2011-06-06 14:17:44 -04:00
|
|
|
require "cases/helper"
|
2008-01-18 02:31:37 -05:00
|
|
|
require 'models/contact'
|
2010-08-02 19:43:32 -04:00
|
|
|
require 'models/topic'
|
Fixed serialization for records with an attribute named `format`.
* * *
This bug can be triggered when serializing record R (the instance) of type C
(the class), provided that the following conditions are met:
1. The name of one or more columns/attributes on C/R matches an existing private
method on C (e.g. those defined by `Kernel`, such as `format`).
2. The attribute methods have not yet been generated on C.
In this case, the matching private methods will be called by the serialization
code (with no arguments) and their return values will be serialized instead. If
the method requires one or more arguments, it will result in an `ArgumentError`.
This regression is introduced in d1316bb.
* * *
Attribute methods (e.g. `#name` and `#format`, assuming the class has columns
named `name` and `format` in its database table) are lazily defined. Instead of
defining them when a the class is defined (e.g. in the `inherited` hook on
`ActiveRecord::Base`), this operation is deferred until they are first accessed.
The reason behind this is that is defining those methods requires knowing what
columns are defined on the database table, which usually requires a round-trip
to the database. Deferring their definition until the last-possible moment helps
reducing unnessary work, especially in development mode where classes are
redefined and throw away between requests.
Typically, when an attribute is first accessed (e.g. `a_book.format`), it will
fire the `method_missing` hook on the class, which triggers the definition of
the attribute methods. This even works for methods like `format`, because
calling a private method with an explicit receiver will also trigger that hook.
Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`,
which does not respect method visibility. As a result, when serializing a record
with those conflicting attributes, the `method_missing` is not fired, and as a
result the attribute methods are not defined one would expected.
Before d1316bb, this is negated by the fact that calling the `run_callbacks`
method will also trigger a call to `respond_to?`, which is another trigger point
for the class to define its attribute methods. Therefore, when Active Record
tries to run the `after_find` callbacks, it will also define all the attribute
methods thus masking the problem.
* * *
The proper fix for this problem is probably to restrict `read_attribute_for_serialization`
to call public methods only (i.e. alias `read_attribute_for_serialization` to
`public_send` instead of `send`). This however would be quite risky to change
in a patch release and would probably require a full deprecation cycle.
Another approach would be to override `read_attribute_for_serialization` inside
Active Record to force the definition of attribute methods:
def read_attribute_for_serialization(attribute)
self.class.define_attribute_methods
send(attribute)
end
Unfortunately, this is quite likely going to cause a performance degradation.
This patch therefore restores the behaviour from the 4-0-stable branch by
explicitly forcing the class to define its attribute methods in a similar spot
(when records are initialized). This should not cause any extra roundtrips to
the database because the `@columns` should already be cached on the class.
Fixes #15188.
2014-05-22 02:36:35 -04:00
|
|
|
require 'models/book'
|
2014-10-31 11:43:38 -04:00
|
|
|
require 'models/author'
|
|
|
|
require 'models/post'
|
2007-09-20 19:22:30 -04:00
|
|
|
|
2008-01-21 12:20:51 -05:00
|
|
|
class SerializationTest < ActiveRecord::TestCase
|
Fixed serialization for records with an attribute named `format`.
* * *
This bug can be triggered when serializing record R (the instance) of type C
(the class), provided that the following conditions are met:
1. The name of one or more columns/attributes on C/R matches an existing private
method on C (e.g. those defined by `Kernel`, such as `format`).
2. The attribute methods have not yet been generated on C.
In this case, the matching private methods will be called by the serialization
code (with no arguments) and their return values will be serialized instead. If
the method requires one or more arguments, it will result in an `ArgumentError`.
This regression is introduced in d1316bb.
* * *
Attribute methods (e.g. `#name` and `#format`, assuming the class has columns
named `name` and `format` in its database table) are lazily defined. Instead of
defining them when a the class is defined (e.g. in the `inherited` hook on
`ActiveRecord::Base`), this operation is deferred until they are first accessed.
The reason behind this is that is defining those methods requires knowing what
columns are defined on the database table, which usually requires a round-trip
to the database. Deferring their definition until the last-possible moment helps
reducing unnessary work, especially in development mode where classes are
redefined and throw away between requests.
Typically, when an attribute is first accessed (e.g. `a_book.format`), it will
fire the `method_missing` hook on the class, which triggers the definition of
the attribute methods. This even works for methods like `format`, because
calling a private method with an explicit receiver will also trigger that hook.
Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`,
which does not respect method visibility. As a result, when serializing a record
with those conflicting attributes, the `method_missing` is not fired, and as a
result the attribute methods are not defined one would expected.
Before d1316bb, this is negated by the fact that calling the `run_callbacks`
method will also trigger a call to `respond_to?`, which is another trigger point
for the class to define its attribute methods. Therefore, when Active Record
tries to run the `after_find` callbacks, it will also define all the attribute
methods thus masking the problem.
* * *
The proper fix for this problem is probably to restrict `read_attribute_for_serialization`
to call public methods only (i.e. alias `read_attribute_for_serialization` to
`public_send` instead of `send`). This however would be quite risky to change
in a patch release and would probably require a full deprecation cycle.
Another approach would be to override `read_attribute_for_serialization` inside
Active Record to force the definition of attribute methods:
def read_attribute_for_serialization(attribute)
self.class.define_attribute_methods
send(attribute)
end
Unfortunately, this is quite likely going to cause a performance degradation.
This patch therefore restores the behaviour from the 4-0-stable branch by
explicitly forcing the class to define its attribute methods in a similar spot
(when records are initialized). This should not cause any extra roundtrips to
the database because the `@columns` should already be cached on the class.
Fixes #15188.
2014-05-22 02:36:35 -04:00
|
|
|
fixtures :books
|
|
|
|
|
2007-09-20 19:22:30 -04:00
|
|
|
FORMATS = [ :xml, :json ]
|
2008-01-18 02:30:42 -05:00
|
|
|
|
2007-09-20 19:22:30 -04:00
|
|
|
def setup
|
|
|
|
@contact_attributes = {
|
2011-09-10 16:10:01 -04:00
|
|
|
:name => 'aaron stack',
|
|
|
|
:age => 25,
|
|
|
|
:avatar => 'binarydata',
|
|
|
|
:created_at => Time.utc(2006, 8, 1),
|
|
|
|
:awesome => false,
|
|
|
|
:preferences => { :gem => '<strong>ruby</strong>' },
|
2012-01-25 17:42:08 -05:00
|
|
|
:alternative_id => nil,
|
|
|
|
:id => nil
|
2007-09-20 19:22:30 -04:00
|
|
|
}
|
|
|
|
end
|
2008-01-18 02:30:42 -05:00
|
|
|
|
2013-03-04 14:30:05 -05:00
|
|
|
def test_include_root_in_json_is_false_by_default
|
|
|
|
assert_equal false, ActiveRecord::Base.include_root_in_json, "include_root_in_json should be false by default but was not"
|
|
|
|
end
|
|
|
|
|
2007-09-20 19:22:30 -04:00
|
|
|
def test_serialize_should_be_reversible
|
2012-01-29 11:54:17 -05:00
|
|
|
FORMATS.each do |format|
|
2007-09-20 19:22:30 -04:00
|
|
|
@serialized = Contact.new.send("to_#{format}")
|
|
|
|
contact = Contact.new.send("from_#{format}", @serialized)
|
2008-01-18 02:30:42 -05:00
|
|
|
|
2007-09-20 19:22:30 -04:00
|
|
|
assert_equal @contact_attributes.keys.collect(&:to_s).sort, contact.attributes.keys.collect(&:to_s).sort, "For #{format}"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_serialize_should_allow_attribute_only_filtering
|
2012-01-29 11:54:17 -05:00
|
|
|
FORMATS.each do |format|
|
2007-09-20 19:22:30 -04:00
|
|
|
@serialized = Contact.new(@contact_attributes).send("to_#{format}", :only => [ :age, :name ])
|
|
|
|
contact = Contact.new.send("from_#{format}", @serialized)
|
|
|
|
assert_equal @contact_attributes[:name], contact.name, "For #{format}"
|
|
|
|
assert_nil contact.avatar, "For #{format}"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_serialize_should_allow_attribute_except_filtering
|
2012-01-29 11:54:17 -05:00
|
|
|
FORMATS.each do |format|
|
2007-09-20 19:22:30 -04:00
|
|
|
@serialized = Contact.new(@contact_attributes).send("to_#{format}", :except => [ :age, :name ])
|
|
|
|
contact = Contact.new.send("from_#{format}", @serialized)
|
|
|
|
assert_nil contact.name, "For #{format}"
|
|
|
|
assert_nil contact.age, "For #{format}"
|
|
|
|
assert_equal @contact_attributes[:awesome], contact.awesome, "For #{format}"
|
|
|
|
end
|
|
|
|
end
|
2012-10-30 10:44:32 -04:00
|
|
|
|
|
|
|
def test_include_root_in_json_allows_inheritance
|
|
|
|
original_root_in_json = ActiveRecord::Base.include_root_in_json
|
|
|
|
ActiveRecord::Base.include_root_in_json = true
|
|
|
|
|
|
|
|
klazz = Class.new(ActiveRecord::Base)
|
|
|
|
klazz.table_name = 'topics'
|
|
|
|
assert klazz.include_root_in_json
|
|
|
|
|
|
|
|
klazz.include_root_in_json = false
|
|
|
|
assert ActiveRecord::Base.include_root_in_json
|
|
|
|
assert !klazz.include_root_in_json
|
|
|
|
assert !klazz.new.include_root_in_json
|
|
|
|
ensure
|
|
|
|
ActiveRecord::Base.include_root_in_json = original_root_in_json
|
|
|
|
end
|
Fixed serialization for records with an attribute named `format`.
* * *
This bug can be triggered when serializing record R (the instance) of type C
(the class), provided that the following conditions are met:
1. The name of one or more columns/attributes on C/R matches an existing private
method on C (e.g. those defined by `Kernel`, such as `format`).
2. The attribute methods have not yet been generated on C.
In this case, the matching private methods will be called by the serialization
code (with no arguments) and their return values will be serialized instead. If
the method requires one or more arguments, it will result in an `ArgumentError`.
This regression is introduced in d1316bb.
* * *
Attribute methods (e.g. `#name` and `#format`, assuming the class has columns
named `name` and `format` in its database table) are lazily defined. Instead of
defining them when a the class is defined (e.g. in the `inherited` hook on
`ActiveRecord::Base`), this operation is deferred until they are first accessed.
The reason behind this is that is defining those methods requires knowing what
columns are defined on the database table, which usually requires a round-trip
to the database. Deferring their definition until the last-possible moment helps
reducing unnessary work, especially in development mode where classes are
redefined and throw away between requests.
Typically, when an attribute is first accessed (e.g. `a_book.format`), it will
fire the `method_missing` hook on the class, which triggers the definition of
the attribute methods. This even works for methods like `format`, because
calling a private method with an explicit receiver will also trigger that hook.
Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`,
which does not respect method visibility. As a result, when serializing a record
with those conflicting attributes, the `method_missing` is not fired, and as a
result the attribute methods are not defined one would expected.
Before d1316bb, this is negated by the fact that calling the `run_callbacks`
method will also trigger a call to `respond_to?`, which is another trigger point
for the class to define its attribute methods. Therefore, when Active Record
tries to run the `after_find` callbacks, it will also define all the attribute
methods thus masking the problem.
* * *
The proper fix for this problem is probably to restrict `read_attribute_for_serialization`
to call public methods only (i.e. alias `read_attribute_for_serialization` to
`public_send` instead of `send`). This however would be quite risky to change
in a patch release and would probably require a full deprecation cycle.
Another approach would be to override `read_attribute_for_serialization` inside
Active Record to force the definition of attribute methods:
def read_attribute_for_serialization(attribute)
self.class.define_attribute_methods
send(attribute)
end
Unfortunately, this is quite likely going to cause a performance degradation.
This patch therefore restores the behaviour from the 4-0-stable branch by
explicitly forcing the class to define its attribute methods in a similar spot
(when records are initialized). This should not cause any extra roundtrips to
the database because the `@columns` should already be cached on the class.
Fixes #15188.
2014-05-22 02:36:35 -04:00
|
|
|
|
2014-06-13 12:52:39 -04:00
|
|
|
def test_read_attribute_for_serialization_with_format_without_method_missing
|
|
|
|
klazz = Class.new(ActiveRecord::Base)
|
|
|
|
klazz.table_name = 'books'
|
|
|
|
|
|
|
|
book = klazz.new
|
|
|
|
assert_nil book.read_attribute_for_serialization(:format)
|
|
|
|
end
|
|
|
|
|
Fixed serialization for records with an attribute named `format`.
* * *
This bug can be triggered when serializing record R (the instance) of type C
(the class), provided that the following conditions are met:
1. The name of one or more columns/attributes on C/R matches an existing private
method on C (e.g. those defined by `Kernel`, such as `format`).
2. The attribute methods have not yet been generated on C.
In this case, the matching private methods will be called by the serialization
code (with no arguments) and their return values will be serialized instead. If
the method requires one or more arguments, it will result in an `ArgumentError`.
This regression is introduced in d1316bb.
* * *
Attribute methods (e.g. `#name` and `#format`, assuming the class has columns
named `name` and `format` in its database table) are lazily defined. Instead of
defining them when a the class is defined (e.g. in the `inherited` hook on
`ActiveRecord::Base`), this operation is deferred until they are first accessed.
The reason behind this is that is defining those methods requires knowing what
columns are defined on the database table, which usually requires a round-trip
to the database. Deferring their definition until the last-possible moment helps
reducing unnessary work, especially in development mode where classes are
redefined and throw away between requests.
Typically, when an attribute is first accessed (e.g. `a_book.format`), it will
fire the `method_missing` hook on the class, which triggers the definition of
the attribute methods. This even works for methods like `format`, because
calling a private method with an explicit receiver will also trigger that hook.
Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`,
which does not respect method visibility. As a result, when serializing a record
with those conflicting attributes, the `method_missing` is not fired, and as a
result the attribute methods are not defined one would expected.
Before d1316bb, this is negated by the fact that calling the `run_callbacks`
method will also trigger a call to `respond_to?`, which is another trigger point
for the class to define its attribute methods. Therefore, when Active Record
tries to run the `after_find` callbacks, it will also define all the attribute
methods thus masking the problem.
* * *
The proper fix for this problem is probably to restrict `read_attribute_for_serialization`
to call public methods only (i.e. alias `read_attribute_for_serialization` to
`public_send` instead of `send`). This however would be quite risky to change
in a patch release and would probably require a full deprecation cycle.
Another approach would be to override `read_attribute_for_serialization` inside
Active Record to force the definition of attribute methods:
def read_attribute_for_serialization(attribute)
self.class.define_attribute_methods
send(attribute)
end
Unfortunately, this is quite likely going to cause a performance degradation.
This patch therefore restores the behaviour from the 4-0-stable branch by
explicitly forcing the class to define its attribute methods in a similar spot
(when records are initialized). This should not cause any extra roundtrips to
the database because the `@columns` should already be cached on the class.
Fixes #15188.
2014-05-22 02:36:35 -04:00
|
|
|
def test_read_attribute_for_serialization_with_format_after_init
|
|
|
|
klazz = Class.new(ActiveRecord::Base)
|
|
|
|
klazz.table_name = 'books'
|
|
|
|
|
|
|
|
book = klazz.new(format: 'paperback')
|
|
|
|
assert_equal 'paperback', book.read_attribute_for_serialization(:format)
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_read_attribute_for_serialization_with_format_after_find
|
|
|
|
klazz = Class.new(ActiveRecord::Base)
|
|
|
|
klazz.table_name = 'books'
|
|
|
|
|
|
|
|
book = klazz.find(books(:awdr).id)
|
|
|
|
assert_equal 'paperback', book.read_attribute_for_serialization(:format)
|
|
|
|
end
|
2014-10-31 11:43:38 -04:00
|
|
|
|
|
|
|
def test_find_records_by_serialized_attributes_through_join
|
|
|
|
author = Author.create!(name: "David")
|
|
|
|
author.serialized_posts.create!(title: "Hello")
|
|
|
|
|
|
|
|
assert_equal 1, Author.joins(:serialized_posts).where(name: "David", serialized_posts: { title: "Hello" }).length
|
|
|
|
end
|
2008-01-18 02:31:37 -05:00
|
|
|
end
|