[BUG][RoR 7.1] ActiveRecord::normalizes can break `cont` predicate

When normalizing attributes using the new [`ActiveRecord::normalizes`](https://edgeapi.rubyonrails.org/classes/ActiveRecord/Normalization/ClassMethods.html#method-i-normalizes) method, `%` could be tampered with.

```ruby
class User < ActiveRecord::Base
  normalizes :name, with: ->(name) { name.gsub(/[^a-z0-9]/, '_') }
end

User.ransack({ name_cont: 'foo' }).result.to_sql
# => "SELECT \"users\".* FROM \"users\" WHERE \"users\".\"name\" LIKE '_foo_'"
#                                                                      ^   ^
#                                                                      %foo%
```
[Failing test](https://gist.github.com/AmShaegar13/efd2eb4a0be3bf3e3d9ec44817c5198b)

In my opinion, this should not be possible as `normalizes` should only apply to the attribute itself and the search term but not the wildcards.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[BUG][RoR 7.1] ActiveRecord::normalizes can break `cont` predicate #1488

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

[BUG][RoR 7.1] ActiveRecord::normalizes can break cont predicate #1488

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

[BUG][RoR 7.1] ActiveRecord::normalizes can break `cont` predicate #1488