Class: Brakeman::Processor

Inherits:
Object show all
Includes:
Util
Defined in:
lib/brakeman/processor.rb

Overview

Makes calls to the appropriate processor.

The ControllerProcessor, TemplateProcessor, and ModelProcessor will update the Tracker with information about what is parsed.

Constant Summary

Constants included from Util

Util::ALL_PARAMETERS, Util::COOKIES, Util::PARAMETERS, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION

Instance Method Summary collapse

Methods included from Util

#array?, #call?, #camelize, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #node_type?, #number?, #params?, #pluralize, #regexp?, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #symbol?, #table_to_csv, #true?, #truncate_table, #underscore

Constructor Details

#initialize(options) ⇒ Processor

Returns a new instance of Processor.



15
16
17
# File 'lib/brakeman/processor.rb', line 15

def initialize options
  @tracker = Tracker.new self, options
end

Instance Method Details

#process_config(src) ⇒ Object

Process configuration file source



24
25
26
# File 'lib/brakeman/processor.rb', line 24

def process_config src
  ConfigProcessor.new(@tracker).process_config src
end

#process_controller(src, file_name) ⇒ Object

Process controller source. file_name is used for reporting



39
40
41
42
43
44
45
# File 'lib/brakeman/processor.rb', line 39

def process_controller src, file_name
  if contains_class? src
    ControllerProcessor.new(@tracker).process_controller src, file_name
  else
    LibraryProcessor.new(@tracker).process_library src, file_name
  end
end

#process_controller_alias(name, src, only_method = nil) ⇒ Object

Process variable aliasing in controller source and save it in the tracker.



49
50
51
# File 'lib/brakeman/processor.rb', line 49

def process_controller_alias name, src, only_method = nil
  ControllerAliasProcessor.new(@tracker, only_method).process_controller name, src
end

#process_gems(src, gem_lock = nil) ⇒ Object

Process Gemfile



29
30
31
# File 'lib/brakeman/processor.rb', line 29

def process_gems src, gem_lock = nil
  GemProcessor.new(@tracker).process_gems src, gem_lock
end

#process_initializer(name, src) ⇒ Object

Process source for initializing files



88
89
90
91
92
# File 'lib/brakeman/processor.rb', line 88

def process_initializer name, src
  res = BaseProcessor.new(@tracker).process src
  res = AliasProcessor.new(@tracker).process res
  @tracker.initializers[Pathname.new(name).basename.to_s] = res
end

#process_lib(src, file_name) ⇒ Object

Process source for a library file



95
96
97
# File 'lib/brakeman/processor.rb', line 95

def process_lib src, file_name
  LibraryProcessor.new(@tracker).process_library src, file_name
end

#process_model(src, file_name) ⇒ Object

Process a model source



54
55
56
57
# File 'lib/brakeman/processor.rb', line 54

def process_model src, file_name
  result = ModelProcessor.new(@tracker).process_model src, file_name
  AliasProcessor.new(@tracker).process result
end

#process_routes(src) ⇒ Object

Process route file source



34
35
36
# File 'lib/brakeman/processor.rb', line 34

def process_routes src
  RoutesProcessor.new(@tracker).process_routes src
end

#process_template(name, src, type, called_from = nil, file_name = nil) ⇒ Object

Process either an ERB or HAML template



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# File 'lib/brakeman/processor.rb', line 60

def process_template name, src, type, called_from = nil, file_name = nil
  case type
  when :erb
    result = ErbTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  when :haml
    result = HamlTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  when :erubis
    result = ErubisTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  else
    abort "Unknown template type: #{type} (#{name})"
  end

  #Each template which is rendered is stored separately
  #with a new name.
  if called_from
    name = ("#{name}.#{called_from}").to_sym
  end

  @tracker.templates[name][:src] = result
  @tracker.templates[name][:type] = type
end

#process_template_alias(template) ⇒ Object

Process any calls to render() within a template



83
84
85
# File 'lib/brakeman/processor.rb', line 83

def process_template_alias template
  TemplateAliasProcessor.new(@tracker, template).process_safely template[:src]
end

#tracked_eventsObject



19
20
21
# File 'lib/brakeman/processor.rb', line 19

def tracked_events
  @tracker
end