Project

General

Profile

0001-fixes-3160-sanitize-host-host-group-names-v2-1.2.patch

v2 patch (rebased onto 1.2-stable) - Dominic Cleal, 09/30/2013 02:18 PM

View differences:

app/models/host_common.rb
17 17
      belongs_to :subnet
18 18

  
19 19
      before_save :check_puppet_ca_proxy_is_required?
20
      has_many :lookup_values, :finder_sql => Proc.new { %Q{ SELECT lookup_values.* FROM lookup_values WHERE (lookup_values.match = '#{lookup_value_match}') } }, :dependent => :destroy
20
      has_many :lookup_values, :finder_sql => Proc.new { LookupValue.where('lookup_values.match' => lookup_value_match).to_sql }, :dependent => :destroy
21 21
      # See "def lookup_values_attributes=" under, for the implementation of accepts_nested_attributes_for :lookup_values
22 22
      accepts_nested_attributes_for :lookup_values
23 23

  
test/fixtures/lookup_keys.yml
9 9

  
10 10
two:
11 11
  key: ssl_port
12
  key_type: integer
12
  key_type: string
13 13
  validator_type: list
14 14
  validator_rule: '443,8443'
15 15
  puppetclass: one
test/unit/hostgroup_test.rb
176 176
    assert_equal "db", hostgroup.label
177 177
  end
178 178

  
179
end
179
  test "should find associated lookup_values" do
180
    assert_equal [lookup_values(:hostgroupcommon)], hostgroups(:common).lookup_values.sort
181
  end
182

  
183
  test "should find associated lookup_values with unsafe SQL name" do
184
    hostgroup = hostgroups(:common)
185
    hostgroup.name = "Robert';"
186
    hostgroup.save!
187
    lv = lookup_values(:hostgroupcommon)
188
    lv.match = "hostgroup=#{hostgroup.name}"
189
    lv.save!
190
    assert_equal [lookup_values(:hostgroupcommon)], hostgroup.lookup_values
191
  end
192

  
193
end
180
-