| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| |
| |
| | |
kamipo/dont_allow_non_numeric_string_matches_to_zero
Don't allow `where` with non numeric string matches to 0 values
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a follow-up of #35310.
Currently `Topic.find_by(id: "not-a-number")` matches to a `id = 0`
record. That is considered as silently leaking information.
If non numeric string is given to find by an integer column, it should
not be matched to any record.
Related #12793.
|
|/
|
|
|
|
|
|
|
|
|
| |
This reverts commit 52fddcc653458456f98b3683dffd781cf00b35fe.
52fddcc was to short-circuit `ensure_in_range` in `cast_value`. But that
caused a regression for empty string deserialization.
Since 7c6f393, `ensure_in_range` is moved into `serialize`. As 52fddcc
said, the absolute gain is quite small. So I've reverted that commit to
fix the regression.
|
|
|
|
|
|
|
|
|
| |
That is considered as silently leaking information.
If type casting doesn't return any actual value, it should not be
matched to any record.
Fixes #33624.
Closes #33946.
|
|\
| |
| |
| | |
Return correct date in ActiveModel for time to date conversions
|
| |
| |
| |
| |
| |
| |
| | |
time.to_date conversion happens considering leap years
so a conversion of "Day.new({'day(1i)'=>'1', 'day(2i)'=>'1', 'day(3i)'=>'1'})" results in saving the date as Mon, 03 Jan 0001
which might seem weird on the user level, hence falling back to parsing on string level resolves this data mismatch
Fixes #28521
|
| |
| |
| |
| |
| |
| |
| |
| | |
Since `serialize` is passed user input args (from `where`, schema
default, etc), a helper should provide `serialize` if the helper also
provide `cast`.
Related #32624, 34cc301, a741208.
|
| |
| |
| |
| |
| |
| |
| |
| | |
`value_from_multiparameter_assignment` defined by
`AcceptsMultiparameterTime` helper requires `default_timezone` method
which is defined at `TimeValue` helper.
Since `Date` type doesn't include `TimeValue`, I've extracted `Timezone`
helper to be shared by `Date`, `DateTime`, and `Time` types.
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
In master, tests pass because `bigdecimal/util` requires in
`active_support/xml_mini`.
But test fails in 5-2-stable because that require does not exist.
Ref: https://travis-ci.org/rails/rails/jobs/484627996#L1969
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- If you had a PORO that acted like a Numeric, the validator would
work correctly because it was previously using `Kernel.Float`
which is implicitely calling `to_f` on the passed argument.
Since rails/rails@d126c0d , we are now using `BigDecimal` which does
not implicitely call `to_f` on the argument, making the validator
fail with an underlying `TypeError` exception.
This patch replate the `is_decimal?` check with `Kernel.Float`.
Using `Kernel.Float` as argument for the BigDecimal call has two
advantages:
1. It calls `to_f` implicetely for us.
2. It's also smart enough to detect that `Kernel.Float("a")` isn't a
Numeric and will raise an error.
We don't need the `is_decimal?` check thanks to that.
Passing `Float::DIG` as second argument to `BigDecimal` is mandatory
because the precision can't be omitted when passing a Float.
`Float::DIG` is what is used internally by ruby when calling
`123.to_d`
https://github.com/ruby/ruby/blob/trunk/ext/bigdecimal/lib/bigdecimal/util.rb#L47
- Another small issue introduced in https://github.com/rails/rails/pull/34693
would now raise a TypeError because `Regexp#===` will just return
false if the passed argument isn't a string or symbol, whereas
`Regexp#match?` will.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When assigning a hash to a time attribute that's missing a year
component (e.g. a `time_select` with `:ignore_date` set to `true`)
then the year defaults to 1970 instead of the expected 2000. This
results in the attribute changing as a result of the save.
Before:
event = Event.new(start_time: { 4 => 20, 5 => 30 })
event.start_time # => 1970-01-01 20:30:00 UTC
event.save
event.reload
event.start_time # => 2000-01-01 20:30:00 UTC
After:
event = Event.new(start_time: { 4 => 20, 5 => 30 })
event.start_time # => 2000-01-01 20:30:00 UTC
event.save
event.reload
event.start_time # => 2000-01-01 20:30:00 UTC
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This file uses assert_valid_keys but it was not being required. You can
reproduce this error with a script that uses this feature by using those
requires:
require 'active_model'
require 'active_model/callbacks'
|
| |
| |
| |
| | |
Related to https://github.com/rails/rails/pull/34817#issuecomment-451508668
|
| | |
|
| |
| |
| |
| | |
https://bugs.ruby-lang.org/issues/14132
|
| |
| |
| |
| |
| |
| | |
since Ruby 2.5
https://bugs.ruby-lang.org/issues/14133
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
`Hash#transform_keys!`
Since Rails 6 requires Ruby 2.5.
https://github.com/ruby/ruby/blob/ruby_2_5/NEWS
Follow up #34754.
|
|\ \
| | |
| | | |
Unify _read_attribute definition to use &block
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Thanks to ko1, passing block parameter to another method is
significantly optimized in Ruby 2.5.
https://bugs.ruby-lang.org/issues/14045
Thus we no longer need to keep this ugly hack.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If a klass has acceptance validation and then
`klass.undefine_attribute_methods` is happened before an attribute
method is called, infinit loop is caused on the `method_missing` defined
by the `LazilyDefineAttributes`.
https://travis-ci.org/rails/rails/jobs/467053984#L1409
To prevent the infinit loop, the `method_missing` should ensure
`klass.define_attribute_methods`.
|
|\ \ \
| | | |
| | | |
| | | | |
[perf] use #match?
|
|/ / / |
|
| | | |
|
| | |
| | |
| | |
| | | |
Closes #34530.
|
| | | |
|
| | |
| | |
| | |
| | | |
[ci skip]
|
|\ \ \
| | | |
| | | | |
Fix ignored options in the `#added?` method
|
| | | |
| | | |
| | | |
| | | | |
Fixes #34416
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Related 34cc301f03aea2e579d6687a9ea9782afc1089a0.
`QueryAttribute#value_for_database` calls only `type.serialize`, and
`Decimal#serialize` is a no-op unlike other attribute types.
Whether or not `serialize` will invoke `cast` is undefined in our test
cases, but it actually does not work properly unless it does so for now.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previosly, `update_columns` would just take whatever keys you gave it
and tried to run the update query. Most likely this would result in an
error from the database. However, if the column actually did exist, but
was in `ignored_columns`, this would result in the method returning
successfully when it should have raised, and an attribute that should
not exist written to `@attributes`.
|
| | |
| | |
| | |
| | | |
See https://english.stackexchange.com/questions/23218/anyone-has-or-anyone-have-seen-them
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Ruby uses the original method name, so will show the __temp__ method
name in the backtrace. However, in the common case the method name
is compatible with the `def` keyword, so we can avoid the __temp__
method name in that case to improve the name shown in backtraces
or TracePoint#method_id.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since Rails 6.0 will support Ruby 2.4.1 or higher
`# frozen_string_literal: true` magic comment is enough to make string object frozen.
This magic comment is enabled by `Style/FrozenStringLiteralComment` cop.
* Exclude these files not to auto correct false positive `Regexp#freeze`
- 'actionpack/lib/action_dispatch/journey/router/utils.rb'
- 'activerecord/lib/active_record/connection_adapters/sqlite3_adapter.rb'
It has been fixed by https://github.com/rubocop-hq/rubocop/pull/6333
Once the newer version of RuboCop released and available at Code Climate these exclude entries should be removed.
* Replace `String#freeze` with `String#-@` manually if explicit frozen string objects are required
- 'actionpack/test/controller/test_case_test.rb'
- 'activemodel/test/cases/type/string_test.rb'
- 'activesupport/lib/active_support/core_ext/string/strip.rb'
- 'activesupport/test/core_ext/string_ext_test.rb'
- 'railties/test/generators/actions_test.rb'
|
|\ \ \
| | | |
| | | | |
Improve error message when assign wrong attributes to model
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Fix non_numeric_string?
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
For example, dirty checking was not right for the following case:
```
model.int_column = "+5"
model.float_column = "0.5E+1"
model.decimal_column = "0.5e-3"
```
It is enough to see whether leading character is a digit for avoiding
invalid numeric expression like 'wibble' to be type-casted to 0, as
this method's comment says.
Fixes #33801
|
|\ \ \ \ \
| |/ / / /
|/| | | |
| | | | |
| | | | | |
Larochelle/i18n_full_message_with_nested_attributes
`ActiveModel.full_message` interaction with `index_errors`
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The multiplication of the value takes a long time when we can instead mutate and use the string value directly.
The `microsec` perf increases speed by 27% in the ideal case (which is the most common).
```
original_string = ".443959"
require 'benchmark/ips'
Benchmark.ips do |x|
x.report("multiply") {
string = original_string.dup
(string.to_r * 1_000_000).to_i
}
x.report("new ") {
string = original_string.dup
if string && string.start_with?(".".freeze) && string.length == 7
string[0] = ''.freeze
string.to_i
end
}
x.compare!
end
# Warming up --------------------------------------
# multiply 125.783k i/100ms
# new 146.543k i/100ms
# Calculating -------------------------------------
# multiply 1.751M (± 3.3%) i/s - 8.805M in 5.033779s
# new 2.225M (± 2.1%) i/s - 11.137M in 5.007110s
# Comparison:
# new : 2225289.7 i/s
# multiply: 1751254.2 i/s - 1.27x slower
```
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Record
The purpose of fe9547b is to work type casting to value from database.
But that was caused not to use the value before type cast even except
Active Record.
There we never guarantees that the value before type cast was going to
the used in this validation, but we should not change the behavior
unless there is some particular reason.
To restore original behavior, still use the value before type cast if
`came_from_user?` is undefined (i.e. except Active Record).
Fixes #33651.
Fixes #33686.
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Since fe9547b6, numericality validator would parse raw value only when a
value came from user to work type casting to a value from database.
But that was caused a regression that the validator would work against
getter value instead of parsed raw value, a getter is sometimes
customized by people. #33550
There we never guarantees that the value before type cast was going to
the used in this validation (actually here is only place that getter
value might not be used), but we should not change the behavior unless
there is some particular reason.
The purpose of fe9547b6 is to work type casting to a value from
database. We could achieve the purpose by using `read_attribute`,
without using getter value.
Fixes #33550.
|
|\ \ \ \
| | | | |
| | | | | |
Fix AM::Serializers::JSON#as_json method for timestamps
|
| | |_|/
| |/| |
| | | |
| | | |
| | | | |
According to doc the method should return
non-json compatible types as strings.
|