From 33f65c5a48451f481d592239e6fe1b6c89596b03 Mon Sep 17 00:00:00 2001
From: Etienne Massip <etienne.massip@gmail.com>
Date: Tue, 18 Oct 2011 17:51:21 +0000
Subject: [PATCH] Filter out illegal values to prevent raise of PostgreSQL
 exceptions, restored last test part removed with r7625 (#8371).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@7628 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/models/query.rb                       | 6 ++++++
 test/functional/issues_controller_test.rb | 4 +++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/models/query.rb b/app/models/query.rb
index 9eac4b81c..411bef19f 100644
--- a/app/models/query.rb
+++ b/app/models/query.rb
@@ -333,6 +333,10 @@ class Query < ActiveRecord::Base
     available_filters[field][:type] if available_filters.has_key?(field)
   end
 
+  def allowed_values_for(field)
+    available_filters[field][:values] if available_filters.has_key?(field)
+  end
+
   def operator_for(field)
     has_filter?(field) ? filters[field][:operator] : nil
   end
@@ -649,6 +653,7 @@ class Query < ActiveRecord::Base
     sql = ''
     case operator
     when "="
+      value &= allowed_values_for(field).collect {|val| val[1]} if value.present? && allowed_values_for(field).present?
       if value.any?
         case type_for(field)
         when :date, :date_past
@@ -665,6 +670,7 @@ class Query < ActiveRecord::Base
         sql = "1=0"
       end
     when "!"
+      value &= allowed_values_for(field).collect {|val| val[1]} if value.present? && allowed_values_for(field).present?
       if value.any?
         sql = "(#{db_table}.#{db_field} IS NULL OR #{db_table}.#{db_field} NOT IN (" + value.collect{|val| "'#{connection.quote_string(val)}'"}.join(",") + "))"
       else
diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb
index a0ce7914c..692212134 100644
--- a/test/functional/issues_controller_test.rb
+++ b/test/functional/issues_controller_test.rb
@@ -162,7 +162,9 @@ class IssuesControllerTest < ActionController::TestCase
         '!~This is part of a subject' => { :op => '!~', :values => ['This is part of a subject'] }},
       'tracker_id' => {
         '3' => { :op => '=', :values => ['3'] },
-        '=3' => { :op => '=', :values => ['3'] }},
+        '=3' => { :op => '=', :values => ['3'] },
+        '*' => { :op => '=', :values => ['*'] },
+        '!*' => { :op => '!', :values => ['*'] }},
       'start_date' => {
         '2011-10-12' => { :op => '=', :values => ['2011-10-12'] },
         '=2011-10-12' => { :op => '=', :values => ['2011-10-12'] },