From 9b455fe6f0e5d21e8c428da5bdba7d0f3162aef7 Mon Sep 17 00:00:00 2001
From: bogdanvlviv <bogdanvlviv@gmail.com>
Date: Tue, 28 Aug 2018 09:20:18 +0300
Subject: Prevent leaking of user's DB credentials on `rails db:create` failure

Issue #27852 reports that when `rails db:create` fails, it causes
leaking of user's DB credentials to $stderr.
We print a DB's configuration hash in order to help users more quickly
to figure out what could be wrong with his configuration.

This commit changes message from
"Couldn't create database for #{configuration.inspect}" to
"Couldn't create '#{configuration['database']}' database. Please check your configuration.".

There are two PRs that fixing it #27878, #27879, but they need a bit more work.
I decided help to finish this and added Author of those PRs credit in this commit.

Since it is a security issue, I think we should backport it to
`5-2-stable`, and `5-1-stable`.
Guided by https://edgeguides.rubyonrails.org/maintenance_policy.html#security-issues

Fixes #27852
Closes #27879
Related to #27878

[Alexander Marrs & bogdanvlviv]
---
 activerecord/test/cases/tasks/postgresql_rake_test.rb | 2 +-
 activerecord/test/cases/tasks/sqlite_rake_test.rb     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'activerecord/test/cases/tasks')

diff --git a/activerecord/test/cases/tasks/postgresql_rake_test.rb b/activerecord/test/cases/tasks/postgresql_rake_test.rb
index e36c2b1e3f..8c6e8d79f3 100644
--- a/activerecord/test/cases/tasks/postgresql_rake_test.rb
+++ b/activerecord/test/cases/tasks/postgresql_rake_test.rb
@@ -112,7 +112,7 @@ if current_adapter?(:PostgreSQLAdapter)
         ActiveRecord::Base.stub(:connection, @connection) do
           ActiveRecord::Base.stub(:establish_connection, -> * { raise Exception }) do
             assert_raises(Exception) { ActiveRecord::Tasks::DatabaseTasks.create @configuration }
-            assert_match "Couldn't create database for #{@configuration.inspect}", $stderr.string
+            assert_match "Couldn't create '#{@configuration['database']}' database. Please check your configuration.", $stderr.string
           end
         end
       end
diff --git a/activerecord/test/cases/tasks/sqlite_rake_test.rb b/activerecord/test/cases/tasks/sqlite_rake_test.rb
index c42afd0e42..c1092b97c1 100644
--- a/activerecord/test/cases/tasks/sqlite_rake_test.rb
+++ b/activerecord/test/cases/tasks/sqlite_rake_test.rb
@@ -62,7 +62,7 @@ if current_adapter?(:SQLite3Adapter)
       def test_db_create_with_error_prints_message
         ActiveRecord::Base.stub(:establish_connection, proc { raise Exception }) do
           assert_raises(Exception) { ActiveRecord::Tasks::DatabaseTasks.create @configuration, "/rails/root" }
-          assert_match "Couldn't create database for #{@configuration.inspect}", $stderr.string
+          assert_match "Couldn't create '#{@configuration['database']}' database. Please check your configuration.", $stderr.string
         end
       end
     end
-- 
cgit v1.2.3