lib/brakeman/checks/check_mass_assignment.rb in brakeman-3.7.2 vs lib/brakeman/checks/check_mass_assignment.rb in brakeman-4.0.0
- old
+ new
@@ -78,21 +78,21 @@
if call? first_arg and (first_arg.method == :slice or first_arg.method == :only)
return
elsif not node_type? first_arg, :hash
if attr_protected
- confidence = CONFIDENCE[:med]
+ confidence = :medium
else
- confidence = CONFIDENCE[:high]
+ confidence = :high
end
else
- confidence = CONFIDENCE[:low]
+ return
end
elsif node_type? call.first_arg, :lit, :str
return
else
- confidence = CONFIDENCE[:low]
+ confidence = :weak
input = nil
end
warn :result => res,
:warning_type => "Mass Assignment",
@@ -180,12 +180,12 @@
def warn_on_permit! result
return unless original? result
confidence = if subsequent_mass_assignment? result
- CONFIDENCE[:high]
+ :high
else
- CONFIDENCE[:med]
+ :medium
end
warn :result => result,
:warning_type => "Mass Assignment",
:warning_code => :mass_assign_permit!,