1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/activerecord/test/cases/serialization_test.rb

105 lines
3.5 KiB
Ruby
Raw Normal View History

require "cases/helper"
require 'models/contact'
require 'models/topic'
Fixed serialization for records with an attribute named `format`. * * * This bug can be triggered when serializing record R (the instance) of type C (the class), provided that the following conditions are met: 1. The name of one or more columns/attributes on C/R matches an existing private method on C (e.g. those defined by `Kernel`, such as `format`). 2. The attribute methods have not yet been generated on C. In this case, the matching private methods will be called by the serialization code (with no arguments) and their return values will be serialized instead. If the method requires one or more arguments, it will result in an `ArgumentError`. This regression is introduced in d1316bb. * * * Attribute methods (e.g. `#name` and `#format`, assuming the class has columns named `name` and `format` in its database table) are lazily defined. Instead of defining them when a the class is defined (e.g. in the `inherited` hook on `ActiveRecord::Base`), this operation is deferred until they are first accessed. The reason behind this is that is defining those methods requires knowing what columns are defined on the database table, which usually requires a round-trip to the database. Deferring their definition until the last-possible moment helps reducing unnessary work, especially in development mode where classes are redefined and throw away between requests. Typically, when an attribute is first accessed (e.g. `a_book.format`), it will fire the `method_missing` hook on the class, which triggers the definition of the attribute methods. This even works for methods like `format`, because calling a private method with an explicit receiver will also trigger that hook. Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`, which does not respect method visibility. As a result, when serializing a record with those conflicting attributes, the `method_missing` is not fired, and as a result the attribute methods are not defined one would expected. Before d1316bb, this is negated by the fact that calling the `run_callbacks` method will also trigger a call to `respond_to?`, which is another trigger point for the class to define its attribute methods. Therefore, when Active Record tries to run the `after_find` callbacks, it will also define all the attribute methods thus masking the problem. * * * The proper fix for this problem is probably to restrict `read_attribute_for_serialization` to call public methods only (i.e. alias `read_attribute_for_serialization` to `public_send` instead of `send`). This however would be quite risky to change in a patch release and would probably require a full deprecation cycle. Another approach would be to override `read_attribute_for_serialization` inside Active Record to force the definition of attribute methods: def read_attribute_for_serialization(attribute) self.class.define_attribute_methods send(attribute) end Unfortunately, this is quite likely going to cause a performance degradation. This patch therefore restores the behaviour from the 4-0-stable branch by explicitly forcing the class to define its attribute methods in a similar spot (when records are initialized). This should not cause any extra roundtrips to the database because the `@columns` should already be cached on the class. Fixes #15188.
2014-05-22 02:36:35 -04:00
require 'models/book'
require 'models/author'
require 'models/post'
class SerializationTest < ActiveRecord::TestCase
Fixed serialization for records with an attribute named `format`. * * * This bug can be triggered when serializing record R (the instance) of type C (the class), provided that the following conditions are met: 1. The name of one or more columns/attributes on C/R matches an existing private method on C (e.g. those defined by `Kernel`, such as `format`). 2. The attribute methods have not yet been generated on C. In this case, the matching private methods will be called by the serialization code (with no arguments) and their return values will be serialized instead. If the method requires one or more arguments, it will result in an `ArgumentError`. This regression is introduced in d1316bb. * * * Attribute methods (e.g. `#name` and `#format`, assuming the class has columns named `name` and `format` in its database table) are lazily defined. Instead of defining them when a the class is defined (e.g. in the `inherited` hook on `ActiveRecord::Base`), this operation is deferred until they are first accessed. The reason behind this is that is defining those methods requires knowing what columns are defined on the database table, which usually requires a round-trip to the database. Deferring their definition until the last-possible moment helps reducing unnessary work, especially in development mode where classes are redefined and throw away between requests. Typically, when an attribute is first accessed (e.g. `a_book.format`), it will fire the `method_missing` hook on the class, which triggers the definition of the attribute methods. This even works for methods like `format`, because calling a private method with an explicit receiver will also trigger that hook. Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`, which does not respect method visibility. As a result, when serializing a record with those conflicting attributes, the `method_missing` is not fired, and as a result the attribute methods are not defined one would expected. Before d1316bb, this is negated by the fact that calling the `run_callbacks` method will also trigger a call to `respond_to?`, which is another trigger point for the class to define its attribute methods. Therefore, when Active Record tries to run the `after_find` callbacks, it will also define all the attribute methods thus masking the problem. * * * The proper fix for this problem is probably to restrict `read_attribute_for_serialization` to call public methods only (i.e. alias `read_attribute_for_serialization` to `public_send` instead of `send`). This however would be quite risky to change in a patch release and would probably require a full deprecation cycle. Another approach would be to override `read_attribute_for_serialization` inside Active Record to force the definition of attribute methods: def read_attribute_for_serialization(attribute) self.class.define_attribute_methods send(attribute) end Unfortunately, this is quite likely going to cause a performance degradation. This patch therefore restores the behaviour from the 4-0-stable branch by explicitly forcing the class to define its attribute methods in a similar spot (when records are initialized). This should not cause any extra roundtrips to the database because the `@columns` should already be cached on the class. Fixes #15188.
2014-05-22 02:36:35 -04:00
fixtures :books
FORMATS = [ :xml, :json ]
def setup
@contact_attributes = {
:name => 'aaron stack',
:age => 25,
:avatar => 'binarydata',
:created_at => Time.utc(2006, 8, 1),
:awesome => false,
:preferences => { :gem => '<strong>ruby</strong>' },
:alternative_id => nil,
:id => nil
}
end
def test_include_root_in_json_is_false_by_default
assert_equal false, ActiveRecord::Base.include_root_in_json, "include_root_in_json should be false by default but was not"
end
def test_serialize_should_be_reversible
FORMATS.each do |format|
@serialized = Contact.new.send("to_#{format}")
contact = Contact.new.send("from_#{format}", @serialized)
assert_equal @contact_attributes.keys.collect(&:to_s).sort, contact.attributes.keys.collect(&:to_s).sort, "For #{format}"
end
end
def test_serialize_should_allow_attribute_only_filtering
FORMATS.each do |format|
@serialized = Contact.new(@contact_attributes).send("to_#{format}", :only => [ :age, :name ])
contact = Contact.new.send("from_#{format}", @serialized)
assert_equal @contact_attributes[:name], contact.name, "For #{format}"
assert_nil contact.avatar, "For #{format}"
end
end
def test_serialize_should_allow_attribute_except_filtering
FORMATS.each do |format|
@serialized = Contact.new(@contact_attributes).send("to_#{format}", :except => [ :age, :name ])
contact = Contact.new.send("from_#{format}", @serialized)
assert_nil contact.name, "For #{format}"
assert_nil contact.age, "For #{format}"
assert_equal @contact_attributes[:awesome], contact.awesome, "For #{format}"
end
end
def test_include_root_in_json_allows_inheritance
original_root_in_json = ActiveRecord::Base.include_root_in_json
ActiveRecord::Base.include_root_in_json = true
klazz = Class.new(ActiveRecord::Base)
klazz.table_name = 'topics'
assert klazz.include_root_in_json
klazz.include_root_in_json = false
assert ActiveRecord::Base.include_root_in_json
assert !klazz.include_root_in_json
assert !klazz.new.include_root_in_json
ensure
ActiveRecord::Base.include_root_in_json = original_root_in_json
end
Fixed serialization for records with an attribute named `format`. * * * This bug can be triggered when serializing record R (the instance) of type C (the class), provided that the following conditions are met: 1. The name of one or more columns/attributes on C/R matches an existing private method on C (e.g. those defined by `Kernel`, such as `format`). 2. The attribute methods have not yet been generated on C. In this case, the matching private methods will be called by the serialization code (with no arguments) and their return values will be serialized instead. If the method requires one or more arguments, it will result in an `ArgumentError`. This regression is introduced in d1316bb. * * * Attribute methods (e.g. `#name` and `#format`, assuming the class has columns named `name` and `format` in its database table) are lazily defined. Instead of defining them when a the class is defined (e.g. in the `inherited` hook on `ActiveRecord::Base`), this operation is deferred until they are first accessed. The reason behind this is that is defining those methods requires knowing what columns are defined on the database table, which usually requires a round-trip to the database. Deferring their definition until the last-possible moment helps reducing unnessary work, especially in development mode where classes are redefined and throw away between requests. Typically, when an attribute is first accessed (e.g. `a_book.format`), it will fire the `method_missing` hook on the class, which triggers the definition of the attribute methods. This even works for methods like `format`, because calling a private method with an explicit receiver will also trigger that hook. Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`, which does not respect method visibility. As a result, when serializing a record with those conflicting attributes, the `method_missing` is not fired, and as a result the attribute methods are not defined one would expected. Before d1316bb, this is negated by the fact that calling the `run_callbacks` method will also trigger a call to `respond_to?`, which is another trigger point for the class to define its attribute methods. Therefore, when Active Record tries to run the `after_find` callbacks, it will also define all the attribute methods thus masking the problem. * * * The proper fix for this problem is probably to restrict `read_attribute_for_serialization` to call public methods only (i.e. alias `read_attribute_for_serialization` to `public_send` instead of `send`). This however would be quite risky to change in a patch release and would probably require a full deprecation cycle. Another approach would be to override `read_attribute_for_serialization` inside Active Record to force the definition of attribute methods: def read_attribute_for_serialization(attribute) self.class.define_attribute_methods send(attribute) end Unfortunately, this is quite likely going to cause a performance degradation. This patch therefore restores the behaviour from the 4-0-stable branch by explicitly forcing the class to define its attribute methods in a similar spot (when records are initialized). This should not cause any extra roundtrips to the database because the `@columns` should already be cached on the class. Fixes #15188.
2014-05-22 02:36:35 -04:00
def test_read_attribute_for_serialization_with_format_without_method_missing
klazz = Class.new(ActiveRecord::Base)
klazz.table_name = 'books'
book = klazz.new
assert_nil book.read_attribute_for_serialization(:format)
end
Fixed serialization for records with an attribute named `format`. * * * This bug can be triggered when serializing record R (the instance) of type C (the class), provided that the following conditions are met: 1. The name of one or more columns/attributes on C/R matches an existing private method on C (e.g. those defined by `Kernel`, such as `format`). 2. The attribute methods have not yet been generated on C. In this case, the matching private methods will be called by the serialization code (with no arguments) and their return values will be serialized instead. If the method requires one or more arguments, it will result in an `ArgumentError`. This regression is introduced in d1316bb. * * * Attribute methods (e.g. `#name` and `#format`, assuming the class has columns named `name` and `format` in its database table) are lazily defined. Instead of defining them when a the class is defined (e.g. in the `inherited` hook on `ActiveRecord::Base`), this operation is deferred until they are first accessed. The reason behind this is that is defining those methods requires knowing what columns are defined on the database table, which usually requires a round-trip to the database. Deferring their definition until the last-possible moment helps reducing unnessary work, especially in development mode where classes are redefined and throw away between requests. Typically, when an attribute is first accessed (e.g. `a_book.format`), it will fire the `method_missing` hook on the class, which triggers the definition of the attribute methods. This even works for methods like `format`, because calling a private method with an explicit receiver will also trigger that hook. Unfortunately, `read_attribute_for_serialization` is simply an alias to `send`, which does not respect method visibility. As a result, when serializing a record with those conflicting attributes, the `method_missing` is not fired, and as a result the attribute methods are not defined one would expected. Before d1316bb, this is negated by the fact that calling the `run_callbacks` method will also trigger a call to `respond_to?`, which is another trigger point for the class to define its attribute methods. Therefore, when Active Record tries to run the `after_find` callbacks, it will also define all the attribute methods thus masking the problem. * * * The proper fix for this problem is probably to restrict `read_attribute_for_serialization` to call public methods only (i.e. alias `read_attribute_for_serialization` to `public_send` instead of `send`). This however would be quite risky to change in a patch release and would probably require a full deprecation cycle. Another approach would be to override `read_attribute_for_serialization` inside Active Record to force the definition of attribute methods: def read_attribute_for_serialization(attribute) self.class.define_attribute_methods send(attribute) end Unfortunately, this is quite likely going to cause a performance degradation. This patch therefore restores the behaviour from the 4-0-stable branch by explicitly forcing the class to define its attribute methods in a similar spot (when records are initialized). This should not cause any extra roundtrips to the database because the `@columns` should already be cached on the class. Fixes #15188.
2014-05-22 02:36:35 -04:00
def test_read_attribute_for_serialization_with_format_after_init
klazz = Class.new(ActiveRecord::Base)
klazz.table_name = 'books'
book = klazz.new(format: 'paperback')
assert_equal 'paperback', book.read_attribute_for_serialization(:format)
end
def test_read_attribute_for_serialization_with_format_after_find
klazz = Class.new(ActiveRecord::Base)
klazz.table_name = 'books'
book = klazz.find(books(:awdr).id)
assert_equal 'paperback', book.read_attribute_for_serialization(:format)
end
def test_find_records_by_serialized_attributes_through_join
author = Author.create!(name: "David")
author.serialized_posts.create!(title: "Hello")
assert_equal 1, Author.joins(:serialized_posts).where(name: "David", serialized_posts: { title: "Hello" }).length
end
end