module ActiveRecord::Sanitization::ClassMethods

def disallow_raw_sql!(args, permit: connection.column_name_matcher) # :nodoc:
  unexpected = nil
  args.each do |arg|
    next if arg.is_a?(Symbol) || Arel.arel_node?(arg) || permit.match?(arg.to_s.strip)
    (unexpected ||= []) << arg
  end
  if unexpected
    raise(ActiveRecord::UnknownAttributeReference,
      "Dangerous query method (method whose arguments are used as raw " \
      "SQL) called with non-attribute argument(s): " \
      "#{unexpected.map(&:inspect).join(", ")}." \
      "This method should not be called with user-provided values, such as request " \
      "parameters or model attributes. Known-safe values can be passed " \
      "by wrapping them in Arel.sql()."
    )
  end
end