Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 6e56c54

Browse files
felickzfelickz
committed
Refactor Grape method call classes to simplify handling of API instance calls for headers, request, route_param, and cookies
1 parent 0665c39 commit 6e56c54

1 file changed

Lines changed: 4 additions & 24 deletions

File tree

ruby/ql/lib/codeql/ruby/frameworks/Grape.qll

Lines changed: 4 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -163,12 +163,7 @@ module Grape {
163163
*/
164164
private class GrapeHeadersCall extends MethodCall {
165165
GrapeHeadersCall() {
166-
exists(GrapeEndpoint endpoint |
167-
this.getParent+() = endpoint.getBody().asCallableAstNode() and
168-
this.getMethodName() = "headers"
169-
)
170-
or
171-
// Also handle cases where headers is called on an instance of a Grape API class
166+
// Handle cases where headers is called on an instance of a Grape API class
172167
this = grapeApiInstance().getAMethodCall("headers").asExpr().getExpr()
173168
}
174169
}
@@ -206,12 +201,7 @@ module Grape {
206201
*/
207202
private class GrapeRequestCall extends MethodCall {
208203
GrapeRequestCall() {
209-
exists(GrapeEndpoint endpoint |
210-
this.getParent+() = endpoint.getBody().asCallableAstNode() and
211-
this.getMethodName() = "request"
212-
)
213-
or
214-
// Also handle cases where request is called on an instance of a Grape API class
204+
// Handle cases where request is called on an instance of a Grape API class
215205
this = grapeApiInstance().getAMethodCall("request").asExpr().getExpr()
216206
}
217207
}
@@ -221,12 +211,7 @@ module Grape {
221211
*/
222212
private class GrapeRouteParamCall extends MethodCall {
223213
GrapeRouteParamCall() {
224-
exists(GrapeEndpoint endpoint |
225-
this.getParent+() = endpoint.getBody().asExpr().getExpr() and
226-
this.getMethodName() = "route_param"
227-
)
228-
or
229-
// Also handle cases where route_param is called on an instance of a Grape API class
214+
// Handle cases where route_param is called on an instance of a Grape API class
230215
this = grapeApiInstance().getAMethodCall("route_param").asExpr().getExpr()
231216
}
232217
}
@@ -274,12 +259,7 @@ module Grape {
274259
*/
275260
private class GrapeCookiesCall extends MethodCall {
276261
GrapeCookiesCall() {
277-
exists(GrapeEndpoint endpoint |
278-
this.getParent+() = endpoint.getBody().asCallableAstNode() and
279-
this.getMethodName() = "cookies"
280-
)
281-
or
282-
// Also handle cases where cookies is called on an instance of a Grape API class
262+
// Handle cases where cookies is called on an instance of a Grape API class
283263
this = grapeApiInstance().getAMethodCall("cookies").asExpr().getExpr()
284264
}
285265
}

0 commit comments

Comments
 (0)