ActiveRecord::Encryption
concerns; :body
column from EncryptedRichText
appears twice in filter_parameters
and causes generic parameter names to be filtered;
#44330
Labels
Steps to reproduce
Sorry I'm not able to provide a reproduction step because most likely loading the full app is necessary in order to reproduce the issue:
rails new
rails c
witheager_load = true
ActiveRecord::Encryption.encrypted_attribute_declaration_listeners
contains two the same hooksAnd because we have two same hooks declared, we do append the
:body
parameter name twice:The
:body
param is coming from here:rails/actiontext/app/models/action_text/encrypted_rich_text.rb
Line 7 in 638a92f
Secondary concern
Another issue I wanted to discuss is that having such a generic parameter name included almost "by default" causes many unrelated parameters to be filtered. Should we consider using the "dot notation" in order to scope filtering per
encrypted_rich_text.body
?rails/activesupport/lib/active_support/parameter_filter.rb
Lines 8 to 9 in 167f5c8
For example:
Let me know if it would be better to open a separate issue to discuss the filtered params behaviour. Thanks!
Expected behavior
ActiveRecord::Encryption.encrypted_attribute_declaration_listeners
should have only one listener by default, or at least the one defined at:rails/activerecord/lib/active_record/encryption/configurable.rb
Lines 54 to 56 in 18707ab
Should present only once
Actual behavior
We do have the same hook declared twice:
System configuration
Rails version:
"7.0.1"
but most likely reproducible with the introduction of encrypted attributesRuby version:
3.0.3
The text was updated successfully, but these errors were encountered: