RubyGems - activerecord - Versions diffs - 5.2.8.1 → 6.1.6.1 - Mend

activerecord 5.2.8.1 → 6.1.6.1

Potentially problematic release.

This version of activerecord might be problematic. Click here for more details.

Files changed (316) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +1255 -596
data/MIT-LICENSE +3 -1
data/README.rdoc +7 -5
data/examples/performance.rb +1 -1
data/lib/active_record/aggregations.rb +9 -8
data/lib/active_record/association_relation.rb +30 -10
data/lib/active_record/associations/alias_tracker.rb +19 -16
data/lib/active_record/associations/association.rb +100 -41
data/lib/active_record/associations/association_scope.rb +23 -21
data/lib/active_record/associations/belongs_to_association.rb +55 -48
data/lib/active_record/associations/belongs_to_polymorphic_association.rb +7 -6
data/lib/active_record/associations/builder/association.rb +45 -22
data/lib/active_record/associations/builder/belongs_to.rb +29 -59
data/lib/active_record/associations/builder/collection_association.rb +8 -17
data/lib/active_record/associations/builder/has_and_belongs_to_many.rb +17 -41
data/lib/active_record/associations/builder/has_many.rb +8 -2
data/lib/active_record/associations/builder/has_one.rb +33 -2
data/lib/active_record/associations/builder/singular_association.rb +3 -1
data/lib/active_record/associations/collection_association.rb +44 -34
data/lib/active_record/associations/collection_proxy.rb +25 -21
data/lib/active_record/associations/foreign_association.rb +20 -0
data/lib/active_record/associations/has_many_association.rb +26 -13
data/lib/active_record/associations/has_many_through_association.rb +24 -18
data/lib/active_record/associations/has_one_association.rb +43 -31
data/lib/active_record/associations/has_one_through_association.rb +5 -5
data/lib/active_record/associations/join_dependency/join_association.rb +44 -22
data/lib/active_record/associations/join_dependency/join_part.rb +5 -5
data/lib/active_record/associations/join_dependency.rb +91 -60
data/lib/active_record/associations/preloader/association.rb +69 -43
data/lib/active_record/associations/preloader/through_association.rb +49 -40
data/lib/active_record/associations/preloader.rb +47 -34
data/lib/active_record/associations/singular_association.rb +3 -17
data/lib/active_record/associations/through_association.rb +1 -1
data/lib/active_record/associations.rb +137 -25
data/lib/active_record/attribute_assignment.rb +17 -19
data/lib/active_record/attribute_methods/before_type_cast.rb +13 -7
data/lib/active_record/attribute_methods/dirty.rb +101 -40
data/lib/active_record/attribute_methods/primary_key.rb +20 -25
data/lib/active_record/attribute_methods/query.rb +4 -8
data/lib/active_record/attribute_methods/read.rb +14 -56
data/lib/active_record/attribute_methods/serialization.rb +12 -7
data/lib/active_record/attribute_methods/time_zone_conversion.rb +12 -15
data/lib/active_record/attribute_methods/write.rb +18 -34
data/lib/active_record/attribute_methods.rb +81 -143
data/lib/active_record/attributes.rb +46 -9
data/lib/active_record/autosave_association.rb +57 -42
data/lib/active_record/base.rb +4 -17
data/lib/active_record/callbacks.rb +158 -43
data/lib/active_record/coders/yaml_column.rb +1 -2
data/lib/active_record/connection_adapters/abstract/connection_pool.rb +272 -130
data/lib/active_record/connection_adapters/abstract/database_limits.rb +7 -36
data/lib/active_record/connection_adapters/abstract/database_statements.rb +167 -146
data/lib/active_record/connection_adapters/abstract/query_cache.rb +18 -14
data/lib/active_record/connection_adapters/abstract/quoting.rb +98 -47
data/lib/active_record/connection_adapters/abstract/savepoints.rb +3 -3
data/lib/active_record/connection_adapters/abstract/schema_creation.rb +153 -110
data/lib/active_record/connection_adapters/abstract/schema_definitions.rb +211 -90
data/lib/active_record/connection_adapters/abstract/schema_dumper.rb +2 -4
data/lib/active_record/connection_adapters/abstract/schema_statements.rb +385 -144
data/lib/active_record/connection_adapters/abstract/transaction.rb +167 -69
data/lib/active_record/connection_adapters/abstract_adapter.rb +229 -99
data/lib/active_record/connection_adapters/abstract_mysql_adapter.rb +243 -275
data/lib/active_record/connection_adapters/column.rb +30 -12
data/lib/active_record/connection_adapters/deduplicable.rb +29 -0
data/lib/active_record/connection_adapters/legacy_pool_manager.rb +35 -0
data/lib/active_record/connection_adapters/mysql/column.rb +1 -1
data/lib/active_record/connection_adapters/mysql/database_statements.rb +88 -32
data/lib/active_record/connection_adapters/mysql/explain_pretty_printer.rb +1 -2
data/lib/active_record/connection_adapters/mysql/quoting.rb +59 -7
data/lib/active_record/connection_adapters/mysql/schema_creation.rb +34 -10
data/lib/active_record/connection_adapters/mysql/schema_definitions.rb +48 -32
data/lib/active_record/connection_adapters/mysql/schema_dumper.rb +18 -7
data/lib/active_record/connection_adapters/mysql/schema_statements.rb +142 -19
data/lib/active_record/connection_adapters/mysql/type_metadata.rb +14 -9
data/lib/active_record/connection_adapters/mysql2_adapter.rb +53 -18
data/lib/active_record/connection_adapters/pool_config.rb +73 -0
data/lib/active_record/connection_adapters/pool_manager.rb +47 -0
data/lib/active_record/connection_adapters/postgresql/column.rb +37 -28
data/lib/active_record/connection_adapters/postgresql/database_statements.rb +40 -54
data/lib/active_record/connection_adapters/postgresql/oid/array.rb +1 -2
data/lib/active_record/connection_adapters/postgresql/oid/bit.rb +1 -4
data/lib/active_record/connection_adapters/postgresql/oid/cidr.rb +3 -5
data/lib/active_record/connection_adapters/postgresql/oid/date.rb +2 -2
data/lib/active_record/connection_adapters/postgresql/oid/date_time.rb +10 -2
data/lib/active_record/connection_adapters/postgresql/oid/enum.rb +0 -1
data/lib/active_record/connection_adapters/postgresql/oid/hstore.rb +1 -2
data/lib/active_record/connection_adapters/postgresql/oid/interval.rb +49 -0
data/lib/active_record/connection_adapters/postgresql/oid/legacy_point.rb +3 -4
data/lib/active_record/connection_adapters/postgresql/oid/macaddr.rb +25 -0
data/lib/active_record/connection_adapters/postgresql/oid/oid.rb +1 -1
data/lib/active_record/connection_adapters/postgresql/oid/point.rb +3 -4
data/lib/active_record/connection_adapters/postgresql/oid/range.rb +25 -7
data/lib/active_record/connection_adapters/postgresql/oid/specialized_string.rb +1 -1
data/lib/active_record/connection_adapters/postgresql/oid/type_map_initializer.rb +9 -7
data/lib/active_record/connection_adapters/postgresql/oid/uuid.rb +15 -3
data/lib/active_record/connection_adapters/postgresql/oid.rb +2 -0
data/lib/active_record/connection_adapters/postgresql/quoting.rb +47 -10
data/lib/active_record/connection_adapters/postgresql/referential_integrity.rb +2 -2
data/lib/active_record/connection_adapters/postgresql/schema_creation.rb +19 -4
data/lib/active_record/connection_adapters/postgresql/schema_definitions.rb +107 -91
data/lib/active_record/connection_adapters/postgresql/schema_dumper.rb +0 -1
data/lib/active_record/connection_adapters/postgresql/schema_statements.rb +120 -100
data/lib/active_record/connection_adapters/postgresql/type_metadata.rb +31 -26
data/lib/active_record/connection_adapters/postgresql/utils.rb +0 -1
data/lib/active_record/connection_adapters/postgresql_adapter.rb +224 -120
data/lib/active_record/connection_adapters/schema_cache.rb +159 -21
data/lib/active_record/connection_adapters/sql_type_metadata.rb +17 -6
data/lib/active_record/connection_adapters/sqlite3/database_statements.rb +146 -0
data/lib/active_record/connection_adapters/sqlite3/quoting.rb +42 -7
data/lib/active_record/connection_adapters/sqlite3/schema_creation.rb +5 -1
data/lib/active_record/connection_adapters/sqlite3/schema_statements.rb +77 -13
data/lib/active_record/connection_adapters/sqlite3_adapter.rb +174 -186
data/lib/active_record/connection_adapters/statement_pool.rb +0 -1
data/lib/active_record/connection_adapters.rb +52 -0
data/lib/active_record/connection_handling.rb +293 -33
data/lib/active_record/core.rb +333 -98
data/lib/active_record/counter_cache.rb +8 -30
data/lib/active_record/database_configurations/connection_url_resolver.rb +99 -0
data/lib/active_record/database_configurations/database_config.rb +80 -0
data/lib/active_record/database_configurations/hash_config.rb +96 -0
data/lib/active_record/database_configurations/url_config.rb +53 -0
data/lib/active_record/database_configurations.rb +273 -0
data/lib/active_record/delegated_type.rb +209 -0
data/lib/active_record/destroy_association_async_job.rb +36 -0
data/lib/active_record/dynamic_matchers.rb +3 -4
data/lib/active_record/enum.rb +108 -36
data/lib/active_record/errors.rb +62 -19
data/lib/active_record/explain.rb +10 -6
data/lib/active_record/explain_subscriber.rb +1 -1
data/lib/active_record/fixture_set/file.rb +10 -17
data/lib/active_record/fixture_set/model_metadata.rb +32 -0
data/lib/active_record/fixture_set/render_context.rb +17 -0
data/lib/active_record/fixture_set/table_row.rb +152 -0
data/lib/active_record/fixture_set/table_rows.rb +46 -0
data/lib/active_record/fixtures.rb +200 -481
data/lib/active_record/gem_version.rb +3 -3
data/lib/active_record/inheritance.rb +53 -24
data/lib/active_record/insert_all.rb +212 -0
data/lib/active_record/integration.rb +67 -17
data/lib/active_record/internal_metadata.rb +28 -9
data/lib/active_record/legacy_yaml_adapter.rb +7 -3
data/lib/active_record/locking/optimistic.rb +37 -23
data/lib/active_record/locking/pessimistic.rb +9 -5
data/lib/active_record/log_subscriber.rb +35 -35
data/lib/active_record/middleware/database_selector/resolver/session.rb +48 -0
data/lib/active_record/middleware/database_selector/resolver.rb +92 -0
data/lib/active_record/middleware/database_selector.rb +77 -0
data/lib/active_record/migration/command_recorder.rb +96 -44
data/lib/active_record/migration/compatibility.rb +145 -64
data/lib/active_record/migration/join_table.rb +0 -1
data/lib/active_record/migration.rb +206 -157
data/lib/active_record/model_schema.rb +148 -22
data/lib/active_record/nested_attributes.rb +4 -7
data/lib/active_record/no_touching.rb +8 -1
data/lib/active_record/null_relation.rb +0 -1
data/lib/active_record/persistence.rb +267 -59
data/lib/active_record/query_cache.rb +21 -4
data/lib/active_record/querying.rb +40 -23
data/lib/active_record/railtie.rb +116 -59
data/lib/active_record/railties/console_sandbox.rb +2 -4
data/lib/active_record/railties/controller_runtime.rb +30 -35
data/lib/active_record/railties/databases.rake +411 -80
data/lib/active_record/readonly_attributes.rb +4 -0
data/lib/active_record/reflection.rb +109 -93
data/lib/active_record/relation/batches/batch_enumerator.rb +25 -9
data/lib/active_record/relation/batches.rb +44 -35
data/lib/active_record/relation/calculations.rb +157 -90
data/lib/active_record/relation/delegation.rb +35 -50
data/lib/active_record/relation/finder_methods.rb +64 -39
data/lib/active_record/relation/from_clause.rb +5 -1
data/lib/active_record/relation/merger.rb +32 -40
data/lib/active_record/relation/predicate_builder/array_handler.rb +13 -13
data/lib/active_record/relation/predicate_builder/association_query_value.rb +5 -9
data/lib/active_record/relation/predicate_builder/basic_object_handler.rb +1 -2
data/lib/active_record/relation/predicate_builder/polymorphic_array_value.rb +11 -10
data/lib/active_record/relation/predicate_builder/range_handler.rb +3 -23
data/lib/active_record/relation/predicate_builder/relation_handler.rb +1 -1
data/lib/active_record/relation/predicate_builder.rb +62 -45
data/lib/active_record/relation/query_attribute.rb +13 -8
data/lib/active_record/relation/query_methods.rb +476 -187
data/lib/active_record/relation/record_fetch_warning.rb +3 -3
data/lib/active_record/relation/spawn_methods.rb +9 -9
data/lib/active_record/relation/where_clause.rb +115 -62
data/lib/active_record/relation.rb +379 -115
data/lib/active_record/result.rb +64 -38
data/lib/active_record/runtime_registry.rb +2 -2
data/lib/active_record/sanitization.rb +22 -41
data/lib/active_record/schema.rb +2 -11
data/lib/active_record/schema_dumper.rb +54 -9
data/lib/active_record/schema_migration.rb +7 -9
data/lib/active_record/scoping/default.rb +4 -8
data/lib/active_record/scoping/named.rb +17 -24
data/lib/active_record/scoping.rb +8 -9
data/lib/active_record/secure_token.rb +16 -8
data/lib/active_record/serialization.rb +5 -3
data/lib/active_record/signed_id.rb +116 -0
data/lib/active_record/statement_cache.rb +49 -6
data/lib/active_record/store.rb +88 -9
data/lib/active_record/suppressor.rb +2 -2
data/lib/active_record/table_metadata.rb +42 -43
data/lib/active_record/tasks/database_tasks.rb +277 -81
data/lib/active_record/tasks/mysql_database_tasks.rb +37 -39
data/lib/active_record/tasks/postgresql_database_tasks.rb +27 -32
data/lib/active_record/tasks/sqlite_database_tasks.rb +14 -17
data/lib/active_record/test_databases.rb +24 -0
data/lib/active_record/test_fixtures.rb +287 -0
data/lib/active_record/timestamp.rb +43 -32
data/lib/active_record/touch_later.rb +23 -22
data/lib/active_record/transactions.rb +62 -118
data/lib/active_record/translation.rb +1 -1
data/lib/active_record/type/adapter_specific_registry.rb +3 -13
data/lib/active_record/type/hash_lookup_type_map.rb +0 -1
data/lib/active_record/type/serialized.rb +6 -3
data/lib/active_record/type/time.rb +10 -0
data/lib/active_record/type/type_map.rb +0 -1
data/lib/active_record/type/unsigned_integer.rb +0 -1
data/lib/active_record/type.rb +10 -5
data/lib/active_record/type_caster/connection.rb +15 -15
data/lib/active_record/type_caster/map.rb +8 -8
data/lib/active_record/validations/associated.rb +1 -2
data/lib/active_record/validations/numericality.rb +35 -0
data/lib/active_record/validations/uniqueness.rb +38 -30
data/lib/active_record/validations.rb +4 -3
data/lib/active_record.rb +13 -12
data/lib/arel/alias_predication.rb +9 -0
data/lib/arel/attributes/attribute.rb +41 -0
data/lib/arel/collectors/bind.rb +29 -0
data/lib/arel/collectors/composite.rb +39 -0
data/lib/arel/collectors/plain_string.rb +20 -0
data/lib/arel/collectors/sql_string.rb +27 -0
data/lib/arel/collectors/substitute_binds.rb +35 -0
data/lib/arel/crud.rb +42 -0
data/lib/arel/delete_manager.rb +18 -0
data/lib/arel/errors.rb +9 -0
data/lib/arel/expressions.rb +29 -0
data/lib/arel/factory_methods.rb +49 -0
data/lib/arel/insert_manager.rb +49 -0
data/lib/arel/math.rb +45 -0
data/lib/arel/nodes/and.rb +32 -0
data/lib/arel/nodes/ascending.rb +23 -0
data/lib/arel/nodes/binary.rb +126 -0
data/lib/arel/nodes/bind_param.rb +44 -0
data/lib/arel/nodes/case.rb +55 -0
data/lib/arel/nodes/casted.rb +62 -0
data/lib/arel/nodes/comment.rb +29 -0
data/lib/arel/nodes/count.rb +12 -0
data/lib/arel/nodes/delete_statement.rb +45 -0
data/lib/arel/nodes/descending.rb +23 -0
data/lib/arel/nodes/equality.rb +15 -0
data/lib/arel/nodes/extract.rb +24 -0
data/lib/arel/nodes/false.rb +16 -0
data/lib/arel/nodes/full_outer_join.rb +8 -0
data/lib/arel/nodes/function.rb +44 -0
data/lib/arel/nodes/grouping.rb +11 -0
data/lib/arel/nodes/homogeneous_in.rb +76 -0
data/lib/arel/nodes/in.rb +15 -0
data/lib/arel/nodes/infix_operation.rb +92 -0
data/lib/arel/nodes/inner_join.rb +8 -0
data/lib/arel/nodes/insert_statement.rb +37 -0
data/lib/arel/nodes/join_source.rb +20 -0
data/lib/arel/nodes/matches.rb +18 -0
data/lib/arel/nodes/named_function.rb +23 -0
data/lib/arel/nodes/node.rb +51 -0
data/lib/arel/nodes/node_expression.rb +13 -0
data/lib/arel/nodes/ordering.rb +27 -0
data/lib/arel/nodes/outer_join.rb +8 -0
data/lib/arel/nodes/over.rb +15 -0
data/lib/arel/nodes/regexp.rb +16 -0
data/lib/arel/nodes/right_outer_join.rb +8 -0
data/lib/arel/nodes/select_core.rb +67 -0
data/lib/arel/nodes/select_statement.rb +41 -0
data/lib/arel/nodes/sql_literal.rb +19 -0
data/lib/arel/nodes/string_join.rb +11 -0
data/lib/arel/nodes/table_alias.rb +31 -0
data/lib/arel/nodes/terminal.rb +16 -0
data/lib/arel/nodes/true.rb +16 -0
data/lib/arel/nodes/unary.rb +44 -0
data/lib/arel/nodes/unary_operation.rb +20 -0
data/lib/arel/nodes/unqualified_column.rb +22 -0
data/lib/arel/nodes/update_statement.rb +41 -0
data/lib/arel/nodes/values_list.rb +9 -0
data/lib/arel/nodes/window.rb +126 -0
data/lib/arel/nodes/with.rb +11 -0
data/lib/arel/nodes.rb +70 -0
data/lib/arel/order_predications.rb +13 -0
data/lib/arel/predications.rb +250 -0
data/lib/arel/select_manager.rb +270 -0
data/lib/arel/table.rb +118 -0
data/lib/arel/tree_manager.rb +72 -0
data/lib/arel/update_manager.rb +34 -0
data/lib/arel/visitors/dot.rb +308 -0
data/lib/arel/visitors/mysql.rb +93 -0
data/lib/arel/visitors/postgresql.rb +120 -0
data/lib/arel/visitors/sqlite.rb +38 -0
data/lib/arel/visitors/to_sql.rb +899 -0
data/lib/arel/visitors/visitor.rb +45 -0
data/lib/arel/visitors.rb +13 -0
data/lib/arel/window_predications.rb +9 -0
data/lib/arel.rb +54 -0
data/lib/rails/generators/active_record/application_record/application_record_generator.rb +0 -1
data/lib/rails/generators/active_record/migration/migration_generator.rb +3 -5
data/lib/rails/generators/active_record/migration/templates/create_table_migration.rb.tt +3 -1
data/lib/rails/generators/active_record/migration/templates/migration.rb.tt +7 -5
data/lib/rails/generators/active_record/migration.rb +19 -2
data/lib/rails/generators/active_record/model/model_generator.rb +39 -2
data/lib/rails/generators/active_record/model/templates/abstract_base_class.rb.tt +7 -0
data/lib/rails/generators/active_record/model/templates/model.rb.tt +10 -1
metadata +116 -30
data/lib/active_record/attribute_decorators.rb +0 -90
data/lib/active_record/collection_cache_key.rb +0 -53
data/lib/active_record/connection_adapters/connection_specification.rb +0 -287
data/lib/active_record/connection_adapters/determine_if_preparable_visitor.rb +0 -33
data/lib/active_record/define_callbacks.rb +0 -22
data/lib/active_record/relation/predicate_builder/base_handler.rb +0 -19
data/lib/active_record/relation/where_clause_factory.rb +0 -34

data/lib/active_record/secure_token.rb CHANGED Viewed

@@ -2,6 +2,10 @@
 module ActiveRecord
   module SecureToken
+    class MinimumLengthError < StandardError; end
+    MINIMUM_TOKEN_LENGTH = 24
     extend ActiveSupport::Concern
     module ClassMethods
@@ -10,30 +14,34 @@ module ActiveRecord
       #   # Schema: User(token:string, auth_token:string)
       #   class User < ActiveRecord::Base
       #     has_secure_token
-      #     has_secure_token :auth_token
+      #     has_secure_token :auth_token, length: 36
       #   end
       #
       #   user = User.new
       #   user.save
       #   user.token # => "pX27zsMN2ViQKta1bGfLmVJE"
-      #   user.auth_token # => "77TMHrHJFvFDwodq8w7Ev2m7"
+      #   user.auth_token # => "tU9bLuZseefXQ4yQxQo8wjtBvsAfPc78os6R"
       #   user.regenerate_token # => true
       #   user.regenerate_auth_token # => true
       #
-      # <tt>SecureRandom::base58</tt> is used to generate the 24-character unique token, so collisions are highly unlikely.
+      # <tt>SecureRandom::base58</tt> is used to generate at minimum a 24-character unique token, so collisions are highly unlikely.
       #
       # Note that it's still possible to generate a race condition in the database in the same way that
       # {validates_uniqueness_of}[rdoc-ref:Validations::ClassMethods#validates_uniqueness_of] can.
       # You're encouraged to add a unique index in the database to deal with this even more unlikely scenario.
-      def has_secure_token(attribute = :token)
+      def has_secure_token(attribute = :token, length: MINIMUM_TOKEN_LENGTH)
+        if length < MINIMUM_TOKEN_LENGTH
+          raise MinimumLengthError, "Token requires a minimum length of #{MINIMUM_TOKEN_LENGTH} characters."
+        end
         # Load securerandom only when has_secure_token is used.
         require "active_support/core_ext/securerandom"
-        define_method("regenerate_#{attribute}") { update! attribute => self.class.generate_unique_secure_token }
-        before_create { send("#{attribute}=", self.class.generate_unique_secure_token) unless send("#{attribute}?") }
+        define_method("regenerate_#{attribute}") { update! attribute => self.class.generate_unique_secure_token(length: length) }
+        before_create { send("#{attribute}=", self.class.generate_unique_secure_token(length: length)) unless send("#{attribute}?") }
       end
-      def generate_unique_secure_token
-        SecureRandom.base58(24)
+      def generate_unique_secure_token(length: MINIMUM_TOKEN_LENGTH)
+        SecureRandom.base58(length)
       end
     end
   end

data/lib/active_record/serialization.rb CHANGED Viewed

@@ -11,10 +11,12 @@ module ActiveRecord #:nodoc:
     end
     def serializable_hash(options = nil)
-      options = options.try(:dup) || {}
+      if self.class._has_attribute?(self.class.inheritance_column)
+        options = options ? options.dup : {}
-      options[:except] = Array(options[:except]).map(&:to_s)
-      options[:except] |= Array(self.class.inheritance_column)
+        options[:except] = Array(options[:except]).map(&:to_s)
+        options[:except] |= Array(self.class.inheritance_column)
+      end
       super(options)
     end

data/lib/active_record/signed_id.rb ADDED Viewed

@@ -0,0 +1,116 @@
+# frozen_string_literal: true
+module ActiveRecord
+  # = Active Record Signed Id
+  module SignedId
+    extend ActiveSupport::Concern
+    included do
+      ##
+      # :singleton-method:
+      # Set the secret used for the signed id verifier instance when using Active Record outside of Rails.
+      # Within Rails, this is automatically set using the Rails application key generator.
+      mattr_accessor :signed_id_verifier_secret, instance_writer: false
+    end
+    module ClassMethods
+      # Lets you find a record based on a signed id that's safe to put into the world without risk of tampering.
+      # This is particularly useful for things like password reset or email verification, where you want
+      # the bearer of the signed id to be able to interact with the underlying record, but usually only within
+      # a certain time period.
+      #
+      # You set the time period that the signed id is valid for during generation, using the instance method
+      # <tt>signed_id(expires_in: 15.minutes)</tt>. If the time has elapsed before a signed find is attempted,
+      # the signed id will no longer be valid, and nil is returned.
+      #
+      # It's possible to further restrict the use of a signed id with a purpose. This helps when you have a
+      # general base model, like a User, which might have signed ids for several things, like password reset
+      # or email verification. The purpose that was set during generation must match the purpose set when
+      # finding. If there's a mismatch, nil is again returned.
+      #
+      # ==== Examples
+      #
+      #   signed_id = User.first.signed_id expires_in: 15.minutes, purpose: :password_reset
+      #
+      #   User.find_signed signed_id # => nil, since the purpose does not match
+      #
+      #   travel 16.minutes
+      #   User.find_signed signed_id, purpose: :password_reset # => nil, since the signed id has expired
+      #
+      #   travel_back
+      #   User.find_signed signed_id, purpose: :password_reset # => User.first
+      def find_signed(signed_id, purpose: nil)
+        raise UnknownPrimaryKey.new(self) if primary_key.nil?
+        if id = signed_id_verifier.verified(signed_id, purpose: combine_signed_id_purposes(purpose))
+          find_by primary_key => id
+        end
+      end
+      # Works like +find_signed+, but will raise an +ActiveSupport::MessageVerifier::InvalidSignature+
+      # exception if the +signed_id+ has either expired, has a purpose mismatch, is for another record,
+      # or has been tampered with. It will also raise an +ActiveRecord::RecordNotFound+ exception if
+      # the valid signed id can't find a record.
+      #
+      # === Examples
+      #
+      #   User.find_signed! "bad data" # => ActiveSupport::MessageVerifier::InvalidSignature
+      #
+      #   signed_id = User.first.signed_id
+      #   User.first.destroy
+      #   User.find_signed! signed_id # => ActiveRecord::RecordNotFound
+      def find_signed!(signed_id, purpose: nil)
+        if id = signed_id_verifier.verify(signed_id, purpose: combine_signed_id_purposes(purpose))
+          find(id)
+        end
+      end
+      # The verifier instance that all signed ids are generated and verified from. By default, it'll be initialized
+      # with the class-level +signed_id_verifier_secret+, which within Rails comes from the
+      # Rails.application.key_generator. By default, it's SHA256 for the digest and JSON for the serialization.
+      def signed_id_verifier
+        @signed_id_verifier ||= begin
+          secret = signed_id_verifier_secret
+          secret = secret.call if secret.respond_to?(:call)
+          if secret.nil?
+            raise ArgumentError, "You must set ActiveRecord::Base.signed_id_verifier_secret to use signed ids"
+          else
+            ActiveSupport::MessageVerifier.new secret, digest: "SHA256", serializer: JSON
+          end
+        end
+      end
+      # Allows you to pass in a custom verifier used for the signed ids. This also allows you to use different
+      # verifiers for different classes. This is also helpful if you need to rotate keys, as you can prepare
+      # your custom verifier for that in advance. See +ActiveSupport::MessageVerifier+ for details.
+      def signed_id_verifier=(verifier)
+        @signed_id_verifier = verifier
+      end
+      # :nodoc:
+      def combine_signed_id_purposes(purpose)
+        [ base_class.name.underscore, purpose.to_s ].compact_blank.join("/")
+      end
+    end
+    # Returns a signed id that's generated using a preconfigured +ActiveSupport::MessageVerifier+ instance.
+    # This signed id is tamper proof, so it's safe to send in an email or otherwise share with the outside world.
+    # It can further more be set to expire (the default is not to expire), and scoped down with a specific purpose.
+    # If the expiration date has been exceeded before +find_signed+ is called, the id won't find the designated
+    # record. If a purpose is set, this too must match.
+    #
+    # If you accidentally let a signed id out in the wild that you wish to retract sooner than its expiration date
+    # (or maybe you forgot to set an expiration date while meaning to!), you can use the purpose to essentially
+    # version the signed_id, like so:
+    #
+    #   user.signed_id purpose: :v2
+    #
+    # And you then change your +find_signed+ calls to require this new purpose. Any old signed ids that were not
+    # created with the purpose will no longer find the record.
+    def signed_id(expires_in: nil, purpose: nil)
+      self.class.signed_id_verifier.generate id, expires_in: expires_in, purpose: self.class.combine_signed_id_purposes(purpose)
+    end
+  end
+end

data/lib/active_record/statement_cache.rb CHANGED Viewed

@@ -44,18 +44,56 @@ module ActiveRecord
       def initialize(values)
         @values = values
         @indexes = values.each_with_index.find_all { |thing, i|
-          Arel::Nodes::BindParam === thing
+          Substitute === thing
         }.map(&:last)
       end
       def sql_for(binds, connection)
         val = @values.dup
-        casted_binds = binds.map(&:value_for_database)
-        @indexes.each { |i| val[i] = connection.quote(casted_binds.shift) }
+        @indexes.each do |i|
+          value = binds.shift
+          if ActiveModel::Attribute === value
+            value = value.value_for_database
+          end
+          val[i] = connection.quote(value)
+        end
         val.join
       end
     end
+    class PartialQueryCollector
+      attr_accessor :preparable
+      def initialize
+        @parts = []
+        @binds = []
+      end
+      def <<(str)
+        @parts << str
+        self
+      end
+      def add_bind(obj)
+        @binds << obj
+        @parts << Substitute.new
+        self
+      end
+      def add_binds(binds, proc_for_binds = nil)
+        @binds.concat proc_for_binds ? binds.map(&proc_for_binds) : binds
+        binds.size.times do |i|
+          @parts << ", " unless i == 0
+          @parts << Substitute.new
+        end
+        self
+      end
+      def value
+        [@parts, @binds]
+      end
+    end
     def self.query(sql)
       Query.new(sql)
     end
@@ -64,6 +102,10 @@ module ActiveRecord
       PartialQuery.new(values)
     end
+    def self.partial_query_collector
+      PartialQueryCollector.new
+    end
     class Params # :nodoc:
       def bind; Substitute.new; end
     end
@@ -74,7 +116,7 @@ module ActiveRecord
         @bound_attributes = bound_attributes
         bound_attributes.each_with_index do |attr, i|
-          if Substitute === attr.value
+          if ActiveModel::Attribute === attr && Substitute === attr.value
             @indexes << i
           end
         end
@@ -106,6 +148,8 @@ module ActiveRecord
       sql = query_builder.sql_for bind_values, connection
       klass.find_by_sql(sql, bind_values, preparable: true, &block)
+    rescue ::RangeError
+      []
     end
     def self.unsupported_value?(value)
@@ -114,8 +158,7 @@ module ActiveRecord
       end
     end
-    protected
+    private
       attr_reader :query_builder, :bind_map, :klass
   end
 end

data/lib/active_record/store.rb CHANGED Viewed

@@ -11,14 +11,20 @@ module ActiveRecord
   # of the model. This is very helpful for easily exposing store keys to a form or elsewhere that's
   # already built around just accessing attributes on the model.
   #
+  # Every accessor comes with dirty tracking methods (+key_changed?+, +key_was+ and +key_change+) and
+  # methods to access the changes made during the last save (+saved_change_to_key?+, +saved_change_to_key+ and
+  # +key_before_last_save+).
+  #
+  # NOTE: There is no +key_will_change!+ method for accessors, use +store_will_change!+ instead.
+  #
   # Make sure that you declare the database column used for the serialized store as a text, so there's
   # plenty of room.
   #
   # You can set custom coder to encode/decode your serialized attributes to/from different formats.
   # JSON, YAML, Marshal are supported out of the box. Generally it can be any wrapper that provides +load+ and +dump+.
   #
-  # NOTE: If you are using PostgreSQL specific columns like +hstore+ or +json+ there is no need for
-  # the serialization provided by {.store}[rdoc-ref:rdoc-ref:ClassMethods#store].
+  # NOTE: If you are using structured database data types (e.g. PostgreSQL +hstore+/+json+, or MySQL 5.7+
+  # +json+) there is no need for the serialization provided by {.store}[rdoc-ref:rdoc-ref:ClassMethods#store].
   # Simply use {.store_accessor}[rdoc-ref:ClassMethods#store_accessor] instead to generate
   # the accessor methods. Be aware that these columns use a string keyed hash and do not allow access
   # using a symbol.
@@ -31,24 +37,40 @@ module ActiveRecord
   #
   #   class User < ActiveRecord::Base
   #     store :settings, accessors: [ :color, :homepage ], coder: JSON
+  #     store :parent, accessors: [ :name ], coder: JSON, prefix: true
+  #     store :spouse, accessors: [ :name ], coder: JSON, prefix: :partner
+  #     store :settings, accessors: [ :two_factor_auth ], suffix: true
+  #     store :settings, accessors: [ :login_retry ], suffix: :config
   #   end
   #
-  #   u = User.new(color: 'black', homepage: '37signals.com')
+  #   u = User.new(color: 'black', homepage: '37signals.com', parent_name: 'Mary', partner_name: 'Lily')
   #   u.color                          # Accessor stored attribute
+  #   u.parent_name                    # Accessor stored attribute with prefix
+  #   u.partner_name                   # Accessor stored attribute with custom prefix
+  #   u.two_factor_auth_settings       # Accessor stored attribute with suffix
+  #   u.login_retry_config             # Accessor stored attribute with custom suffix
   #   u.settings[:country] = 'Denmark' # Any attribute, even if not specified with an accessor
   #
   #   # There is no difference between strings and symbols for accessing custom attributes
   #   u.settings[:country]  # => 'Denmark'
   #   u.settings['country'] # => 'Denmark'
   #
+  #   # Dirty tracking
+  #   u.color = 'green'
+  #   u.color_changed? # => true
+  #   u.color_was # => 'black'
+  #   u.color_change # => ['black', 'red']
+  #
   #   # Add additional accessors to an existing store through store_accessor
   #   class SuperUser < User
   #     store_accessor :settings, :privileges, :servants
+  #     store_accessor :parent, :birthday, prefix: true
+  #     store_accessor :settings, :secret_question, suffix: :config
   #   end
   #
   # The stored attribute names can be retrieved using {.stored_attributes}[rdoc-ref:rdoc-ref:ClassMethods#stored_attributes].
   #
-  #   User.stored_attributes[:settings] # [:color, :homepage]
+  #   User.stored_attributes[:settings] # [:color, :homepage, :two_factor_auth, :login_retry]
   #
   # == Overwriting default accessors
   #
@@ -81,21 +103,78 @@ module ActiveRecord
     module ClassMethods
       def store(store_attribute, options = {})
         serialize store_attribute, IndifferentCoder.new(store_attribute, options[:coder])
-        store_accessor(store_attribute, options[:accessors]) if options.has_key? :accessors
+        store_accessor(store_attribute, options[:accessors], **options.slice(:prefix, :suffix)) if options.has_key? :accessors
       end
-      def store_accessor(store_attribute, *keys)
+      def store_accessor(store_attribute, *keys, prefix: nil, suffix: nil)
         keys = keys.flatten
+        accessor_prefix =
+          case prefix
+          when String, Symbol
+            "#{prefix}_"
+          when TrueClass
+            "#{store_attribute}_"
+          else
+            ""
+          end
+        accessor_suffix =
+          case suffix
+          when String, Symbol
+            "_#{suffix}"
+          when TrueClass
+            "_#{store_attribute}"
+          else
+            ""
+          end
         _store_accessors_module.module_eval do
           keys.each do |key|
-            define_method("#{key}=") do |value|
+            accessor_key = "#{accessor_prefix}#{key}#{accessor_suffix}"
+            define_method("#{accessor_key}=") do |value|
               write_store_attribute(store_attribute, key, value)
             end
-            define_method(key) do
+            define_method(accessor_key) do
               read_store_attribute(store_attribute, key)
             end
+            define_method("#{accessor_key}_changed?") do
+              return false unless attribute_changed?(store_attribute)
+              prev_store, new_store = changes[store_attribute]
+              prev_store&.dig(key) != new_store&.dig(key)
+            end
+            define_method("#{accessor_key}_change") do
+              return unless attribute_changed?(store_attribute)
+              prev_store, new_store = changes[store_attribute]
+              [prev_store&.dig(key), new_store&.dig(key)]
+            end
+            define_method("#{accessor_key}_was") do
+              return unless attribute_changed?(store_attribute)
+              prev_store, _new_store = changes[store_attribute]
+              prev_store&.dig(key)
+            end
+            define_method("saved_change_to_#{accessor_key}?") do
+              return false unless saved_change_to_attribute?(store_attribute)
+              prev_store, new_store = saved_change_to_attribute(store_attribute)
+              prev_store&.dig(key) != new_store&.dig(key)
+            end
+            define_method("saved_change_to_#{accessor_key}") do
+              return unless saved_change_to_attribute?(store_attribute)
+              prev_store, new_store = saved_change_to_attribute(store_attribute)
+              [prev_store&.dig(key), new_store&.dig(key)]
+            end
+            define_method("#{accessor_key}_before_last_save") do
+              return unless saved_change_to_attribute?(store_attribute)
+              prev_store, _new_store = saved_change_to_attribute(store_attribute)
+              prev_store&.dig(key)
+            end
           end
         end
@@ -172,7 +251,7 @@ module ActiveRecord
           attribute = object.send(store_attribute)
           unless attribute.is_a?(ActiveSupport::HashWithIndifferentAccess)
             attribute = IndifferentCoder.as_indifferent_hash(attribute)
-            object.send :"#{store_attribute}=", attribute
+            object.public_send :"#{store_attribute}=", attribute
           end
           attribute
         end

data/lib/active_record/suppressor.rb CHANGED Viewed

@@ -40,11 +40,11 @@ module ActiveRecord
       end
     end
-    def save(*) # :nodoc:
+    def save(**) # :nodoc:
       SuppressorRegistry.suppressed[self.class.name] ? true : super
     end
-    def save!(*) # :nodoc:
+    def save!(**) # :nodoc:
       SuppressorRegistry.suppressed[self.class.name] ? true : super
     end
   end

data/lib/active_record/table_metadata.rb CHANGED Viewed

@@ -2,81 +2,80 @@
 module ActiveRecord
   class TableMetadata # :nodoc:
-    delegate :foreign_type, :foreign_key, :join_primary_key, :join_foreign_key, to: :association, prefix: true
+    delegate :join_primary_key, :join_foreign_key, :join_foreign_type, to: :reflection
-    def initialize(klass, arel_table, association = nil)
+    def initialize(klass, arel_table, reflection = nil)
       @klass = klass
       @arel_table = arel_table
-      @association = association
+      @reflection = reflection
     end
-    def resolve_column_aliases(hash)
-      new_hash = hash.dup
-      hash.each do |key, _|
-        if (key.is_a?(Symbol)) && klass.attribute_alias?(key)
-          new_hash[klass.attribute_alias(key)] = new_hash.delete(key)
-        end
-      end
-      new_hash
-    end
-    def arel_attribute(column_name)
-      if klass
-        klass.arel_attribute(column_name, arel_table)
-      else
-        arel_table[column_name]
-      end
+    def primary_key
+      klass&.primary_key
     end
     def type(column_name)
-      if klass
-        klass.type_for_attribute(column_name)
-      else
-        Type.default_value
-      end
+      arel_table.type_for_attribute(column_name)
     end
     def has_column?(column_name)
-      klass && klass.columns_hash.key?(column_name.to_s)
+      klass&.columns_hash.key?(column_name)
     end
-    def associated_with?(association_name)
-      klass && klass._reflect_on_association(association_name)
+    def associated_with?(table_name)
+      klass&._reflect_on_association(table_name) || klass&._reflect_on_association(table_name.singularize)
     end
     def associated_table(table_name)
-      association = klass._reflect_on_association(table_name) || klass._reflect_on_association(table_name.to_s.singularize)
+      reflection = klass._reflect_on_association(table_name) || klass._reflect_on_association(table_name.singularize)
-      if !association && table_name == arel_table.name
+      if !reflection && table_name == arel_table.name
         return self
-      elsif association && !association.polymorphic?
-        association_klass = association.klass
-        arel_table = association_klass.arel_table.alias(table_name)
+      end
+      if reflection
+        association_klass = reflection.klass unless reflection.polymorphic?
+      elsif block_given?
+        association_klass = yield table_name
+      end
+      if association_klass
+        arel_table = association_klass.arel_table
+        arel_table = arel_table.alias(table_name) if arel_table.name != table_name
+        TableMetadata.new(association_klass, arel_table, reflection)
       else
         type_caster = TypeCaster::Connection.new(klass, table_name)
-        association_klass = nil
         arel_table = Arel::Table.new(table_name, type_caster: type_caster)
+        TableMetadata.new(nil, arel_table, reflection)
       end
-      TableMetadata.new(association_klass, arel_table, association)
     end
     def polymorphic_association?
-      association && association.polymorphic?
+      reflection&.polymorphic?
     end
-    def aggregated_with?(aggregation_name)
-      klass && reflect_on_aggregation(aggregation_name)
+    def through_association?
+      reflection&.through_reflection?
     end
     def reflect_on_aggregation(aggregation_name)
-      klass.reflect_on_aggregation(aggregation_name)
+      klass&.reflect_on_aggregation(aggregation_name)
+    end
+    alias :aggregated_with? :reflect_on_aggregation
+    def predicate_builder
+      if klass
+        predicate_builder = klass.predicate_builder.dup
+        predicate_builder.instance_variable_set(:@table, self)
+        predicate_builder
+      else
+        PredicateBuilder.new(self)
+      end
     end
-    # TODO Change this to private once we've dropped Ruby 2.2 support.
-    # Workaround for Ruby 2.2 "private attribute?" warning.
-    protected
+    attr_reader :arel_table
-      attr_reader :klass, :arel_table, :association
+    private
+      attr_reader :klass, :reflection
   end
 end