ActiveRecord::DangerousAttributeError - changed is defined by ActiveRecord #261
Description
A drupal update broke cas authentication today.
App 25728 stderr: 2021-12-03 12:37:49 - ActiveRecord::DangerousAttributeError - changed is defined by ActiveRecord:
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/attribute_methods.rb:91:in `instance_method_already_implemented?'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activemodel-3.2.8/lib/active_model/attribute_methods.rb:263:in `block in define_attribute_method'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activemodel-3.2.8/lib/active_model/attribute_methods.rb:260:in `each'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activemodel-3.2.8/lib/active_model/attribute_methods.rb:260:in `define_attribute_method'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activemodel-3.2.8/lib/active_model/attribute_methods.rb:256:in `block in define_attribute_methods'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activemodel-3.2.8/lib/active_model/attribute_methods.rb:256:in `each'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activemodel-3.2.8/lib/active_model/attribute_methods.rb:256:in `define_attribute_methods'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/attribute_methods.rb:66:in `block in define_attribute_methods'
App 25728 stderr: <internal:prelude>:10:in `synchronize'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/attribute_methods.rb:63:in `define_attribute_methods'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/attribute_methods.rb:168:in `respond_to?'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activesupport-3.2.8/lib/active_support/callbacks.rb:398:in `__run_callback'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activesupport-3.2.8/lib/active_support/callbacks.rb:385:in `_run_find_callbacks'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activesupport-3.2.8/lib/active_support/callbacks.rb:81:in `run_callbacks'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/base.rb:523:in `init_with'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/inheritance.rb:68:in `instantiate'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/querying.rb:38:in `block (2 levels) in find_by_sql'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/querying.rb:38:in `collect!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/querying.rb:38:in `block in find_by_sql'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/explain.rb:25:in `logging_query_plan'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/querying.rb:37:in `find_by_sql'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/relation.rb:171:in `exec_queries'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/relation.rb:160:in `block in to_a'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/explain.rb:25:in `logging_query_plan'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/relation.rb:159:in `to_a'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/relation/finder_methods.rb:159:in `all'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/relation/finder_methods.rb:105:in `find'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/relation/finder_methods.rb:101:in `find'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/querying.rb:5:in `find'
App 25728 stderr: /srv/rubycas-server/lib/casserver/authenticators/sql_drupal.rb:180:in `matching_users'
App 25728 stderr: /srv/rubycas-server/lib/casserver/authenticators/sql.rb:95:in `validate'
App 25728 stderr: /srv/rubycas-server/lib/casserver/server.rb:438:in `block (2 levels) in <class:Server>'
App 25728 stderr: /srv/rubycas-server/lib/casserver/server.rb:430:in `each'
App 25728 stderr: /srv/rubycas-server/lib/casserver/server.rb:430:in `block in <class:Server>'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1611:in `block in compile!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:975:in `[]'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:975:in `block (3 levels) in route!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:994:in `route_eval'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:975:in `block (2 levels) in route!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1015:in `block in process_route'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-
App 25728 stderr: 1.4.8/lib/sinatra/base.rb:1013:in `catch'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1013:in `process_route'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:973:in `block in route!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:972:in `each'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:972:in `route!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1085:in `block in dispatch!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `block in invoke'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `catch'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `invoke'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1082:in `dispatch!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:907:in `block in call!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `block in invoke'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `catch'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:1067:in `invoke'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:907:in `call!'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:895:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-protection-1.5.5/lib/rack/protection/xss_header.rb:18:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-protection-1.5.5/lib/rack/protection/path_traversal.rb:16:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-protection-1.5.5/lib/rack/protection/json_csrf.rb:18:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-protection-1.5.5/lib/rack/protection/base.rb:49:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-protection-1.5.5/lib/rack/protection/frame_options.rb:31:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-1.6.10/lib/rack/nulllogger.rb:9:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-1.6.10/lib/rack/head.rb:13:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:182:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:2013:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/activerecord-3.2.8/lib/active_record/connection_adapters/abstract/connection_pool.rb:473:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-1.6.10/lib/rack/commonlogger.rb:33:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/sinatra-1.4.8/lib/sinatra/base.rb:219:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-1.6.10/lib/rack/runtime.rb:18:in `call'
App 25728 stderr: /var/lib/gems/1.9.1/gems/rack-1.6.10/lib/rack/showexceptions.rb:24:in `call'
App 25728 stderr: /usr/lib/ruby/vendor_ruby/phusion_passenger/rack/thread_handler_extension.rb:77:in `process_request'
App 25728 stderr: /usr/lib/ruby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:142:in `accept_and_process_next_request'
App 25728 stderr: /usr/lib/ruby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:110:in `main_loop'
App 25728 stderr: /usr/lib/ruby/vendor_ruby/phusion_passenger/request_handler.rb:448:in `block (3 levels) in start_threads'
App 25728 stderr:
Fix based on https://stackoverflow.com/questions/7718651/activerecorddangerousattributeerror/9687683
added to gemfile:
gem 'safe_attributes'
--- lib/casserver/authenticators/sql-orig.rb 2021-12-03 13:42:49.624979000 -0500
+++ lib/casserver/authenticators/sql.rb 2021-12-03 13:31:25.580979000 -0500
@@ -51,6 +51,7 @@
# ignore_type_column: true # indicates if you want to ignore Single Table Inheritance 'type' field
# extra_attributes: full_name, access_level
#
+require 'safe_attributes/base'
class CASServer::Authenticators::SQL < CASServer::Authenticators::Base
def self.setup(options)
raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless options[:database]
@@ -61,6 +62,7 @@
class_eval %{
class #{user_model_name} < ActiveRecord::Base
+ include SafeAttributes::Base
end
}