aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord
diff options
context:
space:
mode:
Diffstat (limited to 'activerecord')
-rw-r--r--activerecord/CHANGELOG2
-rw-r--r--activerecord/lib/active_record/associations/has_many_association.rb4
-rwxr-xr-xactiverecord/test/associations_test.rb13
3 files changed, 16 insertions, 3 deletions
diff --git a/activerecord/CHANGELOG b/activerecord/CHANGELOG
index 9615e78d6a..0f4fabe293 100644
--- a/activerecord/CHANGELOG
+++ b/activerecord/CHANGELOG
@@ -1,5 +1,7 @@
*SVN*
+* Fixed sanitized conditions for has_many finder method. #1281 [jackc@hylesanderson.com, pragdave, Tobias Luetke]
+
* Comprehensive PostgreSQL schema support. Use the optional schema_search_path directive in database.yml to give a comma-separated list of schemas to search for your tables. This allows you, for example, to have tables in a shared schema without having to use a custom table name. See http://www.postgresql.org/docs/8.0/interactive/ddl-schemas.html to learn more. #827 [dave@cherryville.org]
* Corrected @@configurations typo #1410 [david@ruppconsulting.com]
diff --git a/activerecord/lib/active_record/associations/has_many_association.rb b/activerecord/lib/active_record/associations/has_many_association.rb
index 31b8ac6b9e..847709df8c 100644
--- a/activerecord/lib/active_record/associations/has_many_association.rb
+++ b/activerecord/lib/active_record/associations/has_many_association.rb
@@ -66,7 +66,9 @@ module ActiveRecord
load_target.select { |record| ids.include?(record.id) }
end
else
- options[:conditions] = @finder_sql + (options[:conditions] ? " AND #{options[:conditions]}" : "")
+ if options[:conditions] = sanitize_sql(options[:conditions])
+ options[:conditions] = "#{@finder_sql} AND #{options[:conditions]}"
+ end
if options[:order] && @options[:order]
options[:order] = "#{options[:order]}, #{@options[:order]}"
diff --git a/activerecord/test/associations_test.rb b/activerecord/test/associations_test.rb
index 05daf9b9c1..1e80ec1ee0 100755
--- a/activerecord/test/associations_test.rb
+++ b/activerecord/test/associations_test.rb
@@ -345,16 +345,25 @@ class HasManyAssociationsTest < Test::Unit::TestCase
def test_find_all_sanitized
firm = Firm.find_first
assert_equal firm.clients.find_all("name = 'Summit'"), firm.clients.find_all(["name = '%s'", "Summit"])
+ summit = firm.clients.find(:all, :conditions => "name = 'Summit'")
+ assert_equal summit, firm.clients.find(:all, :conditions => ["name = ?", "Summit"])
+ assert_equal summit, firm.clients.find(:all, :conditions => ["name = :name", { :name => "Summit" }])
end
def test_find_first
firm = Firm.find_first
+ client2 = Client.find(2)
assert_equal firm.clients.first, firm.clients.find_first
- assert_equal Client.find(2), firm.clients.find_first("type = 'Client'")
+ assert_equal client2, firm.clients.find_first("type = 'Client'")
+ assert_equal client2, firm.clients.find(:first, :conditions => "type = 'Client'")
end
def test_find_first_sanitized
- assert_equal Client.find(2), Firm.find_first.clients.find_first(["type = ?", "Client"])
+ firm = Firm.find_first
+ client2 = Client.find(2)
+ assert_equal client2, firm.clients.find_first(["type = ?", "Client"])
+ assert_equal client2, firm.clients.find(:first, :conditions => ['type = ?', 'Client'])
+ assert_equal client2, firm.clients.find(:first, :conditions => ['type = :type', { :type => 'Client' }])
end
def test_find_in_collection