Commit Graph

345 Commits

Author SHA1 Message Date
Sergio Benitez
4e06ee64aa Test 'secret_key' validation, now on pre-launch.
Prior to this commit, it was not possible to test Rocket crates in
production mode without setting a global secret key or bypassing secret
key checking - the testing script did the latter. The consequence is
that it became impossible to test secret key related failures because
the tests passed regardless.

This commit undoes this. As a consequence, all tests are now aware of
the difference between debug and release configurations, the latter of
which validates 'secret_key' by default. New 'Client::debug()' and
'Client::debug_with()' simplify creating an instance of 'Client' with
configuration in debug mode to avoid undesired test failures.

The summary of changes in this commit are:

  * Config 'secret_key' success and failure are now tested.
  * 'secret_key' validation was moved to pre-launch from 'Config:from()'.
  * 'Config::from()' only extracts the config.
  * Added 'Config::try_from()' for non-panicking extraction.
  * 'Config' now knows the profile it was extracted from.
  * The 'Config' provider sets a profile of 'Config.profile'.
  * 'Rocket', 'Client', 'Fairings', implement 'Debug'.
  * 'fairing::Info' implements 'Copy', 'Clone'.
  * 'Fairings' keeps track of, logs attach fairings.
  * 'Rocket::reconfigure()' was added to allow modifying a config.

Internally, the testing script was refactored to properly test the
codebase with the new changes. In particular, it no longer sets a rustc
'cfg' to avoid secret-key checking.

Resolves #1543.
Fixes #1564.
2021-03-09 21:57:26 -08:00
Sergio Benitez
bbbe362740 Indirectly use 'Uuid::Error' for backwards compat.
Closes #1565.
2021-03-09 21:57:25 -08:00
Sergio Benitez
f454895023 Fix small typo in contrib 'Uuid' docs. 2021-03-06 03:48:51 -08:00
Sergio Benitez
f0a6b9a25a Rename external 'uuid' to 'extern_uuid'.
Use '_uuid' to refer to the crate internally.
2021-03-05 14:49:41 -08:00
meltinglava
165f4f59b3 Impl '(De)Serialize' for 'contrib::Uuid'.
Resolves #1370.
2021-03-05 14:28:11 -08:00
Sergio Benitez
3f56490663 Remove platform dependent 'crate_relative' test. 2021-03-05 02:24:54 -08:00
Sergio Benitez
4d0042c395 Allow '<path..>' to match zero segments.
This changes core routing so that '<path..>' in a route URI matches zero
or more segments. Previously, '<path..>' matched _1_ or more.

  * Routes '$a' and '$b/<p..>' collide if $a and $b previously collided.
  * For example, '/' now collides with '/<p..>'.
  * Request '$a' matches route '$b/<p..>' if $a previously matched $b.
  * For example, request '/' matches route '/<p..>'.

Resolves #985.
2021-03-05 02:01:24 -08:00
Sergio Benitez
58f365dac4 Always return 'Segments' from 'Request::segments()'.
The iterator may be empty. This changes the return type of
'Request::segments()' from 'Option<Segments>' to simply 'Segments'.

Internally also adds a 'Client::debug()' for easier request testing.
2021-03-04 21:53:22 -08:00
Sergio Benitez
fbf0aa824d Add missing 'derive' feature in 'contrib' 'serde' dep. 2021-03-04 03:18:05 -08:00
Sergio Benitez
148b01ce80 Impl 'From<T>' for contrib 'Json', 'MsgPack'. 2021-03-04 03:09:22 -08:00
Sergio Benitez
7628546ca2 Improve 'FromForm' derive error spans. 2021-03-04 02:11:06 -08:00
Sergio Benitez
398a044eb0 Complete forms documentation. Improve 'validate'.
* Add a `msg!()` macro to easily change a field validation message.
  * Allow a field to refer to itself via `self.field`.
  * Improve the various field validation traits.
2021-03-04 02:08:40 -08:00
Sergio Benitez
63a14525d8 UTF-8 routes. Forms revamp. Temp files. Capped.
So. Many. Changes.

This is an insane commit: simultaneously one of the best (because of all
the wonderful improvements!) and one of the worst (because it is just
massive) in the project's history.

Routing:
  * All UTF-8 characters are accepted everywhere in route paths. (#998)
  * `path` is now `uri` in `route` attribute: `#[route(GET, path = "..")]`
    becomes `#[route(GET, uri = "..")]`.

Forms Revamp
  * All form related types now reside in a new `form` module.
  * Multipart forms are supported. (resolves #106)
  * Collections are supported in forms and queries. (resolves #205)
  * Nested structures in forms and queries are supported. (resolves #313)
  * Form fields can be ad-hoc validated with `#[field(validate = expr)]`.
  * `FromFormValue` is now `FromFormField`, blanket implements `FromForm`.
  * Form field values are always percent-decoded apriori.

Temporary Files
  * A new `TempFile` data and form guard allows streaming data directly to a
    file which can then be persisted.
  * A new `temp_dir` config parameter specifies where to store `TempFile`.
  * The limits `file` and `file/$ext`, where `$ext` is the file extension,
    determines the data limit for a `TempFile`.

Capped
  * A new `Capped` type is used to indicate when data has been truncated due to
    incoming data limits. It allows checking whether data is complete or
    truncated.
  * `DataStream` methods return `Capped` types.
  * `DataStream` API has been revamped to account for `Capped` types.
  * Several `Capped<T>` types implement `FromData`, `FromForm`.
  * HTTP 413 (Payload Too Large) errors are now returned when data limits are
    exceeded. (resolves #972)

Hierarchical Limits
  * Data limits are now hierarchical, delimited with `/`. A limit of `a/b/c`
    falls back to `a/b` then `a`.

Core
  * `&RawStr` no longer implements `FromParam`.
  * `&str` implements `FromParam`, `FromData`, `FromForm`.
  * `FromTransformedData` was removed.
  * `FromData` gained a lifetime for use with request-local data.
  * The default error HTML is more compact.
  * `&Config` is a request guard.
  * The `DataStream` interface was entirely revamped.
  * `State` is only exported via `rocket::State`.
  * A `request::local_cache!()` macro was added for storing values in
    request-local cache without consideration for type uniqueness by using a
    locally generated anonymous type.
  * `Request::get_param()` is now `Request::param()`.
  * `Request::get_segments()` is now `Request::segments()`, takes a range.
  * `Request::get_query_value()` is now `Request::query_value()`, can parse any
    `FromForm` including sequences.
  * `std::io::Error` implements `Responder` like `Debug<std::io::Error>`.
  * `(Status, R)` where `R: Responder` implements `Responder` by overriding the
    `Status` of `R`.
  * The name of a route is printed first during route matching.
  * `FlashMessage` now only has one lifetime generic.

HTTP
  * `RawStr` implements `serde::{Serialize, Deserialize}`.
  * `RawStr` implements _many_ more methods, in particular, those related to the
    `Pattern` API.
  * `RawStr::from_str()` is now `RawStr::new()`.
  * `RawStr::url_decode()` and `RawStr::url_decode_lossy()` only allocate as
    necessary, return `Cow`.
  * `Status` implements `Default` with `Status::Ok`.
  * `Status` implements `PartialEq`, `Eq`, `Hash`, `PartialOrd`, `Ord`.
  * Authority and origin part of `Absolute` can be modified with new
    `Absolute::{with,set}_authority()`, `Absolute::{with,set}_origin()` methods.
  * `Origin::segments()` was removed in favor of methods split into query and
    path parts and into raw and decoded versions.
  * The `Segments` iterator is smarter, returns decoded `&str` items.
  * `Segments::into_path_buf()` is now `Segments::to_path_buf()`.
  * A new `QuerySegments` is the analogous query segment iterator.
  * Once set, `expires` on private cookies is not overwritten. (resolves #1506)
  * `Origin::path()` and `Origin::query()` return `&RawStr`, not `&str`.

Codegen
  * Preserve more spans in `uri!` macro.
  * Preserve spans `FromForm` field types.
  * All dynamic parameters in a query string must typecheck as `FromForm`.
  * `FromFormValue` derive removed; `FromFormField` added.
  * The `form` `FromForm` and `FromFormField` field attribute is now named
    `field`. `#[form(field = ..)]` is now `#[field(name = ..)]`.

Contrib
  * `Json` implements `FromForm`.
  * `MsgPack` implements `FromForm`.
  * The `json!` macro is exported as `rocket_contrib::json::json!`.
  * Added clarifying docs to `StaticFiles`.

Examples
  * `form_validation` and `form_kitchen_sink` removed in favor of `forms`.
  * The `hello_world` example uses unicode in paths.
  * The `json` example only allocates as necessary.

Internal
  * Codegen uses new `exports` module with the following conventions:
    - Locals starts with `__` and are lowercased.
    - Rocket modules start with `_` and are lowercased.
    - `std` types start with `_` and are titlecased.
    - Rocket types are titlecased.
  * A `header` module was added to `http`, contains header types.
  * `SAFETY` is used as doc-string keyword for `unsafe` related comments.
  * The `Uri` parser no longer recognizes Rocket route URIs.
2021-03-04 01:51:21 -08:00
Jeb Rosen
59346ccfdc Update 'postgres' dependency to 0.19. 2021-02-28 15:28:37 -08:00
Sergio Benitez
73037c6620 Use 'normpath' to fix canonicalization on Windows. 2021-02-22 19:33:50 -08:00
Sergio Benitez
8ee581a697 Canonicalize template directory before globbing.
This prevents the glob from returning paths that don't include the root
template dir due to resolution of relative paths like `./foo`,
preventing #1541 from reoccurring. Furthermore, this prevents
misconfigured, non-existent template directories from silently passing
through, instead causing an error at init-time.
2021-02-19 12:50:03 -08:00
Jeb Rosen
92af8fca72 Update to 'tokio' 1.0, 'hyper' 0.14. 2021-01-13 15:22:16 -08:00
Jeb Rosen
a0d4a4749a Update 'memcache' dependency to 0.15. 2021-01-13 14:20:43 -08:00
Sergio Benitez
9671115796 Use 'workers' value from 'Config::figment()'.
This commit also improves config pretty-printing and warning messages.
It also fixes an issue that resulted in config value deprecation
warnings not being emitted. The 'workers' value is now a 'usize', not a
'u16'; contrib pool sizes now default to 'workers * 2'.

Closes #1470.
2020-12-24 15:58:48 -08:00
Jeb Rosen
1f1f44f336 Update UI tests for latest stable. 2020-11-21 12:42:57 -08:00
Jeb Rosen
c6298b9e11 Use 'spawn_blocking' to drop sync database pools.
This was already done for the connections, but pools might also do
synchronous/blocking work on Drop.

Fixes #1466.
2020-11-05 00:06:41 -08:00
Jeb Rosen
2f98299272 Allow fallible callback in 'Template::try_custom()'.
Closes #1064.
2020-11-04 02:40:53 -08:00
Sergio Benitez
198b6f0e97 Fix various broken rustdoc links. 2020-10-22 03:53:07 -07:00
Sergio Benitez
ec9b5816a8 Remove 'rocket::inspect()', 'Cargo'.
This commit reverts most of dea940c7 and d89c7024. The "fix" is to run
attach fairings on a new thread. If a runtime is already running, it is
used. Otherwise, the future is executed in a single-threaded executor.
2020-10-22 03:27:04 -07:00
Sergio Benitez
491b229582 Improve database config errors. 2020-10-21 23:54:54 -07:00
Sergio Benitez
aabbfcfe94 Add 'PoolResult' alias; rename 'DbError' to 'Error'. 2020-10-21 22:33:55 -07:00
Daniel Wiesenberg
f5fd1007e2 Move config extraction to 'Poolable' impls. 2020-10-21 22:33:15 -07:00
Sergio Benitez
bbfe2ba5cc Point all docs and doc links to 'master' branch. 2020-10-21 04:54:24 -07:00
Sergio Benitez
7337321efb Take '&mut Data' in 'on_request' fairings.
Resolves #1438.
2020-10-20 20:22:32 -07:00
Sergio Benitez
1fb061496d Revamp configuration.
This commit completely overhauls Rocket's configuration systems, basing
it on the new Figment library. It includes many breaking changes
pertaining to configuration. They are:

  * "Environments" are replaced by "profiles".
  * 'ROCKET_PROFILE' takes the place of 'ROCKET_ENV'.
  * Profile names are now arbitrary, but 'debug' and 'release' are given
    special treatment as default profiles for the debug and release
    compilation profiles.
  * A 'default' profile now sits along-side the meta 'global' profile.
  * The concept of "extras" is no longer present; users can extract any
    values they want from the configured 'Figment'.
  * The 'Poolable' trait takes an '&Config'.
  * The 'secrets' feature is disabled by default.
  * It is a hard error if 'secrets' is enabled under the 'release'
    profile and no 'secret_key' is configured.
  * 'ConfigBuilder' no longer exists: all fields of 'Config' are public
    with public constructors for each type.
  * 'keep_alive' is disabled with '0', not 'false' or 'off'.
  * Inlined error variants into the 'Error' structure.
  * 'LoggingLevel' is now 'LogLevel'.
  * Limits can now be specified in SI units: "1 MiB".

The summary of other changes are:

  * The default config file can be configured with 'ROCKET_CONFIG'.
  * HTTP/1 and HTTP/2 keep-alive configuration is restored.
  * 'ctrlc' is now a recognized config option.
  * 'serde' is now a core dependency.
  * TLS misconfiguration errors are improved.
  * Several example use '_' as the return type of '#[launch]' fns.
  * 'AdHoc::config()' was added for simple config extraction.
  * Added more documentation for using 'Limits'.
  * Launch information is no longer treated specially.
  * The configuration guide was rewritten.

Resolves #852.
Resolves #209.
Closes #1404.
Closes #652.
2020-10-20 19:21:56 -07:00
Sergio Benitez
8da034ab83 Update 'devise'. 2020-10-15 01:01:30 -07:00
Sergio Benitez
5d9035ddc1 Keep an op-log for sync 'CookieJar'.
In brief, this commit:

  * Updates to the latest upstream 'cookie', fixing a memory leak.
  * Make changes to 'CookieJar' observable only through 'pending()'.
  * Deprecates 'Client::new()' in favor of 'Client::tracked()'.
  * Makes 'dispatch()' on tracked 'Client's synchronize on cookies.
  * Makes 'Client::untracked()' actually untracked.

This commit updates to the latest 'cookie' which removes support for
'Sync' cookie jars. Instead of relying on 'cookie', this commit
implements an op-log based 'CookieJar' which internally keeps track of
changes. The API is such that changes are only observable through
specialized '_pending()' methods.
2020-10-14 21:37:16 -07:00
Sergio Benitez
dee11966b6 Borrow 'self' in 'Connection::run()'.
This simulates the pre-async behavior of serialization attempts to use a
connection by using an `async` Mutex.
2020-09-10 03:34:26 -07:00
Jeb Rosen
bc8c5b9ee2 Use 'spawn_blocking' in '#[database]'.
The connection guard type generated by `#[database]` no longer
implements `Deref` and `DerefMut`. Instead, it provides an `async fn
run()` that gives access to the underlying connection on a closure run
through `spawn_blocking()`.

Additionally moves most of the implementation of `#[database]` out
of generated code and into library code for better type-checking.
2020-09-10 03:34:26 -07:00
Jeb Rosen
f976c15c25 Update UI tests for latest nightly. 2020-09-06 18:34:24 -07:00
Sergio Benitez
549c9241c4 Require data limits on 'Data::open()'.
Closes #1325.
2020-08-06 02:46:04 -05:00
Jonathan Dickinson
f3beb68491 Remove superfluous lifetimes in 'Fairing' methods. 2020-07-23 21:32:20 -07:00
Sergio Benitez
0ff4b0d5ad Fix broken link in 'json!' docs. 2020-07-23 20:12:20 -07:00
Sergio Benitez
754b1e0e31 Panic if 'StaticFiles' directory doesn't exist. 2020-07-23 20:12:20 -07:00
Sergio Benitez
a115eaa633 Add 'serve::crate_relative!' for relative paths.
The macro generates crate-relative paths for easier serving of files
stored relative to the crate root.
2020-07-23 20:12:17 -07:00
Sergio Benitez
adc79016cd Rearrange top-level exports. Use '#[launch]'.
This commits makes the following high-level changes:

  * 'ShutdownHandle' is renamed to 'Shutdown'.
  * 'Rocket::shutdown_handle()' is renamed to 'Rocket::shutdown()'.
  * '#[launch]` is preferred to '#[rocket::launch]'.
  * Various docs phrasings are improved.
  * Fixed various broken links in docs.

This commits rearranges top-level exports as follows:

  * 'shutdown' module is no longer exported.
  * 'Shutdown' is exported from the crate root.
  * 'Outcome' is not longer exported from the root.
  * 'Handler', 'ErrorHandler' are no longer exported from the root.
2020-07-22 16:10:02 -07:00
Necmettin Karakaya
fde6eda915 Fix various typos throughout the codebase. 2020-07-22 12:56:01 -07:00
Jeb Rosen
2fb6d00b24 Note '/static' is absolute in 'StaticFiles' docs. 2020-07-22 12:28:46 -07:00
Jeb Rosen
0ad1c49ddd Fix typo in 'json' docs: extraneous 'or'.
Fixes #1320.
2020-07-22 12:28:43 -07:00
Sergio Benitez
56a6172625 Enable compilation with stable Rust.
To the Rust teams, Rust's contributors, Rocket's contributors, the
entire Rust and Rocket communities, my colleagues at Stanford and
beyond, and Jeb: thank you all. Sincerely.

To the next ~4 years of Rocket!

Closes #19.
2020-07-21 16:30:45 -07:00
Sergio Benitez
67efe143c5 Improve diagnostics, especially on stable. 2020-07-21 15:31:42 -07:00
Sergio Benitez
1858403203 Implement codegen testing on stable.
This commits migrates to 'trybuild' from 'compiletest' for codegen
diagnostic testing.
2020-07-21 15:11:07 -07:00
Jeb Rosen
27b26188c4 Update 'toml' to '0.5'. 2020-07-21 15:11:07 -07:00
Sergio Benitez
949b01cb9d Remove 'redis' integration from 'contrib'.
The latest version of 'redis' is async and implements its own connection
retrieval.
2020-07-21 15:11:07 -07:00
Jeb Rosen
9d4fea2937 Remove 'mongodb' integration from 'contrib'.
The latest version of 'mongodb' is async and implements its own internal
connection pooling.
2020-07-21 10:54:07 -07:00