Class: Brakeman::Report::Table

Inherits:
Base
  • Object
show all
Defined in:
lib/brakeman/report/report_table.rb

Direct Known Subclasses

CSV

Constant Summary

Constants inherited from Base

Base::TEXT_CONFIDENCE

Constants included from Util

Util::ALL_PARAMETERS, Util::COOKIES, Util::COOKIES_SEXP, Util::PARAMETERS, Util::PARAMS_SEXP, Util::PATH_PARAMETERS, Util::QUERY_PARAMETERS, Util::REQUEST_ENV, Util::REQUEST_PARAMETERS, Util::REQUEST_PARAMS, Util::SESSION, Util::SESSION_SEXP

Instance Attribute Summary

Attributes inherited from Base

#checks, #tracker

Instance Method Summary collapse

Methods inherited from Base

#all_warnings, #controller_warnings, #convert_controller_warning, #convert_ignored_warning, #convert_model_warning, #convert_template_warning, #convert_to_rows, #convert_warning, #filter_warnings, #generate_controller_warnings, #generate_controllers, #generate_errors, #generate_ignored_warnings, #generate_model_warnings, #generate_template_warnings, #generate_warning_overview, #generate_warnings, #generic_warnings, #ignored_warnings, #initialize, #model_warnings, #number_of_templates, #rails_version, #render_warnings, #sort, #template_warnings, #text_message, #warning_file, #warnings_summary

Methods included from Util

#array?, #block?, #call?, #camelize, #class_name, #contains_class?, #context_for, #cookies?, #false?, #file_by_name, #file_for, #github_url, #hash?, #hash_access, #hash_insert, #hash_iterate, #integer?, #make_call, #node_type?, #number?, #params?, #pluralize, #rails_version, #regexp?, #relative_path, #request_env?, #request_value?, #result?, #set_env_defaults, #sexp?, #string?, #string_interp?, #symbol?, #table_to_csv, #template_path_to_name, #true?, #truncate_table, #underscore

Constructor Details

This class inherits a constructor from Brakeman::Report::Base

Instance Method Details

#generate_overviewObject 



42
43
44
45
46
47
48
49
50
51
52
53
 
# File 'lib/brakeman/report/report_table.rb', line 42

def generate_overview
  num_warnings = all_warnings.length

  Terminal::Table.new(:headings => ['Scanned/Reported', 'Total']) do |t|
    t.add_row ['Controllers', tracker.controllers.length]
    t.add_row ['Models', tracker.models.length - 1]
    t.add_row ['Templates', number_of_templates(@tracker)]
    t.add_row ['Errors', tracker.errors.length]
    t.add_row ['Security Warnings', "#{num_warnings} (#{warnings_summary[:high_confidence]})"]
    t.add_row ['Ignored Warnings', ignored_warnings.length] unless ignored_warnings.empty?
  end
end

#generate_reportObject 



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/brakeman/report/report_table.rb', line 4

def generate_report
  out = text_header <<
  "\n\n+SUMMARY+\n\n" <<
  truncate_table(generate_overview.to_s) << "\n\n" <<
  truncate_table(generate_warning_overview.to_s) << "\n"

  #Return output early if only summarizing
  return out if tracker.options[:summary_only]

  if tracker.options[:report_routes] or tracker.options[:debug]
    out << "\n+CONTROLLERS+\n" <<
    truncate_table(generate_controllers.to_s) << "\n"
  end

  if tracker.options[:debug]
    out << "\n+TEMPLATES+\n\n" <<
    truncate_table(generate_templates.to_s) << "\n"
  end

  res = generate_errors
  out << "+Errors+\n" << truncate_table(res.to_s) if res

  res = generate_warnings
  out << "\n\n+SECURITY WARNINGS+\n\n" << truncate_table(res.to_s) if res

  res = generate_controller_warnings
  out << "\n\n\nController Warnings:\n\n" << truncate_table(res.to_s) if res

  res = generate_model_warnings
  out << "\n\n\nModel Warnings:\n\n" << truncate_table(res.to_s) if res

  res = generate_template_warnings
  out << "\n\nView Warnings:\n\n" << truncate_table(res.to_s) if res

  out << "\n"
  out
end

#generate_templatesObject

Generate listings of templates and their output



56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/brakeman/report/report_table.rb', line 56

def generate_templates
  out_processor = Brakeman::OutputProcessor.new
  template_rows = {}
  tracker.templates.each do |name, template|
    template.each_output do |out|
      out = out_processor.format out
      template_rows[name] ||= []
      template_rows[name] << out.gsub("\n", ";").gsub(/\s+/, " ")
    end
  end

  template_rows = template_rows.sort_by{|name, value| name.to_s}

  output = ''
  template_rows.each do |template|
    output << template.first.to_s << "\n\n"
    table = Terminal::Table.new(:headings => ['Output']) do |t|
      # template[1] is an array of calls
      template[1].each do |v|
        t.add_row [v]
      end
    end

    output << table.to_s << "\n\n"
  end

  output
end

#render_array(template, headings, value_array, locals) ⇒ Object 



85
86
87
88
89
90
91
 
# File 'lib/brakeman/report/report_table.rb', line 85

def render_array template, headings, value_array, locals
  return if value_array.empty?

  Terminal::Table.new(:headings => headings) do |t|
    value_array.each { |value_row| t.add_row value_row }
  end
end

#text_headerObject

Generate header for text output



94
95
96
97
98
99
100
101
102
103
104
105
106
 
# File 'lib/brakeman/report/report_table.rb', line 94

def text_header
  <<-HEADER

+BRAKEMAN REPORT+

Application path: #{tracker.app_path}
Rails version: #{rails_version}
Brakeman version: #{Brakeman::Version}
Started at #{tracker.start_time}
Duration: #{tracker.duration} seconds
Checks run: #{checks.checks_run.sort.join(", ")}
HEADER
end