Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CloudTenant] Fix "Dangerous query method" #578

Merged
merged 1 commit into from
Apr 6, 2020
Merged

[CloudTenant] Fix "Dangerous query method" #578

merged 1 commit into from
Apr 6, 2020

Conversation

NickLaMuro
Copy link
Member

Similar fixes to what was given in ManageIQ/manageiq#20036 and ManageIQ/manageiq#20045

DEPRECATION WARNING: Dangerous query method (method whose arguments are used as
raw SQL) called with non-attribute argument(s): "lower(description) ASC".
Non-attribute arguments will be disallowed in Rails 6.0. This method should not
be called with user-provided values, such as request parameters or model
attributes. Known-safe values can be passed by wrapping them in Arel.sql().

(called from default_security_group at app/models/manageiq/providers/openstack/cloud_manager/cloud_tenant.rb:62)

These deprecation warnings display in rails 5.2
These fixes work in 5.1

Links

@NickLaMuro
[CloudTenant] Fix "Dangerous query method"
beb3815 
Fix for Rails 5.2, works in 5.1
@miq-bot
Copy link
Member

miq-bot commented Apr 3, 2020

Checked commit NickLaMuro@beb3815 with ruby 2.5.7, rubocop 0.69.0, haml-lint 0.28.0, and yamllint
1 file checked, 0 offenses detected
Everything looks fine. 🏆

@jrafanie
Copy link
Member

jrafanie commented Apr 6, 2020

@miq-bot add_label jansa/yes?

@chessbyte chessbyte mentioned this pull request Apr 6, 2020
Closed
38 tasks
@agrare agrare merged commit b70eabd into ManageIQ:master Apr 6, 2020
@NickLaMuro NickLaMuro mentioned this pull request Apr 8, 2020
Merged
simaishi pushed a commit that referenced this pull request Apr 16, 2020
@agrare @simaishi
Merge pull request #578 from NickLaMuro/fix_dangerous_query_method_fo…
0d17ad1 
…r_rails_5_2

[CloudTenant] Fix "Dangerous query method"

(cherry picked from commit b70eabd)
@simaishi
Copy link
Contributor

Jansa backport details:

$ git log -1
commit 0d17ad1c469c881401867b6589a28e94a2599028
Author: Adam Grare <[email protected]>
Date:   Mon Apr 6 13:40:26 2020 -0400

    Merge pull request #578 from NickLaMuro/fix_dangerous_query_method_for_rails_5_2

    [CloudTenant] Fix "Dangerous query method"

    (cherry picked from commit b70eabd4542a4ad34820b56b1f0959ad73a1a3b9)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@agrare agrare agrare approved these changes

@jrafanie jrafanie jrafanie approved these changes

@aufi aufi Awaiting requested review from aufi

@Fryguy Fryguy Awaiting requested review from Fryguy Fryguy is a code owner

@mansam mansam Awaiting requested review from mansam

Assignees

@agrare agrare

Labels
jansa/backported technical debt
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@NickLaMuro @miq-bot @jrafanie @simaishi @agrare @chessbyte