Class: Brakeman::BaseProcessor
- Inherits:
-
SexpProcessor
- Object
- SexpProcessor
- Brakeman::BaseProcessor
- Includes:
- ProcessorHelper, Util
- Defined in:
- lib/brakeman/processors/base_processor.rb
Overview
Base processor for most processors.
Direct Known Subclasses
ControllerProcessor, LibraryProcessor, ModelProcessor, TemplateProcessor
Constant Summary collapse
- IGNORE =
Sexp.new :ignore
Constants included from Util
Util::ALL_PARAMETERS, Util::COOKIES, Util::COOKIES_SEXP, Util::PARAMETERS, Util::PARAMS_SEXP, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION, Util::SESSION_SEXP
Constants inherited from SexpProcessor
Instance Attribute Summary
Attributes inherited from SexpProcessor
Instance Method Summary collapse
-
#find_render_type(call, in_view = false) ⇒ Object
Determines the type of a call to render.
- #ignore ⇒ Object
-
#initialize(tracker) ⇒ BaseProcessor
constructor
Return a new Processor.
-
#make_render(exp, in_view = false) ⇒ Object
Generates :render node from call to render.
-
#make_render_in_view(exp) ⇒ Object
Convenience method for ‘make_render exp, true`.
-
#process_arglist(exp) ⇒ Object
Processes the values in an argument list.
-
#process_attrasgn(exp) ⇒ Object
Processes an attribute assignment, which can be either x.y = 1 or x = 1.
-
#process_block(exp) ⇒ Object
Processes a block.
-
#process_default(exp) ⇒ Object
Default processing.
-
#process_dstr(exp) ⇒ Object
String with interpolation.
-
#process_evstr(exp) ⇒ Object
Processes the inside of an interpolated String.
-
#process_hash(exp) ⇒ Object
Processes a hash.
-
#process_if(exp) ⇒ Object
Process an if statement.
-
#process_ignore(exp) ⇒ Object
Ignore ignore Sexps.
-
#process_iter(exp) ⇒ Object
Processes calls with blocks.
-
#process_lasgn(exp) ⇒ Object
(also: #process_iasgn)
Processes a local assignment.
-
#process_scope(exp) ⇒ Object
Process a new scope.
Methods included from Util
#array?, #block?, #call?, #camelize, #class_name, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #github_url, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #make_call, #node_type?, #number?, #params?, #pluralize, #rails_version, #regexp?, #relative_path, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #string_interp?, #symbol?, #table_to_csv, #template_path_to_name, #true?, #truncate_table, #underscore
Methods included from ProcessorHelper
#process_all, #process_all!, #process_call_args, #process_call_defn?, #process_class, #process_module
Methods inherited from SexpProcessor
#in_context, #process, processors, #scope
Constructor Details
#initialize(tracker) ⇒ BaseProcessor
Return a new Processor.
12 13 14 15 16 17 |
# File 'lib/brakeman/processors/base_processor.rb', line 12 def initialize tracker super() @last = nil @tracker = tracker @current_template = @current_module = @current_class = @current_method = nil end |
Instance Method Details
#find_render_type(call, in_view = false) ⇒ Object
Determines the type of a call to render.
Possible types are: :action, :default, :file, :inline, :js, :json, :nothing, :partial, :template, :text, :update, :xml
And also :layout for inside templates
189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 |
# File 'lib/brakeman/processors/base_processor.rb', line 189 def find_render_type call, in_view = false rest = Sexp.new(:hash) type = nil value = nil first_arg = call.first_arg if call.second_arg.nil? and first_arg == Sexp.new(:lit, :update) return :update, nil, Sexp.new(:arglist, *call.args[0..-2]) #TODO HUH? end #Look for render :action, ... or render "action", ... if string? first_arg or symbol? first_arg if @current_template and @tracker.[:rails3] type = :partial value = first_arg else type = :action value = first_arg end elsif first_arg.is_a? Symbol or first_arg.is_a? String type = :action value = Sexp.new(:lit, first_arg.to_sym) elsif first_arg.nil? type = :default elsif not hash? first_arg type = :action value = first_arg end types_in_hash = Set[:action, :file, :inline, :js, :json, :nothing, :partial, :template, :text, :update, :xml] #render :layout => "blah" means something else when in a template if in_view types_in_hash << :layout end last_arg = call.last_arg #Look for "type" of render in options hash #For example, render :file => "blah" if hash? last_arg hash_iterate(last_arg) do |key, val| if symbol? key and types_in_hash.include? key.value type = key.value value = val else rest << key << val end end end type ||= :default value ||= :default return type, value, rest end |
#ignore ⇒ Object
19 20 21 |
# File 'lib/brakeman/processors/base_processor.rb', line 19 def ignore IGNORE end |
#make_render(exp, in_view = false) ⇒ Object
Generates :render node from call to render.
174 175 176 177 178 179 180 |
# File 'lib/brakeman/processors/base_processor.rb', line 174 def make_render exp, in_view = false render_type, value, rest = find_render_type exp, in_view rest = process rest result = Sexp.new(:render, render_type, value, rest) result.line(exp.line) result end |
#make_render_in_view(exp) ⇒ Object
Convenience method for ‘make_render exp, true`
169 170 171 |
# File 'lib/brakeman/processors/base_processor.rb', line 169 def make_render_in_view exp make_render exp, true end |
#process_arglist(exp) ⇒ Object
Processes the values in an argument list
129 130 131 132 133 134 135 136 137 |
# File 'lib/brakeman/processors/base_processor.rb', line 129 def process_arglist exp exp = exp.dup exp.shift exp.map! do |e| process e end exp.unshift :arglist end |
#process_attrasgn(exp) ⇒ Object
Processes an attribute assignment, which can be either x.y = 1 or x = 1
156 157 158 159 160 161 |
# File 'lib/brakeman/processors/base_processor.rb', line 156 def process_attrasgn exp exp = exp.dup exp.target = process exp.target exp.arglist = process exp.arglist exp end |
#process_block(exp) ⇒ Object
Processes a block. Changes Sexp node type to :rlist
92 93 94 95 96 97 98 99 100 101 |
# File 'lib/brakeman/processors/base_processor.rb', line 92 def process_block exp exp = exp.dup exp.shift exp.map! do |e| process e end exp.unshift :rlist end |
#process_default(exp) ⇒ Object
Default processing.
29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/brakeman/processors/base_processor.rb', line 29 def process_default exp exp = exp.dup exp.each_with_index do |e, i| if sexp? e and not e.empty? exp[i] = process e else e end end exp end |
#process_dstr(exp) ⇒ Object
String with interpolation.
72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
# File 'lib/brakeman/processors/base_processor.rb', line 72 def process_dstr exp exp = exp.dup exp.shift exp.map! do |e| if e.is_a? String e else res = process e if res.empty? nil else res end end end.compact! exp.unshift :dstr end |
#process_evstr(exp) ⇒ Object
Processes the inside of an interpolated String.
104 105 106 107 108 109 110 111 |
# File 'lib/brakeman/processors/base_processor.rb', line 104 def process_evstr exp exp = exp.dup if exp[1] exp[1] = process exp[1] end exp end |
#process_hash(exp) ⇒ Object
Processes a hash
114 115 116 117 118 119 120 121 122 123 124 125 126 |
# File 'lib/brakeman/processors/base_processor.rb', line 114 def process_hash exp exp = exp.dup exp.shift exp.map! do |e| if sexp? e process e else e end end exp.unshift :hash end |
#process_if(exp) ⇒ Object
Process an if statement.
44 45 46 47 48 49 50 |
# File 'lib/brakeman/processors/base_processor.rb', line 44 def process_if exp exp = exp.dup exp[1] = process exp.condition exp[2] = process exp.then_clause if exp.then_clause exp[3] = process exp.else_clause if exp.else_clause exp end |
#process_ignore(exp) ⇒ Object
Ignore ignore Sexps
164 165 166 |
# File 'lib/brakeman/processors/base_processor.rb', line 164 def process_ignore exp exp end |
#process_iter(exp) ⇒ Object
Processes calls with blocks.
s(:iter, CALL, :lasgn|:masgn, BLOCK)
55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
# File 'lib/brakeman/processors/base_processor.rb', line 55 def process_iter exp exp = exp.dup call = process exp.block_call #deal with assignments somehow if exp.block block = process exp.block block = nil if block.empty? else block = nil end call = Sexp.new(:iter, call, exp.block_args, block).compact call.line(exp.line) call end |
#process_lasgn(exp) ⇒ Object Also known as: process_iasgn
Processes a local assignment
140 141 142 143 144 |
# File 'lib/brakeman/processors/base_processor.rb', line 140 def process_lasgn exp exp = exp.dup exp.rhs = process exp.rhs exp end |
#process_scope(exp) ⇒ Object
Process a new scope. Removes expressions that are set to nil.
24 25 26 |
# File 'lib/brakeman/processors/base_processor.rb', line 24 def process_scope exp #NOPE? end |