kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

Merge pull request #36350 from kamipo/fast_pluck

Browse source 
Allow symbol (i.e. quoted identifier) as safe SQL string
This commit is contained in:
Ryuta Kamizono 2019-05-28 19:30:57 +09:00 committed by GitHub
commit 0a87d7c9dd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
activerecord/lib/active_record/attribute_methods.rb
View file

@ -185,12 +185,14 @@ module ActiveRecord
/ix
def disallow_raw_sql!(args, permit: COLUMN_NAME) # :nodoc:
unexpected = args.reject do |arg|
Arel.arel_node?(arg) ||
unexpected = nil
args.each do |arg|
next if arg.is_a?(Symbol) || Arel.arel_node?(arg) ||
arg.to_s.split(/\s*,\s*/).all? { |part| permit.match?(part) }
(unexpected ||= []) << arg
end
return if unexpected.none?
return unless unexpected
if allow_unsafe_raw_sql == :deprecated
ActiveSupport::Deprecation.warn(