class Railroader::Config

Attributes

erubis[W]
escape_html[W]
gems[R]
rails[R]
rails_version[RW]
ruby_version[RW]
tracker[R]

Public Class Methods

new(tracker) click to toggle source
# File lib/railroader/tracker/config.rb, line 12
def initialize tracker
  @tracker = tracker
  @rails = {}
  @gems = {}
  @settings = {}
  @escape_html = nil
  @erubis = nil
  @ruby_version = ""
end

Public Instance Methods

add_gem(name, version, file, line) click to toggle source
# File lib/railroader/tracker/config.rb, line 64
def add_gem name, version, file, line
  name = name.to_sym
  @gems[name] = {
    :version => version,
    :file => file,
    :line => line
  }
end
allow_forgery_protection?() click to toggle source
# File lib/railroader/tracker/config.rb, line 22
def allow_forgery_protection?
  @rails[:action_controller] and
    @rails[:action_controller][:allow_forgery_protection] == Sexp.new(:false)
end
default_protect_from_forgery?() click to toggle source
# File lib/railroader/tracker/config.rb, line 27
def default_protect_from_forgery?
  if version_between? "5.2.0", "9.9.9"
    if @rails[:action_controller] and
        @rails[:action_controller][:default_protect_from_forgery] == Sexp.new(:false)

      return false
    else
      return true
    end
  end

  false
end
erubis?() click to toggle source
# File lib/railroader/tracker/config.rb, line 41
def erubis?
  @erubis
end
escape_html?() click to toggle source
# File lib/railroader/tracker/config.rb, line 45
def escape_html?
  @escape_html
end
escape_html_entities_in_json?() click to toggle source
# File lib/railroader/tracker/config.rb, line 49
def escape_html_entities_in_json?
  # TODO add version-specific information here
  @rails[:active_support] and
    true? @rails[:active_support][:escape_html_entities_in_json]
end
gem_version(name) click to toggle source
# File lib/railroader/tracker/config.rb, line 60
def gem_version name
  @gems[name] and @gems[name][:version]
end
get_gem(name) click to toggle source
# File lib/railroader/tracker/config.rb, line 77
def get_gem name
  @gems[name]
end
has_gem?(name) click to toggle source
# File lib/railroader/tracker/config.rb, line 73
def has_gem? name
  !!@gems[name]
end
session_settings() click to toggle source
# File lib/railroader/tracker/config.rb, line 148
def session_settings
  @rails[:action_controller] &&
    @rails[:action_controller][:session]
end
set_rails_version() click to toggle source
# File lib/railroader/tracker/config.rb, line 81
def set_rails_version
  # Ignore ~>, etc. when using values from Gemfile
  version = gem_version(:rails) || gem_version(:railties)
  if version and version.match(/(\d+\.\d+\.\d+.*)/)
    @rails_version = $1

    if tracker.options[:rails3].nil? and tracker.options[:rails4].nil?
      if @rails_version.start_with? "3"
        tracker.options[:rails3] = true
        Railroader.notify "[Notice] Detected Rails 3 application"
      elsif @rails_version.start_with? "4"
        tracker.options[:rails3] = true
        tracker.options[:rails4] = true
        Railroader.notify "[Notice] Detected Rails 4 application"
      elsif @rails_version.start_with? "5"
        tracker.options[:rails3] = true
        tracker.options[:rails4] = true
        tracker.options[:rails5] = true
        Railroader.notify "[Notice] Detected Rails 5 application"
      end
    end
  end

  if get_gem :rails_xss
    @escape_html = true
    Railroader.notify "[Notice] Escaping HTML by default"
  end
end
set_ruby_version(version) click to toggle source
# File lib/railroader/tracker/config.rb, line 110
def set_ruby_version version
  return unless version.is_a? String

  if version =~ /(\d+\.\d+\.\d+)/
    self.ruby_version = $1
  end
end
version_between?(low_version, high_version, current_version = nil) click to toggle source

Returns true if low_version <= RAILS_VERSION <= high_version

If the Rails version is unknown, returns false.

# File lib/railroader/tracker/config.rb, line 121
def version_between? low_version, high_version, current_version = nil
  current_version ||= rails_version
  return false unless current_version

  version = current_version.split(".").map!(&:to_i)
  low_version = low_version.split(".").map!(&:to_i)
  high_version = high_version.split(".").map!(&:to_i)

  version.each_with_index do |v, i|
    if v < low_version.fetch(i, 0)
      return false
    elsif v > low_version.fetch(i, 0)
      break
    end
  end

  version.each_with_index do |v, i|
    if v > high_version.fetch(i, 0)
      return false
    elsif v < high_version.fetch(i, 0)
      break
    end
  end

  true
end
whitelist_attributes?() click to toggle source
# File lib/railroader/tracker/config.rb, line 55
def whitelist_attributes?
  @rails[:active_record] and
    @rails[:active_record][:whitelist_attributes] == Sexp.new(:true)
end