Class: Spektr::Checks::Send

Inherits:

Base

• Object
• Base
• Spektr::Checks::Send

Defined in:

lib/spektr/checks/send.rb

Instance Attribute Summary

Attributes inherited from Base

#name

Instance Method Summary

• #initialize(app, target) ⇒ Send constructor

  A new instance of Send.

• #run ⇒ Object

Methods inherited from Base

#app_version_between?, #dupe?, #model_attribute?, #should_run?, #target_affected?, #user_input?, #version_affected, #version_between?, #warn!

Constructor Details

#initialize(app, target) ⇒ Send

Returns a new instance of Send.

# File 'lib/spektr/checks/send.rb', line 4

def initialize(app, target)
  super
  @name = "Dangerous send"
  @type = "Dangerous send"
  @targets = ["Spektr::Targets::Base", "Spektr::Targets::Model", "Spektr::Targets::Controller", "Spektr::Targets::Routes", "Spektr::Targets::View"]
end

Instance Method Details

#run ⇒ Object

# File 'lib/spektr/checks/send.rb', line 11

def run
  return unless super
  [:send, :try, :__send__, :public_send].each do |method|
    @target.find_calls(method).each do |call|
      argument = call.arguments.first
      if user_input?(argument.type, argument.name, argument.ast)
        warn! @target, self, call.location, "User supplied value in send"
      end
    end
  end
end