diff options
| author | Rob Christie <robchristie@gmail.com> | 2009-01-14 01:14:02 -0500 |
|---|---|---|
| committer | Raimonds Simanovskis <raimonds.simanovskis@gmail.com> | 2009-08-06 23:40:58 +0300 |
| commit | 7e560d0b0d9414d5712f068f6eb5f8bde1980558 (patch) | |
| tree | cf3d5b153c6da2627e2a4fbf6f1a08d70c80f59b /activerecord/test | |
| parent | 7f717abb0ed280ba1a1f8abfeeff84bf24cad3e7 (diff) | |
| download | rails-7e560d0b0d9414d5712f068f6eb5f8bde1980558.tar.gz rails-7e560d0b0d9414d5712f068f6eb5f8bde1980558.tar.bz2 rails-7e560d0b0d9414d5712f068f6eb5f8bde1980558.zip | |
Fixed adapter test cases that were failing in oracle because the asserts were looking for the presence of offset and limit which are not available in oracle. Changed the tests to check that the sql injection is not present in the output so that the tests are database adapter agnostic.
Diffstat (limited to 'activerecord/test')
| -rw-r--r-- | activerecord/test/cases/adapter_test.rb | 17 |
1 files changed, 4 insertions, 13 deletions
diff --git a/activerecord/test/cases/adapter_test.rb b/activerecord/test/cases/adapter_test.rb index 80530194ff..65c5fc2fe9 100644 --- a/activerecord/test/cases/adapter_test.rb +++ b/activerecord/test/cases/adapter_test.rb @@ -112,23 +112,14 @@ class AdapterTest < ActiveRecord::TestCase def test_add_limit_offset_should_sanitize_sql_injection_for_limit_without_comas sql_inject = "1 select * from schema" - assert_equal " LIMIT 1", @connection.add_limit_offset!("", :limit=>sql_inject) - if current_adapter?(:MysqlAdapter) - assert_equal " LIMIT 7, 1", @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) - else - assert_equal " LIMIT 1 OFFSET 7", @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) - end + assert_no_match /schema/, @connection.add_limit_offset!("", :limit=>sql_inject) + assert_no_match /schema/, @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) end def test_add_limit_offset_should_sanitize_sql_injection_for_limit_with_comas sql_inject = "1, 7 procedure help()" - if current_adapter?(:MysqlAdapter) - assert_equal " LIMIT 1,7", @connection.add_limit_offset!("", :limit=>sql_inject) - assert_equal " LIMIT 7, 1", @connection.add_limit_offset!("", :limit=> '1 ; DROP TABLE USERS', :offset=>7) - else - assert_equal " LIMIT 1,7", @connection.add_limit_offset!("", :limit=>sql_inject) - assert_equal " LIMIT 1,7 OFFSET 7", @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) - end + assert_no_match /procedure/, @connection.add_limit_offset!("", :limit=>sql_inject) + assert_no_match /procedure/, @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) end def test_uniqueness_violations_are_translated_to_specific_exception |