From 6dc749596c328c44c80f898d5fa860fff6cab783 Mon Sep 17 00:00:00 2001 From: Pete Campbell Date: Thu, 28 Jul 2011 09:44:51 -0400 Subject: Explicitly included hashes in sentence regarding SQL-injection-safe forms --- activerecord/lib/active_record/base.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb index 4136868b39..461df0555f 100644 --- a/activerecord/lib/active_record/base.rb +++ b/activerecord/lib/active_record/base.rb @@ -63,9 +63,9 @@ module ActiveRecord #:nodoc: # == Conditions # # Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement. - # The array form is to be used when the condition input is tainted and requires sanitization. The string form can - # be used for statements that don't involve tainted data. The hash form works much like the array form, except - # only equality and range is possible. Examples: + # The array form is to be used when the condition input is tainted and requires sanitization. The string and hash + # forms can be used for statements that don't involve tainted data. The hash form works much like the array form, + # except only equality and range is possible. Examples: # # class User < ActiveRecord::Base # def self.authenticate_unsafely(user_name, password) -- cgit v1.2.3 From 7372e9ae9a06e6b15e1a20bc69667bf44c79676c Mon Sep 17 00:00:00 2001 From: Vijay Dev Date: Sat, 30 Jul 2011 23:16:07 +0530 Subject: make the warning clear about the effect of using validates_associated on both sides on an association. --- activerecord/lib/active_record/validations/associated.rb | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/validations/associated.rb b/activerecord/lib/active_record/validations/associated.rb index 5df85304a2..7af0352a31 100644 --- a/activerecord/lib/active_record/validations/associated.rb +++ b/activerecord/lib/active_record/validations/associated.rb @@ -17,15 +17,7 @@ module ActiveRecord # validates_associated :pages, :library # end # - # Warning: If, after the above definition, you then wrote: - # - # class Page < ActiveRecord::Base - # belongs_to :book - # - # validates_associated :book - # end - # - # this would specify a circular dependency and cause infinite recursion. + # WARNING: This validation must not be used on both ends of an association. Doing so will lead to a circular dependency and cause infinite recursion. # # NOTE: This validation will not fail if the association hasn't been assigned. If you want to # ensure that the association is both present and guaranteed to be valid, you also need to -- cgit v1.2.3 From b537595665527b8ca5ebad97fc053fd102e16d32 Mon Sep 17 00:00:00 2001 From: Xavier Noria Date: Thu, 4 Aug 2011 15:14:06 -0700 Subject: Revert "Explicitly included hashes in sentence regarding SQL-injection-safe forms" Reason: The hash form is secure, and preferred over the array form if possible. This reverts commit 6dc749596c328c44c80f898d5fa860fff6cab783. --- activerecord/lib/active_record/base.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb index 461df0555f..4136868b39 100644 --- a/activerecord/lib/active_record/base.rb +++ b/activerecord/lib/active_record/base.rb @@ -63,9 +63,9 @@ module ActiveRecord #:nodoc: # == Conditions # # Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement. - # The array form is to be used when the condition input is tainted and requires sanitization. The string and hash - # forms can be used for statements that don't involve tainted data. The hash form works much like the array form, - # except only equality and range is possible. Examples: + # The array form is to be used when the condition input is tainted and requires sanitization. The string form can + # be used for statements that don't involve tainted data. The hash form works much like the array form, except + # only equality and range is possible. Examples: # # class User < ActiveRecord::Base # def self.authenticate_unsafely(user_name, password) -- cgit v1.2.3 From e7f7439d068f587db91e959ef803606cae9e7cc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awosz=20S=C5=82awi=C5=84ski?= Date: Sat, 23 Jul 2011 21:35:16 +0200 Subject: allow select to have multiple arguments --- activerecord/lib/active_record/relation/query_methods.rb | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/relation/query_methods.rb b/activerecord/lib/active_record/relation/query_methods.rb index 1654ae1eac..792ffe1c5d 100644 --- a/activerecord/lib/active_record/relation/query_methods.rb +++ b/activerecord/lib/active_record/relation/query_methods.rb @@ -37,12 +37,15 @@ module ActiveRecord relation end - def select(value = Proc.new) + def select(*args, &blk) + if !block_given? && args.blank? + raise ArgumentError + end if block_given? - to_a.select {|*block_args| value.call(*block_args) } + to_a.select {|*block_args| blk.call(*block_args) } else relation = clone - relation.select_values += Array.wrap(value) + relation.select_values += args relation end end -- cgit v1.2.3 From 182a4284183c63e9cb8fa879620ce01c98e111d3 Mon Sep 17 00:00:00 2001 From: Piotr Sarnacki Date: Tue, 26 Jul 2011 16:12:17 +0200 Subject: Revert "allow select to have multiple arguments" This reverts commit 04cc446d178653d362510e79a22db5300d463161. I reverted it because apparently we want to use: select([:a, :b]) instead of select(:a, :b), but there was no tests for that form. --- activerecord/lib/active_record/relation/query_methods.rb | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/relation/query_methods.rb b/activerecord/lib/active_record/relation/query_methods.rb index 792ffe1c5d..1654ae1eac 100644 --- a/activerecord/lib/active_record/relation/query_methods.rb +++ b/activerecord/lib/active_record/relation/query_methods.rb @@ -37,15 +37,12 @@ module ActiveRecord relation end - def select(*args, &blk) - if !block_given? && args.blank? - raise ArgumentError - end + def select(value = Proc.new) if block_given? - to_a.select {|*block_args| blk.call(*block_args) } + to_a.select {|*block_args| value.call(*block_args) } else relation = clone - relation.select_values += args + relation.select_values += Array.wrap(value) relation end end -- cgit v1.2.3 From 5a92c6627e02fc2e40a4c4a578e7aab7324af5fe Mon Sep 17 00:00:00 2001 From: Vishnu Atrai Date: Tue, 26 Jul 2011 22:33:23 +0530 Subject: remove deprication warning for ruby 1.9.3-head for unused variables --- activerecord/lib/active_record/connection_adapters/mysql2_adapter.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/connection_adapters/mysql2_adapter.rb b/activerecord/lib/active_record/connection_adapters/mysql2_adapter.rb index d6c167ad36..f9602bbe77 100644 --- a/activerecord/lib/active_record/connection_adapters/mysql2_adapter.rb +++ b/activerecord/lib/active_record/connection_adapters/mysql2_adapter.rb @@ -577,7 +577,7 @@ module ActiveRecord def quoted_columns_for_index(column_names, options = {}) length = options[:length] if options.is_a?(Hash) - quoted_column_names = case length + case length when Hash column_names.map {|name| length[name] ? "#{quote_column_name(name)}(#{length[name]})" : quote_column_name(name) } when Fixnum -- cgit v1.2.3 From 05f1a9bcc3c9223768187e2379b508638dfa19b6 Mon Sep 17 00:00:00 2001 From: Jon Leighton Date: Wed, 27 Jul 2011 12:36:00 +0100 Subject: Add a proxy_association method to association proxies, which can be called by association extensions to access information about the association. This replaces proxy_owner etc with proxy_association.owner. --- activerecord/lib/active_record/associations.rb | 6 ++++++ .../lib/active_record/associations/collection_proxy.rb | 16 ++++++++++------ 2 files changed, 16 insertions(+), 6 deletions(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/associations.rb b/activerecord/lib/active_record/associations.rb index 029d7a9b15..2605a54cb6 100644 --- a/activerecord/lib/active_record/associations.rb +++ b/activerecord/lib/active_record/associations.rb @@ -460,6 +460,12 @@ module ActiveRecord # * record.association(:items).target - Returns the associated object for +belongs_to+ and +has_one+, or # the collection of associated objects for +has_many+ and +has_and_belongs_to_many+. # + # However, inside the actual extension code, you will not have access to the record as + # above. In this case, you can access proxy_association. For example, + # record.association(:items) and record.items.proxy_association will return + # the same object, allowing you to make calls like proxy_association.owner inside + # association extensions. + # # === Association Join Models # # Has Many associations can be configured with the :through option to use an diff --git a/activerecord/lib/active_record/associations/collection_proxy.rb b/activerecord/lib/active_record/associations/collection_proxy.rb index 827dfb7ccb..6ba3d45aff 100644 --- a/activerecord/lib/active_record/associations/collection_proxy.rb +++ b/activerecord/lib/active_record/associations/collection_proxy.rb @@ -58,23 +58,27 @@ module ActiveRecord alias_method :new, :build + def proxy_association + @association + end + def respond_to?(name, include_private = false) super || (load_target && target.respond_to?(name, include_private)) || - @association.klass.respond_to?(name, include_private) + proxy_association.klass.respond_to?(name, include_private) end def method_missing(method, *args, &block) match = DynamicFinderMatch.match(method) if match && match.instantiator? send(:find_or_instantiator_by_attributes, match, match.attribute_names, *args) do |r| - @association.send :set_owner_attributes, r - @association.send :add_to_target, r + proxy_association.send :set_owner_attributes, r + proxy_association.send :add_to_target, r yield(r) if block_given? end end - if target.respond_to?(method) || (!@association.klass.respond_to?(method) && Class.respond_to?(method)) + if target.respond_to?(method) || (!proxy_association.klass.respond_to?(method) && Class.respond_to?(method)) if load_target if target.respond_to?(method) target.send(method, *args, &block) @@ -104,7 +108,7 @@ module ActiveRecord alias_method :to_a, :to_ary def <<(*records) - @association.concat(records) && self + proxy_association.concat(records) && self end alias_method :push, :<< @@ -114,7 +118,7 @@ module ActiveRecord end def reload - @association.reload + proxy_association.reload self end end -- cgit v1.2.3 From 4c873cbf367d82538dbac914e7eee05b3582b6f1 Mon Sep 17 00:00:00 2001 From: Dmitriy Kiriyenko Date: Tue, 5 Jul 2011 13:17:39 +0300 Subject: Fixed failing query when performing calculation with having based on select. --- activerecord/lib/active_record/relation/calculations.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/relation/calculations.rb b/activerecord/lib/active_record/relation/calculations.rb index 0ac821b2d7..9a7ff87e88 100644 --- a/activerecord/lib/active_record/relation/calculations.rb +++ b/activerecord/lib/active_record/relation/calculations.rb @@ -250,6 +250,7 @@ module ActiveRecord operation, distinct).as(aggregate_alias) ] + select_values += @select_values unless @having_values.empty? select_values.concat group_fields.zip(group_aliases).map { |field,aliaz| "#{field} AS #{aliaz}" -- cgit v1.2.3 From c751bb1ac25c1b563cb55da2a25284f430e5e40e Mon Sep 17 00:00:00 2001 From: Samer Masry Date: Wed, 27 Jul 2011 10:17:25 -0700 Subject: Reverse order fix when using function for ActiveRecord::QueryMethods Fixes #1697 --- activerecord/lib/active_record/relation/query_methods.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/relation/query_methods.rb b/activerecord/lib/active_record/relation/query_methods.rb index 1654ae1eac..3a7b245c51 100644 --- a/activerecord/lib/active_record/relation/query_methods.rb +++ b/activerecord/lib/active_record/relation/query_methods.rb @@ -312,7 +312,7 @@ module ActiveRecord when String, Symbol o.to_s.split(',').collect do |s| s.strip! - s.gsub!(/\sasc\Z/i, ' DESC') || s.gsub!(/\sdesc\Z/i, ' ASC') || s.concat(' DESC') + (s if s =~ /\(/) || s.gsub!(/\sasc\Z/i, ' DESC') || s.gsub!(/\sdesc\Z/i, ' ASC') || s.concat(' DESC') end else o -- cgit v1.2.3 From bec59779326daa35aab483fa8b95c0f87440fede Mon Sep 17 00:00:00 2001 From: Jon Leighton Date: Thu, 28 Jul 2011 13:14:11 +0100 Subject: Revert "Merge pull request #2309 from smasry/master" This reverts commit 9d396ee8195e31f646e0b89158ed96f4db4ab38f, reversing changes made to fa2bfd832c1d1e997d93c2269a485cc74782c86d. Reason: the change broke the build. --- activerecord/lib/active_record/relation/query_methods.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/relation/query_methods.rb b/activerecord/lib/active_record/relation/query_methods.rb index 3a7b245c51..1654ae1eac 100644 --- a/activerecord/lib/active_record/relation/query_methods.rb +++ b/activerecord/lib/active_record/relation/query_methods.rb @@ -312,7 +312,7 @@ module ActiveRecord when String, Symbol o.to_s.split(',').collect do |s| s.strip! - (s if s =~ /\(/) || s.gsub!(/\sasc\Z/i, ' DESC') || s.gsub!(/\sdesc\Z/i, ' ASC') || s.concat(' DESC') + s.gsub!(/\sasc\Z/i, ' DESC') || s.gsub!(/\sdesc\Z/i, ' ASC') || s.concat(' DESC') end else o -- cgit v1.2.3 From 17a66a8ddc5a2ee8263d1dcc86a032322cb8e615 Mon Sep 17 00:00:00 2001 From: Aaron Patterson Date: Fri, 29 Jul 2011 12:23:37 -0700 Subject: dump IO encoding value along with schema.rb so the file can be reloaded. fixes #1592 --- activerecord/lib/active_record/schema_dumper.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/schema_dumper.rb b/activerecord/lib/active_record/schema_dumper.rb index 19585f6214..6fe305f843 100644 --- a/activerecord/lib/active_record/schema_dumper.rb +++ b/activerecord/lib/active_record/schema_dumper.rb @@ -40,6 +40,10 @@ module ActiveRecord def header(stream) define_params = @version ? ":version => #{@version}" : "" + if stream.respond_to?(:external_encoding) + stream.puts "# encoding: #{stream.external_encoding.name}" + end + stream.puts <
Date: Fri, 29 Jul 2011 12:28:12 -0700 Subject: default writing the schema file as utf-8 --- activerecord/lib/active_record/railties/databases.rake | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/railties/databases.rake b/activerecord/lib/active_record/railties/databases.rake index 0ee7e20cf1..ec00f7faad 100644 --- a/activerecord/lib/active_record/railties/databases.rake +++ b/activerecord/lib/active_record/railties/databases.rake @@ -341,7 +341,8 @@ db_namespace = namespace :db do desc 'Create a db/schema.rb file that can be portably used against any DB supported by AR' task :dump => :load_config do require 'active_record/schema_dumper' - File.open(ENV['SCHEMA'] || "#{Rails.root}/db/schema.rb", "w") do |file| + filename = ENV['SCHEMA'] || "#{Rails.root}/db/schema.rb" + File.open(filename, "w:utf-8") do |file| ActiveRecord::Base.establish_connection(Rails.env) ActiveRecord::SchemaDumper.dump(ActiveRecord::Base.connection, file) end -- cgit v1.2.3 From 9d19bae233d7a2ce9adac39b6b6e91de85729def Mon Sep 17 00:00:00 2001 From: Christopher Meiklejohn Date: Fri, 29 Jul 2011 21:26:21 -0400 Subject: Support backwards compatible interface for migration down/up with rails 3.0.x. --- activerecord/lib/active_record/migration.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/migration.rb b/activerecord/lib/active_record/migration.rb index 507f345ef5..9307d7ef24 100644 --- a/activerecord/lib/active_record/migration.rb +++ b/activerecord/lib/active_record/migration.rb @@ -329,6 +329,7 @@ module ActiveRecord end def self.method_missing(name, *args, &block) # :nodoc: + self.delegate = self.new (delegate || superclass.delegate).send(name, *args, &block) end -- cgit v1.2.3 From d6af6fc0c03860f677e8fc85fa7eb4bab181215a Mon Sep 17 00:00:00 2001 From: Aaron Patterson Date: Tue, 2 Aug 2011 20:01:38 -0700 Subject: add a migrate class method and delegate to the new instance --- activerecord/lib/active_record/migration.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/migration.rb b/activerecord/lib/active_record/migration.rb index 9307d7ef24..fa1b303fc7 100644 --- a/activerecord/lib/active_record/migration.rb +++ b/activerecord/lib/active_record/migration.rb @@ -329,10 +329,13 @@ module ActiveRecord end def self.method_missing(name, *args, &block) # :nodoc: - self.delegate = self.new (delegate || superclass.delegate).send(name, *args, &block) end + def self.migrate(direction) + new.migrate direction + end + cattr_accessor :verbose attr_accessor :name, :version -- cgit v1.2.3 From 1ff52cbe818f9f7bad2a9ff6ae0e515f82b1ab06 Mon Sep 17 00:00:00 2001 From: Aaron Patterson Date: Wed, 3 Aug 2011 08:57:52 -0700 Subject: initializing @open_transactions in the initialize method --- .../lib/active_record/connection_adapters/abstract_adapter.rb | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb b/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb index 65024d76f8..bde31d1cda 100644 --- a/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb +++ b/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb @@ -43,6 +43,7 @@ module ActiveRecord @connection, @logger = connection, logger @query_cache_enabled = false @query_cache = Hash.new { |h,sql| h[sql] = {} } + @open_transactions = 0 @instrumenter = ActiveSupport::Notifications.instrumenter end @@ -177,12 +178,9 @@ module ActiveRecord @connection end - def open_transactions - @open_transactions ||= 0 - end + attr_reader :open_transactions def increment_open_transactions - @open_transactions ||= 0 @open_transactions += 1 end -- cgit v1.2.3 From bb72183bca60c105c901f6c38cf81dae3a104102 Mon Sep 17 00:00:00 2001 From: artemk Date: Thu, 4 Aug 2011 00:34:13 +0300 Subject: accept option for recreate db for postgres (same as mysql now) --- .../lib/active_record/connection_adapters/postgresql_adapter.rb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb b/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb index a84f73c73f..aefe69f8ed 100644 --- a/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb +++ b/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb @@ -614,9 +614,11 @@ module ActiveRecord # SCHEMA STATEMENTS ======================================== - def recreate_database(name) #:nodoc: + # Drops the database specified on the +name+ attribute + # and creates it again using the provided +options+. + def recreate_database(name, options = {}) #:nodoc: drop_database(name) - create_database(name) + create_database(name, options) end # Create a new PostgreSQL database. Options include :owner, :template, -- cgit v1.2.3 From 56efdbc6260f49fdf8d82d8557f233a7df3beafa Mon Sep 17 00:00:00 2001 From: Florent Guilleux Date: Mon, 8 Aug 2011 19:31:03 -0500 Subject: Document exclamation point on dynamic finders --- activerecord/lib/active_record/base.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'activerecord/lib') diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb index 4136868b39..b3a0267276 100644 --- a/activerecord/lib/active_record/base.rb +++ b/activerecord/lib/active_record/base.rb @@ -177,6 +177,10 @@ module ActiveRecord #:nodoc: # And instead of writing Person.where(:last_name => last_name).all, you just do # Person.find_all_by_last_name(last_name). # + # It's possible to add an exclamation point (!) on the end of the dynamic finders to get them to raise an + # ActiveRecord::RecordNotFound error if they do not return any records, + # like Person.find_by_last_name!. + # # It's also possible to use multiple attributes in the same find by separating them with "_and_". # # Person.where(:user_name => user_name, :password => password).first -- cgit v1.2.3