2

I inherited a Rails 2.2.2 application and was asked to upgrade it to Rails 3.2 so I went out and ran the script git://github.com/rails/rails_upgrade.git in a copied version of the old Rails 2.2.2 project directory so I can make changes as I go.

I am going through the ActiveRecord queries, changing over all of the Soon-to-be-deprecated ActiveRecord calls like find(:all), find(:first), finds with conditions, and the :joins option, with the new Rails 3 ActiveRecord API syntax.

I've been looking here but some of the queries that I am needing to change over to the new syntax, don't have examples so I did my best to figure out what they might be.

Can someone tell me if I am on the right track with the changes below?

Thanks

Example 1

 #### Rails 2.x.x version
 @users = B2bUser.find(:all, :order => "name", :order => "#{params[:sort]} #{params[:direction]}")

 #### Rails 3.x.x version
 @users = B2bUser.order("name","#{params[:sort]} #{params[:direction]}")

Example 2

 ### should work for both Rails 2.x and Rails 3.x
 @user = B2bUser.find(params[:id])

 #### Or is this better?
 @user = B2bUser.where("id = ?",params[:id])


 #### Rails 2.x.x version
 @privileges = B2bPrivilege.find(:all, :conditions => "b2b_user_id = #{@user.id}")

 ### Rails 3.x.x version
 @privileges = B2bPrivilege.where("b2b_user_id =  ?",@user.id)

Example 3

 #### Rails 2.x.x version
@privileges = B2bPrivilege.find(:all, :conditions => "b2b_user_id = #{@user.id}", :joins => "LEFT JOIN vendors ON vendors.id = b2b_privileges.vendor_id", :select => "b2b_privileges.*, vendors.name AS vendor_name", :order => "vendors.name")

#### Rails 3.x.x version 
@privileges = B2bPrivilege.find_by_sql( "SELECT b2b_privileges.*, vendors.name AS vendor_name FROM b2b_privileges LEFT JOIN vendors ON vendors.id = b2b_privileges.vendor_id WHERE b2b_user_id = ?  ORDER BY vendors.name", @user.id)

Example 4

    #### Rails 2.x.x version
    @vendor_list = Vendor.find(:all, :conditions => "is_active = 'YES'", :order => "name", :select => "id, name")

    #### Rails 3.x.x version
    @vendor_list = Vendor.find_by_sql("SELECT id, name FROM vendors WHERE is_active = 'YES' ORDER BY name")

Example 5

 #### Rails 2.x.x version
 @existing = B2bPrivilege.find(:first, :conditions => "b2b_user_id = #{@user.id} AND vendor_id = #{params[:add_vendor][:id]}", :select => "id")

 #### Rails 3.x.x version   
 @existing = B2bPrivilege.find_by_sql("SELECT id FROM b2b_privileges WHERE b2b_user_id = ? AND vendor_id = ? LIMIT 1",@user.id,params[:add_vendor][:id])
Slinky
  • 5,662
  • 14
  • 76
  • 130
  • 1
    I don't think 3,4,5 are correct. I think you can specify multiple where conditions like this http://stackoverflow.com/questions/5035365/how-to-specify-multiple-values-in-where-with-ar-query-interface-in-rails3 – Catfish Feb 18 '13 at 16:40
  • 1
    in example 1 - both versions of rails - the `order` does not sanitize the sql like `where` and `conditions` do - you are open to sql injection attacks - see http://stackoverflow.com/questions/7771103/rails-3-activerecord-order-what-is-the-proper-sql-injection-work-around – house9 Feb 18 '13 at 18:26

1 Answers1

2

Examples 3, 4 and 5 should be contructed with the where, limit and select methods.

@vendor_list = Vendor.where(:is_active => 'YES')
                     .select(:id, :name)
                     .order(:name)
@existing = B2bPrivilege.where(b2b_user_id => params[:add_vendor], vendor_id => params[:id])
                        .select(:id)
                        .limit(1)

Other than that, i think you are doing a nice and clean implementation.

MurifoX
  • 14,991
  • 3
  • 36
  • 60