diff options
| author | Matthew Draper <matthew@trebex.net> | 2017-11-14 23:27:50 +1030 |
|---|---|---|
| committer | Matthew Draper <matthew@trebex.net> | 2017-11-14 23:30:45 +1030 |
| commit | a1ee43d2170dd6adf5a9f390df2b1dde45018a48 (patch) | |
| tree | e1fd861d4e370e81c312aa1b4fde45eff48c08f1 /activerecord/test/cases/finder_test.rb | |
| parent | ed100166874fb4a542c5aaba933a4cca5ed72269 (diff) | |
| parent | 4a5b3ca972e867d9b9276dcd98b0a6b9b6fb7583 (diff) | |
| download | rails-a1ee43d2170dd6adf5a9f390df2b1dde45018a48.tar.gz rails-a1ee43d2170dd6adf5a9f390df2b1dde45018a48.tar.bz2 rails-a1ee43d2170dd6adf5a9f390df2b1dde45018a48.zip | |
Merge pull request #27947 from mastahyeti/unsafe_raw_sql
Disallow raw SQL in dangerous AR methods
Diffstat (limited to 'activerecord/test/cases/finder_test.rb')
| -rw-r--r-- | activerecord/test/cases/finder_test.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/activerecord/test/cases/finder_test.rb b/activerecord/test/cases/finder_test.rb index d8bc917e7f..1268949ba9 100644 --- a/activerecord/test/cases/finder_test.rb +++ b/activerecord/test/cases/finder_test.rb @@ -239,7 +239,7 @@ class FinderTest < ActiveRecord::TestCase # Ensure +exists?+ runs without an error by excluding order value. def test_exists_with_order - assert_equal true, Topic.order("invalid sql here").exists? + assert_equal true, Topic.order(Arel.sql("invalid sql here")).exists? end def test_exists_with_joins @@ -652,7 +652,7 @@ class FinderTest < ActiveRecord::TestCase def test_last_with_irreversible_order assert_raises(ActiveRecord::IrreversibleOrderError) do - Topic.order("coalesce(author_name, title)").last + Topic.order(Arel.sql("coalesce(author_name, title)")).last end end |