activemodel 3.2.22.5 → 4.0.0.beta1

data/lib/active_model/railtie.rb

@@ -1,2 +1,12 @@
 require "active_model"
-require "rails"
+require "rails"
+
+module ActiveModel
+  class Railtie < Rails::Railtie # :nodoc:
+    config.eager_load_namespaces << ActiveModel
+
+    initializer "active_model.secure_password" do
+      ActiveModel::SecurePassword.min_cost = Rails.env.test?
+    end
+  end
+end

data/lib/active_model/secure_password.rb

@@ -2,15 +2,23 @@ module ActiveModel
   module SecurePassword
     extend ActiveSupport::Concern
 
+    class << self; attr_accessor :min_cost; end
+    self.min_cost = false
+
     module ClassMethods
       # Adds methods to set and authenticate against a BCrypt password.
       # This mechanism requires you to have a password_digest attribute.
       #
-      # Validations for presence of password, confirmation of password (using
-      # a "password_confirmation" attribute) are automatically added.
-      # You can add more validations by hand if need be.
+      # Validations for presence of password on create, confirmation of password
+      # (using a +password_confirmation+ attribute) are automatically added. If
+      # you wish to turn off validations, pass <tt>validations: false</tt> as an
+      # argument. You can add more validations by hand if need be.
+      #
+      # If you don't need the confirmation validation, just don't set any
+      # value to the password_confirmation attribute and the the validation
+      # will not be triggered.
       #
-      # You need to add bcrypt-ruby (~> 3.0.0) to Gemfile to use has_secure_password:
+      # You need to add bcrypt-ruby (~> 3.0.0) to Gemfile to use #has_secure_password:
       #
       #   gem 'bcrypt-ruby', '~> 3.0.0'
       #
@@ -21,31 +29,36 @@ module ActiveModel
       #     has_secure_password
       #   end
       #
-      #   user = User.new(:name => "david", :password => "", :password_confirmation => "nomatch")
+      #   user = User.new(name: 'david', password: '', password_confirmation: 'nomatch')
       #   user.save                                                      # => false, password required
-      #   user.password = "mUc3m00RsqyRe"
+      #   user.password = 'mUc3m00RsqyRe'
       #   user.save                                                      # => false, confirmation doesn't match
-      #   user.password_confirmation = "mUc3m00RsqyRe"
+      #   user.password_confirmation = 'mUc3m00RsqyRe'
       #   user.save                                                      # => true
-      #   user.authenticate("notright")                                  # => false
-      #   user.authenticate("mUc3m00RsqyRe")                             # => user
-      #   User.find_by_name("david").try(:authenticate, "notright")      # => nil
-      #   User.find_by_name("david").try(:authenticate, "mUc3m00RsqyRe") # => user
-      def has_secure_password
+      #   user.authenticate('notright')                                  # => false
+      #   user.authenticate('mUc3m00RsqyRe')                             # => user
+      #   User.find_by_name('david').try(:authenticate, 'notright')      # => false
+      #   User.find_by_name('david').try(:authenticate, 'mUc3m00RsqyRe') # => user
+      def has_secure_password(options = {})
         # Load bcrypt-ruby only when has_secure_password is used.
-        # This is to avoid ActiveModel (and by extension the entire framework) being dependent on a binary library.
+        # This is to avoid ActiveModel (and by extension the entire framework)
+        # being dependent on a binary library.
         gem 'bcrypt-ruby', '~> 3.0.0'
         require 'bcrypt'
 
         attr_reader :password
 
-        validates_confirmation_of :password
-        validates_presence_of     :password_digest
+        if options.fetch(:validations, true)
+          validates_confirmation_of :password
+          validates_presence_of     :password, :on => :create
+
+          before_create { raise "Password digest missing on new record" if password_digest.blank? }
+        end
 
         include InstanceMethodsOnActivation
 
         if respond_to?(:attributes_protected_by_default)
-          def self.attributes_protected_by_default
+          def self.attributes_protected_by_default #:nodoc:
             super + ['password_digest']
           end
         end
@@ -53,20 +66,37 @@ module ActiveModel
     end
 
     module InstanceMethodsOnActivation
-      # Returns self if the password is correct, otherwise false.
+      # Returns +self+ if the password is correct, otherwise +false+.
+      #
+      #   class User < ActiveRecord::Base
+      #     has_secure_password validations: false
+      #   end
+      #
+      #   user = User.new(name: 'david', password: 'mUc3m00RsqyRe')
+      #   user.save
+      #   user.authenticate('notright')      # => false
+      #   user.authenticate('mUc3m00RsqyRe') # => user
       def authenticate(unencrypted_password)
-        if BCrypt::Password.new(password_digest) == unencrypted_password
-          self
-        else
-          false
-        end
+        BCrypt::Password.new(password_digest) == unencrypted_password && self
       end
 
-      # Encrypts the password into the password_digest attribute.
+      # Encrypts the password into the +password_digest+ attribute, only if the
+      # new password is not blank.
+      #
+      #   class User < ActiveRecord::Base
+      #     has_secure_password validations: false
+      #   end
+      #
+      #   user = User.new
+      #   user.password = nil
+      #   user.password_digest # => nil
+      #   user.password = 'mUc3m00RsqyRe'
+      #   user.password_digest # => "$2a$10$4LEA7r4YmNHtvlAvHhsYAeZmk/xeUVtMTYqwIvYY76EW5GUqDiP4."
       def password=(unencrypted_password)
-        @password = unencrypted_password
         unless unencrypted_password.blank?
-          self.password_digest = BCrypt::Password.create(unencrypted_password)
+          @password = unencrypted_password
+          cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine::DEFAULT_COST
+          self.password_digest = BCrypt::Password.create(unencrypted_password, cost: cost)
         end
       end
     end

data/lib/active_model/serialization.rb

@@ -1,25 +1,21 @@
 require 'active_support/core_ext/hash/except'
 require 'active_support/core_ext/hash/slice'
-require 'active_support/core_ext/array/wrap'
-
 
 module ActiveModel
-  # == Active Model Serialization
+  # == Active \Model \Serialization
   #
   # Provides a basic serialization to a serializable_hash for your object.
   #
   # A minimal implementation could be:
   #
   #   class Person
-  #
   #     include ActiveModel::Serialization
   #
   #     attr_accessor :name
   #
   #     def attributes
-  #       {'name' => name}
+  #       {'name' => nil}
   #     end
-  #
   #   end
   #
   # Which would provide you with:
@@ -29,27 +25,28 @@ module ActiveModel
   #   person.name = "Bob"
   #   person.serializable_hash   # => {"name"=>"Bob"}
   #
-  # You need to declare some sort of attributes hash which contains the attributes
-  # you want to serialize and their current value.
+  # You need to declare an attributes hash which contains the attributes you
+  # want to serialize. Attributes must be strings, not symbols. When called,
+  # serializable hash will use instance methods that match the name of the
+  # attributes hash's keys. In order to override this behavior, take a look at
+  # the private method +read_attribute_for_serialization+.
   #
   # Most of the time though, you will want to include the JSON or XML
   # serializations. Both of these modules automatically include the
-  # ActiveModel::Serialization module, so there is no need to explicitly
-  # include it.
+  # <tt>ActiveModel::Serialization</tt> module, so there is no need to
+  # explicitly include it.
   #
-  # So a minimal implementation including XML and JSON would be:
+  # A minimal implementation including XML and JSON would be:
   #
   #   class Person
-  #
   #     include ActiveModel::Serializers::JSON
   #     include ActiveModel::Serializers::Xml
   #
   #     attr_accessor :name
   #
   #     def attributes
-  #       {'name' => name}
+  #       {'name' => nil}
   #     end
-  #
   #   end
   #
   # Which would provide you with:
@@ -66,27 +63,55 @@ module ActiveModel
   #   person.to_json             # => "{\"name\":\"Bob\"}"
   #   person.to_xml              # => "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<serial-person...
   #
-  # Valid options are <tt>:only</tt>, <tt>:except</tt> and <tt>:methods</tt> .
+  # Valid options are <tt>:only</tt>, <tt>:except</tt>, <tt>:methods</tt> and
+  # <tt>:include</tt>. The following are all valid examples:
+  #
+  #   person.serializable_hash(only: 'name')
+  #   person.serializable_hash(include: :address)
+  #   person.serializable_hash(include: { address: { only: 'city' }})
   module Serialization
+    # Returns a serialized hash of your object.
+    #
+    #   class Person
+    #     include ActiveModel::Serialization
+    #
+    #     attr_accessor :name, :age
+    #
+    #     def attributes
+    #       {'name' => nil, 'age' => nil}
+    #     end
+    #
+    #     def capitalized_name
+    #       name.capitalize
+    #     end
+    #   end
+    #
+    #   person = Person.new
+    #   person.name = 'bob'
+    #   person.age  = 22
+    #   person.serializable_hash                # => {"name"=>"bob", "age"=>22}
+    #   person.serializable_hash(only: :name)   # => {"name"=>"bob"}
+    #   person.serializable_hash(except: :name) # => {"age"=>22}
+    #   person.serializable_hash(methods: :capitalized_name)
+    #   # => {"name"=>"bob", "age"=>22, "capitalized_name"=>"Bob"}
     def serializable_hash(options = nil)
       options ||= {}
 
-      attribute_names = attributes.keys.sort
+      attribute_names = attributes.keys
       if only = options[:only]
-        attribute_names &= Array.wrap(only).map(&:to_s)
+        attribute_names &= Array(only).map(&:to_s)
       elsif except = options[:except]
-        attribute_names -= Array.wrap(except).map(&:to_s)
+        attribute_names -= Array(except).map(&:to_s)
       end
 
       hash = {}
       attribute_names.each { |n| hash[n] = read_attribute_for_serialization(n) }
 
-      method_names = Array.wrap(options[:methods]).select { |n| respond_to?(n) }
-      method_names.each { |n| hash[n] = send(n) }
+      Array(options[:methods]).each { |m| hash[m.to_s] = send(m) if respond_to?(m) }
 
       serializable_add_includes(options) do |association, records, opts|
-        hash[association] = if records.is_a?(Enumerable)
-          records.map { |a| a.serializable_hash(opts) }
+        hash[association.to_s] = if records.respond_to?(:to_ary)
+          records.to_ary.map { |a| a.serializable_hash(opts) }
         else
           records.serializable_hash(opts)
         end
@@ -113,7 +138,6 @@ module ActiveModel
       #       @data[key]
       #     end
       #   end
-      #
       alias :read_attribute_for_serialization :send
 
       # Add associations specified via the <tt>:include</tt> option.
@@ -123,13 +147,13 @@ module ActiveModel
       #   +records+     - the association record(s) to be serialized
       #   +opts+        - options for the association records
       def serializable_add_includes(options = {}) #:nodoc:
-        return unless include = options[:include]
+        return unless includes = options[:include]
 
-        unless include.is_a?(Hash)
-          include = Hash[Array.wrap(include).map { |n| n.is_a?(Hash) ? n.to_a.first : [n, {}] }]
+        unless includes.is_a?(Hash)
+          includes = Hash[Array(includes).map { |n| n.is_a?(Hash) ? n.to_a.first : [n, {}] }]
         end
 
-        include.each do |association, opts|
+        includes.each do |association, opts|
           if records = send(association)
             yield association, records, opts
           end

data/lib/active_model/serializers/json.rb

@@ -1,5 +1,4 @@
 require 'active_support/json'
-require 'active_support/core_ext/class/attribute'
 
 module ActiveModel
   module Serializers
@@ -12,83 +11,87 @@ module ActiveModel
         extend ActiveModel::Naming
 
         class_attribute :include_root_in_json
-        self.include_root_in_json = true
+        self.include_root_in_json = false
       end
 
       # Returns a hash representing the model. Some configuration can be
       # passed through +options+.
       #
       # The option <tt>include_root_in_json</tt> controls the top-level behavior
-      # of +as_json+. If true (the default) +as_json+ will emit a single root
-      # node named after the object's type. For example:
+      # of +as_json+. If +true+, +as_json+ will emit a single root node named
+      # after the object's type. The default value for <tt>include_root_in_json</tt>
+      # option is +false+.
       #
       #   user = User.find(1)
       #   user.as_json
-      #   # => { "user": {"id": 1, "name": "Konata Izumi", "age": 16,
-      #                   "created_at": "2006/08/01", "awesome": true} }
+      #   # => { "id" => 1, "name" => "Konata Izumi", "age" => 16,
+      #   #     "created_at" => "2006/08/01", "awesome" => true}
+      #
+      #   ActiveRecord::Base.include_root_in_json = true
       #
-      #   ActiveRecord::Base.include_root_in_json = false
       #   user.as_json
-      #   # => {"id": 1, "name": "Konata Izumi", "age": 16,
-      #         "created_at": "2006/08/01", "awesome": true}
+      #   # => { "user" => { "id" => 1, "name" => "Konata Izumi", "age" => 16,
+      #   #                  "created_at" => "2006/08/01", "awesome" => true } }
       #
-      # This behavior can also be achieved by setting the <tt>:root</tt> option to +false+ as in:
+      # This behavior can also be achieved by setting the <tt>:root</tt> option
+      # to +true+ as in:
       #
       #   user = User.find(1)
-      #   user.as_json(root: false)
-      #   # =>  {"id": 1, "name": "Konata Izumi", "age": 16,
-      #          "created_at": "2006/08/01", "awesome": true}
-      #
-      # The remainder of the examples in this section assume include_root_in_json is set to
-      # <tt>false</tt>.
+      #   user.as_json(root: true)
+      #   # => { "user" => { "id" => 1, "name" => "Konata Izumi", "age" => 16,
+      #   #                  "created_at" => "2006/08/01", "awesome" => true } }
       #
       # Without any +options+, the returned Hash will include all the model's
-      # attributes. For example:
+      # attributes.
       #
       #   user = User.find(1)
       #   user.as_json
-      #   # => {"id": 1, "name": "Konata Izumi", "age": 16,
-      #         "created_at": "2006/08/01", "awesome": true}
+      #   # => { "id" => 1, "name" => "Konata Izumi", "age" => 16,
+      #   #      "created_at" => "2006/08/01", "awesome" => true}
       #
-      # The <tt>:only</tt> and <tt>:except</tt> options can be used to limit the attributes
-      # included, and work similar to the +attributes+ method. For example:
+      # The <tt>:only</tt> and <tt>:except</tt> options can be used to limit
+      # the attributes included, and work similar to the +attributes+ method.
       #
-      #   user.as_json(:only => [ :id, :name ])
-      #   # => {"id": 1, "name": "Konata Izumi"}
+      #   user.as_json(only: [:id, :name])
+      #   # => { "id" => 1, "name" => "Konata Izumi" }
       #
-      #   user.as_json(:except => [ :id, :created_at, :age ])
-      #   # => {"name": "Konata Izumi", "awesome": true}
+      #   user.as_json(except: [:id, :created_at, :age])
+      #   # => { "name" => "Konata Izumi", "awesome" => true }
       #
       # To include the result of some method calls on the model use <tt>:methods</tt>:
       #
-      #   user.as_json(:methods => :permalink)
-      #   # => {"id": 1, "name": "Konata Izumi", "age": 16,
-      #         "created_at": "2006/08/01", "awesome": true,
-      #         "permalink": "1-konata-izumi"}
+      #   user.as_json(methods: :permalink)
+      #   # => { "id" => 1, "name" => "Konata Izumi", "age" => 16,
+      #   #      "created_at" => "2006/08/01", "awesome" => true,
+      #   #      "permalink" => "1-konata-izumi" }
       #
       # To include associations use <tt>:include</tt>:
       #
-      #   user.as_json(:include => :posts)
-      #   # => {"id": 1, "name": "Konata Izumi", "age": 16,
-      #         "created_at": "2006/08/01", "awesome": true,
-      #         "posts": [{"id": 1, "author_id": 1, "title": "Welcome to the weblog"},
-      #                   {"id": 2, author_id: 1, "title": "So I was thinking"}]}
+      #   user.as_json(include: :posts)
+      #   # => { "id" => 1, "name" => "Konata Izumi", "age" => 16,
+      #   #      "created_at" => "2006/08/01", "awesome" => true,
+      #   #      "posts" => [ { "id" => 1, "author_id" => 1, "title" => "Welcome to the weblog" },
+      #   #                   { "id" => 2, "author_id" => 1, "title" => "So I was thinking" } ] }
       #
       # Second level and higher order associations work as well:
       #
-      #   user.as_json(:include => { :posts => {
-      #                                  :include => { :comments => {
-      #                                                :only => :body } },
-      #                                  :only => :title } })
-      #   # => {"id": 1, "name": "Konata Izumi", "age": 16,
-      #         "created_at": "2006/08/01", "awesome": true,
-      #         "posts": [{"comments": [{"body": "1st post!"}, {"body": "Second!"}],
-      #                    "title": "Welcome to the weblog"},
-      #                   {"comments": [{"body": "Don't think too hard"}],
-      #                    "title": "So I was thinking"}]}
+      #   user.as_json(include: { posts: {
+      #                              include: { comments: {
+      #                                             only: :body } },
+      #                              only: :title } })
+      #   # => { "id" => 1, "name" => "Konata Izumi", "age" => 16,
+      #   #      "created_at" => "2006/08/01", "awesome" => true,
+      #   #      "posts" => [ { "comments" => [ { "body" => "1st post!" }, { "body" => "Second!" } ],
+      #   #                     "title" => "Welcome to the weblog" },
+      #   #                   { "comments" => [ { "body" => "Don't think too hard" } ],
+      #   #                     "title" => "So I was thinking" } ] }
       def as_json(options = nil)
-        root = include_root_in_json
-        root = options[:root] if options.try(:key?, :root)
+        root = if options && options.key?(:root)
+          options[:root]
+        else
+          include_root_in_json
+        end
+
         if root
           root = self.class.model_name.element if root == true
           { root => serializable_hash(options) }
@@ -97,6 +100,40 @@ module ActiveModel
         end
       end
 
+      # Sets the model +attributes+ from a JSON string. Returns +self+.
+      #
+      #   class Person
+      #     include ActiveModel::Serializers::JSON
+      #
+      #     attr_accessor :name, :age, :awesome
+      #
+      #     def attributes=(hash)
+      #       hash.each do |key, value|
+      #         instance_variable_set("@#{key}", value)
+      #       end
+      #     end
+      #
+      #     def attributes
+      #       instance_values
+      #     end
+      #   end
+      #
+      #   json = { name: 'bob', age: 22, awesome:true }.to_json
+      #   person = Person.new
+      #   person.from_json(json) # => #<Person:0x007fec5e7a0088 @age=22, @awesome=true, @name="bob">
+      #   person.name            # => "bob"
+      #   person.age             # => 22
+      #   person.awesome         # => true
+      #
+      # The default value for +include_root+ is +false+. You can change it to
+      # +true+ if the given JSON string includes a single root node.
+      #
+      #   json = { person: { name: 'bob', age: 22, awesome:true } }.to_json
+      #   person = Person.new
+      #   person.from_json(json) # => #<Person:0x007fec5e7a0088 @age=22, @awesome=true, @name="bob">
+      #   person.name            # => "bob"
+      #   person.age             # => 22
+      #   person.awesome         # => true
       def from_json(json, include_root=include_root_in_json)
         hash = ActiveSupport::JSON.decode(json)
         hash = hash.values.first if include_root