lato 3.13.14 → 3.13.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/concerns/lato/componentable.rb +5 -16
  3. data/lib/lato/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 78ecb2c80260122c039786bb9eafcf4063684cde33b2fde9e00a12287f5bb3b1
4
- data.tar.gz: a4967285b27502c359acf8324c492ad7263d470ead24b816ecace271bbc2f7c6
3
+ metadata.gz: 91f4f116e2fa3f2f95f0f0caec0b13f138505cdd243d8120cad1161b0f3a5671
4
+ data.tar.gz: 9f6693227ec0fcd848d6f79614117fd93430001806ee4b9308e917bdae165589
5
5
  SHA512:
6
- metadata.gz: 1684bc930b0f3a8baa55081a6bc88b6ec9e22726283a484ec9cba8fe2ba262fb0b771ee16a30d88022efef585d1ebb0c8f508c3863f975d90588cb9581caa96f
7
- data.tar.gz: 45be268b1d3267d8757834b4fbcdb774d996ae1f57b6f226c04f179e35742872e0da0411fb11dfec1954141103e763650f67bb9d0853381ec2dbe49d4e3634a4
6
+ metadata.gz: ff587919ff293e11a2e71a39734919f0f50a35f1fd5e8ecabe84a6fbb3bae9438f39ed702156d2e0cb08735b9a14c74e55202887cb632c81b80f298d57d12498
7
+ data.tar.gz: 3ff14b346454e96b0ea29113e3a0e9488837577cf6d22aafd637546faa605823cf0717aea1fd9a414ef8879a03334389ccf8d29080d2f238cb8f331a87da124e
data/app/controllers/concerns/lato/componentable.rb CHANGED
@@ -37,25 +37,14 @@ module Lato
37
37
  if collection.respond_to?(:lato_index_search)
38
38
  collection = collection.lato_index_search(search)
39
39
  else
40
- query_parts = @_lato_index[key][:searchable_columns].map do |column_name|
41
- # Sanitize column name per prevenire SQL injection
42
- sanitized_column = connection.quote_column_name(column_name)
43
- column_type = collection.column_for_attribute(column_name).type
44
-
45
- case column_type
46
- when :string, :text
47
- "LOWER(#{sanitized_column}) LIKE :search"
48
- when :integer, :decimal, :float
49
- "CAST(#{sanitized_column} AS TEXT) LIKE :search"
40
+ query = @_lato_index[key][:searchable_columns].map do |key|
41
+ if collection.column_for_attribute(key).type == :string || collection.column_for_attribute(key).type == :text
42
+ "LOWER(#{key}) LIKE :search"
50
43
  else
51
- "CAST(#{sanitized_column} AS TEXT) LIKE :search"
44
+ "CAST(#{key} AS TEXT) LIKE :search"
52
45
  end
53
46
  end
54
-
55
- collection = collection.where(
56
- query_parts.join(' OR '),
57
- search: "%#{search.downcase.strip}%"
58
- )
47
+ collection = collection.where(query.join(' OR '), search: "%#{search.downcase.strip}%")
59
48
  end
60
49
  end
61
50
 
data/lib/lato/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Lato
2
- VERSION = "3.13.14"
2
+ VERSION = "3.13.16"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lato
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.13.14
4
+ version: 3.13.16
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gregorio Galante
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2025-07-05 00:00:00.000000000 Z
11
+ date: 2025-07-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails