| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Support read queries with leading characters while preventing writes
|
| |
| |
| |
| |
| |
| |
| | |
* The READ_QUERY regex would consider reads to be writes if they started with
spaces or parens. For example, a UNION query might have parens around each
SELECT - (SELECT ...) UNION (SELECT ...).
* It will now correctly treat these queries as reads.
|
| |
| |
| |
| |
| | |
Also, improving an argument error message for `limit`, extracting around
`type_to_sql` code into schema statements, and more exercise tests.
|
|/
|
|
|
|
|
|
|
|
|
|
| |
Related cbcdecd, 2a56b2d.
This is a regression caused by cbcdecd.
If query caching is enabled, prepared statement handles are never
re-used, since we missed that a query is preprocessed when query caching
is enabled, but doesn't keep the `preparable` flag.
We should care about that case.
|
|\
| |
| | |
Ensure `update_all` series doesn't care optimistic locking
|
| |
| |
| |
| |
| |
| | |
Incrementing the lock version invalidates any other process's optimistic
lock, which is the desired outcome: the record no longer looks the same
as it did when they loaded it.
|
| |
| |
| |
| | |
Use "support/stubs/strong_parameters" instead.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
old SQLite3
It seems that the reason why the `test_select_with_subquery_in_from_uses_original_table_name`
does not pass is that the return value of `sqlite3_column_name()` is
wrong due to subquery flattening.
This seems to have been fixed with SQLite 3.20.0(https://sqlite.org/changes.html#version_3_20_0).
But CI uses the old version(maybe 3.11.0), I added `DISTINCT` to avoid
optimization by subquery flattening.
Ref: https://sqlite.org/optoverview.html#flattening
|
| |
| |
| |
| | |
Somehow `ENV["BUILDKITE"]` didn't work as expected.
|
| |
| |
| |
| |
| |
| | |
Buildkite as well
https://buildkite.com/rails/rails/builds/58981#2423c707-7c56-4639-a76e-8db4fd1e5cf3/102-111
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I'm not sure why the test is failed on Travis, it passed on locally.
I suspect that failure is a bug on SQLite3, so just skip the test for
now, since it was not covered by before.
https://travis-ci.org/rails/rails/jobs/496726410#L1198-L1208
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is caused by 0ee96d1.
Since #18744, `select` columns doesn't be qualified by table name if
using `from`. 0ee96d1 follows that for `pluck` as well.
But people depends that `pluck` columns are qualified even if using
`from`.
So I've fixed that to be qualified if `from` has the original table name
to keep the behavior as much as before.
Fixes #35359.
|
|\
| |
| |
| |
| | |
kamipo/dont_allow_non_numeric_string_matches_to_zero
Don't allow `where` with non numeric string matches to 0 values
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a follow-up of #35310.
Currently `Topic.find_by(id: "not-a-number")` matches to a `id = 0`
record. That is considered as silently leaking information.
If non numeric string is given to find by an integer column, it should
not be matched to any record.
Related #12793.
|
| | |
|
| |
| |
| |
| | |
This covers what #34626 fixes.
|
|\ \
| | |
| | | |
Reduce unused allocations when casting UUIDs for Postgres
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Using the subscript method `#[]` on a string has several overloads and
rather complex implementation. One of the overloads is the capability to
accept a regular expression and then run a match, then return the
receiver (if it matched) or one of the groups from the MatchData.
The function of the `UUID#cast` method is to cast a UUID to a type and
format acceptable by postgres. Naturally UUIDs are supposed to be
string and of a certain format, but it had been determined that it was
not ideal for the framework to send just any old string to Postgres and
allow the engine to complain when "foobar" or "" was sent, being
obviously of the wrong format for a valid UUID. Therefore this code was
written to facilitate the checking, and if it were not of the correct
format, a `nil` would be returned as is conventional in Rails.
Now, the subscript method will allocate one or more strings on a match
and return one of them, based on the index parameter. However, there
is no need for a new string, as a UUID of the correct format is already
such, and so long as the format was verified then the string supplied is
adequate for consumption by the database.
The subscript method also creates a MatchData object which will never be
used, and so must eventually be garbage collected.
Garbage collection indeed. This innocuous method tends to be called
quite a lot, for example if the primary key of a table is a uuid, then
this method will be called. If the foreign key of a relation is a UUID,
once again this method is called. If that foreign key is belonging to
a has_many relationship with dozens of objects, then again dozens of
UUIDs shall be cast to a dup of themselves, and spawn dozens of
MatchData objects, and so on.
So, for users that:
* Use UUIDs as primary keys
* Use Postgres
* Operate on collections of objects
This accomplishes a significant savings in total allocations, and may
save many garbage collections.
|
|\ \ \
| |_|/
|/| | |
Replaced usage of where.delete/destroy_all with delete/destroy_by
|
| | | |
|
|\ \ \
| | | |
| | | | |
Fix reset of the source association when through association is loaded
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The special case happens when through association has a custom scope
that is applied to the source association when loading.
In this case, the soucre association would need to be reset after
main association is loaded. See tests.
The special case exists when a through association has
|
| | | | |
|
| |_|/
|/| | |
|
|\ \ \
| |_|/
|/| | |
Reset column info after making Topic tz-aware
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In AttributeMethodsTest, we make the global Topic class time zone-aware
which changes instance date time attribute casting behaviour. We need to
reset column info after the test because future tests don't expect Topic
date time columns to be time zone-aware.
|
| | | |
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
That is considered as silently leaking information.
If type casting doesn't return any actual value, it should not be
matched to any record.
Fixes #33624.
Closes #33946.
|
| |
| |
| |
| |
| |
| |
| |
| | |
Since `serialize` is passed user input args (from `where`, schema
default, etc), a helper should provide `serialize` if the helper also
provide `cast`.
Related #32624, 34cc301, a741208.
|
| |
| |
| |
| |
| | |
This is covered by `test_update_all_with_order_and_limit_updates_subset_only`
and `test_update_all_with_order_and_limit_and_offset_updates_subset_only`.
|
| |
| |
| |
| |
| |
| | |
This fixes a bug that the `foreign_key` and the `foreign_type` are
separated as different table conditions if a polymorphic association has
a scope that joins another tables.
|
|\ \
| | |
| | | |
Raise ActiveRecord::IrreversibleOrderError if nulls first/last is not a single ordering argument.
|
| | |
| | |
| | |
| | | |
single ordering argument.
|
| | |
| | |
| | |
| | | |
This follows up 0ee96d13de29680e148ccb8e5b68025f29fd091c.
|
|\ \ \
| | | |
| | | |
| | | | |
Fix the regex that extract mismatched foreign key information
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The CI failure for `test_errors_for_bigint_fks_on_integer_pk_table` is
due to the poor regex that extract all ``` `(\w+)` ``` like parts from
the message (`:foreign_key` should be `"old_car_id"`, but `"engines"`):
https://travis-ci.org/rails/rails/jobs/494123455#L1703
I've improved the regex more strictly and have more exercised mismatched
foreign key tests.
Fixes #35294
|
| | |
| | |
| | |
| | | |
Since #35212, foreign key feature is supported by all adapters.
|
|\ \ \
| | | |
| | | |
| | | | |
Properly handle cached queries with too many bind parameters
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
as leaked
This deprecates using class level querying methods if the receiver scope
regarded as leaked, since #32380 and #35186 may cause that silently
leaking information when people upgrade the app.
We need deprecation first before making those.
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
kamipo/fix_leaking_scope_on_relation_create"
This reverts commit b67d5c6dedbf033515a96a95d24d085bf99a0d07, reversing
changes made to 2e018361c7c51e36d1d98bf770b7456d78dee68b.
Reason: #35186 may cause that silently leaking information when people
upgrade the app.
We need deprecation first before making this.
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
eileencodes/add-setter-and-deprecation-for-configurations-hashes
Add setter and deprecation for configurations hashes
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In chat Sam Saffron asked how to use the setter now that configurations
is no longer a hash and you need to do AR::Base.configurations["test"]=.
Technically you can do `ActiveRecord::Base.configurations = { the hash
}` but I realized the old way throws an error and is unintuitive.
To aid in the transition from hashes to objects this PR makes a few
changes:
1) Re-adds a deprecated hash setter `[]=` that will add a new hash
to the configurations list OR replace an existing hash if that
environment is already present. This won't be supported in future Rails
versions but a good error is important.
2) Changed to throw deprecation warnings on the methods we decided to support
for hash conversion and raise on the methods we don't support.
3) Refactored the setter/getter hash deprecation warnings messages and
rewrote them.
Getters message:
```
DEPRECATION WARNING: `ActiveRecord::Base.configurations` no longer
returns a hash. Methods that act on the hash like `values` are
deprecated and will be removed in Rails 6.1. Use the `configs_for`
method to collect and iterate over the database configurations.
```
Setter message:
```
DEPRECATION WARNING: Setting `ActiveRecord::Base.configurations` with
`[]=` is deprecated. Use `ActiveRecord::Base.configurations=` directly
to set the configurations instead.
```
4) Rewrote the legacy configurations test file to test all the public
methods in the DatabaseConfigurations class.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
methods"
This reverts #32380, since this may cause that silently leaking
information when people upgrade the app.
We need deprecation first before making this.
|
|\ \ \
| | | |
| | | | |
Fix database configurations building when DATABASE_URL present
|
| | | | |
|