Fix `Rails/WhereRange` cop (#30343)

main-rebase-security-fix
Matt Jankowski 2024-05-20 05:37:36 -04:00 committed by GitHub
parent 70608f824e
commit def6b686ff
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 15 additions and 15 deletions

View File

@ -9,10 +9,10 @@ class Vacuum::ImportsVacuum
private
def clean_unconfirmed_imports!
BulkImport.state_unconfirmed.where('created_at <= ?', 10.minutes.ago).reorder(nil).in_batches.delete_all
BulkImport.state_unconfirmed.where(created_at: ..10.minutes.ago).reorder(nil).in_batches.delete_all
end
def clean_old_imports!
BulkImport.where('created_at <= ?', 1.week.ago).reorder(nil).in_batches.delete_all
BulkImport.where(created_at: ..1.week.ago).reorder(nil).in_batches.delete_all
end
end

View File

@ -34,7 +34,7 @@ class Vacuum::StatusesVacuum
def statuses_scope
Status.unscoped.kept
.joins(:account).merge(Account.remote)
.where('statuses.id < ?', retention_period_as_id)
.where(statuses: { id: ...retention_period_as_id })
end
def retention_period_as_id

View File

@ -4,7 +4,7 @@ module Expireable
extend ActiveSupport::Concern
included do
scope :expired, -> { where.not(expires_at: nil).where('expires_at < ?', Time.now.utc) }
scope :expired, -> { where.not(expires_at: nil).where(expires_at: ...Time.now.utc) }
def expires_in
return @expires_in if defined?(@expires_in)

View File

@ -24,7 +24,7 @@ class Invite < ApplicationRecord
belongs_to :user, inverse_of: :invites
has_many :users, inverse_of: :invite, dependent: nil
scope :available, -> { where(expires_at: nil).or(where('expires_at >= ?', Time.now.utc)) }
scope :available, -> { where(expires_at: nil).or(where(expires_at: Time.now.utc..)) }
validates :comment, length: { maximum: COMMENT_SIZE_LIMIT }

View File

@ -4,6 +4,6 @@ class BackupPolicy < ApplicationPolicy
MIN_AGE = 6.days
def create?
user_signed_in? && current_user.backups.where('created_at >= ?', MIN_AGE.ago).count.zero?
user_signed_in? && current_user.backups.where(created_at: MIN_AGE.ago..).count.zero?
end
end

View File

@ -16,11 +16,11 @@ class Scheduler::IpCleanupScheduler
private
def clean_ip_columns!
SessionActivation.where('updated_at < ?', SESSION_RETENTION_PERIOD.ago).in_batches.destroy_all
SessionActivation.where('updated_at < ?', IP_RETENTION_PERIOD.ago).in_batches.update_all(ip: nil)
User.where('current_sign_in_at < ?', IP_RETENTION_PERIOD.ago).in_batches.update_all(sign_up_ip: nil)
LoginActivity.where('created_at < ?', IP_RETENTION_PERIOD.ago).in_batches.destroy_all
Doorkeeper::AccessToken.where('last_used_at < ?', IP_RETENTION_PERIOD.ago).in_batches.update_all(last_used_ip: nil)
SessionActivation.where(updated_at: ...SESSION_RETENTION_PERIOD.ago).in_batches.destroy_all
SessionActivation.where(updated_at: ...IP_RETENTION_PERIOD.ago).in_batches.update_all(ip: nil)
User.where(current_sign_in_at: ...IP_RETENTION_PERIOD.ago).in_batches.update_all(sign_up_ip: nil)
LoginActivity.where(created_at: ...IP_RETENTION_PERIOD.ago).in_batches.destroy_all
Doorkeeper::AccessToken.where(last_used_at: ...IP_RETENTION_PERIOD.ago).in_batches.update_all(last_used_ip: nil)
end
def clean_expired_ip_blocks!

View File

@ -20,7 +20,7 @@ class Scheduler::ScheduledStatusesScheduler
end
def due_statuses
ScheduledStatus.where('scheduled_at <= ?', Time.now.utc + PostStatusService::MIN_SCHEDULE_OFFSET)
ScheduledStatus.where(scheduled_at: ..Time.now.utc + PostStatusService::MIN_SCHEDULE_OFFSET)
end
def publish_scheduled_announcements!

View File

@ -25,7 +25,7 @@ class Scheduler::UserCleanupScheduler
end
def clean_discarded_statuses!
Status.unscoped.discarded.where('deleted_at <= ?', DISCARDED_STATUSES_MAX_AGE_DAYS.days.ago).find_in_batches do |statuses|
Status.unscoped.discarded.where(deleted_at: ..DISCARDED_STATUSES_MAX_AGE_DAYS.days.ago).find_in_batches do |statuses|
RemovalWorker.push_bulk(statuses) do |status|
[status.id, { 'immediate' => true, 'skip_streaming' => true }]
end

View File

@ -29,7 +29,7 @@ module Mastodon::CLI
link = options[:link] ? 'link-type ' : ''
scope = PreviewCard.cached
scope = scope.where(type: :link) if options[:link]
scope = scope.where('updated_at < ?', time_ago)
scope = scope.where(updated_at: ...time_ago)
processed, aggregate = parallelize_with_progress(scope) do |preview_card|
next if preview_card.image.blank?

View File

@ -163,7 +163,7 @@ describe Scheduler::AccountsStatusesCleanupScheduler do
def cleanable_statuses_count
Status
.where(account_id: [account_alice, account_chris, account_erin]) # Accounts with enabled policies
.where('created_at < ?', 2.weeks.ago) # Policy defaults is 2.weeks
.where(created_at: ...2.weeks.ago) # Policy defaults is 2.weeks
.count
end
end