DEPRECATION WARNING: Dangerous query method
Created by: sejinkim1904
-
What were you trying to do?
- Set a
HasManyfield as default sorting attribute
- Set a
-
What did you end up with (logs, or, even better, example apps are great!)?
- While running specs:
DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL)
called with non-attribute argument(s): "COUNT(jobs.id) desc". Non-attribute arguments will be disallowed
in Rails 6.0. This method should not be called with user-provided values, such as request parameters or
model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). # Administrate::Order
def apply(relation)
return order_by_association(relation) unless
reflect_association(relation).nil?
order = "#{relation.table_name}.#{attribute} #{direction}"
return relation.reorder(Arel.sql(order)) if
# Arel.sq() used here to prevent the deprecation message
# but not for #order_by_association
relation.columns_hash.keys.include?(attribute.to_s)
relation
end
def order_by_association(relation)
return order_by_count(relation) if has_many_attribute?(relation)
# order_by_count triggered since sorting by HasMany field
return order_by_id(relation) if belongs_to_attribute?(relation)
relation
end
def order_by_count(relation)
relation.
left_joins(attribute.to_sym).
group(:id).
reorder("COUNT(#{attribute}.id) #{direction}")
# Root of the deprecation warning. This raw SQL needs to be wrapped in Arel.sql()
end- What versions are you running?
- Rails 5.2.4.3
- administrate 0.14.0