restrict search filters to description, species
This commit is contained in:
parent
80b1bf7c61
commit
1de7df3c4a
2 changed files with 8 additions and 2 deletions
|
@ -66,9 +66,11 @@ class Item < ActiveRecord::Base
|
||||||
"%,#{species.id},%",
|
"%,#{species.id},%",
|
||||||
"%,#{species.id}"
|
"%,#{species.id}"
|
||||||
))
|
))
|
||||||
else
|
elsif @property == 'description' || @property.blank?
|
||||||
column = @property ? @property : :name
|
column = @property == 'description' ? :description : :name
|
||||||
condition = items[column].matches("%#{self}%")
|
condition = items[column].matches("%#{self}%")
|
||||||
|
else
|
||||||
|
raise ArgumentError, "Unknown search filter \"#{@property}\""
|
||||||
end
|
end
|
||||||
condition = condition.not if @negative
|
condition = condition.not if @negative
|
||||||
scope.where(condition)
|
scope.where(condition)
|
||||||
|
|
|
@ -164,5 +164,9 @@ describe Item do
|
||||||
specify "should raise exception for a query that's too short" do
|
specify "should raise exception for a query that's too short" do
|
||||||
lambda { Item.search('e').all }.should raise_error(ArgumentError)
|
lambda { Item.search('e').all }.should raise_error(ArgumentError)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
specify "should not be able to search other attributes thru filters" do
|
||||||
|
lambda { Item.search('id:1').all }.should raise_error(ArgumentError)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue