Class: Brakeman::BaseProcessor
- Inherits:
-
SexpProcessor
- Object
- SexpProcessor
- Brakeman::BaseProcessor
- Includes:
- ProcessorHelper, Util
- Defined in:
- lib/brakeman/processors/base_processor.rb
Overview
Base processor for most processors.
Direct Known Subclasses
ControllerProcessor, FindAllCalls, FindCall, GemProcessor, LibraryProcessor, ModelProcessor, Rails2ConfigProcessor, Rails2RoutesProcessor, Rails3ConfigProcessor, Rails3RoutesProcessor, TemplateProcessor
Constant Summary
Constants included from Util
Util::ALL_PARAMETERS, Util::COOKIES, Util::PARAMETERS, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION
Constants inherited from SexpProcessor
Instance Attribute Summary collapse
-
#ignore ⇒ Object
readonly
Returns the value of attribute ignore.
Attributes inherited from SexpProcessor
Instance Method Summary collapse
-
#find_render_type(args, in_view = false) ⇒ Object
Determines the type of a call to render.
-
#initialize(tracker) ⇒ BaseProcessor
constructor
Return a new Processor.
-
#make_render(exp, in_view = false) ⇒ Object
Generates :render node from call to render.
-
#make_render_in_view(exp) ⇒ Object
Convenience method for ‘make_render exp, true`.
-
#process_arglist(exp) ⇒ Object
Processes the values in an argument list.
-
#process_attrasgn(exp) ⇒ Object
Processes an attribute assignment, which can be either x.y = 1 or x = 1.
-
#process_block(exp) ⇒ Object
Processes a block.
- #process_class(exp) ⇒ Object
-
#process_default(exp) ⇒ Object
Default processing.
-
#process_dstr(exp) ⇒ Object
String with interpolation.
-
#process_evstr(exp) ⇒ Object
Processes the inside of an interpolated String.
-
#process_hash(exp) ⇒ Object
Processes a hash.
-
#process_if(exp) ⇒ Object
Process an if statement.
-
#process_ignore(exp) ⇒ Object
Ignore ignore Sexps.
-
#process_iter(exp) ⇒ Object
Processes calls with blocks.
-
#process_lasgn(exp) ⇒ Object
(also: #process_iasgn)
Processes a local assignment.
-
#process_scope(exp) ⇒ Object
Process a new scope.
Methods included from Util
#array?, #call?, #camelize, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #node_type?, #number?, #params?, #pluralize, #regexp?, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #symbol?, #table_to_csv, #true?, #truncate_table, #underscore
Methods included from ProcessorHelper
#class_name, #process_all, #process_module
Methods inherited from SexpProcessor
#error_handler, #in_context, #process, #process_dummy, #scope
Constructor Details
#initialize(tracker) ⇒ BaseProcessor
Return a new Processor.
12 13 14 15 16 17 18 |
# File 'lib/brakeman/processors/base_processor.rb', line 12 def initialize tracker super() @last = nil @tracker = tracker @ignore = Sexp.new :ignore @current_template = @current_module = @current_class = @current_method = nil end |
Instance Attribute Details
#ignore ⇒ Object (readonly)
Returns the value of attribute ignore.
9 10 11 |
# File 'lib/brakeman/processors/base_processor.rb', line 9 def ignore @ignore end |
Instance Method Details
#find_render_type(args, in_view = false) ⇒ Object
Determines the type of a call to render.
Possible types are: :action, :default, :file, :inline, :js, :json, :nothing, :partial, :template, :text, :update, :xml
And also :layout for inside templates
205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 |
# File 'lib/brakeman/processors/base_processor.rb', line 205 def find_render_type args, in_view = false rest = Sexp.new(:hash) type = nil value = nil first_arg = args.first if args.length == 1 and first_arg == Sexp.new(:lit, :update) return :update, nil, Sexp.new(:arglist, *args[0..-2]) #TODO HUH? end #Look for render :action, ... or render "action", ... if string? first_arg or symbol? first_arg if @current_template and @tracker.[:rails3] type = :partial value = first_arg else type = :action value = first_arg end elsif first_arg.is_a? Symbol or first_arg.is_a? String type = :action value = Sexp.new(:lit, first_arg.to_sym) elsif first_arg.nil? type = :default elsif not hash? first_arg type = :action value = first_arg end types_in_hash = Set[:action, :file, :inline, :js, :json, :nothing, :partial, :template, :text, :update, :xml] #render :layout => "blah" means something else when in a template if in_view types_in_hash << :layout end #Look for "type" of render in options hash #For example, render :file => "blah" if hash? args.last hash_iterate(args.last) do |key, val| if symbol? key and types_in_hash.include? key.value type = key.value value = val else rest << key << val end end end type ||= :default value ||= :default return type, value, rest end |
#make_render(exp, in_view = false) ⇒ Object
Generates :render node from call to render.
190 191 192 193 194 195 196 |
# File 'lib/brakeman/processors/base_processor.rb', line 190 def make_render exp, in_view = false render_type, value, rest = find_render_type exp.args, in_view rest = process rest result = Sexp.new(:render, render_type, value, rest) result.line(exp.line) result end |
#make_render_in_view(exp) ⇒ Object
Convenience method for ‘make_render exp, true`
185 186 187 |
# File 'lib/brakeman/processors/base_processor.rb', line 185 def make_render_in_view exp make_render exp, true end |
#process_arglist(exp) ⇒ Object
Processes the values in an argument list
145 146 147 148 149 150 151 152 153 |
# File 'lib/brakeman/processors/base_processor.rb', line 145 def process_arglist exp exp = exp.dup exp.shift exp.map! do |e| process e end exp.unshift :arglist end |
#process_attrasgn(exp) ⇒ Object
Processes an attribute assignment, which can be either x.y = 1 or x = 1
172 173 174 175 176 177 |
# File 'lib/brakeman/processors/base_processor.rb', line 172 def process_attrasgn exp exp = exp.dup exp.target = process exp.target exp.arglist = process exp.arglist exp end |
#process_block(exp) ⇒ Object
Processes a block. Changes Sexp node type to :rlist
109 110 111 112 113 114 115 116 117 118 |
# File 'lib/brakeman/processors/base_processor.rb', line 109 def process_block exp exp = exp.dup exp.shift exp.map! do |e| process e end exp.unshift :rlist end |
#process_class(exp) ⇒ Object
20 21 22 23 24 25 26 |
# File 'lib/brakeman/processors/base_processor.rb', line 20 def process_class exp current_class = @current_class @current_class = class_name exp[1] process exp[3] @current_class = current_class exp end |
#process_default(exp) ⇒ Object
Default processing.
44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/brakeman/processors/base_processor.rb', line 44 def process_default exp exp = exp.dup exp.each_with_index do |e, i| if sexp? e and not e.empty? exp[i] = process e else e end end exp end |
#process_dstr(exp) ⇒ Object
String with interpolation. Changes Sexp node type to :string_interp
87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 |
# File 'lib/brakeman/processors/base_processor.rb', line 87 def process_dstr exp exp = exp.dup exp.shift exp.map! do |e| if e.is_a? String e elsif e.value.is_a? String e.value else res = process e if res.empty? nil else res end end end.compact! exp.unshift :string_interp end |
#process_evstr(exp) ⇒ Object
Processes the inside of an interpolated String. Changes Sexp node type to :string_eval
122 123 124 125 126 127 |
# File 'lib/brakeman/processors/base_processor.rb', line 122 def process_evstr exp exp = exp.dup exp[0] = :string_eval exp[1] = process exp[1] exp end |
#process_hash(exp) ⇒ Object
Processes a hash
130 131 132 133 134 135 136 137 138 139 140 141 142 |
# File 'lib/brakeman/processors/base_processor.rb', line 130 def process_hash exp exp = exp.dup exp.shift exp.map! do |e| if sexp? e process e else e end end exp.unshift :hash end |
#process_if(exp) ⇒ Object
Process an if statement.
59 60 61 62 63 64 65 |
# File 'lib/brakeman/processors/base_processor.rb', line 59 def process_if exp exp = exp.dup exp[1] = process exp.condition exp[2] = process exp.then_clause if exp.then_clause exp[3] = process exp.else_clause if exp.else_clause exp end |
#process_ignore(exp) ⇒ Object
Ignore ignore Sexps
180 181 182 |
# File 'lib/brakeman/processors/base_processor.rb', line 180 def process_ignore exp exp end |
#process_iter(exp) ⇒ Object
Processes calls with blocks. Changes Sexp node type to :call_with_block
s(:iter, CALL, :lasgn|:masgn, BLOCK)
70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 |
# File 'lib/brakeman/processors/base_processor.rb', line 70 def process_iter exp exp = exp.dup call = process exp.block_call #deal with assignments somehow if exp.block block = process exp.block block = nil if block.empty? else block = nil end call = Sexp.new(:call_with_block, call, exp.block_args, block).compact call.line(exp.line) call end |
#process_lasgn(exp) ⇒ Object Also known as: process_iasgn
Processes a local assignment
156 157 158 159 160 |
# File 'lib/brakeman/processors/base_processor.rb', line 156 def process_lasgn exp exp = exp.dup exp.rhs = process exp.rhs exp end |
#process_scope(exp) ⇒ Object
Process a new scope. Removes expressions that are set to nil.
29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/brakeman/processors/base_processor.rb', line 29 def process_scope exp exp = exp.dup exp.shift exp.map! do |e| res = process e if res.empty? res = nil else res end end.compact exp.unshift :scope end |