eactionpack 2.1.2

data/lib/action_controller/flash.rb

@@ -0,0 +1,172 @@
+module ActionController #:nodoc:
+  # The flash provides a way to pass temporary objects between actions. Anything you place in the flash will be exposed
+  # to the very next action and then cleared out. This is a great way of doing notices and alerts, such as a create
+  # action that sets <tt>flash[:notice] = "Successfully created"</tt> before redirecting to a display action that can
+  # then expose the flash to its template. Actually, that exposure is automatically done. Example:
+  #
+  #   class WeblogController < ActionController::Base
+  #     def create
+  #       # save post
+  #       flash[:notice] = "Successfully created post"
+  #       redirect_to :action => "display", :params => { :id => post.id }
+  #     end
+  #
+  #     def display
+  #       # doesn't need to assign the flash notice to the template, that's done automatically
+  #     end
+  #   end
+  #
+  #   display.erb
+  #     <% if flash[:notice] %><div class="notice"><%= flash[:notice] %></div><% end %>
+  #
+  # This example just places a string in the flash, but you can put any object in there. And of course, you can put as
+  # many as you like at a time too. Just remember: They'll be gone by the time the next action has been performed.
+  #
+  # See docs on the FlashHash class for more details about the flash.
+  module Flash
+    def self.included(base)
+      base.class_eval do
+        include InstanceMethods
+        alias_method_chain :assign_shortcuts, :flash
+        alias_method_chain :reset_session,    :flash
+      end
+    end
+    
+    
+    class FlashNow #:nodoc:
+      def initialize(flash)
+        @flash = flash
+      end
+      
+      def []=(k, v)
+        @flash[k] = v
+        @flash.discard(k)
+        v
+      end
+      
+      def [](k)
+        @flash[k]
+      end
+    end
+    
+    class FlashHash < Hash
+      def initialize #:nodoc:
+        super
+        @used = {}
+      end
+      
+      def []=(k, v) #:nodoc:
+        keep(k)
+        super
+      end
+      
+      def update(h) #:nodoc:
+        h.keys.each { |k| keep(k) }
+        super
+      end
+      
+      alias :merge! :update
+      
+      def replace(h) #:nodoc:
+        @used = {}
+        super
+      end
+    
+      # Sets a flash that will not be available to the next action, only to the current.
+      #
+      #     flash.now[:message] = "Hello current action"
+      # 
+      # This method enables you to use the flash as a central messaging system in your app.
+      # When you need to pass an object to the next action, you use the standard flash assign (<tt>[]=</tt>).
+      # When you need to pass an object to the current action, you use <tt>now</tt>, and your object will
+      # vanish when the current action is done.
+      #
+      # Entries set via <tt>now</tt> are accessed the same way as standard entries: <tt>flash['my-key']</tt>.
+      def now
+        FlashNow.new(self)
+      end
+    
+      # Keeps either the entire current flash or a specific flash entry available for the next action:
+      #
+      #    flash.keep            # keeps the entire flash
+      #    flash.keep(:notice)   # keeps only the "notice" entry, the rest of the flash is discarded
+      def keep(k = nil)
+        use(k, false)
+      end
+    
+      # Marks the entire flash or a single flash entry to be discarded by the end of the current action:
+      #
+      #     flash.discard              # discard the entire flash at the end of the current action
+      #     flash.discard(:warning)    # discard only the "warning" entry at the end of the current action
+      def discard(k = nil)
+        use(k)
+      end
+    
+      # Mark for removal entries that were kept, and delete unkept ones.
+      #
+      # This method is called automatically by filters, so you generally don't need to care about it.
+      def sweep #:nodoc:
+        keys.each do |k| 
+          unless @used[k]
+            use(k)
+          else
+            delete(k)
+            @used.delete(k)
+          end
+        end
+
+        # clean up after keys that could have been left over by calling reject! or shift on the flash
+        (@used.keys - keys).each{ |k| @used.delete(k) }
+      end
+    
+      private
+        # Used internally by the <tt>keep</tt> and <tt>discard</tt> methods
+        #     use()               # marks the entire flash as used
+        #     use('msg')          # marks the "msg" entry as used
+        #     use(nil, false)     # marks the entire flash as unused (keeps it around for one more action)
+        #     use('msg', false)   # marks the "msg" entry as unused (keeps it around for one more action)
+        def use(k=nil, v=true)
+          unless k.nil?
+            @used[k] = v
+          else
+            keys.each{ |key| use(key, v) }
+          end
+        end
+    end
+
+    module InstanceMethods #:nodoc:
+      protected
+        def reset_session_with_flash
+          reset_session_without_flash
+          remove_instance_variable(:@_flash)
+          flash(:refresh)
+        end
+      
+        # Access the contents of the flash. Use <tt>flash["notice"]</tt> to read a notice you put there or 
+        # <tt>flash["notice"] = "hello"</tt> to put a new one.
+        # Note that if sessions are disabled only flash.now will work.
+        def flash(refresh = false) #:doc:
+          if !defined?(@_flash) || refresh
+            @_flash =
+              if session.is_a?(Hash)
+                # don't put flash in session if disabled
+                FlashHash.new
+              else
+                # otherwise, session is a CGI::Session or a TestSession
+                # so make sure it gets retrieved from/saved to session storage after request processing
+                session["flash"] ||= FlashHash.new
+              end
+          end
+
+          @_flash
+        end
+
+      private
+        def assign_shortcuts_with_flash(request, response) #:nodoc:
+          assign_shortcuts_without_flash(request, response)
+          flash(:refresh)
+          flash.sweep if @_session && !component_request?
+        end
+    end
+  end
+end

data/lib/action_controller/headers.rb

@@ -0,0 +1,31 @@
+module ActionController
+  module Http
+    class Headers < ::Hash
+      
+      def initialize(constructor = {})
+         if constructor.is_a?(Hash)
+           super()
+           update(constructor)
+         else
+           super(constructor)
+         end
+       end
+      
+      def [](header_name)
+        if include?(header_name)
+          super 
+        else
+          super(normalize_header(header_name))
+        end
+      end
+      
+      
+      private
+        # Takes an HTTP header name and returns it in the 
+        # format 
+        def normalize_header(header_name)
+          "HTTP_#{header_name.upcase.gsub(/-/, '_')}"
+        end
+    end
+  end
+end

data/lib/action_controller/helpers.rb

@@ -0,0 +1,221 @@
+# FIXME: helper { ... } is broken on Ruby 1.9
+module ActionController #:nodoc:
+  module Helpers #:nodoc:
+    HELPERS_DIR = (defined?(RAILS_ROOT) ? "#{RAILS_ROOT}/app/helpers" : "app/helpers")
+
+    def self.included(base)
+      # Initialize the base module to aggregate its helpers.
+      base.class_inheritable_accessor :master_helper_module
+      base.master_helper_module = Module.new
+
+      # Extend base with class methods to declare helpers.
+      base.extend(ClassMethods)
+
+      base.class_eval do
+        # Wrap inherited to create a new master helper module for subclasses.
+        class << self
+          alias_method_chain :inherited, :helper
+        end
+      end
+    end
+
+    # The Rails framework provides a large number of helpers for working with +assets+, +dates+, +forms+, 
+    # +numbers+ and Active Record objects, to name a few. These helpers are available to all templates
+    # by default.
+    #
+    # In addition to using the standard template helpers provided in the Rails framework, creating custom helpers to
+    # extract complicated logic or reusable functionality is strongly encouraged.  By default, the controller will 
+    # include a helper whose name matches that of the controller, e.g., <tt>MyController</tt> will automatically
+    # include <tt>MyHelper</tt>.
+    # 
+    # Additional helpers can be specified using the +helper+ class method in <tt>ActionController::Base</tt> or any
+    # controller which inherits from it.
+    #
+    # ==== Examples
+    # The +to_s+ method from the Time class can be wrapped in a helper method to display a custom message if 
+    # the Time object is blank:
+    #
+    #   module FormattedTimeHelper
+    #     def format_time(time, format=:long, blank_message="&nbsp;")
+    #       time.blank? ? blank_message : time.to_s(format)
+    #     end
+    #   end
+    #
+    # FormattedTimeHelper can now be included in a controller, using the +helper+ class method:
+    #
+    #   class EventsController < ActionController::Base
+    #     helper FormattedTimeHelper
+    #     def index
+    #       @events = Event.find(:all)
+    #     end
+    #   end
+    #
+    # Then, in any view rendered by <tt>EventController</tt>, the <tt>format_time</tt> method can be called:
+    #
+    #   <% @events.each do |event| -%>
+    #     <p>
+    #       <% format_time(event.time, :short, "N/A") %> | <%= event.name %> 
+    #     </p>
+    #   <% end -%>
+    #
+    # Finally, assuming we have two event instances, one which has a time and one which does not, 
+    # the output might look like this:
+    #
+    #   23 Aug 11:30 | Carolina Railhawks Soccer Match 
+    #   N/A | Carolina Railhaws Training Workshop
+    #
+    module ClassMethods
+      # Makes all the (instance) methods in the helper module available to templates rendered through this controller.
+      # See ActionView::Helpers (link:classes/ActionView/Helpers.html) for more about making your own helper modules
+      # available to the templates.
+      def add_template_helper(helper_module) #:nodoc:
+        master_helper_module.module_eval { include helper_module }
+      end
+
+      # The +helper+ class method can take a series of helper module names, a block, or both.
+      #
+      # * <tt>*args</tt>: One or more modules, strings or symbols, or the special symbol <tt>:all</tt>.
+      # * <tt>&block</tt>: A block defining helper methods.
+      # 
+      # ==== Examples
+      # When the argument is a string or symbol, the method will provide the "_helper" suffix, require the file 
+      # and include the module in the template class.  The second form illustrates how to include custom helpers 
+      # when working with namespaced controllers, or other cases where the file containing the helper definition is not
+      # in one of Rails' standard load paths:
+      #   helper :foo             # => requires 'foo_helper' and includes FooHelper
+      #   helper 'resources/foo'  # => requires 'resources/foo_helper' and includes Resources::FooHelper
+      #
+      # When the argument is a module it will be included directly in the template class.
+      #   helper FooHelper # => includes FooHelper
+      #
+      # When the argument is the symbol <tt>:all</tt>, the controller will include all helpers from 
+      # <tt>app/helpers/**/*.rb</tt> under RAILS_ROOT.
+      #   helper :all
+      #
+      # Additionally, the +helper+ class method can receive and evaluate a block, making the methods defined available 
+      # to the template.
+      #   # One line
+      #   helper { def hello() "Hello, world!" end }
+      #   # Multi-line
+      #   helper do
+      #     def foo(bar) 
+      #       "#{bar} is the very best" 
+      #     end
+      #   end
+      # 
+      # Finally, all the above styles can be mixed together, and the +helper+ method can be invoked with a mix of
+      # +symbols+, +strings+, +modules+ and blocks.
+      #   helper(:three, BlindHelper) { def mice() 'mice' end }
+      #
+      def helper(*args, &block)
+        args.flatten.each do |arg|
+          case arg
+            when Module
+              add_template_helper(arg)
+            when :all
+              helper(all_application_helpers)
+            when String, Symbol
+              file_name  = arg.to_s.underscore + '_helper'
+              class_name = file_name.camelize
+
+              begin
+                require_dependency(file_name)
+              rescue LoadError => load_error
+                requiree = / -- (.*?)(\.rb)?$/.match(load_error.message).to_a[1]
+                if requiree == file_name
+                  msg = "Missing helper file helpers/#{file_name}.rb"
+                  raise LoadError.new(msg).copy_blame!(load_error)
+                else
+                  raise
+                end
+              end
+
+              add_template_helper(class_name.constantize)
+            else
+              raise ArgumentError, "helper expects String, Symbol, or Module argument (was: #{args.inspect})"
+          end
+        end
+
+        # Evaluate block in template class if given.
+        master_helper_module.module_eval(&block) if block_given?
+      end
+
+      # Declare a controller method as a helper. For example, the following
+      # makes the +current_user+ controller method available to the view:
+      #   class ApplicationController < ActionController::Base
+      #     helper_method :current_user, :logged_in?
+      #
+      #     def current_user
+      #       @current_user ||= User.find_by_id(session[:user])
+      #     end
+      #
+      #      def logged_in?
+      #        current_user != nil
+      #      end
+      #   end
+      #
+      # In a view:
+      #  <% if logged_in? -%>Welcome, <%= current_user.name %><% end -%>
+      def helper_method(*methods)
+        methods.flatten.each do |method|
+          master_helper_module.module_eval <<-end_eval
+            def #{method}(*args, &block)
+              controller.send(%(#{method}), *args, &block)
+            end
+          end_eval
+        end
+      end
+
+      # Declares helper accessors for controller attributes. For example, the
+      # following adds new +name+ and <tt>name=</tt> instance methods to a
+      # controller and makes them available to the view:
+      #   helper_attr :name
+      #   attr_accessor :name
+      def helper_attr(*attrs)
+        attrs.flatten.each { |attr| helper_method(attr, "#{attr}=") }
+      end
+
+      # Provides a proxy to access helpers methods from outside the view.
+      def helpers
+        unless @helper_proxy
+          @helper_proxy = ActionView::Base.new
+          @helper_proxy.extend master_helper_module
+        else
+          @helper_proxy
+        end
+      end
+
+      private
+        def default_helper_module!
+          unless name.blank?
+            module_name = name.sub(/Controller$|$/, 'Helper')
+            module_path = module_name.split('::').map { |m| m.underscore }.join('/')
+            require_dependency module_path
+            helper module_name.constantize
+          end
+        rescue MissingSourceFile => e
+          raise unless e.is_missing? module_path
+        rescue NameError => e
+          raise unless e.missing_name? module_name
+        end
+
+        def inherited_with_helper(child)
+          inherited_without_helper(child)
+
+          begin
+            child.master_helper_module = Module.new
+            child.master_helper_module.send! :include, master_helper_module
+            child.send! :default_helper_module!
+          rescue MissingSourceFile => e
+            raise unless e.is_missing?("helpers/#{child.controller_path}_helper")
+          end
+        end
+
+        # Extract helper names from files in app/helpers/**/*.rb
+        def all_application_helpers
+          extract = /^#{Regexp.quote(HELPERS_DIR)}\/?(.*)_helper.rb$/
+          Dir["#{HELPERS_DIR}/**/*_helper.rb"].map { |file| file.sub extract, '\1' }
+        end
+    end
+  end
+end

data/lib/action_controller/http_authentication.rb

@@ -0,0 +1,124 @@
+module ActionController
+  module HttpAuthentication
+    # Makes it dead easy to do HTTP Basic authentication.
+    # 
+    # Simple Basic example:
+    # 
+    #   class PostsController < ApplicationController
+    #     USER_NAME, PASSWORD = "dhh", "secret"
+    #   
+    #     before_filter :authenticate, :except => [ :index ]
+    #   
+    #     def index
+    #       render :text => "Everyone can see me!"
+    #     end
+    #   
+    #     def edit
+    #       render :text => "I'm only accessible if you know the password"
+    #     end
+    #   
+    #     private
+    #       def authenticate
+    #         authenticate_or_request_with_http_basic do |user_name, password| 
+    #           user_name == USER_NAME && password == PASSWORD
+    #         end
+    #       end
+    #   end
+    # 
+    # 
+    # Here is a more advanced Basic example where only Atom feeds and the XML API is protected by HTTP authentication, 
+    # the regular HTML interface is protected by a session approach:
+    # 
+    #   class ApplicationController < ActionController::Base
+    #     before_filter :set_account, :authenticate
+    #   
+    #     protected
+    #       def set_account
+    #         @account = Account.find_by_url_name(request.subdomains.first)
+    #       end
+    #   
+    #       def authenticate
+    #         case request.format
+    #         when Mime::XML, Mime::ATOM
+    #           if user = authenticate_with_http_basic { |u, p| @account.users.authenticate(u, p) }
+    #             @current_user = user
+    #           else
+    #             request_http_basic_authentication
+    #           end
+    #         else
+    #           if session_authenticated?
+    #             @current_user = @account.users.find(session[:authenticated][:user_id])
+    #           else
+    #             redirect_to(login_url) and return false
+    #           end
+    #         end
+    #       end
+    #   end
+    # 
+    # 
+    # In your integration tests, you can do something like this:
+    # 
+    #   def test_access_granted_from_xml
+    #     get(
+    #       "/notes/1.xml", nil, 
+    #       :authorization => ActionController::HttpAuthentication::Basic.encode_credentials(users(:dhh).name, users(:dhh).password)
+    #     )
+    # 
+    #     assert_equal 200, status
+    #   end
+    #  
+    #  
+    # On shared hosts, Apache sometimes doesn't pass authentication headers to
+    # FCGI instances. If your environment matches this description and you cannot
+    # authenticate, try this rule in your Apache setup:
+    # 
+    #   RewriteRule ^(.*)$ dispatch.fcgi [E=X-HTTP_AUTHORIZATION:%{HTTP:Authorization},QSA,L]
+    module Basic
+      extend self
+
+      module ControllerMethods
+        def authenticate_or_request_with_http_basic(realm = "Application", &login_procedure)
+          authenticate_with_http_basic(&login_procedure) || request_http_basic_authentication(realm)
+        end
+
+        def authenticate_with_http_basic(&login_procedure)
+          HttpAuthentication::Basic.authenticate(self, &login_procedure)
+        end
+
+        def request_http_basic_authentication(realm = "Application")
+          HttpAuthentication::Basic.authentication_request(self, realm)
+        end
+      end
+
+      def authenticate(controller, &login_procedure)
+        unless authorization(controller.request).blank?
+          login_procedure.call(*user_name_and_password(controller.request))
+        end
+      end
+
+      def user_name_and_password(request)
+        decode_credentials(request).split(/:/, 2)
+      end
+  
+      def authorization(request)
+        request.env['HTTP_AUTHORIZATION']   ||
+        request.env['X-HTTP_AUTHORIZATION'] ||
+        request.env['X_HTTP_AUTHORIZATION'] ||
+        request.env['REDIRECT_X_HTTP_AUTHORIZATION']
+      end
+    
+      def decode_credentials(request)
+        ActiveSupport::Base64.decode64(authorization(request).split.last || '')
+      end
+
+      def encode_credentials(user_name, password)
+        "Basic #{ActiveSupport::Base64.encode64("#{user_name}:#{password}")}"
+      end
+
+      def authentication_request(controller, realm)
+        controller.headers["WWW-Authenticate"] = %(Basic realm="#{realm.gsub(/"/, "")}")
+        controller.send! :render, :text => "HTTP Basic: Access denied.\n", :status => :unauthorized
+      end
+    end
+  end
+end