ramaze 2012.04.14 → 2012.12.08b

data/lib/ramaze/cache/memcache.rb

@@ -1,6 +1,4 @@
-Ramaze.setup(:verbose => false) do
-  gem 'dalli', ['>= 2.0.2']
-end
+require 'dalli'
 
 # Kgio gives a nice performance boost but it isn't required
 begin; require 'kgio'; rescue LoadError => e; end

data/lib/ramaze/cache/redis.rb

@@ -1,6 +1,4 @@
-Ramaze.setup(:verbose => false) do
-  gem 'redis'
-end
+require 'redis'
 
 module Ramaze
   class Cache
@@ -122,7 +120,7 @@ module Ramaze
       # Removes a number of keys from the cache.
       #
       # @author Michael Fellinger
-      # @param  [Array] *keys An array of key names to remove.
+      # @param  [Array] keys An array of key names to remove.
       #
       def cache_delete(*keys)
         @client.del(*keys.map{|key| namespaced_key(key) })

data/lib/ramaze/cache/sequel.rb

@@ -1,6 +1,4 @@
-Ramaze.setup(:verbose => false) do
-  gem 'sequel'
-end
+require 'sequel'
 
 module Ramaze
   class Cache
@@ -212,7 +210,7 @@ module Ramaze
           @dataset.filter(:key => nkey).delete
         # Remove multiple keys
         else
-          nkeys  = [key, keys].flatten.map! { |nkey| namespaced(nkey) }
+          nkeys  = [key, keys].flatten.map! { |n| namespaced(n) }
           result = dataset.select(:value).filter(:key => nkeys)
 
           result.map! do |row|
@@ -285,7 +283,8 @@ module Ramaze
           serialized_value = serialize(value)
 
           if serialized_value
-            @dataset.update(:value => serialize(value), :expires => expires)
+            @dataset.filter(:key => nkey) \
+              .update(:value => serialize(value), :expires => expires)
           end
         # The row doesn't exist yet.
         else

data/lib/ramaze/controller.rb

@@ -148,10 +148,17 @@ module Ramaze
       return if chunks.empty?
 
       last = chunks.last
-      return IRREGULAR_MAPPING[last] if IRREGULAR_MAPPING.key?(last)
 
-      last.sub!(/Controller$/, '')
-      '/' << chunks.map{|chunk| chunk.snake_case }.join('/')
+      if IRREGULAR_MAPPING.key?(last)
+        irregular = IRREGULAR_MAPPING[last]
+        return irregular if irregular.nil?  || chunks.size == 1
+        chunks.pop
+        chunks << irregular
+      end
+
+      chunks.unshift ''
+      chunks.last.sub!(/Controller$/, '')
+      chunks.map{|chunk| chunk.snake_case }.join('/').squeeze('/')
     end
 
     ##

data/lib/ramaze/default_middleware.rb

@@ -0,0 +1,24 @@
+Ramaze.middleware(:dev) do
+  use Rack::Lint
+  use Rack::CommonLogger, Ramaze::Log
+  use Rack::ShowExceptions
+  use Rack::ShowStatus
+  use Rack::RouteExceptions
+  use Rack::ConditionalGet
+  use Rack::ETag, 'public'
+  use Rack::Head
+  use Ramaze::Reloader
+
+  run Ramaze.core
+end
+
+Ramaze.middleware(:live) do
+  use Rack::CommonLogger, Ramaze::Log
+  use Rack::RouteExceptions
+  use Rack::ShowStatus
+  use Rack::ConditionalGet
+  use Rack::ETag, 'public'
+  use Rack::Head
+
+  run Ramaze.core
+end

data/lib/ramaze/files.rb

@@ -8,12 +8,12 @@ module Ramaze
   #
   class Files
     ##
-    # Creates a new instance of the class, stores the given root directories and
-    # syncs the changes with Rack::Cascade.
+    # Creates a new instance of the class, stores the given root directories
+    # and syncs the changes with Rack::Cascade.
     #
     # @author Michael Fellinger
     # @since  14-03-2009
-    # @param  [Array] *roots A set of root directories that contain a number of
+    # @param  [Array] roots A set of root directories that contain a number of
     #  public directories.
     #
     def initialize(*roots)
@@ -52,8 +52,8 @@ module Ramaze
     # @since  14-03-2009
     #
     def sync
-      file_apps = @roots.map{|root| RackFileWrapper.new(root) }
-      @cascade = Rack::Cascade.new(file_apps)
+      file_apps = @roots.map { |root| Rack::File.new(root) }
+      @cascade  = Rack::Cascade.new(file_apps)
     end
   end # Files
 end # Ramaze

data/lib/ramaze/gestalt.rb

@@ -26,7 +26,7 @@ module Ramaze
     # The default way to start building your markup.
     # Takes a block and returns the markup.
     #
-    # @param [Block] block
+    # @param [Proc] block
     #
     def self.build(&block)
       self.new(&block).to_s
@@ -39,7 +39,7 @@ module Ramaze
     #
     # Useful for distributed building of one page.
     #
-    # @param [Block] block
+    # @param [Proc] block
     #
     def initialize(&block)
       @out = []
@@ -49,9 +49,9 @@ module Ramaze
     ##
     # Catching all the tags. passing it to _gestalt_build_tag
     #
-    # @param [String] method The method that was called.
+    # @param [String] meth The method that was called.
     # @param [Hash] args Additional arguments passed to the called method.
-    # @param [Block] block
+    # @param [Proc] block
     #
     def method_missing(meth, *args, &block)
       _gestalt_call_tag meth, args, &block
@@ -62,7 +62,7 @@ module Ramaze
     #
     # @param [Hash] args Extra arguments that should be processed before
     #  creating the paragraph tag.
-    # @param [Block] block
+    # @param [Proc] block
     #
     def p(*args, &block)
       _gestalt_call_tag :p, args, &block
@@ -71,9 +71,9 @@ module Ramaze
     ##
     # Workaround for Kernel#select to make <select></select> work.
     #
-    # @param [Hash] args Extra arguments that should be processed before
+    # @param [Array] args Extra arguments that should be processed before
     #  creating the select tag.
-    # @param [Block] block
+    # @param [Proc] block
     #
     def select(*args, &block)
       _gestalt_call_tag(:select, args, &block)
@@ -84,7 +84,7 @@ module Ramaze
     #
     # @param [String] name
     # @param [Hash] args
-    # @param [Block] block
+    # @param [Proc] block
     #
     def _gestalt_call_tag(name, args, &block)
       if args.size == 1 and args[0].kind_of? Hash
@@ -140,8 +140,8 @@ module Ramaze
     # Shortcut for building tags,
     #
     # @param [String] name
-    # @param [Hash] args
-    # @param [Block] block
+    # @param [Array] args
+    # @param [Proc] block
     #
     def tag(name, *args, &block)
       _gestalt_call_tag(name.to_s, args, &block)

data/lib/ramaze/helper/blue_form.rb

@@ -25,6 +25,11 @@ module Ramaze
     #       f.input_text 'Username', :username
     #     end
     #
+    # The object comes handy when you want to do server-side form validation:
+    # if the form can not be validated, just send back the object with keys
+    # containing what the user has filled. The fields will be populated with
+    # these values, so the user doesn't have to retype everything.
+    #
     # If you don't want to use an object you can simply set the first parameter
     # to nil.
     #
@@ -32,15 +37,27 @@ module Ramaze
     #
     # The form helper uses Gestalt, Ramaze's custom HTML builder that works
     # somewhat like Erector. The output is very minimalistic, elements such as
-    # legends and fieldsets have to be added manually. Each combination of a
-    # label and input element will be wrapped in <p> tags.
+    # legends and fieldsets have to be added manually.
+    #
+    # If you need to add elements not covered by Form methods (e.g. `<div>`
+    # tags), you can access the form Gestalt instance with the g() method and
+    # generate your tags like this :
+    #
+    #     form_for(@result, :method => :post) do |f|
+    #       f.g.div(:class => "awesome") do
+    #         ...
+    #       end
+    #     end
+    #
+    # Each combination of a label and input element will be wrapped in
+    # `<p>` tags.
     #
     # When using the form helper as a block in your templates it's important to
     # remember that the result is returned and not displayed in the browser
     # directly. When using Etanni this would result in something like the
     # following:
     #
-    #     #{form_for(@result, :method => :post) do |f| do
+    #     #{form_for(@result, :method => :post) do |f|
     #       f.input_text 'Text label', :textname, 'Chunky bacon!'
     #     end}
     #
@@ -49,6 +66,16 @@ module Ramaze
     #    f.input_text 'Username', :username
     #  end
     #
+    # @example Adding custom elements inside a form
+    #  form_for(@result, :method => :post) do |f|
+    #    f.fieldset do
+    #      f.g.div(:class => "control-group") do
+    #        f.input_text 'Text label', :textname, { :placeholder => 'Chunky bacon!',
+    #                                                :class       => :bigsize }
+    #      end
+    #    end
+    #  end
+    #
     module BlueForm
       ##
       # The form method generates the basic structure of the form. It should be
@@ -169,7 +196,7 @@ module Ramaze
         end
 
         ##
-        # Generate a <legend> tag.
+        # Generate a `<legend>` tag.
         #
         # @param [String] text The text to display inside the legend tag.
         # @example
@@ -184,7 +211,7 @@ module Ramaze
         ##
         # Generate a fieldset tag.
         #
-        # @param [Block] &block The form elements to display inside the fieldset.
+        # @param [Proc] block The form elements to display inside the fieldset.
         # @example
         #  form_for(@data, :method => :post) do |f|
         #    f.fieldset do
@@ -317,7 +344,7 @@ module Ramaze
         # @option args [Array] :values An array containing the possible values
         #  for the checkboxes.
         # @option args [String/Symbol] :span_class The class to use for the
-        #  <span> element that's wrapped around the checkbox.
+        #  `<span>` element that's wrapped around the checkbox.
         # @option args [TrueClass/FalseClass] :show_value When set to false the
         #  value of each checkbox won't be displayed to the right of the
         #  checkbox. This option is set to true by default.

data/lib/ramaze/helper/csrf.rb

@@ -76,15 +76,21 @@ module Ramaze
     #     end
     #
     module CSRF
+      include Innate::Optioned
+
+      options.dsl do
+        o 'The name of the token field', :field_name, 'csrf_token'
+      end
+
       ##
       # Method that can be used to protect the specified methods against CSRF
       # exploits. Each protected method will require the token to be stored in
       # a field called "csrf_token". This method will then validate that token
       # against the current token in the session.
       #
-      # @param  [Strings/Symbol] *methods Methods that will be
-      #  protected/unprotected.
-      # @param  [Block] Block that will be executed if the token is invalid.
+      # @param [Array] methods Array of method names that should be checked.
+      # @param [Proc] block Block that will be executed if the token is
+      #  invalid.
       # @example
       #  # Protect "create" and "save" against CSRF exploits
       #  before_all do
@@ -94,43 +100,35 @@ module Ramaze
       #  end
       #
       def csrf_protection(*methods, &block)
-        # Only protect the specified methods
-        if methods.include?(action.name) or methods.include?(action.name.to_sym)
-          # THINK: For now the field name is hard-coded to "csrf_token". While
-          # this is perfectly fine in most cases it might be a good idea
-          # to allow developers to change the name of this field (for whatever
-          # the reason).
-          yield unless validate_csrf_token(request.params['csrf_token'])
+        if methods.include?(action.name) \
+        or methods.include?(action.name.to_sym)
+          unless validate_csrf_token(request.params[CSRF.options.field_name])
+            yield
+          end
         end
       end
 
       ##
       # Generate a new token and create the session array that will be used to
-      # validate the client. The following items are stored in the session:
-      #
-      # * token: An unique hash that will be stored in each form
-      # * agent: The visitor's user agent
-      # * ip: The IP address of the visitor
-      # * time: Timestamp that indicates at what time the data was generated.
+      # validate the client.
       #
-      # Note that this method will be automatically called if no CSRF token exists.
+      # Note that this method will be automatically called if no CSRF token
+      # exists.
       #
-      # @param [Hash] Additional arguments that can be set such as the TTL.
+      # @param [Hash] args Additional arguments that can be set such as the
+      #  TTL.
       #
       def generate_csrf_token(args = {})
-        ttl    = args[:ttl] || (15 * 60)
         random = SecureRandom.random_bytes(512)
         time   = Time.now.to_f
         token  = Digest::SHA512.hexdigest(random + time.to_s)
 
         # Time to store all the data we want to check later.
         session[:_csrf] = {
-          :time  => time.to_i,
           :token => token,
           :ip    => request.ip,
           :agent => request.env['HTTP_USER_AGENT'],
-          :host  => request.host,
-          :ttl   => ttl
+          :host  => request.host
         }
 
         return
@@ -155,13 +153,7 @@ module Ramaze
 
       ##
       # Validates the request based on the current session date stored in
-      # _csrf. The following items are verified:
-      #
-      # * Do the user agent, ip and token match those supplied by the visitor?
-      # * Has the token been expired? (after 15 minutes).
-      #
-      # If any of these checks fail this method will return FALSE. It's your
-      # job to take action based on the results of this method.
+      # _csrf.
       #
       # @param  [String] input_token The CSRF token to validate.
       # @return [TrueClass|FalseClass]
@@ -182,13 +174,13 @@ module Ramaze
         _csrf = session[:_csrf]
 
         valid = session[:_csrf][:token] == input_token &&
-          (Time.now.to_f - _csrf[:time]) <= _csrf[:ttl] &&
           _csrf[:host]  == request.host &&
           _csrf[:ip]    == request.ip &&
           _csrf[:agent] == request.env['HTTP_USER_AGENT']
 
         if valid
           generate_csrf_token
+
           return true
         else
           return false

data/lib/ramaze/helper/flash.rb

@@ -36,7 +36,7 @@ module Ramaze
       # Use in your template to display all flash messages that may be stored.
       # For example, given you stored:
       #
-      #   flash # => { :error => 'Pleae enter your name'
+      #   flash # => { :error => 'Please enter your name'
       #                :info => 'Do you see the fnords?' }
       #
       # Then a flashbox would display:

data/lib/ramaze/helper/upload.rb

@@ -246,8 +246,8 @@ module Ramaze
         #     handle_uploads_for :baz, [:qux, /^up.*/]
         #   end
         #
-        # @param *args An arbitrary long list of arguments with action names
-        #  (and optionally patterns) that should handle file uploads
+        # @param [Array] args An arbitrary long list of arguments with action
+        #  names (and optionally patterns) that should handle file uploads
         #  automatically. Each argument can either be a symbol or a two-element
         #  array consisting of a symbol and a reqexp.
         # @see #handle_all_uploads
@@ -391,7 +391,7 @@ module Ramaze
         # but if you provide a complete path this method it will try to identify
         # the filename and use that instead.
         #
-        # @param [String] The new suggested filename.
+        # @param [String] name The new suggested filename.
         #
         def filename=(name)
           @filename = File.basename(name)
@@ -493,6 +493,8 @@ module Ramaze
           # Update the realfile property, indicating that the file has been
           # saved
           @realfile = File.new(path)
+          # But no need to keep it open
+          @realfile.close
 
           # If the unlink_tempfile option is set to true, delete the temporary
           # file created by Rack

data/lib/ramaze/helper/user.rb

@@ -249,6 +249,7 @@ module Ramaze
         def _logout
           (_persistence || {}).clear
           Current.request.env['ramaze.helper.user'] = nil
+          Current.session.resid!
         end
 
         ##

data/lib/ramaze/log.rb

@@ -21,14 +21,9 @@ module Ramaze
   # @since  11-08-2009
   #
   module Logger
-    autoload :Analogger       , 'ramaze/log/analogger'
-    autoload :Growl           , 'ramaze/log/growl'
     autoload :LogHub          , 'ramaze/log/hub'
-    autoload :Knotify         , 'ramaze/log/knotify'
     autoload :RotatingInformer, 'ramaze/log/rotatinginformer'
     autoload :Syslog          , 'ramaze/log/syslog'
-    autoload :Growl           , 'ramaze/log/growl'
-    autoload :Xosd            , 'ramaze/log/xosd'
     autoload :Logger          , 'ramaze/log/logger'
   end
 end