Ruby: split out rb/sensitive-get-query using query/customizations pattern

ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.ql

@@ -12,37 +12,13 @@
  */
 
 import ruby
-private import codeql.ruby.DataFlow
-private import codeql.ruby.TaintTracking
-private import codeql.ruby.security.SensitiveActions
-private import codeql.ruby.Concepts
-private import codeql.ruby.frameworks.ActionDispatch
-private import codeql.ruby.frameworks.ActionController
-private import codeql.ruby.frameworks.core.Array
+import DataFlow::PathGraph
+import codeql.ruby.DataFlow
+import codeql.ruby.security.SensitiveGetQueryQuery
+import codeql.ruby.security.SensitiveActions
 
-class Source extends Http::Server::RequestInputAccess {
-  private Http::Server::RequestHandler handler;
-
-  Source() {
-    handler = this.asExpr().getExpr().getEnclosingMethod() and
-    handler.getAnHttpMethod() = "get"
-  }
-
-  Http::Server::RequestHandler getHandler() { result = handler }
-}
-
-class Configuration extends TaintTracking::Configuration {
-  Configuration() { this = "SensitiveGetQuery" }
-
-  override predicate isSource(DataFlow::Node source) { source instanceof Source }
-
-  override predicate isSink(DataFlow::Node sink) { sink instanceof SensitiveNode }
-}
-
-from DataFlow::PathNode source, DataFlow::PathNode sink, Configuration config
-where
-  config.hasFlowPath(source, sink) and
-  not sink.getNode().(SensitiveNode).getClassification() = SensitiveDataClassification::id()
+from DataFlow::PathNode source, DataFlow::PathNode sink, SensitiveGetQuery::Configuration config
+where config.hasFlowPath(source, sink)
 select source.getNode(), source, sink,
   "$@ for GET requests uses query parameter as sensitive data.",
-  source.getNode().(Source).getHandler(), "Route handler"
+  source.getNode().(SensitiveGetQuery::Source).getHandler(), "Route handler"