actionview 4.2.5 → 4.2.5.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of actionview might be problematic. Click here for more details.

Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/lib/action_view/gem_version.rb +1 -1
  3. data/lib/action_view/lookup_context.rb +4 -0
  4. data/lib/action_view/path_set.rb +19 -7
  5. data/lib/action_view/renderer/abstract_renderer.rb +1 -1
  6. data/lib/action_view/renderer/template_renderer.rb +1 -1
  7. data/lib/action_view/template/resolver.rb +21 -4
  8. data/lib/action_view/testing/resolvers.rb +2 -2
  9. metadata +9 -9
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7e4ca236d504293db481bd7e5b5f78179f83701c
4
- data.tar.gz: c20fd40ca34fc8f8231937cf5262d0c8a3f7a586
3
+ metadata.gz: f94cd4ae116eb1df1a7c8ea64184ac6c65f14040
4
+ data.tar.gz: 404b5622ddd7f59c6143ed73ffdaa03ec7e7c4a9
5
5
  SHA512:
6
- metadata.gz: 608e6001af9db5cc746ce4f229d03e009f37de537234c2fa60ff3faaf30b4bd899e453831a3e8a5bb4bd9f92b6408a67a7cf1edf4dbf22e41528f0cf66b16e95
7
- data.tar.gz: 9dc4677eb800adf9f272373e7d7afc5bbf3a0ff07bf9606d0d2b9fe21dfb69a3c27b5bce8fbf12d79c31f9c8274d187b19b27fc83788c74efa4fd04219c0cfb0
6
+ metadata.gz: 3c1510d4ab8e62ba7792ccc289cb298709604884b34db1c296b8bf7752c4c87123308b9fa33c0de99fd7b68aa9073804d70149812406261d423e8a9032748027
7
+ data.tar.gz: a66bb7bc49a2e4786329172b9749d7476ca75d3d0bfde1a55f8f48c60e914befccbe031de605cec14c320c5adf3b6f66a264eccf80c45bd708b7facbaa238ec2
data/lib/action_view/gem_version.rb CHANGED
@@ -8,7 +8,7 @@ module ActionView
8
8
  MAJOR = 4
9
9
  MINOR = 2
10
10
  TINY = 5
11
- PRE = nil
11
+ PRE = "1"
12
12
 
13
13
  STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
14
14
  end
data/lib/action_view/lookup_context.rb CHANGED
@@ -122,6 +122,10 @@ module ActionView
122
122
  end
123
123
  alias :find_template :find
124
124
 
125
+ def find_file(name, prefixes = [], partial = false, keys = [], options = {})
126
+ @view_paths.find_file(*args_for_lookup(name, prefixes, partial, keys, options))
127
+ end
128
+
125
129
  def find_all(name, prefixes = [], partial = false, keys = [], options = {})
126
130
  @view_paths.find_all(*args_for_lookup(name, prefixes, partial, keys, options))
127
131
  end
data/lib/action_view/path_set.rb CHANGED
@@ -46,23 +46,35 @@ module ActionView #:nodoc:
46
46
  find_all(*args).first || raise(MissingTemplate.new(self, *args))
47
47
  end
48
48
 
49
+ def find_file(path, prefixes = [], *args)
50
+ _find_all(path, prefixes, args, true).first || raise(MissingTemplate.new(self, path, prefixes, *args))
51
+ end
52
+
49
53
  def find_all(path, prefixes = [], *args)
54
+ _find_all path, prefixes, args, false
55
+ end
56
+
57
+ def exists?(path, prefixes, *args)
58
+ find_all(path, prefixes, *args).any?
59
+ end
60
+
61
+ private
62
+
63
+ def _find_all(path, prefixes, args, outside_app)
50
64
  prefixes = [prefixes] if String === prefixes
51
65
  prefixes.each do |prefix|
52
66
  paths.each do |resolver|
53
- templates = resolver.find_all(path, prefix, *args)
67
+ if outside_app
68
+ templates = resolver.find_all_anywhere(path, prefix, *args)
69
+ else
70
+ templates = resolver.find_all(path, prefix, *args)
71
+ end
54
72
  return templates unless templates.empty?
55
73
  end
56
74
  end
57
75
  []
58
76
  end
59
77
 
60
- def exists?(path, prefixes, *args)
61
- find_all(path, prefixes, *args).any?
62
- end
63
-
64
- private
65
-
66
78
  def typecast(paths)
67
79
  paths.map do |path|
68
80
  case path
data/lib/action_view/renderer/abstract_renderer.rb CHANGED
@@ -15,7 +15,7 @@ module ActionView
15
15
  # that new object is called in turn. This abstracts the setup and rendering
16
16
  # into a separate classes for partials and templates.
17
17
  class AbstractRenderer #:nodoc:
18
- delegate :find_template, :template_exists?, :with_fallbacks, :with_layout_format, :formats, :to => :@lookup_context
18
+ delegate :find_template, :find_file, :template_exists?, :with_fallbacks, :with_layout_format, :formats, :to => :@lookup_context
19
19
 
20
20
  def initialize(lookup_context)
21
21
  @lookup_context = lookup_context
data/lib/action_view/renderer/template_renderer.rb CHANGED
@@ -29,7 +29,7 @@ module ActionView
29
29
  elsif options.key?(:html)
30
30
  Template::HTML.new(options[:html], formats.first)
31
31
  elsif options.key?(:file)
32
- with_fallbacks { find_template(options[:file], nil, false, keys, @details) }
32
+ with_fallbacks { find_file(options[:file], nil, false, keys, @details) }
33
33
  elsif options.key?(:inline)
34
34
  handler = Template.handler_for_extension(options[:type] || "erb")
35
35
  Template.new(options[:inline], "inline template", handler, :locals => keys)
data/lib/action_view/template/resolver.rb CHANGED
@@ -113,7 +113,13 @@ module ActionView
113
113
  # Normalizes the arguments and passes it on to find_templates.
114
114
  def find_all(name, prefix=nil, partial=false, details={}, key=nil, locals=[])
115
115
  cached(key, [name, prefix, partial], details, locals) do
116
- find_templates(name, prefix, partial, details)
116
+ find_templates(name, prefix, partial, details, false)
117
+ end
118
+ end
119
+
120
+ def find_all_anywhere(name, prefix, partial=false, details={}, key=nil, locals=[])
121
+ cached(key, [name, prefix, partial], details, locals) do
122
+ find_templates(name, prefix, partial, details, true)
117
123
  end
118
124
  end
119
125
 
@@ -174,15 +180,16 @@ module ActionView
174
180
 
175
181
  private
176
182
 
177
- def find_templates(name, prefix, partial, details)
183
+ def find_templates(name, prefix, partial, details, outside_app_allowed = false)
178
184
  path = Path.build(name, prefix, partial)
179
- query(path, details, details[:formats])
185
+ query(path, details, details[:formats], outside_app_allowed)
180
186
  end
181
187
 
182
- def query(path, details, formats)
188
+ def query(path, details, formats, outside_app_allowed)
183
189
  query = build_query(path, details)
184
190
 
185
191
  template_paths = find_template_paths query
192
+ template_paths = reject_files_external_to_app(template_paths) unless outside_app_allowed
186
193
 
187
194
  template_paths.map { |template|
188
195
  handler, format, variant = extract_handler_and_format_and_variant(template, formats)
@@ -197,6 +204,10 @@ module ActionView
197
204
  }
198
205
  end
199
206
 
207
+ def reject_files_external_to_app(files)
208
+ files.reject { |filename| !inside_path?(@path, filename) }
209
+ end
210
+
200
211
  if RUBY_VERSION >= '2.2.0'
201
212
  def find_template_paths(query)
202
213
  Dir[query].reject { |filename|
@@ -217,6 +228,12 @@ module ActionView
217
228
  end
218
229
  end
219
230
 
231
+ def inside_path?(path, filename)
232
+ filename = File.expand_path(filename)
233
+ path = File.join(path, '')
234
+ filename.start_with?(path)
235
+ end
236
+
220
237
  # Helper for building query glob string based on resolver's pattern.
221
238
  def build_query(path, details)
222
239
  query = @pattern.dup
data/lib/action_view/testing/resolvers.rb CHANGED
@@ -19,7 +19,7 @@ module ActionView #:nodoc:
19
19
 
20
20
  private
21
21
 
22
- def query(path, exts, formats)
22
+ def query(path, exts, formats, _)
23
23
  query = ""
24
24
  EXTENSIONS.each_key do |ext|
25
25
  query << '(' << exts[ext].map {|e| e && Regexp.escape(".#{e}") }.join('|') << '|)'
@@ -44,7 +44,7 @@ module ActionView #:nodoc:
44
44
  end
45
45
 
46
46
  class NullResolver < PathResolver
47
- def query(path, exts, formats)
47
+ def query(path, exts, formats, _)
48
48
  handler, format, variant = extract_handler_and_format_and_variant(path, formats)
49
49
  [ActionView::Template.new("Template generated by Null Resolver", path, handler, :virtual_path => path, :format => format, :variant => variant)]
50
50
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: actionview
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.2.5
4
+ version: 4.2.5.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-11-12 00:00:00.000000000 Z
11
+ date: 2016-01-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 4.2.5
19
+ version: 4.2.5.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 4.2.5
26
+ version: 4.2.5.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: builder
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -98,28 +98,28 @@ dependencies:
98
98
  requirements:
99
99
  - - '='
100
100
  - !ruby/object:Gem::Version
101
- version: 4.2.5
101
+ version: 4.2.5.1
102
102
  type: :development
103
103
  prerelease: false
104
104
  version_requirements: !ruby/object:Gem::Requirement
105
105
  requirements:
106
106
  - - '='
107
107
  - !ruby/object:Gem::Version
108
- version: 4.2.5
108
+ version: 4.2.5.1
109
109
  - !ruby/object:Gem::Dependency
110
110
  name: activemodel
111
111
  requirement: !ruby/object:Gem::Requirement
112
112
  requirements:
113
113
  - - '='
114
114
  - !ruby/object:Gem::Version
115
- version: 4.2.5
115
+ version: 4.2.5.1
116
116
  type: :development
117
117
  prerelease: false
118
118
  version_requirements: !ruby/object:Gem::Requirement
119
119
  requirements:
120
120
  - - '='
121
121
  - !ruby/object:Gem::Version
122
- version: 4.2.5
122
+ version: 4.2.5.1
123
123
  description: Simple, battle-tested conventions and helpers for building web pages.
124
124
  email: david@loudthinking.com
125
125
  executables: []
@@ -248,7 +248,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
248
248
  requirements:
249
249
  - none
250
250
  rubyforge_project:
251
- rubygems_version: 2.4.5.1
251
+ rubygems_version: 2.5.1
252
252
  signing_key:
253
253
  specification_version: 4
254
254
  summary: Rendering framework putting the V in MVC (part of Rails).