.css and aliases phone.css to phone/index.css.
config.assets.precompile = [ 'phone/index.css' ]
# Both of these work with either precompile thanks to their aliases.
<%= stylesheet_link_tag 'phone', media: 'all' %>
<%= stylesheet_link_tag 'phone/index', media: 'all' %>
*Jeremy Kemper*
* `assert_template` is no more passing with what ever string that matches
with the template name.
Before when we have a template `/layout/hello.html.erb`, `assert_template`
was passing with any string that matches. This behavior allowed false
positive like:
assert_template "layout"
assert_template "out/hello"
Now it only passes with:
assert_template "layout/hello"
assert_template "hello"
Fixes #3849.
*Hugolnx*
* Handle `ActionDispatch::Http::UploadedFile` like `Rack::Test::UploadedFile`, don't call to_param on it. Since
`Rack::Test::UploadedFile` isn't API compatible this is needed to test file uploads that rely on `tempfile`
being available.
*Tim Vandecasteele*
* Respect `config.digest = false` for `asset_path`
Previously, the `asset_path` internals only respected the `:digest`
option, but ignored the global config setting. This meant that
`config.digest = false` could not be used in conjunction with
`config.compile = false` this corrects the behavior.
*Peter Wagenet*
* Fix #7646, the log now displays the correct status code when an exception is raised.
*Yves Senn*
* Fix handling of date selects when using both disabled and discard options.
Fixes #7431.
*Vasiliy Ermolovich*
* Fix select_tag when option_tags is nil.
Fixes #7404.
*Sandeep Ravichandran*
* `javascript_include_tag :all` will now not include `application.js` if the file does not exists. *Prem Sichanugrist*
* Support cookie jar options (e.g., domain :all) for all session stores.
Fixes GH#3047, GH#2483.
*Ravil Bayramgalin*
* Performance Improvement to send_file: Avoid having to pass an open file handle as the response body. Rack::Sendfile
will usually intercept the response and just uses the path directly, so no reason to open the file. This performance
improvement also resolves an issue with jRuby encodings, and is the reason for the backport, see issue #6844.
*Jeremy Kemper & Erich Menge*
## Rails 3.2.8 (Aug 9, 2012) ##
* There is an XSS vulnerability in the strip_tags helper in Ruby on Rails, the
helper doesn't correctly handle malformed html. As a result an attacker can
execute arbitrary javascript through the use of specially crafted malformed
html.
*Marek from Nethemba (www.nethemba.com) & Santiago Pastorino*
* When a "prompt" value is supplied to the `select_tag` helper, the "prompt" value is not escaped.
If untrusted data is not escaped, and is supplied as the prompt value, there is a potential for XSS attacks.
Vulnerable code will look something like this:
select_tag("name", options, :prompt => UNTRUSTED_INPUT)
*Santiago Pastorino*
* Reverted the deprecation of `:confirm`. *Rafael Mendonça França*
* Reverted the deprecation of `:disable_with`. *Rafael Mendonça França*
* Reverted the deprecation of `:mouseover` option to `image_tag`. *Rafael Mendonça França*
* Reverted the deprecation of `button_to_function` and `link_to_function` helpers.
*Rafael Mendonça França*
## Rails 3.2.7 (Jul 26, 2012) ##
* Do not convert digest auth strings to symbols. CVE-2012-3424
* Bump Journey requirements to 1.0.4
* Add support for optional root segments containing slashes
* Fixed bug creating invalid HTML in select options
* Show in log correct wrapped keys
* Fix NumberHelper options wrapping to prevent verbatim blocks being rendered instead of line continuations.
* ActionController::Metal doesn't have logger method, check it and then delegate
* ActionController::Caching depends on RackDelegation and AbstractController::Callbacks
## Rails 3.2.6 (Jun 12, 2012) ##
* nil is removed from array parameter values
CVE-2012-2694
* Deprecate `:confirm` in favor of `':data => { :confirm => "Text" }'` option for `button_to`, `button_tag`, `image_submit_tag`, `link_to` and `submit_tag` helpers.
*Carlos Galdino*
* Allow to use mounted_helpers (helpers for accessing mounted engines) in ActionView::TestCase. *Piotr Sarnacki*
* Include mounted_helpers (helpers for accessing mounted engines) in ActionDispatch::IntegrationTest by default. *Piotr Sarnacki*
## Rails 3.2.5 (Jun 1, 2012) ##
* No changes.
## Rails 3.2.4 (May 31, 2012) ##
* Deprecate old APIs for highlight, excerpt and word_wrap *Jeremy Walker*
* Deprecate `:disable_with` in favor of `'data-disable-with'` option for `button_to`, `button_tag` and `submit_tag` helpers.
*Carlos Galdino + Rafael Mendonça França*
* Deprecate `:mouseover` option for `image_tag` helper. *Rafael Mendonça França*
* Deprecate `button_to_function` and `link_to_function` helpers. *Rafael Mendonça França*
* Don't break Haml with textarea newline fix. GH #393, #4000, #5190, #5191
* Fix options handling on labels. GH #2492, #5614
* Added config.action_view.embed_authenticity_token_in_remote_forms to deal
with regression from 16ee611fa
* Set rendered_format when doing render :inline. GH #5632
* Fix the redirect when it receive blocks with arity of 1. Closes #5677
* Strip [nil] from parameters hash. Thanks to Ben Murphy for
reporting this! CVE-2012-2660
## Rails 3.2.3 (March 30, 2012) ##
* Allow to lazy load `default_form_builder` by passing a `String` instead of a constant. *Piotr Sarnacki*
* Fix #5632, render :inline set the proper rendered format. *Santiago Pastorino*
* Fix textarea rendering when using plugins like HAML. Such plugins encode the first newline character in the content. This issue was introduced in https://github.com/rails/rails/pull/5191 *James Coleman*
* Remove the leading \n added by textarea on assert_select. *Santiago Pastorino*
* Add `config.action_view.embed_authenticity_token_in_remote_forms` (defaults to true) which allows to set if authenticity token will be included by default in remote forms. If you change it to false, you can still force authenticity token by passing `:authenticity_token => true` in form options *Piotr Sarnacki*
* Do not include the authenticity token in forms where remote: true as ajax forms use the meta-tag value *DHH*
* Turn off verbose mode of rack-cache, we still have X-Rack-Cache to
check that info. Closes #5245. *Santiago Pastorino*
* Fix #5238, rendered_format is not set when template is not rendered. *Piotr Sarnacki*
* Upgrade rack-cache to 1.2. *José Valim*
* ActionController::SessionManagement is deprecated. *Santiago Pastorino*
* Since the router holds references to many parts of the system like engines, controllers and the application itself, inspecting the route set can actually be really slow, therefore we default alias inspect to to_s. *José Valim*
* Add a new line after the textarea opening tag. Closes #393 *Rafael Mendonça França*
* Always pass a respond block from to responder. We should let the responder to decide what to do with the given overridden response block, and not short circuit it. *sikachu*
* Fixes layout rendering regression from 3.2.2. *José Valim*
## Rails 3.2.2 (March 1, 2012) ##
* Format lookup for partials is derived from the format in which the template is being rendered. Closes #5025 part 2 *Santiago Pastorino*
* Use the right format when a partial is missing. Closes #5025. *Santiago Pastorino*
* Default responder will now always use your overridden block in `respond_with` to render your response. *Prem Sichanugrist*
* check_box helper with :disabled => true will generate a disabled hidden field to conform with the HTML convention where disabled fields are not submitted with the form.
This is a behavior change, previously the hidden tag had a value of the disabled checkbox.
*Tadas Tamosauskas*
## Rails 3.2.1 (January 26, 2012) ##
* Documentation improvements.
* Allow `form.select` to accept ranges (regression). *Jeremy Walker*
* `datetime_select` works with -/+ infinity dates. *Joe Van Dyk*
## Rails 3.2.0 (January 20, 2012) ##
* Setting config.assets.logger to false turn off Sprockets logger *Guillermo Iguaran*
* Add `config.action_dispatch.default_charset` to configure default charset for ActionDispatch::Response. *Carlos Antonio da Silva*
* Deprecate setting default charset at controller level, use the new `config.action_dispatch.default_charset` instead. *Carlos Antonio da Silva*
* Deprecate ActionController::UnknownAction in favour of AbstractController::ActionNotFound. *Carlos Antonio da Silva*
* Deprecate ActionController::DoubleRenderError in favour of AbstractController::DoubleRenderError. *Carlos Antonio da Silva*
* Deprecate method_missing handling for not found actions, use action_missing instead. *Carlos Antonio da Silva*
* Deprecate ActionController#rescue_action, ActionController#initialize_template_class, and ActionController#assign_shortcuts.
These methods were not being used internally anymore and are going to be removed in Rails 4. *Carlos Antonio da Silva*
* Add config.assets.logger to configure Sprockets logger *Rafael França*
* Use a BodyProxy instead of including a Module that responds to
close. Closes #4441 if Active Record is disabled assets are delivered
correctly *Santiago Pastorino*
* Rails initialization with initialize_on_precompile = false should set assets_dir *Santiago Pastorino*
* Add font_path helper method *Santiago Pastorino*
* Depends on rack ~> 1.4.0 *Santiago Pastorino*
* Add :gzip option to `caches_page`. The default option can be configured globally using `page_cache_compression` *Andrey Sitnik*
* The ShowExceptions middleware now accepts a exceptions application that is responsible to render an exception when the application fails. The application is invoked with a copy of the exception in `env["action_dispatch.exception"]` and with the PATH_INFO rewritten to the status code. *José Valim*
* Add `button_tag` support to ActionView::Helpers::FormBuilder.
This support mimics the default behavior of `submit_tag`.
Example:
<%= form_for @post do |f| %>
<%= f.button %>
<% end %>
* Date helpers accept a new option, `:use_two_digit_numbers = true`, that renders select boxes for months and days with a leading zero without changing the respective values.
For example, this is useful for displaying ISO8601-style dates such as '2011-08-01'. *Lennart Fridén and Kim Persson*
* Make ActiveSupport::Benchmarkable a default module for ActionController::Base, so the #benchmark method is once again available in the controller context like it used to be *DHH*
* Deprecated implied layout lookup in controllers whose parent had a explicit layout set:
class ApplicationController
layout "application"
end
class PostsController < ApplicationController
end
In the example above, Posts controller will no longer automatically look up for a posts layout.
If you need this functionality you could either remove `layout "application"` from ApplicationController or explicitly set it to nil in PostsController. *José Valim*
* Rails will now use your default layout (such as "layouts/application") when you specify a layout with `:only` and `:except` condition, and those conditions fail. *Prem Sichanugrist*
For example, consider this snippet:
class CarsController
layout 'single_car', :only => :show
end
Rails will use 'layouts/single_car' when a request comes in `:show` action, and use 'layouts/application' (or 'layouts/cars', if exists) when a request comes in for any other actions.
* form_for with +:as+ option uses "#{action}_#{as}" as css class and id:
Before:
form_for(@user, :as => 'client') # => ""
#
#
# <%= button_to "New", :action => "new", :form_class => "new-thing" %>
# # => ""
#
#
# <%= button_to "Create", :action => "create", :remote => true, :form => { "data-type" => "json" } %>
# # => ""
#
#
# <%= button_to "Delete Image", { :action => "delete", :id => @image.id },
# :confirm => "Are you sure?", :method => :delete %>
# # => ""
#
#
# <%= button_to('Destroy', 'http://www.example.com', :confirm => 'Are you sure?',
# :method => "delete", :remote => true, :disable_with => 'loading...') %>
# # => ""
# #
def button_to(name, options = {}, html_options = {})
html_options = html_options.stringify_keys
convert_boolean_attributes!(html_options, %w( disabled ))
method_tag = ''
if (method = html_options.delete('method')) && %w{put delete}.include?(method.to_s)
method_tag = tag('input', :type => 'hidden', :name => '_method', :value => method.to_s)
end
form_method = method.to_s == 'get' ? 'get' : 'post'
form_options = html_options.delete('form') || {}
form_options[:class] ||= html_options.delete('form_class') || 'button_to'
remote = html_options.delete('remote')
request_token_tag = ''
if form_method == 'post' && protect_against_forgery?
request_token_tag = tag(:input, :type => "hidden", :name => request_forgery_protection_token.to_s, :value => form_authenticity_token)
end
url = options.is_a?(String) ? options : self.url_for(options)
name ||= url
html_options = convert_options_to_data_attributes(options, html_options)
html_options.merge!("type" => "submit", "value" => name)
form_options.merge!(:method => form_method, :action => url)
form_options.merge!("data-remote" => "true") if remote
"#{tag(:form, form_options, true)}#{method_tag}#{tag("input", html_options)}#{request_token_tag}
".html_safe
end
# Creates a link tag of the given +name+ using a URL created by the set of
# +options+ unless the current request URI is the same as the links, in
# which case only the name is returned (or the given block is yielded, if
# one exists). You can give +link_to_unless_current+ a block which will
# specialize the default behavior (e.g., show a "Start Here" link rather
# than the link's text).
#
# ==== Examples
# Let's say you have a navigation menu...
#
#
# <%= link_to_unless_current("Home", { :action => "index" }) %>
# <%= link_to_unless_current("About Us", { :action => "about" }) %>
#
#
# If in the "about" action, it will render...
#
#
#
# ...but if in the "index" action, it will render:
#
#
#
# The implicit block given to +link_to_unless_current+ is evaluated if the current
# action is the action given. So, if we had a comments page and wanted to render a
# "Go Back" link instead of a link to the comments page, we could do something like this...
#
# <%=
# link_to_unless_current("Comment", { :controller => "comments", :action => "new" }) do
# link_to("Go back", { :controller => "posts", :action => "index" })
# end
# %>
def link_to_unless_current(name, options = {}, html_options = {}, &block)
link_to_unless current_page?(options), name, options, html_options, &block
end
# Creates a link tag of the given +name+ using a URL created by the set of
# +options+ unless +condition+ is true, in which case only the name is
# returned. To specialize the default behavior (i.e., show a login link rather
# than just the plaintext link text), you can pass a block that
# accepts the name or the full argument list for +link_to_unless+.
#
# ==== Examples
# <%= link_to_unless(@current_user.nil?, "Reply", { :action => "reply" }) %>
# # If the user is logged in...
# # => Reply
#
# <%=
# link_to_unless(@current_user.nil?, "Reply", { :action => "reply" }) do |name|
# link_to(name, { :controller => "accounts", :action => "signup" })
# end
# %>
# # If the user is logged in...
# # => Reply
# # If not...
# # => Reply
def link_to_unless(condition, name, options = {}, html_options = {}, &block)
if condition
if block_given?
block.arity <= 1 ? capture(name, &block) : capture(name, options, html_options, &block)
else
ERB::Util.html_escape(name)
end
else
link_to(name, options, html_options)
end
end
# Creates a link tag of the given +name+ using a URL created by the set of
# +options+ if +condition+ is true, otherwise only the name is
# returned. To specialize the default behavior, you can pass a block that
# accepts the name or the full argument list for +link_to_unless+ (see the examples
# in +link_to_unless+).
#
# ==== Examples
# <%= link_to_if(@current_user.nil?, "Login", { :controller => "sessions", :action => "new" }) %>
# # If the user isn't logged in...
# # => Login
#
# <%=
# link_to_if(@current_user.nil?, "Login", { :controller => "sessions", :action => "new" }) do
# link_to(@current_user.login, { :controller => "accounts", :action => "show", :id => @current_user })
# end
# %>
# # If the user isn't logged in...
# # => Login
# # If they are logged in...
# # => my_username
def link_to_if(condition, name, options = {}, html_options = {}, &block)
link_to_unless !condition, name, options, html_options, &block
end
# Creates a mailto link tag to the specified +email_address+, which is
# also used as the name of the link unless +name+ is specified. Additional
# HTML attributes for the link can be passed in +html_options+.
#
# +mail_to+ has several methods for hindering email harvesters and customizing
# the email itself by passing special keys to +html_options+.
#
# ==== Options
# * :encode - This key will accept the strings "javascript" or "hex".
# Passing "javascript" will dynamically create and encode the mailto link then
# eval it into the DOM of the page. This method will not show the link on
# the page if the user has JavaScript disabled. Passing "hex" will hex
# encode the +email_address+ before outputting the mailto link.
# * :replace_at - When the link +name+ isn't provided, the
# +email_address+ is used for the link label. You can use this option to
# obfuscate the +email_address+ by substituting the @ sign with the string
# given as the value.
# * :replace_dot - When the link +name+ isn't provided, the
# +email_address+ is used for the link label. You can use this option to
# obfuscate the +email_address+ by substituting the . in the email with the
# string given as the value.
# * :subject - Preset the subject line of the email.
# * :body - Preset the body of the email.
# * :cc - Carbon Copy additional recipients on the email.
# * :bcc - Blind Carbon Copy additional recipients on the email.
#
# ==== Examples
# mail_to "me@domain.com"
# # => me@domain.com
#
# mail_to "me@domain.com", "My email", :encode => "javascript"
# # =>
#
# mail_to "me@domain.com", "My email", :encode => "hex"
# # => My email
#
# mail_to "me@domain.com", nil, :replace_at => "_at_", :replace_dot => "_dot_", :class => "email"
# # => me_at_domain_dot_com
#
# mail_to "me@domain.com", "My email", :cc => "ccaddress@domain.com",
# :subject => "This is an example email"
# # => My email
def mail_to(email_address, name = nil, html_options = {})
email_address = ERB::Util.html_escape(email_address)
html_options = html_options.stringify_keys
encode = html_options.delete("encode").to_s
extras = %w{ cc bcc body subject }.map { |item|
option = html_options.delete(item) || next
"#{item}=#{Rack::Utils.escape(option).gsub("+", "%20")}"
}.compact
extras = extras.empty? ? '' : '?' + ERB::Util.html_escape(extras.join('&'))
email_address_obfuscated = email_address.to_str
email_address_obfuscated.gsub!(/@/, html_options.delete("replace_at")) if html_options.key?("replace_at")
email_address_obfuscated.gsub!(/\./, html_options.delete("replace_dot")) if html_options.key?("replace_dot")
case encode
when "javascript"
string = ''
html = content_tag("a", name || email_address_obfuscated.html_safe, html_options.merge("href" => "mailto:#{email_address}#{extras}".html_safe))
html = escape_javascript(html.to_str)
"document.write('#{html}');".each_byte do |c|
string << sprintf("%%%x", c)
end
"".html_safe
when "hex"
email_address_encoded = email_address_obfuscated.unpack('C*').map {|c|
sprintf("&#%d;", c)
}.join
string = 'mailto:'.unpack('C*').map { |c|
sprintf("&#%d;", c)
}.join + email_address.unpack('C*').map { |c|
char = c.chr
char =~ /\w/ ? sprintf("%%%x", c) : char
}.join
content_tag "a", name || email_address_encoded.html_safe, html_options.merge("href" => "#{string}#{extras}".html_safe)
else
content_tag "a", name || email_address_obfuscated.html_safe, html_options.merge("href" => "mailto:#{email_address}#{extras}".html_safe)
end
end
# True if the current request URI was generated by the given +options+.
#
# ==== Examples
# Let's say we're in the /shop/checkout?order=desc action.
#
# current_page?(:action => 'process')
# # => false
#
# current_page?(:controller => 'shop', :action => 'checkout')
# # => true
#
# current_page?(:controller => 'shop', :action => 'checkout', :order => 'asc')
# # => false
#
# current_page?(:action => 'checkout')
# # => true
#
# current_page?(:controller => 'library', :action => 'checkout')
# # => false
#
# Let's say we're in the /shop/checkout?order=desc&page=1 action.
#
# current_page?(:action => 'process')
# # => false
#
# current_page?(:controller => 'shop', :action => 'checkout')
# # => true
#
# current_page?(:controller => 'shop', :action => 'checkout', :order => 'desc', :page => '1')
# # => true
#
# current_page?(:controller => 'shop', :action => 'checkout', :order => 'desc', :page => '2')
# # => false
#
# current_page?(:controller => 'shop', :action => 'checkout', :order => 'desc')
# # => false
#
# current_page?(:action => 'checkout')
# # => true
#
# current_page?(:controller => 'library', :action => 'checkout')
# # => false
#
# Let's say we're in the /products action with method POST in case of invalid product.
#
# current_page?(:controller => 'product', :action => 'index')
# # => false
#
def current_page?(options)
unless request
raise "You cannot use helpers that need to determine the current " \
"page unless your view context provides a Request object " \
"in a #request method"
end
return false unless request.get?
url_string = url_for(options)
# We ignore any extra parameters in the request_uri if the
# submitted url doesn't have any either. This lets the function
# work with things like ?order=asc
if url_string.index("?")
request_uri = request.fullpath
else
request_uri = request.path
end
if url_string =~ /^\w+:\/\//
url_string == "#{request.protocol}#{request.host_with_port}#{request_uri}"
else
url_string == request_uri
end
end
private
def convert_options_to_data_attributes(options, html_options)
if html_options
html_options = html_options.stringify_keys
html_options['data-remote'] = 'true' if link_to_remote_options?(options) || link_to_remote_options?(html_options)
disable_with = html_options.delete("disable_with")
confirm = html_options.delete('confirm')
method = html_options.delete('method')
html_options["data-disable-with"] = disable_with if disable_with
html_options["data-confirm"] = confirm if confirm
add_method_to_attributes!(html_options, method) if method
html_options
else
link_to_remote_options?(options) ? {'data-remote' => 'true'} : {}
end
end
def link_to_remote_options?(options)
if options.is_a?(Hash)
options.delete('remote') || options.delete(:remote)
end
end
def add_method_to_attributes!(html_options, method)
if method && method.to_s.downcase != "get" && html_options["rel"] !~ /nofollow/
html_options["rel"] = "#{html_options["rel"]} nofollow".strip
end
html_options["data-method"] = method
end
def options_for_javascript(options)
if options.empty?
'{}'
else
"{#{options.keys.map { |k| "#{k}:#{options[k]}" }.sort.join(', ')}}"
end
end
def array_or_string_for_javascript(option)
if option.kind_of?(Array)
"['#{option.join('\',\'')}']"
elsif !option.nil?
"'#{option}'"
end
end
# Processes the +html_options+ hash, converting the boolean
# attributes from true/false form into the form required by
# HTML/XHTML. (An attribute is considered to be boolean if
# its name is listed in the given +bool_attrs+ array.)
#
# More specifically, for each boolean attribute in +html_options+
# given as:
#
# "attr" => bool_value
#
# if the associated +bool_value+ evaluates to true, it is
# replaced with the attribute's name; otherwise the attribute is
# removed from the +html_options+ hash. (See the XHTML 1.0 spec,
# section 4.5 "Attribute Minimization" for more:
# http://www.w3.org/TR/xhtml1/#h-4.5)
#
# Returns the updated +html_options+ hash, which is also modified
# in place.
#
# Example:
#
# convert_boolean_attributes!( html_options,
# %w( checked disabled readonly ) )
def convert_boolean_attributes!(html_options, bool_attrs)
bool_attrs.each { |x| html_options[x] = x if html_options.delete(x) }
html_options
end
end
end
end
�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������actionpack-3.2.16/lib/action_view/helpers/controller_helper.rb��������������������������������������0000644�0001750�0001750�00000001521�12247655372�024045� 0����������������������������������������������������������������������������������������������������ustar �ondrej��������������������������ondrej�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������require 'active_support/core_ext/module/attr_internal'
module ActionView
module Helpers
# This module keeps all methods and behavior in ActionView
# that simply delegates to the controller.
module ControllerHelper #:nodoc:
attr_internal :controller, :request
delegate :request_forgery_protection_token, :params, :session, :cookies, :response, :headers,
:flash, :action_name, :controller_name, :controller_path, :to => :controller
def assign_controller(controller)
if @_controller = controller
@_request = controller.request if controller.respond_to?(:request)
@_config = controller.config.inheritable_copy if controller.respond_to?(:config)
end
end
def logger
controller.logger if controller.respond_to?(:logger)
end
end
end
end
�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������actionpack-3.2.16/lib/action_view/helpers/text_helper.rb��������������������������������������������0000644�0001750�0001750�00000042250�12247655372�022652� 0����������������������������������������������������������������������������������������������������ustar �ondrej��������������������������ondrej�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������require 'active_support/core_ext/object/blank'
require 'active_support/core_ext/string/filters'
module ActionView
# = Action View Text Helpers
module Helpers #:nodoc:
# The TextHelper module provides a set of methods for filtering, formatting
# and transforming strings, which can reduce the amount of inline Ruby code in
# your views. These helper methods extend Action View making them callable
# within your template files.
#
# ==== Sanitization
#
# Most text helpers by default sanitize the given content, but do not escape it.
# This means HTML tags will appear in the page but all malicious code will be removed.
# Let's look at some examples using the +simple_format+ method:
#
# simple_format('Example ')
# # => "Example
"
#
# simple_format('Example ')
# # => "Example
"
#
# If you want to escape all content, you should invoke the +h+ method before
# calling the text helper.
#
# simple_format h('Example ')
# # => "<a href=\"http://example.com/\">Example</a>
"
module TextHelper
extend ActiveSupport::Concern
include SanitizeHelper
include TagHelper
# The preferred method of outputting text in your views is to use the
# <%= "text" %> eRuby syntax. The regular _puts_ and _print_ methods
# do not operate as expected in an eRuby code block. If you absolutely must
# output text within a non-output code block (i.e., <% %>), you can use the concat method.
#
# ==== Examples
# <%
# concat "hello"
# # is the equivalent of <%= "hello" %>
#
# if logged_in
# concat "Logged in!"
# else
# concat link_to('login', :action => login)
# end
# # will either display "Logged in!" or a login link
# %>
def concat(string)
output_buffer << string
end
def safe_concat(string)
output_buffer.respond_to?(:safe_concat) ? output_buffer.safe_concat(string) : concat(string)
end
# Truncates a given +text+ after a given :length if +text+ is longer than :length
# (defaults to 30). The last characters will be replaced with the :omission (defaults to "...")
# for a total length not exceeding :length .
#
# Pass a :separator to truncate +text+ at a natural break.
#
# The result is not marked as HTML-safe, so will be subject to the default escaping when
# used in views, unless wrapped by raw() . Care should be taken if +text+ contains HTML tags
# or entities, because truncation may produce invalid HTML (such as unbalanced or incomplete tags).
#
# ==== Examples
#
# truncate("Once upon a time in a world far far away")
# # => "Once upon a time in a world..."
#
# truncate("Once upon a time in a world far far away", :length => 17)
# # => "Once upon a ti..."
#
# truncate("Once upon a time in a world far far away", :length => 17, :separator => ' ')
# # => "Once upon a..."
#
# truncate("And they found that many people were sleeping better.", :length => 25, :omission => '... (continued)')
# # => "And they f... (continued)"
#
# truncate("Once upon a time in a world far far away
")
# # => "Once upon a time in a wo..."
def truncate(text, options = {})
options.reverse_merge!(:length => 30)
text.truncate(options.delete(:length), options) if text
end
# Highlights one or more +phrases+ everywhere in +text+ by inserting it into
# a :highlighter string. The highlighter can be specialized by passing :highlighter
# as a single-quoted string with \1 where the phrase is to be inserted (defaults to
# '\1 ')
#
# ==== Examples
# highlight('You searched for: rails', 'rails')
# # => You searched for: rails
#
# highlight('You searched for: ruby, rails, dhh', 'actionpack')
# # => You searched for: ruby, rails, dhh
#
# highlight('You searched for: rails', ['for', 'rails'], :highlighter => '\1 ')
# # => You searched for : rails
#
# highlight('You searched for: rails', 'rails', :highlighter => '\1 ')
# # => You searched for: rails
#
# You can still use highlight with the old API that accepts the
# +highlighter+ as its optional third parameter:
# highlight('You searched for: rails', 'rails', '\1 ') # => You searched for: rails
def highlight(text, phrases, *args)
options = args.extract_options!
unless args.empty?
ActiveSupport::Deprecation.warn "Calling highlight with a highlighter as an argument is deprecated. " \
"Please call with :highlighter => '#{args[0]}' instead.", caller
options[:highlighter] = args[0] || '\1 '
end
options.reverse_merge!(:highlighter => '\1 ')
text = sanitize(text) unless options[:sanitize] == false
if text.blank? || phrases.blank?
text
else
match = Array(phrases).map { |p| Regexp.escape(p) }.join('|')
text.gsub(/(#{match})(?![^<]*?>)/i, options[:highlighter])
end.html_safe
end
# Extracts an excerpt from +text+ that matches the first instance of +phrase+.
# The :radius option expands the excerpt on each side of the first occurrence of +phrase+ by the number of characters
# defined in :radius (which defaults to 100). If the excerpt radius overflows the beginning or end of the +text+,
# then the :omission option (which defaults to "...") will be prepended/appended accordingly. The resulting string
# will be stripped in any case. If the +phrase+ isn't found, nil is returned.
#
# ==== Examples
# excerpt('This is an example', 'an', :radius => 5)
# # => ...s is an exam...
#
# excerpt('This is an example', 'is', :radius => 5)
# # => This is a...
#
# excerpt('This is an example', 'is')
# # => This is an example
#
# excerpt('This next thing is an example', 'ex', :radius => 2)
# # => ...next...
#
# excerpt('This is also an example', 'an', :radius => 8, :omission => ' ')
# # => is also an example
#
# You can still use excerpt with the old API that accepts the
# +radius+ as its optional third and the +ellipsis+ as its
# optional forth parameter:
# excerpt('This is an example', 'an', 5) # => ...s is an exam...
# excerpt('This is also an example', 'an', 8, ' ') # => is also an example
def excerpt(text, phrase, *args)
return unless text && phrase
options = args.extract_options!
unless args.empty?
ActiveSupport::Deprecation.warn "Calling excerpt with radius and omission as arguments is deprecated. " \
"Please call with :radius => #{args[0]}#{", :omission => '#{args[1]}'" if args[1]} instead.", caller
options[:radius] = args[0] || 100
options[:omission] = args[1] || "..."
end
options.reverse_merge!(:radius => 100, :omission => "...")
phrase = Regexp.escape(phrase)
return unless found_pos = text.mb_chars =~ /(#{phrase})/i
start_pos = [ found_pos - options[:radius], 0 ].max
end_pos = [ [ found_pos + phrase.mb_chars.length + options[:radius] - 1, 0].max, text.mb_chars.length ].min
prefix = start_pos > 0 ? options[:omission] : ""
postfix = end_pos < text.mb_chars.length - 1 ? options[:omission] : ""
prefix + text.mb_chars[start_pos..end_pos].strip + postfix
end
# Attempts to pluralize the +singular+ word unless +count+ is 1. If
# +plural+ is supplied, it will use that when count is > 1, otherwise
# it will use the Inflector to determine the plural form
#
# ==== Examples
# pluralize(1, 'person')
# # => 1 person
#
# pluralize(2, 'person')
# # => 2 people
#
# pluralize(3, 'person', 'users')
# # => 3 users
#
# pluralize(0, 'person')
# # => 0 people
def pluralize(count, singular, plural = nil)
"#{count || 0} " + ((count == 1 || count =~ /^1(\.0+)?$/) ? singular : (plural || singular.pluralize))
end
# Wraps the +text+ into lines no longer than +line_width+ width. This method
# breaks on the first whitespace character that does not exceed +line_width+
# (which is 80 by default).
#
# ==== Examples
#
# word_wrap('Once upon a time')
# # => Once upon a time
#
# word_wrap('Once upon a time, in a kingdom called Far Far Away, a king fell ill, and finding a successor to the throne turned out to be more trouble than anyone could have imagined...')
# # => Once upon a time, in a kingdom called Far Far Away, a king fell ill, and finding\n a successor to the throne turned out to be more trouble than anyone could have\n imagined...
#
# word_wrap('Once upon a time', :line_width => 8)
# # => Once upon\na time
#
# word_wrap('Once upon a time', :line_width => 1)
# # => Once\nupon\na\ntime
#
# You can still use word_wrap with the old API that accepts the
# +line_width+ as its optional second parameter:
# word_wrap('Once upon a time', 8) # => Once upon\na time
def word_wrap(text, *args)
options = args.extract_options!
unless args.blank?
ActiveSupport::Deprecation.warn "Calling word_wrap with line_width as an argument is deprecated. " \
"Please call with :line_width => #{args[0]} instead.", caller
options[:line_width] = args[0] || 80
end
options.reverse_merge!(:line_width => 80)
text.split("\n").collect do |line|
line.length > options[:line_width] ? line.gsub(/(.{1,#{options[:line_width]}})(\s+|$)/, "\\1\n").strip : line
end * "\n"
end
# Returns +text+ transformed into HTML using simple formatting rules.
# Two or more consecutive newlines(\n\n ) are considered as a
# paragraph and wrapped in tags. One newline (\n ) is
# considered as a linebreak and a html_options . These
# will be added to all created paragraphs.
#
# ==== Options
# * :sanitize - If +false+, does not sanitize +text+.
#
# ==== Examples
# my_text = "Here is some basic text...\n...with a line break."
#
# simple_format(my_text)
# # => "
Here is some basic text...\n
"
#
# more_text = "We want to put a paragraph...\n\n...right there."
#
# simple_format(more_text)
# # => "We want to put a paragraph...
\n\n...right there.
"
#
# simple_format("Look ma! A class!", :class => 'description')
# # => "Look ma! A class!
"
#
# simple_format("I'm allowed! It's true.", {}, :sanitize => false)
# # => "I'm allowed! It's true.
"
def simple_format(text, html_options={}, options={})
text = '' if text.nil?
text = text.dup
start_tag = tag('p', html_options, true)
text = sanitize(text) unless options[:sanitize] == false
text = text.to_str
text.gsub!(/\r\n?/, "\n") # \r\n and \r -> \n
text.gsub!(/\n\n+/, "
\n\n#{start_tag}") # 2+ newline -> paragraph
text.gsub!(/([^\n]\n)(?=[^\n])/, '\1:name key will create a
# named cycle. The default name for a cycle without a +:name+ key is
# "default" . You can manually reset a cycle by calling reset_cycle
# and passing the name of the cycle. The current cycle string can be obtained
# anytime using the current_cycle method.
#
# ==== Examples
# # Alternate CSS classes for even and odd numbers...
# @items = [1,2,3,4]
#
# <% @items.each do |item| %>
# ">
# item
#
# <% end %>
#
#
#
# # Cycle CSS classes for rows, and text colors for values within each row
# @items = x = [{:first => 'Robert', :middle => 'Daniel', :last => 'James'},
# {:first => 'Emily', :middle => 'Shannon', :maiden => 'Pike', :last => 'Hicks'},
# {:first => 'June', :middle => 'Dae', :last => 'Jones'}]
# <% @items.each do |item| %>
# "row_class") -%>">
#
# <% item.values.each do |value| %>
# <%# Create a named cycle "colors" %>
# "colors") -%>">
# <%= value %>
#
# <% end %>
# <% reset_cycle("colors") %>
#
#
# <% end %>
def cycle(first_value, *values)
if (values.last.instance_of? Hash)
params = values.pop
name = params[:name]
else
name = "default"
end
values.unshift(first_value)
cycle = get_cycle(name)
unless cycle && cycle.values == values
cycle = set_cycle(name, Cycle.new(*values))
end
cycle.to_s
end
# Returns the current cycle string after a cycle has been started. Useful
# for complex table highlighting or any other design need which requires
# the current cycle string in more than one place.
#
# ==== Example
# # Alternate background colors
# @items = [1,2,3,4]
# <% @items.each do |item| %>
# ">
# <%= item %>
#
# <% end %>
def current_cycle(name = "default")
cycle = get_cycle(name)
cycle.current_value if cycle
end
# Resets a cycle so that it starts from the first element the next time
# it is called. Pass in +name+ to reset a named cycle.
#
# ==== Example
# # Alternate CSS classes for even and odd numbers...
# @items = [[1,2,3,4], [5,6,3], [3,4,5,6,7,4]]
#
# <% @items.each do |item| %>
# ">
# <% item.each do |value| %>
# "colors") -%>">
# <%= value %>
#
# <% end %>
#
# <% reset_cycle("colors") %>
#
# <% end %>
#
def reset_cycle(name = "default")
cycle = get_cycle(name)
cycle.reset if cycle
end
class Cycle #:nodoc:
attr_reader :values
def initialize(first_value, *values)
@values = values.unshift(first_value)
reset
end
def reset
@index = 0
end
def current_value
@values[previous_index].to_s
end
def to_s
value = @values[@index].to_s
@index = next_index
return value
end
private
def next_index
step_index(1)
end
def previous_index
step_index(-1)
end
def step_index(n)
(@index + n) % @values.size
end
end
private
# The cycle helpers need to store the cycles in a place that is
# guaranteed to be reset every time a page is rendered, so it
# uses an instance variable of ActionView::Base.
def get_cycle(name)
@_cycles = Hash.new unless defined?(@_cycles)
return @_cycles[name]
end
def set_cycle(name, cycle_object)
@_cycles = Hash.new unless defined?(@_cycles)
@_cycles[name] = cycle_object
end
end
end
end
��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������actionpack-3.2.16/lib/action_view/helpers/javascript_helper.rb��������������������������������������0000644�0001750�0001750�00000010537�12247655372�024037� 0����������������������������������������������������������������������������������������������������ustar �ondrej��������������������������ondrej�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������require 'action_view/helpers/tag_helper'
require 'active_support/core_ext/string/encoding'
module ActionView
module Helpers
module JavaScriptHelper
JS_ESCAPE_MAP = {
'\\' => '\\\\',
' '<\/',
"\r\n" => '\n',
"\n" => '\n',
"\r" => '\n',
'"' => '\\"',
"'" => "\\'"
}
if "ruby".encoding_aware?
JS_ESCAPE_MAP["\342\200\250".force_encoding('UTF-8').encode!] = '
'
else
JS_ESCAPE_MAP["\342\200\250"] = '
'
end
# Escapes carriage returns and single and double quotes for JavaScript segments.
#
# Also available through the alias j(). This is particularly helpful in JavaScript responses, like:
#
# $('some_element').replaceWith('<%=j render 'some/element_template' %>');
def escape_javascript(javascript)
if javascript
result = javascript.gsub(/(\\|<\/|\r\n|\342\200\250|[\n\r"'])/u) {|match| JS_ESCAPE_MAP[match] }
javascript.html_safe? ? result.html_safe : result
else
''
end
end
alias_method :j, :escape_javascript
# Returns a JavaScript tag with the +content+ inside. Example:
# javascript_tag "alert('All is good')"
#
# Returns:
#
#
# +html_options+ may be a hash of attributes for the \
#
# Instead of passing the content as an argument, you can also use a block
# in which case, you pass your +html_options+ as the first parameter.
# <%= javascript_tag :defer => 'defer' do -%>
# alert('All is good')
# <% end -%>
def javascript_tag(content_or_options_with_block = nil, html_options = {}, &block)
content =
if block_given?
html_options = content_or_options_with_block if content_or_options_with_block.is_a?(Hash)
capture(&block)
else
content_or_options_with_block
end
content_tag(:script, javascript_cdata_section(content), html_options.merge(:type => Mime::JS))
end
def javascript_cdata_section(content) #:nodoc:
"\n//#{cdata_section("\n#{content}\n//")}\n".html_safe
end
# Returns a button whose +onclick+ handler triggers the passed JavaScript.
#
# The helper receives a name, JavaScript code, and an optional hash of HTML options. The
# name is used as button label and the JavaScript code goes into its +onclick+ attribute.
# If +html_options+ has an :onclick , that one is put before +function+.
#
# button_to_function "Greeting", "alert('Hello world!')", :class => "ok"
# # => :onclick , that one is put before +function+. Once all
# the JavaScript is set, the helper appends "; return false;".
#
# The +href+ attribute of the tag is set to "#" unless +html_options+ has one.
#
# link_to_function "Greeting", "alert('Hello world!')", :class => "nav_link"
# # => Greeting
#
def link_to_function(name, function, html_options={})
onclick = "#{"#{html_options[:onclick]}; " if html_options[:onclick]}#{function}; return false;"
href = html_options[:href] || '#'
content_tag(:a, name, html_options.merge(:href => href, :onclick => onclick))
end
end
end
end
�����������������������������������������������������������������������������������������������������������������������������������������������������������������actionpack-3.2.16/lib/action_view/helpers/form_tag_helper.rb����������������������������������������0000644�0001750�0001750�00000100276�12247655372�023467� 0����������������������������������������������������������������������������������������������������ustar �ondrej��������������������������ondrej�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������require 'cgi'
require 'action_view/helpers/tag_helper'
require 'active_support/core_ext/object/blank'
require 'active_support/core_ext/string/output_safety'
require 'active_support/core_ext/module/attribute_accessors'
module ActionView
# = Action View Form Tag Helpers
module Helpers
# Provides a number of methods for creating form tags that doesn't rely on an Active Record object assigned to the template like
# FormHelper does. Instead, you provide the names and values manually.
#
# NOTE: The HTML options disabled , readonly , and multiple can all be treated as booleans. So specifying
# :disabled => true will give disabled="disabled" .
module FormTagHelper
extend ActiveSupport::Concern
include UrlHelper
include TextHelper
mattr_accessor :embed_authenticity_token_in_remote_forms
self.embed_authenticity_token_in_remote_forms = true
# Starts a form tag that points the action to an url configured with url_for_options just like
# ActionController::Base#url_for. The method for the form defaults to POST.
#
# ==== Options
# * :multipart - If set to true, the enctype is set to "multipart/form-data".
# * :method - The method to use when submitting the form, usually either "get" or "post".
# If "put", "delete", or another verb is used, a hidden input with name _method
# is added to simulate the verb over post.
# * :authenticity_token - Authenticity token to use in the form. Use only if you need to
# pass custom authenticity token string, or to not add authenticity_token field at all
# (by passing false ). Remote forms may omit the embedded authenticity token
# by setting config.action_view.embed_authenticity_token_in_remote_forms = false .
# This is helpful when you're fragment-caching the form. Remote forms get the
# authenticity from the meta tag, so embedding is unnecessary unless you
# support browsers without JavaScript.
# * A list of parameters to feed to the URL the form will be posted to.
# * :remote - If set to true, will allow the Unobtrusive JavaScript drivers to control the
# submit behavior. By default this behavior is an ajax submit.
#
# ==== Examples
# form_tag('/posts')
# # =>
#
# <%= form_tag('/posts', :remote => true) %>
# # => ")
end
def token_tag(token)
if token == false || !protect_against_forgery?
''
else
token ||= form_authenticity_token
tag(:input, :type => "hidden", :name => request_forgery_protection_token.to_s, :value => token)
end
end
# see http://www.w3.org/TR/html4/types.html#type-name
def sanitize_to_id(name)
name.to_s.gsub(']','').gsub(/[^-a-zA-Z0-9:.]/, "_")
end
end
end
end
����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������actionpack-3.2.16/lib/action_view/helpers/tag_helper.rb���������������������������������������������0000644�0001750�0001750�00000015206�12247655372�022442� 0����������������������������������������������������������������������������������������������������ustar �ondrej��������������������������ondrej�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������require 'active_support/core_ext/object/blank'
require 'active_support/core_ext/string/output_safety'
require 'set'
module ActionView
# = Action View Tag Helpers
module Helpers #:nodoc:
# Provides methods to generate HTML tags programmatically when you can't use
# a Builder. By default, they output XHTML compliant tags.
module TagHelper
extend ActiveSupport::Concern
include CaptureHelper
BOOLEAN_ATTRIBUTES = %w(disabled readonly multiple checked autobuffer
autoplay controls loop selected hidden scoped async
defer reversed ismap seemless muted required
autofocus novalidate formnovalidate open pubdate).to_set
BOOLEAN_ATTRIBUTES.merge(BOOLEAN_ATTRIBUTES.map {|attribute| attribute.to_sym })
PRE_CONTENT_STRINGS = {
:textarea => "\n"
}
# Returns an empty HTML tag of type +name+ which by default is XHTML
# compliant. Set +open+ to true to create an open tag compatible
# with HTML 4.0 and below. Add HTML attributes by passing an attributes
# hash to +options+. Set +escape+ to false to disable attribute value
# escaping.
#
# ==== Options
# You can use symbols or strings for the attribute names.
#
# Use +true+ with boolean attributes that can render with no value, like
# +disabled+ and +readonly+.
#
# HTML5 data-* attributes can be set with a single +data+ key
# pointing to a hash of sub-attributes.
#
# To play nicely with JavaScript conventions sub-attributes are dasherized.
# For example, a key +user_id+ would render as data-user-id and
# thus accessed as dataset.userId .
#
# Values are encoded to JSON, with the exception of strings and symbols.
# This may come in handy when using jQuery's HTML5-aware .data()
# from 1.4.3.
#
# ==== Examples
# tag("br")
# # =>
def tag(name, options = nil, open = false, escape = true)
"<#{name}#{tag_options(options, escape) if options}#{open ? ">" : " />"}".html_safe
end
# Returns an HTML block tag of type +name+ surrounding the +content+. Add
# HTML attributes by passing an attributes hash to +options+.
# Instead of passing the content as an argument, you can also use a block
# in which case, you pass your +options+ as the second parameter.
# Set escape to false to disable attribute value escaping.
#
# ==== Options
# The +options+ hash is used with attributes with no value like (disabled and
# readonly ), which you can give a value of true in the +options+ hash. You can use
# symbols or strings for the attribute names.
#
# ==== Examples
# content_tag(:p, "Hello world!")
# # => Hello world!
# content_tag(:div, content_tag(:p, "Hello world!"), :class => "strong")
# # =>
# content_tag("select", options, :multiple => true)
# # => ...options...
#
# <%= content_tag :div, :class => "strong" do -%>
# Hello world!
# <% end -%>
# # => Hello world!
def content_tag(name, content_or_options_with_block = nil, options = nil, escape = true, &block)
if block_given?
options = content_or_options_with_block if content_or_options_with_block.is_a?(Hash)
content_tag_string(name, capture(&block), options, escape)
else
content_tag_string(name, content_or_options_with_block, options, escape)
end
end
# Returns a CDATA section with the given +content+. CDATA sections
# are used to escape blocks of text containing characters which would
# otherwise be recognized as markup. CDATA sections begin with the string
# and end with (and may not contain) the string ]]> .
#
# ==== Examples
# cdata_section("")
# # => ]]>
#
# cdata_section(File.read("hello_world.txt"))
# # =>
def cdata_section(content)
"".html_safe
end
# Returns an escaped version of +html+ without affecting existing escaped entities.
#
# ==== Examples
# escape_once("1 < 2 & 3")
# # => "1 < 2 & 3"
#
# escape_once("<< Accept & Checkout")
# # => "<< Accept & Checkout"
def escape_once(html)
ActiveSupport::Multibyte.clean(html.to_s).gsub(/[\"><]|&(?!([a-zA-Z]+|(#\d+));)/) { |special| ERB::Util::HTML_ESCAPE[special] }
end
private
def content_tag_string(name, content, options, escape = true)
tag_options = tag_options(options, escape) if options
"<#{name}#{tag_options}>#{PRE_CONTENT_STRINGS[name.to_sym]}#{escape ? ERB::Util.h(content) : content}".html_safe
end
def tag_options(options, escape = true)
unless options.blank?
attrs = []
options.each_pair do |key, value|
if key.to_s == 'data' && value.is_a?(Hash)
value.each do |k, v|
unless v.is_a?(String) || v.is_a?(Symbol) || v.is_a?(BigDecimal)
v = v.to_json
end
v = ERB::Util.html_escape(v) if escape
attrs << %(data-#{k.to_s.dasherize}="#{v}")
end
elsif BOOLEAN_ATTRIBUTES.include?(key)
attrs << %(#{key}="#{key}") if value
elsif !value.nil?
final_value = value.is_a?(Array) ? value.join(" ") : value
final_value = ERB::Util.html_escape(final_value) if escape
attrs << %(#{key}="#{final_value}")
end
end
" #{attrs.sort * ' '}".html_safe unless attrs.empty?
end
end
end
end
end
������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������actionpack-3.2.16/lib/action_view/helpers/form_options_helper.rb������������������������������������0000644�0001750�0001750�00000102256�12247655372�024407� 0����������������������������������������������������������������������������������������������������ustar �ondrej��������������������������ondrej�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������require 'cgi'
require 'erb'
require 'action_view/helpers/form_helper'
require 'active_support/core_ext/object/blank'
require 'active_support/core_ext/string/output_safety'
module ActionView
# = Action View Form Option Helpers
module Helpers
# Provides a number of methods for turning different kinds of containers into a set of option tags.
# == Options
# The collection_select , select and time_zone_select methods take an options parameter, a hash:
#
# * :include_blank - set to true or a prompt string if the first option element of the select element is a blank. Useful if there is not a default value required for the select element.
#
# For example,
#
# select("post", "category", Post::CATEGORIES, {:include_blank => true})
#
# could become:
#
#
# joke
# poem
#
#
# Another common case is a select tag for an belongs_to -associated object.
#
# Example with @post.person_id => 2:
#
# select("post", "person_id", Person.all.collect {|p| [ p.name, p.id ] }, {:include_blank => 'None'})
#
# could become:
#
#
# None
# David
# Sam
# Tobias
#
#
# * :prompt - set to true or a prompt string. When the select element doesn't have a value yet, this prepends an option with a generic prompt -- "Please select" -- or the given prompt string.
#
# Example:
#
# select("post", "person_id", Person.all.collect {|p| [ p.name, p.id ] }, {:prompt => 'Select Person'})
#
# could become:
#
#
# Select Person
# David
# Sam
# Tobias
#
#
# Like the other form helpers, +select+ can accept an :index option to manually set the ID used in the resulting output. Unlike other helpers, +select+ expects this
# option to be in the +html_options+ parameter.
#
# Example:
#
# select("album[]", "genre", %w[rap rock country], {}, { :index => nil })
#
# becomes:
#
#
# rap
# rock
# country
#
#
# * :disabled - can be a single value or an array of values that will be disabled options in the final output.
#
# Example:
#
# select("post", "category", Post::CATEGORIES, {:disabled => 'restricted'})
#
# could become:
#
#
# joke
# poem
# restricted
#
#
# When used with the collection_select helper, :disabled can also be a Proc that identifies those options that should be disabled.
#
# Example:
#
# collection_select(:post, :category_id, Category.all, :id, :name, {:disabled => lambda{|category| category.archived? }})
#
# If the categories "2008 stuff" and "Christmas" return true when the method archived? is called, this would return:
#
# 2008 stuff
# Christmas
# Jokes
# Poems
#
#
module FormOptionsHelper
# ERB::Util can mask some helpers like textilize. Make sure to include them.
include TextHelper
# Create a select tag and a series of contained option tags for the provided object and method.
# The option currently held by the object will be selected, provided that the object is available.
#
# There are two possible formats for the choices parameter, corresponding to other helpers' output:
# * A flat collection: see options_for_select
# * A nested collection: see grouped_options_for_select
#
# Example with @post.person_id => 1:
# select("post", "person_id", Person.all.collect {|p| [ p.name, p.id ] }, { :include_blank => true })
#
# could become:
#
#
# David
# Sam
# Tobias
#
#
# This can be used to provide a default set of options in the standard way: before rendering the create form, a
# new model instance is assigned the default options and bound to @model_name. Usually this model is not saved
# to the database. Instead, a second model object is created when the create request is received.
# This allows the user to submit a form page more than once with the expected results of creating multiple records.
# In addition, this allows a single partial to be used to generate form inputs for both edit and create forms.
#
# By default, post.person_id is the selected option. Specify :selected => value to use a different selection
# or :selected => nil to leave all options unselected. Similarly, you can specify values to be disabled in the option
# tags by specifying the :disabled option. This can either be a single value or an array of values to be disabled.
#
# ==== Gotcha
#
# The HTML specification says when +multiple+ parameter passed to select and all options got deselected
# web browsers do not send any value to server. Unfortunately this introduces a gotcha:
# if an +User+ model has many +roles+ and have +role_ids+ accessor, and in the form that edits roles of the user
# the user deselects all roles from +role_ids+ multiple select box, no +role_ids+ parameter is sent. So,
# any mass-assignment idiom like
#
# @user.update_attributes(params[:user])
#
# wouldn't update roles.
#
# To prevent this the helper generates an auxiliary hidden field before
# every multiple select. The hidden field has the same name as multiple select and blank value.
#
# This way, the client either sends only the hidden field (representing
# the deselected multiple select box), or both fields. Since the HTML specification
# says key/value pairs have to be sent in the same order they appear in the
# form, and parameters extraction gets the last occurrence of any repeated
# key in the query string, that works for ordinary forms.
#
def select(object, method, choices, options = {}, html_options = {})
InstanceTag.new(object, method, self, options.delete(:object)).to_select_tag(choices, options, html_options)
end
# Returns :prompt
# or :include_blank in the +options+ hash.
#
# The :value_method and :text_method parameters are methods to be called on each member
# of +collection+. The return values are used as the +value+ attribute and contents of each
# @post ):
# collection_select(:post, :author_id, Author.all, :id, :name_with_initial, :prompt => true)
#
# If @post.author_id is already 1 , this would return:
#
# Please select
# D. Heinemeier Hansson
# D. Thomas
# M. Clark
#
def collection_select(object, method, collection, value_method, text_method, options = {}, html_options = {})
InstanceTag.new(object, method, self, options.delete(:object)).to_collection_select_tag(collection, value_method, text_method, options, html_options)
end
# Returns :prompt
# or :include_blank in the +options+ hash.
#
# Parameters:
# * +object+ - The instance of the class to be used for the select tag
# * +method+ - The attribute of +object+ corresponding to the select tag
# * +collection+ - An array of objects representing the
#
# South Africa
# Somalia
#
#
# Denmark
# Ireland
#
#
#
def grouped_collection_select(object, method, collection, group_method, group_label_method, option_key_method, option_value_method, options = {}, html_options = {})
InstanceTag.new(object, method, self, options.delete(:object)).to_grouped_collection_select_tag(collection, group_method, group_label_method, option_key_method, option_value_method, options, html_options)
end
# Return select and option tags for the given object and method, using
# #time_zone_options_for_select to generate the list of option tags.
#
# In addition to the :include_blank option documented above,
# this method also supports a :model option, which defaults
# to ActiveSupport::TimeZone. This may be used by users to specify a
# different time zone model object. (See +time_zone_options_for_select+
# for more information.)
#
# You can also supply an array of ActiveSupport::TimeZone objects
# as +priority_zones+, so that they will be listed above the rest of the
# (long) list. (You can use ActiveSupport::TimeZone.us_zones as a convenience
# for obtaining a list of the US time zones, or a Regexp to select the zones
# of your choice)
#
# Finally, this method supports a :default option, which selects
# a default ActiveSupport::TimeZone if the object's time zone is +nil+.
#
# Examples:
# time_zone_select( "user", "time_zone", nil, :include_blank => true)
#
# time_zone_select( "user", "time_zone", nil, :default => "Pacific Time (US & Canada)" )
#
# time_zone_select( "user", 'time_zone', ActiveSupport::TimeZone.us_zones, :default => "Pacific Time (US & Canada)")
#
# time_zone_select( "user", 'time_zone', [ ActiveSupport::TimeZone['Alaska'], ActiveSupport::TimeZone['Hawaii'] ])
#
# time_zone_select( "user", 'time_zone', /Australia/)
#
# time_zone_select( "user", "time_zone", ActiveSupport::TimeZone.all.sort, :model => ActiveSupport::TimeZone)
def time_zone_select(object, method, priority_zones = nil, options = {}, html_options = {})
InstanceTag.new(object, method, self, options.delete(:object)).to_time_zone_select_tag(priority_zones, options, html_options)
end
# Accepts a container (hash, array, enumerable, your type) and returns a string of option tags. Given a container
# where the elements respond to first and last (such as a two-element array), the "lasts" serve as option values and
# the "firsts" as option text. Hashes are turned into this form automatically, so the keys become "firsts" and values
# become lasts. If +selected+ is specified, the matching "last" or element will get the selected option-tag. +selected+
# may also be an array of values to be selected when using a multiple select.
#
# Examples (call, result):
# options_for_select([["Dollar", "$"], ["Kroner", "DKK"]])
# Dollar \nKroner
#
# options_for_select([ "VISA", "MasterCard" ], "MasterCard")
# VISA \nMasterCard
#
# options_for_select({ "Basic" => "$20", "Plus" => "$40" }, "$40")
# Basic \nPlus
#
# options_for_select([ "VISA", "MasterCard", "Discover" ], ["VISA", "Discover"])
# VISA \nMasterCard \nDiscover
#
# You can optionally provide html attributes as the last element of the array.
#
# Examples:
# options_for_select([ "Denmark", ["USA", {:class => 'bold'}], "Sweden" ], ["USA", "Sweden"])
# Denmark \nUSA \nSweden
#
# options_for_select([["Dollar", "$", {:class => "bold"}], ["Kroner", "DKK", {:onclick => "alert('HI');"}]])
# Dollar \nKroner
#
# If you wish to specify disabled option tags, set +selected+ to be a hash, with :disabled being either a value
# or array of values to be disabled. In this case, you can use :selected to specify selected option tags.
#
# Examples:
# options_for_select(["Free", "Basic", "Advanced", "Super Platinum"], :disabled => "Super Platinum")
# Free \nBasic \nAdvanced \nSuper Platinum
#
# options_for_select(["Free", "Basic", "Advanced", "Super Platinum"], :disabled => ["Advanced", "Super Platinum"])
# Free \nBasic \nAdvanced \nSuper Platinum
#
# options_for_select(["Free", "Basic", "Advanced", "Super Platinum"], :selected => "Free", :disabled => "Super Platinum")
# Free \nBasic \nAdvanced \nSuper Platinum
#
# NOTE: Only the option tags are returned, you have to wrap this call in a regular HTML select tag.
def options_for_select(container, selected = nil)
return container if String === container
selected, disabled = extract_selected_and_disabled(selected).map do | r |
Array.wrap(r).map { |item| item.to_s }
end
container.map do |element|
html_attributes = option_html_attributes(element)
text, value = option_text_and_value(element).map { |item| item.to_s }
selected_attribute = ' selected="selected"' if option_value_selected?(value, selected)
disabled_attribute = ' disabled="disabled"' if disabled && option_value_selected?(value, disabled)
%(#{ERB::Util.html_escape(text)} )
end.join("\n").html_safe
end
# Returns a string of option tags that have been compiled by iterating over the +collection+ and assigning
# the result of a call to the +value_method+ as the option value and the +text_method+ as the option text.
# Example:
# options_from_collection_for_select(@people, 'id', 'name')
# This will output the same HTML as if you did this:
# #{person.name}
#
# This is more often than not used inside a #select_tag like this example:
# select_tag 'person', options_from_collection_for_select(@people, 'id', 'name')
#
# If +selected+ is specified as a value or array of values, the element(s) returning a match on +value_method+
# will be selected option tag(s).
#
# If +selected+ is specified as a Proc, those members of the collection that return true for the anonymous
# function are the selected values.
#
# +selected+ can also be a hash, specifying both :selected and/or :disabled values as required.
#
# Be sure to specify the same class as the +value_method+ when specifying selected or disabled options.
# Failure to do this will produce undesired results. Example:
# options_from_collection_for_select(@people, 'id', 'name', '1')
# Will not select a person with the id of 1 because 1 (an Integer) is not the same as '1' (a string)
# options_from_collection_for_select(@people, 'id', 'name', 1)
# should produce the desired results.
def options_from_collection_for_select(collection, value_method, text_method, selected = nil)
options = collection.map do |element|
[element.send(text_method), element.send(value_method)]
end
selected, disabled = extract_selected_and_disabled(selected)
select_deselect = {}
select_deselect[:selected] = extract_values_from_collection(collection, value_method, selected)
select_deselect[:disabled] = extract_values_from_collection(collection, value_method, disabled)
options_for_select(options, select_deselect)
end
# Returns a string of options_from_collection_for_select , but
# groups them by
# Egypt
# Rwanda
# ...
#
#
# China
# India
# Japan
# ...
#
#
# Note: Only the " +
options_from_collection_for_select(eval("group.#{group_method}"), option_key_method, option_value_method, selected_key) +
' '
end.join.html_safe
end
# Returns a string of options_for_select , but
# wraps them with options_for_select for more info.
# Ex. ["North America",[["United States","US"],["Canada","CA"]]]
# * +selected_key+ - A value equal to the +value+ attribute for one of the selected="selected" .
# * +prompt+ - set to true or a prompt string. When the select element doesn't have a value yet, this
# prepends an option with a generic prompt - "Please select" - or the given prompt string.
#
# Sample usage (Array):
# grouped_options = [
# ['North America',
# [['United States','US'],'Canada']],
# ['Europe',
# ['Denmark','Germany','France']]
# ]
# grouped_options_for_select(grouped_options)
#
# Sample usage (Hash):
# grouped_options = {
# 'North America' => [['United States','US'], 'Canada'],
# 'Europe' => ['Denmark','Germany','France']
# }
# grouped_options_for_select(grouped_options)
#
# Possible output:
#
# Denmark
# Germany
# France
#
#
# United States
# Canada
#
#
# Note: Only the ------------- \n"
zones = zones.reject { |z| priority_zones.include?( z ) }
end
zone_options += options_for_select(convert_zones[zones], selected)
zone_options.html_safe
end
private
def option_html_attributes(element)
return "" unless Array === element
html_attributes = []
element.select { |e| Hash === e }.reduce({}, :merge).each do |k, v|
html_attributes << " #{k}=\"#{ERB::Util.html_escape(v.to_s)}\""
end
html_attributes.join
end
def option_text_and_value(option)
# Options are [text, value] pairs or strings used for both.
case
when Array === option
option = option.reject { |e| Hash === e }
[option.first, option.last]
when !option.is_a?(String) && option.respond_to?(:first) && option.respond_to?(:last)
[option.first, option.last]
else
[option, option]
end
end
def option_value_selected?(value, selected)
if selected.respond_to?(:include?) && !selected.is_a?(String)
selected.include? value
else
value == selected
end
end
def extract_selected_and_disabled(selected)
if selected.is_a?(Proc)
[ selected, nil ]
else
selected = Array.wrap(selected)
options = selected.extract_options!.symbolize_keys
[ options.include?(:selected) ? options[:selected] : selected, options[:disabled] ]
end
end
def extract_values_from_collection(collection, value_method, selected)
if selected.is_a?(Proc)
collection.map do |element|
element.send(value_method) if selected.call(element)
end.compact
else
selected
end
end
end
class InstanceTag #:nodoc:
include FormOptionsHelper
def to_select_tag(choices, options, html_options)
selected_value = options.has_key?(:selected) ? options[:selected] : value(object)
choices = choices.to_a if choices.is_a?(Range)
# Grouped choices look like this:
#
# [nil, []]
# { nil => [] }
#
if !choices.empty? && choices.first.respond_to?(:last) && Array === choices.first.last
option_tags = grouped_options_for_select(choices, :selected => selected_value, :disabled => options[:disabled])
else
option_tags = options_for_select(choices, :selected => selected_value, :disabled => options[:disabled])
end
select_content_tag(option_tags, options, html_options)
end
def to_collection_select_tag(collection, value_method, text_method, options, html_options)
selected_value = options.has_key?(:selected) ? options[:selected] : value(object)
select_content_tag(
options_from_collection_for_select(collection, value_method, text_method, :selected => selected_value, :disabled => options[:disabled]), options, html_options
)
end
def to_grouped_collection_select_tag(collection, group_method, group_label_method, option_key_method, option_value_method, options, html_options)
select_content_tag(
option_groups_from_collection_for_select(collection, group_method, group_label_method, option_key_method, option_value_method, value(object)), options, html_options
)
end
def to_time_zone_select_tag(priority_zones, options, html_options)
select_content_tag(
time_zone_options_for_select(value(object) || options[:default], priority_zones, options[:model] || ActiveSupport::TimeZone), options, html_options
)
end
private
def add_options(option_tags, options, value = nil)
if options[:include_blank]
option_tags = content_tag_string('option', options[:include_blank].kind_of?(String) ? options[:include_blank] : nil, :value => '') + "\n" + option_tags
end
if value.blank? && options[:prompt]
prompt = options[:prompt].kind_of?(String) ? options[:prompt] : I18n.translate('helpers.select.prompt', :default => 'Please select')
option_tags = content_tag_string('option', prompt, :value => '') + "\n" + option_tags
end
option_tags
end
def select_content_tag(option_tags, options, html_options)
html_options = html_options.stringify_keys
add_default_name_and_id(html_options)
select = content_tag("select", add_options(option_tags, options, value(object)), html_options)
if html_options["multiple"]
tag("input", :disabled => html_options["disabled"], :name => html_options["name"], :type => "hidden", :value => "") + select
else
select
end
end
end
class FormBuilder
def select(method, choices, options = {}, html_options = {})
@template.select(@object_name, method, choices, objectify_options(options), @default_options.merge(html_options))
end
def collection_select(method, collection, value_method, text_method, options = {}, html_options = {})
@template.collection_select(@object_name, method, collection, value_method, text_method, objectify_options(options), @default_options.merge(html_options))
end
def grouped_collection_select(method, collection, group_method, group_label_method, option_key_method, option_value_method, options = {}, html_options = {})
@template.grouped_collection_select(@object_name, method, collection, group_method, group_label_method, option_key_method, option_value_method, objectify_options(options), @default_options.merge(html_options))
end
def time_zone_select(method, priority_zones = nil, options = {}, html_options = {})
@template.time_zone_select(@object_name, method, priority_zones, objectify_options(options), @default_options.merge(html_options))
end
end
end
end
��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������actionpack-3.2.16/lib/action_view/helpers/translation_helper.rb�������������������������������������0000644�0001750�0001750�00000007171�12247655372�024227� 0����������������������������������������������������������������������������������������������������ustar �ondrej��������������������������ondrej�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������require 'action_view/helpers/tag_helper'
require 'i18n/exceptions'
module ActionView
# = Action View Translation Helpers
module Helpers
module TranslationHelper
# Delegates to I18n#translate but also performs three additional functions.
#
# First, it will ensure that any thrown +MissingTranslation+ messages will be turned
# into inline spans that:
#
# * have a "translation-missing" class set,
# * contain the missing key as a title attribute and
# * a titleized version of the last key segment as a text.
#
# E.g. the value returned for a missing translation key :"blog.post.title" will be
# Title .
# This way your views will display rather reasonable strings but it will still
# be easy to spot missing translations.
#
# Second, it'll scope the key by the current partial if the key starts
# with a period. So if you call translate(".foo") from the
# people/index.html.erb template, you'll actually be calling
# I18n.translate("people.index.foo") . This makes it less repetitive
# to translate many keys within the same partials and gives you a simple framework
# for scoping them consistently. If you don't prepend the key with a period,
# nothing is converted.
#
# Third, it'll mark the translation as safe HTML if the key has the suffix
# "_html" or the last element of the key is the word "html". For example,
# calling translate("footer_html") or translate("footer.html") will return
# a safe HTML string that won't be escaped by other HTML helper methods. This
# naming convention helps to identify translations that include HTML tags so that
# you know what kind of output to expect when you call translate in a template.
def translate(key, options = {})
# If the user has specified rescue_format then pass it all through, otherwise use
# raise and do the work ourselves
options[:raise] = true unless options.key?(:raise) || options.key?(:rescue_format)
if html_safe_translation_key?(key)
html_safe_options = options.dup
options.except(*I18n::RESERVED_KEYS).each do |name, value|
unless name == :count && value.is_a?(Numeric)
html_safe_options[name] = ERB::Util.html_escape(value.to_s)
end
end
translation = I18n.translate(scope_key_by_partial(key), html_safe_options)
translation.respond_to?(:html_safe) ? translation.html_safe : translation
else
I18n.translate(scope_key_by_partial(key), options)
end
rescue I18n::MissingTranslationData => e
keys = I18n.normalize_keys(e.locale, e.key, e.options[:scope])
content_tag('span', keys.last.to_s.titleize, :class => 'translation_missing', :title => "translation missing: #{keys.join('.')}")
end
alias :t :translate
# Delegates to I18n.localize with no additional functionality.
def localize(*args)
I18n.localize(*args)
end
alias :l :localize
private
def scope_key_by_partial(key)
if key.to_s.first == "."
if @virtual_path
@virtual_path.gsub(%r{/_?}, ".") + key.to_s
else
raise "Cannot use t(#{key.inspect}) shortcut because path is not available"
end
else
key
end
end
def html_safe_translation_key?(key)
key.to_s =~ /(\b|_|\.)html$/
end
end
end
end
�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������actionpack-3.2.16/lib/action_view/helpers/capture_helper.rb�����������������������������������������0000644�0001750�0001750�00000016521�12247655372�023333� 0����������������������������������������������������������������������������������������������������ustar �ondrej��������������������������ondrej�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������require 'active_support/core_ext/object/blank'
require 'active_support/core_ext/string/output_safety'
module ActionView
# = Action View Capture Helper
module Helpers
# CaptureHelper exposes methods to let you extract generated markup which
# can be used in other parts of a template or layout file.
#
# It provides a method to capture blocks into variables through capture and
# a way to capture a block of markup for use in a layout through content_for.
module CaptureHelper
# The capture method allows you to extract part of a template into a
# variable. You can then use this variable anywhere in your templates or layout.
#
# ==== Examples
# The capture method can be used in ERB templates...
#
# <% @greeting = capture do %>
# Welcome to my shiny new web page! The date and time is
# <%= Time.now %>
# <% end %>
#
# ...and Builder (RXML) templates.
#
# @timestamp = capture do
# "The current timestamp is #{Time.now}."
# end
#
# You can then use that variable anywhere else. For example:
#
#
# <%= @greeting %>
#
# <%= @greeting %>
#
#
def capture(*args)
value = nil
buffer = with_output_buffer { value = yield(*args) }
if string = buffer.presence || value and string.is_a?(String)
ERB::Util.html_escape string
end
end
# Calling content_for stores a block of markup in an identifier for later use.
# You can make subsequent calls to the stored content in other templates, helper modules
# or the layout by passing the identifier as an argument to content_for .
#
# Note: yield can still be used to retrieve the stored content, but calling
# yield doesn't work in helper modules, while content_for does.
#
# ==== Examples
#
# <% content_for :not_authorized do %>
# alert('You are not authorized to do that!')
# <% end %>
#
# You can then use content_for :not_authorized anywhere in your templates.
#
# <%= content_for :not_authorized if current_user.nil? %>
#
# This is equivalent to:
#
# <%= yield :not_authorized if current_user.nil? %>
#
# content_for , however, can also be used in helper modules.
#
# module StorageHelper
# def stored_content
# content_for(:storage) || "Your storage is empty"
# end
# end
#
# This helper works just like normal helpers.
#
# <%= stored_content %>
#
# You can use the yield syntax alongside an existing call to yield in a layout. For example:
#
# <%# This is the layout %>
#
#
# My Website
# <%= yield :script %>
#
#
# <%= yield %>
#
#
#
# And now, we'll create a view that has a content_for call that
# creates the script identifier.
#
# <%# This is our view %>
# Please login!
#
# <% content_for :script do %>
#
# <% end %>
#
# Then, in another view, you could to do something like this:
#
# <%= link_to 'Logout', :action => 'logout', :remote => true %>
#
# <% content_for :script do %>
# <%= javascript_include_tag :defaults %>
# <% end %>
#
# That will place +script+ tags for your default set of JavaScript files on the page;
# this technique is useful if you'll only be using these scripts in a few views.
#
# Note that content_for concatenates the blocks it is given for a particular
# identifier in order. For example:
#
# <% content_for :navigation do %>
# <%= link_to 'Home', :action => 'index' %>
# <% end %>
#
# <%# Add some other content, or use a different template: %>
#
# <% content_for :navigation do %>
# <%= link_to 'Login', :action => 'login' %>
# <% end %>
#
# Then, in another template or layout, this code would render both links in order:
#
# <%= content_for :navigation %>
#
# Lastly, simple content can be passed as a parameter:
#
# <% content_for :script, javascript_include_tag(:defaults) %>
#
# WARNING: content_for is ignored in caches. So you shouldn't use it
# for elements that will be fragment cached.
def content_for(name, content = nil, &block)
if content || block_given?
content = capture(&block) if block_given?
@view_flow.append(name, content) if content
nil
else
@view_flow.get(name)
end
end
# The same as +content_for+ but when used with streaming flushes
# straight back to the layout. In other words, if you want to
# concatenate several times to the same buffer when rendering a given
# template, you should use +content_for+, if not, use +provide+ to tell
# the layout to stop looking for more contents.
def provide(name, content = nil, &block)
content = capture(&block) if block_given?
result = @view_flow.append!(name, content) if content
result unless content
end
# content_for? simply checks whether any content has been captured yet using content_for
# Useful to render parts of your layout differently based on what is in your views.
#
# ==== Examples
#
# Perhaps you will use different css in you layout if no content_for :right_column
#
# <%# This is the layout %>
#
#
# My Website
# <%= yield :script %>
#
#
# <%= yield %>
# <%= yield :right_col %>
#
#
def content_for?(name)
@view_flow.get(name).present?
end
# Use an alternate output buffer for the duration of the block.
# Defaults to a new empty string.
def with_output_buffer(buf = nil) #:nodoc:
unless buf
buf = ActionView::OutputBuffer.new
buf.force_encoding(output_buffer.encoding) if output_buffer.respond_to?(:encoding) && buf.respond_to?(:force_encoding)
end
self.output_buffer, old_buffer = buf, output_buffer
yield
output_buffer
ensure
self.output_buffer = old_buffer
end
# Add the output buffer to the response body and start a new one.
def flush_output_buffer #:nodoc:
if output_buffer && !output_buffer.empty?
response.body_parts << output_buffer
self.output_buffer = output_buffer.respond_to?(:clone_empty) ? output_buffer.clone_empty : output_buffer[0, 0]
nil
end
end
end
end
end
�������������������������������������������������������������������������������������������������������������������������������������������������������������������������������actionpack-3.2.16/lib/action_view/helpers/form_helper.rb��������������������������������������������0000644�0001750�0001750�00000172171�12247655372�022637� 0����������������������������������������������������������������������������������������������������ustar �ondrej��������������������������ondrej�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������require 'cgi'
require 'action_view/helpers/date_helper'
require 'action_view/helpers/tag_helper'
require 'action_view/helpers/form_tag_helper'
require 'action_view/helpers/active_model_helper'
require 'active_support/core_ext/class/attribute'
require 'active_support/core_ext/hash/slice'
require 'active_support/core_ext/module/method_names'
require 'active_support/core_ext/object/blank'
require 'active_support/core_ext/string/output_safety'
require 'active_support/core_ext/array/extract_options'
require 'active_support/core_ext/string/inflections'
module ActionView
# = Action View Form Helpers
module Helpers
# Form helpers are designed to make working with resources much easier
# compared to using vanilla HTML.
#
# Forms for models are created with +form_for+. That method yields a form
# builder that knows the model the form is about. The form builder is thus
# able to generate default values for input fields that correspond to model
# attributes, and also convenient names, IDs, endpoints, etc.
#
# Conventions in the generated field names allow controllers to receive form
# data nicely structured in +params+ with no effort on your side.
#
# For example, to create a new person you typically set up a new instance of
# +Person+ in the PeopleController#new action, @person , and
# pass it to +form_for+:
#
# <%= form_for @person do |f| %>
# <%= f.label :first_name %>:
# <%= f.text_field :first_name %>params[:person] with the person attributes
# set in the form. That hash is ready to be passed to Person.create :
#
# if @person = Person.create(params[:person])
# # success
# else
# # error handling
# end
#
# Interestingly, the exact same view code in the previous example can be used to edit
# a person. If @person is an existing record with name "John Smith" and ID 256,
# the code above as is would yield instead:
#
#
#
# Note that the endpoint, default values, and submit button label are tailored for @person .
# That works that way because the involved helpers know whether the resource is a new record or not,
# and generate HTML accordingly.
#
# The controller would receive the form data again in params[:person] , ready to be
# passed to Person#update_attributes :
#
# if @person.update_attributes(params[:person])
# # success
# else
# # error handling
# end
#
# That's how you typically work with resources.
module FormHelper
extend ActiveSupport::Concern
include FormTagHelper
include UrlHelper
# Converts the given object to an ActiveModel compliant one.
def convert_to_model(object)
object.respond_to?(:to_model) ? object.to_model : object
end
# Creates a form and a scope around a specific model object that is used
# as a base for questioning about values for the fields.
#
# Rails provides succinct resource-oriented form generation with +form_for+
# like this:
#
# <%= form_for @offer do |f| %>
# <%= f.label :version, 'Version' %>:
# <%= f.text_field :version %>:url - The URL the form is submitted to. It takes the same
# fields you pass to +url_for+ or +link_to+. In particular you may pass
# here a named route directly as well. Defaults to the current action.
# * :namespace - A namespace for your form to ensure uniqueness of
# id attributes on form elements. The namespace attribute will be prefixed
# with underscore on the generated HTML id.
# * :html - Optional HTML attributes for the form tag.
#
# Also note that +form_for+ doesn't create an exclusive scope. It's still
# possible to use both the stand-alone FormHelper methods and methods
# from FormTagHelper. For example:
#
# <%= form_for @person do |f| %>
# First name: <%= f.text_field :first_name %>
# Last name : <%= f.text_field :last_name %>
# Biography : <%= text_area :person, :biography %>
# Admin? : <%= check_box_tag "person[admin]", @person.company.admin? %>
# <%= f.submit %>
# <% end %>
#
# This also works for the methods in FormOptionHelper and DateHelper that
# are designed to work with an object as base, like
# FormOptionHelper#collection_select and DateHelper#datetime_select.
#
# === Resource-oriented style
#
# As we said above, in addition to manually configuring the +form_for+
# call, you can rely on automated resource identification, which will use
# the conventions and named routes of that approach. This is the
# preferred way to use +form_for+ nowadays.
#
# For example, if @post is an existing record you want to edit
#
# <%= form_for @post do |f| %>
# ...
# <% end %>
#
# is equivalent to something like:
#
# <%= form_for @post, :as => :post, :url => post_path(@post), :method => :put, :html => { :class => "edit_post", :id => "edit_post_45" } do |f| %>
# ...
# <% end %>
#
# And for new records
#
# <%= form_for(Post.new) do |f| %>
# ...
# <% end %>
#
# is equivalent to something like:
#
# <%= form_for @post, :as => :post, :url => posts_path, :html => { :class => "new_post", :id => "new_post" } do |f| %>
# ...
# <% end %>
#
# You can also overwrite the individual conventions, like this:
#
# <%= form_for(@post, :url => super_posts_path) do |f| %>
# ...
# <% end %>
#
# You can also set the answer format, like this:
#
# <%= form_for(@post, :format => :json) do |f| %>
# ...
# <% end %>
#
# If you have an object that needs to be represented as a different
# parameter, like a Person that acts as a Client:
#
# <%= form_for(@person, :as => :client) do |f| %>
# ...
# <% end %>
#
# For namespaced routes, like +admin_post_url+:
#
# <%= form_for([:admin, @post]) do |f| %>
# ...
# <% end %>
#
# If your resource has associations defined, for example, you want to add comments
# to the document given that the routes are set correctly:
#
# <%= form_for([@document, @comment]) do |f| %>
# ...
# <% end %>
#
# Where @document = Document.find(params[:id]) and
# @comment = Comment.new .
#
# === Setting the method
#
# You can force the form to use the full array of HTTP verbs by setting
#
# :method => (:get|:post|:put|:delete)
#
# in the options hash. If the verb is not GET or POST, which are natively supported by HTML forms, the
# form will be set to POST and a hidden input called _method will carry the intended verb for the server
# to interpret.
#
# === Unobtrusive JavaScript
#
# Specifying:
#
# :remote => true
#
# in the options hash creates a form that will allow the unobtrusive JavaScript drivers to modify its
# behavior. The expected default behavior is an XMLHttpRequest in the background instead of the regular
# POST arrangement, but ultimately the behavior is the choice of the JavaScript driver implementor.
# Even though it's using JavaScript to serialize the form elements, the form submission will work just like
# a regular submission as viewed by the receiving side (all elements available in params ).
#
# Example:
#
# <%= form_for(@post, :remote => true) do |f| %>
# ...
# <% end %>
#
# The HTML generated for this would be:
#
#
#
# === Removing hidden model id's
#
# The form_for method automatically includes the model id as a hidden field in the form.
# This is used to maintain the correlation between the form data and its associated model.
# Some ORM systems do not use IDs on nested models so in this case you want to be able
# to disable the hidden id.
#
# In the following example the Post model has many Comments stored within it in a NoSQL database,
# thus there is no primary key for comments.
#
# Example:
#
# <%= form_for(@post) do |f| %>
# <% f.fields_for(:comments, :include_id => false) do |cf| %>
# ...
# <% end %>
# <% end %>
#
# === Customized form builders
#
# You can also build forms using a customized FormBuilder class. Subclass
# FormBuilder and override or define some more helpers, then use your
# custom builder. For example, let's say you made a helper to
# automatically add labels to form inputs.
#
# <%= form_for @person, :url => { :action => "create" }, :builder => LabellingFormBuilder do |f| %>
# <%= f.text_field :first_name %>
# <%= f.text_field :last_name %>
# <%= f.text_area :biography %>
# <%= f.check_box :admin %>
# <%= f.submit %>
# <% end %>
#
# In this case, if you use this:
#
# <%= render f %>
#
# The rendered template is people/_labelling_form and the local
# variable referencing the form builder is called
# labelling_form .
#
# The custom FormBuilder class is automatically merged with the options
# of a nested fields_for call, unless it's explicitly set.
#
# In many cases you will want to wrap the above in another helper, so you
# could do something like the following:
#
# def labelled_form_for(record_or_name_or_array, *args, &block)
# options = args.extract_options!
# form_for(record_or_name_or_array, *(args << options.merge(:builder => LabellingFormBuilder)), &block)
# end
#
# If you don't need to attach a form to a model instance, then check out
# FormTagHelper#form_tag.
#
# === Form to external resources
#
# When you build forms to external resources sometimes you need to set an authenticity token or just render a form
# without it, for example when you submit data to a payment gateway number and types of fields could be limited.
#
# To set an authenticity token you need to pass an :authenticity_token parameter
#
# <%= form_for @invoice, :url => external_url, :authenticity_token => 'external_token' do |f|
# ...
# <% end %>
#
# If you don't want to an authenticity token field be rendered at all just pass false :
#
# <%= form_for @invoice, :url => external_url, :authenticity_token => false do |f|
# ...
# <% end %>
def form_for(record, options = {}, &block)
raise ArgumentError, "Missing block" unless block_given?
options[:html] ||= {}
case record
when String, Symbol
object_name = record
object = nil
else
object = record.is_a?(Array) ? record.last : record
object_name = options[:as] || ActiveModel::Naming.param_key(object)
apply_form_for_options!(record, options)
end
options[:html][:remote] = options.delete(:remote) if options.has_key?(:remote)
options[:html][:method] = options.delete(:method) if options.has_key?(:method)
options[:html][:authenticity_token] = options.delete(:authenticity_token)
builder = options[:parent_builder] = instantiate_builder(object_name, object, options, &block)
output = capture(builder, &block)
default_options = builder.multipart? ? { :multipart => true } : {}
form_tag(options.delete(:url) || {}, default_options.merge!(options.delete(:html))) { output }
end
def apply_form_for_options!(object_or_array, options) #:nodoc:
object = object_or_array.is_a?(Array) ? object_or_array.last : object_or_array
object = convert_to_model(object)
as = options[:as]
action, method = object.respond_to?(:persisted?) && object.persisted? ? [:edit, :put] : [:new, :post]
options[:html].reverse_merge!(
:class => as ? "#{action}_#{as}" : dom_class(object, action),
:id => as ? "#{action}_#{as}" : [options[:namespace], dom_id(object, action)].compact.join("_").presence,
:method => method
)
options[:url] ||= polymorphic_path(object_or_array, :format => options.delete(:format))
end
private :apply_form_for_options!
# Creates a scope around a specific model object like form_for, but
# doesn't create the form tags themselves. This makes fields_for suitable
# for specifying additional model objects in the same form.
#
# === Generic Examples
#
# <%= form_for @person do |person_form| %>
# First name: <%= person_form.text_field :first_name %>
# Last name : <%= person_form.text_field :last_name %>
#
# <%= fields_for @person.permission do |permission_fields| %>
# Admin? : <%= permission_fields.check_box :admin %>
# <% end %>
#
# <%= f.submit %>
# <% end %>
#
# ...or if you have an object that needs to be represented as a different
# parameter, like a Client that acts as a Person:
#
# <%= fields_for :person, @client do |permission_fields| %>
# Admin?: <%= permission_fields.check_box :admin %>
# <% end %>
#
# ...or if you don't have an object, just a name of the parameter:
#
# <%= fields_for :person do |permission_fields| %>
# Admin?: <%= permission_fields.check_box :admin %>
# <% end %>
#
# Note: This also works for the methods in FormOptionHelper and
# DateHelper that are designed to work with an object as base, like
# FormOptionHelper#collection_select and DateHelper#datetime_select.
#
# === Nested Attributes Examples
#
# When the object belonging to the current scope has a nested attribute
# writer for a certain attribute, fields_for will yield a new scope
# for that attribute. This allows you to create forms that set or change
# the attributes of a parent object and its associations in one go.
#
# Nested attribute writers are normal setter methods named after an
# association. The most common way of defining these writers is either
# with +accepts_nested_attributes_for+ in a model definition or by
# defining a method with the proper name. For example: the attribute
# writer for the association :address is called
# address_attributes= .
#
# Whether a one-to-one or one-to-many style form builder will be yielded
# depends on whether the normal reader method returns a _single_ object
# or an _array_ of objects.
#
# ==== One-to-one
#
# Consider a Person class which returns a _single_ Address from the
# address reader method and responds to the
# address_attributes= writer method:
#
# class Person
# def address
# @address
# end
#
# def address_attributes=(attributes)
# # Process the attributes hash
# end
# end
#
# This model can now be used with a nested fields_for, like so:
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :address do |address_fields| %>
# Street : <%= address_fields.text_field :street %>
# Zip code: <%= address_fields.text_field :zip_code %>
# <% end %>
# ...
# <% end %>
#
# When address is already an association on a Person you can use
# +accepts_nested_attributes_for+ to define the writer method for you:
#
# class Person < ActiveRecord::Base
# has_one :address
# accepts_nested_attributes_for :address
# end
#
# If you want to destroy the associated model through the form, you have
# to enable it first using the :allow_destroy option for
# +accepts_nested_attributes_for+:
#
# class Person < ActiveRecord::Base
# has_one :address
# accepts_nested_attributes_for :address, :allow_destroy => true
# end
#
# Now, when you use a form element with the _destroy parameter,
# with a value that evaluates to +true+, you will destroy the associated
# model (eg. 1, '1', true, or 'true'):
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :address do |address_fields| %>
# ...
# Delete: <%= address_fields.check_box :_destroy %>
# <% end %>
# ...
# <% end %>
#
# ==== One-to-many
#
# Consider a Person class which returns an _array_ of Project instances
# from the projects reader method and responds to the
# projects_attributes= writer method:
#
# class Person
# def projects
# [@project1, @project2]
# end
#
# def projects_attributes=(attributes)
# # Process the attributes hash
# end
# end
#
# Note that the projects_attributes= writer method is in fact
# required for fields_for to correctly identify :projects as a
# collection, and the correct indices to be set in the form markup.
#
# When projects is already an association on Person you can use
# +accepts_nested_attributes_for+ to define the writer method for you:
#
# class Person < ActiveRecord::Base
# has_many :projects
# accepts_nested_attributes_for :projects
# end
#
# This model can now be used with a nested fields_for. The block given to
# the nested fields_for call will be repeated for each instance in the
# collection:
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects do |project_fields| %>
# <% if project_fields.object.active? %>
# Name: <%= project_fields.text_field :name %>
# <% end %>
# <% end %>
# ...
# <% end %>
#
# It's also possible to specify the instance to be used:
#
# <%= form_for @person do |person_form| %>
# ...
# <% @person.projects.each do |project| %>
# <% if project.active? %>
# <%= person_form.fields_for :projects, project do |project_fields| %>
# Name: <%= project_fields.text_field :name %>
# <% end %>
# <% end %>
# <% end %>
# ...
# <% end %>
#
# Or a collection to be used:
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects, @active_projects do |project_fields| %>
# Name: <%= project_fields.text_field :name %>
# <% end %>
# ...
# <% end %>
#
# When projects is already an association on Person you can use
# +accepts_nested_attributes_for+ to define the writer method for you:
#
# class Person < ActiveRecord::Base
# has_many :projects
# accepts_nested_attributes_for :projects
# end
#
# If you want to destroy any of the associated models through the
# form, you have to enable it first using the :allow_destroy
# option for +accepts_nested_attributes_for+:
#
# class Person < ActiveRecord::Base
# has_many :projects
# accepts_nested_attributes_for :projects, :allow_destroy => true
# end
#
# This will allow you to specify which models to destroy in the
# attributes hash by adding a form element for the _destroy
# parameter with a value that evaluates to +true+
# (eg. 1, '1', true, or 'true'):
#
# <%= form_for @person do |person_form| %>
# ...
# <%= person_form.fields_for :projects do |project_fields| %>
# Delete: <%= project_fields.check_box :_destroy %>
# <% end %>
# ...
# <% end %>
def fields_for(record_name, record_object = nil, options = {}, &block)
builder = instantiate_builder(record_name, record_object, options, &block)
output = capture(builder, &block)
output.concat builder.hidden_field(:id) if output && options[:hidden_field_id] && !builder.emitted_hidden_id?
output
end
# Returns a label tag tailored for labelling an input field for a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). The text of label will default to the attribute name unless a translation
# is found in the current I18n locale (through helpers.label..) or you specify it explicitly.
# Additional options on the label tag can be passed as a hash with +options+. These options will be tagged
# onto the HTML as an HTML element attribute as in the example shown, except for the :value option, which is designed to
# target labels for radio_button tags (where the value is used in the ID of the input tag).
#
# ==== Examples
# label(:post, :title)
# # => Title
#
# You can localize your labels based on model and attribute names.
# For example you can define the following in your locale (e.g. en.yml)
#
# helpers:
# label:
# post:
# body: "Write your entire text here"
#
# Which then will result in
#
# label(:post, :body)
# # => Write your entire text here
#
# Localization can also be based purely on the translation of the attribute-name
# (if you are using ActiveRecord):
#
# activerecord:
# attributes:
# post:
# cost: "Total cost"
#
# label(:post, :cost)
# # => Total cost
#
# label(:post, :title, "A short title")
# # => A short title
#
# label(:post, :title, "A short title", :class => "title_label")
# # => A short title
#
# label(:post, :privacy, "Public Post", :value => "public")
# # => Public Post
#
# label(:post, :terms) do
# 'Accept Terms .'.html_safe
# end
def label(object_name, method, content_or_options = nil, options = nil, &block)
options ||= {}
content_is_options = content_or_options.is_a?(Hash)
if content_is_options || block_given?
options.merge!(content_or_options) if content_is_options
text = nil
else
text = content_or_options
end
InstanceTag.new(object_name, method, self, options.delete(:object)).to_label_tag(text, options, &block)
end
# Returns an input tag of the "text" type tailored for accessing a specified attribute (identified by +method+) on an object
# assigned to the template (identified by +object+). Additional options on the input tag can be passed as a
# hash with +options+. These options will be tagged onto the HTML as an HTML element attribute as in the example
# shown.
#
# ==== Examples
# text_field(:post, :title, :size => 20)
# # => multipart/form-data .
#
# ==== Examples
# file_field(:user, :avatar)
# # => :checked => true in the
# +options+ hash. You may pass HTML options there as well.
#
# ==== Examples
# # Let's say that @post.category returns "rails":
# radio_button("post", "category", "rails")
# radio_button("post", "category", "java")
# # => False True