diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2013-01-04 12:02:22 -0800 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2013-01-08 09:08:26 -0800 |
commit | d5cd97baa44fa66dc681041a213092b45c57c32f (patch) | |
tree | f5817abd953a86aceb4710f93337405db1306ae1 /activerecord/test | |
parent | 95fe9ef945a35f56fa1c3ef356aec4a3b868937c (diff) | |
download | rails-d5cd97baa44fa66dc681041a213092b45c57c32f.tar.gz rails-d5cd97baa44fa66dc681041a213092b45c57c32f.tar.bz2 rails-d5cd97baa44fa66dc681041a213092b45c57c32f.zip |
* Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
Diffstat (limited to 'activerecord/test')
-rw-r--r-- | activerecord/test/cases/relation/where_test.rb | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/activerecord/test/cases/relation/where_test.rb b/activerecord/test/cases/relation/where_test.rb index b9eef1d32f..80158332f9 100644 --- a/activerecord/test/cases/relation/where_test.rb +++ b/activerecord/test/cases/relation/where_test.rb @@ -1,9 +1,11 @@ require "cases/helper" require 'models/post' +require 'models/comment' +require 'models/edge' module ActiveRecord class WhereTest < ActiveRecord::TestCase - fixtures :posts + fixtures :posts, :edges def test_where_error assert_raises(ActiveRecord::StatementInvalid) do @@ -21,5 +23,17 @@ module ActiveRecord post = Post.first assert_equal post, Post.where(:posts => { 'id' => post.id }).first end + + def test_where_with_table_name_and_empty_hash + assert_equal 0, Post.where(:posts => {}).count + end + + def test_where_with_table_name_and_empty_array + assert_equal 0, Post.where(:id => []).count + end + + def test_where_with_empty_hash_and_no_foreign_key + assert_equal 0, Edge.where(:sink => {}).count + end end end |