Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 4e0e4f9

Browse files
alexrfordalexrford
committed
Ruby: make ActiveRecordInstance public
1 parent fd8f1dc commit 4e0e4f9

3 files changed

Lines changed: 14 additions & 2 deletions

File tree

ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -313,8 +313,10 @@ private class ActiveRecordModelClassSelfReference extends ActiveRecordModelInsta
313313
final override ActiveRecordModelClass getClass() { result = cls }
314314
}
315315

316-
// A (locally tracked) active record model object
317-
private class ActiveRecordInstance extends DataFlow::Node {
316+
/**
317+
* An instance of an `ActiveRecord` model object.
318+
*/
319+
class ActiveRecordInstance extends DataFlow::Node {
318320
private ActiveRecordModelInstantiation instantiation;
319321

320322
ActiveRecordInstance() { this = instantiation or instantiation.flowsTo(this) }

ruby/ql/test/library-tests/frameworks/ActiveRecord.expected

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,14 @@ activeRecordModelClasses
22
| ActiveRecordInjection.rb:1:1:3:3 | UserGroup |
33
| ActiveRecordInjection.rb:5:1:17:3 | User |
44
| ActiveRecordInjection.rb:19:1:25:3 | Admin |
5+
activeRecordInstances
6+
| ActiveRecordInjection.rb:10:5:10:68 | call to find |
7+
| ActiveRecordInjection.rb:15:5:15:40 | call to find_by |
8+
| ActiveRecordInjection.rb:79:5:81:7 | if ... |
9+
| ActiveRecordInjection.rb:79:43:80:40 | then ... |
10+
| ActiveRecordInjection.rb:80:7:80:40 | call to find_by |
11+
| ActiveRecordInjection.rb:85:5:85:33 | call to find_by |
12+
| ActiveRecordInjection.rb:88:5:88:34 | call to find |
513
activeRecordSqlExecutionRanges
614
| ActiveRecordInjection.rb:10:33:10:67 | "name='#{...}' and pass='#{...}'" |
715
| ActiveRecordInjection.rb:23:16:23:24 | condition |

ruby/ql/test/library-tests/frameworks/ActiveRecord.ql

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ import codeql.ruby.frameworks.ActiveRecord
33

44
query predicate activeRecordModelClasses(ActiveRecordModelClass cls) { any() }
55

6+
query predicate activeRecordInstances(ActiveRecordInstance i) { any() }
7+
68
query predicate activeRecordSqlExecutionRanges(ActiveRecordSqlExecutionRange range) { any() }
79

810
query predicate activeRecordModelClassMethodCalls(ActiveRecordModelClassMethodCall call) { any() }

0 commit comments

Comments
 (0)