| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Reintroduce support for overriding `has_secure_password` attributes
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In Rails 5.2.x calling `has_secure_password` would define attribute
readers and writers on the superclass of the model, which meant that you
could override these attributes in a model and call the superclass for
example:
```
class Dog < ApplicationRecord
has_secure_password
def password=(new_password)
@password_set = new_password.present?
super
end
end
```
However this behaviour was broken in Rails 6 when the ability to
customise the name of the attribute was introduced [1] since they are no
longer being defined on the superclass you will now see the following
error:
```
NoMethodError:
super: no superclass method `password=' for #<Dog:0x00007ffbbc7ce290>
Did you mean? password
```
In order to resolve this issue and retain support for setting a custom
attribute name we can define these attribute readers/writers in a module
and then ensure that the module is included in the inheritance chain.
[1] https://www.github.com/rails/rails/commit/86a48b4da3
https://www.github.com/rails/rails/commit/9b63bf1dfd
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
* add leading `#` before `=>` since hash rocket is valid Ruby code
* add backticks
* remove trailing spaces
* and more
|
|\ \
| | |
| | | |
Type cast falsy boolean symbols on boolean attribute as false
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before 34cc301, type casting by boolean attribute when querying is a
no-op, so finding by truthy boolean string (i.e.
`where(value: "true") # => value = 'true'`) didn't work as expected
(matches it to FALSE in MySQL #32624). By type casting is ensured, a
value on boolean attribute is always serialized to TRUE or FALSE.
In PostgreSQL, `where(value: :false) # => value = 'false'` was a valid
SQL, so 34cc301 is a regresson for PostgreSQL since all symbol values
are serialized as TRUE.
I'd say using `:false` is mostly a developer's mistake (user's input
basically comes as a string), but `:false` on boolean attribute is
serialized as TRUE is not a desirable behavior for anybody.
This allows falsy boolean symbols as false, i.e.
`klass.create(value: :false).value? # => false` and
`where(value: :false) # => value = FALSE`.
Fixes #35676.
|
| |
| |
| |
| | |
#35789
|
|/
|
|
|
|
| |
- I feel `i18n_customize_full_messages` explains the meaning of the
config better.
- Followup of https://github.com/rails/rails/pull/32956
|
|\
| |
| |
| | |
v6.0.0.beta3 release
|
| |
| |
| |
| |
| |
| |
| | |
* Update RAILS_VERSION
* Bundle
* rake update_versions
* rake changelog:header
|
| | |
|
|\ \
| | |
| | | |
Fall back to parent locale before falling back to the :errors namespace
|
| | | |
|
| |/ |
|
|\ \
| | |
| | |
| | |
| | | |
ashishprajapati/ashishprajapati/important_textual_improvements
Added missing guide links in documentation and minor wording fix
|
| | |
| | |
| | |
| | | |
skip]
|
| | | |
|
|/ / |
|
|/ |
|
| |
|
| |
|
|\
| |
| |
| |
| | |
kamipo/dont_allow_non_numeric_string_matches_to_zero
Don't allow `where` with non numeric string matches to 0 values
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a follow-up of #35310.
Currently `Topic.find_by(id: "not-a-number")` matches to a `id = 0`
record. That is considered as silently leaking information.
If non numeric string is given to find by an integer column, it should
not be matched to any record.
Related #12793.
|
|/
|
|
|
|
|
|
|
|
|
| |
This reverts commit 52fddcc653458456f98b3683dffd781cf00b35fe.
52fddcc was to short-circuit `ensure_in_range` in `cast_value`. But that
caused a regression for empty string deserialization.
Since 7c6f393, `ensure_in_range` is moved into `serialize`. As 52fddcc
said, the absolute gain is quite small. So I've reverted that commit to
fix the regression.
|
|
|
|
|
|
|
|
|
| |
That is considered as silently leaking information.
If type casting doesn't return any actual value, it should not be
matched to any record.
Fixes #33624.
Closes #33946.
|
|\
| |
| |
| | |
Return correct date in ActiveModel for time to date conversions
|
| |
| |
| |
| |
| |
| |
| | |
time.to_date conversion happens considering leap years
so a conversion of "Day.new({'day(1i)'=>'1', 'day(2i)'=>'1', 'day(3i)'=>'1'})" results in saving the date as Mon, 03 Jan 0001
which might seem weird on the user level, hence falling back to parsing on string level resolves this data mismatch
Fixes #28521
|
| |
| |
| |
| |
| |
| |
| |
| | |
Since `serialize` is passed user input args (from `where`, schema
default, etc), a helper should provide `serialize` if the helper also
provide `cast`.
Related #32624, 34cc301, a741208.
|
| |
| |
| |
| |
| |
| |
| |
| | |
`value_from_multiparameter_assignment` defined by
`AcceptsMultiparameterTime` helper requires `default_timezone` method
which is defined at `TimeValue` helper.
Since `Date` type doesn't include `TimeValue`, I've extracted `Timezone`
helper to be shared by `Date`, `DateTime`, and `Time` types.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
In master, tests pass because `bigdecimal/util` requires in
`active_support/xml_mini`.
But test fails in 5-2-stable because that require does not exist.
Ref: https://travis-ci.org/rails/rails/jobs/484627996#L1969
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- If you had a PORO that acted like a Numeric, the validator would
work correctly because it was previously using `Kernel.Float`
which is implicitely calling `to_f` on the passed argument.
Since rails/rails@d126c0d , we are now using `BigDecimal` which does
not implicitely call `to_f` on the argument, making the validator
fail with an underlying `TypeError` exception.
This patch replate the `is_decimal?` check with `Kernel.Float`.
Using `Kernel.Float` as argument for the BigDecimal call has two
advantages:
1. It calls `to_f` implicetely for us.
2. It's also smart enough to detect that `Kernel.Float("a")` isn't a
Numeric and will raise an error.
We don't need the `is_decimal?` check thanks to that.
Passing `Float::DIG` as second argument to `BigDecimal` is mandatory
because the precision can't be omitted when passing a Float.
`Float::DIG` is what is used internally by ruby when calling
`123.to_d`
https://github.com/ruby/ruby/blob/trunk/ext/bigdecimal/lib/bigdecimal/util.rb#L47
- Another small issue introduced in https://github.com/rails/rails/pull/34693
would now raise a TypeError because `Regexp#===` will just return
false if the passed argument isn't a string or symbol, whereas
`Regexp#match?` will.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When assigning a hash to a time attribute that's missing a year
component (e.g. a `time_select` with `:ignore_date` set to `true`)
then the year defaults to 1970 instead of the expected 2000. This
results in the attribute changing as a result of the save.
Before:
event = Event.new(start_time: { 4 => 20, 5 => 30 })
event.start_time # => 1970-01-01 20:30:00 UTC
event.save
event.reload
event.start_time # => 2000-01-01 20:30:00 UTC
After:
event = Event.new(start_time: { 4 => 20, 5 => 30 })
event.start_time # => 2000-01-01 20:30:00 UTC
event.save
event.reload
event.start_time # => 2000-01-01 20:30:00 UTC
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This file uses assert_valid_keys but it was not being required. You can
reproduce this error with a script that uses this feature by using those
requires:
require 'active_model'
require 'active_model/callbacks'
|
| |
| |
| |
| |
| |
| |
| |
| | |
yhirano55/rails_info_properties_json""
I reverted the wrong commit. Damn it.
This reverts commit f66a977fc7ae30d2a07124ad91924c4ee638a703.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We had a discussion on the Core team and we don't want to expose this information
as a JSON endpoint and not by default.
It doesn't make sense to expose this JSON locally and this controller is only
accessible in dev, so the proposed access from a production app seems off.
This reverts commit 8eaffe7e89719ac62ff29c2e4208cfbeb1cd1c38, reversing
changes made to b6e4305c3bca4c673996d0af9db0f4cfbf50215e.
|
| |
| |
| |
| | |
Related to https://github.com/rails/rails/pull/34817#issuecomment-451508668
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently we sometimes find a redundant begin block in code review
(e.g. https://github.com/rails/rails/pull/33604#discussion_r209784205).
I'd like to enable `Style/RedundantBegin` cop to avoid that, since
rescue/else/ensure are allowed inside do/end blocks in Ruby 2.5
(https://bugs.ruby-lang.org/issues/12906), so we'd probably meets with
that situation than before.
|
| |
| |
| |
| | |
https://bugs.ruby-lang.org/issues/14132
|
| |
| |
| |
| |
| |
| | |
since Ruby 2.5
https://bugs.ruby-lang.org/issues/14133
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
`Hash#transform_keys!`
Since Rails 6 requires Ruby 2.5.
https://github.com/ruby/ruby/blob/ruby_2_5/NEWS
Follow up #34754.
|
|\ \
| | |
| | | |
Unify _read_attribute definition to use &block
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Thanks to ko1, passing block parameter to another method is
significantly optimized in Ruby 2.5.
https://bugs.ruby-lang.org/issues/14045
Thus we no longer need to keep this ugly hack.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Generally followed the pattern for https://github.com/rails/rails/pull/32034
* Removes needless CI configs for 2.4
* Targets 2.5 in rubocop
* Updates existing CHANGELOG entries for fewer merge conflicts
* Removes Hash#slice extension as that's inlined on Ruby 2.5.
* Removes the need for send on define_method in MethodCallAssertions.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If a klass has acceptance validation and then
`klass.undefine_attribute_methods` is happened before an attribute
method is called, infinit loop is caused on the `method_missing` defined
by the `LazilyDefineAttributes`.
https://travis-ci.org/rails/rails/jobs/467053984#L1409
To prevent the infinit loop, the `method_missing` should ensure
`klass.define_attribute_methods`.
|
|\ \ \
| | | |
| | | |
| | | | |
[perf] use #match?
|
|/ / / |
|