ez_whereのrails 2.3.5対応

rails

railsセキュリティホールが2.3.4で塞がれたというので、とりあえずrailsを最新の2.3.5アップグレードしてみた。

しかし、ActiveRecord::Associations::AssociationProxy#sanitize_sqlの仕様が2.3.3で変更された為、それをサポートしていないez_whereが問題を起こしエラーになる。

ArgumentError: wrong number of arguments (2 for 1)
        from /root/rails-dev/xx/vendor/rails/activerecord/lib/active_record/associations/association_proxy.rb:173:in `sanitize_sql'
        from /root/rails-dev/xx/vendor/rails/activerecord/lib/active_record/associations/association_proxy.rb:173:in `send'
        from /root/rails-dev/xx/vendor/rails/activerecord/lib/active_record/associations/association_proxy.rb:173:in `sanitize_sql'
        from /root/rails-dev/xx/vendor/rails/activerecord/lib/active_record/associations/association_collection.rb:41:in `find'
        from /root/rails-dev/xx/vendor/rails/activerecord/lib/active_record/associations/association_collection.rb:400:in `find_target'
        from /root/rails-dev/xx/vendor/rails/activerecord/lib/active_record/associations/association_collection.rb:354:in `load_target'
        from /root/rails-dev/xx/vendor/rails/activerecord/lib/active_record/associations/association_proxy.rb:139:in `inspect'
        from /usr/local/ruby-1.8.7-p72/lib/ruby/gems/1.8/gems/wirble-0.1.3/lib/wirble.rb:432:in `output_value'
        from /usr/local/ruby-1.8.7-p72/lib/ruby/1.8/irb.rb:151:in `eval_input'
        from /usr/local/ruby-1.8.7-p72/lib/ruby/1.8/irb.rb:263:in `signal_status'
        from /usr/local/ruby-1.8.7-p72/lib/ruby/1.8/irb.rb:147:in `eval_input'
        from /usr/local/ruby-1.8.7-p72/lib/ruby/1.8/irb.rb:146:in `eval_input'
        from /usr/local/ruby-1.8.7-p72/lib/ruby/1.8/irb.rb:70:in `start'
        from /usr/local/ruby-1.8.7-p72/lib/ruby/1.8/irb.rb:69:in `catch'
        from /usr/local/ruby-1.8.7-p72/lib/ruby/1.8/irb.rb:69:in `start'
        from /usr/local/ruby/bin/irb:13


そこで同じ問題を抱えていたar-extentionsの対処法をそのままマネしてez_whereを2.3.5対応にしてみた。

--- lib/ez/where.rb.back
+++ lib/ez/where.rb
@@ -1,9 +1,9 @@
 class ActiveRecord::Base
   class << self
     alias :original_sanitize_sql :sanitize_sql
-    def sanitize_sql(condition)
+    def sanitize_sql(condition, table_name = quoted_table_name)
       condition = condition.to_sql if EZ::Where::Condition === condition
-      original_sanitize_sql condition
+      original_sanitize_sql condition, table_name
     end
   end
 end


とりあえず動いた!!

  • 参考URL

http://github.com/zdennis/ar-extensions/commit/870bd3588a86e1f8ae36ab0e497f407ac2afa4c5

てかパッチってどこに送れば良いんだろ??