ramaze 2012.04.14 → 2012.12.08b
Sign up to get free protection for your applications and to get access to all the features.
- data/.gems +28 -35
- data/.gitignore +4 -0
- data/.travis.yml +3 -3
- data/Gemfile +3 -0
- data/README.md +1 -5
- data/Rakefile +9 -20
- data/examples/app/blog/app.rb +5 -14
- data/examples/app/todolist/start.rb +1 -5
- data/guide/AUTHORS +8 -3
- data/guide/CHANGELOG +587 -0
- data/guide/general/cache.md +1 -0
- data/guide/general/configuration.md +2 -1
- data/guide/general/contributing.md +1 -0
- data/guide/general/controllers.md +105 -10
- data/guide/general/helpers.md +6 -7
- data/guide/general/installation.md +2 -1
- data/guide/general/logging.md +1 -4
- data/guide/general/middlewares.md +15 -23
- data/guide/general/models.md +1 -0
- data/guide/general/principles.md +1 -0
- data/guide/general/ramaze_command.md +9 -54
- data/guide/general/routes.md +1 -0
- data/guide/general/sessions.md +3 -2
- data/guide/general/special_thanks.md +1 -0
- data/guide/general/testing.md +1 -0
- data/guide/general/views.md +35 -22
- data/lib/proto/Gemfile +4 -0
- data/lib/proto/README.md +35 -0
- data/lib/proto/Rakefile +1 -0
- data/lib/proto/app.rb +2 -6
- data/lib/proto/spec/helper.rb +39 -0
- data/lib/proto/task/ramaze.rake +57 -0
- data/lib/ramaze.rb +12 -39
- data/lib/ramaze/bin/create.rb +1 -3
- data/lib/ramaze/bin/runner.rb +0 -14
- data/lib/ramaze/cache.rb +21 -0
- data/lib/ramaze/cache/memcache.rb +1 -3
- data/lib/ramaze/cache/redis.rb +2 -4
- data/lib/ramaze/cache/sequel.rb +4 -5
- data/lib/ramaze/controller.rb +10 -3
- data/lib/ramaze/default_middleware.rb +24 -0
- data/lib/ramaze/files.rb +5 -5
- data/lib/ramaze/gestalt.rb +10 -10
- data/lib/ramaze/helper/blue_form.rb +33 -6
- data/lib/ramaze/helper/csrf.rb +22 -30
- data/lib/ramaze/helper/flash.rb +1 -1
- data/lib/ramaze/helper/upload.rb +5 -3
- data/lib/ramaze/helper/user.rb +1 -0
- data/lib/ramaze/log.rb +0 -5
- data/lib/ramaze/log/informer.rb +3 -3
- data/lib/ramaze/log/logging.rb +4 -4
- data/lib/ramaze/log/syslog.rb +2 -2
- data/lib/ramaze/response.rb +1 -1
- data/lib/ramaze/snippets.rb +0 -20
- data/lib/ramaze/spec/bacon.rb +5 -13
- data/lib/ramaze/version.rb +1 -1
- data/lib/ramaze/view/erector.rb +1 -3
- data/lib/ramaze/view/erubis.rb +1 -3
- data/lib/ramaze/view/ezamar.rb +1 -3
- data/lib/ramaze/view/haml.rb +1 -4
- data/lib/ramaze/view/liquid.rb +1 -3
- data/lib/ramaze/view/lokar.rb +1 -3
- data/lib/ramaze/view/mustache.rb +1 -3
- data/lib/ramaze/view/nagoro.rb +1 -4
- data/lib/ramaze/view/remarkably.rb +1 -4
- data/lib/ramaze/view/sass.rb +2 -5
- data/lib/ramaze/view/slim.rb +1 -3
- data/lib/ramaze/view/slippers.rb +1 -3
- data/lib/ramaze/view/tagz.rb +1 -3
- data/lib/ramaze/view/tenjin.rb +1 -3
- data/ramaze.gemspec +45 -16
- data/spec/helper.rb +0 -1
- data/spec/ramaze/cache/localmemcache.rb +0 -4
- data/spec/ramaze/controller/mapping.rb +17 -0
- data/spec/ramaze/dispatcher/directory.rb +6 -5
- data/spec/ramaze/dispatcher/file.rb +7 -4
- data/spec/ramaze/files.rb +0 -2
- data/spec/ramaze/helper/csrf.rb +0 -26
- data/spec/ramaze/helper/upload.rb +1 -0
- data/spec/ramaze/helper/user.rb +12 -0
- data/spec/ramaze/log/syslog.rb +5 -1
- data/spec/ramaze/view/lokar.rb +1 -1
- data/spec/ramaze/view/nagoro.rb +1 -1
- data/tasks/bacon.rake +1 -1
- data/tasks/gems.rake +15 -0
- data/tasks/release.rake +37 -8
- metadata +106 -139
- data/guide/_static/ramaze_console.png +0 -0
- data/guide/tutorials/introduction.md +0 -263
- data/lib/proto/model/init.rb +0 -6
- data/lib/proto/public/.htaccess +0 -24
- data/lib/proto/public/dispatch.fcgi +0 -11
- data/lib/proto/spec/main.rb +0 -20
- data/lib/proto/start.rb +0 -20
- data/lib/ramaze/app_graph.rb +0 -105
- data/lib/ramaze/bin/console.rb +0 -87
- data/lib/ramaze/bin/helper.rb +0 -107
- data/lib/ramaze/bin/restart.rb +0 -95
- data/lib/ramaze/bin/start.rb +0 -221
- data/lib/ramaze/bin/status.rb +0 -152
- data/lib/ramaze/bin/stop.rb +0 -112
- data/lib/ramaze/dependencies.rb +0 -84
- data/lib/ramaze/helper/disqus.rb +0 -27
- data/lib/ramaze/helper/ultraviolet.rb +0 -49
- data/lib/ramaze/log/analogger.rb +0 -50
- data/lib/ramaze/log/growl.rb +0 -55
- data/lib/ramaze/log/knotify.rb +0 -31
- data/lib/ramaze/log/xosd.rb +0 -94
- data/lib/ramaze/middleware_compiler.rb +0 -36
- data/lib/ramaze/plugin.rb +0 -69
- data/lib/ramaze/setup.rb +0 -210
- data/lib/ramaze/snippets/array/put_within.rb +0 -38
- data/lib/ramaze/snippets/binding/locals.rb +0 -20
- data/lib/ramaze/snippets/fiber.rb +0 -41
- data/lib/ramaze/snippets/kernel/pretty_inspect.rb +0 -18
- data/lib/ramaze/snippets/metaid.rb +0 -17
- data/lib/ramaze/snippets/numeric/filesize_format.rb +0 -30
- data/lib/ramaze/snippets/numeric/time.rb +0 -59
- data/lib/ramaze/snippets/object/instance_variable_defined.rb +0 -16
- data/lib/ramaze/snippets/object/pretty.rb +0 -12
- data/lib/ramaze/snippets/object/scope.rb +0 -16
- data/lib/ramaze/snippets/ordered_set.rb +0 -51
- data/lib/ramaze/snippets/proc/locals.rb +0 -19
- data/lib/ramaze/snippets/ramaze/acquire.rb +0 -32
- data/lib/ramaze/snippets/ramaze/dictionary.rb +0 -400
- data/lib/ramaze/snippets/ramaze/fiber.rb +0 -24
- data/lib/ramaze/snippets/ramaze/struct.rb +0 -43
- data/lib/ramaze/snippets/string/end_with.rb +0 -17
- data/lib/ramaze/snippets/string/ord.rb +0 -16
- data/lib/ramaze/snippets/string/start_with.rb +0 -14
- data/lib/ramaze/snippets/thread/into.rb +0 -16
- data/lib/ramaze/spec.rb +0 -4
- data/spec/ramaze/bin/start.rb +0 -34
- data/spec/ramaze/log/growl.rb +0 -45
- data/spec/ramaze/struct.rb +0 -50
- data/spec/snippets/array/put_within.rb +0 -38
- data/spec/snippets/binding/locals.rb +0 -12
- data/spec/snippets/numeric/filesize_format.rb +0 -15
- data/spec/snippets/numeric/time.rb +0 -15
- data/spec/snippets/ordered_set.rb +0 -66
- data/spec/snippets/ramaze/acquire.rb +0 -80
- data/spec/snippets/ramaze/dictionary.rb +0 -113
- data/spec/snippets/ramaze/struct.rb +0 -15
- data/spec/snippets/thread/into.rb +0 -12
- data/tasks/gem.rake +0 -21
- data/tasks/setup.rake +0 -14
data/lib/ramaze/cache/redis.rb
CHANGED
@@ -1,6 +1,4 @@
|
|
1
|
-
|
2
|
-
gem 'redis'
|
3
|
-
end
|
1
|
+
require 'redis'
|
4
2
|
|
5
3
|
module Ramaze
|
6
4
|
class Cache
|
@@ -122,7 +120,7 @@ module Ramaze
|
|
122
120
|
# Removes a number of keys from the cache.
|
123
121
|
#
|
124
122
|
# @author Michael Fellinger
|
125
|
-
# @param [Array]
|
123
|
+
# @param [Array] keys An array of key names to remove.
|
126
124
|
#
|
127
125
|
def cache_delete(*keys)
|
128
126
|
@client.del(*keys.map{|key| namespaced_key(key) })
|
data/lib/ramaze/cache/sequel.rb
CHANGED
@@ -1,6 +1,4 @@
|
|
1
|
-
|
2
|
-
gem 'sequel'
|
3
|
-
end
|
1
|
+
require 'sequel'
|
4
2
|
|
5
3
|
module Ramaze
|
6
4
|
class Cache
|
@@ -212,7 +210,7 @@ module Ramaze
|
|
212
210
|
@dataset.filter(:key => nkey).delete
|
213
211
|
# Remove multiple keys
|
214
212
|
else
|
215
|
-
nkeys = [key, keys].flatten.map! { |
|
213
|
+
nkeys = [key, keys].flatten.map! { |n| namespaced(n) }
|
216
214
|
result = dataset.select(:value).filter(:key => nkeys)
|
217
215
|
|
218
216
|
result.map! do |row|
|
@@ -285,7 +283,8 @@ module Ramaze
|
|
285
283
|
serialized_value = serialize(value)
|
286
284
|
|
287
285
|
if serialized_value
|
288
|
-
@dataset.
|
286
|
+
@dataset.filter(:key => nkey) \
|
287
|
+
.update(:value => serialize(value), :expires => expires)
|
289
288
|
end
|
290
289
|
# The row doesn't exist yet.
|
291
290
|
else
|
data/lib/ramaze/controller.rb
CHANGED
@@ -148,10 +148,17 @@ module Ramaze
|
|
148
148
|
return if chunks.empty?
|
149
149
|
|
150
150
|
last = chunks.last
|
151
|
-
return IRREGULAR_MAPPING[last] if IRREGULAR_MAPPING.key?(last)
|
152
151
|
|
153
|
-
|
154
|
-
|
152
|
+
if IRREGULAR_MAPPING.key?(last)
|
153
|
+
irregular = IRREGULAR_MAPPING[last]
|
154
|
+
return irregular if irregular.nil? || chunks.size == 1
|
155
|
+
chunks.pop
|
156
|
+
chunks << irregular
|
157
|
+
end
|
158
|
+
|
159
|
+
chunks.unshift ''
|
160
|
+
chunks.last.sub!(/Controller$/, '')
|
161
|
+
chunks.map{|chunk| chunk.snake_case }.join('/').squeeze('/')
|
155
162
|
end
|
156
163
|
|
157
164
|
##
|
@@ -0,0 +1,24 @@
|
|
1
|
+
Ramaze.middleware(:dev) do
|
2
|
+
use Rack::Lint
|
3
|
+
use Rack::CommonLogger, Ramaze::Log
|
4
|
+
use Rack::ShowExceptions
|
5
|
+
use Rack::ShowStatus
|
6
|
+
use Rack::RouteExceptions
|
7
|
+
use Rack::ConditionalGet
|
8
|
+
use Rack::ETag, 'public'
|
9
|
+
use Rack::Head
|
10
|
+
use Ramaze::Reloader
|
11
|
+
|
12
|
+
run Ramaze.core
|
13
|
+
end
|
14
|
+
|
15
|
+
Ramaze.middleware(:live) do
|
16
|
+
use Rack::CommonLogger, Ramaze::Log
|
17
|
+
use Rack::RouteExceptions
|
18
|
+
use Rack::ShowStatus
|
19
|
+
use Rack::ConditionalGet
|
20
|
+
use Rack::ETag, 'public'
|
21
|
+
use Rack::Head
|
22
|
+
|
23
|
+
run Ramaze.core
|
24
|
+
end
|
data/lib/ramaze/files.rb
CHANGED
@@ -8,12 +8,12 @@ module Ramaze
|
|
8
8
|
#
|
9
9
|
class Files
|
10
10
|
##
|
11
|
-
# Creates a new instance of the class, stores the given root directories
|
12
|
-
# syncs the changes with Rack::Cascade.
|
11
|
+
# Creates a new instance of the class, stores the given root directories
|
12
|
+
# and syncs the changes with Rack::Cascade.
|
13
13
|
#
|
14
14
|
# @author Michael Fellinger
|
15
15
|
# @since 14-03-2009
|
16
|
-
# @param [Array]
|
16
|
+
# @param [Array] roots A set of root directories that contain a number of
|
17
17
|
# public directories.
|
18
18
|
#
|
19
19
|
def initialize(*roots)
|
@@ -52,8 +52,8 @@ module Ramaze
|
|
52
52
|
# @since 14-03-2009
|
53
53
|
#
|
54
54
|
def sync
|
55
|
-
file_apps = @roots.map{|root|
|
56
|
-
@cascade
|
55
|
+
file_apps = @roots.map { |root| Rack::File.new(root) }
|
56
|
+
@cascade = Rack::Cascade.new(file_apps)
|
57
57
|
end
|
58
58
|
end # Files
|
59
59
|
end # Ramaze
|
data/lib/ramaze/gestalt.rb
CHANGED
@@ -26,7 +26,7 @@ module Ramaze
|
|
26
26
|
# The default way to start building your markup.
|
27
27
|
# Takes a block and returns the markup.
|
28
28
|
#
|
29
|
-
# @param [
|
29
|
+
# @param [Proc] block
|
30
30
|
#
|
31
31
|
def self.build(&block)
|
32
32
|
self.new(&block).to_s
|
@@ -39,7 +39,7 @@ module Ramaze
|
|
39
39
|
#
|
40
40
|
# Useful for distributed building of one page.
|
41
41
|
#
|
42
|
-
# @param [
|
42
|
+
# @param [Proc] block
|
43
43
|
#
|
44
44
|
def initialize(&block)
|
45
45
|
@out = []
|
@@ -49,9 +49,9 @@ module Ramaze
|
|
49
49
|
##
|
50
50
|
# Catching all the tags. passing it to _gestalt_build_tag
|
51
51
|
#
|
52
|
-
# @param [String]
|
52
|
+
# @param [String] meth The method that was called.
|
53
53
|
# @param [Hash] args Additional arguments passed to the called method.
|
54
|
-
# @param [
|
54
|
+
# @param [Proc] block
|
55
55
|
#
|
56
56
|
def method_missing(meth, *args, &block)
|
57
57
|
_gestalt_call_tag meth, args, &block
|
@@ -62,7 +62,7 @@ module Ramaze
|
|
62
62
|
#
|
63
63
|
# @param [Hash] args Extra arguments that should be processed before
|
64
64
|
# creating the paragraph tag.
|
65
|
-
# @param [
|
65
|
+
# @param [Proc] block
|
66
66
|
#
|
67
67
|
def p(*args, &block)
|
68
68
|
_gestalt_call_tag :p, args, &block
|
@@ -71,9 +71,9 @@ module Ramaze
|
|
71
71
|
##
|
72
72
|
# Workaround for Kernel#select to make <select></select> work.
|
73
73
|
#
|
74
|
-
# @param [
|
74
|
+
# @param [Array] args Extra arguments that should be processed before
|
75
75
|
# creating the select tag.
|
76
|
-
# @param [
|
76
|
+
# @param [Proc] block
|
77
77
|
#
|
78
78
|
def select(*args, &block)
|
79
79
|
_gestalt_call_tag(:select, args, &block)
|
@@ -84,7 +84,7 @@ module Ramaze
|
|
84
84
|
#
|
85
85
|
# @param [String] name
|
86
86
|
# @param [Hash] args
|
87
|
-
# @param [
|
87
|
+
# @param [Proc] block
|
88
88
|
#
|
89
89
|
def _gestalt_call_tag(name, args, &block)
|
90
90
|
if args.size == 1 and args[0].kind_of? Hash
|
@@ -140,8 +140,8 @@ module Ramaze
|
|
140
140
|
# Shortcut for building tags,
|
141
141
|
#
|
142
142
|
# @param [String] name
|
143
|
-
# @param [
|
144
|
-
# @param [
|
143
|
+
# @param [Array] args
|
144
|
+
# @param [Proc] block
|
145
145
|
#
|
146
146
|
def tag(name, *args, &block)
|
147
147
|
_gestalt_call_tag(name.to_s, args, &block)
|
@@ -25,6 +25,11 @@ module Ramaze
|
|
25
25
|
# f.input_text 'Username', :username
|
26
26
|
# end
|
27
27
|
#
|
28
|
+
# The object comes handy when you want to do server-side form validation:
|
29
|
+
# if the form can not be validated, just send back the object with keys
|
30
|
+
# containing what the user has filled. The fields will be populated with
|
31
|
+
# these values, so the user doesn't have to retype everything.
|
32
|
+
#
|
28
33
|
# If you don't want to use an object you can simply set the first parameter
|
29
34
|
# to nil.
|
30
35
|
#
|
@@ -32,15 +37,27 @@ module Ramaze
|
|
32
37
|
#
|
33
38
|
# The form helper uses Gestalt, Ramaze's custom HTML builder that works
|
34
39
|
# somewhat like Erector. The output is very minimalistic, elements such as
|
35
|
-
# legends and fieldsets have to be added manually.
|
36
|
-
#
|
40
|
+
# legends and fieldsets have to be added manually.
|
41
|
+
#
|
42
|
+
# If you need to add elements not covered by Form methods (e.g. `<div>`
|
43
|
+
# tags), you can access the form Gestalt instance with the g() method and
|
44
|
+
# generate your tags like this :
|
45
|
+
#
|
46
|
+
# form_for(@result, :method => :post) do |f|
|
47
|
+
# f.g.div(:class => "awesome") do
|
48
|
+
# ...
|
49
|
+
# end
|
50
|
+
# end
|
51
|
+
#
|
52
|
+
# Each combination of a label and input element will be wrapped in
|
53
|
+
# `<p>` tags.
|
37
54
|
#
|
38
55
|
# When using the form helper as a block in your templates it's important to
|
39
56
|
# remember that the result is returned and not displayed in the browser
|
40
57
|
# directly. When using Etanni this would result in something like the
|
41
58
|
# following:
|
42
59
|
#
|
43
|
-
# #{form_for(@result, :method => :post) do |f|
|
60
|
+
# #{form_for(@result, :method => :post) do |f|
|
44
61
|
# f.input_text 'Text label', :textname, 'Chunky bacon!'
|
45
62
|
# end}
|
46
63
|
#
|
@@ -49,6 +66,16 @@ module Ramaze
|
|
49
66
|
# f.input_text 'Username', :username
|
50
67
|
# end
|
51
68
|
#
|
69
|
+
# @example Adding custom elements inside a form
|
70
|
+
# form_for(@result, :method => :post) do |f|
|
71
|
+
# f.fieldset do
|
72
|
+
# f.g.div(:class => "control-group") do
|
73
|
+
# f.input_text 'Text label', :textname, { :placeholder => 'Chunky bacon!',
|
74
|
+
# :class => :bigsize }
|
75
|
+
# end
|
76
|
+
# end
|
77
|
+
# end
|
78
|
+
#
|
52
79
|
module BlueForm
|
53
80
|
##
|
54
81
|
# The form method generates the basic structure of the form. It should be
|
@@ -169,7 +196,7 @@ module Ramaze
|
|
169
196
|
end
|
170
197
|
|
171
198
|
##
|
172
|
-
# Generate a
|
199
|
+
# Generate a `<legend>` tag.
|
173
200
|
#
|
174
201
|
# @param [String] text The text to display inside the legend tag.
|
175
202
|
# @example
|
@@ -184,7 +211,7 @@ module Ramaze
|
|
184
211
|
##
|
185
212
|
# Generate a fieldset tag.
|
186
213
|
#
|
187
|
-
# @param [
|
214
|
+
# @param [Proc] block The form elements to display inside the fieldset.
|
188
215
|
# @example
|
189
216
|
# form_for(@data, :method => :post) do |f|
|
190
217
|
# f.fieldset do
|
@@ -317,7 +344,7 @@ module Ramaze
|
|
317
344
|
# @option args [Array] :values An array containing the possible values
|
318
345
|
# for the checkboxes.
|
319
346
|
# @option args [String/Symbol] :span_class The class to use for the
|
320
|
-
#
|
347
|
+
# `<span>` element that's wrapped around the checkbox.
|
321
348
|
# @option args [TrueClass/FalseClass] :show_value When set to false the
|
322
349
|
# value of each checkbox won't be displayed to the right of the
|
323
350
|
# checkbox. This option is set to true by default.
|
data/lib/ramaze/helper/csrf.rb
CHANGED
@@ -76,15 +76,21 @@ module Ramaze
|
|
76
76
|
# end
|
77
77
|
#
|
78
78
|
module CSRF
|
79
|
+
include Innate::Optioned
|
80
|
+
|
81
|
+
options.dsl do
|
82
|
+
o 'The name of the token field', :field_name, 'csrf_token'
|
83
|
+
end
|
84
|
+
|
79
85
|
##
|
80
86
|
# Method that can be used to protect the specified methods against CSRF
|
81
87
|
# exploits. Each protected method will require the token to be stored in
|
82
88
|
# a field called "csrf_token". This method will then validate that token
|
83
89
|
# against the current token in the session.
|
84
90
|
#
|
85
|
-
# @param
|
86
|
-
#
|
87
|
-
#
|
91
|
+
# @param [Array] methods Array of method names that should be checked.
|
92
|
+
# @param [Proc] block Block that will be executed if the token is
|
93
|
+
# invalid.
|
88
94
|
# @example
|
89
95
|
# # Protect "create" and "save" against CSRF exploits
|
90
96
|
# before_all do
|
@@ -94,43 +100,35 @@ module Ramaze
|
|
94
100
|
# end
|
95
101
|
#
|
96
102
|
def csrf_protection(*methods, &block)
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
# the reason).
|
103
|
-
yield unless validate_csrf_token(request.params['csrf_token'])
|
103
|
+
if methods.include?(action.name) \
|
104
|
+
or methods.include?(action.name.to_sym)
|
105
|
+
unless validate_csrf_token(request.params[CSRF.options.field_name])
|
106
|
+
yield
|
107
|
+
end
|
104
108
|
end
|
105
109
|
end
|
106
110
|
|
107
111
|
##
|
108
112
|
# Generate a new token and create the session array that will be used to
|
109
|
-
# validate the client.
|
110
|
-
#
|
111
|
-
# * token: An unique hash that will be stored in each form
|
112
|
-
# * agent: The visitor's user agent
|
113
|
-
# * ip: The IP address of the visitor
|
114
|
-
# * time: Timestamp that indicates at what time the data was generated.
|
113
|
+
# validate the client.
|
115
114
|
#
|
116
|
-
# Note that this method will be automatically called if no CSRF token
|
115
|
+
# Note that this method will be automatically called if no CSRF token
|
116
|
+
# exists.
|
117
117
|
#
|
118
|
-
# @param [Hash] Additional arguments that can be set such as the
|
118
|
+
# @param [Hash] args Additional arguments that can be set such as the
|
119
|
+
# TTL.
|
119
120
|
#
|
120
121
|
def generate_csrf_token(args = {})
|
121
|
-
ttl = args[:ttl] || (15 * 60)
|
122
122
|
random = SecureRandom.random_bytes(512)
|
123
123
|
time = Time.now.to_f
|
124
124
|
token = Digest::SHA512.hexdigest(random + time.to_s)
|
125
125
|
|
126
126
|
# Time to store all the data we want to check later.
|
127
127
|
session[:_csrf] = {
|
128
|
-
:time => time.to_i,
|
129
128
|
:token => token,
|
130
129
|
:ip => request.ip,
|
131
130
|
:agent => request.env['HTTP_USER_AGENT'],
|
132
|
-
:host => request.host
|
133
|
-
:ttl => ttl
|
131
|
+
:host => request.host
|
134
132
|
}
|
135
133
|
|
136
134
|
return
|
@@ -155,13 +153,7 @@ module Ramaze
|
|
155
153
|
|
156
154
|
##
|
157
155
|
# Validates the request based on the current session date stored in
|
158
|
-
# _csrf.
|
159
|
-
#
|
160
|
-
# * Do the user agent, ip and token match those supplied by the visitor?
|
161
|
-
# * Has the token been expired? (after 15 minutes).
|
162
|
-
#
|
163
|
-
# If any of these checks fail this method will return FALSE. It's your
|
164
|
-
# job to take action based on the results of this method.
|
156
|
+
# _csrf.
|
165
157
|
#
|
166
158
|
# @param [String] input_token The CSRF token to validate.
|
167
159
|
# @return [TrueClass|FalseClass]
|
@@ -182,13 +174,13 @@ module Ramaze
|
|
182
174
|
_csrf = session[:_csrf]
|
183
175
|
|
184
176
|
valid = session[:_csrf][:token] == input_token &&
|
185
|
-
(Time.now.to_f - _csrf[:time]) <= _csrf[:ttl] &&
|
186
177
|
_csrf[:host] == request.host &&
|
187
178
|
_csrf[:ip] == request.ip &&
|
188
179
|
_csrf[:agent] == request.env['HTTP_USER_AGENT']
|
189
180
|
|
190
181
|
if valid
|
191
182
|
generate_csrf_token
|
183
|
+
|
192
184
|
return true
|
193
185
|
else
|
194
186
|
return false
|
data/lib/ramaze/helper/flash.rb
CHANGED
@@ -36,7 +36,7 @@ module Ramaze
|
|
36
36
|
# Use in your template to display all flash messages that may be stored.
|
37
37
|
# For example, given you stored:
|
38
38
|
#
|
39
|
-
# flash # => { :error => '
|
39
|
+
# flash # => { :error => 'Please enter your name'
|
40
40
|
# :info => 'Do you see the fnords?' }
|
41
41
|
#
|
42
42
|
# Then a flashbox would display:
|
data/lib/ramaze/helper/upload.rb
CHANGED
@@ -246,8 +246,8 @@ module Ramaze
|
|
246
246
|
# handle_uploads_for :baz, [:qux, /^up.*/]
|
247
247
|
# end
|
248
248
|
#
|
249
|
-
# @param
|
250
|
-
# (and optionally patterns) that should handle file uploads
|
249
|
+
# @param [Array] args An arbitrary long list of arguments with action
|
250
|
+
# names (and optionally patterns) that should handle file uploads
|
251
251
|
# automatically. Each argument can either be a symbol or a two-element
|
252
252
|
# array consisting of a symbol and a reqexp.
|
253
253
|
# @see #handle_all_uploads
|
@@ -391,7 +391,7 @@ module Ramaze
|
|
391
391
|
# but if you provide a complete path this method it will try to identify
|
392
392
|
# the filename and use that instead.
|
393
393
|
#
|
394
|
-
# @param [String] The new suggested filename.
|
394
|
+
# @param [String] name The new suggested filename.
|
395
395
|
#
|
396
396
|
def filename=(name)
|
397
397
|
@filename = File.basename(name)
|
@@ -493,6 +493,8 @@ module Ramaze
|
|
493
493
|
# Update the realfile property, indicating that the file has been
|
494
494
|
# saved
|
495
495
|
@realfile = File.new(path)
|
496
|
+
# But no need to keep it open
|
497
|
+
@realfile.close
|
496
498
|
|
497
499
|
# If the unlink_tempfile option is set to true, delete the temporary
|
498
500
|
# file created by Rack
|
data/lib/ramaze/helper/user.rb
CHANGED
data/lib/ramaze/log.rb
CHANGED
@@ -21,14 +21,9 @@ module Ramaze
|
|
21
21
|
# @since 11-08-2009
|
22
22
|
#
|
23
23
|
module Logger
|
24
|
-
autoload :Analogger , 'ramaze/log/analogger'
|
25
|
-
autoload :Growl , 'ramaze/log/growl'
|
26
24
|
autoload :LogHub , 'ramaze/log/hub'
|
27
|
-
autoload :Knotify , 'ramaze/log/knotify'
|
28
25
|
autoload :RotatingInformer, 'ramaze/log/rotatinginformer'
|
29
26
|
autoload :Syslog , 'ramaze/log/syslog'
|
30
|
-
autoload :Growl , 'ramaze/log/growl'
|
31
|
-
autoload :Xosd , 'ramaze/log/xosd'
|
32
27
|
autoload :Logger , 'ramaze/log/logger'
|
33
28
|
end
|
34
29
|
end
|