Added :xhr => true/false option to verify so you can ensure that a request is coming from an Ajax call or not #1464 [Thomas Fuchs]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@1463 5ecf4fe2-1ee6-0310-87b1-e25e094e27de

actionpack/CHANGELOG

@@ -1,5 +1,7 @@
 *SVN*
 
+* Added :xhr => true/false option to verify so you can ensure that a request is coming from an Ajax call or not #1464 [Thomas Fuchs]
+
 * Added tag_options as a third parameter to AssetHelper#auto_discovery_link_tag to control options like the title of the link #1430 [kevin.clark@gmail.com]
 
 * Added option to pass in parameters to CaptureHelper#capture, so you can create more advanced view helper methods #1466 [duane.johnson@gmail.com]. Example:

actionpack/lib/action_controller/request.rb

@@ -65,7 +65,7 @@ module ActionController
     # "XMLHttpRequest". (The Prototype Javascript library sends this header with
     # every Ajax request.)
     def xml_http_request?
-      env['HTTP_X_REQUESTED_WITH'] =~ /XMLHttpRequest/i
+      !((env['HTTP_X_REQUESTED_WITH'] || "") =~ /XMLHttpRequest/i).nil?
     end
     alias xhr? :xml_http_request?
 

actionpack/lib/action_controller/verification.rb

@@ -76,7 +76,9 @@ module ActionController #:nodoc:
         prereqs_invalid ||= 
           [*options[:method]].all? { |v| @request.method != v.to_sym }
       end
-
+      
+      prereqs_invalid ||= (request.xhr? != options[:xhr]) unless options[:xhr].nil?
+      
       if prereqs_invalid
         flash.update(options[:add_flash]) if options[:add_flash]
         unless performed?

actionpack/test/controller/request_test.rb

@@ -210,4 +210,18 @@ class RequestTest < Test::Unit::TestCase
     @request.env['SERVER_SOFTWARE'] = 'lighttpd(1.1.4)'
     assert_equal 'lighttpd', @request.server_software
   end
+  
+  def test_xml_http_request
+    assert !@request.xml_http_request?
+    assert !@request.xhr?
+    
+    @request.env['HTTP_X_REQUESTED_WITH'] = "DefinitelyNotAjax1.0"
+    assert !@request.xml_http_request?
+    assert !@request.xhr?
+    
+    @request.env['HTTP_X_REQUESTED_WITH'] = "XMLHttpRequest"
+    assert @request.xml_http_request?
+    assert @request.xhr?
+  end
+  
 end

actionpack/test/controller/verification_test.rb

@@ -20,6 +20,12 @@ class VerificationTest < Test::Unit::TestCase
 
     verify :only => :guarded_by_method, :method => :post,
            :redirect_to => { :action => "unguarded" }
+           
+    verify :only => :guarded_by_xhr, :xhr => true,
+           :redirect_to => { :action => "unguarded" }
+           
+    verify :only => :guarded_by_not_xhr, :xhr => false,
+           :redirect_to => { :action => "unguarded" }
 
     before_filter :unconditional_redirect, :only => :two_redirects
     verify :only => :two_redirects, :method => :post,
@@ -54,6 +60,14 @@ class VerificationTest < Test::Unit::TestCase
     def guarded_by_method
       render :text => "#{@request.method}"
     end
+    
+    def guarded_by_xhr
+      render :text => "#{@request.xhr?}"
+    end
+    
+    def guarded_by_not_xhr
+      render :text => "#{@request.xhr?}"
+    end
 
     def unguarded
       render :text => "#{@params["one"]}"
@@ -173,6 +187,26 @@ class VerificationTest < Test::Unit::TestCase
     assert_redirected_to :action => "unguarded"
   end
   
+  def test_guarded_by_xhr_with_prereqs
+    xhr :post, :guarded_by_xhr
+    assert_equal "true", @response.body
+  end
+    
+  def test_guarded_by_xhr_without_prereqs
+    get :guarded_by_xhr
+    assert_redirected_to :action => "unguarded"
+  end
+  
+  def test_guarded_by_not_xhr_with_prereqs
+    get :guarded_by_not_xhr
+    assert_equal "false", @response.body
+  end
+    
+  def test_guarded_by_not_xhr_without_prereqs
+    xhr :post, :guarded_by_not_xhr
+    assert_redirected_to :action => "unguarded"
+  end
+  
   def test_guarded_post_and_calls_render    
     post :must_be_post
     assert_equal "Was a post!", @response.body