Merge pull request #33744 from bogdanvlviv/fixes-27852

Prevent leaking of user's DB credentials on `rails db:create` failure
2018-08-30 02:44:58 +09:00 · 2018-08-30 02:44:58 +09:00 · cc81cd359c
commit cc81cd359c
parent 0d63712fdf 9b455fe6f0
4 changed files with 4 additions and 4 deletions
--- a/activerecord/lib/active_record/tasks/database_tasks.rb
+++ b/activerecord/lib/active_record/tasks/database_tasks.rb
@ -122,7 +122,7 @@ def create(*arguments)
        $stderr.puts "Database '#{configuration['database']}' already exists" if verbose?
      rescue Exception => error
        $stderr.puts error
-        $stderr.puts "Couldn't create database for #{configuration.inspect}"
+        $stderr.puts "Couldn't create '#{configuration['database']}' database. Please check your configuration."
        raise
      end

--- a/activerecord/test/cases/tasks/postgresql_rake_test.rb
+++ b/activerecord/test/cases/tasks/postgresql_rake_test.rb
@ -112,7 +112,7 @@ def test_db_create_with_error_prints_message
        ActiveRecord::Base.stub(:connection, @connection) do
          ActiveRecord::Base.stub(:establish_connection, -> * { raise Exception }) do
            assert_raises(Exception) { ActiveRecord::Tasks::DatabaseTasks.create @configuration }
-            assert_match "Couldn't create database for #{@configuration.inspect}", $stderr.string
+            assert_match "Couldn't create '#{@configuration['database']}' database. Please check your configuration.", $stderr.string
          end
        end
      end
--- a/activerecord/test/cases/tasks/sqlite_rake_test.rb
+++ b/activerecord/test/cases/tasks/sqlite_rake_test.rb
@ -62,7 +62,7 @@ def test_db_create_establishes_a_connection
      def test_db_create_with_error_prints_message
        ActiveRecord::Base.stub(:establish_connection, proc { raise Exception }) do
          assert_raises(Exception) { ActiveRecord::Tasks::DatabaseTasks.create @configuration, "/rails/root" }
-          assert_match "Couldn't create database for #{@configuration.inspect}", $stderr.string
+          assert_match "Couldn't create '#{@configuration['database']}' database. Please check your configuration.", $stderr.string
        end
      end
    end
--- a/railties/test/application/rake/dbs_test.rb
+++ b/railties/test/application/rake/dbs_test.rb
@ -97,7 +97,7 @@ def with_bad_permissions
      test "db:create failure because bad permissions" do
        with_bad_permissions do
          output = rails("db:create", allow_failure: true)
-          assert_match(/Couldn't create database/, output)
+          assert_match("Couldn't create '#{database_url_db_name}' database. Please check your configuration.", output)
          assert_equal 1, $?.exitstatus
        end
      end