move path-injection MaD to PathInjectionCustomizations.qll

python/ql/lib/semmle/python/Concepts.qll

@@ -62,14 +62,6 @@ module FileSystemAccess {
     /** Gets an argument to this file system access that is interpreted as a path. */
     abstract DataFlow::Node getAPathArgument();
   }
-
-  private import semmle.python.frameworks.data.ModelsAsData
-
-  private class DataAsFileAccess extends Range {
-    DataAsFileAccess() { this = ModelOutput::getASinkNode("file-access").getARhs() }
-
-    override DataFlow::Node getAPathArgument() { result = this }
-  }
 }
 
 /**

python/ql/lib/semmle/python/frameworks/Asyncpg.qll

@@ -38,8 +38,8 @@ private module Asyncpg {
           "asyncpg;~Connection;Member[copy_from_query,execute,fetch,fetchrow,fetchval].Argument[0,query:];sql-injection",
           "asyncpg;~Connection;Member[executemany].Argument[0,command:];sql-injection",
           // A model of `Connection` and `ConnectionPool`, which provide some methods that access the file system.
-          "asyncpg;~Connection;Member[copy_from_query,copy_from_table].Argument[output:];file-access",
-          "asyncpg;~Connection;Member[copy_to_table].Argument[source:];file-access",
+          "asyncpg;~Connection;Member[copy_from_query,copy_from_table].Argument[output:];path-injection",
+          "asyncpg;~Connection;Member[copy_to_table].Argument[source:];path-injection",
           // the `PreparedStatement` class in `asyncpg`.
           "asyncpg;Connection;Member[prepare].Argument[0,query:];sql-injection",
         ]

python/ql/lib/semmle/python/security/dataflow/PathInjectionCustomizations.qll

@@ -59,6 +59,12 @@ module PathInjection {
     FileSystemAccessAsSink() { this = any(FileSystemAccess e).getAPathArgument() }
   }
 
+  private import semmle.python.frameworks.data.ModelsAsData
+
+  private class DataAsFileSink extends Sink {
+    DataAsFileSink() { this = ModelOutput::getASinkNode("path-injection").getARhs() }
+  }
+
   /**
    * A comparison with a constant string, considered as a sanitizer-guard.
    */