add a class to represent ActiveRecord models

ql/src/codeql_ruby/frameworks/ActiveRecord.qll

@@ -0,0 +1,33 @@
+// TODO: calls to methods where the receiver extends ActiveRecord::Base, directly or not
+import ruby
+private import codeql_ruby.AST
+private import codeql_ruby.ast.internal.Module
+
+private class ActiveRecordBaseAccess extends ConstantReadAccess {
+  ActiveRecordBaseAccess() {
+    this.getName() = "Base" and
+    this.getScopeExpr().(ConstantAccess).getName() = "ActiveRecord"
+  }
+}
+
+// ApplicationRecord extends ActiveRecord::Base, but we
+// treat it separately in case the ApplicationRecord definition
+// is not in the database
+private class ApplicationRecordAccess extends ConstantReadAccess {
+  ApplicationRecordAccess() { this.getName() = "ApplicationRecord" }
+}
+
+class ActiveRecordModelClass extends ClassDeclaration {
+  ActiveRecordModelClass() {
+    // class Foo < ActiveRecord::Base
+    this.getSuperclassExpr() instanceof ActiveRecordBaseAccess
+    or
+    // class Foo < ApplicationRecord
+    this.getSuperclassExpr() instanceof ApplicationRecordAccess
+    or
+    // class Bar < Foo
+    exists(ActiveRecordModelClass other |
+      other.getModule() = resolveScopeExpr(this.getSuperclassExpr())
+    )
+  }
+}