Add ransack! method which raises error if passed unknown condition
This commit is contained in:
parent
150eeb2f08
commit
46de17eba8
|
@ -1,5 +1,9 @@
|
||||||
# Change Log
|
# Change Log
|
||||||
|
|
||||||
|
* Add `ActiveRecord::Base.ransack!` which raises error if passed unknown condition
|
||||||
|
|
||||||
|
*Aaron Lipman*
|
||||||
|
|
||||||
## 2.4.0 - 2020-11-27
|
## 2.4.0 - 2020-11-27
|
||||||
|
|
||||||
*
|
*
|
||||||
|
|
37
README.md
37
README.md
|
@ -670,6 +670,43 @@ Trying it out in `rails console`:
|
||||||
|
|
||||||
That's it! Now you know how to whitelist/blacklist various elements in Ransack.
|
That's it! Now you know how to whitelist/blacklist various elements in Ransack.
|
||||||
|
|
||||||
|
### Handling unknown predicates or attributes
|
||||||
|
|
||||||
|
By default, Ransack will ignore any unknown predicates or attributes:
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
Article.ransack(unknown_attr_eq: 'Ernie').result.to_sql
|
||||||
|
=> SELECT "articles".* FROM "articles"
|
||||||
|
```
|
||||||
|
|
||||||
|
Ransack may be configured to raise an error if passed an unknown predicate or
|
||||||
|
attributes, by setting the `ignore_unknown_conditions` option to `false` in your
|
||||||
|
Ransack initializer file at `config/initializers/ransack.rb`:
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
Ransack.configure do |c|
|
||||||
|
# Raise errors if a query contains an unknown predicate or attribute.
|
||||||
|
# Default is true (do not raise error on unknown conditions).
|
||||||
|
c.ignore_unknown_conditions = false
|
||||||
|
end
|
||||||
|
```
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
Article.ransack(unknown_attr_eq: 'Ernie')
|
||||||
|
# ArgumentError (Invalid search term unknown_attr_eq)
|
||||||
|
```
|
||||||
|
|
||||||
|
As an alternative to setting a global configuration option, the `.ransack!`
|
||||||
|
class method also raises an error if passed an unknown condition:
|
||||||
|
|
||||||
|
```ruby
|
||||||
|
Article.ransack!(unknown_attr_eq: 'Ernie')
|
||||||
|
# ArgumentError: Invalid search term unknown_attr_eq
|
||||||
|
```
|
||||||
|
|
||||||
|
This is equivilent to the `ignore_unknown_conditions` configuration option,
|
||||||
|
except it may be applied on a case-by-case basis.
|
||||||
|
|
||||||
### Using Scopes/Class Methods
|
### Using Scopes/Class Methods
|
||||||
|
|
||||||
Continuing on from the preceding section, searching by scopes requires defining
|
Continuing on from the preceding section, searching by scopes requires defining
|
||||||
|
|
|
@ -18,6 +18,10 @@ module Ransack
|
||||||
Search.new(self, params, options)
|
Search.new(self, params, options)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def ransack!(params = {}, options = {})
|
||||||
|
ransack(params, options.merge(ignore_unknown_conditions: false))
|
||||||
|
end
|
||||||
|
|
||||||
def ransacker(name, opts = {}, &block)
|
def ransacker(name, opts = {}, &block)
|
||||||
self._ransackers = _ransackers.merge name.to_s => Ransacker
|
self._ransackers = _ransackers.merge name.to_s => Ransacker
|
||||||
.new(self, name, opts, &block)
|
.new(self, name, opts, &block)
|
||||||
|
|
|
@ -30,6 +30,7 @@ module Ransack
|
||||||
)
|
)
|
||||||
@scope_args = {}
|
@scope_args = {}
|
||||||
@sorts ||= []
|
@sorts ||= []
|
||||||
|
@ignore_unknown_conditions = options[:ignore_unknown_conditions] == false ? false : true
|
||||||
build(params.with_indifferent_access)
|
build(params.with_indifferent_access)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -45,7 +46,7 @@ module Ransack
|
||||||
base.send("#{key}=", value)
|
base.send("#{key}=", value)
|
||||||
elsif @context.ransackable_scope?(key, @context.object)
|
elsif @context.ransackable_scope?(key, @context.object)
|
||||||
add_scope(key, value)
|
add_scope(key, value)
|
||||||
elsif !Ransack.options[:ignore_unknown_conditions]
|
elsif !Ransack.options[:ignore_unknown_conditions] || !@ignore_unknown_conditions
|
||||||
raise ArgumentError, "Invalid search term #{key}"
|
raise ArgumentError, "Invalid search term #{key}"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -122,6 +122,10 @@ module Ransack
|
||||||
expect { Person.ransack('') }.to_not raise_error
|
expect { Person.ransack('') }.to_not raise_error
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'raises exception if ransack! called with unknown condition' do
|
||||||
|
expect { Person.ransack!(unknown_attr_eq: 'Ernie') }.to raise_error
|
||||||
|
end
|
||||||
|
|
||||||
it 'does not modify the parameters' do
|
it 'does not modify the parameters' do
|
||||||
params = { name_eq: '' }
|
params = { name_eq: '' }
|
||||||
expect { Person.ransack(params) }.not_to change { params }
|
expect { Person.ransack(params) }.not_to change { params }
|
||||||
|
|
|
@ -232,7 +232,7 @@ module Ransack
|
||||||
context 'with an invalid condition' do
|
context 'with an invalid condition' do
|
||||||
subject { Search.new(Person, unknown_attr_eq: 'Ernie') }
|
subject { Search.new(Person, unknown_attr_eq: 'Ernie') }
|
||||||
|
|
||||||
context 'when ignore_unknown_conditions is false' do
|
context 'when ignore_unknown_conditions configuration option is false' do
|
||||||
before do
|
before do
|
||||||
Ransack.configure { |c| c.ignore_unknown_conditions = false }
|
Ransack.configure { |c| c.ignore_unknown_conditions = false }
|
||||||
end
|
end
|
||||||
|
@ -240,13 +240,39 @@ module Ransack
|
||||||
specify { expect { subject }.to raise_error ArgumentError }
|
specify { expect { subject }.to raise_error ArgumentError }
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'when ignore_unknown_conditions is true' do
|
context 'when ignore_unknown_conditions configuration option is true' do
|
||||||
before do
|
before do
|
||||||
Ransack.configure { |c| c.ignore_unknown_conditions = true }
|
Ransack.configure { |c| c.ignore_unknown_conditions = true }
|
||||||
end
|
end
|
||||||
|
|
||||||
specify { expect { subject }.not_to raise_error }
|
specify { expect { subject }.not_to raise_error }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
subject(:with_ignore_unknown_conditions_false) {
|
||||||
|
Search.new(Person,
|
||||||
|
{ unknown_attr_eq: 'Ernie' },
|
||||||
|
{ ignore_unknown_conditions: false }
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
subject(:with_ignore_unknown_conditions_true) {
|
||||||
|
Search.new(Person,
|
||||||
|
{ unknown_attr_eq: 'Ernie' },
|
||||||
|
{ ignore_unknown_conditions: true }
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
context 'when ignore_unknown_conditions search parameter is absent' do
|
||||||
|
specify { expect { subject }.not_to raise_error }
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when ignore_unknown_conditions search parameter is false' do
|
||||||
|
specify { expect { with_ignore_unknown_conditions_false }.to raise_error ArgumentError }
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when ignore_unknown_conditions search parameter is true' do
|
||||||
|
specify { expect { with_ignore_unknown_conditions_true }.not_to raise_error }
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'does not modify the parameters' do
|
it 'does not modify the parameters' do
|
||||||
|
|
Loading…
Reference in New Issue