class Railroader::CheckUnscopedFind
Checks for unscoped calls to models' find and find_by_id methods.
Public Instance Methods
optional_belongs_to?(exp)
click to toggle source
# File lib/railroader/checks/check_unscoped_find.rb, line 46 def optional_belongs_to? exp return false unless exp.is_a? Array exp.each do |e| if hash? e and true? hash_access(e, :optional) return true end end false end
process_result(result)
click to toggle source
# File lib/railroader/checks/check_unscoped_find.rb, line 28 def process_result result return if duplicate? result or result[:call].original_line # Not interested unless argument is user controlled. inputs = result[:call].args.map { |arg| include_user_input?(arg) } return unless input = inputs.compact.first add_result result warn :result => result, :warning_type => "Unscoped Find", :warning_code => :unscoped_find, :message => "Unscoped call to #{result[:target]}##{result[:method]}", :code => result[:call], :confidence => :weak, :user_input => input end
run_check()
click to toggle source
# File lib/railroader/checks/check_unscoped_find.rb, line 9 def run_check Railroader.debug("Finding instances of #find on models with associations") associated_model_names = active_record_models.keys.select do |name| if belongs_to = active_record_models[name].associations[:belongs_to] not optional_belongs_to? belongs_to else false end end calls = tracker.find_call :method => [:find, :find_by_id, :find_by_id!], :targets => associated_model_names calls.each do |call| process_result call end end