Rafael Mendonça França
57126ee5e3
Restore and adapt the implementation reverted at
...
cc1c3c5be0
Now instead of raise, we log by default in development and test
2013-01-19 15:32:27 -02:00
Thomas Drake-Brockman
130370b1c8
Added ability to raise or log on unpermitted params.
2013-01-20 00:39:24 +08:00
Aaron Patterson
f209b176c3
Merge pull request #8977 from Soylent/master
...
Resovled issue rails#7774
2013-01-18 17:27:19 -08:00
Guillermo Iguaran
e636f55531
Fix syntax error 😁
2013-01-18 17:16:30 -05:00
schneems
f654c3cfc0
Remove "Application" section title from routes
...
This PR standardizes the output of the HTML and console based routes to not include the title for "Application Routes" those that are defined by the application. Instead only routes defined in engines get any special treatment.
Based on this conversation:
af5c0fd85f (commitcomment-2458823)
ATP actionpack /cc @carlosantoniodasilva
2013-01-18 15:41:19 -06:00
Francesco Rodriguez
b8ef4f05fb
fix broken examples format in image_tag helper [ci skip]
2013-01-18 12:26:03 -05:00
Guillermo Iguaran
8aebe30ef4
Revert "Merge pull request #8989 from robertomiranda/use-rails-4-find-by"
...
This reverts commit 637a7d9d357a0f3f725b0548282ca8c5e7d4af4a, reversing
changes made to 5937bd02dee112646469848d7fe8a8bfcef5b4c1.
2013-01-18 09:15:19 -05:00
robertomiranda
7baecc4802
User Rails 4 find_by
2013-01-18 07:56:05 -05:00
Thiago Pinto
8c603918ab
repeating documentation for option form helpers
2013-01-17 13:45:16 -05:00
Thiago Pinto
d1238afc21
repeating documentation for date and time form helpers
2013-01-17 13:40:01 -05:00
Chris McGrath
60289ab659
Don't change the original i18n data
2013-01-17 16:01:19 +00:00
Chris McGrath
6bb784eab0
Remove i18n symbol dependency
...
date.order is the only key in rails i18n that is required to be a
symbol. This patch allows for symbols or strings which means:
* No requirement for symbol type in .yml files. A future
YAML.safe_load wouldn't need to load symbols
* Rails could actually use json rather than yml as the backend
2013-01-17 15:21:26 +00:00
Konstantin Papkovskiy
bebb02fd1c
Fix ActionDispatch::Request#formats when HTTP_ACCEPT header is empty string
2013-01-17 17:42:49 +04:00
Carlos Antonio da Silva
ee314a5e5a
Remove useless || operation
2013-01-17 09:28:07 -02:00
Arun Agrawal
c9362182c8
Removing : warning: ambiguous first argument;
2013-01-17 14:43:11 +05:30
Carlos Antonio da Silva
038574a538
Deprecate direct calls to AC::RecordIdentifier.dom_id and dom_class
...
Also add some generic tests to ensure they're properly deprecated.
2013-01-16 23:09:36 -02:00
Colin Burn-Murdoch
3daff0508b
Fix date_select :selected option so you can pass it nil
2013-01-16 21:52:09 +00:00
Carlos Antonio da Silva
e5f5863e86
Remove warnings: "(...) interpreted as grouped expression"
2013-01-16 09:41:08 -02:00
Aditya Sanghi
3c19064610
adding regression test in master for #8631
2013-01-16 16:59:45 +05:30
Carlos Antonio da Silva
e7ffb5e4e3
Fix typo introduced in 0004ca3a
...
[ci skip]
2013-01-16 09:26:45 -02:00
Matthew Stopa
0004ca3a97
More documentation for ActionDispatch::Response
...
[ci skip]
2013-01-16 00:48:25 -07:00
Matthew Stopa
7b1a58bbae
Document ActionDispatch::Response#body method
2013-01-16 00:33:08 -07:00
Rafael Mendonça França
e42b5f99eb
Merge pull request #8958 from balexand/strong_parameters_exception_handling
...
Strong parameters exception handling
2013-01-15 17:28:29 -08:00
Brian Alexander
8e221127ab
strong parameters exception handling
2013-01-15 17:45:34 -07:00
Edward Anderson
7925884b5e
Remove header bloat introduced by BestStandardsSupport middleware
...
The same headers were being duplicated on every request.
2013-01-15 19:16:08 -05:00
Andrew White
f1d8f2af72
Change the behavior of route defaults
...
This commit changes route defaults so that explicit defaults are no
longer required where the key is not part of the path. For example:
resources :posts, bucket_type: 'posts'
will be required whenever constructing the url from a hash such as a
functional test or using url_for directly. However using the explicit
form alters the behavior so it's not required:
resources :projects, defaults: { bucket_type: 'projects' }
This changes existing behavior slightly in that any routes which
only differ in their defaults will match the first route rather
than the closest match.
Closes #8814
2013-01-15 17:22:25 +00:00
Andrew White
90d2802b71
Add support for other types of routing constraints
...
This now allows the use of arrays like this:
get '/foo/:action', to: 'foo', constraints: { subdomain: %w[www admin] }
or constraints where the request method returns an Fixnum like this:
get '/foo', to: 'foo#index', constraints: { port: 8080 }
Note that this only applies to constraints on the request - path
constraints still need to be specified as Regexps as the various
constraints are compiled into a single Regexp.
2013-01-15 17:21:33 +00:00
Andrew White
b28fc685a9
Ensure port is set when passed via the process method
2013-01-15 17:21:33 +00:00
Andrew White
db06d12826
Raise correct exception now Journey is integrated.
...
Now that Journey has been integrated into ActionDispatch we can raise
the exception ActionController::UrlGenerationError directly rather than
raising the internal Journey::Router::RoutingError and then have
ActionDispatch::Routing::RouteSet#generate re-raise the exception.
2013-01-15 17:21:33 +00:00
Carlos Antonio da Silva
9dfe2d6f9f
Revert "log at debug level what line caused the redirect_to"
...
This reverts commit 3fa00070047b5d019d39e691598ee2890283d052.
Reason: This message is usually not accurate and annoying:
Redirected by ~/.rbenv/versions/1.9.3-p327-perf/lib/ruby/1.9.1/logger.rb:371:in `add'`
2013-01-15 12:47:25 -02:00
Steve Klabnik
1dd89250d1
Merge pull request #8938 from colinbm/date_select_value
...
Rename :value to :selected for date_select, and add missing tests/docs
2013-01-14 12:18:36 -08:00
Colin Burn-Murdoch
1fecaf15d7
Rename :value option to :selected, in line with other select helpers
...
Add tests for time & datetime.
Add documentation.
2013-01-14 19:49:07 +00:00
Jeremy Kemper
bf095770e5
Revert benchmark helper regression. Use a #capture within a #benchmark
...
block. Breaks benchmark calls that return non-String values otherwise.
Revert "add benchmark helper that works in erb"
This reverts commit 904e544cc8f5846de7c31827bb5556c6a238c0de.
Conflicts:
actionpack/lib/action_view/helpers.rb
actionpack/lib/action_view/helpers/benchmark_helper.rb
actionpack/test/template/benchmark_helper_test.rb
2013-01-14 10:24:43 -07:00
Rafael Mendonça França
242f12506d
Merge pull request #8916 from josemota/collection-with-block
...
Collection radio buttons and collection check boxes through FormBuilder render the provided block.
Closes #8897
2013-01-13 18:27:41 -08:00
Colin Burn-Murdoch
aea3820261
Allow value to be set on date_select
2013-01-13 21:03:21 +00:00
Steve Klabnik
a0265b98f1
Associaton -> Association
2013-01-13 10:43:24 -05:00
José Mota
8cc60d8136
Collection radio buttons and collection check boxes through FormBuilder render
...
the provided block.
In the case of having a form_for method being called, the block for each
collection would not be passed and thus the result expected was always the same.
This patch passes the block to the original method like it would be assumed.
2013-01-12 17:42:18 +00:00
Sam Ruby
c692774bba
Fix regression introduced in pull request 8812
...
See https://github.com/rails/rails/pull/8812#commitcomment-2416514
2013-01-11 16:48:58 -05:00
Carlos Antonio da Silva
d61b49e178
Merge pull request #8882 from goshakkk/clearer-conditional
...
Clearer conditional in constraint match check
2013-01-11 03:21:51 -08:00
Jon Leighton
94797ed146
Merge pull request #8623 from virusman/form_helpers_collectionproxy_fix
...
Fixed nested fields bug when called with AssociationProxy
2013-01-11 03:08:41 -08:00
Dylan Smith
bae92681be
Fix json params parsing regression for non-object JSON content.
...
Fixes #8845 .
2013-01-11 00:28:32 -05:00
Gosha Arinich
caa54db8a0
clearer conditional in constraint match check
2013-01-10 23:40:57 +03:00
Guillermo Iguaran
416a179ddf
Merge pull request #8876 from senny/extract_performance_tests
...
Extract ActionDispatch::PerformanceTest
2013-01-10 08:10:22 -08:00
Yves Senn
3e1ed7818b
extract PerformanceTest into rails-performance_tests gem
2013-01-10 17:09:06 +01:00
Rafael Mendonça França
2b5019e234
Merge pull request #8821 from jamis/master
...
Evaluate view_cache_dependencies at the instance level
Conflicts:
actionpack/lib/action_controller/caching.rb
2013-01-10 13:34:40 -02:00
zires
ff8f92b2bf
Remove redundant double quotation marks
2013-01-10 10:23:26 +08:00
Aaron Patterson
8ae9b4623e
adding missing requires
2013-01-09 15:34:58 -08:00
Nathaniel Jones
d2f1ca29fc
Fix typo in deprecation warning
2013-01-09 04:04:57 -06:00
Santiago Pastorino
5d0d82957a
Merge pull request #8824 from mjtko/fix/cookie-store-inheritance
...
Modify CookieStore middleware inheritance to avoid subclassing Rack::Session::Cookie [Fix for #7372 ]
2013-01-08 17:27:13 -08:00
Carlos Antonio da Silva
b28d6e2c76
Remove :yaml related tests and fix other related to parsing empty arrays
...
All Action Pack tests are green.
2013-01-08 20:27:48 -02:00
Carlos Antonio da Silva
21879c560f
Fix warning: & interpreted as argument prefix
2013-01-08 20:16:20 -02:00
Aaron Patterson
e80546cdec
remove yaml as a param parser :burn:
...
If you revert this commit, I will hunt you down, I will make you regret
ever terrible thing you've ever done, I will make you suffer.
2013-01-08 13:50:38 -08:00
Jeremy Kemper
46e0d2397e
CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.
2013-01-08 12:42:29 -08:00
Aaron Patterson
8e577fe560
* Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
...
Conflicts:
actionpack/CHANGELOG.md
actionpack/lib/action_dispatch/http/request.rb
actionpack/lib/action_dispatch/middleware/params_parser.rb
activerecord/CHANGELOG.md
activerecord/lib/active_record/relation/predicate_builder.rb
activerecord/test/cases/relation/where_test.rb
2013-01-08 12:41:24 -08:00
Jeremy Kemper
c31cc963da
Revert "Merge branch 'master-sec'"
...
This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing
changes made to f049016cd348627bf8db0d72382d7580bf802a79.
2013-01-08 12:41:04 -08:00
Aaron Patterson
88cc1688d0
Merge branch 'master-sec'
...
* master-sec:
CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.
* Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
2013-01-08 12:11:18 -08:00
Jeremy Kemper
2ced6f2f8a
CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.
2013-01-08 12:03:34 -08:00
Vijay Dev
f049016cd3
Merge branch 'master' of github.com:lifo/docrails
...
Conflicts:
guides/source/getting_started.md
2013-01-09 01:04:15 +05:30
Jamis Buck
0121377cfb
evaluate the dependency blocks at the instance level, not class level
2013-01-08 12:02:11 -07:00
Jamis Buck
70e684a681
view_cache_dependency API
...
A declarative API for specifying dependencies that affect template
cache digest computation. In your controller, specify any of said
dependencies:
view_cache_dependency { "phone" if using_phone? }
When the block is evaluated, the resulting value is included in the
cache digest calculation, allowing you to generate different digests
for effectively the same template. (Mostly useful if you're mucking
with template load paths.)
2013-01-08 11:20:47 -07:00
Steve Klabnik
ac86cbec82
Merge pull request #8810 from NARKOZ/image-submit-tag
...
set 'alt' attribute for image_submit_tag
2013-01-08 07:39:06 -08:00
David Heinemeier Hansson
cc1c3c5be0
Revert "unpermitted params" exception -- it's just not going to work. See the discussion on https://github.com/rails/strong_parameters/pull/75 .
2013-01-08 16:17:30 +01:00
David Heinemeier Hansson
ae3286b743
Never treat action or controller as unpermitted params
2013-01-08 15:52:18 +01:00
Carlos Antonio da Silva
4f002a1df3
Bump rack dependency to 1.4.3
...
It includes security bug fixes and changes the initialization of
Rack::File to accept a hash, otherwise generating warnings.
See 295806e for the warnings fix.
2013-01-08 10:49:02 -02:00
Sam Ruby
9cc82b7719
Eliminate Rack::File headers deprecation warning
...
See http://intertwingly.net/projects/AWDwR4/checkdepot/section-6.1.html
rake test produces:
"Rack::File headers parameter replaces cache_control after Rack 1.5."
Despite what the message says, it appears that the hearders parameter change
will be effective as of Rack 1.5:
https://github.com/rack/rack/blob/rack-1.4/lib/rack/file.rb#L24
https://github.com/rack/rack/blob/master/lib/rack/file.rb#L24
2013-01-08 07:22:48 -05:00
Nihad Abbasov
0f8f75c81a
set 'alt' attribute for image_submit_tag
2013-01-08 15:56:47 +04:00
Carlos Antonio da Silva
c67005f221
Do not generate local vars for partials without object or collection
...
Previously rendering a partial without giving :object or :collection
would generate a local variable with the partial name by default.
This was noticed due to warnings in Ruby 2.0 of not used variables,
which turned out to be the generation of not used variables inside
partials that do not contain objects related to them.
2013-01-08 09:15:20 -02:00
Mark J. Titorenko
109a1b3358
Revert cb3181e - no longer required.
2013-01-08 10:10:39 +00:00
Mark J. Titorenko
fc66b6b004
Fix CookieStore middleware inheritance hierarchy s.t. it inherits from Rack::Session::Abstract::ID rather than Rack::Session::Cookie.
2013-01-08 10:10:36 +00:00
Santiago Pastorino
cb3181e81e
Avoid Rack security warning no secret provided
...
This avoids "SECURITY WARNING: No secret option provided to Rack::Session::Cookie."
2013-01-08 00:33:16 -02:00
Aaron Patterson
d99e8c9e16
* Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
...
Conflicts:
actionpack/CHANGELOG.md
actionpack/lib/action_dispatch/http/request.rb
actionpack/lib/action_dispatch/middleware/params_parser.rb
activerecord/CHANGELOG.md
activerecord/lib/active_record/relation/predicate_builder.rb
activerecord/test/cases/relation/where_test.rb
2013-01-07 17:20:12 -08:00
Francesco Rodriguez
2aa08e313d
improve StrongParameters documentation [ci skip]
2013-01-07 16:18:06 -05:00
Gosha Arinich
ae1f86fab5
access @path
and @routes
via reader methods in journey
2013-01-07 17:37:02 +03:00
Gosha Arinich
a7f9c596b3
refactor ShowExceptions' #call to use def-rescue instead of begin-rescue
2013-01-07 15:58:55 +03:00
Gosha Arinich
0acf92184d
prefer american spelling of 'behavior'
2013-01-07 11:47:27 +03:00
Gosha Arinich
d73cc03010
remove begin-rescue in favor of def-rescue
2013-01-07 04:02:20 +03:00
Rafael Mendonça França
cc24eba544
Fix operators precedence issue
2013-01-06 21:54:46 -03:00
Rafael Mendonça França
dc4b4c46ef
Merge pull request #8787 from tank-bohr/master
...
masgn and response variable
2013-01-06 16:00:14 -08:00
Rafael Mendonça França
fb7c093d93
Merge pull request #8785 from goshakkk/refactor-debug-exceptions
...
Refactor DebugExceptions
2013-01-06 15:49:33 -08:00
Gosha Arinich
c445b07612
refactor DebugExceptions by combining two conditionals into one
2013-01-07 02:46:03 +03:00
tank-bohr
f3101fd0fc
return multiple assingment and response variable
2013-01-07 03:37:06 +04:00
Akira Matsuda
3c21237c37
Reduce number of Strings a bit
2013-01-07 07:37:23 +09:00
Akira Matsuda
c8e632bd9f
Namespace HashWithIndifferentAccess
2013-01-07 07:37:23 +09:00
Rafael Mendonça França
4bfcae0b67
Merge pull request #8783 from goshakkk/refactor-journey-routes
...
Refactor Journey::Routes
2013-01-06 14:30:35 -08:00
Gosha Arinich
2467ec8b5c
refactor Journey::Routes
...
* prefer do-end for multiline blocks
* prefer or-equals over returns with checks
2013-01-07 01:24:29 +03:00
tank-bohr
8f18550b0a
fix for rbx
...
Rubinius returns a boolean after such assingment
response = (_, headers, body = @app.call(env))
see https://github.com/rubinius/rubinius/issues/2117
get rid of a local variable
2013-01-07 02:00:40 +04:00
Akira Matsuda
2f8e5f627d
Needless requires
2013-01-06 23:59:11 +09:00
Akira Matsuda
5fd143ec56
Missing requires
2013-01-06 23:58:48 +09:00
Akira Matsuda
15bd0f60db
These are already required through AS/rails
...
* core_ext/object/blank
* concern
* core_ext/class/attribute
* deprecation
2013-01-06 23:57:25 +09:00
Carlos Antonio da Silva
b8d9319e8e
Rename route_wrapper partial layout to table
...
It is used by the table formatter only, and it's already inside a routes
directory that namespaces it properly, so calling it just "table" seems
simpler.
2013-01-06 11:22:26 -02:00
Carlos Antonio da Silva
3abb76824b
Move table routes formatter class to the inspector and rename it
...
It feels more consistent to have this class called "HtmlTableFormatter",
and to have it here with the routes inspector and console formatter,
since it's used for both routing error exceptions and the rails info
page.
2013-01-06 11:19:30 -02:00
Andrew White
f18078475e
Merge pull request #8777 from goshakkk/delegate-class
...
Delegate to :class rather than 'self.class'
2013-01-06 05:00:54 -08:00
Carlos Antonio da Silva
7843e009d2
Refactor the logic that checks whether or not to emit the hidden id field
...
By checking for object.persisted? first, we avoid the hash lookups for
new objects.
2013-01-06 10:54:22 -02:00
Carlos Antonio da Silva
e56e3db6e6
Move the hidden :id field logic to where it belongs to
...
When dealing with nested forms, Rails automatically generates a hidden
field with the id value of the current object being generated by
fields_for. This logic was inside the method that's available from the
template object, but we just need it when really dealing with nested
attributes, so moving the code to here makes more sense.
2013-01-06 10:54:22 -02:00
Carlos Antonio da Silva
04338b9e3b
Eliminate the usage of parent_builder option from form_for
...
Just use it internally from fields_for until we come up with a better solution.
2013-01-06 10:54:22 -02:00
Carlos Antonio da Silva
115a37d9c1
Do not call fields_for from form_for, to avoid instantiating two builders
2013-01-06 10:54:21 -02:00
Carlos Antonio da Silva
94ecbb7e7b
Refactor to not call path.ast twice
2013-01-06 10:52:36 -02:00
Gosha Arinich
c730bef3d8
refactor Route#ast to use or-equals and block, instead of return with a cond
2013-01-06 15:38:00 +03:00
Gosha Arinich
7a439d23de
delegate to :class rather than 'self.class'
2013-01-06 12:43:30 +03:00
Akira Matsuda
70ae89c321
Remove unnecessary begin..rescue..end, use only rescue
2013-01-06 15:41:14 +09:00