diff options
| -rw-r--r-- | activerecord/CHANGELOG.md | 6 | ||||
| -rw-r--r-- | activerecord/lib/active_record/model_schema.rb | 25 | ||||
| -rw-r--r-- | activerecord/test/cases/serialized_attribute_test.rb | 28 | ||||
| -rw-r--r-- | guides/source/active_record_querying.md | 13 | ||||
| -rw-r--r-- | railties/lib/rails/commands/secrets/secrets_command.rb | 21 | ||||
| -rw-r--r-- | railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb | 30 | ||||
| -rw-r--r-- | railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc | 3 | ||||
| -rw-r--r-- | railties/lib/rails/secrets.rb | 34 | ||||
| -rw-r--r-- | railties/test/commands/secrets_test.rb | 7 | ||||
| -rw-r--r-- | railties/test/generators/app_generator_test.rb | 8 |
10 files changed, 131 insertions, 44 deletions
diff --git a/activerecord/CHANGELOG.md b/activerecord/CHANGELOG.md index 907dd894cd..d17bbf80ca 100644 --- a/activerecord/CHANGELOG.md +++ b/activerecord/CHANGELOG.md @@ -1,3 +1,9 @@ +* Loading model schema from database is now thread-safe. + + Fixes #28589. + + *Vikrant Chaudhary*, *David Abdemoulaie* + * Add `ActiveRecord::Base#cache_version` to support recyclable cache keys via the new versioned entries in `ActiveSupport::Cache`. This also means that `ActiveRecord::Base#cache_key` will now return a stable key that does not include a timestamp any more. diff --git a/activerecord/lib/active_record/model_schema.rb b/activerecord/lib/active_record/model_schema.rb index 54216caaaf..5095cdfe9f 100644 --- a/activerecord/lib/active_record/model_schema.rb +++ b/activerecord/lib/active_record/model_schema.rb @@ -1,3 +1,5 @@ +require "monitor" + module ActiveRecord module ModelSchema extend ActiveSupport::Concern @@ -152,6 +154,8 @@ module ActiveRecord self.inheritance_column = "type" delegate :type_for_attribute, to: :class + + initialize_load_schema_monitor end # Derives the join table name for +first_table+ and +second_table+. The @@ -435,15 +439,27 @@ module ActiveRecord initialize_find_by_cache end + protected + + def initialize_load_schema_monitor + @load_schema_monitor = Monitor.new + end + private + def inherited(child_class) + super + child_class.initialize_load_schema_monitor + end + def schema_loaded? - defined?(@columns_hash) && @columns_hash + defined?(@schema_loaded) && @schema_loaded end def load_schema - unless schema_loaded? - load_schema! + return if schema_loaded? + @load_schema_monitor.synchronize do + load_schema! unless defined?(@columns_hash) && @columns_hash end end @@ -457,6 +473,8 @@ module ActiveRecord user_provided_default: false ) end + + @schema_loaded = true end def reload_schema_from_cache @@ -470,6 +488,7 @@ module ActiveRecord @attributes_builder = nil @columns = nil @columns_hash = nil + @schema_loaded = false @attribute_names = nil @yaml_encoder = nil direct_descendants.each do |descendant| diff --git a/activerecord/test/cases/serialized_attribute_test.rb b/activerecord/test/cases/serialized_attribute_test.rb index 673392b4c4..e1bdaab5cf 100644 --- a/activerecord/test/cases/serialized_attribute_test.rb +++ b/activerecord/test/cases/serialized_attribute_test.rb @@ -349,4 +349,32 @@ class SerializedAttributeTest < ActiveRecord::TestCase topic.foo refute topic.changed? end + + def test_serialized_attribute_works_under_concurrent_initial_access + model = Topic.dup + + topic = model.last + topic.update group: "1" + + model.serialize :group, JSON + model.reset_column_information + + # This isn't strictly necessary for the test, but a little bit of + # knowledge of internals allows us to make failures far more likely. + model.define_singleton_method(:define_attribute) do |*args| + Thread.pass + super(*args) + end + + threads = 4.times.map do + Thread.new do + topic.reload.group + end + end + + # All the threads should retrieve the value knowing it is JSON, and + # thus decode it. If this fails, some threads will instead see the + # raw string ("1"), or raise an exception. + assert_equal [1] * threads.size, threads.map(&:value) + end end diff --git a/guides/source/active_record_querying.md b/guides/source/active_record_querying.md index 26d01d4ede..d1cbe506b4 100644 --- a/guides/source/active_record_querying.md +++ b/guides/source/active_record_querying.md @@ -557,6 +557,19 @@ In other words, this query can be generated by calling `where` with no argument, SELECT * FROM clients WHERE (clients.locked != 1) ``` +### OR Conditions + +`OR` condition between two relations can be build by calling `or` on the first relation +and passing the second one as an argument. + +```ruby +Client.where(locked: true).or(Client.where(orders_count: [1,3,5])) +``` + +```sql +SELECT * FROM clients WHERE (clients.locked = 1 OR clients.orders_count IN (1,3,5)) +``` + Ordering -------- diff --git a/railties/lib/rails/commands/secrets/secrets_command.rb b/railties/lib/rails/commands/secrets/secrets_command.rb index 03a640bd65..651411d444 100644 --- a/railties/lib/rails/commands/secrets/secrets_command.rb +++ b/railties/lib/rails/commands/secrets/secrets_command.rb @@ -13,10 +13,7 @@ module Rails end def setup - require "rails/generators" - require "rails/generators/rails/encrypted_secrets/encrypted_secrets_generator" - - Rails::Generators::EncryptedSecretsGenerator.start + generator.start end def edit @@ -34,7 +31,6 @@ module Rails require_application_and_environment! Rails::Secrets.read_for_editing do |tmp_path| - say "Waiting for secrets file to be saved. Abort with Ctrl-C." system("\$EDITOR #{tmp_path}") end @@ -43,7 +39,22 @@ module Rails say "Aborted changing encrypted secrets: nothing saved." rescue Rails::Secrets::MissingKeyError => error say error.message + rescue Errno::ENOENT => error + raise unless error.message =~ /secrets\.yml\.enc/ + + Rails::Secrets.read_template_for_editing do |tmp_path| + system("\$EDITOR #{tmp_path}") + generator.skip_secrets_file { setup } + end end + + private + def generator + require "rails/generators" + require "rails/generators/rails/encrypted_secrets/encrypted_secrets_generator" + + Rails::Generators::EncryptedSecretsGenerator + end end end end diff --git a/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb b/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb index 8b29213610..1da2fbc1a5 100644 --- a/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb +++ b/railties/lib/rails/generators/rails/encrypted_secrets/encrypted_secrets_generator.rb @@ -36,25 +36,29 @@ module Rails end def add_encrypted_secrets_file - unless File.exist?("config/secrets.yml.enc") + unless (defined?(@@skip_secrets_file) && @@skip_secrets_file) || File.exist?("config/secrets.yml.enc") say "Adding config/secrets.yml.enc to store secrets that needs to be encrypted." say "" + say "For now the file contains this but it's been encrypted with the generated key:" + say "" + say Secrets.template, :on_green + say "" - template "config/secrets.yml.enc" do |prefill| - say "" - say "For now the file contains this but it's been encrypted with the generated key:" - say "" - say prefill, :on_green - say "" - - Secrets.encrypt(prefill) - end + Secrets.write(Secrets.template) say "You can edit encrypted secrets with `bin/rails secrets:edit`." - - say "Add this to your config/environments/production.rb:" - say "config.read_encrypted_secrets = true" + say "" end + + say "Add this to your config/environments/production.rb:" + say "config.read_encrypted_secrets = true" + end + + def self.skip_secrets_file + @@skip_secrets_file = true + yield + ensure + @@skip_secrets_file = false end private diff --git a/railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc b/railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc deleted file mode 100644 index 70426a66a5..0000000000 --- a/railties/lib/rails/generators/rails/encrypted_secrets/templates/config/secrets.yml.enc +++ /dev/null @@ -1,3 +0,0 @@ -# See `secrets.yml` for tips on generating suitable keys. -# production: -# external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289… diff --git a/railties/lib/rails/secrets.rb b/railties/lib/rails/secrets.rb index 8b644f212c..20c20cb9f1 100644 --- a/railties/lib/rails/secrets.rb +++ b/railties/lib/rails/secrets.rb @@ -1,5 +1,6 @@ require "yaml" require "active_support/message_encryptor" +require "active_support/core_ext/string/strip" module Rails # Greatly inspired by Ara T. Howard's magnificent sekrets gem. 😘 @@ -37,6 +38,15 @@ module Rails ENV["RAILS_MASTER_KEY"] || read_key_file || handle_missing_key end + def template + <<-end_of_template.strip_heredoc + # See `secrets.yml` for tips on generating suitable keys. + # production: + # external_api_key: 1466aac22e6a869134be3d09b9e89232fc2c2289… + + end_of_template + end + def encrypt(data) encryptor.encrypt_and_sign(data) end @@ -54,15 +64,12 @@ module Rails FileUtils.mv("#{path}.tmp", path) end - def read_for_editing - tmp_path = File.join(Dir.tmpdir, File.basename(path)) - IO.binwrite(tmp_path, read) - - yield tmp_path + def read_for_editing(&block) + writing(read, &block) + end - write(IO.binread(tmp_path)) - ensure - FileUtils.rm(tmp_path) if File.exist?(tmp_path) + def read_template_for_editing(&block) + writing(template, &block) end private @@ -92,6 +99,17 @@ module Rails end end + def writing(contents) + tmp_path = File.join(Dir.tmpdir, File.basename(path)) + File.write(tmp_path, contents) + + yield tmp_path + + write(File.read(tmp_path)) + ensure + FileUtils.rm(tmp_path) if File.exist?(tmp_path) + end + def encryptor @encryptor ||= ActiveSupport::MessageEncryptor.new([ key ].pack("H*"), cipher: @cipher) end diff --git a/railties/test/commands/secrets_test.rb b/railties/test/commands/secrets_test.rb index 00b0343397..fb8fd2325e 100644 --- a/railties/test/commands/secrets_test.rb +++ b/railties/test/commands/secrets_test.rb @@ -18,7 +18,8 @@ class Rails::Command::SecretsCommandTest < ActiveSupport::TestCase end test "edit secrets" do - run_setup_command + # Runs setup before first edit. + assert_match(/Adding config\/secrets\.yml\.key to store the encryption key/, run_edit_command) # Run twice to ensure encrypted secrets can be reread after first edit pass. 2.times do @@ -30,8 +31,4 @@ class Rails::Command::SecretsCommandTest < ActiveSupport::TestCase def run_edit_command(editor: "cat") Dir.chdir(app_path) { `EDITOR="#{editor}" bin/rails secrets:edit` } end - - def run_setup_command - Dir.chdir(app_path) { `bin/rails secrets:setup` } - end end diff --git a/railties/test/generators/app_generator_test.rb b/railties/test/generators/app_generator_test.rb index ff829eb197..31a5efb1b7 100644 --- a/railties/test/generators/app_generator_test.rb +++ b/railties/test/generators/app_generator_test.rb @@ -412,13 +412,6 @@ class AppGeneratorTest < Rails::Generators::TestCase end end - def test_generator_if_skip_yarn_is_given - run_generator [destination_root, "--skip-yarn"] - - assert_no_file "package.json" - assert_no_file "bin/yarn" - end - def test_generator_if_skip_action_cable_is_given run_generator [destination_root, "--skip-action-cable"] assert_file "config/application.rb", /#\s+require\s+["']action_cable\/engine["']/ @@ -524,6 +517,7 @@ class AppGeneratorTest < Rails::Generators::TestCase def test_generator_for_yarn_skipped run_generator([destination_root, "--skip-yarn"]) assert_no_file "package.json" + assert_no_file "bin/yarn" assert_file "config/initializers/assets.rb" do |content| assert_no_match(/node_modules/, content) |