aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord/lib/active_record
diff options
context:
space:
mode:
authorGannon McGibbon <gannon.mcgibbon@gmail.com>2019-01-07 14:05:50 -0500
committerGannon McGibbon <gannon.mcgibbon@gmail.com>2019-01-07 14:59:02 -0500
commit1e923b498492424ae627d7a2c61339148f887503 (patch)
treefbf12561c3ed87e714d5dd4b217c5d5ffd55eea6 /activerecord/lib/active_record
parent9cfcc067e626f0f1e220cc00a9f96622a936350d (diff)
downloadrails-1e923b498492424ae627d7a2c61339148f887503.tar.gz
rails-1e923b498492424ae627d7a2c61339148f887503.tar.bz2
rails-1e923b498492424ae627d7a2c61339148f887503.zip
Allow strong params in ActiveRecord::Base#exists?
Allow `ActionController::Params` as argument of `ActiveRecord::Base#exists?`
Diffstat (limited to 'activerecord/lib/active_record')
-rw-r--r--activerecord/lib/active_record/relation/finder_methods.rb2
1 files changed, 2 insertions, 0 deletions
diff --git a/activerecord/lib/active_record/relation/finder_methods.rb b/activerecord/lib/active_record/relation/finder_methods.rb
index dc03b196f4..fd84f9c46b 100644
--- a/activerecord/lib/active_record/relation/finder_methods.rb
+++ b/activerecord/lib/active_record/relation/finder_methods.rb
@@ -312,6 +312,8 @@ module ActiveRecord
return false if !conditions || limit_value == 0
+ conditions = sanitize_forbidden_attributes(conditions)
+
if eager_loading?
relation = apply_join_dependency(eager_loading: false)
return relation.exists?(conditions)
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 15:34:11 +0000