activerecord 6.1.7 → 7.1.5

data/lib/active_record/schema_migration.rb

@@ -1,54 +1,89 @@
 # frozen_string_literal: true
 
-require "active_record/scoping/default"
-require "active_record/scoping/named"
-
 module ActiveRecord
   # This class is used to create a table that keeps track of which migrations
   # have been applied to a given database. When a migration is run, its schema
-  # number is inserted in to the `SchemaMigration.table_name` so it doesn't need
+  # number is inserted in to the schema migrations table so it doesn't need
   # to be executed the next time.
-  class SchemaMigration < ActiveRecord::Base # :nodoc:
-    class << self
-      def _internal?
-        true
-      end
+  class SchemaMigration # :nodoc:
+    class NullSchemaMigration # :nodoc:
+    end
 
-      def primary_key
-        "version"
-      end
+    attr_reader :connection, :arel_table
+
+    def initialize(connection)
+      @connection = connection
+      @arel_table = Arel::Table.new(table_name)
+    end
+
+    def create_version(version)
+      im = Arel::InsertManager.new(arel_table)
+      im.insert(arel_table[primary_key] => version)
+      connection.insert(im, "#{self.class} Create", primary_key, version)
+    end
 
-      def table_name
-        "#{table_name_prefix}#{schema_migrations_table_name}#{table_name_suffix}"
+    def delete_version(version)
+      dm = Arel::DeleteManager.new(arel_table)
+      dm.wheres = [arel_table[primary_key].eq(version)]
+
+      connection.delete(dm, "#{self.class} Destroy")
+    end
+
+    def delete_all_versions
+      versions.each do |version|
+        delete_version(version)
       end
+    end
+
+    def primary_key
+      "version"
+    end
+
+    def table_name
+      "#{ActiveRecord::Base.table_name_prefix}#{ActiveRecord::Base.schema_migrations_table_name}#{ActiveRecord::Base.table_name_suffix}"
+    end
 
-      def create_table
-        unless connection.table_exists?(table_name)
-          connection.create_table(table_name, id: false) do |t|
-            t.string :version, **connection.internal_string_options_for_primary_key
-          end
+    def create_table
+      unless connection.table_exists?(table_name)
+        connection.create_table(table_name, id: false) do |t|
+          t.string :version, **connection.internal_string_options_for_primary_key
         end
       end
+    end
 
-      def drop_table
-        connection.drop_table table_name, if_exists: true
-      end
+    def drop_table
+      connection.drop_table table_name, if_exists: true
+    end
 
-      def normalize_migration_number(number)
-        "%.3d" % number.to_i
-      end
+    def normalize_migration_number(number)
+      "%.3d" % number.to_i
+    end
 
-      def normalized_versions
-        all_versions.map { |v| normalize_migration_number v }
-      end
+    def normalized_versions
+      versions.map { |v| normalize_migration_number v }
+    end
 
-      def all_versions
-        order(:version).pluck(:version)
-      end
+    def versions
+      sm = Arel::SelectManager.new(arel_table)
+      sm.project(arel_table[primary_key])
+      sm.order(arel_table[primary_key].asc)
+
+      connection.select_values(sm, "#{self.class} Load")
+    end
+
+    def integer_versions
+      versions.map(&:to_i)
+    end
+
+    def count
+      sm = Arel::SelectManager.new(arel_table)
+      sm.project(*Arel::Nodes::Count.new([Arel.star]))
+
+      connection.select_values(sm, "#{self.class} Count").first
     end
 
-    def version
-      super.to_i
+    def table_exists?
+      connection.data_source_exists?(table_name)
     end
   end
 end

data/lib/active_record/scoping/default.rb

@@ -2,6 +2,15 @@
 
 module ActiveRecord
   module Scoping
+    class DefaultScope # :nodoc:
+      attr_reader :scope, :all_queries
+
+      def initialize(scope, all_queries = nil)
+        @scope = scope
+        @all_queries = all_queries
+      end
+    end
+
     module Default
       extend ActiveSupport::Concern
 
@@ -15,14 +24,22 @@ module ActiveRecord
         # Returns a scope for the model without the previously set scopes.
         #
         #   class Post < ActiveRecord::Base
+        #     belongs_to :user
+        #
         #     def self.default_scope
         #       where(published: true)
         #     end
         #   end
         #
+        #   class User < ActiveRecord::Base
+        #     has_many :posts
+        #   end
+        #
         #   Post.all                                  # Fires "SELECT * FROM posts WHERE published = true"
         #   Post.unscoped.all                         # Fires "SELECT * FROM posts"
         #   Post.where(published: false).unscoped.all # Fires "SELECT * FROM posts"
+        #   User.find(1).posts                        # Fires "SELECT * FROM posts WHERE published = true AND posts.user_id = 1"
+        #   User.find(1).posts.unscoped               # Fires "SELECT * FROM posts"
         #
         # This method also accepts a block. All queries inside the block will
         # not use the previously set scopes.
@@ -30,8 +47,8 @@ module ActiveRecord
         #   Post.unscoped {
         #     Post.limit(10) # Fires "SELECT * FROM posts LIMIT 10"
         #   }
-        def unscoped
-          block_given? ? relation.scoping { yield } : relation
+        def unscoped(&block)
+          block_given? ? relation.scoping(&block) : relation
         end
 
         # Are there attributes associated with this scope?
@@ -39,8 +56,15 @@ module ActiveRecord
           super || default_scopes.any? || respond_to?(:default_scope)
         end
 
-        def before_remove_const #:nodoc:
-          self.current_scope = nil
+        # Checks if the model has any default scopes. If all_queries
+        # is set to true, the method will check if there are any
+        # default_scopes for the model  where +all_queries+ is true.
+        def default_scopes?(all_queries: false)
+          if all_queries
+            self.default_scopes.any?(&:all_queries)
+          else
+            self.default_scopes.any?
+          end
         end
 
         private
@@ -51,14 +75,30 @@ module ActiveRecord
           #     default_scope { where(published: true) }
           #   end
           #
-          #   Article.all # => SELECT * FROM articles WHERE published = true
+          #   Article.all
+          #   # SELECT * FROM articles WHERE published = true
           #
           # The #default_scope is also applied while creating/building a record.
-          # It is not applied while updating a record.
+          # It is not applied while updating or deleting a record.
           #
           #   Article.new.published    # => true
           #   Article.create.published # => true
           #
+          # To apply a #default_scope when updating or deleting a record, add
+          # <tt>all_queries: true</tt>:
+          #
+          #   class Article < ActiveRecord::Base
+          #     default_scope -> { where(blog_id: 1) }, all_queries: true
+          #   end
+          #
+          # Applying a default scope to all queries will ensure that records
+          # are always queried by the additional conditions. Note that only
+          # where clauses apply, as it does not make sense to add order to
+          # queries that return a single object by primary key.
+          #
+          #   Article.find(1).destroy
+          #   # DELETE ... FROM `articles` where ID = 1 AND blog_id = 1;
+          #
           # (You can also pass any object which responds to +call+ to the
           # +default_scope+ macro, and it will be called when building the
           # default scope.)
@@ -71,7 +111,8 @@ module ActiveRecord
           #     default_scope { where(rating: 'G') }
           #   end
           #
-          #   Article.all # => SELECT * FROM articles WHERE published = true AND rating = 'G'
+          #   Article.all
+          #   # SELECT * FROM articles WHERE published = true AND rating = 'G'
           #
           # This is also the case with inheritance and module includes where the
           # parent or module defines a #default_scope and the child or including
@@ -85,7 +126,7 @@ module ActiveRecord
           #       # Should return a scope, you can call 'super' here etc.
           #     end
           #   end
-          def default_scope(scope = nil, &block) # :doc:
+          def default_scope(scope = nil, all_queries: nil, &block) # :doc:
             scope = block if block_given?
 
             if scope.is_a?(Relation) || !scope.respond_to?(:call)
@@ -96,10 +137,12 @@ module ActiveRecord
                 "self.default_scope.)"
             end
 
-            self.default_scopes += [scope]
+            default_scope = DefaultScope.new(scope, all_queries)
+
+            self.default_scopes += [default_scope]
           end
 
-          def build_default_scope(relation = relation())
+          def build_default_scope(relation = relation(), all_queries: nil)
             return if abstract_class?
 
             if default_scope_override.nil?
@@ -113,20 +156,34 @@ module ActiveRecord
               end
             elsif default_scopes.any?
               evaluate_default_scope do
-                default_scopes.inject(relation) do |default_scope, scope|
-                  scope = scope.respond_to?(:to_proc) ? scope : scope.method(:call)
-                  default_scope.instance_exec(&scope) || default_scope
+                default_scopes.inject(relation) do |combined_scope, scope_obj|
+                  if execute_scope?(all_queries, scope_obj)
+                    scope = scope_obj.scope.respond_to?(:to_proc) ? scope_obj.scope : scope_obj.scope.method(:call)
+
+                    combined_scope.instance_exec(&scope) || combined_scope
+                  else
+                    combined_scope
+                  end
                 end
               end
             end
           end
 
+          # If all_queries is nil, only execute on select and insert queries.
+          #
+          # If all_queries is true, check if the default_scope object has
+          # all_queries set, then execute on all queries; select, insert, update,
+          # delete, and reload.
+          def execute_scope?(all_queries, default_scope_obj)
+            all_queries.nil? || all_queries && default_scope_obj.all_queries
+          end
+
           def ignore_default_scope?
-            ScopeRegistry.value_for(:ignore_default_scope, base_class)
+            ScopeRegistry.ignore_default_scope(base_class)
           end
 
           def ignore_default_scope=(ignore)
-            ScopeRegistry.set_value_for(:ignore_default_scope, base_class, ignore)
+            ScopeRegistry.set_ignore_default_scope(base_class, ignore)
           end
 
           # The ignore_default_scope flag is used to prevent an infinite recursion

data/lib/active_record/scoping/named.rb

@@ -19,7 +19,7 @@ module ActiveRecord
         #
         # You can define a scope that applies to all finders using
         # {default_scope}[rdoc-ref:Scoping::Default::ClassMethods#default_scope].
-        def all
+        def all(all_queries: nil)
           scope = current_scope
 
           if scope
@@ -29,7 +29,7 @@ module ActiveRecord
               relation.merge!(scope)
             end
           else
-            default_scoped
+            default_scoped(all_queries: all_queries)
           end
         end
 
@@ -42,8 +42,8 @@ module ActiveRecord
         end
 
         # Returns a scope for the model with default scopes.
-        def default_scoped(scope = relation)
-          build_default_scope(scope) || scope
+        def default_scoped(scope = relation, all_queries: nil)
+          build_default_scope(scope, all_queries: all_queries) || scope
         end
 
         def default_extensions # :nodoc:
@@ -168,7 +168,6 @@ module ActiveRecord
               "an instance method with the same name."
           end
 
-          valid_scope_name?(name)
           extension = Module.new(&block) if block
 
           if body.respond_to?(:to_proc)
@@ -184,7 +183,7 @@ module ActiveRecord
               scope
             end
           end
-          singleton_class.send(:ruby2_keywords, name) if respond_to?(:ruby2_keywords, true)
+          singleton_class.send(:ruby2_keywords, name)
 
           generate_relation_method(name)
         end
@@ -193,13 +192,6 @@ module ActiveRecord
           def singleton_method_added(name)
             generate_relation_method(name) if Kernel.respond_to?(name) && !ActiveRecord::Relation.method_defined?(name)
           end
-
-          def valid_scope_name?(name)
-            if respond_to?(name, true) && logger
-              logger.warn "Creating scope :#{name}. " \
-                "Overwriting existing method #{self.name}.#{name}."
-            end
-          end
       end
     end
   end

data/lib/active_record/scoping.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require "active_support/per_thread_registry"
+require "active_support/core_ext/module/delegation"
 
 module ActiveRecord
   module Scoping
@@ -24,11 +24,23 @@ module ActiveRecord
       end
 
       def current_scope(skip_inherited_scope = false)
-        ScopeRegistry.value_for(:current_scope, self, skip_inherited_scope)
+        ScopeRegistry.current_scope(self, skip_inherited_scope)
       end
 
       def current_scope=(scope)
-        ScopeRegistry.set_value_for(:current_scope, self, scope)
+        ScopeRegistry.set_current_scope(self, scope)
+      end
+
+      def global_current_scope(skip_inherited_scope = false)
+        ScopeRegistry.global_current_scope(self, skip_inherited_scope)
+      end
+
+      def global_current_scope=(scope)
+        ScopeRegistry.set_global_current_scope(self, scope)
+      end
+
+      def scope_registry
+        ScopeRegistry.instance
       end
     end
 
@@ -45,8 +57,8 @@ module ActiveRecord
     end
 
     # This class stores the +:current_scope+ and +:ignore_default_scope+ values
-    # for different classes. The registry is stored as a thread local, which is
-    # accessed through +ScopeRegistry.current+.
+    # for different classes. The registry is stored as either a thread or fiber
+    # local depending on the application configuration.
     #
     # This class allows you to store and get the scope values on different
     # classes and different types of scopes. For example, if you are attempting
@@ -54,51 +66,70 @@ module ActiveRecord
     # following code:
     #
     #   registry = ActiveRecord::Scoping::ScopeRegistry
-    #   registry.set_value_for(:current_scope, Board, some_new_scope)
+    #   registry.set_current_scope(Board, some_new_scope)
     #
     # Now when you run:
     #
-    #   registry.value_for(:current_scope, Board)
-    #
-    # You will obtain whatever was defined in +some_new_scope+. The #value_for
-    # and #set_value_for methods are delegated to the current ScopeRegistry
-    # object, so the above example code can also be called as:
+    #   registry.current_scope(Board)
     #
-    #   ActiveRecord::Scoping::ScopeRegistry.set_value_for(:current_scope,
-    #       Board, some_new_scope)
+    # You will obtain whatever was defined in +some_new_scope+.
     class ScopeRegistry # :nodoc:
-      extend ActiveSupport::PerThreadRegistry
+      class << self
+        delegate :current_scope, :set_current_scope, :ignore_default_scope, :set_ignore_default_scope,
+          :global_current_scope, :set_global_current_scope, to: :instance
 
-      VALID_SCOPE_TYPES = [:current_scope, :ignore_default_scope]
+        def instance
+          ActiveSupport::IsolatedExecutionState[:active_record_scope_registry] ||= new
+        end
+      end
 
       def initialize
-        @registry = Hash.new { |hash, key| hash[key] = {} }
+        @current_scope        = {}
+        @ignore_default_scope = {}
+        @global_current_scope = {}
       end
 
-      # Obtains the value for a given +scope_type+ and +model+.
-      def value_for(scope_type, model, skip_inherited_scope = false)
-        raise_invalid_scope_type!(scope_type)
-        return @registry[scope_type][model.name] if skip_inherited_scope
-        klass = model
-        base = model.base_class
-        while klass <= base
-          value = @registry[scope_type][klass.name]
-          return value if value
-          klass = klass.superclass
-        end
+      def current_scope(model, skip_inherited_scope = false)
+        value_for(@current_scope, model, skip_inherited_scope)
       end
 
-      # Sets the +value+ for a given +scope_type+ and +model+.
-      def set_value_for(scope_type, model, value)
-        raise_invalid_scope_type!(scope_type)
-        @registry[scope_type][model.name] = value
+      def set_current_scope(model, value)
+        set_value_for(@current_scope, model, value)
+      end
+
+      def ignore_default_scope(model, skip_inherited_scope = false)
+        value_for(@ignore_default_scope, model, skip_inherited_scope)
+      end
+
+      def set_ignore_default_scope(model, value)
+        set_value_for(@ignore_default_scope, model, value)
+      end
+
+      def global_current_scope(model, skip_inherited_scope = false)
+        value_for(@global_current_scope, model, skip_inherited_scope)
+      end
+
+      def set_global_current_scope(model, value)
+        set_value_for(@global_current_scope, model, value)
       end
 
       private
-        def raise_invalid_scope_type!(scope_type)
-          if !VALID_SCOPE_TYPES.include?(scope_type)
-            raise ArgumentError, "Invalid scope type '#{scope_type}' sent to the registry. Scope types must be included in VALID_SCOPE_TYPES"
+        # Obtains the value for a given +scope_type+ and +model+.
+        def value_for(scope_type, model, skip_inherited_scope = false)
+          return scope_type[model.name] if skip_inherited_scope
+          klass = model
+          base = model.base_class
+          while klass != base
+            value = scope_type[klass.name]
+            return value if value
+            klass = klass.superclass
           end
+          scope_type[klass.name]
+        end
+
+        # Sets the +value+ for a given +scope_type+ and +model+.
+        def set_value_for(scope_type, model, value)
+          scope_type[model.name] = value
         end
     end
   end

data/lib/active_record/secure_password.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module SecurePassword
+    extend ActiveSupport::Concern
+
+    include ActiveModel::SecurePassword
+
+    module ClassMethods
+      # Given a set of attributes, finds a record using the non-password
+      # attributes, and then authenticates that record using the password
+      # attributes. Returns the record if authentication succeeds; otherwise,
+      # returns +nil+.
+      #
+      # Regardless of whether a record is found, +authenticate_by+ will
+      # cryptographically digest the given password attributes. This behavior
+      # helps mitigate timing-based enumeration attacks, wherein an attacker can
+      # determine if a passworded record exists even without knowing the
+      # password.
+      #
+      # Raises an ArgumentError if the set of attributes doesn't contain at
+      # least one password and one non-password attribute.
+      #
+      # ==== Examples
+      #
+      #   class User < ActiveRecord::Base
+      #     has_secure_password
+      #   end
+      #
+      #   User.create(name: "John Doe", email: "jdoe@example.com", password: "abc123")
+      #
+      #   User.authenticate_by(email: "jdoe@example.com", password: "abc123").name # => "John Doe" (in 373.4ms)
+      #   User.authenticate_by(email: "jdoe@example.com", password: "wrong")       # => nil (in 373.9ms)
+      #   User.authenticate_by(email: "wrong@example.com", password: "abc123")     # => nil (in 373.6ms)
+      #
+      #   User.authenticate_by(email: "jdoe@example.com", password: nil) # => nil (no queries executed)
+      #   User.authenticate_by(email: "jdoe@example.com", password: "")  # => nil (no queries executed)
+      #
+      #   User.authenticate_by(email: "jdoe@example.com") # => ArgumentError
+      #   User.authenticate_by(password: "abc123")        # => ArgumentError
+      def authenticate_by(attributes)
+        passwords, identifiers = attributes.to_h.partition do |name, value|
+          !has_attribute?(name) && has_attribute?("#{name}_digest")
+        end.map(&:to_h)
+
+        raise ArgumentError, "One or more password arguments are required" if passwords.empty?
+        raise ArgumentError, "One or more finder arguments are required" if identifiers.empty?
+
+        return if passwords.any? { |name, value| value.nil? || value.empty? }
+
+        if record = find_by(identifiers)
+          record if passwords.count { |name, value| record.public_send(:"authenticate_#{name}", value) } == passwords.size
+        else
+          new(passwords)
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/active_record/secure_token.rb

@@ -24,12 +24,26 @@ module ActiveRecord
       #   user.regenerate_token # => true
       #   user.regenerate_auth_token # => true
       #
-      # <tt>SecureRandom::base58</tt> is used to generate at minimum a 24-character unique token, so collisions are highly unlikely.
+      # +SecureRandom::base58+ is used to generate at minimum a 24-character unique token, so collisions are highly unlikely.
       #
       # Note that it's still possible to generate a race condition in the database in the same way that
       # {validates_uniqueness_of}[rdoc-ref:Validations::ClassMethods#validates_uniqueness_of] can.
       # You're encouraged to add a unique index in the database to deal with this even more unlikely scenario.
-      def has_secure_token(attribute = :token, length: MINIMUM_TOKEN_LENGTH)
+      #
+      # === Options
+      #
+      # [:length]
+      #   Length of the Secure Random, with a minimum of 24 characters. It will
+      #   default to 24.
+      #
+      # [:on]
+      #   The callback when the value is generated. When called with <tt>on:
+      #   :initialize</tt>, the value is generated in an
+      #   <tt>after_initialize</tt> callback, otherwise the value will be used
+      #   in a <tt>before_</tt> callback. When not specified, +:on+ will use the value of
+      #   <tt>config.active_record.generate_secure_token_on</tt>, which defaults to +:initialize+
+      #   starting in \Rails 7.1.
+      def has_secure_token(attribute = :token, length: MINIMUM_TOKEN_LENGTH, on: ActiveRecord.generate_secure_token_on)
         if length < MINIMUM_TOKEN_LENGTH
           raise MinimumLengthError, "Token requires a minimum length of #{MINIMUM_TOKEN_LENGTH} characters."
         end
@@ -37,7 +51,11 @@ module ActiveRecord
         # Load securerandom only when has_secure_token is used.
         require "active_support/core_ext/securerandom"
         define_method("regenerate_#{attribute}") { update! attribute => self.class.generate_unique_secure_token(length: length) }
-        before_create { send("#{attribute}=", self.class.generate_unique_secure_token(length: length)) unless send("#{attribute}?") }
+        set_callback on, on == :initialize ? :after : :before do
+          if new_record? && !query_attribute(attribute)
+            send("#{attribute}=", self.class.generate_unique_secure_token(length: length))
+          end
+        end
       end
 
       def generate_unique_secure_token(length: MINIMUM_TOKEN_LENGTH)

data/lib/active_record/serialization.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-module ActiveRecord #:nodoc:
+module ActiveRecord # :nodoc:
   # = Active Record \Serialization
   module Serialization
     extend ActiveSupport::Concern
@@ -20,5 +20,10 @@ module ActiveRecord #:nodoc:
 
       super(options)
     end
+
+    private
+      def attribute_names_for_serialization
+        attribute_names
+      end
   end
 end

data/lib/active_record/signed_id.rb

@@ -8,9 +8,9 @@ module ActiveRecord
     included do
       ##
       # :singleton-method:
-      # Set the secret used for the signed id verifier instance when using Active Record outside of Rails.
-      # Within Rails, this is automatically set using the Rails application key generator.
-      mattr_accessor :signed_id_verifier_secret, instance_writer: false
+      # Set the secret used for the signed id verifier instance when using Active Record outside of \Rails.
+      # Within \Rails, this is automatically set using the \Rails application key generator.
+      class_attribute :signed_id_verifier_secret, instance_writer: false
     end
 
     module ClassMethods
@@ -47,7 +47,7 @@ module ActiveRecord
         end
       end
 
-      # Works like +find_signed+, but will raise an +ActiveSupport::MessageVerifier::InvalidSignature+
+      # Works like find_signed, but will raise an +ActiveSupport::MessageVerifier::InvalidSignature+
       # exception if the +signed_id+ has either expired, has a purpose mismatch, is for another record,
       # or has been tampered with. It will also raise an +ActiveRecord::RecordNotFound+ exception if
       # the valid signed id can't find a record.
@@ -66,7 +66,7 @@ module ActiveRecord
       end
 
       # The verifier instance that all signed ids are generated and verified from. By default, it'll be initialized
-      # with the class-level +signed_id_verifier_secret+, which within Rails comes from the
+      # with the class-level +signed_id_verifier_secret+, which within \Rails comes from the
       # Rails.application.key_generator. By default, it's SHA256 for the digest and JSON for the serialization.
       def signed_id_verifier
         @signed_id_verifier ||= begin
@@ -97,7 +97,7 @@ module ActiveRecord
 
     # Returns a signed id that's generated using a preconfigured +ActiveSupport::MessageVerifier+ instance.
     # This signed id is tamper proof, so it's safe to send in an email or otherwise share with the outside world.
-    # It can further more be set to expire (the default is not to expire), and scoped down with a specific purpose.
+    # It can furthermore be set to expire (the default is not to expire), and scoped down with a specific purpose.
     # If the expiration date has been exceeded before +find_signed+ is called, the id won't find the designated
     # record. If a purpose is set, this too must match.
     #
@@ -109,8 +109,10 @@ module ActiveRecord
     #
     # And you then change your +find_signed+ calls to require this new purpose. Any old signed ids that were not
     # created with the purpose will no longer find the record.
-    def signed_id(expires_in: nil, purpose: nil)
-      self.class.signed_id_verifier.generate id, expires_in: expires_in, purpose: self.class.combine_signed_id_purposes(purpose)
+    def signed_id(expires_in: nil, expires_at: nil, purpose: nil)
+      raise ArgumentError, "Cannot get a signed_id for a new record" if new_record?
+
+      self.class.signed_id_verifier.generate id, expires_in: expires_in, expires_at: expires_at, purpose: self.class.combine_signed_id_purposes(purpose)
     end
   end
 end