activerecord 2.3.16 → 2.3.17
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of activerecord might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Rakefile +1 -1
- data/lib/active_record/attribute_methods.rb +17 -2
- data/lib/active_record/base.rb +3 -3
- data/lib/active_record/version.rb +1 -1
- data/test/cases/base_test.rb +6 -0
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 218f0ee925039809c1caa780d1acb30a84f62a47
|
|
4
|
+
data.tar.gz: cc8227ac899f9ff2ec85077f8873a71ce1c67908
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ba910bc95b425f25927ac801fbed29df77b783f7f94967db6c1eddc49a69a14c74b27ab960efbbbcb31cdb639de8b3f3f30978532ab03aefeb10ad0a6f7016bf
|
|
7
|
+
data.tar.gz: 2a48ad562911d4e4cb37aed8b3a14dcaaae8790f8ea90d759e82a237645ddc687c1f686e620cc0f7d3207c94d2bc5f27228b946e55acee0f9e8070afbfdf845b
|
data/Rakefile
CHANGED
|
@@ -192,7 +192,7 @@ spec = Gem::Specification.new do |s|
|
|
|
192
192
|
s.files = s.files + Dir.glob( "#{dir}/**/*" ).delete_if { |item| item.include?( "\.svn" ) }
|
|
193
193
|
end
|
|
194
194
|
|
|
195
|
-
s.add_dependency('activesupport', '= 2.3.
|
|
195
|
+
s.add_dependency('activesupport', '= 2.3.17' + PKG_BUILD)
|
|
196
196
|
|
|
197
197
|
s.files.delete FIXTURES_ROOT + "/fixture_database.sqlite"
|
|
198
198
|
s.files.delete FIXTURES_ROOT + "/fixture_database_2.sqlite"
|
|
@@ -80,7 +80,9 @@ module ActiveRecord
|
|
|
80
80
|
end
|
|
81
81
|
|
|
82
82
|
unless instance_method_already_implemented?("#{name}=")
|
|
83
|
-
if
|
|
83
|
+
if self.serialized_attributes[name]
|
|
84
|
+
define_write_method_for_serialized_attribute(name)
|
|
85
|
+
elsif create_time_zone_conversion_attribute?(name, column)
|
|
84
86
|
define_write_method_for_time_zone_conversion(name)
|
|
85
87
|
else
|
|
86
88
|
define_write_method(name.to_sym)
|
|
@@ -130,7 +132,7 @@ module ActiveRecord
|
|
|
130
132
|
# Suffixes a, ?, c become regexp /(a|\?|c)$/
|
|
131
133
|
def rebuild_attribute_method_regexp
|
|
132
134
|
suffixes = attribute_method_suffixes.map { |s| Regexp.escape(s) }
|
|
133
|
-
@@attribute_method_regexp = /(#{suffixes.join('|')})
|
|
135
|
+
@@attribute_method_regexp = /(#{suffixes.join('|')})\z/.freeze
|
|
134
136
|
end
|
|
135
137
|
|
|
136
138
|
# Default to =, ?, _before_type_cast
|
|
@@ -184,6 +186,19 @@ module ActiveRecord
|
|
|
184
186
|
def define_write_method(attr_name)
|
|
185
187
|
evaluate_attribute_method attr_name, "def #{attr_name}=(new_value);write_attribute('#{attr_name}', new_value);end", "#{attr_name}="
|
|
186
188
|
end
|
|
189
|
+
|
|
190
|
+
# Defined for all serialized attributes. Disallows assigning already serialized YAML.
|
|
191
|
+
def define_write_method_for_serialized_attribute(attr_name)
|
|
192
|
+
method_body = <<-EOV
|
|
193
|
+
def #{attr_name}=(value)
|
|
194
|
+
if value.is_a?(String) and value =~ /^---/
|
|
195
|
+
raise ActiveRecordError, "You tried to assign already serialized content to #{attr_name}. This is disabled due to security issues."
|
|
196
|
+
end
|
|
197
|
+
write_attribute(:#{attr_name}, value)
|
|
198
|
+
end
|
|
199
|
+
EOV
|
|
200
|
+
evaluate_attribute_method attr_name, method_body, "#{attr_name}="
|
|
201
|
+
end
|
|
187
202
|
|
|
188
203
|
# Defined for all +datetime+ and +timestamp+ attributes when +time_zone_aware_attributes+ are enabled.
|
|
189
204
|
# This enhanced write method will automatically convert the time passed to it to the zone stored in Time.zone.
|
data/lib/active_record/base.rb
CHANGED
|
@@ -2998,11 +2998,11 @@ module ActiveRecord #:nodoc:
|
|
|
2998
2998
|
def remove_attributes_protected_from_mass_assignment(attributes)
|
|
2999
2999
|
safe_attributes =
|
|
3000
3000
|
if self.class.accessible_attributes.nil? && self.class.protected_attributes.nil?
|
|
3001
|
-
attributes.reject { |key, value| attributes_protected_by_default.include?(key.gsub(/\(
|
|
3001
|
+
attributes.reject { |key, value| attributes_protected_by_default.include?(key.gsub(/\(.+/m, "")) }
|
|
3002
3002
|
elsif self.class.protected_attributes.nil?
|
|
3003
|
-
attributes.reject { |key, value| !self.class.accessible_attributes.include?(key.gsub(/\(
|
|
3003
|
+
attributes.reject { |key, value| !self.class.accessible_attributes.include?(key.gsub(/\(.+/m, "")) || attributes_protected_by_default.include?(key.gsub(/\(.+/m, "")) }
|
|
3004
3004
|
elsif self.class.accessible_attributes.nil?
|
|
3005
|
-
attributes.reject { |key, value| self.class.protected_attributes.include?(key.gsub(/\(
|
|
3005
|
+
attributes.reject { |key, value| self.class.protected_attributes.include?(key.gsub(/\(.+/m,"")) || attributes_protected_by_default.include?(key.gsub(/\(.+/m, "")) }
|
|
3006
3006
|
else
|
|
3007
3007
|
raise "Declare either attr_protected or attr_accessible for #{self.class}, but not both."
|
|
3008
3008
|
end
|
data/test/cases/base_test.rb
CHANGED
|
@@ -1499,6 +1499,12 @@ class BasicsTest < ActiveRecord::TestCase
|
|
|
1499
1499
|
assert_nil topic.content
|
|
1500
1500
|
end
|
|
1501
1501
|
|
|
1502
|
+
def test_should_raise_exception_on_assigning_already_serialized_content
|
|
1503
|
+
topic = Topic.new
|
|
1504
|
+
serialized_content = %w[foo bar].to_yaml
|
|
1505
|
+
assert_raise(ActiveRecord::ActiveRecordError) { topic.content = serialized_content }
|
|
1506
|
+
end
|
|
1507
|
+
|
|
1502
1508
|
def test_should_raise_exception_on_serialized_attribute_with_type_mismatch
|
|
1503
1509
|
myobj = MyObject.new('value1', 'value2')
|
|
1504
1510
|
topic = Topic.new(:content => myobj)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: activerecord
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.3.
|
|
4
|
+
version: 2.3.17
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Heinemeier Hansson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-
|
|
11
|
+
date: 2013-02-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 2.3.
|
|
19
|
+
version: 2.3.17
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 2.3.
|
|
26
|
+
version: 2.3.17
|
|
27
27
|
description: Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties
|
|
28
28
|
database tables and classes together for business objects, like Customer or Subscription,
|
|
29
29
|
that can find, save, and destroy themselves without resorting to manual SQL.
|
|
@@ -408,7 +408,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
408
408
|
version: '0'
|
|
409
409
|
requirements: []
|
|
410
410
|
rubyforge_project: activerecord
|
|
411
|
-
rubygems_version: 2.0.0.
|
|
411
|
+
rubygems_version: 2.0.0.rc.2
|
|
412
412
|
signing_key:
|
|
413
413
|
specification_version: 4
|
|
414
414
|
summary: Implements the ActiveRecord pattern for ORM.
|