rad_core 0.0.25 → 0.0.26

data/lib/rad/html/_require.rb

@@ -1,6 +1,6 @@
 class Rad::Html
   attr_accessor :remote_link_formats
-  require_attr :remote_link_formats
+  attr_required :remote_link_formats
 end
 
 %w(

data/lib/rad/http/_http.rb

@@ -1,11 +1,15 @@
-class Rad::Http  
-  inject environment: :environment
-  attr_reader :rack_adapter, :http_adapter    
+class Rad::Http
+  # inject environment: :environment
+  attr_reader :rack_adapter, :http_adapter
+  
+  attr_writer :browser_generated_types, :browser_generated_formats
+  def browser_generated_types; @browser_generated_types ||= [] end
+  def browser_generated_formats; @browser_generated_formats ||= [] end
   
   def initialize
     @rack_adapter, @http_adapter = Rad::Http::RackAdapter.new, Rad::Http::HttpAdapter.new
   end    
   
   delegate :configure_rack!, :stack, :run, to: :rack_adapter
-  delegate :call, :mock_environment, to: :http_adapter
+  delegate :call, to: :http_adapter
 end

data/lib/rad/http/_http_adapter.rb

@@ -20,25 +20,5 @@ class Rad::Http::HttpAdapter
   #   env['rack.input'] ||= StringIO.new        
   #   
   #   call env, workspace, &block
-  # end
-
-  def mock_environment url = nil
-    env = {
-      'rack.url_scheme' => 'http',
-      'PATH_INFO' => '/',
-      'HTTP_HOST' => 'spec',
-      'rack.input' => StringIO.new
-    }
-    if url
-      uri = Uri.parse url
-      env.merge!(
-        'HTTP_HOST'    => %(#{uri.host}#{":#{uri.port}" if uri.port.present?}),
-        # 'REQUEST_PATH' => uri.path,
-        'PATH_INFO'    => uri.path,
-        # 'REQUEST_URI'  => uri.path,
-        'QUERY_STRING' => uri.query            
-      )
-    end
-    env
-  end
+  # end  
 end

data/lib/rad/http/_request.rb

@@ -7,8 +7,7 @@ class Rad::Http::Request < Rack::Request
   # def secure?
   #   (@env['HTTP_X_FORWARDED_PROTO'] || @env['rack.url_scheme']) == 'https'
   # end
-
-
+  
   # Returns all the \subdomains as an array, so <tt>["dev", "www"]</tt> would be
   # returned for "dev.www.rubyonrails.org". You can specify a different <tt>tld_length</tt>,
   # such as 2 to catch <tt>["www"]</tt> instead of <tt>["www", "rubyonrails"]</tt>
@@ -36,11 +35,53 @@ class Rad::Http::Request < Rack::Request
   def normalized_domain
     return nil unless named_host?(host)
     host.sub('www.', '').downcase
-    # subdomains = request.subdomains.select{|n| n != 'www'}
-    # subdomain = subdomains.last
-    # pure_domain = request.domain.sub(/\A#{subdomains.join(".")}\./, "")
-    # 
-    # domain = subdomain.blank? ? pure_domain : "#{subdomain}.#{pure_domain}"
+  end
+  
+  def from_browser?
+    # format = workspace.params.format
+    # (format.present? and !rad.http.browser_generated_formats.include?(format)) or
+    content_type.present? and rad.http.browser_generated_types.include?(content_type.downcase)
+  end
+
+  # 
+  # Need this to access original, not normalized with Utils.normalize_params params
+  # 
+  def raw_params
+    post = {}
+    @env['rack.input'].read.split('&').each do |tuple|
+      k, v = tuple.split('=')
+      post[Rack::Utils.unescape(k || "")] = Rack::Utils.unescape(v || "")
+    end
+    self.GET.merge(post)
+  rescue EOFError
+    self.GET
+  end
+  
+  class << self        
+    def stub url = '/'
+      env = stub_environment(url)
+      Rad::Http::Request.new env
+    end
+    
+    def stub_environment url = nil
+      env = {
+        'rack.url_scheme' => 'http',
+        'PATH_INFO' => '/',
+        'HTTP_HOST' => 'test.com',
+        'rack.input' => StringIO.new
+      }
+      if url
+        uri = Uri.parse url
+        env.merge!(
+          'HTTP_HOST'    => %(#{uri.host}#{":#{uri.port}" if uri.port.present?}),
+          # 'REQUEST_PATH' => uri.path,
+          'PATH_INFO'    => uri.path,
+          # 'REQUEST_URI'  => uri.path,
+          'QUERY_STRING' => uri.query            
+        )
+      end
+      env
+    end
   end
 
   protected    

data/lib/rad/http/_require.rb

@@ -6,7 +6,7 @@ require 'rack/builder'
 
 class Rad::Http
   attr_accessor :host, :port, :static, :url_root, :default_format, :session
-  require_attr :host, :port, :url_root, :default_format
+  attr_required :host, :port, :url_root, :default_format
   def static?; !!@static end  
   
   attr_writer :public_path

data/lib/rad/http/_response.rb

@@ -47,7 +47,7 @@ class Rad::Http::Response < Rack::Response
     
   def clear
     @status = 200
-    @header = Rack::Utils::HeaderHash.new("Content-Type" => nil)
+    @header = Rack::Utils::HeaderHash.new("Content-Type" => nil)    
     @length = 0
     @body = []
   end    

data/lib/rad/http/_support/rack/fixes.rb

@@ -19,6 +19,12 @@ class Rack::Request
   def params
     @params ||= encode_in_utf8(params_with_wrong_encoding)
   end
+  
+  # it returns "application/x-www-form-urlencoded; charset=UTF-8" instead of "application/x-www-form-urlencoded"
+  def content_type_with_fix    
+    content_type_without_fix && content_type_without_fix.split(';').first
+  end
+  alias_method_chain :content_type, :fix
 
   protected
     def encode_in_utf8 hash

data/lib/rad/http/processors/prepare_params.rb

@@ -6,7 +6,7 @@ rad.http
 class PrepareParams < Rad::Conveyors::Processor
   def call    
     workspace.env.must_be.defined    
-    workspace.request = Rad::Http::Request.new(workspace.env)
+    workspace.request = Rad::Http::Request.new(workspace.env)    
     workspace.path = workspace.request.path
     params = workspace.params = Rad::Conveyors::Params.new(workspace.request.params)
 

data/lib/rad/mailer/processors/letter_builder.rb

@@ -5,17 +5,11 @@ class LetterBuilder < Rad::Conveyors::Processor
     # prepare
     controller = workspace.controller.must_be.present
     raise "The controller #{controller} must be a Rad::Mailer::MailerController!" unless controller.is_a? Rad::Mailer::MailerController
-    action = workspace.action = workspace.method_name
+    action_name = workspace.action_name = workspace.method_name
 
     # call
-    content = catch :halt do
-      controller.run_callbacks :action, method: action do          
-        # call controller
-        controller.send action, *workspace.arguments
-        # render view
-        controller.render action: action          
-      end
-    end
+    controller.set! params: workspace.params, action_name: workspace.action_name
+    content = controller.call action_name, *workspace.arguments    
     
     controller.body = content unless content.blank?
     

data/lib/rad/profiles/web.rb

@@ -1,7 +1,18 @@
+# 
+# Router
+# 
+rad.router.routers = [
+  [:alias_router, Rad::Router::AliasRouter.new],
+  [:basic_router, Rad::Router::BasicRouter.new],    
+  [:restful_router, Rad::Router::RestfulRouter.new],
+  [:object_router, Rad::Router::ObjectRouter.new]
+]
+
+
 # 
 # Conveyors
 # 
-rad.conveyors.web do |web|      
+rad.conveyors.web do |web|
   # conveyor      
   web.use Rad::Conveyors::Processors::ConveyorLogger
 
@@ -11,35 +22,49 @@ rad.conveyors.web do |web|
   web.use Rad::Http::Processors::EvaluateFormat
   web.use Rad::Http::Processors::HttpLogger
 
+  # forgery protection
+  web.use Rad::Web::Processors::PrepareAutenticityToken
+
+  # ensure no www
+  web.use Rad::Web::Processors::EnsureNoWww
+
+  # ajax
+  web.use Rad::Web::Processors::AjaxHelper
+
   # html
   # web.use ScopedParams
   web.use Rad::Html::Processors::PrepareFlash
-  
+
   # controller
   web.use Rad::Controller::Processors::ControllerErrorHandling
-  
+
   # router
   web.use Rad::Router::Processors::Router, :class, :method_name
 
   # controller      
   web.use Rad::Controller::Processors::ControllerLogger
   web.use Rad::Controller::Processors::ControllerCaller
-        
-  web.build!            
+
+  web.build!
 end
 
 
 # 
-# Rack
+# RackAdapter
 # 
-rad.http.stack.push(-> builder { 
+rad.http.stack.push(-> builder {
   # CommonLogger, ShowExceptions, Lint
   builder.use Rack::Lint if rad.development?
-  # builder.use Rad::Middleware::StaticFiles if rad.http.static? and rad.http.public_path? and rad.development?
   
-  # use Rack::Session::Cookie, key: 'rack.session', domain: 'foo.com', path: '/', expire_after: 2592000, secret: 'change_me'
+  # Static Files
+  if rad.http.static? and rad.http.public_path and rad.development?
+    filters = /^\/.*?\/static\/|^\/static\/|\/favicon/
+    builder.use Rad::Assets::StaticFiles, filters
+  end
+
+  # use Rack::Session::Cookie, key: 'rack.session', domain: 'foo.com', path: '/', expire_after: 2592000, secret: 'change_me'  
   builder.use Rack::Session::Cookie, rad.http.session.stringify_keys if rad.http.session
-  
+
   # builder.use Rack::CommonLogger
   builder.use Rack::MethodOverride
 })

data/lib/rad/router/_router.rb

@@ -72,7 +72,7 @@ class Rad::Router
         
     raise "invalid route! No method '#{method}' for #{klass}!" unless klass.instance_methods.include? method
     raise "invalid route! You try to call protected method '#{method}' for '#{path}'!" unless klass.public_instance_methods.include? method
-  
+
     return klass, method, params
   end
   

data/lib/rad/spec/http_controller.rb

@@ -44,8 +44,8 @@ rspec do
     before{set_controller controller_class}
   end
   
-  def wcall *args, &block    
-    workspace_variables, params = parse_wcall_arguments *args
+  def wcall *args, &block
+    workspace_variables, params = parse_wcall_arguments *args    
     ccall nil, nil, params, workspace_variables, &block
   end
   
@@ -64,14 +64,18 @@ rspec do
 
       workspace_variables = {}            
       if args.size == 1 and first.is_a?(String) and first =~ /^\/|^http:/
-        if first =~ /^\//
-          workspace_variables[:path] = first
-        else
-          uri = Uri.parse first          
-          workspace_variables[:path] = uri.path
-          workspace_variables[:params] = uri.query_values
-          workspace_variables[:env] = rad.http.mock_environment(first)      
-        end
+        uri = Uri.parse first          
+        workspace_variables[:path] = uri.path
+        workspace_variables[:params] = uri.query_values          
+        workspace_variables[:env] = Rad::Http::Request.stub_environment(first)
+        # if first =~ /^\//
+        #   workspace_variables[:path] = first
+        # else          
+        #   uri = Uri.parse first          
+        #   workspace_variables[:path] = uri.path
+        #   workspace_variables[:params] = uri.query_values          
+        #   workspace_variables[:env] = Rad::Http::Request.stub_environment(first)      
+        # end
       elsif (first.is_a?(String) or first.is_a?(Symbol)) and args.size <= 2
         workspace_variables[:path] = '/'
         workspace_variables[:class] = wcall_options[:controller] || raise("not defined wcall controller (use set_wcall controller: SomeController)!")
@@ -88,7 +92,7 @@ rspec do
       
       # preparing environment
       workspace_variables[:env] ||= {}
-      workspace_variables[:env].reverse_merge! rad.http.mock_environment      
+      workspace_variables[:env].reverse_merge! Rad::Http::Request.stub_environment      
 
       # setting request method
       if request_method = params.delete(:_method) || params.delete('_method')

data/lib/rad/spec/web.rb

@@ -0,0 +1,7 @@
+require 'rad/web/_require'
+
+Rad::Controller::Http::ClassMethods.class_eval do
+# Rad::Controller::ForgeryProtector.class_eval do
+  alias_method :protect_from_forgery_without_test, :protect_from_forgery
+  def protect_from_forgery; end
+end

data/lib/rad/spec.rb

@@ -10,4 +10,5 @@ require 'rad'
   remote
   mailer
   router
+  web
 ).each{|f| require "rad/spec/#{f}"}

data/lib/rad/tasks.rb

@@ -0,0 +1,15 @@
+require 'rake_ext'
+require 'ruby_ext'
+
+task :environment do
+  require 'rad'
+  rad.mode = ENV['m'] || ENV['mode'] || ENV['env'] || ENV['environment'] || :development
+  
+  require 'rad/cli/helper'
+  Rad::Cli::Helper.use_runtime_path!
+  
+  rad.runtime_path = File.expand_path '.'
+
+  load "./init.rb"
+  rad.environment
+end

data/lib/rad/template/_context.rb

@@ -63,10 +63,6 @@ class Rad::Template::Context
   end
   def has_content_for? name
     content_variables.include? name.to_s
-  end    
-    
-  def params
-    workspace.params
   end
   
   def find_relative_template *args

data/lib/rad/template/_template.rb

@@ -2,7 +2,7 @@ class Rad::Template
   inject logger: :logger, environment: :environment
 
   attr_accessor :relative_path_resolver, :prefixes
-  require_attr :prefixes
+  attr_required :prefixes
   
   def initialize
     @relative_path_resolver = RelativePathResolver.new

data/lib/rad/web/_ajax_helper.rb

@@ -0,0 +1,16 @@
+# Sets format for :js as :html and wraps body into <textarea>
+# Forms with files can be submitted by ajax only via iframe, and it requires 
+# the response have 'html' encoding and be wrapped into <textarea>
+class Rad::Web::Processors::AjaxHelper < Rad::Conveyors::Processor
+  def call
+    response = workspace.response.must_be.defined
+    request = workspace.request.must_be.defined
+    
+    next_processor.call
+    
+    if workspace.params? and workspace.params.format == 'js' and !request.xhr?
+      response.content_type = Mime['html']
+      workspace.content = "<textarea>#{workspace.content}</textarea>"
+    end          
+  end
+end

data/lib/rad/{core_web/_controller_micelaneous_helper.rb → web/_controller_miscellaneous_helper.rb}

@@ -1,4 +1,4 @@
-module Rad::ControllerMicelaneousHelper
+module Rad::ControllerMiscellaneousHelper
   def reload_page
     params = workspace.params
     params.format.must_be.in 'html', 'js'
@@ -11,7 +11,7 @@ module Rad::ControllerMicelaneousHelper
       )
       throw :halt, "window.location.reload();"
     else
-      redirect_to workspace.request.env["HTTP_REFERER"]
+      redirect_to request.env["HTTP_REFERER"]
     end              
   end    
 end

data/lib/rad/web/_ensure_no_www.rb

@@ -0,0 +1,30 @@
+# enshure domain has no www. except if there's custom subdomain
+class Rad::Web::Processors::EnsureNoWww < Rad::Conveyors::Processor
+  def call
+    workspace.params.must_be.defined
+    if workspace.params.format == 'html' and url_with_www?
+      redirect_without_www
+    else
+      next_processor.call
+    end
+  end            
+  
+  protected
+    def uri
+      @uri ||= Uri.parse workspace.request.url
+    end
+  
+    def url_with_www?
+      uri.host =~ /^www\./
+    end
+    
+    def redirect_without_www
+      uri.host = uri.host.sub(/^www\./, '')
+      url = uri.to_s
+      
+      response = workspace.response
+      response.status = 301
+      response.headers['Location'] = url
+      response.body = %(<html><body>You are being <a href="#{url.html_escape}">redirected</a>.</body></html>)
+    end
+end

data/lib/rad/web/_protect_from_forgery.rb

@@ -0,0 +1,71 @@
+# 
+# Processor
+# 
+class Rad::Web::Processors::PrepareAutenticityToken < Rad::Conveyors::Processor      
+  def call        
+    if rad.http.session
+      request = workspace.request.must_be.defined
+      params = workspace.params.must_be.defined
+          
+      token = request.session['authenticity_token']
+
+      if token.blank? and request.get?
+        token = generate_authenticity_token
+        request.session['authenticity_token'] = token
+      end              
+    end
+    
+    next_processor.call
+  end
+
+    
+  protected
+    def generate_authenticity_token
+      ActiveSupport::SecureRandom.base64(32)
+    end
+end
+
+
+# 
+# Controller
+# 
+module Rad::Controller::ForgeryProtector
+  attr_reader :authenticity_token  
+  protected
+    def protect_from_forgery
+      if request.session        
+        sat = request.session['authenticity_token']        
+
+        raise "invalid authenticity token!" unless \
+          request.get? or
+          !request.from_browser? or
+          (sat.present? and sat == params.authenticity_token)
+
+        @authenticity_token = sat
+      end
+    end
+end
+
+Rad::Controller::Http.include Rad::Controller::ForgeryProtector
+
+Rad::Controller::Http::ClassMethods.class_eval do    
+  def protect_from_forgery options = {}
+    before :protect_from_forgery, options
+  end
+end
+
+
+# 
+# View
+# 
+Rad::Html::FormHelper.class_eval do
+  attr_reader :authenticity_token
+
+  alias_method :form_tag_without_at, :form_tag
+  def form_tag *args, &b    
+    form_tag_without_at *args do
+      concat(hidden_field_tag('authenticity_token', authenticity_token) + "\n") if authenticity_token
+      b.call if b
+    end
+  end
+end

data/lib/rad/{core_web → web}/_require.rb

@@ -1,10 +1,19 @@
+module Rad::Web
+  module Processors
+  end
+end
+
 %w(
-  _controller_micelaneous_helper
+  _controller_miscellaneous_helper
   
   _router/abstract_routing_helper
   _router/view_routing_helper    
-  _router/controller_routing_helper        
-).each{|f| require "rad/core_web/#{f}"}
+  _router/controller_routing_helper
+  
+  _ajax_helper
+  _ensure_no_www
+  _protect_from_forgery
+).each{|f| require "rad/web/#{f}"}
 
 
 # View helpers
@@ -19,7 +28,7 @@ end
 [    
   Rad::Html::FlashHelper,
   Rad::Router::CoreRoutingHelper, Rad::ControllerRoutingHelper,  
-  Rad::ControllerMicelaneousHelper  
+  Rad::ControllerMiscellaneousHelper  
 ].each do |helper|
   Rad::Controller::Abstract.inherit helper
 end

data/lib/rad.rb

@@ -1,5 +1,5 @@
 module Rad
-  VERSION = '0.0.1'
+  VERSION = '0.2.1'
 end
 
 require 'rad/_support/require'

data/readme.md

@@ -1,20 +1,27 @@
 # Rad - Ruby Web Framework
 
-Goals: **give You tools to fight complexity** and freedom to do it in a way You like.
+Simple and highly customizable Web Framework encouraging to build an app as a set of low-coupled components instead of monolith. 
+With an architecture heavily inspired by Rails, Spring IoC, JBoss Seam and JEE (but without config burden).
 
-You can start quickly using one of predefined *opinionated* profiles, or take a total control over all aspects of environment and completelly modify it according to Your goals. 
+You can start instantly using one of predefined profiles, or take a total control over all aspects of environment and completelly modify it according to Your goals (everything is a component, if You don't like the router, controller or views - throw it out and introduce Your own).
 
-If You whould like **to see it working, please go to http://ruby-lang.info** - that site powered by Rad.
+Usually, the first thing You want to now about some unknown framework: "where's the demo?" and "where's the sample?". 
 
-It's designed to:
+Here's some **sites built with Rad**:
+
+[![](https://github.com/alexeypetrushin/rad_core/raw/master/docs/robotigra.thumb.png)](http://robotigra.ru)  [![](https://github.com/alexeypetrushin/rad_core/raw/master/docs/petrushin.thumb.png)](http://petrush.in)  [![](https://github.com/alexeypetrushin/rad_core/raw/master/docs/rubylang.thumb.png)](http://ruby-lang.info)
+
+Here's the classic **sample blog app** [rad-sample.heroku.com](http://rad-sample.heroku.com) (it's hosted using free Heroku instance and sometimes it takes about 10sec to start up, so please be patient) sources  [github.com/alexeypetrushin/rad_sample](http://github.com/alexeypetrushin/rad_sample)
+
+## Goals behind this framework:
 
 - Divide and rule (build app as a set of cooperated components)
-- True support for OOP (models, routes, controllers/resources + views)
+- True support for OOP (models, controllers, polymorphic routes, plymorphic views)
 - Simple things should be simple (simple API, instant start with minimal config)
 - Complete control if You need it, it's designed to be open and customizable
 - Agile/Extreme development should be easy (specs, iterative development, fast prototyping)
 
-## Some thecnical thoughts and ideas
+## Some thecnical thoughts and ideas:
 
 - I tried to keep codebase as small and simple as possible and delegate job do another libraries, so actually it's an integration layer on top of other libraries that focuses on providing nice and consistent interface.
 - It uses "conveyors" for assembling all kind of responces, and it's very easy to set custom assembly chain or modify existing one. This way You have a strong controll over wide aspects of framework.
@@ -58,4 +65,4 @@ With Rad I tried to save all the goodness and use API as closed to Rails as poss
 
 ## License
 
-Copyright (c) Alexey Petrushin http://4ire.net, released under the **MIT** license.
+Copyright (c) Alexey Petrushin http://petrush.in, released under the **MIT** license.

data/spec/controller/abstract_spec.rb

@@ -25,14 +25,14 @@ describe "Abstract" do
     ccall WorkspaceVariablesSpec, :action    
 
     workspace.controller.should be_a(WorkspaceVariablesSpec)
-    workspace.response.should respond_to("body=")
+    response.should respond_to("body=")
 
     expected_result = {      
       params: {},
   
       class: WorkspaceVariablesSpec,   
       method_name: :action, 
-      action: :action
+      action_name: :action
     }
     workspace.to_h(true).subset(expected_result.keys).should == expected_result
   end

data/spec/controller/error_handling_spec.rb

@@ -55,7 +55,7 @@ describe "Error handling" do
   end
   
   it "should catch errors with redirect (from error)" do
-    # if response.headers['Location'] has been set before redirect, it'll do redirect 
+    # error: if response.headers['Location'] has been set before redirect, it'll do redirect 
     # after error will be catched and no error message will be displayed
     
     class ::ErrorInRedirectSpec

data/spec/controller/http_spec/views/ViewVariablesSpec/action.erb

@@ -0,0 +1,2 @@
+request: <%= !!request %>
+response: <%= !!response %>