hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.20.4
codeql/ruby/ql/test/library-tests/concepts/app/controllers/users_controller.rb
Harry Maclean 83393dc195 Ruby: Recognise more AR write accesses 
This change means we recognise calls like

```rb
User.create(params)
User.update(id, params)
```

as instances of `PersistentWriteAccess`.
2022-08-04 17:22:46 +12:00

49 lines
1.1 KiB
Ruby
Raw Permalink Blame History

module Users
class UsersController < ApplicationController
def create_or_modify
# CreateLikeCall
User.create!(name: "U1", uid: get_uid)
User.create(name: "U2")
User.insert({name: "U3"})
# UpdateLikeClassMethodCall
User.update(4, name: "U4")
User.update!([5, 6, 7], [{name: "U5"}, {name: "U6"}, {name: "U7"}])
# InsertAllLikeCall
User.insert_all([{name: "U8"}, {name: "U9"}, {name: "U10"}])
user = User.find(5)
# UpdateLikeInstanceMethodCall
user.update(name: "U11")
user.update_attributes({name: "U12", uid: get_uid})
# UpdateAttributeCall
user.update_attribute("name", "U13")
# AssignAttributeCall
user.name = "U14"
user.save
# TouchAllCall
User.touch_all
User.touch_all(time: time)
# UpdateLikeClassMethodCall
attrs = {name: "U15"}
User.update(8, attrs)
User.update!(8, attrs)
# CreateLikeClassMethodCall
User.create(attrs)
User.create!(attrs)
User.insert(attrs)
end
def get_uid
User.last.id + 1
end
end
end
Reference in New Issue View Git Blame Copy Permalink