kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

Remove some bind related test cases from finder_test.rb to sanitize_test.rb

Browse source 
`replace_named_bind_variables` and `replace_bind_variables` are
definded in `sanitization.rb`, so it is reasonable these tests are
on `sanitize_test.rb`.
This commit is contained in:
yui-knk 2015-11-21 11:34:36 +09:00
parent bf7ab2f92b
commit 6aec925e16
2 changed files with 94 additions and 91 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

91
activerecord/test/cases/finder_test.rb
View file

@ -706,96 +706,13 @@ class FinderTest < ActiveRecord::TestCase
assert Company.where(["name = :name", {name: "37signals' go'es agains"}]).first
end
def test_bind_arity
assert_nothing_raised { bind '' }
assert_raise(ActiveRecord::PreparedStatementInvalid) { bind '', 1 }
assert_raise(ActiveRecord::PreparedStatementInvalid) { bind '?' }
assert_nothing_raised { bind '?', 1 }
assert_raise(ActiveRecord::PreparedStatementInvalid) { bind '?', 1, 1 }
end
def test_named_bind_variables
assert_equal '1', bind(':a', :a => 1) # ' ruby-mode
assert_equal '1 1', bind(':a :a', :a => 1) # ' ruby-mode
assert_nothing_raised { bind("'+00:00'", :foo => "bar") }
assert_kind_of Firm, Company.where(["name = :name", { name: "37signals" }]).first
assert_nil Company.where(["name = :name", { name: "37signals!" }]).first
assert_nil Company.where(["name = :name", { name: "37signals!' OR 1=1" }]).first
assert_kind_of Time, Topic.where(["id = :id", { id: 1 }]).first.written_on
end
def test_named_bind_arity
assert_nothing_raised { bind "name = :name", { name: "37signals" } }
assert_nothing_raised { bind "name = :name", { name: "37signals", id: 1 } }
assert_raise(ActiveRecord::PreparedStatementInvalid) { bind "name = :name", { id: 1 } }
end
class SimpleEnumerable
include Enumerable
def initialize(ary)
@ary = ary
end
def each(&b)
@ary.each(&b)
end
end
def test_bind_enumerable
quoted_abc = %(#{ActiveRecord::Base.connection.quote('a')},#{ActiveRecord::Base.connection.quote('b')},#{ActiveRecord::Base.connection.quote('c')})
assert_equal '1,2,3', bind('?', [1, 2, 3])
assert_equal quoted_abc, bind('?', %w(a b c))
assert_equal '1,2,3', bind(':a', :a => [1, 2, 3])
assert_equal quoted_abc, bind(':a', :a => %w(a b c)) # '
assert_equal '1,2,3', bind('?', SimpleEnumerable.new([1, 2, 3]))
assert_equal quoted_abc, bind('?', SimpleEnumerable.new(%w(a b c)))
assert_equal '1,2,3', bind(':a', :a => SimpleEnumerable.new([1, 2, 3]))
assert_equal quoted_abc, bind(':a', :a => SimpleEnumerable.new(%w(a b c))) # '
end
def test_bind_empty_enumerable
quoted_nil = ActiveRecord::Base.connection.quote(nil)
assert_equal quoted_nil, bind('?', [])
assert_equal " in (#{quoted_nil})", bind(' in (?)', [])
assert_equal "foo in (#{quoted_nil})", bind('foo in (?)', [])
end
def test_bind_empty_string
quoted_empty = ActiveRecord::Base.connection.quote('')
assert_equal quoted_empty, bind('?', '')
end
def test_bind_chars
quoted_bambi = ActiveRecord::Base.connection.quote("Bambi")
quoted_bambi_and_thumper = ActiveRecord::Base.connection.quote("Bambi\nand\nThumper")
assert_equal "name=#{quoted_bambi}", bind('name=?', "Bambi")
assert_equal "name=#{quoted_bambi_and_thumper}", bind('name=?', "Bambi\nand\nThumper")
assert_equal "name=#{quoted_bambi}", bind('name=?', "Bambi".mb_chars)
assert_equal "name=#{quoted_bambi_and_thumper}", bind('name=?', "Bambi\nand\nThumper".mb_chars)
end
def test_bind_record
o = Struct.new(:quoted_id).new(1)
assert_equal '1', bind('?', o)
os = [o] * 3
assert_equal '1,1,1', bind('?', os)
end
def test_named_bind_with_postgresql_type_casts
l = Proc.new { bind(":a::integer '2009-01-01'::date", :a => '10') }
assert_nothing_raised(&l)
assert_equal "#{ActiveRecord::Base.connection.quote('10')}::integer '2009-01-01'::date", l.call
end
def test_string_sanitation
assert_not_equal "'something ' 1=1'", ActiveRecord::Base.sanitize("something ' 1=1")
assert_equal "'something; select table'", ActiveRecord::Base.sanitize("something; select table")
@ -1136,14 +1053,6 @@ class FinderTest < ActiveRecord::TestCase
end
protected
def bind(statement, *vars)
if vars.first.is_a?(Hash)
ActiveRecord::Base.send(:replace_named_bind_variables, statement, vars.first)
else
ActiveRecord::Base.send(:replace_bind_variables, statement, vars)
end
end
def table_with_custom_primary_key
yield(Class.new(Toy) do
def self.name

94
activerecord/test/cases/sanitize_test.rb
View file

@ -69,4 +69,98 @@ class SanitizeTest < ActiveRecord::TestCase
searchable_post.search("20% _reduction_!").to_a
end
end
def test_bind_arity
assert_nothing_raised { bind '' }
assert_raise(ActiveRecord::PreparedStatementInvalid) { bind '', 1 }
assert_raise(ActiveRecord::PreparedStatementInvalid) { bind '?' }
assert_nothing_raised { bind '?', 1 }
assert_raise(ActiveRecord::PreparedStatementInvalid) { bind '?', 1, 1 }
end
def test_named_bind_variables
assert_equal '1', bind(':a', :a => 1) # ' ruby-mode
assert_equal '1 1', bind(':a :a', :a => 1) # ' ruby-mode
assert_nothing_raised { bind("'+00:00'", :foo => "bar") }
end
def test_named_bind_arity
assert_nothing_raised { bind "name = :name", { name: "37signals" } }
assert_nothing_raised { bind "name = :name", { name: "37signals", id: 1 } }
assert_raise(ActiveRecord::PreparedStatementInvalid) { bind "name = :name", { id: 1 } }
end
class SimpleEnumerable
include Enumerable
def initialize(ary)
@ary = ary
end
def each(&b)
@ary.each(&b)
end
end
def test_bind_enumerable
quoted_abc = %(#{ActiveRecord::Base.connection.quote('a')},#{ActiveRecord::Base.connection.quote('b')},#{ActiveRecord::Base.connection.quote('c')})
assert_equal '1,2,3', bind('?', [1, 2, 3])
assert_equal quoted_abc, bind('?', %w(a b c))
assert_equal '1,2,3', bind(':a', :a => [1, 2, 3])
assert_equal quoted_abc, bind(':a', :a => %w(a b c)) # '
assert_equal '1,2,3', bind('?', SimpleEnumerable.new([1, 2, 3]))
assert_equal quoted_abc, bind('?', SimpleEnumerable.new(%w(a b c)))
assert_equal '1,2,3', bind(':a', :a => SimpleEnumerable.new([1, 2, 3]))
assert_equal quoted_abc, bind(':a', :a => SimpleEnumerable.new(%w(a b c))) # '
end
def test_bind_empty_enumerable
quoted_nil = ActiveRecord::Base.connection.quote(nil)
assert_equal quoted_nil, bind('?', [])
assert_equal " in (#{quoted_nil})", bind(' in (?)', [])
assert_equal "foo in (#{quoted_nil})", bind('foo in (?)', [])
end
def test_bind_empty_string
quoted_empty = ActiveRecord::Base.connection.quote('')
assert_equal quoted_empty, bind('?', '')
end
def test_bind_chars
quoted_bambi = ActiveRecord::Base.connection.quote("Bambi")
quoted_bambi_and_thumper = ActiveRecord::Base.connection.quote("Bambi\nand\nThumper")
assert_equal "name=#{quoted_bambi}", bind('name=?', "Bambi")
assert_equal "name=#{quoted_bambi_and_thumper}", bind('name=?', "Bambi\nand\nThumper")
assert_equal "name=#{quoted_bambi}", bind('name=?', "Bambi".mb_chars)
assert_equal "name=#{quoted_bambi_and_thumper}", bind('name=?', "Bambi\nand\nThumper".mb_chars)
end
def test_bind_record
o = Struct.new(:quoted_id).new(1)
assert_equal '1', bind('?', o)
os = [o] * 3
assert_equal '1,1,1', bind('?', os)
end
def test_named_bind_with_postgresql_type_casts
l = Proc.new { bind(":a::integer '2009-01-01'::date", :a => '10') }
assert_nothing_raised(&l)
assert_equal "#{ActiveRecord::Base.connection.quote('10')}::integer '2009-01-01'::date", l.call
end
private
def bind(statement, *vars)
if vars.first.is_a?(Hash)
ActiveRecord::Base.send(:replace_named_bind_variables, statement, vars.first)
else
ActiveRecord::Base.send(:replace_bind_variables, statement, vars)
end
end
end