class Brakeman::ModelProcessor
Processes models. Puts results in tracker.models
Public Class Methods
new(tracker)
click to toggle source
Calls superclass method
Brakeman::BaseProcessor::new
# File lib/brakeman/processors/model_processor.rb, line 9 def initialize tracker super @current_class = nil @current_method = nil @current_module = nil @visibility = :public @current_file = nil end
Public Instance Methods
add_enum_method(call)
click to toggle source
# File lib/brakeman/processors/model_processor.rb, line 93 def add_enum_method call arg = call.first_arg return unless hash? arg return unless symbol? arg[1] enum_name = arg[1].value # first key enums = arg[2] # first value enums_name = pluralize(enum_name.to_s).to_sym call_line = call.line if hash? enums enum_values = enums elsif array? enums # Build hash for enum values like Rails does enum_values = s(:hash).line(call_line) enums.each_sexp.with_index do |v, index| enum_values << v enum_values << s(:lit, index).line(call_line) end end enum_method = s(:defn, enum_name, s(:args), safe_literal(call_line)) enums_method = s(:defs, s(:self), enums_name, s(:args), enum_values) @current_class.add_method :public, enum_name, enum_method, @current_file @current_class.add_method :public, enums_name, enums_method, @current_file end
process_call(exp)
click to toggle source
Handle calls outside of methods, such as include, attr_accessible, private, etc.
# File lib/brakeman/processors/model_processor.rb, line 44 def process_call exp return exp unless @current_class return exp if process_call_defn? exp target = exp.target if sexp? target target = process target end method = exp.method first_arg = exp.first_arg #Methods called inside class definition #like attr_* and other settings if @current_method.nil? and target.nil? if first_arg.nil? case method when :private, :protected, :public @visibility = method when :attr_accessible @current_class.set_attr_accessible else #?? end else case method when :include @current_class.add_include class_name(first_arg) if @current_class when :attr_accessible @current_class.set_attr_accessible exp when :attr_protected @current_class.set_attr_protected exp when :enum add_enum_method exp else if @current_class @current_class.add_option method, exp end end end exp else call = make_call target, method, process_all!(exp.args) call.line(exp.line) call end end
process_class(exp)
click to toggle source
s(:class, NAME, PARENT, BODY)
# File lib/brakeman/processors/model_processor.rb, line 25 def process_class exp name = class_name(exp.class_name) #If inside an inner class we treat it as a library. if @current_class Brakeman.debug "[Notice] Treating inner class as library: #{name}" Brakeman::LibraryProcessor.new(@tracker).process_library exp, @current_file return exp end handle_class exp, @tracker.models, Brakeman::Model end
process_model(src, current_file = @current_file)
click to toggle source
Process model source
# File lib/brakeman/processors/model_processor.rb, line 19 def process_model src, current_file = @current_file @current_file = current_file process src end
process_module(exp)
click to toggle source
# File lib/brakeman/processors/model_processor.rb, line 38 def process_module exp handle_module exp, Brakeman::Model end