aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch '3-2-sec' into 3-2-secmergeAaron Patterson2013-01-084-4/+26
|\ | | | | | | | | | | | | | | | | | | | | | | | | * 3-2-sec: bumping version CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml. * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu Avoid Rack security warning no secret provided Conflicts: actionpack/CHANGELOG.md activerecord/CHANGELOG.md activesupport/CHANGELOG.md
| * bumping versionAaron Patterson2013-01-081-1/+1
| |
| * * Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * ↵Aaron Patterson2013-01-083-2/+25
| | | | | | | | dealing with empty hashes. Thanks Damien Mathieu
* | Refactor write attribute logic to convert number column valueCarlos Antonio da Silva2013-01-071-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is an improvement for issue #8673: "Comparing a BigDecimal to true/false on write_attribute is slow" It seems to be an issue with Ruby itself, related to the "coerce" method being called in TrueClass/FalseClass due to the == condition, triggering method_missing, then raising a NameError that's later catched. This issue was also opened in Ruby tracker: https://bugs.ruby-lang.org/issues/7645. This refactoring avoid the coerce call by using a case statement, which gives us better readability as well. A simple benchmark: ---------- require 'benchmark/ips' require 'bigdecimal' Benchmark.ips do |x| x.report("== true") { BigDecimal('3') == true } x.report("TrueClass") { TrueClass === BigDecimal('3') } x.report("== 0") { BigDecimal('3') == 0 } x.report("Numeric") { Numeric === BigDecimal('3') } end Calculating ------------------------------------- == true 6427 i/100ms TrueClass 47297 i/100ms == 0 35923 i/100ms Numeric 55530 i/100ms ------------------------------------------------- == true 75878.5 (±21.6%) i/s - 359912 in 5.004392s TrueClass 1249547.0 (±13.1%) i/s - 6148610 in 5.035964s == 0 666856.3 (±13.3%) i/s - 3268993 in 5.013789s Numeric 1269300.9 (±11.3%) i/s - 6274890 in 5.028458s ---------- Master has a very different implementation, and there are apparently no similar conversions at this point, it's mainly delegated to the column type cast, but I'll check if something needs to be changed there as well. Closes #8673.
* | Remove not used variable in eager testCarlos Antonio da Silva2013-01-071-1/+0
| |
* | Fix named scope + class method exampleCarlos Antonio da Silva2013-01-071-3/+1
| | | | | | | | | | | | | | Closes #8804 [ci skip] Conflicts: activerecord/lib/active_record/scoping/named.rb
* | connection_parameters is an Array and will never haveRafael Mendonça França2013-01-061-2/+0
| | | | | | | | prepared_statements as value
* | Test only with Ruby 1.9+Rafael Mendonça França2013-01-061-4/+6
| |
* | Remove warningsRafael Mendonça França2013-01-061-2/+1
| |
* | Fix error when assigning NaN to an integer columnTristan Harward2013-01-063-8/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also covers any non-castable case by returning nil, which is in-line with the intention of the former implementation, but covers the odd cases which respond to to_i but raise an error when it's called, such as NaN, Infinity and -Infinity. Fixes #8757 Backport of #8781 Conflicts: activerecord/CHANGELOG.md activerecord/test/cases/column_test.rb
* | Fix undefined method `to_i' introduced since 3.2.8Jason Stirk2013-01-044-8/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit fixes a bug introduced in 96a13fc7 which breaks behaviour of integer fields in 3.2.8. In 3.2.8, setting the value of an integer field to a non-integer (eg. Array, Hash, etc.) would default to 1 (true) : # 3.2.8 p = Post.new p.category_id = [ 1, 2 ] p.category_id # => 1 p.category_id = { 3 => 4 } p.category_id # => 1 In 3.2.9 and above, this will raise a NoMethodError : # 3.2.9 p = Post.new p.category_id = [ 1, 2 ] NoMethodError: undefined method `to_i' for [1, 2]:Array Whilst at first blush this appear to be sensible, it combines in bad ways with scoping. For example, it is common to use scopes to control access to data : @collection = Posts.where(:category_id => [ 1, 2 ]) @new_post = @collection.new In 3.2.8, this would work as expected, creating a new Post object (albeit with @new_post.category_id = 1). However, in 3.2.9 this will cause the NoMethodError to be raised as above. It is difficult to avoid triggering this error without descoping before calling .new, breaking any apps running on 3.2.8 that rely on this behaviour. This patch deviates from 3.2.8 in that it does not retain the somewhat spurious behaviour of setting the attribute to 1. Instead, it explicitly sets these invalid values to nil : p = Post.new p.category_id = [ 1, 2 ] p.category_id # => nil This also fixes the situation where a scope using an array will "pollute" any newly instantiated records. @new_post = @collection.new @new_post.category_id # => nil Finally, 3.2.8 exhibited a behaviour where setting an object to an integer field caused it to be coerced to "1". This has not been retained, as it is spurious and surprising in the same way that setting Arrays and Heshes was : c = Category.find(6) p = Post.new # 3.2.8 p.category_id = c p.category_id # => 1 # This patch p.category_id = c p.category_id # => nil This commit includes explicit test cases that expose the original issue with calling new on a scope that uses an Array. As this is a common situation, an explicit test case is the best way to prevent regressions in the future. It also updates and separates existing tests to be explicit about the situation that is being tested (eg. AR objects vs. other objects vs. non-integers)
* | Merge tag 'v3.2.10' into 3-2-stableMiguel2013-01-031-1/+1
|\| | | | | | | Latest released tag was not fully merged into the stable branch (missed version bumping)
| * bumping version to 3.2.10Aaron Patterson2012-12-231-1/+1
| |
* | Add release date of 3.2.10Rafael Mendonça França2013-01-021-7/+6
| | | | | | | | Fix format and wrong changelog entry
* | Merge branch '3-2-sec' into 3-2-secmergeAaron Patterson2012-12-233-2/+26
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3-2-sec: CVE-2012-5664 options hashes should only be extracted if there are extra parameters updating changelog updating the changelogs updating the changelog for the CVE Add release date of Rails 3.2.9 to documentation Conflicts: actionmailer/CHANGELOG.md actionpack/CHANGELOG.md activemodel/CHANGELOG.md activerecord/CHANGELOG.md activeresource/CHANGELOG.md activesupport/CHANGELOG.md railties/CHANGELOG.md
| * CVE-2012-5664 options hashes should only be extracted if there are extra ↵Aaron Patterson2012-12-232-1/+18
| | | | | | | | parameters
| * updating changelogAaron Patterson2012-12-231-1/+2
| |
| * updating the changelog for the CVEAaron Patterson2012-12-231-0/+4
| |
| * Add release date of Rails 3.2.9 to documentationclaudiob2012-12-231-1/+1
| | | | | | | | | | | | | | Conflicts: actionpack/CHANGELOG.md activerecord/CHANGELOG.md activesupport/CHANGELOG.md
* | Serialized attribute can be serialized in an integer columnRafael Mendonça França2012-12-215-6/+49
| | | | | | | | | | | | | | | | | | | | Fix #8575 Conflicts: activerecord/CHANGELOG.md activerecord/lib/active_record/attribute_methods/serialization.rb activerecord/test/cases/serialized_attribute_test.rb activerecord/test/models/person.rb
* | Backport #8522, Keep index names when using with sqlite3Yves Senn2012-12-193-1/+19
| | | | | | | | | | | | | | | | Conflicts: activerecord/CHANGELOG.md activerecord/lib/active_record/connection_adapters/sqlite3_adapter.rb activerecord/test/cases/migration/rename_column_test.rb
* | recognize migrations, in folders containing numbers and 'rb'.Yves Senn2012-12-134-1/+24
| | | | | | | | | | | | | | | | | | Backport of #8500 Closes #8492 Conflicts: activerecord/test/cases/migrator_test.rb
* | Improve test name related to cache timestamp format [ci skip]Carlos Antonio da Silva2012-12-111-1/+1
| |
* | Add :nsec format only for Ruby 1.9Carlos Antonio da Silva2012-12-112-0/+5
| | | | | | | | | | | | Ruby 1.8 does not support this format in Time, so the format will only be added to the available date formats on Ruby 1.9. Changelog entry was changed to explain that as well.
* | Run backported serialized test without Identity MapCarlos Antonio da Silva2012-12-111-2/+4
| | | | | | | | | | | | It fails with Identity Map because the find call returns the same object, so the "content" attribute that we expect to raise "missing attribute" is actually present.
* | Use 1.8 hash style :bomb:Carlos Antonio da Silva2012-12-111-2/+2
| |
* | Merge pull request #8441 from itzki/fix_decorate_columnsCarlos Antonio da Silva2012-12-111-0/+13
| | | | | | | | | | Backport test to ensure there won't be regressions. The issue only happens on master at the moment.
* | Add CHANGELOG entry for #6376.Rafael Mendonça França2012-12-101-0/+4
| |
* | Allow users to choose the timestamp format in the cache keyRafael Mendonça França2012-12-104-2/+34
| | | | | | | | | | | | This can be done using the class attribute cache_timestamp_format Closes #8195
* | Make sure the tests pass in the case closer to described in #8195Rafael Mendonça França2012-12-104-19/+14
| |
* | Merge pull request #6376 from jgaskins/timestamp-microsecondsJeremy Kemper2012-12-102-2/+2
| | | | | | | | | | | | Increase numeric-timestamp precision to nanoseconds Conflicts: activesupport/lib/active_support/core_ext/time/conversions.rb
* | Added regression test for #8195.jacobstr2012-12-101-0/+18
| |
* | Remove warning of unused variableRafael Mendonça França2012-12-101-1/+1
| |
* | Unscope update_column(s) query to ignore default scopeCarlos Antonio da Silva2012-12-063-1/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When applying default_scope to a class with a where clause, using update_column(s) could generate a query that would not properly update the record due to the where clause from the default_scope being applied to the update query. class User < ActiveRecord::Base default_scope where(active: true) end user = User.first user.active = false user.save! user.update_column(:active, true) # => false In this situation we want to skip the default_scope clause and just update the record based on the primary key. With this change: user.update_column(:active, true) # => true Backport of #8436 fix. Conflicts: activerecord/CHANGELOG.md activerecord/lib/active_record/persistence.rb activerecord/test/cases/persistence_test.rb
* | Merge pull request #8417 from kennyj/fix_8414Rafael Mendonça França2012-12-042-3/+8
| | | | | | | | | | | | Fix #8414. Performance problem with postgresql adapter primary_key function. Conflicts: activerecord/lib/active_record/connection_adapters/postgresql/schema_statements.rb
* | backport #8403, no intermediate AR objects when eager loading.Yves Senn2012-12-044-2/+26
| | | | | | | | | | | | | | | | | | Closes #3313 Conflicts: activerecord/CHANGELOG.md activerecord/test/models/developer.rb
* | Merge pull request #4942 from bogdan/pluck_joinsJosé Valim2012-12-033-1/+20
| | | | | | | | | | | | | | | | AR::Relation#pluck: improve to work with joins Conflicts: activerecord/lib/active_record/relation/calculations.rb activerecord/test/cases/calculations_test.rb
* | handled respond_to? with private methodsSHIBATA Hiroshi2012-12-031-1/+1
| |
* | Make the CHANGELOG consistent [ci skip]Rafael Mendonça França2012-11-301-11/+20
| |
* | Merge pull request #6397 from kennyj/fix_translate_exceptionAaron Patterson2012-11-302-3/+12
| | | | | | | | Fix a problem of translate_exception method in a Japanese (non English) environment.
* | Backport 78b30fed9336336694fb2cb5d2825f95800b541c to fix non-utf-8 databases ↵Jeremy Kemper2012-11-291-5/+19
| | | | | | | | mistakenly getting utf8 collation
* | Merge pull request #7689 from cbarton/assume_migration_version_with_prefix_fixAaron Patterson2012-11-282-9/+29
|\ \ | | | | | | Fixing a schema:load when using a prefix and suffix on the tables [Reopen/backport]
| * | Making test accurately reflect what is going on in the schema migrations testChris Barton2012-09-182-9/+29
| | |
* | | Work around undiagnosed bug that's draining a relation's bind_valuesJeremy Kemper2012-11-281-0/+1
| | |
* | | Use 1.8 hash style in pg specific schemaCarlos Antonio da Silva2012-11-281-3/+3
| | |
* | | schema cache already has the columns as a hash, so use thatAaron Patterson2012-11-261-1/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commits 978ec98c8eff824a60c7e973f369cc7bed1f4d36 and 51676652a3568ad09b06385564de4fdcb13af05e changed database statements to use the schema_cache methods, added on master in c99e34e90d763c52cbe8dc3d950ed1b4db665dc4 and dc973e78560a6514ab172f0ee86dc84a9147d39a But apparently the methods weren't added to schema_cache, resulting in the failure described in #8322 for 3-2-stable. Fixes #8322. Conflicts: activerecord/lib/active_record/connection_adapters/schema_cache.rb
* | | schema cache already has the columns as a hash, so use thatAaron Patterson2012-11-251-1/+1
| | |
* | | speed up fixture loading by querying the schema cache for column namesAaron Patterson2012-11-251-1/+1
| | |
* | | Merge pull request #8311 from alisdair/dirty-nullable-datetimeCarlos Antonio da Silva2012-11-253-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't call will_change! for datetime nil->"". Setting a nil datetime attribute to a blank string should not cause the attribute to be dirty. Conflicts: activerecord/CHANGELOG.md activerecord/lib/active_record/attribute_methods/time_zone_conversion.rb
* | | backport #8291, prevent mass assignment of polymorphic type with `build`Yves Senn2012-11-223-1/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | Closes #8265 Conflicts: activerecord/CHANGELOG.md activerecord/lib/active_record/associations/association.rb