padrino-core 0.10.7 → 0.11.0

data/lib/padrino-core/reloader.rb

@@ -33,7 +33,7 @@ module Padrino
       # Specified constants can be excluded from the code unloading process.
       #
       def exclude_constants
-        @_exclude_constants ||= []
+        @_exclude_constants ||= Set.new
       end
 
       ##
@@ -41,7 +41,7 @@ module Padrino
       # Default included constants are: [none]
       #
       def include_constants
-        @_include_constants ||= []
+        @_include_constants ||= Set.new
       end
 
       ##
@@ -103,9 +103,12 @@ module Padrino
       # We lock dependencies sets to prevent reloading of protected constants
       #
       def lock!
-        klasses = ObjectSpace.classes.map { |klass| klass._orig_klass_name.split('::')[0] }.uniq
+        klasses = ObjectSpace.classes do |klass|
+          klass._orig_klass_name.split('::')[0]
+        end
+
         klasses = klasses | Padrino.mounted_apps.map { |app| app.app_class }
-        Padrino::Reloader.exclude_constants.concat(klasses)
+        Padrino::Reloader.exclude_constants.merge(klasses)
       end
 
       ##
@@ -130,8 +133,8 @@ module Padrino
         end
 
         # Duplicate objects and loaded features before load file
-        klasses = ObjectSpace.classes.dup
-        files   = $LOADED_FEATURES.dup
+        klasses = ObjectSpace.classes
+        files   = Set.new($LOADED_FEATURES.dup)
 
         # Now we can reload dependencies of our file
         if features = LOADED_FILES.delete(file)
@@ -142,7 +145,7 @@ module Padrino
         begin
           logger.devel :loading, began_at, file if !reload
           logger.debug :reload,  began_at, file if  reload
-          $LOADED_FEATURES.delete(file)
+          $LOADED_FEATURES.delete(file) if files.include?(file)
           verbosity_was, $-v = $-v, nil
           loaded = false
           require(file)
@@ -152,18 +155,17 @@ module Padrino
           logger.error "Cannot require #{file} due to a syntax error: #{e.message}"
         ensure
           $-v = verbosity_was
-          new_constants = (ObjectSpace.classes - klasses).uniq
+          new_constants = ObjectSpace.new_classes(klasses)
           if loaded
             # Store the file details
             LOADED_CLASSES[file] = new_constants
-            LOADED_FILES[file]   = ($LOADED_FEATURES - files - [file]).uniq
+            LOADED_FILES[file]   = Set.new($LOADED_FEATURES) - files - [file]
             # Track only features in our Padrino.root
             LOADED_FILES[file].delete_if { |feature| !in_root?(feature) }
           else
             logger.devel "Failed to load #{file}; removing partially defined constants"
             new_constants.each { |klass| remove_constant(klass) }
           end
-
         end
       end
 
@@ -183,8 +185,8 @@ module Padrino
       # Removes the specified class and constant.
       #
       def remove_constant(const)
-        return if exclude_constants.compact.uniq.any? { |c| const._orig_klass_name.index(c) == 0 } &&
-                 !include_constants.compact.uniq.any? { |c| const._orig_klass_name.index(c) == 0 }
+        return if exclude_constants.any? { |c| const._orig_klass_name.index(c) == 0 } &&
+                 !include_constants.any? { |c| const._orig_klass_name.index(c) == 0 }
         begin
           parts  = const.to_s.sub(/^::(Object)?/, 'Object::').split('::')
           object = parts.pop

data/lib/padrino-core/server.rb

@@ -4,8 +4,8 @@ module Padrino
   # thin, mongrel, or webrick in that order.
   #
   # @example
-  #   Padrino.run! # with these defaults => host: "localhost", port: "3000", adapter: the first found
-  #   Padrino.run!("localhost", "4000", "mongrel") # use => host: "0.0.0.0", port: "3000", adapter: "mongrel"
+  #   Padrino.run! # with these defaults => host: "127.0.0.1", port: "3000", adapter: the first found
+  #   Padrino.run!("0.0.0.0", "4000", "mongrel") # use => host: "0.0.0.0", port: "4000", adapter: "mongrel"
   #
   def self.run!(options={})
     Padrino.load!
@@ -17,13 +17,13 @@ module Padrino
   #
   class Server < Rack::Server
     # Server Handlers
-    Handlers = [:thin, :mongrel, :trinidad, :webrick]
+    Handlers = [:thin, :puma, :mongrel, :trinidad, :webrick]
 
     # Starts the application on the available server with specified options.
     def self.start(app, opts={})
       options = {}.merge(opts) # We use a standard hash instead of Thor::CoreExt::HashWithIndifferentAccess
       options.symbolize_keys!
-      options[:Host] = options.delete(:host) || '0.0.0.0'
+      options[:Host] = options.delete(:host) || '127.0.0.1' 
       options[:Port] = options.delete(:port) || 3000
       options[:AccessLog] = []
       if options[:daemonize]

data/lib/padrino-core/support_lite.rb

@@ -9,6 +9,7 @@ require 'active_support/core_ext/object/blank'              # present?
 require 'active_support/core_ext/array/extract_options'     # extract_options
 require 'active_support/inflector/methods'                  # constantize
 require 'active_support/inflector/inflections'              # pluralize
+require 'active_support/core_ext/string/output_safety'      # SafeBuffer and html_safe
 require 'active_support/inflections'                        # load default inflections
 require 'yaml' unless defined?(YAML)                        # load yaml for i18n
 require 'win32console' if RUBY_PLATFORM =~ /(win|m)32/      # ruby color support for win
@@ -110,13 +111,49 @@ end
 
 module ObjectSpace
   class << self
+    ##
     # Returns all the classes in the object space.
-    def classes
-      ObjectSpace.each_object(Module).select do |klass|
-        # Why? Ruby, when you remove a costant dosen't remove it from
-        # rb_tables, this mean that here we can find classes that was
-        # removed.
-        klass.name rescue false
+    # Optionally, a block can be passed, for example the following code
+    # would return the classes that start with the character "A":
+    #
+    #  ObjectSpace.classes do |klass|
+    #    if klass.to_s[0] == "A"
+    #      klass
+    #    end
+    #  end
+    #
+    def classes(&block)
+      rs = Set.new
+
+      ObjectSpace.each_object(Class).each do |klass|
+        if block
+          if r = block.call(klass)
+            # add the returned value if the block returns something
+            rs << r
+          end
+        else
+          rs << klass
+        end
+      end
+
+      rs
+    end
+
+    ##
+    # Returns a list of existing classes that are not included in "snapshot"
+    # This method is useful to get the list of new classes that were loaded
+    # after an event like requiring a file.
+    # Usage:
+    #
+    #   snapshot = ObjectSpace.classes
+    #   # require a file
+    #   ObjectSpace.new_classes(snapshot)
+    #
+    def new_classes(snapshot)
+      self.classes do |klass|
+        if !snapshot.include?(klass)
+          klass
+        end
       end
     end
   end

data/lib/padrino-core/version.rb

@@ -6,7 +6,7 @@
 #
 module Padrino
   # The version constant for the current version of Padrino.
-  VERSION = '0.10.7' unless defined?(Padrino::VERSION)
+  VERSION = '0.11.0' unless defined?(Padrino::VERSION)
 
   #
   # The current Padrino version.

data/padrino-core.gemspec

@@ -31,8 +31,13 @@ Gem::Specification.new do |s|
   # s.post_install_message << "\n\e[32m" + ("*" * 20) + "\n\e[0m"
 
   s.add_dependency("tilt", "~> 1.3.0")
-  s.add_dependency("sinatra", "~> 1.3.1")
-  s.add_dependency("http_router", "~> 0.10.2")
-  s.add_dependency("thor", "~> 0.15.2")
-  s.add_dependency("activesupport", "~> 3.2.0")
+  if ENV["SINATRA_EDGE"]
+    s.add_dependency("sinatra")
+  else
+    s.add_dependency("sinatra", "~> 1.4.2")
+  end
+  s.add_dependency("http_router", "~> 0.11.0")
+  s.add_dependency("thor", "~> 0.17.0")
+  s.add_dependency("activesupport", ">= 3.1.0")
+  s.add_dependency("rack-protection", ">= 1.5.0")
 end

data/test/fixtures/app_gem/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in app_gem.gemspec
+gemspec

data/test/fixtures/app_gem/app/app.rb

@@ -0,0 +1,3 @@
+class AppGem::App < Padrino::Application
+  set :version, AppGem::VERSION
+end

data/test/fixtures/app_gem/app_gem.gemspec

@@ -0,0 +1,17 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/app_gem/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Florian Gilcher"]
+  gem.email         = ["florian.gilcher@asquera.de"]
+  gem.description   = %q{TODO: Write a gem description}
+  gem.summary       = %q{TODO: Write a gem summary}
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "app_gem"
+  gem.require_paths = ["app", "lib"]
+  gem.version       = AppGem::VERSION
+end

data/test/fixtures/app_gem/lib/app_gem.rb

@@ -0,0 +1,7 @@
+require 'padrino'
+
+module AppGem
+  extend Padrino::Module
+
+  gem! 'app_gem'
+end

data/test/fixtures/app_gem/lib/app_gem/version.rb

@@ -0,0 +1,3 @@
+module AppGem
+  VERSION = "0.0.1"
+end

data/test/mini_shoulda.rb

@@ -1,7 +1,7 @@
 gem 'minitest'
 require 'minitest/spec'
 require 'minitest/autorun'
-require 'mocha' # Load mocha after minitest
+require 'mocha/setup'
 
 begin
   require 'ruby-debug'

data/test/test_application.rb

@@ -1,17 +1,13 @@
 require File.expand_path(File.dirname(__FILE__) + '/helper')
+require 'haml'
 
 class PadrinoPristine < Padrino::Application; end
-class PadrinoTestApp < Padrino::Application; end
+class PadrinoTestApp  < Padrino::Application; end
 class PadrinoTestApp2 < Padrino::Application; end
 
 describe "Application" do
-  def setup
-    Padrino.clear!
-  end
-
-  def teardown
-    remove_views
-  end
+  before { Padrino.clear! }
+  after  { remove_views }
 
   context 'for application functionality' do
 
@@ -19,24 +15,36 @@ describe "Application" do
       assert File.identical?(__FILE__, PadrinoPristine.app_file)
       assert_equal :padrino_pristine, PadrinoPristine.app_name
       assert_equal :test, PadrinoPristine.environment
-      assert_equal Padrino.root("views"), PadrinoPristine.views
-      assert PadrinoPristine.raise_errors
+      assert_equal Padrino.root('views'), PadrinoPristine.views
+      assert  PadrinoPristine.raise_errors
       assert !PadrinoPristine.logging
       assert !PadrinoPristine.sessions
       assert !PadrinoPristine.dump_errors
       assert !PadrinoPristine.show_exceptions
-      assert PadrinoPristine.raise_errors
+      assert  PadrinoPristine.raise_errors
       assert !Padrino.configure_apps
     end
 
+    should 'check haml options on production' do
+      assert defined?(Haml), 'Haml not defined'
+      assert_equal :test, PadrinoPristine.environment
+      assert !PadrinoPristine.haml[:ugly]
+      Padrino.stub :env, :production do
+        PadrinoPristine.send :default_configuration!
+        assert_equal :production, Padrino.env
+        assert_equal :production, PadrinoPristine.environment
+        assert PadrinoPristine.haml[:ugly]
+        PadrinoPristine.environment = :test
+      end
+    end
+
     should 'check padrino specific options' do
       assert !PadrinoPristine.instance_variable_get(:@_configured)
       PadrinoPristine.send(:setup_application!)
       assert_equal :padrino_pristine, PadrinoPristine.app_name
       assert_equal 'StandardFormBuilder', PadrinoPristine.default_builder
-      assert PadrinoPristine.instance_variable_get(:@_configured)
+      assert  PadrinoPristine.instance_variable_get(:@_configured)
       assert !PadrinoPristine.reload?
-      assert !PadrinoPristine.flash
     end
 
     should 'set global project settings' do
@@ -48,18 +56,27 @@ describe "Application" do
       assert_equal PadrinoTestApp.session_secret, PadrinoTestApp2.session_secret
     end
 
+    should 'be able to configure_apps multiple times' do
+      Padrino.configure_apps { set :foo1, "bar" }
+      Padrino.configure_apps { set :foo1, "bam" }
+      Padrino.configure_apps { set :foo2, "baz" }
+      PadrinoTestApp.send(:default_configuration!)
+      assert_equal "bam", PadrinoTestApp.settings.foo1, "should have foo1 assigned to bam"
+      assert_equal "baz", PadrinoTestApp.settings.foo2, "should have foo2 assigned to baz"
+    end
+
     should "have shared sessions accessible in project" do
       Padrino.configure_apps { enable :sessions; set :session_secret, 'secret' }
       Padrino.mount("PadrinoTestApp").to("/write")
       Padrino.mount("PadrinoTestApp2").to("/read")
-      PadrinoTestApp.tap { |app| app.send(:default_configuration!)
-        app.get("/") { session[:foo] = "shared" } }
-      PadrinoTestApp2.tap { |app| app.send(:default_configuration!)
-        app.get("/") { session[:foo] } }
-      browser = Rack::Test::Session.new(Rack::MockSession.new(Padrino.application))
-      browser.get '/write'
-      browser.get '/read'
-      assert_equal 'shared', browser.last_response.body
+      PadrinoTestApp.send :default_configuration!
+      PadrinoTestApp.get('/') { session[:foo] = "shared" }
+      PadrinoTestApp2.send(:default_configuration!)
+      PadrinoTestApp2.get('/') { session[:foo] }
+      @app = Padrino.application
+      get '/write'
+      get '/read'
+      assert_equal 'shared', body
     end
 
     # compare to: test_routing: allow global provides

data/test/test_csrf_protection.rb

@@ -0,0 +1,80 @@
+require File.expand_path(File.dirname(__FILE__) + '/helper')
+
+describe "Application" do
+  before { Padrino.clear! }
+  after  { remove_views }
+
+  context 'CSRF protection' do
+    context "with CSRF protection on" do
+      before do
+        mock_app do
+          enable :sessions
+          enable :protect_from_csrf
+          post('/'){ 'HI' }
+        end
+      end
+
+      should "not allow requests without tokens" do
+        post "/"
+        assert_equal 403, status
+      end
+
+      should "allow requests with correct tokens" do
+        post "/", {"authenticity_token" => "a"}, 'rack.session' => {:csrf => "a"}
+        assert_equal 200, status
+      end
+
+      should "not allow requests with incorrect tokens" do
+        post "/", {"authenticity_token" => "a"}, 'rack.session' => {:csrf => "b"}
+        assert_equal 403, status
+      end
+    end
+
+    context "without CSRF protection on" do
+      before do
+        mock_app do
+          enable :sessions
+          disable :protect_from_csrf
+          post('/'){ 'HI' }
+        end
+      end
+
+      should "allows requests without tokens" do
+        post "/"
+        assert_equal 200, status
+      end
+
+      should "allow requests with correct tokens" do
+        post "/", {"authenticity_token" => "a"}, 'rack.session' => {:csrf => "a"}
+        assert_equal 200, status        
+      end
+
+      should "allow requests with incorrect tokens" do
+        post "/", {"authenticity_token" => "a"}, 'rack.session' => {:csrf => "b"}
+        assert_equal 200, status
+      end
+    end
+
+    context "with optional CSRF protection" do
+      before do
+        mock_app do
+          enable :sessions
+          enable :protect_from_csrf
+          set :allow_disabled_csrf, true
+          post('/on') { 'HI' }
+          post('/off', :csrf_protection => false) { 'HI' }
+        end
+      end
+
+      should "allow access to routes with csrf_protection off" do
+        post "/off"
+        assert_equal 200, status
+      end
+
+      should "not allow access to routes with csrf_protection on" do
+        post "/on"
+        assert_equal 403, status
+      end
+    end
+  end
+end

data/test/test_filters.rb

@@ -275,4 +275,74 @@ describe "Filters" do
     get '/foo'
     assert_equal 'before', test
   end
+
+  should "call before filters only once" do
+    once = ''
+    mock_app do
+      error 500 do
+        'error 500'
+      end
+      before do
+        once += 'before'
+      end
+      get :index do
+        raise Exception, 'Oops'
+      end
+    end
+
+    get '/'
+    assert_equal 'before', once
+  end
+
+  should 'catch exceptions in before filters' do
+    doodle = nil
+    mock_app do
+      after do
+        doodle = 'Been after'
+      end
+      before do
+        raise StandardError, "before"
+      end
+      get :index do
+        doodle = 'Been now'
+      end
+      error 500 do
+        "We broke #{env['sinatra.error'].message}"
+      end
+    end
+
+    get '/'
+    assert_equal 'We broke before', body
+    assert_equal nil, doodle
+  end
+
+  should 'catch exceptions in after filters if no exceptions caught before' do
+    doodle = ''
+    mock_app do
+      after do
+        doodle += ' and after'
+        raise StandardError, "after"
+      end
+      get :foo do
+        doodle = 'Been now'
+        raise StandardError, "now"
+      end
+      get :index do
+        doodle = 'Been now'
+      end
+      error 500 do
+        "We broke #{env['sinatra.error'].message}"
+      end
+    end
+
+    get '/foo'
+    assert_equal 'We broke now', body
+    assert_equal 'Been now', doodle
+
+    doodle = ''
+    get '/'
+    assert_equal 'We broke after', body
+    assert_equal 'Been now and after', doodle
+  end
+
 end