Fix arel deprecations

Wraps unsafe SQL passed to `#order` and `#pluck`. Not all instances of the deprecation message are fixed here because the others should be whitelisted by https://github.com/rails/rails/pull/36448 which is included in Rails 6. This also fixes a deprecation related to calling delegating arel methods.

Fix arel deprecations
Wraps unsafe SQL passed to `#order` and `#pluck`. Not all instances of the deprecation message are fixed here because the others should be whitelisted by https://github.com/rails/rails/pull/36448 which is included in Rails 6. This also fixes a deprecation related to calling delegating arel methods.
e9a9526f · Heinrich Lee Yu · c1bcbe19 · e9a9526f · e9a9526f · e9a9526f
Commit e9a9526f authored Nov 11, 2019 by Heinrich Lee Yu
11 changed files
--- a/app/finders/group_descendants_finder.rb
+++ b/app/finders/group_descendants_finder.rb
@@ -80,7 +80,7 @@ class GroupDescendantsFinder
    if current_user
      authorized_groups = GroupsFinder.new(current_user,
                                           all_available: false)
-                            .execute.as('authorized')
+                            .execute.arel.as('authorized')
      authorized_to_user = groups_table.project(1).from(authorized_groups)
                             .where(authorized_groups[:id].eq(groups_table[:id]))
                             .exists

--- a/app/models/ci/pipeline.rb
+++ b/app/models/ci/pipeline.rb
@@ -405,7 +405,7 @@ module Ci
        .where('stage=sg.stage').failed_but_allowed.to_sql

      stages_with_statuses = CommitStatus.from(stages_query, :sg)
-        .pluck('sg.stage', status_sql, "(#{warnings_sql})")
+        .pluck('sg.stage', Arel.sql(status_sql), Arel.sql("(#{warnings_sql})"))

      stages_with_statuses.map do |stage|
        Ci::LegacyStage.new(self, Hash[%i[name status warnings].zip(stage)])

--- a/app/models/concerns/issuable.rb
+++ b/app/models/concerns/issuable.rb
@@ -118,8 +118,8 @@ module Issuable
    # rubocop:enable GitlabSecurity/SqlInjection

    scope :left_joins_milestones,    -> { joins("LEFT OUTER JOIN milestones ON #{table_name}.milestone_id = milestones.id") }
-    scope :order_milestone_due_desc, -> { left_joins_milestones.reorder('milestones.due_date IS NULL, milestones.id IS NULL, milestones.due_date DESC') }
-    scope :order_milestone_due_asc,  -> { left_joins_milestones.reorder('milestones.due_date IS NULL, milestones.id IS NULL, milestones.due_date ASC') }
+    scope :order_milestone_due_desc, -> { left_joins_milestones.reorder(Arel.sql('milestones.due_date IS NULL, milestones.id IS NULL, milestones.due_date DESC')) }
+    scope :order_milestone_due_asc,  -> { left_joins_milestones.reorder(Arel.sql('milestones.due_date IS NULL, milestones.id IS NULL, milestones.due_date ASC')) }

    scope :without_label, -> { joins("LEFT OUTER JOIN label_links ON label_links.target_type = '#{name}' AND label_links.target_id = #{table_name}.id").where(label_links: { id: nil }) }
    scope :any_label, -> { joins(:label_links).group(:id) }

--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -126,7 +126,7 @@ class Group < Namespace

    def visible_to_user_arel(user)
      groups_table = self.arel_table
-      authorized_groups = user.authorized_groups.as('authorized')
+      authorized_groups = user.authorized_groups.arel.as('authorized')

      groups_table.project(1)
        .from(authorized_groups)

--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -1913,7 +1913,7 @@ class Project < ApplicationRecord
  end

  def default_environment
-    production_first = "(CASE WHEN name = 'production' THEN 0 ELSE 1 END), id ASC"
+    production_first = Arel.sql("(CASE WHEN name = 'production' THEN 0 ELSE 1 END), id ASC")

    environments
      .with_state(:available)

--- a/app/services/ci/register_job_service.rb
+++ b/app/services/ci/register_job_service.rb
@@ -149,7 +149,7 @@ module Ci
      # this returns builds that are ordered by number of running builds
      # we prefer projects that don't use shared runners at all
      joins("LEFT JOIN (#{running_builds_for_shared_runners.to_sql}) AS project_builds ON ci_builds.project_id=project_builds.project_id")
-        .order('COALESCE(project_builds.running_builds, 0) ASC', 'ci_builds.id ASC')
+        .order(Arel.sql('COALESCE(project_builds.running_builds, 0) ASC'), 'ci_builds.id ASC')
    end
    # rubocop: enable CodeReuse/ActiveRecord


--- a/app/services/cohorts_service.rb
+++ b/app/services/cohorts_service.rb
@@ -88,7 +88,7 @@ class CohortsService
        User
          .where('created_at > ?', MONTHS_INCLUDED.months.ago.end_of_month)
          .group(created_at_month, last_activity_on_month)
-          .reorder("#{created_at_month} ASC", "#{last_activity_on_month} ASC")
+          .reorder(Arel.sql("#{created_at_month} ASC, #{last_activity_on_month} ASC"))
          .count
      end
  end

--- a/ee/app/models/ee/epic.rb
+++ b/ee/app/models/ee/epic.rb
@@ -66,7 +66,7 @@ module EE
      scope :has_parent, -> { where.not(parent_id: nil) }

      scope :order_start_or_end_date_asc, -> do
-        reorder("COALESCE(start_date, end_date) ASC NULLS FIRST")
+        reorder(Arel.sql("COALESCE(start_date, end_date) ASC NULLS FIRST"))
      end

      scope :order_start_date_asc, -> do

--- a/ee/lib/gitlab/background_migration/migrate_approver_to_approval_rules.rb
+++ b/ee/lib/gitlab/background_migration/migrate_approver_to_approval_rules.rb
@@ -138,11 +138,11 @@ module Gitlab
        has_many :approval_rules, class_name: 'ApprovalProjectRule'

        def approver_ids
-          @approver_ids ||= Approver.where(target_type: 'Project', target_id: id).joins(:user).pluck('distinct user_id')
+          @approver_ids ||= Approver.where(target_type: 'Project', target_id: id).joins(:user).pluck(Arel.sql('DISTINCT user_id'))
        end

        def approver_group_ids
-          @approver_group_ids ||= ApproverGroup.where(target_type: 'Project', target_id: id).joins(:group).pluck('distinct group_id')
+          @approver_group_ids ||= ApproverGroup.where(target_type: 'Project', target_id: id).joins(:group).pluck(Arel.sql('DISTINCT group_id'))
        end

        def approvals_required

--- a/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb
+++ b/lib/gitlab/background_migration/populate_untracked_uploads_dependencies.rb
@@ -176,7 +176,7 @@ module Gitlab
        self.table_name = 'projects'

        def self.find_by_full_path(path)
-          order_sql = "(CASE WHEN routes.path = #{connection.quote(path)} THEN 0 ELSE 1 END)"
+          order_sql = Arel.sql("(CASE WHEN routes.path = #{connection.quote(path)} THEN 0 ELSE 1 END)")
          where_full_path_in(path).reorder(order_sql).take
        end


--- a/lib/gitlab/database/migration_helpers.rb
+++ b/lib/gitlab/database/migration_helpers.rb
@@ -955,7 +955,7 @@ into similar problems in the future (e.g. when new tables are created).
        table_name = model_class.quoted_table_name

        model_class.each_batch(of: batch_size) do |relation|
-          start_id, end_id = relation.pluck("MIN(#{table_name}.id), MAX(#{table_name}.id)").first
+          start_id, end_id = relation.pluck("MIN(#{table_name}.id)", "MAX(#{table_name}.id)").first

          if jobs.length >= BACKGROUND_MIGRATION_JOB_BUFFER_SIZE
            # Note: This code path generally only helps with many millions of rows