Class: Brakeman::Processor

Inherits:
Object show all
Includes:
Util
Defined in:
lib/brakeman/processor.rb

Overview

Makes calls to the appropriate processor.

The ControllerProcessor, TemplateProcessor, and ModelProcessor will update the Tracker with information about what is parsed.

Constant Summary

Constants included from Util

Util::ALL_PARAMETERS, Util::COOKIES, Util::COOKIES_SEXP, Util::PARAMETERS, Util::PARAMS_SEXP, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION, Util::SESSION_SEXP

Instance Method Summary collapse

Methods included from Util

#array?, #block?, #call?, #camelize, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #github_url, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #make_call, #node_type?, #number?, #params?, #pluralize, #regexp?, #relative_path, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #symbol?, #table_to_csv, #template_path_to_name, #true?, #truncate_table, #underscore

Constructor Details

#initialize(app_tree, options) ⇒ Processor

Returns a new instance of Processor.


15
16
17
18
# File 'lib/brakeman/processor.rb', line 15

def initialize(app_tree, options)
  @app_tree = app_tree
  @tracker = Tracker.new(@app_tree, self, options)
end

Instance Method Details

#process_config(src) ⇒ Object

Process configuration file source


25
26
27
# File 'lib/brakeman/processor.rb', line 25

def process_config src
  ConfigProcessor.new(@tracker).process_config src
end

#process_controller(src, file_name) ⇒ Object

Process controller source. file_name is used for reporting


40
41
42
43
44
45
46
# File 'lib/brakeman/processor.rb', line 40

def process_controller src, file_name
  if contains_class? src
    ControllerProcessor.new(@app_tree, @tracker).process_controller src, file_name
  else
    LibraryProcessor.new(@tracker).process_library src, file_name
  end
end

#process_controller_alias(name, src, only_method = nil) ⇒ Object

Process variable aliasing in controller source and save it in the tracker.


50
51
52
# File 'lib/brakeman/processor.rb', line 50

def process_controller_alias name, src, only_method = nil
  ControllerAliasProcessor.new(@app_tree, @tracker, only_method).process_controller name, src
end

#process_gems(src, gem_lock = nil) ⇒ Object

Process Gemfile


30
31
32
# File 'lib/brakeman/processor.rb', line 30

def process_gems src, gem_lock = nil
  GemProcessor.new(@tracker).process_gems src, gem_lock
end

#process_initializer(name, src) ⇒ Object

Process source for initializing files


91
92
93
94
95
# File 'lib/brakeman/processor.rb', line 91

def process_initializer name, src
  res = BaseProcessor.new(@tracker).process src
  res = AliasProcessor.new(@tracker).process res
  @tracker.initializers[Pathname.new(name).basename.to_s] = res
end

#process_lib(src, file_name) ⇒ Object

Process source for a library file


98
99
100
# File 'lib/brakeman/processor.rb', line 98

def process_lib src, file_name
  LibraryProcessor.new(@tracker).process_library src, file_name
end

#process_model(src, file_name) ⇒ Object

Process a model source


55
56
57
58
# File 'lib/brakeman/processor.rb', line 55

def process_model src, file_name
  result = ModelProcessor.new(@tracker).process_model src, file_name
  AliasProcessor.new(@tracker).process_all result if result
end

#process_routes(src) ⇒ Object

Process route file source


35
36
37
# File 'lib/brakeman/processor.rb', line 35

def process_routes src
  RoutesProcessor.new(@tracker).process_routes src
end

#process_template(name, src, type, called_from = nil, file_name = nil) ⇒ Object

Process either an ERB or HAML template


61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
# File 'lib/brakeman/processor.rb', line 61

def process_template name, src, type, called_from = nil, file_name = nil
  case type
  when :erb
    result = ErbTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  when :haml
    result = HamlTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  when :erubis
    result = ErubisTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  when :slim
    result = SlimTemplateProcessor.new(@tracker, name, called_from, file_name).process src
  else
    abort "Unknown template type: #{type} (#{name})"
  end

  #Each template which is rendered is stored separately
  #with a new name.
  if called_from
    name = ("#{name}.#{called_from}").to_sym
  end

  @tracker.templates[name][:src] = result
  @tracker.templates[name][:type] = type
end

#process_template_alias(template) ⇒ Object

Process any calls to render() within a template


86
87
88
# File 'lib/brakeman/processor.rb', line 86

def process_template_alias template
  TemplateAliasProcessor.new(@tracker, template).process_safely template[:src]
end

#tracked_eventsObject


20
21
22
# File 'lib/brakeman/processor.rb', line 20

def tracked_events
  @tracker
end