Skip to content

Commit 32612c6

Browse files
Merge branch 'main' into 43114-add-ssl-support-for-postgresql-dbconsole
2 parents 9f57deb + b71a9cc commit 32612c6

File tree

28 files changed

+244
-100
lines changed

28 files changed

+244
-100
lines changed

actionpack/CHANGELOG.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,11 @@
1+
* Use a static error message when raising `ActionDispatch::Http::Parameters::ParseError`
2+
to avoid inadvertently logging the HTTP request body at the `fatal` level when it contains
3+
malformed JSON.
4+
5+
Fixes #41145
6+
7+
*Aaron Lahey*
8+
19
* Add `Middleware#delete!` to delete middleware or raise if not found.
210

311
`Middleware#delete!` works just like `Middleware#delete` but will

actionpack/lib/action_dispatch/http/parameters.rb

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,8 @@ module Parameters
1717
# Raised when raw data from the request cannot be parsed by the parser
1818
# defined for request's content MIME type.
1919
class ParseError < StandardError
20-
def initialize
21-
super($!.message)
20+
def initialize(message = $!.message)
21+
super(message)
2222
end
2323
end
2424

@@ -93,7 +93,7 @@ def parse_formatted_parameters(parsers)
9393
strategy.call(raw_post)
9494
rescue # JSON or Ruby code block errors.
9595
log_parse_error_once
96-
raise ParseError
96+
raise ParseError, "Error occurred while parsing request parameters"
9797
end
9898
end
9999

actionpack/test/dispatch/request/json_params_parsing_test.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ def teardown
8080
post "/parse", params: json, headers: { "CONTENT_TYPE" => "application/json", "action_dispatch.show_exceptions" => false }
8181
end
8282
assert_equal JSON::ParserError, exception.cause.class
83-
assert_equal exception.cause.message, exception.message
83+
assert_equal "Error occurred while parsing request parameters", exception.message
8484
ensure
8585
$stderr = STDERR
8686
end

activemodel/lib/active_model/serialization.rb

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -123,7 +123,7 @@ module Serialization
123123
# user.serializable_hash(include: { notes: { only: 'title' }})
124124
# # => {"name" => "Napoleon", "notes" => [{"title"=>"Battle of Austerlitz"}]}
125125
def serializable_hash(options = nil)
126-
attribute_names = attributes.keys
126+
attribute_names = self.attribute_names
127127

128128
return serializable_attributes(attribute_names) if options.blank?
129129

@@ -148,6 +148,11 @@ def serializable_hash(options = nil)
148148
hash
149149
end
150150

151+
# Returns an array of attribute names as strings
152+
def attribute_names # :nodoc:
153+
attributes.keys
154+
end
155+
151156
private
152157
# Hook method defining how an attribute value should be retrieved for
153158
# serialization. By default this is assumed to be an instance named after

activerecord/CHANGELOG.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818

1919
* Make schema cache methods return consistent results.
2020

21-
Previously the schema cache methods `primary_keys`, `columns, `columns_hash`, and `indexes`
21+
Previously the schema cache methods `primary_keys`, `columns`, `columns_hash`, and `indexes`
2222
would behave differently than one another when a table didn't exist and differently across
2323
database adapters. This change unifies the behavior so each method behaves the same regardless
2424
of adapter.

activerecord/lib/active_record/connection_adapters/abstract_mysql_adapter.rb

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -196,14 +196,7 @@ def disable_referential_integrity # :nodoc:
196196

197197
# Executes the SQL statement in the context of this connection.
198198
def execute(sql, name = nil, async: false)
199-
materialize_transactions
200-
mark_transaction_written_if_write(sql)
201-
202-
log(sql, name, async: async) do
203-
ActiveSupport::Dependencies.interlock.permit_concurrent_loads do
204-
@connection.query(sql)
205-
end
206-
end
199+
raw_execute(sql, name, async)
207200
end
208201

209202
# Mysql2Adapter doesn't have to free a result after using it, but we use this method
@@ -629,6 +622,17 @@ def type_map
629622
emulate_booleans ? TYPE_MAP_WITH_BOOLEAN : TYPE_MAP
630623
end
631624

625+
def raw_execute(sql, name, async: false)
626+
materialize_transactions
627+
mark_transaction_written_if_write(sql)
628+
629+
log(sql, name, async: async) do
630+
ActiveSupport::Dependencies.interlock.permit_concurrent_loads do
631+
@connection.query(sql)
632+
end
633+
end
634+
end
635+
632636
# See https://dev.mysql.com/doc/mysql-errors/en/server-error-reference.html
633637
ER_DB_CREATE_EXISTS = 1007
634638
ER_FILSORT_ABORT = 1028

activerecord/lib/active_record/connection_adapters/mysql/database_statements.rb

Lines changed: 8 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -37,25 +37,11 @@ def explain(arel, binds = [])
3737
MySQL::ExplainPrettyPrinter.new.pp(result, elapsed)
3838
end
3939

40-
def execute(sql, name = nil, async: false)
41-
# make sure we carry over any changes to ActiveRecord.default_timezone that have been
42-
# made since we established the connection
43-
@connection.query_options[:database_timezone] = ActiveRecord.default_timezone
44-
45-
super
46-
end
47-
alias_method :raw_execute, :execute
48-
private :raw_execute
49-
5040
# Executes the SQL statement in the context of this connection.
5141
def execute(sql, name = nil, async: false)
5242
sql = transform_query(sql)
5343
check_if_write_query(sql)
5444

55-
# make sure we carry over any changes to ActiveRecord.default_timezone that have been
56-
# made since we established the connection
57-
@connection.query_options[:database_timezone] = ActiveRecord.default_timezone
58-
5945
raw_execute(sql, name, async: async)
6046
end
6147

@@ -91,6 +77,14 @@ def exec_delete(sql, name = nil, binds = []) # :nodoc:
9177
alias :exec_update :exec_delete
9278

9379
private
80+
def raw_execute(sql, name, async: false)
81+
# make sure we carry over any changes to ActiveRecord.default_timezone that have been
82+
# made since we established the connection
83+
@connection.query_options[:database_timezone] = ActiveRecord.default_timezone
84+
85+
super
86+
end
87+
9488
def execute_batch(statements, name = nil)
9589
statements = statements.map { |sql| transform_query(sql) }
9690
combine_multi_statements(statements).each do |statement|

activerecord/test/cases/associations/has_many_through_disable_joins_associations_test.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
require "models/department"
1818

1919
class HasManyThroughDisableJoinsAssociationsTest < ActiveRecord::TestCase
20-
fixtures :posts, :authors, :comments, :pirates
20+
fixtures :posts, :authors, :comments, :pirates, :author_addresses
2121

2222
def setup
2323
@author = authors(:mary)

activerecord/test/cases/relation/and_test.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55

66
module ActiveRecord
77
class AndTest < ActiveRecord::TestCase
8-
fixtures :authors
8+
fixtures :authors, :author_addresses
99

1010
def test_and
1111
david, mary, bob = authors(:david, :mary, :bob)

activerecord/test/cases/relation/where_chain_test.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010

1111
module ActiveRecord
1212
class WhereChainTest < ActiveRecord::TestCase
13-
fixtures :posts, :comments, :authors, :humans, :essays
13+
fixtures :posts, :comments, :authors, :humans, :essays, :author_addresses
1414

1515
def test_associated_with_association
1616
Post.where.associated(:author).tap do |relation|

0 commit comments

Comments
 (0)