Fix sql sanitization of multi geoms #81
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| # frozen_string_literal: true | ||
| require 'active_support/core_ext/array/wrap' | ||
|
|
||
| module MultiGeomSanitization | ||
| private | ||
|
|
||
| # NOTE connection and value order is swapped in Rails 8 | ||
| def replace_bind_variable(connection, value) | ||
| if value.class.name.start_with?("RGeo::") && value.respond_to?(:map) | ||
| super(connection, Array.wrap(value)) | ||
| else | ||
| super | ||
| end | ||
| end | ||
| end | ||
|
|
||
| ActiveRecord::Sanitization::ClassMethods.prepend(MultiGeomSanitization) | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -88,6 +88,10 @@ def quote(thing, column = nil) | |
| "'#{thing.to_s.gsub("'", "\\\\'")}'" | ||
| end | ||
| end | ||
|
|
||
| def cast_bound_value(value) | ||
|
Member
There was a problem hiding this comment. why using this fake record class rather than any record?
Author
There was a problem hiding this comment. I didn't see any record, what do you suggest? It looks like the tests don't require a database so my guess is the fake record was used to avoid a db being required for tests but I could be missing something.
Member
There was a problem hiding this comment. Oh you are right ! And could we use one method deeper in the backtrace rather than
Author
There was a problem hiding this comment. There isn't a public method below |
||
| value.to_s | ||
| end | ||
| end | ||
|
|
||
| class ConnectionPool | ||
|
|
@@ -123,8 +127,14 @@ def quote(thing, column = nil) | |
| end | ||
|
|
||
| class Base | ||
| include ActiveRecord::Sanitization | ||
|
|
||
| attr_accessor :connection_pool | ||
|
|
||
| def self.with_connection | ||
| yield new.connection | ||
| end | ||
|
|
||
| def initialize | ||
| @connection_pool = ConnectionPool.new | ||
| end | ||
|
|
||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -9,6 +9,7 @@ | |
| require "minitest/autorun" | ||
| require "rgeo-activerecord" | ||
| require "support/fake_record" | ||
| require "active_support/core_ext/date/acts_like" | ||
|
Author
There was a problem hiding this comment. AR expects it. Without it https://github.com/rails/rails/blob/6f57590388ca38ed2b83bc1207a8be13a9ba2aef/activerecord/lib/active_record/sanitization.rb#L228 fails.
Member
There was a problem hiding this comment. My concern is that a user loading our gem would have the same issue and need to load this as well. It is in the rails codebase that this should be loaded prior usage, not here in tests. So either our test suite is not initialising properly (I suspect that is the issue) or there is an issue in rails codebase. WDYT?
Author
There was a problem hiding this comment. I don't think Rails is initialised at all. The specs on initialise the minimal things required which I believe is active record.
Member
There was a problem hiding this comment. @nikolai-b I don't think this supersedes my comment. If we load active-record in our gem, then active-record code should be working, no?
Author
There was a problem hiding this comment. I'm not sure. This is because in the gem the |
||
|
|
||
| Arel::Visitors::ToSql.include RGeo::ActiveRecord::SpatialToSql | ||
| Arel::Table.engine = FakeRecord::Base.new | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What should we do about this note?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could add a