Skip to content

Fix integer out of range #289

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
May 10, 2018
Merged

Fix integer out of range #289

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 25 additions & 1 deletion lib/ajax-datatables-rails/datatable/column/search.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,9 @@ module Datatable
class Column
module Search

SMALLEST_PQ_INTEGER = -2147483648
LARGEST_PQ_INTEGER = 2147483647

def searchable?
@view_column.fetch(:searchable, true)
end
Expand Down Expand Up @@ -54,7 +57,7 @@ def non_regex_search
when Proc
filter
when :eq, :not_eq, :lt, :gt, :lteq, :gteq, :in
numeric_search
is_searchable_integer? ? numeric_search : empty_search
when :null_value
null_value_search
when :start_with
Expand Down Expand Up @@ -82,6 +85,27 @@ def numeric_search
end
end

def empty_search
casted_column.matches('')
end

def is_searchable_integer?
if search.value.is_a?(Array)
valids = search.value.map { |v| is_integer?(v) && !is_out_of_range?(v) }
!valids.include?(false)
else
is_integer?(search.value) && !is_out_of_range?(search.value)
end
end

def is_out_of_range?(search_value)
Integer(search_value) > LARGEST_PQ_INTEGER || Integer(search_value) < SMALLEST_PQ_INTEGER
end

def is_integer?(string)
true if Integer(string) rescue false
end

end
end
end
Expand Down
27 changes: 27 additions & 0 deletions spec/ajax-datatables-rails/orm/active_record_filter_records_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -492,5 +492,32 @@
expect(item[:first_name]).to eq 'john'
end
end

describe 'Integer overflows' do
let(:datatable) { DatatableCondEq.new(view) }
let(:largest_postgresql_integer_value) { 2147483647 }
let(:smallest_postgresql_integer_value) { -2147483648 }

before(:each) do
create(:user, first_name: 'john', post_id: 1)
create(:user, first_name: 'mary', post_id: 2)
create(:user, first_name: 'phil', post_id: largest_postgresql_integer_value)
end

it 'Returns an empty result if input value is too large' do
datatable.params[:columns]['4'][:search][:value] = largest_postgresql_integer_value + 1
expect(datatable.data.size).to eq 0
end

it 'Returns an empty result if input value is too small' do
datatable.params[:columns]['4'][:search][:value] = smallest_postgresql_integer_value - 1
expect(datatable.data.size).to eq 0
end

it 'returns the matching user' do
datatable.params[:columns]['4'][:search][:value] = largest_postgresql_integer_value
expect(datatable.data.size).to eq 1
end
end
end
end