class Brakeman::Report::Base

Base class for report formats

Attributes

checks[R]
tracker[R]

Public Class Methods

new(tracker) click to toggle source
# File lib/brakeman/report/report_base.rb, line 14
def initialize tracker
  @app_tree = tracker.app_tree
  @tracker = tracker
  @checks = tracker.checks
  @ignore_filter = tracker.ignored_filter
  @highlight_user_input = tracker.options[:highlight_user_input]
  @warnings_summary = nil
end

Public Instance Methods

absolute_paths?() click to toggle source
# File lib/brakeman/report/report_base.rb, line 124
def absolute_paths?
  @tracker.options[:absolute_paths]
end
all_warnings() click to toggle source
# File lib/brakeman/report/report_base.rb, line 78
def all_warnings
  if @ignore_filter
    @all_warnings ||= @ignore_filter.shown_warnings
  else
    @all_warnings ||= tracker.checks.all_warnings
  end
end
context_for(warning) click to toggle source

Return array of lines surrounding the warning location from the original file.

# File lib/brakeman/report/report_base.rb, line 140
def context_for warning
  file = warning.file
  context = []
  return context unless warning.line and file and file.exists?

  current_line = 0
  start_line = warning.line - 5
  end_line = warning.line + 5

  start_line = 1 if start_line < 0

  File.open file do |f|
    f.each_line do |line|
      current_line += 1

      next if line.strip == ""

      if current_line > end_line
        break
      end

      if current_line >= start_line
        context << [current_line, line]
      end
    end
  end

  context
end
controller_information() click to toggle source
# File lib/brakeman/report/report_base.rb, line 41
def controller_information
  controller_rows = []

  tracker.controllers.keys.map{|k| k.to_s}.sort.each do |name|
    name = name.to_sym
    c = tracker.controllers[name]

    if tracker.routes.include? :allow_all_actions or (tracker.routes[name] and tracker.routes[name].include? :allow_all_actions)
      routes = c.methods_public.keys.map{|e| e.to_s}.sort.join(", ")
    elsif tracker.routes[name].nil?
      #No routes defined for this controller.
      #This can happen when it is only a parent class
      #for other controllers, for example.
      routes = "[None]"

    else
      routes = (Set.new(c.methods_public.keys) & tracker.routes[name.to_sym]).
        to_a.
        map {|e| e.to_s}.
        sort.
        join(", ")
    end

    if routes == ""
      routes = "[None]"
    end

    controller_rows << { "Name" => name.to_s,
      "Parent" => c.parent.to_s,
      "Includes" => c.includes.join(", "),
      "Routes" => routes
    }
  end

  controller_rows
end
controller_warnings() click to toggle source
# File lib/brakeman/report/report_base.rb, line 108
def controller_warnings
  filter_warnings tracker.checks.controller_warnings
end
filter_warnings(warnings) click to toggle source
# File lib/brakeman/report/report_base.rb, line 86
def filter_warnings warnings
  if @ignore_filter
    warnings.reject do |w|
      @ignore_filter.ignored? w
    end
  else
    warnings
  end
end
generic_warnings() click to toggle source
# File lib/brakeman/report/report_base.rb, line 96
def generic_warnings
  filter_warnings tracker.checks.warnings
end
github_url(file, line=nil) click to toggle source
# File lib/brakeman/report/report_base.rb, line 183
def github_url file, line=nil
  if repo_url = @tracker.options[:github_url] and file
    url = "#{repo_url}/#{file.relative}"
    url << "#L#{line}" if line
  else
    nil
  end
end
ignored_warnings() click to toggle source
# File lib/brakeman/report/report_base.rb, line 112
def ignored_warnings
  if @ignore_filter
    @ignore_filter.ignored_warnings
  else
    []
  end
end
model_warnings() click to toggle source
# File lib/brakeman/report/report_base.rb, line 104
def model_warnings
  filter_warnings tracker.checks.model_warnings
end
number_of_templates(tracker) click to toggle source
# File lib/brakeman/report/report_base.rb, line 120
def number_of_templates tracker
  Set.new(tracker.templates.map {|k,v| v.name.to_s[/[^.]+/]}).length
end
rails_version() click to toggle source
# File lib/brakeman/report/report_base.rb, line 170
def rails_version
  case
  when tracker.config.rails_version
    tracker.config.rails_version
  when tracker.options[:rails4]
    "4.x"
  when tracker.options[:rails3]
    "3.x"
  else
    "Unknown"
  end
end
template_warnings() click to toggle source
# File lib/brakeman/report/report_base.rb, line 100
def template_warnings
  filter_warnings tracker.checks.template_warnings
end
warning_file(warning) click to toggle source
# File lib/brakeman/report/report_base.rb, line 128
def warning_file warning
  return nil if warning.file.nil?

  if absolute_paths?
    warning.file.absolute
  else
    warning.file.relative
  end
end
warnings_summary() click to toggle source

Return summary of warnings in hash and store in @warnings_summary

# File lib/brakeman/report/report_base.rb, line 24
def warnings_summary
  return @warnings_summary if @warnings_summary

  summary = Hash.new(0)
  high_confidence_warnings = 0

  [all_warnings].each do |warnings|
    warnings.each do |warning|
      summary[warning.warning_type.to_s] += 1
      high_confidence_warnings += 1 if warning.confidence == 0
    end
  end

  summary[:high_confidence] = high_confidence_warnings
  @warnings_summary = summary
end