template_alias_processor.rb in brakeman-3.1.0

- old
+ new

@@ -16,36 +16,38 @@
     @template = template
     @called_from = called_from
   end
 
   #Process template
-  def process_template name, args
+  def process_template name, args, _, line = nil
+    file = relative_path(@template.file || @tracker.templates[@template.name])
+
     if @called_from
       if @called_from.include_template? name
-        Brakeman.debug "Skipping circular render from #{@template[:name]} to #{name}"
+        Brakeman.debug "Skipping circular render from #{@template.name} to #{name}"
         return
       end
 
-      super name, args, @called_from.dup.add_template_render(@template[:name])
+      super name, args, @called_from.dup.add_template_render(@template.name, line, file)
     else
-      super name, args, Brakeman::RenderPath.new.add_template_render(@template[:name])
+      super name, args, Brakeman::RenderPath.new.add_template_render(@template.name, line, file)
     end
   end
 
   #Determine template name
   def template_name name
-    if !name.to_s.include?('/') && @template[:name].to_s.include?('/')
-      name = "#{@template[:name].to_s.match(/^(.*\/).*$/)[1]}#{name}"
+    if !name.to_s.include?('/') && @template.name.to_s.include?('/')
+      name = "#{@template.name.to_s.match(/^(.*\/).*$/)[1]}#{name}"
     end
     name
   end
 
   UNKNOWN_MODEL_CALL = Sexp.new(:call, Sexp.new(:const, Brakeman::Tracker::UNKNOWN_MODEL), :new)
   FORM_BUILDER_CALL = Sexp.new(:call, Sexp.new(:const, :FormBuilder), :new)
 
   #Looks for form methods and iterating over collections of Models
-  def process_call_with_block exp
+  def process_iter exp
     process_default exp
 
     call = exp.block_call
 
     if call? call
@@ -74,11 +76,9 @@
       end
     end
 
     exp
   end
-
-  alias process_iter process_call_with_block
 
   #Checks if +exp+ is a call to Model.all or Model.find*
   def get_model_target exp
     if call? exp
       target = exp.target