0
class Merb::Controller < AbstractController
0
- class_inheritable_accessor :_session_id_key, :_session_expiry
0
+ class_inheritable_accessor :_session_id_key, :_session_expiry
, :_hidden_actions0
cattr_accessor :_subclasses, :_session_secret_key
0
self._subclasses = Set.new
0
self.session_secret_key = nil
0
include Merb::ResponderMixin
0
include Merb::ControllerExceptions
0
+ # klass<Merb::Controller>:: The Merb::Controller inheriting from the
0
+ _subclasses << klass.to_s
0
+ klass._hidden_actions = Merb::Controller.public_instance_methods
0
+ # A list of actions that should not be available as callable actions
0
+ # Hide each of the given methods from being callable as actions.
0
+ # *names<~to-s>:: Actions that should be added to the list
0
+ def hide_action(*names)
0
+ _hidden_actions = _hidden_actions | names.collect { |n| n.to_s })
0
+ # Build a new controller.
0
+ # request<Merb::Request>:: The Merb::Request that came in from Mongrel
0
+ # The response IO object to write the response to. This could be any
0
+ # IO object, but is probably an HTTPResponse
0
+ # status<Integer>:: An integer code for the status
0
+ # headers<Hash{header => value}>::
0
+ # A hash of headers to start the controller with. These headers
0
+ # can be overridden later by the #headers method
0
+ def build(request, response = StringIO.new, status=200, headers={'Content-Type' => 'text/html; charset=utf-8'})
0
+ cont.set_dispatch_variables(request, response, status, headers)
0
+ # Sets the variables that came in through the dispatch as available to
0
+ # the controller. This is called by .build, so see it for more
0
+ # This method uses the :session_id_cookie_only and :query_string_whitelist
0
+ # configuration options. See CONFIG for more details.
0
+ # request<Merb::Request>:: The Merb::Request that came in from Mongrel
0
+ # The response IO object to write the response to. This could be any
0
+ # IO object, but is probably an HTTPResponse
0
+ # status<Integer>:: An integer code for the status
0
+ # headers<Hash{header => value}>::
0
+ # A hash of headers to start the controller with. These headers
0
+ # can be overridden later by the #headers method
0
+ def set_dispatch_variables(request, response, status, headers)
0
+ if request.params.key?(_session_id_key)
0
+ if Merb::Config[:session_id_cookie_only]
0
+ # This condition allows for certain controller/action paths to allow
0
+ # a session ID to be passed in a query string. This is needed for
0
+ # Flash Uploads to work since flash will not pass a Session Cookie
0
+ # Recommend running session.regenerate after any controller taking
0
+ # advantage of this in case someone is attempting a session fixation
0
+ if Merb::Config[:query_string_whitelist].include?("#{request.controller_name}/#{request.action}")
0
+ # FIXME to use routes not controller and action names -----^
0
+ request.cookies[_session_id_key] = request.params[_session_id_key]
0
+ request.cookies[_session_id_key] = request.params[_session_id_key]
0
+ def dispatch(action=:index)
0
+ if self.class.callable_actions[action.to_s]
0
+ params[:action] ||= action
0
+ raise ActionNotFound, "Action '#{action}' was not found in #{self.class}"
0
+ @_benchmarks[:action_time] = Time.now - start
0
+ Merb.logger.info("Time spent in #{self.class}##{action} action: #{@_benchmarks[:action_time]} seconds")
0
+ _attr_reader :body, :status, :request, :params, :headers, :response
0
+ def params() request.params end
0
+ def cookies() request.cookies end
0
+ def session() request.session end
0
+ def route() request.route end
) is private.
Comments
No one has commented yet.