Skip to content

Commit 5185b3c

Browse files
wpolicarpowpolicarpo
authored
Merge pull request #762 from aidanharan/unsafe-raw-sql-fix-tests
Rails 6: Updated unsafe raw sql tests to match tests in Rails 6
2 parents dd698f1 + 7ee2122 commit 5185b3c

File tree

2 files changed

+42
-57
lines changed

2 files changed

+42
-57
lines changed

lib/active_record/connection_adapters/sqlserver/quoting.rb

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,42 @@ def quoted_date(value)
6868
end
6969
end
7070

71+
def column_name_matcher
72+
COLUMN_NAME
73+
end
74+
75+
def column_name_with_order_matcher
76+
COLUMN_NAME_WITH_ORDER
77+
end
78+
79+
COLUMN_NAME = /
80+
\A
81+
(
82+
(?:
83+
# [table_name].[column_name] | function(one or no argument)
84+
((?:\w+\.|\[\w+\]\.)?(?:\w+|\[\w+\])) | \w+\((?:|\g<2>)\)
85+
)
86+
(?:\s+AS\s+(?:\w+|\[\w+\]))?
87+
)
88+
(?:\s*,\s*\g<1>)*
89+
\z
90+
/ix
91+
92+
COLUMN_NAME_WITH_ORDER = /
93+
\A
94+
(
95+
(?:
96+
# [table_name].[column_name] | function(one or no argument)
97+
((?:\w+\.|\[\w+\]\.)?(?:\w+|\[\w+\])) | \w+\((?:|\g<2>)\)
98+
)
99+
(?:\s+ASC|\s+DESC)?
100+
(?:\s+NULLS\s+(?:FIRST|LAST))?
101+
)
102+
(?:\s*,\s*\g<1>)*
103+
\z
104+
/ix
105+
106+
private_constant :COLUMN_NAME, :COLUMN_NAME_WITH_ORDER
71107

72108
private
73109

test/cases/coerced_tests.rb

Lines changed: 6 additions & 57 deletions
Original file line numberDiff line numberDiff line change
@@ -1100,86 +1100,35 @@ def schema_dump_path
11001100
end
11011101

11021102
class UnsafeRawSqlTest < ActiveRecord::TestCase
1103-
coerce_tests! %r{always allows Arel}
1103+
# Coerce the originals as they use 'LENGTH' instead of SQL Servers 'LEN' function.
1104+
1105+
coerce_tests! %r{order: always allows Arel}
11041106
test 'order: always allows Arel' do
11051107
ids_depr = with_unsafe_raw_sql_deprecated { Post.order(Arel.sql("len(title)")).pluck(:title) }
11061108
ids_disabled = with_unsafe_raw_sql_disabled { Post.order(Arel.sql("len(title)")).pluck(:title) }
11071109

11081110
assert_equal ids_depr, ids_disabled
11091111
end
11101112

1113+
coerce_tests! %r{pluck: always allows Arel}
11111114
test "pluck: always allows Arel" do
11121115
values_depr = with_unsafe_raw_sql_deprecated { Post.includes(:comments).pluck(:title, Arel.sql("len(title)")) }
11131116
values_disabled = with_unsafe_raw_sql_disabled { Post.includes(:comments).pluck(:title, Arel.sql("len(title)")) }
11141117

11151118
assert_equal values_depr, values_disabled
11161119
end
11171120

1118-
1119-
coerce_tests! %r{order: disallows invalid Array arguments}
1120-
test "order: disallows invalid Array arguments" do
1121-
with_unsafe_raw_sql_disabled do
1122-
assert_raises(ActiveRecord::UnknownAttributeReference) do
1123-
Post.order(["author_id", "len(title)"]).pluck(:id)
1124-
end
1125-
end
1126-
end
1127-
11281121
coerce_tests! %r{order: allows valid Array arguments}
11291122
test "order: allows valid Array arguments" do
11301123
ids_expected = Post.order(Arel.sql("author_id, len(title)")).pluck(:id)
11311124

1132-
ids_depr = with_unsafe_raw_sql_deprecated { Post.order(["author_id", Arel.sql("len(title)")]).pluck(:id) }
1133-
ids_disabled = with_unsafe_raw_sql_disabled { Post.order(["author_id", Arel.sql("len(title)")]).pluck(:id) }
1125+
ids_depr = with_unsafe_raw_sql_deprecated { Post.order(["author_id", "len(title)"]).pluck(:id) }
1126+
ids_disabled = with_unsafe_raw_sql_disabled { Post.order(["author_id", "len(title)"]).pluck(:id) }
11341127

11351128
assert_equal ids_expected, ids_depr
11361129
assert_equal ids_expected, ids_disabled
11371130
end
11381131

1139-
coerce_tests! %r{order: logs deprecation warning for unrecognized column}
1140-
test "order: logs deprecation warning for unrecognized column" do
1141-
with_unsafe_raw_sql_deprecated do
1142-
assert_deprecated(/Dangerous query method/) do
1143-
Post.order("len(title)")
1144-
end
1145-
end
1146-
end
1147-
1148-
coerce_tests! %r{pluck: disallows invalid column name}
1149-
test "pluck: disallows invalid column name" do
1150-
with_unsafe_raw_sql_disabled do
1151-
assert_raises(ActiveRecord::UnknownAttributeReference) do
1152-
Post.pluck("len(title)")
1153-
end
1154-
end
1155-
end
1156-
1157-
coerce_tests! %r{pluck: disallows invalid column name amongst valid names}
1158-
test "pluck: disallows invalid column name amongst valid names" do
1159-
with_unsafe_raw_sql_disabled do
1160-
assert_raises(ActiveRecord::UnknownAttributeReference) do
1161-
Post.pluck(:title, "len(title)")
1162-
end
1163-
end
1164-
end
1165-
1166-
coerce_tests! %r{pluck: disallows invalid column names with includes}
1167-
test "pluck: disallows invalid column names with includes" do
1168-
with_unsafe_raw_sql_disabled do
1169-
assert_raises(ActiveRecord::UnknownAttributeReference) do
1170-
Post.includes(:comments).pluck(:title, "len(title)")
1171-
end
1172-
end
1173-
end
1174-
1175-
coerce_tests! %r{pluck: logs deprecation warning}
1176-
test "pluck: logs deprecation warning" do
1177-
with_unsafe_raw_sql_deprecated do
1178-
assert_deprecated(/Dangerous query method/) do
1179-
Post.includes(:comments).pluck(:title, "len(title)")
1180-
end
1181-
end
1182-
end
11831132
end
11841133

11851134

0 commit comments

Comments
 (0)