TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
35,470 Commits 2 Branches 0 Tags 294 MiB
68f69ec31e
Commit Graph

10042 Commits

Author SHA1 Message Date
Rafael Mendonça França
57126ee5e3 Restore and adapt the implementation reverted at 
cc1c3c5be0

Now instead of raise, we log by default in development and test
 2013-01-19 15:32:27 -02:00
Thomas Drake-Brockman
130370b1c8 Added ability to raise or log on unpermitted params. 2013-01-20 00:39:24 +08:00
Aaron Patterson
f209b176c3 Merge pull request #8977 from Soylent/master 
Resovled issue rails#7774
 2013-01-18 17:27:19 -08:00
Guillermo Iguaran
e636f55531 Fix syntax error 😁 2013-01-18 17:16:30 -05:00
schneems
f654c3cfc0 Remove "Application" section title from routes 
This PR standardizes the output of the HTML and console based routes to not include the title for "Application Routes" those that are defined by the application. Instead only routes defined in engines get any special treatment. 

Based on this conversation:

af5c0fd85f (commitcomment-2458823)

ATP actionpack /cc @carlosantoniodasilva
 2013-01-18 15:41:19 -06:00
Francesco Rodriguez
b8ef4f05fb fix broken examples format in image_tag helper [ci skip] 2013-01-18 12:26:03 -05:00
Guillermo Iguaran
8aebe30ef4 Revert "Merge pull request #8989 from robertomiranda/use-rails-4-find-by" 
This reverts commit 637a7d9d357a0f3f725b0548282ca8c5e7d4af4a, reversing
changes made to 5937bd02dee112646469848d7fe8a8bfcef5b4c1.
 2013-01-18 09:15:19 -05:00
robertomiranda
7baecc4802 User Rails 4 find_by 2013-01-18 07:56:05 -05:00
Thiago Pinto
8c603918ab repeating documentation for option form helpers 2013-01-17 13:45:16 -05:00
Thiago Pinto
d1238afc21 repeating documentation for date and time form helpers 2013-01-17 13:40:01 -05:00
Chris McGrath
60289ab659 Don't change the original i18n data 2013-01-17 16:01:19 +00:00
Chris McGrath
6bb784eab0 Remove i18n symbol dependency 
date.order is the only key in rails i18n that is required to be a
symbol. This patch allows for symbols or strings which means:

* No requirement for symbol type in .yml files. A future
  YAML.safe_load wouldn't need to load symbols
* Rails could actually use json rather than yml as the backend
 2013-01-17 15:21:26 +00:00
Konstantin Papkovskiy
bebb02fd1c Fix ActionDispatch::Request#formats when HTTP_ACCEPT header is empty string 2013-01-17 17:42:49 +04:00
Carlos Antonio da Silva
ee314a5e5a Remove useless || operation 2013-01-17 09:28:07 -02:00
Arun Agrawal
c9362182c8 Removing : warning: ambiguous first argument; 2013-01-17 14:43:11 +05:30
Carlos Antonio da Silva
038574a538 Deprecate direct calls to AC::RecordIdentifier.dom_id and dom_class 
Also add some generic tests to ensure they're properly deprecated.
 2013-01-16 23:09:36 -02:00
Colin Burn-Murdoch
3daff0508b Fix date_select :selected option so you can pass it nil 2013-01-16 21:52:09 +00:00
Carlos Antonio da Silva
e5f5863e86 Remove warnings: "(...) interpreted as grouped expression" 2013-01-16 09:41:08 -02:00
Aditya Sanghi
3c19064610 adding regression test in master for #8631 2013-01-16 16:59:45 +05:30
Carlos Antonio da Silva
e7ffb5e4e3 Fix typo introduced in 0004ca3a 
[ci skip]
 2013-01-16 09:26:45 -02:00
Matthew Stopa
0004ca3a97 More documentation for ActionDispatch::Response 
[ci skip]
 2013-01-16 00:48:25 -07:00
Matthew Stopa
7b1a58bbae Document ActionDispatch::Response#body method 2013-01-16 00:33:08 -07:00
Rafael Mendonça França
e42b5f99eb Merge pull request #8958 from balexand/strong_parameters_exception_handling 
Strong parameters exception handling
 2013-01-15 17:28:29 -08:00
Brian Alexander
8e221127ab strong parameters exception handling 2013-01-15 17:45:34 -07:00
Edward Anderson
7925884b5e Remove header bloat introduced by BestStandardsSupport middleware 
The same headers were being duplicated on every request.
 2013-01-15 19:16:08 -05:00
Andrew White
f1d8f2af72 Change the behavior of route defaults 
This commit changes route defaults so that explicit defaults are no
longer required where the key is not part of the path. For example:

  resources :posts, bucket_type: 'posts'

will be required whenever constructing the url from a hash such as a
functional test or using url_for directly. However using the explicit
form alters the behavior so it's not required:

  resources :projects, defaults: { bucket_type: 'projects' }

This changes existing behavior slightly in that any routes which
only differ in their defaults will match the first route rather
than the closest match.

Closes #8814
 2013-01-15 17:22:25 +00:00
Andrew White
90d2802b71 Add support for other types of routing constraints 
This now allows the use of arrays like this:

  get '/foo/:action', to: 'foo', constraints: { subdomain: %w[www admin] }

or constraints where the request method returns an Fixnum like this:

  get '/foo', to: 'foo#index', constraints: { port: 8080 }

Note that this only applies to constraints on the request - path
constraints still need to be specified as Regexps as the various
constraints are compiled into a single Regexp.
 2013-01-15 17:21:33 +00:00
Andrew White
b28fc685a9 Ensure port is set when passed via the process method 2013-01-15 17:21:33 +00:00
Andrew White
db06d12826 Raise correct exception now Journey is integrated. 
Now that Journey has been integrated into ActionDispatch we can raise
the exception ActionController::UrlGenerationError directly rather than
raising the internal Journey::Router::RoutingError and then have
ActionDispatch::Routing::RouteSet#generate re-raise the exception.
 2013-01-15 17:21:33 +00:00
Carlos Antonio da Silva
9dfe2d6f9f Revert "log at debug level what line caused the redirect_to" 
This reverts commit 3fa00070047b5d019d39e691598ee2890283d052.

Reason: This message is usually not accurate and annoying:

    Redirected by ~/.rbenv/versions/1.9.3-p327-perf/lib/ruby/1.9.1/logger.rb:371:in `add'`
 2013-01-15 12:47:25 -02:00
Steve Klabnik
1dd89250d1 Merge pull request #8938 from colinbm/date_select_value 
Rename :value to :selected for date_select, and add missing tests/docs
 2013-01-14 12:18:36 -08:00
Colin Burn-Murdoch
1fecaf15d7 Rename :value option to :selected, in line with other select helpers 
Add tests for time & datetime.
Add documentation.
 2013-01-14 19:49:07 +00:00
Jeremy Kemper
bf095770e5 Revert benchmark helper regression. Use a #capture within a #benchmark 
block. Breaks benchmark calls that return non-String values otherwise.

Revert "add benchmark helper that works in erb"

This reverts commit 904e544cc8f5846de7c31827bb5556c6a238c0de.

Conflicts:
	actionpack/lib/action_view/helpers.rb
	actionpack/lib/action_view/helpers/benchmark_helper.rb
	actionpack/test/template/benchmark_helper_test.rb
 2013-01-14 10:24:43 -07:00
Rafael Mendonça França
242f12506d Merge pull request #8916 from josemota/collection-with-block 
Collection radio buttons and collection check boxes through FormBuilder render the provided block.

Closes #8897
 2013-01-13 18:27:41 -08:00
Colin Burn-Murdoch
aea3820261 Allow value to be set on date_select 2013-01-13 21:03:21 +00:00
Steve Klabnik
a0265b98f1 Associaton -> Association 2013-01-13 10:43:24 -05:00
José Mota
8cc60d8136 Collection radio buttons and collection check boxes through FormBuilder render 
the provided block.

In the case of having a form_for method being called, the block for each
collection would not be passed and thus the result expected was always the same.
This patch passes the block to the original method like it would be assumed.
 2013-01-12 17:42:18 +00:00
Sam Ruby
c692774bba Fix regression introduced in pull request 8812 
See https://github.com/rails/rails/pull/8812#commitcomment-2416514
 2013-01-11 16:48:58 -05:00
Carlos Antonio da Silva
d61b49e178 Merge pull request #8882 from goshakkk/clearer-conditional 
Clearer conditional in constraint match check
 2013-01-11 03:21:51 -08:00
Jon Leighton
94797ed146 Merge pull request #8623 from virusman/form_helpers_collectionproxy_fix 
Fixed nested fields bug when called with AssociationProxy
 2013-01-11 03:08:41 -08:00
Dylan Smith
bae92681be Fix json params parsing regression for non-object JSON content. 
Fixes #8845.
 2013-01-11 00:28:32 -05:00
Gosha Arinich
caa54db8a0 clearer conditional in constraint match check 2013-01-10 23:40:57 +03:00
Guillermo Iguaran
416a179ddf Merge pull request #8876 from senny/extract_performance_tests 
Extract ActionDispatch::PerformanceTest
 2013-01-10 08:10:22 -08:00
Yves Senn
3e1ed7818b extract PerformanceTest into rails-performance_tests gem 2013-01-10 17:09:06 +01:00
Rafael Mendonça França
2b5019e234 Merge pull request #8821 from jamis/master 
Evaluate view_cache_dependencies at the instance level

Conflicts:
	actionpack/lib/action_controller/caching.rb
 2013-01-10 13:34:40 -02:00
zires
ff8f92b2bf Remove redundant double quotation marks 2013-01-10 10:23:26 +08:00
Aaron Patterson
8ae9b4623e adding missing requires 2013-01-09 15:34:58 -08:00
Nathaniel Jones
d2f1ca29fc Fix typo in deprecation warning 2013-01-09 04:04:57 -06:00
Santiago Pastorino
5d0d82957a Merge pull request #8824 from mjtko/fix/cookie-store-inheritance 
Modify CookieStore middleware inheritance to avoid subclassing Rack::Session::Cookie [Fix for #7372]
 2013-01-08 17:27:13 -08:00
Carlos Antonio da Silva
b28d6e2c76 Remove :yaml related tests and fix other related to parsing empty arrays 
All Action Pack tests are green.
 2013-01-08 20:27:48 -02:00
Carlos Antonio da Silva
21879c560f Fix warning: & interpreted as argument prefix 2013-01-08 20:16:20 -02:00
Aaron Patterson
e80546cdec remove yaml as a param parser :burn: 
If you revert this commit, I will hunt you down, I will make you regret
ever terrible thing you've ever done, I will make you suffer.
 2013-01-08 13:50:38 -08:00
Jeremy Kemper
46e0d2397e CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. 2013-01-08 12:42:29 -08:00
Aaron Patterson
8e577fe560 * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu 
Conflicts:
	actionpack/CHANGELOG.md
	actionpack/lib/action_dispatch/http/request.rb
	actionpack/lib/action_dispatch/middleware/params_parser.rb
	activerecord/CHANGELOG.md
	activerecord/lib/active_record/relation/predicate_builder.rb
	activerecord/test/cases/relation/where_test.rb
 2013-01-08 12:41:24 -08:00
Jeremy Kemper
c31cc963da Revert "Merge branch 'master-sec'" 
This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing
changes made to f049016cd348627bf8db0d72382d7580bf802a79.
 2013-01-08 12:41:04 -08:00
Aaron Patterson
88cc1688d0 Merge branch 'master-sec' 
* master-sec:
  CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.
  * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
 2013-01-08 12:11:18 -08:00
Jeremy Kemper
2ced6f2f8a CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. 2013-01-08 12:03:34 -08:00
Vijay Dev
f049016cd3 Merge branch 'master' of github.com:lifo/docrails 
Conflicts:
	guides/source/getting_started.md
 2013-01-09 01:04:15 +05:30
Jamis Buck
0121377cfb evaluate the dependency blocks at the instance level, not class level 2013-01-08 12:02:11 -07:00
Jamis Buck
70e684a681 view_cache_dependency API 
A declarative API for specifying dependencies that affect template
cache digest computation. In your controller, specify any of said
dependencies:

  view_cache_dependency { "phone" if using_phone? }

When the block is evaluated, the resulting value is included in the
cache digest calculation, allowing you to generate different digests
for effectively the same template. (Mostly useful if you're mucking
with template load paths.)
 2013-01-08 11:20:47 -07:00
Steve Klabnik
ac86cbec82 Merge pull request #8810 from NARKOZ/image-submit-tag 
set 'alt' attribute for image_submit_tag
 2013-01-08 07:39:06 -08:00
David Heinemeier Hansson
cc1c3c5be0 Revert "unpermitted params" exception -- it's just not going to work. See the discussion on https://github.com/rails/strong_parameters/pull/75. 2013-01-08 16:17:30 +01:00
David Heinemeier Hansson
ae3286b743 Never treat action or controller as unpermitted params 2013-01-08 15:52:18 +01:00
Carlos Antonio da Silva
4f002a1df3 Bump rack dependency to 1.4.3 
It includes security bug fixes and changes the initialization of
Rack::File to accept a hash, otherwise generating warnings.

See 295806e for the warnings fix.
 2013-01-08 10:49:02 -02:00
Sam Ruby
9cc82b7719 Eliminate Rack::File headers deprecation warning 
See http://intertwingly.net/projects/AWDwR4/checkdepot/section-6.1.html
rake test produces:
   "Rack::File headers parameter replaces cache_control after Rack 1.5."

Despite what the message says, it appears that the hearders parameter change
will be effective as of Rack 1.5:

https://github.com/rack/rack/blob/rack-1.4/lib/rack/file.rb#L24
https://github.com/rack/rack/blob/master/lib/rack/file.rb#L24
 2013-01-08 07:22:48 -05:00
Nihad Abbasov
0f8f75c81a set 'alt' attribute for image_submit_tag 2013-01-08 15:56:47 +04:00
Carlos Antonio da Silva
c67005f221 Do not generate local vars for partials without object or collection 
Previously rendering a partial without giving :object or :collection
would generate a local variable with the partial name by default.

This was noticed due to warnings in Ruby 2.0 of not used variables,
which turned out to be the generation of not used variables inside
partials that do not contain objects related to them.
 2013-01-08 09:15:20 -02:00
Mark J. Titorenko
109a1b3358 Revert cb3181e - no longer required. 2013-01-08 10:10:39 +00:00
Mark J. Titorenko
fc66b6b004 Fix CookieStore middleware inheritance hierarchy s.t. it inherits from Rack::Session::Abstract::ID rather than Rack::Session::Cookie. 2013-01-08 10:10:36 +00:00
Santiago Pastorino
cb3181e81e Avoid Rack security warning no secret provided 
This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
 2013-01-08 00:33:16 -02:00
Aaron Patterson
d99e8c9e16 * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu 
Conflicts:
	actionpack/CHANGELOG.md
	actionpack/lib/action_dispatch/http/request.rb
	actionpack/lib/action_dispatch/middleware/params_parser.rb
	activerecord/CHANGELOG.md
	activerecord/lib/active_record/relation/predicate_builder.rb
	activerecord/test/cases/relation/where_test.rb
 2013-01-07 17:20:12 -08:00
Francesco Rodriguez
2aa08e313d improve StrongParameters documentation [ci skip] 2013-01-07 16:18:06 -05:00
Gosha Arinich
ae1f86fab5 access @path and @routes via reader methods in journey 2013-01-07 17:37:02 +03:00
Gosha Arinich
a7f9c596b3 refactor ShowExceptions' #call to use def-rescue instead of begin-rescue 2013-01-07 15:58:55 +03:00
Gosha Arinich
0acf92184d prefer american spelling of 'behavior' 2013-01-07 11:47:27 +03:00
Gosha Arinich
d73cc03010 remove begin-rescue in favor of def-rescue 2013-01-07 04:02:20 +03:00
Rafael Mendonça França
cc24eba544 Fix operators precedence issue 2013-01-06 21:54:46 -03:00
Rafael Mendonça França
dc4b4c46ef Merge pull request #8787 from tank-bohr/master 
masgn and response variable
 2013-01-06 16:00:14 -08:00
Rafael Mendonça França
fb7c093d93 Merge pull request #8785 from goshakkk/refactor-debug-exceptions 
Refactor DebugExceptions
 2013-01-06 15:49:33 -08:00
Gosha Arinich
c445b07612 refactor DebugExceptions by combining two conditionals into one 2013-01-07 02:46:03 +03:00
tank-bohr
f3101fd0fc return multiple assingment and response variable 2013-01-07 03:37:06 +04:00
Akira Matsuda
3c21237c37 Reduce number of Strings a bit 2013-01-07 07:37:23 +09:00
Akira Matsuda
c8e632bd9f Namespace HashWithIndifferentAccess 2013-01-07 07:37:23 +09:00
Rafael Mendonça França
4bfcae0b67 Merge pull request #8783 from goshakkk/refactor-journey-routes 
Refactor Journey::Routes
 2013-01-06 14:30:35 -08:00
Gosha Arinich
2467ec8b5c refactor Journey::Routes 
* prefer do-end for multiline blocks
* prefer or-equals over returns with checks
 2013-01-07 01:24:29 +03:00
tank-bohr
8f18550b0a fix for rbx 
Rubinius returns a boolean after such assingment
response = (_, headers, body = @app.call(env))

see https://github.com/rubinius/rubinius/issues/2117

get rid of a local variable
 2013-01-07 02:00:40 +04:00
Akira Matsuda
2f8e5f627d Needless requires 2013-01-06 23:59:11 +09:00
Akira Matsuda
5fd143ec56 Missing requires 2013-01-06 23:58:48 +09:00
Akira Matsuda
15bd0f60db These are already required through AS/rails 
* core_ext/object/blank
* concern
* core_ext/class/attribute
* deprecation
 2013-01-06 23:57:25 +09:00
Carlos Antonio da Silva
b8d9319e8e Rename route_wrapper partial layout to table 
It is used by the table formatter only, and it's already inside a routes
directory that namespaces it properly, so calling it just "table" seems
simpler.
 2013-01-06 11:22:26 -02:00
Carlos Antonio da Silva
3abb76824b Move table routes formatter class to the inspector and rename it 
It feels more consistent to have this class called "HtmlTableFormatter",
and to have it here with the routes inspector and console formatter,
since it's used for both routing error exceptions and the rails info
page.
 2013-01-06 11:19:30 -02:00
Andrew White
f18078475e Merge pull request #8777 from goshakkk/delegate-class 
Delegate to :class rather than 'self.class'
 2013-01-06 05:00:54 -08:00
Carlos Antonio da Silva
7843e009d2 Refactor the logic that checks whether or not to emit the hidden id field 
By checking for object.persisted? first, we avoid the hash lookups for
new objects.
 2013-01-06 10:54:22 -02:00
Carlos Antonio da Silva
e56e3db6e6 Move the hidden :id field logic to where it belongs to 
When dealing with nested forms, Rails automatically generates a hidden
field with the id value of the current object being generated by
fields_for. This logic was inside the method that's available from the
template object, but we just need it when really dealing with nested
attributes, so moving the code to here makes more sense.
 2013-01-06 10:54:22 -02:00
Carlos Antonio da Silva
04338b9e3b Eliminate the usage of parent_builder option from form_for 
Just use it internally from fields_for until we come up with a better solution.
 2013-01-06 10:54:22 -02:00
Carlos Antonio da Silva
115a37d9c1 Do not call fields_for from form_for, to avoid instantiating two builders 2013-01-06 10:54:21 -02:00
Carlos Antonio da Silva
94ecbb7e7b Refactor to not call path.ast twice 2013-01-06 10:52:36 -02:00
Gosha Arinich
c730bef3d8 refactor Route#ast to use or-equals and block, instead of return with a cond 2013-01-06 15:38:00 +03:00
Gosha Arinich
7a439d23de delegate to :class rather than 'self.class' 2013-01-06 12:43:30 +03:00
Akira Matsuda
70ae89c321 Remove unnecessary begin..rescue..end, use only rescue 2013-01-06 15:41:14 +09:00