type = list[idx]
+              break if type.q < app_xml_type.q
+              if type.name =~ /\+xml$/
+                list[app_xml], list[idx] = list[idx], list[app_xml]
+                app_xml = idx
+              end
+              idx += 1
+            end
+          end
+
+          list.map! { |i| Mime::Type.lookup(i.name) }.uniq!
+          list
+        end
+      end
+    end
+    
+    def initialize(string, symbol = nil, synonyms = [])
+      @symbol, @synonyms = symbol, synonyms
+      @string = string
+    end
+    
+    def to_s
+      @string
+    end
+    
+    def to_str
+      to_s
+    end
+    
+    def to_sym
+      @symbol || @string.to_sym
+    end
+
+    def ===(list)
+      if list.is_a?(Array)
+        (@synonyms + [ self ]).any? { |synonym| list.include?(synonym) }
+      else
+        super
+      end
+    end
+    
+    def ==(mime_type)
+      return false if mime_type.blank?
+      (@synonyms + [ self ]).any? do |synonym| 
+        synonym.to_s == mime_type.to_s || synonym.to_sym == mime_type.to_sym 
+      end
+    end
+
+    def =~(mime_type)
+      return false if mime_type.blank?
+      regexp = Regexp.new(Regexp.quote(mime_type.to_s))
+      (@synonyms + [ self ]).any? do |synonym|
+        synonym.to_s =~ regexp
+      end
+    end
+
+    # Returns true if Action Pack should check requests using this Mime Type for possible request forgery.  See
+    # ActionController::RequestForgeryProtection.
+    def verify_request?
+      browser_generated?
+    end
+
+    def html?
+      @@html_types.include?(to_sym) || @string =~ /html/
+    end
+
+    def browser_generated?
+      @@browser_generated_types.include?(to_sym)
+    end
+
+    private
+      def method_missing(method, *args)
+        if method.to_s =~ /(\w+)\?$/
+          $1.downcase.to_sym == to_sym
+        else
+          super
+        end
+      end
+  end
+end
+
+require 'action_controller/mime_types'

data/lib/action_controller/mime_types.rb

@@ -0,0 +1,21 @@
+# Build list of Mime types for HTTP responses
+# http://www.iana.org/assignments/media-types/
+
+Mime::Type.register "*/*", :all
+Mime::Type.register "text/plain", :text, [], %w(txt)
+Mime::Type.register "text/html", :html, %w( application/xhtml+xml ), %w( xhtml )
+Mime::Type.register "text/javascript", :js, %w( application/javascript application/x-javascript )
+Mime::Type.register "text/css", :css
+Mime::Type.register "text/calendar", :ics
+Mime::Type.register "text/csv", :csv
+Mime::Type.register "application/xml", :xml, %w( text/xml application/x-xml )
+Mime::Type.register "application/rss+xml", :rss
+Mime::Type.register "application/atom+xml", :atom
+Mime::Type.register "application/x-yaml", :yaml, %w( text/yaml )
+
+Mime::Type.register "multipart/form-data", :multipart_form
+Mime::Type.register "application/x-www-form-urlencoded", :url_encoded_form
+
+# http://www.ietf.org/rfc/rfc4627.txt
+# http://www.json.org/JSONRequest.html
+Mime::Type.register "application/json", :json, %w( text/x-json application/jsonrequest )

data/lib/action_controller/params_parser.rb

@@ -0,0 +1,77 @@
+module ActionController
+  class ParamsParser
+    ActionController::Base.param_parsers[Mime::XML] = :xml_simple
+    ActionController::Base.param_parsers[Mime::JSON] = :json
+
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      if params = parse_formatted_parameters(env)
+        env["action_controller.request.request_parameters"] = params
+      end
+
+      @app.call(env)
+    end
+
+    private
+      def parse_formatted_parameters(env)
+        request = Request.new(env)
+
+        return false if request.content_length.zero?
+
+        mime_type = content_type_from_legacy_post_data_format_header(env) || request.content_type
+        strategy = ActionController::Base.param_parsers[mime_type]
+
+        return false unless strategy
+
+        case strategy
+          when Proc
+            strategy.call(request.raw_post)
+          when :xml_simple, :xml_node
+            body = request.raw_post
+            body.blank? ? {} : Hash.from_xml(body).with_indifferent_access
+          when :yaml
+            YAML.load(request.raw_post)
+          when :json
+            body = request.raw_post
+            if body.blank?
+              {}
+            else
+              data = ActiveSupport::JSON.decode(body)
+              data = {:_json => data} unless data.is_a?(Hash)
+              data.with_indifferent_access
+            end
+          else
+            false
+        end
+      rescue Exception => e # YAML, XML or Ruby code block errors
+        logger.debug "Error occurred while parsing request parameters.\nContents:\n\n#{request.raw_post}"
+
+        raise
+          { "body" => request.raw_post,
+            "content_type" => request.content_type,
+            "content_length" => request.content_length,
+            "exception" => "#{e.message} (#{e.class})",
+            "backtrace" => e.backtrace }
+      end
+
+      def content_type_from_legacy_post_data_format_header(env)
+        if x_post_format = env['HTTP_X_POST_DATA_FORMAT']
+          case x_post_format.to_s.downcase
+            when 'yaml'
+              return Mime::YAML
+            when 'xml'
+              return Mime::XML
+          end
+        end
+
+        nil
+      end
+
+      def logger
+        defined?(Rails.logger) ? Rails.logger : Logger.new($stderr)
+      end
+  end
+end

data/lib/action_controller/performance_test.rb

@@ -0,0 +1,15 @@
+require 'active_support/testing/performance'
+require 'active_support/testing/default'
+
+module ActionController
+  # An integration test that runs a code profiler on your test methods.
+  # Profiling output for combinations of each test method, measurement, and
+  # output format are written to your tmp/performance directory.
+  #
+  # By default, process_time is measured and both flat and graph_html output
+  # formats are written, so you'll have two output files per test method.
+  class PerformanceTest < ActionController::IntegrationTest
+    include ActiveSupport::Testing::Performance
+    include ActiveSupport::Testing::Default
+  end
+end

data/lib/action_controller/polymorphic_routes.rb

@@ -0,0 +1,189 @@
+module ActionController
+  # Polymorphic URL helpers are methods for smart resolution to a named route call when
+  # given an Active Record model instance. They are to be used in combination with
+  # ActionController::Resources.
+  #
+  # These methods are useful when you want to generate correct URL or path to a RESTful
+  # resource without having to know the exact type of the record in question.
+  #
+  # Nested resources and/or namespaces are also supported, as illustrated in the example:
+  #
+  #   polymorphic_url([:admin, @article, @comment])
+  #
+  # results in:
+  #   
+  #   admin_article_comment_url(@article, @comment)
+  #
+  # == Usage within the framework
+  #
+  # Polymorphic URL helpers are used in a number of places throughout the Rails framework:
+  #
+  # * <tt>url_for</tt>, so you can use it with a record as the argument, e.g.
+  #   <tt>url_for(@article)</tt>;
+  # * ActionView::Helpers::FormHelper uses <tt>polymorphic_path</tt>, so you can write
+  #   <tt>form_for(@article)</tt> without having to specify <tt>:url</tt> parameter for the form
+  #   action;
+  # * <tt>redirect_to</tt> (which, in fact, uses <tt>url_for</tt>) so you can write
+  #   <tt>redirect_to(post)</tt> in your controllers;
+  # * ActionView::Helpers::AtomFeedHelper, so you don't have to explicitly specify URLs
+  #   for feed entries.
+  #
+  # == Prefixed polymorphic helpers
+  #
+  # In addition to <tt>polymorphic_url</tt> and <tt>polymorphic_path</tt> methods, a
+  # number of prefixed helpers are available as a shorthand to <tt>:action => "..."</tt>
+  # in options. Those are:
+  #
+  # * <tt>edit_polymorphic_url</tt>, <tt>edit_polymorphic_path</tt>
+  # * <tt>new_polymorphic_url</tt>, <tt>new_polymorphic_path</tt>
+  #
+  # Example usage:
+  #
+  #   edit_polymorphic_path(@post)              # => "/posts/1/edit"
+  #   polymorphic_path(@post, :format => :pdf)  # => "/posts/1.pdf"
+  module PolymorphicRoutes
+    # Constructs a call to a named RESTful route for the given record and returns the
+    # resulting URL string. For example:
+    #
+    #   # calls post_url(post)
+    #   polymorphic_url(post) # => "http://example.com/posts/1"
+    #   polymorphic_url([blog, post]) # => "http://example.com/blogs/1/posts/1"
+    #   polymorphic_url([:admin, blog, post]) # => "http://example.com/admin/blogs/1/posts/1"
+    #   polymorphic_url([user, :blog, post]) # => "http://example.com/users/1/blog/posts/1"
+    #
+    # ==== Options
+    #
+    # * <tt>:action</tt> - Specifies the action prefix for the named route:
+    #   <tt>:new</tt> or <tt>:edit</tt>. Default is no prefix.
+    # * <tt>:routing_type</tt> - Allowed values are <tt>:path</tt> or <tt>:url</tt>.
+    #   Default is <tt>:url</tt>.
+    #
+    # ==== Examples
+    #
+    #   # an Article record
+    #   polymorphic_url(record)  # same as article_url(record)
+    #
+    #   # a Comment record
+    #   polymorphic_url(record)  # same as comment_url(record)
+    #
+    #   # it recognizes new records and maps to the collection
+    #   record = Comment.new
+    #   polymorphic_url(record)  # same as comments_url()
+    #
+    def polymorphic_url(record_or_hash_or_array, options = {})
+      if record_or_hash_or_array.kind_of?(Array)
+        record_or_hash_or_array = record_or_hash_or_array.compact
+        record_or_hash_or_array = record_or_hash_or_array[0] if record_or_hash_or_array.size == 1
+      end
+
+      record = extract_record(record_or_hash_or_array)
+
+      args = case record_or_hash_or_array
+        when Hash;  [ record_or_hash_or_array ]
+        when Array; record_or_hash_or_array.dup
+        else        [ record_or_hash_or_array ]
+      end
+
+      inflection =
+        case
+        when options[:action].to_s == "new"
+          args.pop
+          :singular
+        when record.respond_to?(:new_record?) && record.new_record?
+          args.pop
+          :plural
+        else
+          :singular
+        end
+
+      args.delete_if {|arg| arg.is_a?(Symbol) || arg.is_a?(String)}
+      named_route = build_named_route_call(record_or_hash_or_array, inflection, options)
+
+      url_options = options.except(:action, :routing_type)
+      unless url_options.empty?
+        args.last.kind_of?(Hash) ? args.last.merge!(url_options) : args << url_options
+      end
+
+      __send__(named_route, *args)
+    end
+
+    # Returns the path component of a URL for the given record. It uses
+    # <tt>polymorphic_url</tt> with <tt>:routing_type => :path</tt>.
+    def polymorphic_path(record_or_hash_or_array, options = {})
+      options[:routing_type] = :path
+      polymorphic_url(record_or_hash_or_array, options)
+    end
+
+    %w(edit new).each do |action|
+      module_eval <<-EOT, __FILE__, __LINE__
+        def #{action}_polymorphic_url(record_or_hash, options = {})         # def edit_polymorphic_url(record_or_hash, options = {})
+          polymorphic_url(                                                  #   polymorphic_url(
+            record_or_hash,                                                 #     record_or_hash,
+            options.merge(:action => "#{action}"))                          #     options.merge(:action => "edit"))
+        end                                                                 # end
+                                                                            #
+        def #{action}_polymorphic_path(record_or_hash, options = {})        # def edit_polymorphic_path(record_or_hash, options = {})
+          polymorphic_url(                                                  #   polymorphic_url(
+            record_or_hash,                                                 #     record_or_hash,
+            options.merge(:action => "#{action}", :routing_type => :path))  #     options.merge(:action => "edit", :routing_type => :path))
+        end                                                                 # end
+      EOT
+    end
+
+    def formatted_polymorphic_url(record_or_hash, options = {})
+      ActiveSupport::Deprecation.warn("formatted_polymorphic_url has been deprecated. Please pass :format to the polymorphic_url method instead", caller)
+      options[:format] = record_or_hash.pop if Array === record_or_hash
+      polymorphic_url(record_or_hash, options)
+    end
+
+    def formatted_polymorphic_path(record_or_hash, options = {})
+      ActiveSupport::Deprecation.warn("formatted_polymorphic_path has been deprecated. Please pass :format to the polymorphic_path method instead", caller)
+      options[:format] = record_or_hash.pop if record_or_hash === Array
+      polymorphic_url(record_or_hash, options.merge(:routing_type => :path))
+    end
+
+    private
+      def action_prefix(options)
+        options[:action] ? "#{options[:action]}_" : ''
+      end
+
+      def routing_type(options)
+        options[:routing_type] || :url
+      end
+
+      def build_named_route_call(records, inflection, options = {})
+        unless records.is_a?(Array)
+          record = extract_record(records)
+          route  = ''
+        else
+          record = records.pop
+          route = records.inject("") do |string, parent|
+            if parent.is_a?(Symbol) || parent.is_a?(String)
+              string << "#{parent}_"
+            else
+              string << RecordIdentifier.__send__("plural_class_name", parent).singularize
+              string << "_"
+            end
+          end
+        end
+
+        if record.is_a?(Symbol) || record.is_a?(String)
+          route << "#{record}_"
+        else
+          route << RecordIdentifier.__send__("plural_class_name", record)
+          route = route.singularize if inflection == :singular
+          route << "_"
+        end
+
+        action_prefix(options) + route + routing_type(options).to_s
+      end
+
+      def extract_record(record_or_hash_or_array)
+        case record_or_hash_or_array
+          when Array; record_or_hash_or_array.last
+          when Hash;  record_or_hash_or_array[:id]
+          else        record_or_hash_or_array
+        end
+      end
+  end
+end

data/lib/action_controller/rack_lint_patch.rb

@@ -0,0 +1,36 @@
+# Rack 1.0 does not allow string subclass body. This does not play well with our ActionView::SafeBuffer.
+# The next release of Rack will be allowing string subclass body - http://github.com/rack/rack/commit/de668df02802a0335376a81ba709270e43ba9d55
+# TODO : Remove this monkey patch after the next release of Rack
+
+module RackLintPatch
+  module AllowStringSubclass
+    def self.included(base)
+      base.send :alias_method, :each, :each_with_hack
+    end
+
+    def each_with_hack
+      @closed = false
+
+      @body.each { |part|
+        assert("Body yielded non-string value #{part.inspect}") {
+          part.kind_of?(String)
+        }
+        yield part
+      }
+
+      if @body.respond_to?(:to_path)
+        assert("The file identified by body.to_path does not exist") {
+          ::File.exist? @body.to_path
+        }
+      end
+    end
+  end
+
+  begin
+    app = proc {|env| [200, {"Content-Type" => "text/plain", "Content-Length" => "12"}, [Class.new(String).new("Hello World!")]] }
+    response = Rack::MockRequest.new(Rack::Lint.new(app)).get('/')
+  rescue Rack::Lint::LintError => e
+    raise(e) unless e.message =~ /Body yielded non-string value/
+    Rack::Lint.send :include, AllowStringSubclass
+  end
+end

data/lib/action_controller/record_identifier.rb

@@ -0,0 +1,104 @@
+module ActionController  
+  # The record identifier encapsulates a number of naming conventions for dealing with records, like Active Records or 
+  # Active Resources or pretty much any other model type that has an id. These patterns are then used to try elevate
+  # the view actions to a higher logical level. Example:
+  #
+  #   # routes
+  #   map.resources :posts
+  #
+  #   # view
+  #   <% div_for(post) do %>     <div id="post_45" class="post">
+  #     <%= post.body %>           What a wonderful world!
+  #   <% end %>                  </div>
+  #
+  #   # controller
+  #   def destroy
+  #     post = Post.find(params[:id])
+  #     post.destroy
+  #
+  #     respond_to do |format|
+  #       format.html { redirect_to(post) } # Calls polymorphic_url(post) which in turn calls post_url(post)
+  #       format.js do
+  #         # Calls: new Effect.fade('post_45');
+  #         render(:update) { |page| page[post].visual_effect(:fade) }
+  #       end
+  #     end
+  #   end
+  #
+  # As the example above shows, you can stop caring to a large extent what the actual id of the post is. You just know
+  # that one is being assigned and that the subsequent calls in redirect_to and the RJS expect that same naming 
+  # convention and allows you to write less code if you follow it.
+  module RecordIdentifier
+    extend self
+
+    JOIN = '_'.freeze
+    NEW = 'new'.freeze
+
+    # Returns plural/singular for a record or class. Example:
+    #
+    #   partial_path(post)                   # => "posts/post"
+    #   partial_path(Person)                 # => "people/person"
+    #   partial_path(Person, "admin/games")  # => "admin/people/person"
+    def partial_path(record_or_class, controller_path = nil)
+      name = model_name_from_record_or_class(record_or_class)
+
+      if controller_path && controller_path.include?("/")
+        "#{File.dirname(controller_path)}/#{name.partial_path}"
+      else
+        name.partial_path
+      end
+    end
+
+    # The DOM class convention is to use the singular form of an object or class. Examples:
+    #
+    #   dom_class(post)   # => "post"
+    #   dom_class(Person) # => "person"
+    #
+    # If you need to address multiple instances of the same class in the same view, you can prefix the dom_class:
+    #
+    #   dom_class(post, :edit)   # => "edit_post"
+    #   dom_class(Person, :edit) # => "edit_person"
+    def dom_class(record_or_class, prefix = nil)
+      singular = singular_class_name(record_or_class)
+      prefix ? "#{prefix}#{JOIN}#{singular}" : singular
+    end
+
+    # The DOM id convention is to use the singular form of an object or class with the id following an underscore.
+    # If no id is found, prefix with "new_" instead. Examples:
+    #
+    #   dom_id(Post.find(45))       # => "post_45"
+    #   dom_id(Post.new)            # => "new_post"
+    #
+    # If you need to address multiple instances of the same class in the same view, you can prefix the dom_id:
+    #
+    #   dom_id(Post.find(45), :edit) # => "edit_post_45"
+    def dom_id(record, prefix = nil) 
+      if record_id = record.id
+        "#{dom_class(record, prefix)}#{JOIN}#{record_id}"
+      else
+        dom_class(record, prefix || NEW)
+      end
+    end
+
+    # Returns the plural class name of a record or class. Examples:
+    #
+    #   plural_class_name(post)             # => "posts"
+    #   plural_class_name(Highrise::Person) # => "highrise_people"
+    def plural_class_name(record_or_class)
+      model_name_from_record_or_class(record_or_class).plural
+    end
+
+    # Returns the singular class name of a record or class. Examples:
+    #
+    #   singular_class_name(post)             # => "post"
+    #   singular_class_name(Highrise::Person) # => "highrise_person"
+    def singular_class_name(record_or_class)
+      model_name_from_record_or_class(record_or_class).singular
+    end
+
+    private
+      def model_name_from_record_or_class(record_or_class)
+        (record_or_class.is_a?(Class) ? record_or_class : record_or_class.class).model_name
+      end
+  end
+end