ramaze 2008.11 → 2009.01

data/lib/ramaze/current/session.rb

@@ -96,7 +96,7 @@ module Ramaze
     def initialize(sess_or_request = Current.request)
       return unless Global.sessions
 
-      if sess_or_request.is_a?(Request)
+      if sess_or_request.respond_to?(:cookies)
         request = sess_or_request
         @session_id = request.cookies[SESSION_KEY] || Session.random_key
       else
@@ -125,10 +125,8 @@ module Ramaze
     # existing already, the session itself is an instance of SessionHash
 
     def current
-      unless @current
-        @current = ( sessions[session_id] ||= Session::Hash.new(self) )
-      end
-      @current
+      return @current if @current
+      @current = ( sessions[session_id] ||= Session::Hash.new(self) )
     end
 
     # shortcut to Cache.sessions

data/lib/ramaze/current/session/hash.rb

@@ -9,8 +9,8 @@ module Ramaze
 
       # Sets @hash to an empty Hash
 
-      def initialize sess
-        @session = sess
+      def initialize(session)
+        @session = session
         @hash = {}
       end
 
@@ -18,11 +18,8 @@ module Ramaze
       # Session.current.sessions if anything changes.
 
       def method_missing(*args, &block)
-        old = @hash.dup
         result = @hash.send(*args, &block)
-        unless old == @hash
-          Cache.sessions[@session.session_id] = self
-        end
+        Cache.sessions[@session.session_id] = self
         result
       end
 
@@ -48,11 +45,10 @@ module Ramaze
 
       # Unmarshal cookie data to a hash and verify its integrity.
       def unmarshal(cookie)
-        if cookie
-          data, digest = cookie.split('--')
-          return nil unless digest == generate_digest(data)
-          Marshal.load(data.unpack('m').first)
-        end
+        return unless cookie
+        data, digest = cookie.split('--')
+        return nil unless digest == generate_digest(data)
+        Marshal.load(data.unpack('m').first)
       end
 
       # Generate the inline SHA512 message digest. Larger (128 bytes) than SHA256

data/lib/ramaze/dispatcher/action.rb

@@ -35,6 +35,8 @@ module Ramaze
           ex
         end
 
+        # Logs the request via Log#info unless it's boring.
+
         def log(path)
           case path
           when *Global.boring

data/lib/ramaze/dispatcher/file.rb

@@ -64,7 +64,8 @@ module Ramaze
           joined = ::File.join(Global.public_root, path)
 
           if ::File.directory?(joined)
-            Dir[joined/"{#{INDICES.join(',')}}"].first || joined
+            glob = ::File.join(joined, "{#{INDICES.join(',')}}")
+            Dir[glob].first || joined
           else
             joined
           end
@@ -78,6 +79,10 @@ module Ramaze
 
         private
 
+        # Shortcut for Ramaze::Dispatcher::File#expand_path(path).
+        # Returns the absolute path of passed argument e.g.
+        # "/Users/rikur/ramaze_tests/public/foo.txt"
+
         def expand(path)
           ::File.expand_path(path)
         end

data/lib/ramaze/helper.rb

@@ -12,8 +12,9 @@ module Ramaze
   module Helper
     LOOKUP = Set.new
     PATH = ['']
+    path = File.expand_path("#{BASEDIR}/../spec/ramaze/helper/")
     trait :ignore => [
-      /#{Regexp.escape(File.expand_path(BASEDIR/'../spec/ramaze/helper/'))}\//
+      /#{Regexp.escape(path)}\//
     ]
 
     module Methods
@@ -44,7 +45,7 @@ module Ramaze
             if require_helper(name)
               redo
             else
-              raise LoadError, "#{name} not found"
+              raise LoadError, "helper #{name} not found"
             end
           end
         end
@@ -52,6 +53,8 @@ module Ramaze
 
       private
 
+      # returns the Ramaze::Helper::Name Module Constant if exists.
+
       def find_helper(name)
         name = name.to_s.camel_case
         ramaze_helper_consts = ::Ramaze::Helper.constants.grep(/^#{name}$/i)
@@ -60,16 +63,21 @@ module Ramaze
         end
       end
 
+      # Loads helper from /lib/ramaze/helper/name.(so, bundle, rb)
+      # raises LoadError if helper not found.
+
       def require_helper(name)
-        paths = (PATH + [Global.root, BASEDIR/:ramaze]).join(',')
+        paths = (PATH + [Global.root, "#{BASEDIR}/ramaze"]).join(',')
         glob = "{#{paths}}/helper/#{name}.{so,bundle,rb}"
         files = Dir[glob]
         ignore = Helper.trait[:ignore]
         files.reject!{|f| ignore.any?{|i| f =~ i }}
-        raise LoadError, "#{name} not found" unless file = files.first
+        raise LoadError, "file for #{name} not found" unless file = files.first
         require(file)
       end
 
+      # injects the helper via include and extend, takes Constant as argument.
+
       def use_helper(mod)
         include mod
         extend mod

data/lib/ramaze/helper/aspect.rb

@@ -76,7 +76,7 @@ module Ramaze
   class Action
 
     # overwrites the default Action hook and runs the neccesary blocks in its
-    # scope. before actions are run starting from Ramaze::Controller down the
+    # scope before actions are run, starting from Ramaze::Controller down the
     # ancestor chain.
     def before_process
       common_aspect(:before)
@@ -84,7 +84,7 @@ module Ramaze
 
 
     # overwrites the default Action hook and runs the neccesary blocks in its
-    # scope. before actions are run starting from Ramaze::Controller down the
+    # scope after actions are run, starting from Ramaze::Controller down the
     # ancestor chain.
     def after_process
       common_aspect(:after)

data/lib/ramaze/helper/bench.rb

@@ -0,0 +1,43 @@
+require 'benchmark'
+
+module Ramaze
+  module Helper
+
+    # Little helper to give you a hand when benching parts of actions
+
+    module Bench
+
+      # Will first run an empty loop to determine the overhead it imposes, then
+      # goes on to yield your block +iterations+ times.
+      #
+      # The last yielded return value will be returned upon completion of the
+      # benchmark and the result of the benchmark itself will be sent to
+      # Log.info
+      #
+      # Example:
+      #
+      #   class MainController < Ramaze::Controller
+      #     def index
+      #       @users = bench{ User.all }
+      #       @tags = bench{ Article.tags }
+      #     end
+      #   end
+      #
+      # This will show something like following in your log:
+      # [..] INFO   Bench ./start.rb:3:in `index': 0.121163845062256
+      # [..] INFO   Bench ./start.rb:4:in `index': 2.234987235098341
+      #
+      # So now we know that the Article.tags call takes the most time and
+      # should be improved.
+
+      def bench(iterations = 1)
+        result = nil
+        from = caller[0]
+        delta = Benchmark.realtime{ iterations.times{ nil }}
+        taken = Benchmark.realtime{ iterations.times{ result = yield }}
+        Log.info "Bench #{from}: #{taken - delta}"
+        return result
+      end
+    end
+  end
+end

data/lib/ramaze/helper/form.rb

@@ -219,16 +219,19 @@ module Ramaze
 
   # Form for instances of the model class
   class InstanceForm < Form
-    # <input type='text' name='name' value='value' />
+    # returns <input type='text' name='name' value='value' />
     def field_input(name, value)
       "<input type='text' name='#{name}' value='#{value}'/>"
     end
 
+    # returns <textarea name='name'>#{value}</textarea>
+
     def field_textarea(name, value)
       "<textarea name='#{name}'>#{value}</textarea>"
     end
 
-    # <input type="text" name="name" value="value" />
+    # returns <input type="text" name="name" value="value" />
+
     def field_integer(name, value)
       field_input(name, value)
     end

data/lib/ramaze/helper/formatting.rb

@@ -111,6 +111,10 @@ module Ramaze
     end
     alias autolink auto_link
 
+    # takes a string and optional argument for outputting compliance HTML
+    # instead of XHTML.
+    # e.g nl2br "a\nb\n\c" #=> 'a<br />b<br />c'
+
     def nl2br(string, xhtml = true)
       br = xhtml ? '<br />' : '<br>'
       string.gsub(/\n/, br)

data/lib/ramaze/helper/gravatar.rb

@@ -1,12 +1,29 @@
 module Ramaze
   module Helper
     module Gravatar
+
+      # fetches a gravatar from http//www.gravatar.com based on 'email'
+      # and 'size'. Falls back to 'fallback_path' if no gravatar is found.
+      # default 'fallback_path' is "/images/gravatar_default.jpg".
+      # example:
+      #
+      # class GravatarController < Ramaze::Controller
+      #    helper :gravatar
+      #
+      #    def index
+      #      @gravatar_thumbnail_src = gravatar(session[:email] || 'riku@helloit.fi')
+      #    end
+      # end
+      #
+      #  /view/gravatar/index.html:
+      #  <img src="#{@gravatar_thumbnail_src}" />
+
       def gravatar(email, size = 32, fallback_path = "/images/gravatar_default.jpg")
         emailhash = Digest::MD5.hexdigest(email)
 
         fallback = Request.current.domain
         fallback.path = fallback_path
-        default = h(fallback.to_s)
+        default = Rack::Utils.escape(fallback.to_s)
 
         return "http://www.gravatar.com/avatar.php?gravatar_id=#{emailhash}&default=#{default}&size=#{size}"
       end

data/lib/ramaze/helper/httpdigest.rb

@@ -7,50 +7,77 @@ module Ramaze
 
       UUID_GENERATOR = UUID.new
 
-      @session_nonce = "authentication_digest_nonce"
+      SESSION_NONCE = 'httpdigest_authentication_nonce'
+      SESSION_OPAQUE = 'httpdigest_authentication_opaque'
 
       def httpdigest_logout
-        session.delete( @session_nonce )
+        session.delete( SESSION_NONCE )
+        session.delete( SESSION_OPAQUE )
+      end
+
+      def httpdigest_headers uid, realm
+        session[ SESSION_NONCE ] = UUID_GENERATOR.generate
+        session[ SESSION_OPAQUE ][ realm ][ uid ] = UUID_GENERATOR.generate
+        response['WWW-Authenticate'] =
+          %|Digest realm="#{realm}",| +
+          %|qop="auth,auth-int",| +
+          %|nonce="#{session[SESSION_NONCE]}",| +
+          %|opaque="#{session[SESSION_OPAQUE][realm][uid]}"|
       end
 
       def httpdigest(uid, realm)
-        session_opaque = "authentication_digest_opaque_#{uid}"
+        session[ SESSION_OPAQUE ] ||= {}
+        session[ SESSION_OPAQUE ][ realm ] ||= {}
 
-        session[session_opaque] ||= UUID_GENERATOR.generate
+        if request.env['HTTP_AUTHORIZATION']
 
-        authorized = false
+          authorized = false
 
-        if session[@session_nonce] and request.env['HTTP_AUTHORIZATION']
+          if session[ SESSION_NONCE ] and session[ SESSION_OPAQUE ][ realm ][ uid ]
 
-          auth_split = request.env['HTTP_AUTHORIZATION'].split
-          authentication_type = auth_split[0]
-          authorization = Rack::Auth::Digest::Params.parse( auth_split[1..-1].join(' ') )
-          digest_response, username, nonce, nc, cnonce, qop =
-            authorization.values_at(*%w[response username nonce nc cnonce qop])
+            auth_split = request.env['HTTP_AUTHORIZATION'].split
+            authentication_type = auth_split[0]
+            authorization = Rack::Auth::Digest::Params.parse( auth_split[1..-1].join(' ') )
 
-          if authentication_type == 'Digest'
-            if nonce == session[@session_nonce]
-              ha1 = yield(username)
-              ha2 = MD5.hexdigest("#{request.request_method}:#{request.fullpath}")
-              md5 = MD5.hexdigest([ha1, nonce, nc, cnonce, qop, ha2].join(':'))
+            digest_response, username, nonce, nc, cnonce, qop, opaque =
+              authorization.values_at(*%w[response username nonce nc cnonce qop opaque])
 
-              authorized = digest_response == md5
+            if authentication_type == 'Digest'
+              if nonce == session[SESSION_NONCE] and opaque == session[SESSION_OPAQUE][realm][uid]
+                h1 = nil
+                if respond_to?( :httpdigest_lookup_password )  
+                  ha1 = httpdigest_lookup_password( username )
+                else
+                  if respond_to?( :httpdigest_lookup_plaintext_password )
+                    ha1 = MD5.hexdigest( "#{username}:#{realm}:#{httpdigest_lookup_plaintext_password( username )}" )
+                  else
+                    if block_given?
+                      ha1 = yield( username )
+                    else
+                      raise "No password lookup handler found"
+                    end
+                  end
+                end
+                ha2 = MD5.hexdigest([request.request_method,request.fullpath].join(':'))
+                md5 = MD5.hexdigest([ha1, nonce, nc, cnonce, qop, ha2].join(':'))
+
+                authorized = digest_response == md5
+              end
             end
+
           end
-        end
 
-        unless authorized
-          session[@session_nonce] = UUID_GENERATOR.generate
-          response['WWW-Authenticate'] =
-            %|Digest realm="#{realm}",| +
-            %|qop="auth,auth-int",| +
-            %|nonce="#{session[@session_nonce]}",| +
-            %|opaque="#{session[session_opaque]}"|
-          if respond_to?( :httpdigest_failure )
-            httpdigest_failure
-          else
+          unless authorized
+            httpdigest_headers( uid, realm )
             respond('Unauthorized', 401)
           end
+
+        else
+
+          httpdigest_headers( uid, realm )
+          httpdigest_failure if respond_to?( :httpdigest_failure )
+          respond('Unauthorized', 401)
+
         end
 
         authorization["username"]

data/lib/ramaze/helper/markaby.rb

@@ -15,7 +15,7 @@ module Ramaze
     def markaby(ivs = {}, helpers = nil, &block)
       builder = ::Markaby::Builder
       builder.extend(Ramaze::Helper::Methods)
-      builder.send(:helper, :link)
+      builder.send(:helper, :redirect, :link, :sendfile, :flash, :cgi, :partial)
 
       iv_hash = {}
       instance_variables.each do |iv|

data/lib/ramaze/helper/maruku.rb

@@ -1,3 +1,5 @@
+require 'maruku'
+
 module Ramaze
   module Helper::Maruku
     def maruku(text)

data/lib/ramaze/helper/paginate.rb

@@ -165,7 +165,7 @@ module Ramaze
           text = h(text.to_s)
 
           params = Ramaze::Request.current.params.merge(@var.to_s => n)
-          name = Ramaze::Request.current.request_path
+          name = Ramaze::Request.current.path_info
           hash[:href] = R(name, params)
 
           g.a(hash){ text }

data/lib/ramaze/helper/partial.rb

@@ -69,7 +69,7 @@ module Ramaze
       else
         roots = [options[:controller].template_paths].flatten
 
-        if (files = Dir["{#{roots.join(',')}}"/"{#{file},#{file}.*}"]).any?
+        if (files = Dir[File.join("{#{roots.join(',')}}","{#{file},#{file}.*}")]).any?
           options[:template] = files.first.squeeze '/'
         else
           Log.warn "render_template: #{file} does not exist in the following directories: #{roots.join(',')}."

data/lib/ramaze/helper/redirect.rb

@@ -59,7 +59,7 @@ module Ramaze
     def raw_redirect(target, opts = {})
       target = target.to_s
       header = {'Location' => target}
-      status = opts[:status] || STATUS_CODE["Moved Temporarily"]
+      status = opts[:status] || 302 # Found
       body = %{You are being redirected, please follow <a href="#{target}">this link to: #{target}</a>!}
 
       Log.info("Redirect to '#{target}'")
@@ -72,10 +72,28 @@ module Ramaze
       request[:redirected]
     end
 
-    # redirect to the location the browser says it's coming from.
+    # Redirect to the location the browser says it's coming from.
+    # If the current address is the same as the referrer or no referrer exists
+    # yet, we will redirect to +fallback+.
+    #
+    # NOTE:
+    #   * In some cases this may result in a double redirect, given that the
+    #     request query parameters may change order. We don't have a nice way
+    #     of handling that yet, but it should be very, very rare
+
+    def redirect_referer(fallback = R(:/))
+      if referer = request.referer and url = request.url
+        referer_uri = URI(referer)
+        request_uri = URI(url)
 
-    def redirect_referer
-      redirect request.referer
+        if referer_uri == request_uri
+          redirect fallback
+        else
+          redirect referer
+        end
+      else
+        redirect fallback
+      end
     end
     alias redirect_referrer redirect_referer
   end