| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
This reverts commit 88cc1688d0cb828c17706b41a8bd27870f2a2beb, reversing
changes made to f049016cd348627bf8db0d72382d7580bf802a79.
|
|\
| |
| |
| |
| |
| | |
* master-sec:
CVE-2013-0156: Safe XML params parsing. Doesn't allow symbols or yaml.
* Strip nils from collections on JSON and XML posts. [CVE-2013-0155] * dealing with empty hashes. Thanks Damien Mathieu
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
dealing with empty hashes. Thanks Damien Mathieu
Conflicts:
actionpack/CHANGELOG.md
actionpack/lib/action_dispatch/http/request.rb
actionpack/lib/action_dispatch/middleware/params_parser.rb
activerecord/CHANGELOG.md
activerecord/lib/active_record/relation/predicate_builder.rb
activerecord/test/cases/relation/where_test.rb
|
|\ \
| | |
| | |
| | |
| | | |
Conflicts:
guides/source/getting_started.md
|
| | | |
|
| | |
| | |
| | |
| | | |
particularly, `all(options)` would warn
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some tests were raising the following error:
Could not log "sql.active_record" event. NoMethodError: undefined method
`type' for nil:NilClass`
Due to the way binds were being logged, the column info was considered
always present, but that is not true for some of the tests listed in the
issue.
Closes #8806.
|
|\ \ \
| | | |
| | | | |
refactor reset_primary_key and change !blank? to present? in get_primary...
|
| | |/
| |/| |
|
| | | |
|
| | | |
|
|/ /
| |
| |
| | |
Closes #8804 [ci skip]
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
All the valids parameters for libpq are used.
See http://www.postgresql.org/docs/9.1/static/libpq-connect.html for the
full list
Fixes #8784
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also covers any non-castable case by returning nil, which
is in-line with the intention of the former implementation,
but covers the odd cases which respond to to_i but raise
an error when it's called, such as NaN, Infinity and -Infinity.
Fixes #8757
|
| | |
|
| |
| |
| |
| |
| |
| | |
* dependencies/autoload
* concern
* deprecation
|
| | |
|
| |
| |
| |
| |
| | |
They don't add any benefits over `assert object.blank?`
and `assert object.present?`
|
| | |
|
| |
| |
| |
| |
| |
| | |
This reverts commit 162e2859813b31c50700b453aa61992dfa57139e.
This commit was added by mistake, sorry :bow:
|
| |
| |
| |
| |
| |
| |
| | |
- Reverting #a3cf03ef99 fixes the issue
Conflicts:
activerecord/test/cases/relations_test.rb
|
| |
| |
| |
| | |
Other minor changelog improvements [ci skip]
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit fixes a bug introduced in 96a13fc7 which breaks behaviour of
integer fields.
In 3.2.8, setting the value of an integer field to a non-integer (eg.
Array, Hash, etc.) would default to 1 (true) :
# 3.2.8
p = Post.new
p.category_id = [ 1, 2 ]
p.category_id # => 1
p.category_id = { 3 => 4 }
p.category_id # => 1
In 3.2.9 and above, this will raise a NoMethodError :
# 3.2.9
p = Post.new
p.category_id = [ 1, 2 ]
NoMethodError: undefined method `to_i' for [1, 2]:Array
Whilst at first blush this appear to be sensible, it combines in bad
ways with scoping.
For example, it is common to use scopes to control access to data :
@collection = Posts.where(:category_id => [ 1, 2 ])
@new_post = @collection.new
In 3.2.8, this would work as expected, creating a new Post object
(albeit with @new_post.category_id = 1). However, in 3.2.9 this will
cause the NoMethodError to be raised as above.
It is difficult to avoid triggering this error without descoping before
calling .new, breaking any apps running on 3.2.8 that rely on this
behaviour.
This patch deviates from 3.2.8 in that it does not retain the somewhat
spurious behaviour of setting the attribute to 1. Instead, it explicitly
sets these invalid values to nil :
p = Post.new
p.category_id = [ 1, 2 ]
p.category_id # => nil
This also fixes the situation where a scope using an array will
"pollute" any newly instantiated records.
@new_post = @collection.new
@new_post.category_id # => nil
Finally, 3.2.8 exhibited a behaviour where setting an object to an
integer field caused it to be coerced to "1". This has not been
retained, as it is spurious and surprising in the same way that setting
Arrays and Heshes was :
c = Category.find(6)
p = Post.new
# 3.2.8
p.category_id = c
p.category_id # => 1
# This patch
p.category_id = c
p.category_id # => nil
This commit includes explicit test cases that expose the original issue
with calling new on a scope that uses an Array. As this is a common
situation, an explicit test case is the best way to prevent regressions
in the future.
It also updates and separates existing tests to be explicit about the
situation that is being tested (eg. AR objects vs. other objects vs.
non-integers)
|
|\ \
| | |
| | | |
A small fix for an AR test case
|
| | | |
|
|\ \ \
| |/ /
|/| | |
Rename update_attributes method to update
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
|/ /
| |
| |
| |
| |
| |
| | |
parameters
Conflicts:
activerecord/lib/active_record/dynamic_matchers.rb
|
| | |
|
|\ \
| | |
| | | |
remove meaningless AS::FrozenObjectError
|
| |/ |
|
| | |
|
|\ \
| | |
| | | |
Address a failure test_remove_column_with_multi_column_index with Oracle
|