activemodel 7.0.8.1 → 7.2.2.1

data/lib/active_model/locale/en.yml

@@ -18,6 +18,7 @@ en:
       too_long:
         one: "is too long (maximum is 1 character)"
         other: "is too long (maximum is %{count} characters)"
+      password_too_long: "is too long"
       too_short:
         one: "is too short (minimum is 1 character)"
         other: "is too short (minimum is %{count} characters)"

data/lib/active_model/model.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module ActiveModel
-  # == Active \Model \Basic \Model
+  # = Active \Model \Basic \Model
   #
   # Allows implementing models similar to ActiveRecord::Base.
   # Includes ActiveModel::API for the required interface for an
@@ -37,10 +37,42 @@ module ActiveModel
   #   person.omg # => true
   #
   # For more detailed information on other functionalities available, please
-  # refer to the specific modules included in <tt>ActiveModel::Model</tt>
+  # refer to the specific modules included in +ActiveModel::Model+
   # (see below).
   module Model
     extend ActiveSupport::Concern
     include ActiveModel::API
+    include ActiveModel::Access
+
+    ##
+    # :method: slice
+    #
+    # :call-seq: slice(*methods)
+    #
+    # Returns a hash of the given methods with their names as keys and returned
+    # values as values.
+    #
+    #   person = Person.new(id: 1, name: "bob")
+    #   person.slice(:id, :name)
+    #   => { "id" => 1, "name" => "bob" }
+    #
+    #--
+    # Implemented by ActiveModel::Access#slice.
+
+    ##
+    # :method: values_at
+    #
+    # :call-seq: values_at(*methods)
+    #
+    # Returns an array of the values returned by the given methods.
+    #
+    #   person = Person.new(id: 1, name: "bob")
+    #   person.values_at(:id, :name)
+    #   => [1, "bob"]
+    #
+    #--
+    # Implemented by ActiveModel::Access#values_at.
   end
+
+  ActiveSupport.run_load_hooks(:active_model, Model)
 end

data/lib/active_model/naming.rb

@@ -195,18 +195,15 @@ module ActiveModel
     #
     # Specify +options+ with additional translating options.
     def human(options = {})
-      return @human unless @klass.respond_to?(:lookup_ancestors) &&
-                           @klass.respond_to?(:i18n_scope)
-
-      defaults = @klass.lookup_ancestors.map do |klass|
-        klass.model_name.i18n_key
-      end
+      return @human if i18n_keys.empty? || i18n_scope.empty?
 
+      key, *defaults = i18n_keys
       defaults << options[:default] if options[:default]
-      defaults << @human
+      defaults << MISSING_TRANSLATION
 
-      options = { scope: [@klass.i18n_scope, :models], count: 1, default: defaults }.merge!(options.except(:default))
-      I18n.translate(defaults.shift, **options)
+      translation = I18n.translate(key, scope: i18n_scope, count: 1, **options, default: defaults)
+      translation = @human if translation == MISSING_TRANSLATION
+      translation
     end
 
     def uncountable?
@@ -214,12 +211,26 @@ module ActiveModel
     end
 
     private
+      MISSING_TRANSLATION = -(2**60) # :nodoc:
+
       def _singularize(string)
         ActiveSupport::Inflector.underscore(string).tr("/", "_")
       end
+
+      def i18n_keys
+        @i18n_keys ||= if @klass.respond_to?(:lookup_ancestors)
+          @klass.lookup_ancestors.map { |klass| klass.model_name.i18n_key }
+        else
+          []
+        end
+      end
+
+      def i18n_scope
+        @i18n_scope ||= @klass.respond_to?(:i18n_scope) ? [@klass.i18n_scope, :models] : []
+      end
   end
 
-  # == Active \Model \Naming
+  # = Active \Model \Naming
   #
   # Creates a +model_name+ method on your object.
   #
@@ -336,5 +347,13 @@ module ActiveModel
       end
     end
     private_class_method :model_name_from_record_or_class
+
+    private
+      def inherited(base)
+        super
+        base.class_eval do
+          @_model_name = nil
+        end
+      end
   end
 end

data/lib/active_model/railtie.rb

@@ -9,6 +9,10 @@ module ActiveModel
 
     config.active_model = ActiveSupport::OrderedOptions.new
 
+    initializer "active_model.deprecator", before: :load_environment_config do |app|
+      app.deprecators[:active_model] = ActiveModel.deprecator
+    end
+
     initializer "active_model.secure_password" do
       ActiveModel::SecurePassword.min_cost = Rails.env.test?
     end

data/lib/active_model/secure_password.rb

@@ -16,8 +16,8 @@ module ActiveModel
 
     module ClassMethods
       # Adds methods to set and authenticate against a BCrypt password.
-      # This mechanism requires you to have a +XXX_digest+ attribute.
-      # Where +XXX+ is the attribute name of your desired password.
+      # This mechanism requires you to have a +XXX_digest+ attribute,
+      # where +XXX+ is the attribute name of your desired password.
       #
       # The following validations are added automatically:
       # * Password must be present on creation
@@ -29,12 +29,19 @@ module ActiveModel
       # it). When this attribute has a +nil+ value, the validation will not be
       # triggered.
       #
-      # For further customizability, it is possible to suppress the default
-      # validations by passing <tt>validations: false</tt> as an argument.
+      # Additionally, a +XXX_challenge+ attribute is created. When set to a
+      # value other than +nil+, it will validate against the currently persisted
+      # password. This validation relies on dirty tracking, as provided by
+      # ActiveModel::Dirty; if dirty tracking methods are not defined, this
+      # validation will fail.
       #
-      # Add bcrypt (~> 3.1.7) to Gemfile to use #has_secure_password:
+      # All of the above validations can be omitted by passing
+      # <tt>validations: false</tt> as an argument. This allows complete
+      # customizability of validation behavior.
       #
-      #   gem 'bcrypt', '~> 3.1.7'
+      # To use +has_secure_password+, add bcrypt (~> 3.1.7) to your Gemfile:
+      #
+      #   gem "bcrypt", "~> 3.1.7"
       #
       # ==== Examples
       #
@@ -46,20 +53,30 @@ module ActiveModel
       #     has_secure_password :recovery_password, validations: false
       #   end
       #
-      #   user = User.new(name: 'david', password: '', password_confirmation: 'nomatch')
-      #   user.save                                                  # => false, password required
-      #   user.password = 'mUc3m00RsqyRe'
-      #   user.save                                                  # => false, confirmation doesn't match
-      #   user.password_confirmation = 'mUc3m00RsqyRe'
-      #   user.save                                                  # => true
+      #   user = User.new(name: "david", password: "", password_confirmation: "nomatch")
+      #
+      #   user.save                                                      # => false, password required
+      #   user.password = "vr00m"
+      #   user.save                                                      # => false, confirmation doesn't match
+      #   user.password_confirmation = "vr00m"
+      #   user.save                                                      # => true
+      #
+      #   user.authenticate("notright")                                  # => false
+      #   user.authenticate("vr00m")                                     # => user
+      #   User.find_by(name: "david")&.authenticate("notright")          # => false
+      #   User.find_by(name: "david")&.authenticate("vr00m")             # => user
+      #
       #   user.recovery_password = "42password"
-      #   user.recovery_password_digest                              # => "$2a$04$iOfhwahFymCs5weB3BNH/uXkTG65HR.qpW.bNhEjFP3ftli3o5DQC"
-      #   user.save                                                  # => true
-      #   user.authenticate('notright')                              # => false
-      #   user.authenticate('mUc3m00RsqyRe')                         # => user
-      #   user.authenticate_recovery_password('42password')          # => user
-      #   User.find_by(name: 'david')&.authenticate('notright')      # => false
-      #   User.find_by(name: 'david')&.authenticate('mUc3m00RsqyRe') # => user
+      #   user.recovery_password_digest                                  # => "$2a$04$iOfhwahFymCs5weB3BNH/uXkTG65HR.qpW.bNhEjFP3ftli3o5DQC"
+      #   user.save                                                      # => true
+      #
+      #   user.authenticate_recovery_password("42password")              # => user
+      #
+      #   user.update(password: "pwn3d", password_challenge: "")         # => false, challenge doesn't authenticate
+      #   user.update(password: "nohack4u", password_challenge: "vr00m") # => true
+      #
+      #   user.authenticate("vr00m")                                     # => false, old password
+      #   user.authenticate("nohack4u")                                  # => user
       #
       # ===== Conditionally requiring a password
       #
@@ -88,7 +105,7 @@ module ActiveModel
         begin
           require "bcrypt"
         rescue LoadError
-          $stderr.puts "You don't have bcrypt installed in your application. Please add it to your Gemfile and run bundle install"
+          warn "You don't have bcrypt installed in your application. Please add it to your Gemfile and run bundle install."
           raise
         end
 
@@ -105,7 +122,24 @@ module ActiveModel
             record.errors.add(attribute, :blank) unless record.public_send("#{attribute}_digest").present?
           end
 
-          validates_length_of attribute, maximum: ActiveModel::SecurePassword::MAX_PASSWORD_LENGTH_ALLOWED
+          validate do |record|
+            if challenge = record.public_send(:"#{attribute}_challenge")
+              digest_was = record.public_send(:"#{attribute}_digest_was") if record.respond_to?(:"#{attribute}_digest_was")
+
+              unless digest_was.present? && BCrypt::Password.new(digest_was).is_password?(challenge)
+                record.errors.add(:"#{attribute}_challenge")
+              end
+            end
+          end
+
+          # Validates that the password does not exceed the maximum allowed bytes for BCrypt (72 bytes).
+          validate do |record|
+            password_value = record.public_send(attribute)
+            if password_value.present? && password_value.bytesize > ActiveModel::SecurePassword::MAX_PASSWORD_LENGTH_ALLOWED
+              record.errors.add(attribute, :password_too_long)
+            end
+          end
+
           validates_confirmation_of attribute, allow_blank: true
         end
       end
@@ -126,9 +160,7 @@ module ActiveModel
           end
         end
 
-        define_method("#{attribute}_confirmation=") do |unencrypted_password|
-          instance_variable_set("@#{attribute}_confirmation", unencrypted_password)
-        end
+        attr_accessor :"#{attribute}_confirmation", :"#{attribute}_challenge"
 
         # Returns +self+ if the password is correct, otherwise +false+.
         #
@@ -145,6 +177,12 @@ module ActiveModel
           attribute_digest.present? && BCrypt::Password.new(attribute_digest).is_password?(unencrypted_password) && self
         end
 
+        # Returns the salt, a small chunk of random data added to the password before it's hashed.
+        define_method("#{attribute}_salt") do
+          attribute_digest = public_send("#{attribute}_digest")
+          attribute_digest.present? ? BCrypt::Password.new(attribute_digest).salt : nil
+        end
+
         alias_method :authenticate, :authenticate_password if attribute == :password
       end
     end

data/lib/active_model/serialization.rb

@@ -3,7 +3,7 @@
 require "active_support/core_ext/enumerable"
 
 module ActiveModel
-  # == Active \Model \Serialization
+  # = Active \Model \Serialization
   #
   # Provides a basic serialization to a serializable_hash for your objects.
   #
@@ -33,8 +33,8 @@ module ActiveModel
   # at the private method +read_attribute_for_serialization+.
   #
   # ActiveModel::Serializers::JSON module automatically includes
-  # the <tt>ActiveModel::Serialization</tt> module, so there is no need to
-  # explicitly include <tt>ActiveModel::Serialization</tt>.
+  # the +ActiveModel::Serialization+ module, so there is no need to
+  # explicitly include +ActiveModel::Serialization+.
   #
   # A minimal implementation including JSON would be:
   #

data/lib/active_model/serializers/json.rb

@@ -4,7 +4,7 @@ require "active_support/json"
 
 module ActiveModel
   module Serializers
-    # == Active \Model \JSON \Serializer
+    # = Active \Model \JSON \Serializer
     module JSON
       extend ActiveSupport::Concern
       include ActiveModel::Serialization

data/lib/active_model/translation.rb

@@ -1,9 +1,9 @@
 # frozen_string_literal: true
 
 module ActiveModel
-  # == Active \Model \Translation
+  # = Active \Model \Translation
   #
-  # Provides integration between your object and the Rails internationalization
+  # Provides integration between your object and the \Rails internationalization
   # (i18n) framework.
   #
   # A minimal implementation could be:
@@ -16,7 +16,7 @@ module ActiveModel
   #   # => "My attribute"
   #
   # This also provides the required class methods for hooking into the
-  # Rails internationalization API, including being able to define a
+  # \Rails internationalization API, including being able to define a
   # class-based +i18n_scope+ and +lookup_ancestors+ to find translations in
   # parent classes.
   module Translation
@@ -35,6 +35,8 @@ module ActiveModel
       ancestors.select { |x| x.respond_to?(:model_name) }
     end
 
+    MISSING_TRANSLATION = -(2**60) # :nodoc:
+
     # Transforms attribute names into a more human format, such as "First name"
     # instead of "first_name".
     #
@@ -42,29 +44,29 @@ module ActiveModel
     #
     # Specify +options+ with additional translating options.
     def human_attribute_name(attribute, options = {})
-      options   = { count: 1 }.merge!(options)
-      parts     = attribute.to_s.split(".")
-      attribute = parts.pop
-      namespace = parts.join("/") unless parts.empty?
-      attributes_scope = "#{i18n_scope}.attributes"
+      attribute = attribute.to_s
+
+      if attribute.include?(".")
+        namespace, _, attribute = attribute.rpartition(".")
+        namespace.tr!(".", "/")
 
-      if namespace
         defaults = lookup_ancestors.map do |klass|
-          :"#{attributes_scope}.#{klass.model_name.i18n_key}/#{namespace}.#{attribute}"
+          :"#{i18n_scope}.attributes.#{klass.model_name.i18n_key}/#{namespace}.#{attribute}"
         end
-        defaults << :"#{attributes_scope}.#{namespace}.#{attribute}"
+        defaults << :"#{i18n_scope}.attributes.#{namespace}.#{attribute}"
       else
         defaults = lookup_ancestors.map do |klass|
-          :"#{attributes_scope}.#{klass.model_name.i18n_key}.#{attribute}"
+          :"#{i18n_scope}.attributes.#{klass.model_name.i18n_key}.#{attribute}"
         end
       end
 
       defaults << :"attributes.#{attribute}"
-      defaults << options.delete(:default) if options[:default]
-      defaults << attribute.humanize
+      defaults << options[:default] if options[:default]
+      defaults << MISSING_TRANSLATION
 
-      options[:default] = defaults
-      I18n.translate(defaults.shift, **options)
+      translation = I18n.translate(defaults.shift, count: 1, **options, default: defaults)
+      translation = attribute.humanize if translation == MISSING_TRANSLATION
+      translation
     end
   end
 end

data/lib/active_model/type/big_integer.rb

@@ -4,7 +4,29 @@ require "active_model/type/integer"
 
 module ActiveModel
   module Type
-    class BigInteger < Integer # :nodoc:
+    # = Active Model \BigInteger \Type
+    #
+    # Attribute type for integers that can be serialized to an unlimited number
+    # of bytes. This type is registered under the +:big_integer+ key.
+    #
+    #   class Person
+    #     include ActiveModel::Attributes
+    #
+    #     attribute :id, :big_integer
+    #   end
+    #
+    #   person = Person.new
+    #   person.id = "18_000_000_000"
+    #
+    #   person.id # => 18000000000
+    #
+    # All casting and serialization are performed in the same way as the
+    # standard ActiveModel::Type::Integer type.
+    class BigInteger < Integer
+      def serialize_cast_value(value) # :nodoc:
+        value
+      end
+
       private
         def max_value
           ::Float::INFINITY

data/lib/active_model/type/binary.rb

@@ -2,7 +2,13 @@
 
 module ActiveModel
   module Type
-    class Binary < Value # :nodoc:
+    # = Active Model \Binary \Type
+    #
+    # Attribute type for representation of binary data. This type is registered
+    # under the +:binary+ key.
+    #
+    # Non-string values are coerced to strings using their +to_s+ method.
+    class Binary < Value
       def type
         :binary
       end

data/lib/active_model/type/boolean.rb

@@ -2,17 +2,15 @@
 
 module ActiveModel
   module Type
-    # == Active \Model \Type \Boolean
+    # = Active Model \Boolean \Type
     #
-    # A class that behaves like a boolean type, including rules for coercion of user input.
+    # A class that behaves like a boolean type, including rules for coercion of
+    # user input.
     #
-    # === Coercion
-    # Values set from user input will first be coerced into the appropriate ruby type.
-    # Coercion behavior is roughly mapped to Ruby's boolean semantics.
-    #
-    # - "false", "f" , "0", +0+ or any other value in +FALSE_VALUES+ will be coerced to +false+
-    # - Empty strings are coerced to +nil+
-    # - All other values will be coerced to +true+
+    # - <tt>"false"</tt>, <tt>"f"</tt>, <tt>"0"</tt>, +0+ or any other value in
+    #   +FALSE_VALUES+ will be coerced to +false+.
+    # - Empty strings are coerced to +nil+.
+    # - All other values will be coerced to +true+.
     class Boolean < Value
       FALSE_VALUES = [
         false, 0,
@@ -33,6 +31,10 @@ module ActiveModel
         cast(value)
       end
 
+      def serialize_cast_value(value) # :nodoc:
+        value
+      end
+
       private
         def cast_value(value)
           if value == ""

data/lib/active_model/type/date.rb

@@ -2,7 +2,28 @@
 
 module ActiveModel
   module Type
-    class Date < Value # :nodoc:
+    # = Active Model \Date \Type
+    #
+    # Attribute type for date representation. It is registered under the
+    # +:date+ key.
+    #
+    #   class Person
+    #     include ActiveModel::Attributes
+    #
+    #     attribute :birthday, :date
+    #   end
+    #
+    #   person = Person.new
+    #   person.birthday = "1989-07-13"
+    #
+    #   person.birthday.class # => Date
+    #   person.birthday.year  # => 1989
+    #   person.birthday.month # => 7
+    #   person.birthday.day   # => 13
+    #
+    # String values are parsed using the ISO 8601 date format. Any other values
+    # are cast using their +to_date+ method, if it exists.
+    class Date < Value
       include Helpers::Timezone
       include Helpers::AcceptsMultiparameterTime.new
 
@@ -34,7 +55,12 @@ module ActiveModel
         end
 
         def fallback_string_to_date(string)
-          new_date(*::Date._parse(string, false).values_at(:year, :mon, :mday))
+          parts = begin
+            ::Date._parse(string, false)
+          rescue ArgumentError
+          end
+
+          new_date(*parts.values_at(:year, :mon, :mday)) if parts
         end
 
         def new_date(year, mon, mday)

data/lib/active_model/type/date_time.rb

@@ -2,12 +2,49 @@
 
 module ActiveModel
   module Type
-    class DateTime < Value # :nodoc:
+    # = Active Model \DateTime \Type
+    #
+    # Attribute type to represent dates and times. It is registered under the
+    # +:datetime+ key.
+    #
+    #   class Event
+    #     include ActiveModel::Attributes
+    #
+    #     attribute :start, :datetime
+    #   end
+    #
+    #   event = Event.new
+    #   event.start = "Wed, 04 Sep 2013 03:00:00 EAT"
+    #
+    #   event.start.class # => Time
+    #   event.start.year  # => 2013
+    #   event.start.month # => 9
+    #   event.start.day   # => 4
+    #   event.start.hour  # => 3
+    #   event.start.min   # => 0
+    #   event.start.sec   # => 0
+    #   event.start.zone  # => "EAT"
+    #
+    # String values are parsed using the ISO 8601 datetime format. Partial
+    # time-only formats are also accepted.
+    #
+    #   event.start = "06:07:08+09:00"
+    #   event.start.utc # => 1999-12-31 21:07:08 UTC
+    #
+    # The degree of sub-second precision can be customized when declaring an
+    # attribute:
+    #
+    #   class Event
+    #     include ActiveModel::Attributes
+    #
+    #     attribute :start, :datetime, precision: 4
+    #   end
+    class DateTime < Value
       include Helpers::Timezone
-      include Helpers::TimeValue
       include Helpers::AcceptsMultiparameterTime.new(
         defaults: { 4 => 0, 5 => 0 }
       )
+      include Helpers::TimeValue
 
       def type
         :datetime
@@ -28,7 +65,12 @@ module ActiveModel
         end
 
         def fallback_string_to_time(string)
-          time_hash = ::Date._parse(string)
+          time_hash = begin
+            ::Date._parse(string)
+          rescue ArgumentError
+          end
+          return unless time_hash
+
           time_hash[:sec_fraction] = microseconds(time_hash)
 
           new_time(*time_hash.values_at(:year, :mon, :mday, :hour, :min, :sec, :sec_fraction, :offset))

data/lib/active_model/type/decimal.rb

@@ -4,7 +4,45 @@ require "bigdecimal/util"
 
 module ActiveModel
   module Type
-    class Decimal < Value # :nodoc:
+    # = Active Model \Decimal \Type
+    #
+    # Attribute type for decimal, high-precision floating point numeric
+    # representation. It is registered under the +:decimal+ key.
+    #
+    #   class BagOfCoffee
+    #     include ActiveModel::Attributes
+    #
+    #     attribute :weight, :decimal
+    #   end
+    #
+    # Numeric instances are converted to BigDecimal instances. Any other objects
+    # are cast using their +to_d+ method, except for blank strings, which are
+    # cast to +nil+. If a +to_d+ method is not defined, the object is converted
+    # to a string using +to_s+, which is then cast using +to_d+.
+    #
+    #   bag = BagOfCoffee.new
+    #
+    #   bag.weight = 0.01
+    #   bag.weight # => 0.1e-1
+    #
+    #   bag.weight = "0.01"
+    #   bag.weight # => 0.1e-1
+    #
+    #   bag.weight = ""
+    #   bag.weight # => nil
+    #
+    #   bag.weight = :arbitrary
+    #   bag.weight # => nil (the result of `.to_s.to_d`)
+    #
+    # Decimal precision defaults to 18, and can be customized when declaring an
+    # attribute:
+    #
+    #   class BagOfCoffee
+    #     include ActiveModel::Attributes
+    #
+    #     attribute :weight, :decimal, precision: 24
+    #   end
+    class Decimal < Value
       include Helpers::Numeric
       BIGDECIMAL_PRECISION = 18
 

data/lib/active_model/type/float.rb

@@ -4,7 +4,36 @@ require "active_support/core_ext/object/try"
 
 module ActiveModel
   module Type
-    class Float < Value # :nodoc:
+    # = Active Model \Float \Type
+    #
+    # Attribute type for floating point numeric values. It is registered under
+    # the +:float+ key.
+    #
+    #   class BagOfCoffee
+    #     include ActiveModel::Attributes
+    #
+    #     attribute :weight, :float
+    #   end
+    #
+    # Values are cast using their +to_f+ method, except for the following
+    # strings:
+    #
+    # - Blank strings are cast to +nil+.
+    # - <tt>"Infinity"</tt> is cast to +Float::INFINITY+.
+    # - <tt>"-Infinity"</tt> is cast to <tt>-Float::INFINITY</tt>.
+    # - <tt>"NaN"</tt> is cast to +Float::NAN+.
+    #
+    #   bag = BagOfCoffee.new
+    #
+    #   bag.weight = "0.25"
+    #   bag.weight # => 0.25
+    #
+    #   bag.weight = ""
+    #   bag.weight # => nil
+    #
+    #   bag.weight = "NaN"
+    #   bag.weight # => Float::NAN
+    class Float < Value
       include Helpers::Numeric
 
       def type

data/lib/active_model/type/helpers/accepts_multiparameter_time.rb

@@ -6,7 +6,11 @@ module ActiveModel
       class AcceptsMultiparameterTime < Module
         module InstanceMethods
           def serialize(value)
-            super(cast(value))
+            serialize_cast_value(cast(value))
+          end
+
+          def serialize_cast_value(value)
+            value
           end
 
           def cast(value)