1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Don't default to YAML dumping when quoting values

This behavior exists only to support fixtures, so we should handle it
there. Leaving it in `#quote` can cause very subtle bugs to slip
through, by things appearing to work when they should be blowing up
loudly, such as #18385.
This commit is contained in:
Sean Griffin 2015-01-14 13:55:29 -07:00
parent 855cca0662
commit aa31d21f5f
3 changed files with 13 additions and 11 deletions

View file

@ -289,7 +289,13 @@ module ActiveRecord
[columns[name], value] [columns[name], value]
end end
key_list = fixture.keys.map { |name| quote_column_name(name) } key_list = fixture.keys.map { |name| quote_column_name(name) }
value_list = prepare_binds_for_database(binds).map { |_, value| quote(value) } value_list = prepare_binds_for_database(binds).map do |_, value|
begin
quote(value)
rescue TypeError
quote(YAML.dump(value))
end
end
execute "INSERT INTO #{quote_table_name(table_name)} (#{key_list.join(', ')}) VALUES (#{value_list.join(', ')})", 'Fixture Insert' execute "INSERT INTO #{quote_table_name(table_name)} (#{key_list.join(', ')}) VALUES (#{value_list.join(', ')})", 'Fixture Insert'
end end

View file

@ -125,8 +125,7 @@ module ActiveRecord
when Date, Time then "'#{quoted_date(value)}'" when Date, Time then "'#{quoted_date(value)}'"
when Symbol then "'#{quote_string(value.to_s)}'" when Symbol then "'#{quote_string(value.to_s)}'"
when Class then "'#{value}'" when Class then "'#{value}'"
else else raise TypeError, "can't quote #{value.class.name}"
"'#{quote_string(YAML.dump(value))}'"
end end
end end

View file

@ -125,14 +125,11 @@ module ActiveRecord
end end
def test_crazy_object def test_crazy_object
crazy = Class.new.new crazy = Object.new
expected = "'#{YAML.dump(crazy)}'" e = assert_raises(TypeError) do
assert_equal expected, @quoter.quote(crazy, nil) @quoter.quote(crazy, nil)
end end
assert_equal "can't quote Object", e.message
def test_crazy_object_calls_quote_string
crazy = Class.new { def initialize; @lol = 'lo\l' end }.new
assert_match "lo\\\\l", @quoter.quote(crazy, nil)
end end
def test_quote_string_no_column def test_quote_string_no_column