activemodel 3.1.12 → 3.2.0.rc1

data/lib/active_model/callbacks.rb

@@ -59,7 +59,7 @@ module ActiveModel
     #   define_model_callbacks :initializer, :only => :after
     #
     # Note, the <tt>:only => <type></tt> hash will apply to all callbacks defined on
-    # that method call.  To get around this you can call the define_model_callbacks
+    # that method call. To get around this you can call the define_model_callbacks
     # method as many times as you need.
     #
     #   define_model_callbacks :create, :only => :after
@@ -93,7 +93,7 @@ module ActiveModel
          :only => [:before, :around, :after]
       }.merge(options)
 
-      types   = Array.wrap(options.delete(:only))
+      types = Array.wrap(options.delete(:only))
 
       callbacks.each do |callback|
         define_callbacks(callback, options)

data/lib/active_model/conversion.rb

@@ -1,9 +1,12 @@
+require 'active_support/concern'
+require 'active_support/inflector'
+
 module ActiveModel
   # == Active Model Conversions
   #
-  # Handles default conversions: to_model, to_key and to_param.
+  # Handles default conversions: to_model, to_key, to_param, and to_partial_path.
   #
-  # Let's take for example this non persisted object.
+  # Let's take for example this non-persisted object.
   #
   #   class ContactMessage
   #     include ActiveModel::Conversion
@@ -18,8 +21,11 @@ module ActiveModel
   #   cm.to_model == self # => true
   #   cm.to_key           # => nil
   #   cm.to_param         # => nil
+  #   cm.to_path          # => "contact_messages/contact_message"
   #
   module Conversion
+    extend ActiveSupport::Concern
+
     # If your object is already designed to implement all of the Active Model
     # you can use the default <tt>:to_model</tt> implementation, which simply
     # returns self.
@@ -45,5 +51,23 @@ module ActiveModel
     def to_param
       persisted? ? to_key.join('-') : nil
     end
+
+    # Returns a string identifying the path associated with the object.
+    # ActionPack uses this to find a suitable partial to represent the object.
+    def to_partial_path
+      self.class._to_partial_path
+    end
+
+    module ClassMethods #:nodoc:
+      # Provide a class level cache for the to_path. This is an
+      # internal method and should not be accessed directly.
+      def _to_partial_path #:nodoc:
+        @_to_partial_path ||= begin
+          element = ActiveSupport::Inflector.underscore(ActiveSupport::Inflector.demodulize(self))
+          collection = ActiveSupport::Inflector.tableize(self)
+          "#{collection}/#{element}".freeze
+        end
+      end
+    end
   end
 end

data/lib/active_model/dirty.rb

@@ -29,7 +29,7 @@ module ActiveModel
   #
   #     include ActiveModel::Dirty
   #
-  #     define_attribute_methods = [:name]
+  #     define_attribute_methods [:name]
   #
   #     def name
   #       @name
@@ -98,7 +98,7 @@ module ActiveModel
     #   person.name = 'bob'
     #   person.changed? # => true
     def changed?
-      !changed_attributes.empty?
+      changed_attributes.any?
     end
 
     # List of attributes with unsaved changes.
@@ -156,7 +156,7 @@ module ActiveModel
         rescue TypeError, NoMethodError
         end
 
-        changed_attributes[attr] = value
+        changed_attributes[attr] = value unless changed_attributes.include?(attr)
       end
 
       # Handle <tt>reset_*!</tt> for +method_missing+.

data/lib/active_model/errors.rb

@@ -49,8 +49,8 @@ module ActiveModel
   #
   # The last three methods are required in your object for Errors to be
   # able to generate error messages correctly and also handle multiple
-  # languages.  Of course, if you extend your object with ActiveModel::Translations
-  # you will not need to implement the last two.  Likewise, using
+  # languages. Of course, if you extend your object with ActiveModel::Translation
+  # you will not need to implement the last two. Likewise, using
   # ActiveModel::Validations will handle the validation related methods
   # for you.
   #
@@ -63,7 +63,7 @@ module ActiveModel
   class Errors
     include Enumerable
 
-    CALLBACKS_OPTIONS = [:if, :unless, :on, :allow_nil, :allow_blank]
+    CALLBACKS_OPTIONS = [:if, :unless, :on, :allow_nil, :allow_blank, :strict]
 
     attr_reader :messages
 
@@ -79,19 +79,6 @@ module ActiveModel
       @messages = ActiveSupport::OrderedHash.new
     end
 
-    def initialize_dup(other)
-      @messages = other.messages.dup
-    end
-
-    # Backport dup from 1.9 so that #initialize_dup gets called
-    unless Object.respond_to?(:initialize_dup)
-      def dup # :nodoc:
-        copy = super
-        copy.initialize_dup(self)
-        copy
-      end
-    end
-
     # Clear the messages
     def clear
       messages.clear
@@ -101,6 +88,7 @@ module ActiveModel
     def include?(error)
       (v = messages[error]) && v.any?
     end
+    alias :has_key? :include?
 
     # Get messages for +key+
     def get(key)
@@ -112,11 +100,6 @@ module ActiveModel
       messages[key] = value
     end
 
-    # Delete messages for +key+
-    def delete(key)
-      messages.delete(key)
-    end
-
     # When passed a symbol or a name of a method, returns an array of errors
     # for the method.
     #
@@ -131,11 +114,11 @@ module ActiveModel
     #   p.errors[:name] = "must be set"
     #   p.errors[:name] # => ['must be set']
     def []=(attribute, error)
-      self[attribute] << error
+      self[attribute.to_sym] << error
     end
 
     # Iterates through each error key, value pair in the error messages hash.
-    # Yields the attribute and the error for that attribute.  If the attribute
+    # Yields the attribute and the error for that attribute. If the attribute
     # has more than one error message, yields once for each error message.
     #
     #   p.errors.add(:name, "can't be blank")
@@ -193,10 +176,12 @@ module ActiveModel
     end
 
     # Returns true if no errors are found, false otherwise.
+    # If the error message is a string it can be empty.
     def empty?
-      all? { |k, v| v && v.empty? }
+      all? { |k, v| v && v.empty? && !v.is_a?(String) }
     end
     alias_method :blank?, :empty?
+
     # Returns an xml formatted representation of the Errors hash.
     #
     #   p.errors.add(:name, "can't be blank")
@@ -221,20 +206,16 @@ module ActiveModel
       messages.dup
     end
 
-    # Adds +message+ to the error messages on +attribute+, which will be returned on a call to
-    # <tt>on(attribute)</tt> for the same attribute. More than one error can be added to the same
-    # +attribute+ in which case an array will be returned on a call to <tt>on(attribute)</tt>.
+    # Adds +message+ to the error messages on +attribute+. More than one error can be added to the same
+    # +attribute+.
     # If no +message+ is supplied, <tt>:invalid</tt> is assumed.
     #
     # If +message+ is a symbol, it will be translated using the appropriate scope (see +translate_error+).
     # If +message+ is a proc, it will be called, allowing for things like <tt>Time.now</tt> to be used within an error.
     def add(attribute, message = nil, options = {})
-      message ||= :invalid
-
-      if message.is_a?(Symbol)
-        message = generate_message(attribute, message, options.except(*CALLBACKS_OPTIONS))
-      elsif message.is_a?(Proc)
-        message = message.call
+      message = normalize_message(attribute, message, options)
+      if options[:strict]
+        raise ActiveModel::StrictValidationFailed,  message
       end
 
       self[attribute] << message
@@ -257,6 +238,15 @@ module ActiveModel
       end
     end
 
+    # Returns true if an error on the attribute with the given message is present, false otherwise.
+    # +message+ is treated the same as for +add+.
+    #   p.errors.add :name, :blank
+    #   p.errors.added? :name, :blank # => true
+    def added?(attribute, message = nil, options = {})
+      message = normalize_message(attribute, message, options)
+      self[attribute].include? message
+    end
+
     # Returns all the full error messages in an array.
     #
     #   class Company
@@ -268,20 +258,22 @@ module ActiveModel
     #   company.errors.full_messages # =>
     #     ["Name is too short (minimum is 5 characters)", "Name can't be blank", "Email can't be blank"]
     def full_messages
-      map { |attribute, message|
-        if attribute == :base
-          message
-        else
-          attr_name = attribute.to_s.gsub('.', '_').humanize
-          attr_name = @base.class.human_attribute_name(attribute, :default => attr_name)
-
-          I18n.t(:"errors.format", {
-            :default   => "%{attribute} %{message}",
-            :attribute => attr_name,
-            :message   => message
-          })
-        end
-      }
+      map { |attribute, message| full_message(attribute, message) }
+    end
+
+    # Returns a full message for a given attribute.
+    #
+    #   company.errors.full_message(:name, "is invalid")  # =>
+    #     "Name is invalid"
+    def full_message(attribute, message)
+      return message if attribute == :base
+      attr_name = attribute.to_s.gsub('.', '_').humanize
+      attr_name = @base.class.human_attribute_name(attribute, :default => attr_name)
+      I18n.t(:"errors.format", {
+        :default   => "%{attribute} %{message}",
+        :attribute => attr_name,
+        :message   => message
+      })
     end
 
     # Translates an error message in its default scope
@@ -311,13 +303,17 @@ module ActiveModel
     def generate_message(attribute, type = :invalid, options = {})
       type = options.delete(:message) if options[:message].is_a?(Symbol)
 
-      defaults = @base.class.lookup_ancestors.map do |klass|
-        [ :"#{@base.class.i18n_scope}.errors.models.#{klass.model_name.i18n_key}.attributes.#{attribute}.#{type}",
-          :"#{@base.class.i18n_scope}.errors.models.#{klass.model_name.i18n_key}.#{type}" ]
+      if @base.class.respond_to?(:i18n_scope)
+        defaults = @base.class.lookup_ancestors.map do |klass|
+          [ :"#{@base.class.i18n_scope}.errors.models.#{klass.model_name.i18n_key}.attributes.#{attribute}.#{type}",
+            :"#{@base.class.i18n_scope}.errors.models.#{klass.model_name.i18n_key}.#{type}" ]
+        end
+      else
+        defaults = []
       end
 
       defaults << options.delete(:message)
-      defaults << :"#{@base.class.i18n_scope}.errors.messages.#{type}"
+      defaults << :"#{@base.class.i18n_scope}.errors.messages.#{type}" if @base.class.respond_to?(:i18n_scope)
       defaults << :"errors.attributes.#{attribute}.#{type}"
       defaults << :"errors.messages.#{type}"
 
@@ -336,5 +332,21 @@ module ActiveModel
 
       I18n.translate(key, options)
     end
+
+  private
+    def normalize_message(attribute, message, options)
+      message ||= :invalid
+
+      if message.is_a?(Symbol)
+        generate_message(attribute, message, options.except(*CALLBACKS_OPTIONS))
+      elsif message.is_a?(Proc)
+        message.call
+      else
+        message
+      end
+    end
+  end
+
+  class StrictValidationFailed < StandardError
   end
 end

data/lib/active_model/lint.rb

@@ -43,6 +43,16 @@ module ActiveModel
         assert model.to_param.nil?, "to_param should return nil when `persisted?` returns false"
       end
 
+      # == Responds to <tt>to_partial_path</tt>
+      #
+      # Returns a string giving a relative path.  This is used for looking up
+      # partials. For example, a BlogPost model might return "blog_posts/blog_post"
+      #
+      def test_to_partial_path
+        assert model.respond_to?(:to_partial_path), "The model should respond to to_partial_path"
+        assert_kind_of String, model.to_partial_path
+      end
+
       # == Responds to <tt>valid?</tt>
       #
       # Returns a boolean that specifies whether the object is in a valid or invalid
@@ -66,15 +76,14 @@ module ActiveModel
 
       # == Naming
       #
-      # Model.model_name must return a string with some convenience methods as
-      # :human and :partial_path. Check ActiveModel::Naming for more information.
+      # Model.model_name must return a string with some convenience methods:
+      # :human, :singular, and :plural. Check ActiveModel::Naming for more information.
       #
       def test_model_naming
         assert model.class.respond_to?(:model_name), "The model should respond to model_name"
         model_name = model.class.model_name
         assert_kind_of String, model_name
         assert_kind_of String, model_name.human
-        assert_kind_of String, model_name.partial_path
         assert_kind_of String, model_name.singular
         assert_kind_of String, model_name.plural
       end

data/lib/active_model/mass_assignment_security.rb

@@ -1,6 +1,8 @@
-require 'active_support/core_ext/class/attribute.rb'
+require 'active_support/core_ext/class/attribute'
+require 'active_support/core_ext/string/inflections'
 require 'active_support/core_ext/array/wrap'
 require 'active_model/mass_assignment_security/permission_set'
+require 'active_model/mass_assignment_security/sanitizer'
 
 module ActiveModel
   # = Active Model Mass-Assignment Security
@@ -11,6 +13,9 @@ module ActiveModel
       class_attribute :_accessible_attributes
       class_attribute :_protected_attributes
       class_attribute :_active_authorizer
+
+      class_attribute :_mass_assignment_sanitizer
+      self.mass_assignment_sanitizer = :logger
     end
 
     # Mass assignment security provides an interface for protecting attributes
@@ -42,6 +47,16 @@ module ActiveModel
     #
     #   end
     #
+    # = Configuration options
+    #
+    # * <tt>mass_assignment_sanitizer</tt> - Defines sanitize method. Possible values are:
+    #   * <tt>:logger</tt> (default) - writes filtered attributes to logger
+    #   * <tt>:strict</tt> - raise <tt>ActiveModel::MassAssignmentSecurity::Error</tt> on any protected attribute update
+    #
+    # You can specify your own sanitizer object eg. MySanitizer.new.
+    # See <tt>ActiveModel::MassAssignmentSecurity::LoggerSanitizer</tt> for example implementation.
+    #
+    # 
     module ClassMethods
       # Attributes named in this macro are protected from mass-assignment
       # whenever attributes are sanitized before assignment. A role for the
@@ -184,21 +199,25 @@ module ActiveModel
         []
       end
 
+      def mass_assignment_sanitizer=(value)
+        self._mass_assignment_sanitizer = if value.is_a?(Symbol)
+          const_get(:"#{value.to_s.camelize}Sanitizer").new(self)
+        else
+          value
+        end
+      end
+
       private
 
       def protected_attributes_configs
         self._protected_attributes ||= begin
-          default_black_list = BlackList.new(attributes_protected_by_default).tap do |w|
-            w.logger = self.logger if self.respond_to?(:logger)
-          end
-          Hash.new(default_black_list)
+          Hash.new { |h,k| h[k] = BlackList.new(attributes_protected_by_default) }
         end
       end
 
       def accessible_attributes_configs
         self._accessible_attributes ||= begin
-          default_white_list = WhiteList.new.tap { |w| w.logger = self.logger if self.respond_to?(:logger) }
-          Hash.new(default_white_list)
+          Hash.new { |h,k| h[k] = WhiteList.new }
         end
       end
     end
@@ -206,7 +225,7 @@ module ActiveModel
   protected
 
     def sanitize_for_mass_assignment(attributes, role = :default)
-      mass_assignment_authorizer(role).sanitize(attributes)
+      _mass_assignment_sanitizer.sanitize(attributes, mass_assignment_authorizer(role))
     end
 
     def mass_assignment_authorizer(role = :default)

data/lib/active_model/mass_assignment_security/permission_set.rb

@@ -1,10 +1,8 @@
 require 'set'
-require 'active_model/mass_assignment_security/sanitizer'
 
 module ActiveModel
   module MassAssignmentSecurity
     class PermissionSet < Set
-      attr_accessor :logger
 
       def +(values)
         super(values.map(&:to_s))
@@ -14,15 +12,18 @@ module ActiveModel
         super(remove_multiparameter_id(key))
       end
 
+      def deny?(key)
+        raise NotImplementedError, "#deny?(key) suppose to be overwritten"
+      end
+
     protected
 
       def remove_multiparameter_id(key)
-        key.to_s.gsub(/\(.+/m, '')
+        key.to_s.gsub(/\(.+/, '')
       end
     end
 
     class WhiteList < PermissionSet
-      include Sanitizer
 
       def deny?(key)
         !include?(key)
@@ -30,7 +31,6 @@ module ActiveModel
     end
 
     class BlackList < PermissionSet
-      include Sanitizer
 
       def deny?(key)
         include?(key)