From 7a625bf74e4e197746b857ae23b1a0fdfd9f3be7 Mon Sep 17 00:00:00 2001 From: Aaron Patterson Date: Wed, 29 Sep 2010 14:18:18 -0700 Subject: [PATCH] fixing column escape for IN nodes. [resolves:5732] --- lib/arel/visitors/dot.rb | 5 +++++ lib/arel/visitors/to_sql.rb | 13 +++++++------ spec/visitors/to_sql_spec.rb | 15 +++++++++++++++ 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/lib/arel/visitors/dot.rb b/lib/arel/visitors/dot.rb index a65a7f7301..3d25d5f012 100644 --- a/lib/arel/visitors/dot.rb +++ b/lib/arel/visitors/dot.rb @@ -28,6 +28,10 @@ module Arel end private + def visit_Arel_Nodes_Grouping o + visit_edge o, "expr" + end + def visit_Arel_Nodes_TableAlias o visit_edge o, "name" visit_edge o, "relation" @@ -104,6 +108,7 @@ module Arel alias :visit_Arel_Nodes_GreaterThan :visit_Arel_Nodes_Equality alias :visit_Arel_Nodes_GreaterThanOrEqual :visit_Arel_Nodes_Equality alias :visit_Arel_Nodes_Assignment :visit_Arel_Nodes_Equality + alias :visit_Arel_Nodes_In :visit_Arel_Nodes_Equality def visit_String o @node_stack.last.fields << o diff --git a/lib/arel/visitors/to_sql.rb b/lib/arel/visitors/to_sql.rb index 7f9186d28c..974f9f5341 100644 --- a/lib/arel/visitors/to_sql.rb +++ b/lib/arel/visitors/to_sql.rb @@ -7,13 +7,13 @@ module Arel def initialize engine @engine = engine @connection = nil - @last_column = [] + @last_column = nil @quoted_tables = {} @quoted_columns = {} end def accept object - @last_column = [] + @last_column = nil @engine.connection_pool.with_connection do |conn| @connection = conn visit object @@ -195,8 +195,9 @@ module Arel def visit_Arel_Nodes_In o right = o.right - right = right.empty? ? 'NULL' : right.map { |x| visit x }.join(', ') - "#{visit o.left} IN (#{right})" + "#{visit o.left} IN (#{ + right.empty? ? 'NULL' : right.map { |x| visit x }.join(', ') + })" end def visit_Arel_Nodes_NotIn o @@ -243,7 +244,7 @@ module Arel end def visit_Arel_Attributes_Attribute o - @last_column.push o.column + @last_column = o.column join_name = o.relation.table_alias || o.relation.name "#{quote_table_name join_name}.#{quote_column_name o.name}" end @@ -257,7 +258,7 @@ module Arel alias :visit_Arel_Nodes_SqlLiteral :visit_Fixnum alias :visit_Arel_SqlLiteral :visit_Fixnum # This is deprecated - def visit_String o; quote(o, @last_column.pop) end + def visit_String o; quote(o, @last_column) end alias :visit_ActiveSupport_Multibyte_Chars :visit_String alias :visit_BigDecimal :visit_String diff --git a/spec/visitors/to_sql_spec.rb b/spec/visitors/to_sql_spec.rb index c234a2d58e..1302d73e1c 100644 --- a/spec/visitors/to_sql_spec.rb +++ b/spec/visitors/to_sql_spec.rb @@ -94,6 +94,21 @@ module Arel "users"."id" >= 1 AND "users"."id" < 3 } end + + it 'uses the same column for escaping values' do + visitor = Class.new(ToSql) do + attr_accessor :expected + + def quote value, column = nil + raise unless column == expected + super + end + end + in_node = Nodes::In.new @attr, %w{ a b c } + visitor = visitor.new(Table.engine) + visitor.expected = @attr.column + lambda { visitor.accept(in_node) }.should_not raise_error + end end describe 'Equality' do