Class: Brakeman::Processor

Inherits:
Object
  • Object
show all
Includes:
Util
Defined in:
lib/brakeman/processor.rb

Overview

Makes calls to the appropriate processor.

The ControllerProcessor, TemplateProcessor, and ModelProcessor will update the Tracker with information about what is parsed.

Constant Summary

Constants included from Util

Util::ALL_COOKIES, Util::ALL_PARAMETERS, Util::COOKIES, Util::COOKIES_SEXP, Util::PARAMETERS, Util::PARAMS_SEXP, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_COOKIES, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION, Util::SESSION_SEXP

Instance Method Summary collapse

Methods included from Util

#array?, #block?, #call?, #camelize, #class_name, #constant?, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #github_url, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #make_call, #node_type?, #number?, #params?, #pluralize, #rails_version, #regexp?, #relative_path, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #string_interp?, #symbol?, #table_to_csv, #template_path_to_name, #true?, #truncate_table, #underscore

Constructor Details

#initialize(app_tree, options) ⇒ Processor

Returns a new instance of Processor.



15
16
17
18
# File 'lib/brakeman/processor.rb', line 15

def initialize(app_tree, options)
  @app_tree = app_tree
  @tracker = Tracker.new(@app_tree, self, options)
end

Instance Method Details

#process_config(src, file_name) ⇒ Object

Process configuration file source



25
26
27
# File 'lib/brakeman/processor.rb', line 25

def process_config src, file_name
  ConfigProcessor.new(@tracker).process_config src, file_name
end

#process_controller(src, file_name) ⇒ Object

Process controller source. file_name is used for reporting



40
41
42
43
44
45
46
# File 'lib/brakeman/processor.rb', line 40

def process_controller src, file_name
  if contains_class? src
    ControllerProcessor.new(@app_tree, @tracker).process_controller src, file_name
  else
    LibraryProcessor.new(@tracker).process_library src, file_name
  end
end

#process_controller_alias(name, src, only_method = nil, file = nil) ⇒ Object

Process variable aliasing in controller source and save it in the tracker.



50
51
52
# File 'lib/brakeman/processor.rb', line 50

def process_controller_alias name, src, only_method = nil, file = nil
  ControllerAliasProcessor.new(@app_tree, @tracker, only_method).process_controller name, src, file
end

#process_gems(gem_files) ⇒ Object

Process Gemfile



30
31
32
# File 'lib/brakeman/processor.rb', line 30

def process_gems gem_files
  GemProcessor.new(@tracker).process_gems gem_files
end

#process_initializer(file_name, src) ⇒ Object

Process source for initializing files



91
92
93
94
95
# File 'lib/brakeman/processor.rb', line 91

def process_initializer file_name, src
  res = BaseProcessor.new(@tracker).process_file src, file_name
  res = AliasProcessor.new(@tracker).process_safely res, nil, file_name
  @tracker.initializers[Pathname.new(file_name).basename.to_s] = res
end

#process_lib(src, file_name) ⇒ Object

Process source for a library file



98
99
100
# File 'lib/brakeman/processor.rb', line 98

def process_lib src, file_name
  LibraryProcessor.new(@tracker).process_library src, file_name
end

#process_model(src, file_name) ⇒ Object

Process a model source



55
56
57
58
# File 'lib/brakeman/processor.rb', line 55

def process_model src, file_name
  result = ModelProcessor.new(@tracker).process_model src, file_name
  AliasProcessor.new(@tracker).process result if result
end

#process_routes(src) ⇒ Object

Process route file source



35
36
37
# File 'lib/brakeman/processor.rb', line 35

def process_routes src
  RoutesProcessor.new(@tracker).process_routes src
end

#process_template(name, src, type, called_from = nil, file_name = nil) ⇒ Object

Process either an ERB or HAML template



61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
# File 'lib/brakeman/processor.rb', line 61

def process_template name, src, type, called_from = nil, file_name = nil
  case type
  when :erb
    result = ErbTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  when :haml
    result = HamlTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  when :erubis
    result = ErubisTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  when :slim
    result = SlimTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  else
    abort "Unknown template type: #{type} (#{name})"
  end

  #Each template which is rendered is stored separately
  #with a new name.
  if called_from
    name = ("#{name}.#{called_from}").to_sym
  end

  @tracker.templates[name].src = result
  @tracker.templates[name].type = type
end

#process_template_alias(template) ⇒ Object

Process any calls to render() within a template



86
87
88
# File 'lib/brakeman/processor.rb', line 86

def process_template_alias template
  TemplateAliasProcessor.new(@tracker, template).process_safely template.src
end

#tracked_eventsObject



20
21
22
# File 'lib/brakeman/processor.rb', line 20

def tracked_events
  @tracker
end