eactionpack 2.1.2

data/lib/action_controller/routing/routing_ext.rb

@@ -0,0 +1,46 @@
+
+class Object
+  def to_param
+    to_s
+  end
+end
+
+class TrueClass
+  def to_param
+    self
+  end
+end
+
+class FalseClass
+  def to_param
+    self
+  end
+end
+
+class NilClass
+  def to_param
+    self
+  end
+end
+
+class Regexp #:nodoc:
+  def number_of_captures
+    Regexp.new("|#{source}").match('').captures.length
+  end
+
+  class << self
+    def optionalize(pattern)
+      case unoptionalize(pattern)
+        when /\A(.|\(.*\))\Z/ then "#{pattern}?"
+        else "(?:#{pattern})?"
+      end
+    end
+
+    def unoptionalize(pattern)
+      [/\A\(\?:(.*)\)\?\Z/, /\A(.|\(.*\))\?\Z/].each do |regexp|
+        return $1 if regexp =~ pattern
+      end
+      return pattern
+    end
+  end
+end

data/lib/action_controller/routing/segments.rb

@@ -0,0 +1,283 @@
+module ActionController
+  module Routing
+    class Segment #:nodoc:
+      RESERVED_PCHAR = ':@&=+$,;'
+      UNSAFE_PCHAR = Regexp.new("[^#{URI::REGEXP::PATTERN::UNRESERVED}#{RESERVED_PCHAR}]", false, 'N').freeze
+
+      attr_accessor :is_optional
+      alias_method :optional?, :is_optional
+
+      def initialize
+        self.is_optional = false
+      end
+
+      def extraction_code
+        nil
+      end
+
+      # Continue generating string for the prior segments.
+      def continue_string_structure(prior_segments)
+        if prior_segments.empty?
+          interpolation_statement(prior_segments)
+        else
+          new_priors = prior_segments[0..-2]
+          prior_segments.last.string_structure(new_priors)
+        end
+      end
+
+      def interpolation_chunk
+        URI.escape(value, UNSAFE_PCHAR)
+      end
+
+      # Return a string interpolation statement for this segment and those before it.
+      def interpolation_statement(prior_segments)
+        chunks = prior_segments.collect { |s| s.interpolation_chunk }
+        chunks << interpolation_chunk
+        "\"#{chunks * ''}\"#{all_optionals_available_condition(prior_segments)}"
+      end
+
+      def string_structure(prior_segments)
+        optional? ? continue_string_structure(prior_segments) : interpolation_statement(prior_segments)
+      end
+
+      # Return an if condition that is true if all the prior segments can be generated.
+      # If there are no optional segments before this one, then nil is returned.
+      def all_optionals_available_condition(prior_segments)
+        optional_locals = prior_segments.collect { |s| s.local_name if s.optional? && s.respond_to?(:local_name) }.compact
+        optional_locals.empty? ? nil : " if #{optional_locals * ' && '}"
+      end
+
+      # Recognition
+
+      def match_extraction(next_capture)
+        nil
+      end
+
+      # Warning
+
+      # Returns true if this segment is optional? because of a default. If so, then
+      # no warning will be emitted regarding this segment.
+      def optionality_implied?
+        false
+      end
+    end
+
+    class StaticSegment < Segment #:nodoc:
+      attr_accessor :value, :raw
+      alias_method :raw?, :raw
+
+      def initialize(value = nil)
+        super()
+        self.value = value
+      end
+
+      def interpolation_chunk
+        raw? ? value : super
+      end
+
+      def regexp_chunk
+        chunk = Regexp.escape(value)
+        optional? ? Regexp.optionalize(chunk) : chunk
+      end
+
+      def build_pattern(pattern)
+        escaped = Regexp.escape(value)
+        if optional? && ! pattern.empty?
+          "(?:#{Regexp.optionalize escaped}\\Z|#{escaped}#{Regexp.unoptionalize pattern})"
+        elsif optional?
+          Regexp.optionalize escaped
+        else
+          escaped + pattern
+        end
+      end
+
+      def to_s
+        value
+      end
+    end
+
+    class DividerSegment < StaticSegment #:nodoc:
+      def initialize(value = nil)
+        super(value)
+        self.raw = true
+        self.is_optional = true
+      end
+
+      def optionality_implied?
+        true
+      end
+    end
+
+    class DynamicSegment < Segment #:nodoc:
+      attr_accessor :key, :default, :regexp
+
+      def initialize(key = nil, options = {})
+        super()
+        self.key = key
+        self.default = options[:default] if options.key? :default
+        self.is_optional = true if options[:optional] || options.key?(:default)
+      end
+
+      def to_s
+        ":#{key}"
+      end
+
+      # The local variable name that the value of this segment will be extracted to.
+      def local_name
+        "#{key}_value"
+      end
+
+      def extract_value
+        "#{local_name} = hash[:#{key}] && hash[:#{key}].to_param #{"|| #{default.inspect}" if default}"
+      end
+      def value_check
+        if default # Then we know it won't be nil
+          "#{value_regexp.inspect} =~ #{local_name}" if regexp
+        elsif optional?
+          # If we have a regexp check that the value is not given, or that it matches.
+          # If we have no regexp, return nil since we do not require a condition.
+          "#{local_name}.nil? || #{value_regexp.inspect} =~ #{local_name}" if regexp
+        else # Then it must be present, and if we have a regexp, it must match too.
+          "#{local_name} #{"&& #{value_regexp.inspect} =~ #{local_name}" if regexp}"
+        end
+      end
+      def expiry_statement
+        "expired, hash = true, options if !expired && expire_on[:#{key}]"
+      end
+
+      def extraction_code
+        s = extract_value
+        vc = value_check
+        s << "\nreturn [nil,nil] unless #{vc}" if vc
+        s << "\n#{expiry_statement}"
+      end
+
+      def interpolation_chunk(value_code = "#{local_name}")
+        "\#{URI.escape(#{value_code}.to_s, ActionController::Routing::Segment::UNSAFE_PCHAR)}"
+      end
+
+      def string_structure(prior_segments)
+        if optional? # We have a conditional to do...
+          # If we should not appear in the url, just write the code for the prior
+          # segments. This occurs if our value is the default value, or, if we are
+          # optional, if we have nil as our value.
+          "if #{local_name} == #{default.inspect}\n" +
+            continue_string_structure(prior_segments) +
+          "\nelse\n" + # Otherwise, write the code up to here
+            "#{interpolation_statement(prior_segments)}\nend"
+        else
+          interpolation_statement(prior_segments)
+        end
+      end
+
+      def value_regexp
+        Regexp.new "\\A#{regexp.to_s}\\Z" if regexp
+      end
+
+      def regexp_chunk
+        if regexp 
+          if regexp_has_modifiers?
+            "(#{regexp.to_s})"
+          else
+            "(#{regexp.source})"
+          end
+        else
+          "([^#{Routing::SEPARATORS.join}]+)"
+        end
+      end
+
+      def build_pattern(pattern)
+        chunk = regexp_chunk
+        chunk = "(#{chunk})" if Regexp.new(chunk).number_of_captures == 0
+        pattern = "#{chunk}#{pattern}"
+        optional? ? Regexp.optionalize(pattern) : pattern
+      end
+
+      def match_extraction(next_capture)
+        # All non code-related keys (such as :id, :slug) are URI-unescaped as
+        # path parameters.
+        default_value = default ? default.inspect : nil
+        %[
+          value = if (m = match[#{next_capture}])
+            URI.unescape(m)
+          else
+            #{default_value}
+          end
+          params[:#{key}] = value if value
+        ]
+      end
+
+      def optionality_implied?
+        [:action, :id].include? key
+      end
+
+      def regexp_has_modifiers?
+        regexp.options & (Regexp::IGNORECASE | Regexp::EXTENDED) != 0
+      end
+
+    end
+
+    class ControllerSegment < DynamicSegment #:nodoc:
+      def regexp_chunk
+        possible_names = Routing.possible_controllers.collect { |name| Regexp.escape name }
+        "(?i-:(#{(regexp || Regexp.union(*possible_names)).source}))"
+      end
+
+      # Don't URI.escape the controller name since it may contain slashes.
+      def interpolation_chunk(value_code = "#{local_name}")
+        "\#{#{value_code}.to_s}"
+      end
+
+      # Make sure controller names like Admin/Content are correctly normalized to
+      # admin/content
+      def extract_value
+        "#{local_name} = (hash[:#{key}] #{"|| #{default.inspect}" if default}).downcase"
+      end
+
+      def match_extraction(next_capture)
+        if default
+          "params[:#{key}] = match[#{next_capture}] ? match[#{next_capture}].downcase : '#{default}'"
+        else
+          "params[:#{key}] = match[#{next_capture}].downcase if match[#{next_capture}]"
+        end
+      end
+    end
+
+    class PathSegment < DynamicSegment #:nodoc:
+      def interpolation_chunk(value_code = "#{local_name}")
+        "\#{#{value_code}}"
+      end
+
+      def extract_value
+        "#{local_name} = hash[:#{key}] && Array(hash[:#{key}]).collect { |path_component| URI.escape(path_component.to_param, ActionController::Routing::Segment::UNSAFE_PCHAR) }.to_param #{"|| #{default.inspect}" if default}"
+      end
+
+      def default
+        ''
+      end
+
+      def default=(path)
+        raise RoutingError, "paths cannot have non-empty default values" unless path.blank?
+      end
+
+      def match_extraction(next_capture)
+        "params[:#{key}] = PathSegment::Result.new_escaped((match[#{next_capture}]#{" || " + default.inspect if default}).split('/'))#{" if match[" + next_capture + "]" if !default}"
+      end
+
+      def regexp_chunk
+        regexp || "(.*)"
+      end
+
+      def optionality_implied?
+        true
+      end
+
+      class Result < ::Array #:nodoc:
+        def to_s() join '/' end
+        def self.new_escaped(strings)
+          new strings.collect {|str| URI.unescape str}
+        end
+      end
+    end
+  end
+end

data/lib/action_controller/session/active_record_store.rb

@@ -0,0 +1,340 @@
+require 'cgi'
+require 'cgi/session'
+require 'digest/md5'
+
+class CGI
+  class Session
+    attr_reader :data
+
+    # Return this session's underlying Session instance. Useful for the DB-backed session stores.
+    def model
+      @dbman.model if @dbman
+    end
+
+
+    # A session store backed by an Active Record class.  A default class is
+    # provided, but any object duck-typing to an Active Record Session class
+    # with text +session_id+ and +data+ attributes is sufficient.
+    #
+    # The default assumes a +sessions+ tables with columns:
+    #   +id+ (numeric primary key),
+    #   +session_id+ (text, or longtext if your session data exceeds 65K), and
+    #   +data+ (text or longtext; careful if your session data exceeds 65KB).
+    # The +session_id+ column should always be indexed for speedy lookups.
+    # Session data is marshaled to the +data+ column in Base64 format.
+    # If the data you write is larger than the column's size limit,
+    # ActionController::SessionOverflowError will be raised.
+    #
+    # You may configure the table name, primary key, and data column.
+    # For example, at the end of <tt>config/environment.rb</tt>:
+    #   CGI::Session::ActiveRecordStore::Session.table_name = 'legacy_session_table'
+    #   CGI::Session::ActiveRecordStore::Session.primary_key = 'session_id'
+    #   CGI::Session::ActiveRecordStore::Session.data_column_name = 'legacy_session_data'
+    # Note that setting the primary key to the +session_id+ frees you from
+    # having a separate +id+ column if you don't want it.  However, you must
+    # set <tt>session.model.id = session.session_id</tt> by hand!  A before filter
+    # on ApplicationController is a good place.
+    #
+    # Since the default class is a simple Active Record, you get timestamps
+    # for free if you add +created_at+ and +updated_at+ datetime columns to
+    # the +sessions+ table, making periodic session expiration a snap.
+    #
+    # You may provide your own session class implementation, whether a
+    # feature-packed Active Record or a bare-metal high-performance SQL
+    # store, by setting
+    #   CGI::Session::ActiveRecordStore.session_class = MySessionClass
+    # You must implement these methods:
+    #   self.find_by_session_id(session_id)
+    #   initialize(hash_of_session_id_and_data)
+    #   attr_reader :session_id
+    #   attr_accessor :data
+    #   save
+    #   destroy
+    #
+    # The example SqlBypass class is a generic SQL session store.  You may
+    # use it as a basis for high-performance database-specific stores.
+    class ActiveRecordStore
+      # The default Active Record class.
+      class Session < ActiveRecord::Base
+        # Customizable data column name.  Defaults to 'data'.
+        cattr_accessor :data_column_name
+        self.data_column_name = 'data'
+
+        before_save :marshal_data!
+        before_save :raise_on_session_data_overflow!
+
+        class << self
+          # Don't try to reload ARStore::Session in dev mode.
+          def reloadable? #:nodoc:
+            false
+          end
+
+          def data_column_size_limit
+            @data_column_size_limit ||= columns_hash[@@data_column_name].limit
+          end
+
+          # Hook to set up sessid compatibility.
+          def find_by_session_id(session_id)
+            setup_sessid_compatibility!
+            find_by_session_id(session_id)
+          end
+
+          def marshal(data)   ActiveSupport::Base64.encode64(Marshal.dump(data)) if data end
+          def unmarshal(data) Marshal.load(ActiveSupport::Base64.decode64(data)) if data end
+
+          def create_table!
+            connection.execute <<-end_sql
+              CREATE TABLE #{table_name} (
+                id INTEGER PRIMARY KEY,
+                #{connection.quote_column_name('session_id')} TEXT UNIQUE,
+                #{connection.quote_column_name(@@data_column_name)} TEXT(255)
+              )
+            end_sql
+          end
+
+          def drop_table!
+            connection.execute "DROP TABLE #{table_name}"
+          end
+
+          private
+            # Compatibility with tables using sessid instead of session_id.
+            def setup_sessid_compatibility!
+              # Reset column info since it may be stale.
+              reset_column_information
+              if columns_hash['sessid']
+                def self.find_by_session_id(*args)
+                  find_by_sessid(*args)
+                end
+
+                define_method(:session_id)  { sessid }
+                define_method(:session_id=) { |session_id| self.sessid = session_id }
+              else
+                def self.find_by_session_id(session_id)
+                  find :first, :conditions => ["session_id #{attribute_condition(session_id)}", session_id]
+                end
+              end
+            end
+        end
+
+        # Lazy-unmarshal session state.
+        def data
+          @data ||= self.class.unmarshal(read_attribute(@@data_column_name)) || {}
+        end
+
+        attr_writer :data
+
+        # Has the session been loaded yet?
+        def loaded?
+          !! @data
+        end
+
+        private
+
+          def marshal_data!
+            return false if !loaded?
+            write_attribute(@@data_column_name, self.class.marshal(self.data))
+          end
+
+          # Ensures that the data about to be stored in the database is not
+          # larger than the data storage column. Raises
+          # ActionController::SessionOverflowError.
+          def raise_on_session_data_overflow!
+            return false if !loaded?
+            limit = self.class.data_column_size_limit
+            if loaded? and limit and read_attribute(@@data_column_name).size > limit
+              raise ActionController::SessionOverflowError
+            end
+          end
+      end
+
+      # A barebones session store which duck-types with the default session
+      # store but bypasses Active Record and issues SQL directly.  This is
+      # an example session model class meant as a basis for your own classes.
+      #
+      # The database connection, table name, and session id and data columns
+      # are configurable class attributes.  Marshaling and unmarshaling
+      # are implemented as class methods that you may override.  By default,
+      # marshaling data is
+      #
+      #   ActiveSupport::Base64.encode64(Marshal.dump(data))
+      #
+      # and unmarshaling data is
+      #
+      #   Marshal.load(ActiveSupport::Base64.decode64(data))
+      #
+      # This marshaling behavior is intended to store the widest range of
+      # binary session data in a +text+ column.  For higher performance,
+      # store in a +blob+ column instead and forgo the Base64 encoding.
+      class SqlBypass
+        # Use the ActiveRecord::Base.connection by default.
+        cattr_accessor :connection
+
+        # The table name defaults to 'sessions'.
+        cattr_accessor :table_name
+        @@table_name = 'sessions'
+
+        # The session id field defaults to 'session_id'.
+        cattr_accessor :session_id_column
+        @@session_id_column = 'session_id'
+
+        # The data field defaults to 'data'.
+        cattr_accessor :data_column
+        @@data_column = 'data'
+
+        class << self
+
+          def connection
+            @@connection ||= ActiveRecord::Base.connection
+          end
+
+          # Look up a session by id and unmarshal its data if found.
+          def find_by_session_id(session_id)
+            if record = @@connection.select_one("SELECT * FROM #{@@table_name} WHERE #{@@session_id_column}=#{@@connection.quote(session_id)}")
+              new(:session_id => session_id, :marshaled_data => record['data'])
+            end
+          end
+
+          def marshal(data)   ActiveSupport::Base64.encode64(Marshal.dump(data)) if data end
+          def unmarshal(data) Marshal.load(ActiveSupport::Base64.decode64(data)) if data end
+
+          def create_table!
+            @@connection.execute <<-end_sql
+              CREATE TABLE #{table_name} (
+                id INTEGER PRIMARY KEY,
+                #{@@connection.quote_column_name(session_id_column)} TEXT UNIQUE,
+                #{@@connection.quote_column_name(data_column)} TEXT
+              )
+            end_sql
+          end
+
+          def drop_table!
+            @@connection.execute "DROP TABLE #{table_name}"
+          end
+        end
+
+        attr_reader :session_id
+        attr_writer :data
+
+        # Look for normal and marshaled data, self.find_by_session_id's way of
+        # telling us to postpone unmarshaling until the data is requested.
+        # We need to handle a normal data attribute in case of a new record.
+        def initialize(attributes)
+          @session_id, @data, @marshaled_data = attributes[:session_id], attributes[:data], attributes[:marshaled_data]
+          @new_record = @marshaled_data.nil?
+        end
+
+        def new_record?
+          @new_record
+        end
+
+        # Lazy-unmarshal session state.
+        def data
+          unless @data
+            if @marshaled_data
+              @data, @marshaled_data = self.class.unmarshal(@marshaled_data) || {}, nil
+            else
+              @data = {}
+            end
+          end
+          @data
+        end
+
+        def loaded?
+          !! @data
+        end
+
+        def save
+          return false if !loaded?
+          marshaled_data = self.class.marshal(data)
+
+          if @new_record
+            @new_record = false
+            @@connection.update <<-end_sql, 'Create session'
+              INSERT INTO #{@@table_name} (
+                #{@@connection.quote_column_name(@@session_id_column)},
+                #{@@connection.quote_column_name(@@data_column)} )
+              VALUES (
+                #{@@connection.quote(session_id)},
+                #{@@connection.quote(marshaled_data)} )
+            end_sql
+          else
+            @@connection.update <<-end_sql, 'Update session'
+              UPDATE #{@@table_name}
+              SET #{@@connection.quote_column_name(@@data_column)}=#{@@connection.quote(marshaled_data)}
+              WHERE #{@@connection.quote_column_name(@@session_id_column)}=#{@@connection.quote(session_id)}
+            end_sql
+          end
+        end
+
+        def destroy
+          unless @new_record
+            @@connection.delete <<-end_sql, 'Destroy session'
+              DELETE FROM #{@@table_name}
+              WHERE #{@@connection.quote_column_name(@@session_id_column)}=#{@@connection.quote(session_id)}
+            end_sql
+          end
+        end
+      end
+
+
+      # The class used for session storage.  Defaults to
+      # CGI::Session::ActiveRecordStore::Session.
+      cattr_accessor :session_class
+      self.session_class = Session
+
+      # Find or instantiate a session given a CGI::Session.
+      def initialize(session, option = nil)
+        session_id = session.session_id
+        unless @session = ActiveRecord::Base.silence { @@session_class.find_by_session_id(session_id) }
+          unless session.new_session
+            raise CGI::Session::NoSession, 'uninitialized session'
+          end
+          @session = @@session_class.new(:session_id => session_id, :data => {})
+          # session saving can be lazy again, because of improved component implementation
+          # therefore next line gets commented out:
+          # @session.save
+        end
+      end
+
+      # Access the underlying session model.
+      def model
+        @session
+      end
+
+      # Restore session state.  The session model handles unmarshaling.
+      def restore
+        if @session
+          @session.data
+        end
+      end
+
+      # Save session store.
+      def update
+        if @session
+          ActiveRecord::Base.silence { @session.save }
+        end
+      end
+
+      # Save and close the session store.
+      def close
+        if @session
+          update
+          @session = nil
+        end
+      end
+
+      # Delete and close the session store.
+      def delete
+        if @session
+          ActiveRecord::Base.silence { @session.destroy }
+          @session = nil
+        end
+      end
+
+      protected
+        def logger
+          ActionController::Base.logger rescue nil
+        end
+    end
+  end
+end