Sha256: 9e85dc0d0eb638cc446d7c85f477bf3b3f0bea46ec7cd67bff71e941f365320e
Contents?: true
Size: 1.94 KB
Versions: 6
Compression:
Stored size: 1.94 KB
Contents
/* Copyright (c) 2020 Contrast Security, Inc. See
* https://www.contrastsecurity.com/enduser-terms-0317a for more details. */
#include "cs__active_record_named.h"
#include <ruby.h>
#include "../cs__common/cs__common.h"
VALUE contrast_assess_active_record_scope(const int argc, const VALUE *argv,
const VALUE self) {
/*
* The ActiveRecord::Scoping::Named::ClassMethods#scope method allows for
* the creation of methods at runtime. In order to trigger on interpolation
* within that new method, we must rewrite the method body BEFORE it can be
* used in the original #scope method, replacing interpolations with our
* String append logic. As this deviates from standard Assess behavior
* (changes the application behavior and acts on an input BEFORE it can be
* passed to the original method), I think it deserves to be in a custom
* call. -HM
*/
VALUE new_body, ret;
VALUE new_args[3];
new_body = rb_funcall(active_record_named, rb_sym_assess_rewrite, 3, self, argv[0], argv[1]);
new_args[0] = argv[0];
if (NIL_P(new_body)) {
new_args[1] = argv[1];
} else {
new_args[1] = new_body;
}
new_args[2] = argv[2];
ret = rb_funcall2(self, rb_sym_assess_scope, argc, new_args);
return ret;
}
void Init_cs__assess_active_record_named(void) {
VALUE framework, rails, rewrite;
framework = rb_define_module_under(contrast, "Framework");
rails = rb_define_module_under(framework, "Rails");
rewrite = rb_define_module_under(rails, "Rewrite");
active_record_named = rb_define_class_under(rewrite, "ActiveRecordNamed", rb_cObject);
rb_sym_assess_rewrite = rb_intern("rewrite");
rb_sym_assess_scope = contrast_register_patch("ActiveRecord::Scoping::Named::ClassMethods",
"scope",
contrast_assess_active_record_scope);
}
Version data entries
6 entries across 6 versions & 1 rubygems