Module: Brakeman::ControllerMethods
- Included in:
- Controller, Library
- Defined in:
- lib/brakeman/tracker/controller.rb
Instance Attribute Summary collapse
-
#layout ⇒ Object
Returns the value of attribute layout.
Instance Method Summary collapse
- #add_before_filter(exp) ⇒ Object
- #before_filter_list(processor, method) ⇒ Object
- #before_filter_to_hash(processor, args) ⇒ Object
- #before_filters ⇒ Object
- #get_before_filters(processor, method) ⇒ Object
- #get_skipped_filters(processor, method) ⇒ Object
- #initialize_controller ⇒ Object
- #prepend_before_filter(exp) ⇒ Object
- #protect_from_forgery? ⇒ Boolean
- #remove_skipped_filters(processor, filters, method) ⇒ Object
- #skip_filter(exp) ⇒ Object
- #skip_filters ⇒ Object
Instance Attribute Details
#layout ⇒ Object
Returns the value of attribute layout.
5 6 7 |
# File 'lib/brakeman/tracker/controller.rb', line 5 def layout @layout end |
Instance Method Details
#add_before_filter(exp) ⇒ Object
[View source]
19 20 21 |
# File 'lib/brakeman/tracker/controller.rb', line 19 def add_before_filter exp @options[:before_filters] << exp end |
#before_filter_list(processor, method) ⇒ Object
[View source]
39 40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/brakeman/tracker/controller.rb', line 39 def before_filter_list processor, method controller = self filters = [] while controller filters = controller.get_before_filters(processor, method) + filters controller = tracker.controllers[controller.parent] || tracker.libs[controller.parent] end remove_skipped_filters processor, filters, method end |
#before_filter_to_hash(processor, args) ⇒ Object
[View source]
106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 |
# File 'lib/brakeman/tracker/controller.rb', line 106 def before_filter_to_hash processor, args filter = {} #Process args for the uncommon but possible situation #in which some variables are used in the filter. args.each do |a| if sexp? a a = processor.process_default a end end filter[:methods] = [] args.each do |a| filter[:methods] << a[1] if a.node_type == :lit end = args.last if hash? # Probably only one option, # but this also avoids issues with kwsplats hash_iterate() do |option, value| case value.node_type when :array filter[option.value] = value.sexp_body.map {|v| v[1] } when :lit, :str filter[option.value] = value[1] else Brakeman.debug "[Notice] Unknown before_filter value: #{option} => #{value}" end end else filter[:all] = true end filter end |
#before_filters ⇒ Object
[View source]
27 28 29 |
# File 'lib/brakeman/tracker/controller.rb', line 27 def before_filters @options[:before_filters] end |
#get_before_filters(processor, method) ⇒ Object
[View source]
86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
# File 'lib/brakeman/tracker/controller.rb', line 86 def get_before_filters processor, method filters = [] if @before_filter_cache.nil? @before_filter_cache = [] before_filters.each do |filter| @before_filter_cache << before_filter_to_hash(processor, filter.args) end end @before_filter_cache.each do |f| if filter_includes_method? f, method filters.concat f[:methods] end end filters end |
#get_skipped_filters(processor, method) ⇒ Object
[View source]
53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
# File 'lib/brakeman/tracker/controller.rb', line 53 def get_skipped_filters processor, method filters = [] if @skip_filter_cache.nil? @skip_filter_cache = skip_filters.map do |filter| before_filter_to_hash(processor, filter.args) end end @skip_filter_cache.each do |f| if filter_includes_method? f, method filters.concat f[:methods] else end end filters end |
#initialize_controller ⇒ Object
[View source]
7 8 9 10 11 12 13 |
# File 'lib/brakeman/tracker/controller.rb', line 7 def initialize_controller @options[:before_filters] = [] @options[:skip_filters] = [] @layout = nil @skip_filter_cache = nil @before_filter_cache = nil end |
#prepend_before_filter(exp) ⇒ Object
[View source]
23 24 25 |
# File 'lib/brakeman/tracker/controller.rb', line 23 def prepend_before_filter exp @options[:before_filters].unshift exp end |
#protect_from_forgery? ⇒ Boolean
15 16 17 |
# File 'lib/brakeman/tracker/controller.rb', line 15 def protect_from_forgery? @options[:protect_from_forgery] end |
#remove_skipped_filters(processor, filters, method) ⇒ Object
[View source]
73 74 75 76 77 78 79 80 81 82 83 84 |
# File 'lib/brakeman/tracker/controller.rb', line 73 def remove_skipped_filters processor, filters, method controller = self while controller filters = filters - controller.get_skipped_filters(processor, method) controller = tracker.controllers[controller.parent] || tracker.libs[controller.parent] end filters end |
#skip_filter(exp) ⇒ Object
[View source]
31 32 33 |
# File 'lib/brakeman/tracker/controller.rb', line 31 def skip_filter exp @options[:skip_filters] << exp end |
#skip_filters ⇒ Object
[View source]
35 36 37 |
# File 'lib/brakeman/tracker/controller.rb', line 35 def skip_filters @options[:skip_filters] end |