Last active
November 14, 2017 22:29
-
-
Save teddywing/586a3b844456aa8259676bdc29d24188 to your computer and use it in GitHub Desktop.
Research into a bug with the `hstore_accessor` Ruby gem, where it typecasts before performing validations
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Enquête hstore_accessor | |
La gem s'intègre avec `ActiveRecord` dans : | |
https://github.com/devmynd/hstore_accessor/blob/v1.1.0/lib/hstore_accessor.rb | |
Quand on appele `hstore_accessor` dans un modèle, la méthode dans | |
https://github.com/devmynd/hstore_accessor/blob/v1.1.0/lib/hstore_accessor/macro.rb | |
est executé. | |
Une module est créée qui définit des méthodes inclus dans le modèle : | |
* https://github.com/devmynd/hstore_accessor/blob/v1.1.0/lib/hstore_accessor/macro.rb#L15 | |
* https://github.com/devmynd/hstore_accessor/blob/v1.1.0/lib/hstore_accessor/macro.rb#L62 | |
Le cast est effectué dans la méthode `#{key}=` : | |
https://github.com/devmynd/hstore_accessor/blob/v1.1.0/lib/hstore_accessor/macro.rb#L63-L69 | |
en utilisant `TypeHelpers.cast` : | |
https://github.com/devmynd/hstore_accessor/blob/v1.1.0/lib/hstore_accessor/active_record_4.2/type_helpers.rb#L20-L31 | |
qui délègue à Rails : | |
* https://github.com/rails/rails/blob/v4.2.8/activerecord/lib/active_record/type/value.rb#L33-L35 | |
* https://github.com/rails/rails/blob/v4.2.8/activerecord/lib/active_record/type/value.rb#L97-L99 | |
* https://github.com/rails/rails/blob/v4.2.8/activerecord/lib/active_record/type/value.rb#L97-L99 | |
qui fait le cast. Tout ça s'effectue avant la validation. Un des problèmes est | |
que le cast est fait avant que la valeur soit stocké dans le hash en mémoire : | |
https://github.com/devmynd/hstore_accessor/blob/v1.1.0/lib/hstore_accessor/macro.rb#L71 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment