padrino-core 0.10.7 → 0.11.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 9f915e954014b964f9d5afccd9999d80cd888c05
+  data.tar.gz: 0f64be604ae666519fdd77d32413f9bdf4c32986
+SHA512:
+  metadata.gz: f5b45a55ece397aabf5c7e9d4c961a51edeaa882156962222a0b41d718e62c000fa301f954236fa1599d94e8f2e19109e538b775a2c651c94dfefabf6f187073
+  data.tar.gz: 7796c665daf7a323174e265e3fbc23d71cef98cc9ae1427cb0d5a3d18a3352fdd861fab8adb83308b01c6f4e2f7b1e3bd6ab372493b6032c43f41431dabbb15e

data/lib/padrino-core.rb

@@ -1,8 +1,19 @@
 require 'sinatra/base'
-require 'padrino-core/support_lite' unless defined?(SupportLite)
+require 'padrino-core/version'
+require 'padrino-core/support_lite'
+require 'padrino-core/application'
+
+require 'padrino-core/caller'
+require 'padrino-core/command'
+require 'padrino-core/loader'
+require 'padrino-core/logger'
+require 'padrino-core/mounter'
+require 'padrino-core/reloader'
+require 'padrino-core/router'
+require 'padrino-core/server'
+require 'padrino-core/tasks'
+require 'padrino-core/module'
 
-FileSet.glob_require('padrino-core/application/*.rb', __FILE__)
-FileSet.glob_require('padrino-core/*.rb', __FILE__)
 
 # The Padrino environment (falls back to the rack env or finally develop)
 PADRINO_ENV  = ENV["PADRINO_ENV"]  ||= ENV["RACK_ENV"] ||= "development"  unless defined?(PADRINO_ENV)
@@ -80,7 +91,14 @@ module Padrino
     #   end
     #
     def configure_apps(&block)
-      @_global_configuration = block if block_given?
+      return  unless block_given?
+      @@_global_configurations ||= []
+      @@_global_configurations << block
+      @_global_configuration = lambda do |app|
+        @@_global_configurations.each do |configuration|
+          app.class_eval(&configuration)
+        end
+      end
     end
 
     ##
@@ -148,5 +166,41 @@ module Padrino
     def use(m, *args, &block)
       middleware << [m, args, block]
     end
+
+    ##
+    # Registers a gem with padrino. This relieves the caller from setting up
+    # loadpaths by himself and enables Padrino to look up apps in gem folder.
+    #
+    # The name given has to be the proper gem name as given in the gemspec.
+    #
+    # @param [String] name
+    #   The name of the gem being registered.
+    #
+    # @param [Module] main_module
+    #   The main module of the gem.
+    #
+    # @returns The root path of the loaded gem
+    def gem(name, main_module)
+      _,spec = Gem.loaded_specs.find { |spec_name, spec| spec_name == name }
+      gems << spec
+      modules << main_module
+      spec.full_gem_path
+    end
+
+    ##
+    # Returns all currently known padrino gems.
+    #
+    # @returns [Gem::Specification]
+    def gems
+      @gems ||= []
+    end
+
+    ##
+    # All loaded Padrino modules.
+    #
+    # @returns [<Padrino::Module>]
+    def modules
+      @modules ||= []
+    end
   end # self
 end # Padrino

data/lib/padrino-core/application.rb

@@ -1,3 +1,8 @@
+require 'padrino-core/application/rendering'
+require 'padrino-core/application/routing'
+require 'padrino-core/application/flash'
+require 'padrino-core/application/showexceptions'
+
 module Padrino
   class ApplicationSetupError < RuntimeError # @private
   end
@@ -173,17 +178,21 @@ module Padrino
         set :method_override, true
         set :sessions, false
         set :public_folder, Proc.new { Padrino.root('public', uri_root) }
-        set :views, Proc.new { File.join(root,   "views") }
-        set :images_path, Proc.new { File.join(public, "images") }
-        set :protection, false
+        set :views, Proc.new { File.join(root, 'views') }
+        set :images_path, Proc.new { File.join(public_folder, 'images') }
+        set :protection, true
+        # Haml specific
+        set :haml, { :ugly => (Padrino.env == :production) } if defined?(Haml)
         # Padrino specific
         set :uri_root, '/'
         set :app_name, settings.to_s.underscore.to_sym
         set :default_builder, 'StandardFormBuilder'
-        set :flash, defined?(Sinatra::Flash) || defined?(Rack::Flash)
         set :authentication, false
         # Padrino locale
         set :locale_path, Proc.new { Dir[File.join(settings.root, '/locale/**/*.{rb,yml}')] }
+        # Authenticity token
+        set :protect_from_csrf, false
+        set :allow_disabled_csrf, false
         # Load the Global Configurations
         class_eval(&Padrino.apps_configuration) if Padrino.apps_configuration
       end
@@ -241,27 +250,40 @@ module Padrino
       # Also initializes the application after setting up the middleware
       def setup_default_middleware(builder)
         setup_sessions builder
-        setup_flash builder
         builder.use Padrino::ShowExceptions         if show_exceptions?
         builder.use Padrino::Logger::Rack, uri_root if Padrino.logger && logging?
         builder.use Padrino::Reloader::Rack         if reload?
         builder.use Rack::MethodOverride            if method_override?
         builder.use Rack::Head
+        register    Padrino::Flash
         setup_protection builder
+        setup_csrf_protection builder
         setup_application!
       end
 
-       # TODO Remove this in a few versions (rack-flash deprecation)
-       # Move register Sinatra::Flash into setup_default_middleware
-       # Initializes flash using sinatra-flash or rack-flash
-      def setup_flash(builder)
-        register Sinatra::Flash if flash? && defined?(Sinatra::Flash)
-        if defined?(Rack::Flash) && !defined?(Sinatra::Flash)
-          logger.warn %Q{
-            [Deprecation] In Gemfile, 'rack-flash' should be replaced with 'sinatra-flash'!
-            Rack-Flash is not compatible with later versions of Rack and should be replaced.
-          }
-          builder.use Rack::Flash, :sweep => true if flash?
+      # sets up csrf protection for the app
+      def setup_csrf_protection(builder)
+        if protect_from_csrf? && !sessions?
+          raise(<<-ERROR)
+`protect_from_csrf` is activated, but `sessions` are not. To enable csrf
+protection, use:
+
+    enable :sessions
+
+or deactivate protect_from_csrf:
+
+    disable :protect_from_csrf
+ERROR
+        end
+
+        if protect_from_csrf?
+          if allow_disabled_csrf?
+            builder.use Rack::Protection::AuthenticityToken,
+                        :reaction => :report,
+                        :report_key => 'protection.csrf.failed'
+          else
+            builder.use Rack::Protection::AuthenticityToken
+          end
         end
       end
     end # self

data/lib/padrino-core/application/flash.rb

@@ -0,0 +1,229 @@
+module Padrino
+  module Flash
+
+    class << self
+      # @private
+      def registered(app)
+        app.helpers Helpers
+        app.after do
+          session[:_flash] = @_flash.next if @_flash
+        end
+      end
+    end # self
+
+    class Storage
+      include Enumerable
+
+      # @private
+      def initialize(session=nil)
+        @_now  = session || {}
+        @_next = {}
+      end
+
+      def now
+        @_now
+      end
+
+      def next
+        @_next
+      end
+
+      # @since 0.10.8
+      # @api public
+      def [](type)
+        @_now[type]
+      end
+
+      # @since 0.10.8
+      # @api public
+      def []=(type, message)
+        @_next[type] = message
+      end
+
+      # @since 0.10.8
+      # @api public
+      def delete(type)
+        @_now.delete(type)
+        self
+      end
+
+      # @since 0.10.8
+      # @api public
+      def keys
+        @_now.keys
+      end
+
+      # @since 0.10.8
+      # @api public
+      def key?(type)
+        @_now.key?(type)
+      end
+
+      # @since 0.10.8
+      # @api public
+      def each(&block)
+        @_now.each(&block)
+      end
+
+      # @since 0.10.8
+      # @api public
+      def replace(hash)
+        @_now.replace(hash)
+        self
+      end
+
+      # @since 0.10.8
+      # @api public
+      def update(hash)
+        @_now.update(hash)
+        self
+      end
+      alias_method :merge!, :update
+
+      # @since 0.10.8
+      # @api public
+      def sweep
+        @_now.replace(@_next)
+        @_next = {}
+        self
+      end
+
+      # @since 0.10.8
+      # @api public
+      def keep(key = nil)
+        if key
+          @_next[key] = @_now[key]
+        else
+          @_next.merge!(@_now)
+        end
+        self
+      end
+
+      # @since 0.10.8
+      # @api public
+      def discard(key = nil)
+        if key
+          @_next.delete(key)
+        else
+          @_next = {}
+        end
+        self
+      end
+
+      # @since 0.10.8
+      # @api public
+      def clear
+        @_now.clear
+      end
+
+      # @since 0.10.8
+      # @api public
+      def empty?
+        @_now.empty?
+      end
+
+      # @since 0.10.8
+      # @api public
+      def to_hash
+        @_now.dup
+      end
+
+      def length
+        @_now.length
+      end
+      alias_method :size, :length
+
+      # @since 0.10.8
+      # @api public
+      def to_s
+        @_now.to_s
+      end
+
+      # @since 0.10.8
+      # @api public
+      def error=(message)
+        self[:error] = message
+      end
+
+      # @since 0.10.8
+      # @api public
+      def error
+        self[:error]
+      end
+
+      # @since 0.10.8
+      # @api public
+      def notice=(message)
+        self[:notice] = message
+      end
+
+      # @since 0.10.8
+      # @api public
+      def notice
+        self[:notice]
+      end
+
+      # @since 0.10.8
+      # @api public
+      def success=(message)
+        self[:success] = message
+      end
+
+      # @since 0.10.8
+      # @api public
+      def success
+        self[:success]
+      end
+    end # Storage
+
+    module Helpers
+      ###
+      # Overloads the existing redirect helper in-order to provide support for flash messages
+      #
+      # @overload redirect(url)
+      #   @param [String] url
+      #
+      # @overload redirect(url, status_code)
+      #   @param [String] url
+      #   @param [Fixnum] status_code
+      #
+      # @overload redirect(url, status_code, flash_messages)
+      #   @param [String] url
+      #   @param [Fixnum] status_code
+      #   @param [Hash]   flash_messages
+      #
+      # @overload redirect(url, flash_messages)
+      #   @param [String] url
+      #   @param [Hash]   flash_messages
+      #
+      # @example
+      #   redirect(dashboard, success: :user_created)
+      #   redirect(new_location, 301, notice: 'This page has moved. Please update your bookmarks!!')
+      #
+      # @since 0.10.8
+      # @api public
+      def redirect(url, *args)
+        flashes = args.extract_options!
+
+        flashes.each do |type, message|
+          message = I18n.translate(message) if message.is_a?(Symbol) && defined?(I18n)
+          flash[type] = message
+        end
+
+        super(url, args)
+      end
+      alias_method :redirect_to, :redirect
+
+      ###
+      # Returns the flash storage object
+      #
+      # @return [Storage]
+      #
+      # @since 0.10.8
+      # @api public
+      def flash
+        @_flash ||= Storage.new(env['rack.session'] ? session[:_flash] : {})
+      end
+    end # Helpers
+  end # Flash
+end # Padrino

data/lib/padrino-core/application/rendering.rb

@@ -7,6 +7,16 @@ module Padrino
   # locale enabled rendering, among other features.
   #
   module Rendering
+    ##
+    # A SafeTemplate assumes that its output is safe.
+    #
+    # @api private
+    module SafeTemplate
+      def render(*)
+        super.html_safe
+      end
+    end
+
     ##
     # Exception responsible for when an expected template did not exist.
     #
@@ -25,19 +35,34 @@ module Padrino
     ] unless defined?(IGNORE_FILE_PATTERN)
 
     ##
-    # Default rendering options used in the #render-method.
+    # Default options used in the #resolve_template-method.
     #
     DEFAULT_RENDERING_OPTIONS = { :strict_format => false, :raise_exceptions => true } unless defined?(DEFAULT_RENDERING_OPTIONS)
 
     class << self
+      ##
+      # Default engine configurations for Padrino::Rendering
+      #
+      # @return {Hash<Symbol,Hash>}
+      #   The configurations, keyed by engine.
+      def engine_configurations
+        @engine_configurations ||= {}
+      end
+
       ##
       # Main class that register this extension.
       #
       def registered(app)
-        app.send(:include, InstanceMethods)
-        app.extend(ClassMethods)
+        included(app)
+        engine_configurations.each do |engine, configs|
+          app.set engine, configs
+        end
+      end
+
+      def included(base)
+        base.send(:include, InstanceMethods)
+        base.extend(ClassMethods)
       end
-      alias :included :registered
     end
 
     ##
@@ -152,11 +177,8 @@ module Padrino
         # * Use render 'path/to/template.haml' (with explicit engine lookup)
         # * Use render 'path/to/template', :layout => false
         # * Use render 'path/to/template', :layout => false, :engine => 'haml'
-        # * Use render { :a => 1, :b => 2, :c => 3 } # => return a json string
         #
         def render(engine, data=nil, options={}, locals={}, &block)
-          # If engine is a hash then render data converted to json
-          content_type(:json, :charset => 'utf-8') and return engine.to_json if engine.is_a?(Hash)
 
           # If engine is nil, ignore engine parameter and shift up all arguments
           # render nil, "index", { :layout => true }, { :localvar => "foo" }
@@ -175,10 +197,10 @@ module Padrino
           root = settings.respond_to?(:root) ? settings.root : ""
 
           # Use @layout if it exists
-          options[:layout] = @layout if options[:layout].nil?
-
+          layout_was = options[:layout]
+          options[:layout] = @layout if options[:layout].nil? || options[:layout] == true
           # Resolve layouts similar to in Rails
-          if (options[:layout].nil? || options[:layout] == true) && !settings.templates.has_key?(:layout)
+          if options[:layout].nil? && !settings.templates.has_key?(:layout)
             layout_path, layout_engine = *resolved_layout
             options[:layout] = layout_path || false # We need to force layout false so sinatra don't try to render it
             options[:layout] = false unless layout_engine == engine # TODO allow different layout engine
@@ -186,10 +208,12 @@ module Padrino
           elsif options[:layout].present?
             options[:layout] = settings.fetch_layout_path(options[:layout] || @layout)
           end
+          # Default to original layout value if none found
+          options[:layout] ||= layout_was
 
           # Cleanup the template
           @current_engine, engine_was = engine, @current_engine
-          @_out_buf,  _buf_was = "", @_out_buf
+          @_out_buf,  _buf_was = ActiveSupport::SafeBuffer.new, @_out_buf
 
           # Pass arguments to Sinatra render method
           super(engine, data, options.dup, locals, &block)
@@ -290,3 +314,7 @@ module Padrino
     end # InstanceMethods
   end # Rendering
 end # Padrino
+
+require 'padrino-core/application/rendering/extensions/haml'
+require 'padrino-core/application/rendering/extensions/erubis'
+require 'padrino-core/application/rendering/extensions/slim'