activemodel 7.0.7.2 → 7.1.0.beta1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f97563d17d52d86cc7cde3cbe935f55c036b294049567a49b2cfd98767e9cd5f
-  data.tar.gz: d0bd60e30fe1b9b39af93ac35412bb1f1da51cf2f2d764855d273bfbfa17698d
+  metadata.gz: 7bead2532e6ee2356d90a899c3f4b72a130b214f5c98b7db0cc37fe1f2fffbb7
+  data.tar.gz: fb9bd5f3c104cf093adfe01097f5032a60605d8d933b32acf4f11575d0857172
 SHA512:
-  metadata.gz: daf75a5d743bb72248523172e5e2d3bd852de1cfbf592ad8782b9bd0dc91282e89985dbf08ff65cdde459165b81df419324d55da8b69cb57988e52f99d106272
-  data.tar.gz: 2946a192133ae988942d68b2648c5241bba0cbb59137bd9e1b8ca0ed1933d40e04554130bb5a2493f564c4a69b53b2a74f5a70e0ce5f90845fe9aa24b9caa565
+  metadata.gz: 21ca777c14c33a0383e08ca5e3d62e478d7d62d104119675be305b5c1365624d3676bd6e21f6d9dee081cfc3d6c44c9e9e2b5dd362b6a3ecd108f3430c0b58ed
+  data.tar.gz: 1f251ea6da1c7d4cf7f0e6a404fd724d534488518e5c528eeaa6b31843655290ea181d6adcc47e6477863a19543af426bef904b2f6b3835826ad6d9545710876

data/CHANGELOG.md

@@ -1,14 +1,18 @@
-## Rails 7.0.7.2 (August 22, 2023) ##
+## Rails 7.1.0.beta1 (September 13, 2023) ##
 
-*   No changes.
+*   Support composite identifiers in `to_key`
 
+    `to_key` avoids wrapping `#id` value into an `Array` if `#id` already an array
 
-## Rails 7.0.7.1 (August 22, 2023) ##
+    *Nikita Vasilevsky*
 
-*   No changes.
+*   Add `ActiveModel::Conversion.param_delimiter` to configure delimiter being used in `to_param`
 
+    *Nikita Vasilevsky*
 
-## Rails 7.0.7 (August 09, 2023) ##
+*   `undefine_attribute_methods` undefines alias attribute methods along with attribute methods.
+
+    *Nikita Vasilevsky*
 
 *   Error.full_message now strips ":base" from the message.
 
@@ -17,243 +21,185 @@
 *   Add a load hook for `ActiveModel::Model` (named `active_model`) to match the load hook for
     `ActiveRecord::Base` and allow for overriding aspects of the `ActiveModel::Model` class.
 
+    *Lewis Buckley*
 
-## Rails 7.0.6 (June 29, 2023) ##
-
-*   No changes.
-
-
-## Rails 7.0.5.1 (June 26, 2023) ##
-
-*   No changes.
-
-
-## Rails 7.0.5 (May 24, 2023) ##
-
-*   No changes.
-
-
-## Rails 7.0.4.3 (March 13, 2023) ##
-
-*   No changes.
-
-
-## Rails 7.0.4.2 (January 24, 2023) ##
+*   Improve password length validation in ActiveModel::SecurePassword to consider byte size for BCrypt
+    compatibility.
 
-*   No changes.
+    The previous password length validation only considered the character count, which may not
+    accurately reflect the 72-byte size limit imposed by BCrypt. This change updates the validation
+    to consider both character count and byte size while keeping the character length validation in place.
 
-
-## Rails 7.0.4.1 (January 17, 2023) ##
-
-*   No changes.
+    ```ruby
+    user = User.new(password: "a" * 73)  # 73 characters
+    user.valid? # => false
+    user.errors[:password] # => ["is too long"]
 
 
-## Rails 7.0.4 (September 09, 2022) ##
+    user = User.new(password: "あ" * 25)  # 25 characters, 75 bytes
+    user.valid? # => false
+    user.errors[:password] # => ["is too long"]
+    ```
 
-*   Handle name clashes in attribute methods code generation cache.
+    *ChatGPT*, *Guillermo Iguaran*
 
-    When two distinct attribute methods would generate similar names,
-    the first implementation would be incorrectly re-used.
+*   `has_secure_password` now generates an `#{attribute}_salt` method that returns the salt
+    used to compute the password digest. The salt will change whenever the password is changed,
+    so it can be used to create single-use password reset tokens with `generates_token_for`:
 
     ```ruby
-    class A
-      attribute_method_suffix "_changed?"
-      define_attribute_methods :x
-    end
+    class User < ActiveRecord::Base
+      has_secure_password
 
-    class B
-      attribute_method_suffix "?"
-      define_attribute_methods :x_changed
+      generates_token_for :password_reset, expires_in: 15.minutes do
+        password_salt&.last(10)
+      end
     end
     ```
 
-    *Jean Boussier*
-
-## Rails 7.0.3.1 (July 12, 2022) ##
-
-*   No changes.
-
-
-## Rails 7.0.3 (May 09, 2022) ##
-
-*   No changes.
-
-
-## Rails 7.0.2.4 (April 26, 2022) ##
-
-*   No changes.
-
-
-## Rails 7.0.2.3 (March 08, 2022) ##
-
-*   No changes.
-
-
-## Rails 7.0.2.2 (February 11, 2022) ##
-
-*   No changes.
-
-
-## Rails 7.0.2.1 (February 11, 2022) ##
-
-*   No changes.
-
-
-## Rails 7.0.2 (February 08, 2022) ##
-
-*   Use different cache namespace for proxy calls
-
-    Models can currently have different attribute bodies for the same method
-    names, leading to conflicts. Adding a new namespace `:active_model_proxy`
-    fixes the issue.
-
-    *Chris Salzberg*
-
-
-## Rails 7.0.1 (January 06, 2022) ##
-
-*   No changes.
-
+    *Lázaro Nixon*
 
-## Rails 7.0.0 (December 15, 2021) ##
+*   Improve typography of user facing error messages. In English contractions,
+    the Unicode APOSTROPHE (`U+0027`) is now RIGHT SINGLE QUOTATION MARK
+    (`U+2019`). For example, "can't be blank" is now "can’t be blank".
 
-*   No changes.
+    *Jon Dufresne*
 
+*   Add class to `ActiveModel::MissingAttributeError` error message.
 
-## Rails 7.0.0.rc3 (December 14, 2021) ##
+    Show which class is missing the attribute in the error message:
 
-*   No changes.
-
-
-## Rails 7.0.0.rc2 (December 14, 2021) ##
-
-*   No changes.
-
-## Rails 7.0.0.rc1 (December 06, 2021) ##
-
-*   Remove support to Marshal load Rails 5.x `ActiveModel::AttributeSet` format.
-
-    *Rafael Mendonça França*
-
-*   Remove support to Marshal and YAML load Rails 5.x error format.
-
-    *Rafael Mendonça França*
-
-*   Remove deprecated support to use `[]=` in `ActiveModel::Errors#messages`.
-
-    *Rafael Mendonça França*
-
-*   Remove deprecated support to `delete` errors from `ActiveModel::Errors#messages`.
-
-    *Rafael Mendonça França*
-
-*   Remove deprecated support to `clear` errors from `ActiveModel::Errors#messages`.
-
-    *Rafael Mendonça França*
+    ```ruby
+    user = User.first
+    user.pets.select(:id).first.user_id
+    # => ActiveModel::MissingAttributeError: missing attribute 'user_id' for Pet
+    ```
 
-*   Remove deprecated support concat errors to `ActiveModel::Errors#messages`.
+    *Petrik de Heus*
 
-    *Rafael Mendonça França*
+*   Raise `NoMethodError` in `ActiveModel::Type::Value#as_json` to avoid unpredictable
+    results.
 
-*   Remove deprecated `ActiveModel::Errors#to_xml`.
+    *Vasiliy Ermolovich*
 
-    *Rafael Mendonça França*
+*   Custom attribute types that inherit from Active Model built-in types and do
+    not override the `serialize` method will now benefit from an optimization
+    when serializing attribute values for the database.
 
-*   Remove deprecated `ActiveModel::Errors#keys`.
+    For example, with a custom type like the following:
 
-    *Rafael Mendonça França*
+    ```ruby
+    class DowncasedString < ActiveModel::Type::String
+      def cast(value)
+        super&.downcase
+      end
+    end
 
-*   Remove deprecated `ActiveModel::Errors#values`.
+    ActiveRecord::Type.register(:downcased_string, DowncasedString)
 
-    *Rafael Mendonça França*
+    class User < ActiveRecord::Base
+      attribute :email, :downcased_string
+    end
 
-*   Remove deprecated `ActiveModel::Errors#slice!`.
+    user = User.new(email: "FooBar@example.com")
+    ```
 
-    *Rafael Mendonça França*
+    Serializing the `email` attribute for the database will be roughly twice as
+    fast.  More expensive `cast` operations will likely see greater improvements.
 
-*   Remove deprecated `ActiveModel::Errors#to_h`.
+    *Jonathan Hefner*
 
-    *Rafael Mendonça França*
+*   `has_secure_password` now supports password challenges via a
+    `password_challenge` accessor and validation.
 
-*   Remove deprecated enumeration of `ActiveModel::Errors` instances as a Hash.
+    A password challenge is a safeguard to verify that the current user is
+    actually the password owner.  It can be used when changing sensitive model
+    fields, such as the password itself.  It is different than a password
+    confirmation, which is used to prevent password typos.
 
-    *Rafael Mendonça França*
+    When `password_challenge` is set, the validation checks that the value's
+    digest matches the *currently persisted* `password_digest` (i.e.
+    `password_digest_was`).
 
-*   Clear secure password cache if password is set to `nil`
+    This allows a password challenge to be done as part of a typical `update`
+    call, just like a password confirmation.  It also allows a password
+    challenge error to be handled in the same way as other validation errors.
 
-    Before:
+    For example, in the controller, instead of:
 
-       user.password = 'something'
-       user.password = nil
+    ```ruby
+    password_params = params.require(:password).permit(
+      :password_challenge,
+      :password,
+      :password_confirmation,
+    )
 
-       user.password # => 'something'
+    password_challenge = password_params.delete(:password_challenge)
+    @password_challenge_failed = !current_user.authenticate(password_challenge)
 
-    Now:
+    if !@password_challenge_failed && current_user.update(password_params)
+      # ...
+    end
+    ```
 
-       user.password = 'something'
-       user.password = nil
+    You can now write:
 
-       user.password # => nil
+    ```ruby
+    password_params = params.require(:password).permit(
+      :password_challenge,
+      :password,
+      :password_confirmation,
+    ).with_defaults(password_challenge: "")
+
+    if current_user.update(password_params)
+      # ...
+    end
+    ```
 
-    *Markus Doits*
+    And, in the view, instead of checking `@password_challenge_failed`, you can
+    render an error for the `password_challenge` field just as you would for
+    other form fields, including utilizing `config.action_view.field_error_proc`.
 
-## Rails 7.0.0.alpha2 (September 15, 2021) ##
+    *Jonathan Hefner*
 
-*   No changes.
+*   Support infinite ranges for `LengthValidator`s `:in`/`:within` options
 
+    ```ruby
+    validates_length_of :first_name, in: ..30
+    ```
 
-## Rails 7.0.0.alpha1 (September 15, 2021) ##
+    *fatkodima*
 
-*   Introduce `ActiveModel::API`.
+*   Add support for beginless ranges to inclusivity/exclusivity validators:
 
-    Make `ActiveModel::API` the minimum API to talk with Action Pack and Action View.
-    This will allow adding more functionality to `ActiveModel::Model`.
+    ```ruby
+    validates_inclusion_of :birth_date, in: -> { (..Date.today) }
+    ```
 
-    *Petrik de Heus*, *Nathaniel Watts*
+    *Bo Jeanes*
 
-*   Fix dirty check for Float::NaN and BigDecimal::NaN.
+*   Make validators accept lambdas without record argument
 
-    Float::NaN and BigDecimal::NaN in Ruby are [special values](https://bugs.ruby-lang.org/issues/1720)
-    and can't be compared with `==`.
+    ```ruby
+    # Before
+    validates_comparison_of :birth_date, less_than_or_equal_to: ->(_record) { Date.today }
 
-    *Marcelo Lauxen*
+    # After
+    validates_comparison_of :birth_date, less_than_or_equal_to: -> { Date.today }
+    ```
 
-*   Fix `to_json` for `ActiveModel::Dirty` object.
+    *fatkodima*
 
-    Exclude `mutations_from_database` attribute from json as it lead to recursion.
+*   Fix casting long strings to `Date`, `Time` or `DateTime`
 
-    *Anil Maurya*
+    *fatkodima*
 
-*   Add `ActiveModel::AttributeSet#values_for_database`.
+*   Use different cache namespace for proxy calls
 
-    Returns attributes with values for assignment to the database.
+    Models can currently have different attribute bodies for the same method
+    names, leading to conflicts. Adding a new namespace `:active_model_proxy`
+    fixes the issue.
 
     *Chris Salzberg*
 
-*   Fix delegation in ActiveModel::Type::Registry#lookup and ActiveModel::Type.lookup.
-
-    Passing a last positional argument `{}` would be incorrectly considered as keyword argument.
-
-    *Benoit Daloze*
-
-*   Cache and re-use generated attribute methods.
-
-    Generated methods with identical implementations will now share their instruction sequences
-    leading to reduced memory retention, and slightly faster load time.
-
-    *Jean Boussier*
-
-*   Add `in: range`  parameter to `numericality` validator.
-
-    *Michal Papis*
-
-*   Add `locale` argument to `ActiveModel::Name#initialize` to be used to generate the `singular`,
-   `plural`, `route_key` and `singular_route_key` values.
-
-    *Lukas Pokorny*
-
-*   Make ActiveModel::Errors#inspect slimmer for readability
-
-    *lulalala*
-
-Please check [6-1-stable](https://github.com/rails/rails/blob/6-1-stable/activemodel/CHANGELOG.md) for previous changes.
+Please check [7-0-stable](https://github.com/rails/rails/blob/7-0-stable/activemodel/CHANGELOG.md) for previous changes.

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2004-2022 David Heinemeier Hansson
+Copyright (c) David Heinemeier Hansson
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.rdoc

@@ -1,22 +1,22 @@
-= Active Model -- model interfaces for Rails
+= Active Model -- model interfaces for \Rails
 
 Active Model provides a known set of interfaces for usage in model classes.
 They allow for Action Pack helpers to interact with non-Active Record models,
 for example. Active Model also helps with building custom ORMs for use outside of
-the Rails framework.
+the \Rails framework.
 
-You can read more about Active Model in the {Active Model Basics}[https://edgeguides.rubyonrails.org/active_model_basics.html] guide.
+You can read more about Active Model in the {Active Model Basics}[https://guides.rubyonrails.org/active_model_basics.html] guide.
 
-Prior to Rails 3.0, if a plugin or gem developer wanted to have an object
+Prior to \Rails 3.0, if a plugin or gem developer wanted to have an object
 interact with Action Pack helpers, it was required to either copy chunks of
-code from Rails, or monkey patch entire helpers to make them handle objects
+code from \Rails, or monkey patch entire helpers to make them handle objects
 that did not exactly conform to the Active Record interface. This would result
 in code duplication and fragile applications that broke on upgrades. Active
 Model solves this by defining an explicit API. You can read more about the
-API in <tt>ActiveModel::Lint::Tests</tt>.
+API in +ActiveModel::Lint::Tests+.
 
 Active Model provides a default module that implements the basic API required
-to integrate with Action Pack out of the box: <tt>ActiveModel::API</tt>.
+to integrate with Action Pack out of the box: ActiveModel::API.
 
     class Person
       include ActiveModel::API
@@ -32,7 +32,7 @@ to integrate with Action Pack out of the box: <tt>ActiveModel::API</tt>.
 
 It includes model name introspections, conversions, translations and
 validations, resulting in a class suitable to be used with Action Pack.
-See <tt>ActiveModel::API</tt> for more examples.
+See ActiveModel::API for more examples.
 
 Active Model also provides the following functionality to have ORM-like
 behavior out of the box:
@@ -156,7 +156,7 @@ behavior out of the box:
 
 * Making objects serializable
 
-  <tt>ActiveModel::Serialization</tt> provides a standard interface for your object
+  ActiveModel::Serialization provides a standard interface for your object
   to provide +to_json+ serialization.
 
     class SerialPerson

data/lib/active_model/access.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+require "active_support/core_ext/enumerable"
+require "active_support/core_ext/hash/indifferent_access"
+
+module ActiveModel
+  module Access # :nodoc:
+    def slice(*methods)
+      methods.flatten.index_with { |method| public_send(method) }.with_indifferent_access
+    end
+
+    def values_at(*methods)
+      methods.flatten.map! { |method| public_send(method) }
+    end
+  end
+end

data/lib/active_model/api.rb

@@ -1,10 +1,10 @@
 # frozen_string_literal: true
 
 module ActiveModel
-  # == Active \Model \API
+  # = Active \Model \API
   #
   # Includes the required interface for an object to interact with
-  # Action Pack and Action View, using different Active Model modules.
+  # Action Pack and Action View, using different Active \Model modules.
   # It includes model name introspections, conversions, translations, and
   # validations. Besides that, it allows you to initialize the object with a
   # hash of attributes, pretty much like Active Record does.
@@ -20,7 +20,7 @@ module ActiveModel
   #   person.name # => "bob"
   #   person.age  # => "18"
   #
-  # Note that, by default, <tt>ActiveModel::API</tt> implements <tt>persisted?</tt>
+  # Note that, by default, +ActiveModel::API+ implements #persisted?
   # to return +false+, which is the most common case. You may want to override
   # it in your class to simulate a different scenario:
   #
@@ -36,7 +36,7 @@ module ActiveModel
   #   person = Person.new(id: 1, name: 'bob')
   #   person.persisted? # => true
   #
-  # Also, if for some reason you need to run code on <tt>initialize</tt>, make
+  # Also, if for some reason you need to run code on initialize ( ::new ), make
   # sure you call +super+ if you want the attributes hash initialization to
   # happen.
   #
@@ -54,7 +54,7 @@ module ActiveModel
   #   person.omg # => true
   #
   # For more detailed information on other functionalities available, please
-  # refer to the specific modules included in <tt>ActiveModel::API</tt>
+  # refer to the specific modules included in +ActiveModel::API+
   # (see below).
   module API
     extend ActiveSupport::Concern

data/lib/active_model/attribute/user_provided_default.rb

@@ -4,6 +4,10 @@ require "active_model/attribute"
 
 module ActiveModel
   class Attribute # :nodoc:
+    def with_user_default(value)
+      UserProvidedDefault.new(name, value, type, self.is_a?(FromDatabase) ? self : original_attribute)
+    end
+
     class UserProvidedDefault < FromUser # :nodoc:
       def initialize(name, value, type, database_default)
         @user_provided_value = value

data/lib/active_model/attribute.rb

@@ -53,7 +53,10 @@ module ActiveModel
     end
 
     def value_for_database
-      type.serialize(value)
+      if !defined?(@value_for_database) || type.changed_in_place?(@value_for_database, value)
+        @value_for_database = _value_for_database
+      end
+      @value_for_database
     end
 
     def serializable?(&block)
@@ -159,6 +162,10 @@ module ActiveModel
         assigned? && type.changed?(original_value, value, value_before_type_cast)
       end
 
+      def _value_for_database
+        type.serialize(value)
+      end
+
       def _original_value_for_database
         type.serialize(original_value)
       end
@@ -168,6 +175,19 @@ module ActiveModel
           type.deserialize(value)
         end
 
+        def forgetting_assignment
+          # If this attribute was not persisted (with a `value_for_database`
+          # that might differ from `value_before_type_cast`) and `value` has not
+          # changed in place, we can simply dup this attribute to avoid
+          # deserialize / cast / serialize calls from computing the new
+          # attribute's `value_before_type_cast`.
+          if !defined?(@value_for_database) && !changed_in_place?
+            dup
+          else
+            super
+          end
+        end
+
         private
           def _original_value_for_database
             value_before_type_cast
@@ -182,6 +202,11 @@ module ActiveModel
         def came_from_user?
           !type.value_constructed_by_mass_assignment?(value_before_type_cast)
         end
+
+        private
+          def _value_for_database
+            Type::SerializeCastValue.serialize(type, value)
+          end
       end
 
       class WithCastValue < Attribute # :nodoc:

data/lib/active_model/attribute_assignment.rb

@@ -10,7 +10,7 @@ module ActiveModel
     # keys matching the attribute names.
     #
     # If the passed hash responds to <tt>permitted?</tt> method and the return value
-    # of this method is +false+ an <tt>ActiveModel::ForbiddenAttributesError</tt>
+    # of this method is +false+ an ActiveModel::ForbiddenAttributesError
     # exception is raised.
     #
     #   class Cat