Project

General

Profile

Refactor #23234

remove friendly_id <5.0 workarounds

Added by Anonymous over 2 years ago. Updated 7 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
API
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:

Description

With Rails 5.2:

 - message: 'Dangerous query method (method whose arguments are used as raw SQL) called
     with non-attribute argument(s): "CASE WHEN \"hostgroups\".\"title\" = ''928644347''
     THEN 1 ELSE 0 END". Non-attribute arguments will be disallowed in Rails 6.0. This
     method should not be called with user-provided values, such as request parameters
     or model attributes. Known-safe values can be passed by wrapping them in Arel.sql().'
   callstack: app/controllers/api/base_controller.rb:407:in `prioritize_friendly_name_records'

app/controllers/api/base_controller.rb:378 says: "#Should be replaced after moving to friendly_id version >= 5.0"

This should be re-done now in a Rails 5.2 friendlier way.


Related issues

Related to Foreman - Bug #8343: API resource_scope ignores optionsClosed2014-11-11
Related to Foreman - Tracker #21834: Rails 5.2 upgrade tasksClosed

Related to Foreman - Refactor #23300: Do not use string interpolation when composing SQL queries.New
Related to Foreman - Refactor #23806: raise gem dependencies to Rails 5.2 compatible versionsClosed2018-06-04
Blocks Foreman - Tracker #24837: Rails 6.0 TrackerClosed

Associated revisions

Revision 5fb56030 (diff)
Added by Tomer Brisker 7 months ago

Fixes #23234 - Simplify parent scope lookup

Knowing the id format allows us to know which field we should search by,
no need to try both id and friendly_id and use conditional order to
pick the friendly id first.

Revision bf41173a (diff)
Added by Tomer Brisker 7 months ago

Refs #23234 - Prefer friendly find to id lookup

In certain cases the friendly name could be numeric, we should prefer
choosing the friendly id scope in that case

History

#1 Updated by Anonymous over 2 years ago

  • Related to Bug #8343: API resource_scope ignores options added

#2 Updated by Anonymous over 2 years ago

#3 Updated by Anonymous over 2 years ago

#4 Updated by Anonymous over 2 years ago

#5 Updated by Anonymous over 2 years ago

  • Related to Refactor #23300: Do not use string interpolation when composing SQL queries. added

#6 Updated by Anonymous over 1 year ago

#7 Updated by Tomer Brisker 9 months ago

  • Related to Refactor #23806: raise gem dependencies to Rails 5.2 compatible versions added

#8 Updated by Tomer Brisker 8 months ago

  • Assignee set to Tomer Brisker
  • Status changed from New to Assigned

#9 Updated by The Foreman Bot 8 months ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/7289 added

#10 Updated by The Foreman Bot 7 months ago

  • Fixed in Releases 2.0.0 added

#11 Updated by Tomer Brisker 7 months ago

  • Status changed from Ready For Testing to Closed

#12 Updated by The Foreman Bot 7 months ago

  • Pull request https://github.com/theforeman/foreman/pull/7328 added

Also available in: Atom PDF