Ruby: model ActionView::FileSystemResolver as a FileSystemAccess

Author: nickrolfe

ruby/ql/lib/change-notes/2022-09-13-filesystemresolver.md

@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Uses of `ActionView::FileSystemResolver` are now recognized as filesystem accesses.

ruby/ql/lib/codeql/ruby/frameworks/ActionView.qll

@@ -3,6 +3,7 @@
  */
 
 private import codeql.ruby.AST
+private import codeql.ruby.ApiGraphs
 private import codeql.ruby.Concepts
 private import codeql.ruby.controlflow.CfgNodes
 private import codeql.ruby.DataFlow
@@ -204,4 +205,15 @@ class LinkToCall extends ActionViewContextCall {
     not exists(this.getBlock()) and result = this.getArgument(1)
   }
 }
+
+/**
+ * An instantiation of `ActionView::FileSystemResolver`, considered as a `FileSystemAccess`.
+ */
+class FileSystemResolverAccess extends DataFlow::CallNode, FileSystemAccess::Range {
+  FileSystemResolverAccess() {
+    this = API::getTopLevelMember("ActionView").getMember("FileSystemResolver").getAnInstantiation()
+  }
+
+  override DataFlow::Node getAPathArgument() { result = this.getArgument(0) }
+}
 // TODO: model flow in/out of template files properly,

ruby/ql/test/library-tests/frameworks/action_view/ActionView.expected

@@ -0,0 +1 @@
+| ActionView.rb:5:39:5:92 | call to new | ActionView.rb:5:74:5:82 | view_path |

ruby/ql/test/library-tests/frameworks/action_view/ActionView.ql

@@ -0,0 +1,6 @@
+import codeql.ruby.Concepts
+import codeql.ruby.DataFlow
+
+query predicate fileSystemResolverAccesses(FileSystemAccess a, DataFlow::Node path) {
+  a.getAPathArgument() = path
+}

ruby/ql/test/library-tests/frameworks/action_view/ActionView.rb

@@ -0,0 +1,6 @@
+
+def setup_view_paths
+  view_path =  Rails.root.join("/path/to/views")
+  pattern = ":prefix/:action{.:formats,}"
+  ActionController::Base.view_paths = ActionView::FileSystemResolver.new(view_path, pattern)
+end