Skip to content

Commit 5d3c506

Browse files
dcollie2dcollie2
authored
Reset pk sequences for the models that import IDs (#311)
2 parents 8b695c7 + 91818eb commit 5d3c506

File tree

2 files changed

+18
-11
lines changed

2 files changed

+18
-11
lines changed

config/brakeman.ignore

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -3,21 +3,21 @@
33
{
44
"warning_type": "SQL Injection",
55
"warning_code": 0,
6-
"fingerprint": "b9be381566d68ef14f46a175c99ec4814565753eb616f259e5ddcdd9aff5f819",
6+
"fingerprint": "574a24662084f6c06b2ab956a5ab6b850248892cae89bb5fbeb85337895940fc",
77
"check_name": "SQL",
88
"message": "Possible SQL injection",
99
"file": "lib/autorequire/data_import.rb",
10-
"line": 148,
10+
"line": 155,
1111
"link": "https://brakemanscanner.org/docs/warning_types/sql_injection/",
12-
"code": "ActiveRecord::Base.connection.execute(\"SELECT setval('topics_id_seq', #{((Topic.maximum(:id) or 0) + 1)}, false)\")",
12+
"code": "ActiveRecord::Base.connection.execute(\"SELECT setval('#{\"#{model.table_name}_#{model.primary_key}_seq\"}', #{((model.maximum(model.primary_key) or 0) + 1)}, false)\")",
1313
"render_path": null,
1414
"location": {
1515
"type": "method",
1616
"class": "DataImport",
17-
"method": "s(:self).reset_topic_id_starting_value"
17+
"method": "s(:self).reset_pk_sequence_for"
1818
},
19-
"user_input": "Topic.maximum(:id)",
20-
"confidence": "High",
19+
"user_input": "((model.maximum(model.primary_key) or 0) + 1)",
20+
"confidence": "Medium",
2121
"cwe_id": [
2222
89
2323
],

lib/autorequire/data_import.rb

Lines changed: 12 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,8 @@ def self.import_providers
103103
user.save! if user.new_record?
104104
puts "User #{user.email} #{user.new_record? ? "created" : "already exists"}"
105105
end
106+
107+
reset_pk_sequence_for(Provider)
106108
end
107109

108110
def self.import_languages
@@ -141,14 +143,17 @@ def self.import_topics
141143
puts "#{topic.title} #{topic.new_record? ? "created" : "already exists"}"
142144
topic.save!
143145
end
144-
reset_topic_id_starting_value
146+
reset_pk_sequence_for(Topic)
145147
end
146148

147-
def self.reset_topic_id_starting_value
148-
max_id = Topic.maximum(:id) || 0
149+
def self.reset_pk_sequence_for(model)
150+
table = model.table_name
151+
pk = model.primary_key
152+
seq = "#{table}_#{pk}_seq"
153+
max_id = model.maximum(pk) || 0
149154
new_start_value = max_id + 1
150-
ActiveRecord::Base.connection.execute("SELECT setval('topics_id_seq', #{new_start_value}, false)")
151-
puts "Reset topics ID starting value to #{new_start_value}"
155+
ActiveRecord::Base.connection.execute("SELECT setval('#{seq}', #{new_start_value}, false)")
156+
puts "Reset #{table} ID starting value to #{new_start_value}"
152157
end
153158

154159
def self.import_tags
@@ -165,6 +170,8 @@ def self.import_tags
165170
end
166171
end
167172
puts "Tags import completed"
173+
174+
reset_pk_sequence_for(Tag)
168175
end
169176

170177
def self.import_topic_tags

0 commit comments

Comments
 (0)