From f792b5842125560303ecc0019017262e0b3e3400 Mon Sep 17 00:00:00 2001
From: Harry Maclean <hmac@github.com>
Date: Mon, 5 Feb 2024 16:45:59 +0000
Subject: [PATCH] Ruby: Recognise more ActiveRecord connections

---
 .../codeql/ruby/frameworks/ActiveRecord.qll   |   6 +-
 .../active_record/ActiveRecord.expected       | 227 +++++++++---------
 .../frameworks/active_record/ActiveRecord.rb  |   4 +
 3 files changed, 125 insertions(+), 112 deletions(-)

diff --git a/ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll b/ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll
index 843eb4f8d6e5..4596c4320701 100644
--- a/ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll
+++ b/ruby/ql/lib/codeql/ruby/frameworks/ActiveRecord.qll
@@ -77,7 +77,11 @@ private predicate isUnlikelyExternalCall(API::MethodAccessNode node) {
 }
 
 private API::Node activeRecordConnectionInstance() {
-  result = activeRecordBaseClass().getReturn("connection")
+  result =
+    [
+      activeRecordBaseClass().getReturn("connection"),
+      activeRecordBaseClass().getInstance().getReturn("connection")
+    ]
 }
 
 /**
diff --git a/ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.expected b/ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.expected
index d7195d11ad7c..b273bddbee64 100644
--- a/ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.expected
+++ b/ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.expected
@@ -1,7 +1,7 @@
 activeRecordModelClasses
 | ActiveRecord.rb:1:1:3:3 | UserGroup |
-| ActiveRecord.rb:5:1:15:3 | User |
-| ActiveRecord.rb:17:1:21:3 | Admin |
+| ActiveRecord.rb:5:1:19:3 | User |
+| ActiveRecord.rb:21:1:25:3 | Admin |
 | associations.rb:1:1:3:3 | Author |
 | associations.rb:5:1:9:3 | Post |
 | associations.rb:11:1:13:3 | Tag |
@@ -10,17 +10,20 @@ activeRecordInstances
 | ActiveRecord.rb:9:5:9:68 | call to find |
 | ActiveRecord.rb:13:5:13:40 | call to find_by |
 | ActiveRecord.rb:13:5:13:46 | call to users |
-| ActiveRecord.rb:35:5:35:51 | call to authenticate |
-| ActiveRecord.rb:36:5:36:30 | call to find_by_name |
-| ActiveRecord.rb:55:5:57:7 | if ... |
-| ActiveRecord.rb:55:43:56:40 | then ... |
-| ActiveRecord.rb:56:7:56:40 | call to find_by |
-| ActiveRecord.rb:60:5:60:33 | call to find_by |
-| ActiveRecord.rb:62:5:62:34 | call to find |
-| ActiveRecord.rb:72:5:72:24 | call to create |
-| ActiveRecord.rb:76:5:76:66 | call to create |
-| ActiveRecord.rb:80:5:80:68 | call to create |
-| ActiveRecord.rb:84:5:84:16 | call to create |
+| ActiveRecord.rb:16:3:18:5 | self (exec) |
+| ActiveRecord.rb:16:3:18:5 | self in exec |
+| ActiveRecord.rb:17:5:17:14 | self |
+| ActiveRecord.rb:39:5:39:51 | call to authenticate |
+| ActiveRecord.rb:40:5:40:30 | call to find_by_name |
+| ActiveRecord.rb:59:5:61:7 | if ... |
+| ActiveRecord.rb:59:43:60:40 | then ... |
+| ActiveRecord.rb:60:7:60:40 | call to find_by |
+| ActiveRecord.rb:64:5:64:33 | call to find_by |
+| ActiveRecord.rb:66:5:66:34 | call to find |
+| ActiveRecord.rb:76:5:76:24 | call to create |
+| ActiveRecord.rb:80:5:80:66 | call to create |
+| ActiveRecord.rb:84:5:84:68 | call to create |
+| ActiveRecord.rb:88:5:88:16 | call to create |
 | associations.rb:19:1:19:7 | author1 |
 | associations.rb:19:1:19:20 | ... = ... |
 | associations.rb:19:11:19:20 | call to new |
@@ -105,46 +108,47 @@ activeRecordInstances
 | associations.rb:53:1:53:34 | call to find |
 activeRecordSqlExecutionRanges
 | ActiveRecord.rb:9:33:9:67 | "name='#{...}' and pass='#{...}'" |
-| ActiveRecord.rb:19:16:19:24 | condition |
-| ActiveRecord.rb:28:30:28:44 | ...[...] |
-| ActiveRecord.rb:29:20:29:42 | "id = '#{...}'" |
-| ActiveRecord.rb:30:21:30:45 | call to [] |
-| ActiveRecord.rb:31:16:31:21 | <<-SQL |
-| ActiveRecord.rb:34:20:34:47 | "user.id = '#{...}'" |
-| ActiveRecord.rb:46:20:46:32 | ... + ... |
-| ActiveRecord.rb:52:16:52:28 | "name #{...}" |
-| ActiveRecord.rb:56:20:56:39 | "username = #{...}" |
-| ActiveRecord.rb:68:21:68:44 | ...[...] |
-| ActiveRecord.rb:106:27:106:76 | "this is an unsafe annotation:..." |
+| ActiveRecord.rb:17:24:17:24 | q |
+| ActiveRecord.rb:23:16:23:24 | condition |
+| ActiveRecord.rb:32:30:32:44 | ...[...] |
+| ActiveRecord.rb:33:20:33:42 | "id = '#{...}'" |
+| ActiveRecord.rb:34:21:34:45 | call to [] |
+| ActiveRecord.rb:35:16:35:21 | <<-SQL |
+| ActiveRecord.rb:38:20:38:47 | "user.id = '#{...}'" |
+| ActiveRecord.rb:50:20:50:32 | ... + ... |
+| ActiveRecord.rb:56:16:56:28 | "name #{...}" |
+| ActiveRecord.rb:60:20:60:39 | "username = #{...}" |
+| ActiveRecord.rb:72:21:72:44 | ...[...] |
+| ActiveRecord.rb:110:27:110:76 | "this is an unsafe annotation:..." |
 activeRecordModelClassMethodCalls
 | ActiveRecord.rb:2:3:2:17 | call to has_many |
 | ActiveRecord.rb:6:3:6:24 | call to belongs_to |
 | ActiveRecord.rb:9:5:9:68 | call to find |
 | ActiveRecord.rb:13:5:13:40 | call to find_by |
 | ActiveRecord.rb:13:5:13:46 | call to users |
-| ActiveRecord.rb:19:5:19:25 | call to destroy_by |
-| ActiveRecord.rb:28:5:28:45 | call to calculate |
-| ActiveRecord.rb:29:5:29:43 | call to delete_by |
-| ActiveRecord.rb:30:5:30:46 | call to destroy_by |
-| ActiveRecord.rb:31:5:31:35 | call to where |
-| ActiveRecord.rb:34:5:34:14 | call to where |
-| ActiveRecord.rb:34:5:34:48 | call to not |
-| ActiveRecord.rb:36:5:36:30 | call to find_by_name |
-| ActiveRecord.rb:37:5:37:36 | call to not_a_find_by_method |
-| ActiveRecord.rb:46:5:46:33 | call to delete_by |
-| ActiveRecord.rb:52:5:52:29 | call to order |
-| ActiveRecord.rb:56:7:56:40 | call to find_by |
-| ActiveRecord.rb:60:5:60:33 | call to find_by |
-| ActiveRecord.rb:62:5:62:34 | call to find |
-| ActiveRecord.rb:72:5:72:24 | call to create |
-| ActiveRecord.rb:76:5:76:66 | call to create |
-| ActiveRecord.rb:80:5:80:68 | call to create |
-| ActiveRecord.rb:84:5:84:16 | call to create |
-| ActiveRecord.rb:88:5:88:27 | call to update |
-| ActiveRecord.rb:92:5:92:69 | call to update |
-| ActiveRecord.rb:96:5:96:71 | call to update |
-| ActiveRecord.rb:102:13:102:54 | call to annotate |
-| ActiveRecord.rb:106:13:106:77 | call to annotate |
+| ActiveRecord.rb:23:5:23:25 | call to destroy_by |
+| ActiveRecord.rb:32:5:32:45 | call to calculate |
+| ActiveRecord.rb:33:5:33:43 | call to delete_by |
+| ActiveRecord.rb:34:5:34:46 | call to destroy_by |
+| ActiveRecord.rb:35:5:35:35 | call to where |
+| ActiveRecord.rb:38:5:38:14 | call to where |
+| ActiveRecord.rb:38:5:38:48 | call to not |
+| ActiveRecord.rb:40:5:40:30 | call to find_by_name |
+| ActiveRecord.rb:41:5:41:36 | call to not_a_find_by_method |
+| ActiveRecord.rb:50:5:50:33 | call to delete_by |
+| ActiveRecord.rb:56:5:56:29 | call to order |
+| ActiveRecord.rb:60:7:60:40 | call to find_by |
+| ActiveRecord.rb:64:5:64:33 | call to find_by |
+| ActiveRecord.rb:66:5:66:34 | call to find |
+| ActiveRecord.rb:76:5:76:24 | call to create |
+| ActiveRecord.rb:80:5:80:66 | call to create |
+| ActiveRecord.rb:84:5:84:68 | call to create |
+| ActiveRecord.rb:88:5:88:16 | call to create |
+| ActiveRecord.rb:92:5:92:27 | call to update |
+| ActiveRecord.rb:96:5:96:69 | call to update |
+| ActiveRecord.rb:100:5:100:71 | call to update |
+| ActiveRecord.rb:106:13:106:54 | call to annotate |
+| ActiveRecord.rb:110:13:110:77 | call to annotate |
 | associations.rb:2:3:2:17 | call to has_many |
 | associations.rb:6:3:6:20 | call to belongs_to |
 | associations.rb:7:3:7:20 | call to has_many |
@@ -200,41 +204,41 @@ activeRecordModelClassMethodCalls
 activeRecordModelClassMethodCallsReplacement
 | ActiveRecord.rb:1:1:3:3 | UserGroup | ActiveRecord.rb:2:3:2:17 | call to has_many |
 | ActiveRecord.rb:1:1:3:3 | UserGroup | ActiveRecord.rb:13:5:13:40 | call to find_by |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:6:3:6:24 | call to belongs_to |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:9:5:9:68 | call to find |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:19:5:19:25 | call to destroy_by |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:28:5:28:45 | call to calculate |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:29:5:29:43 | call to delete_by |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:30:5:30:46 | call to destroy_by |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:31:5:31:35 | call to where |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:34:5:34:14 | call to where |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:35:5:35:51 | call to authenticate |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:36:5:36:30 | call to find_by_name |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:37:5:37:36 | call to not_a_find_by_method |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:46:5:46:33 | call to delete_by |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:52:5:52:29 | call to order |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:56:7:56:40 | call to find_by |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:60:5:60:33 | call to find_by |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:62:5:62:34 | call to find |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:68:5:68:45 | call to delete_by |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:72:5:72:24 | call to create |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:76:5:76:66 | call to create |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:80:5:80:68 | call to create |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:84:5:84:16 | call to create |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:88:5:88:27 | call to update |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:92:5:92:69 | call to update |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:96:5:96:71 | call to update |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:102:13:102:54 | call to annotate |
-| ActiveRecord.rb:5:1:15:3 | User | ActiveRecord.rb:106:13:106:77 | call to annotate |
-| ActiveRecord.rb:17:1:21:3 | Admin | ActiveRecord.rb:19:5:19:25 | call to destroy_by |
-| ActiveRecord.rb:17:1:21:3 | Admin | ActiveRecord.rb:68:5:68:45 | call to delete_by |
-| ActiveRecord.rb:17:1:21:3 | Admin | ActiveRecord.rb:72:5:72:24 | call to create |
-| ActiveRecord.rb:17:1:21:3 | Admin | ActiveRecord.rb:76:5:76:66 | call to create |
-| ActiveRecord.rb:17:1:21:3 | Admin | ActiveRecord.rb:80:5:80:68 | call to create |
-| ActiveRecord.rb:17:1:21:3 | Admin | ActiveRecord.rb:84:5:84:16 | call to create |
-| ActiveRecord.rb:17:1:21:3 | Admin | ActiveRecord.rb:88:5:88:27 | call to update |
-| ActiveRecord.rb:17:1:21:3 | Admin | ActiveRecord.rb:92:5:92:69 | call to update |
-| ActiveRecord.rb:17:1:21:3 | Admin | ActiveRecord.rb:96:5:96:71 | call to update |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:6:3:6:24 | call to belongs_to |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:9:5:9:68 | call to find |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:23:5:23:25 | call to destroy_by |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:32:5:32:45 | call to calculate |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:33:5:33:43 | call to delete_by |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:34:5:34:46 | call to destroy_by |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:35:5:35:35 | call to where |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:38:5:38:14 | call to where |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:39:5:39:51 | call to authenticate |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:40:5:40:30 | call to find_by_name |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:41:5:41:36 | call to not_a_find_by_method |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:50:5:50:33 | call to delete_by |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:56:5:56:29 | call to order |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:60:7:60:40 | call to find_by |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:64:5:64:33 | call to find_by |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:66:5:66:34 | call to find |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:72:5:72:45 | call to delete_by |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:76:5:76:24 | call to create |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:80:5:80:66 | call to create |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:84:5:84:68 | call to create |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:88:5:88:16 | call to create |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:92:5:92:27 | call to update |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:96:5:96:69 | call to update |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:100:5:100:71 | call to update |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:106:13:106:54 | call to annotate |
+| ActiveRecord.rb:5:1:19:3 | User | ActiveRecord.rb:110:13:110:77 | call to annotate |
+| ActiveRecord.rb:21:1:25:3 | Admin | ActiveRecord.rb:23:5:23:25 | call to destroy_by |
+| ActiveRecord.rb:21:1:25:3 | Admin | ActiveRecord.rb:72:5:72:45 | call to delete_by |
+| ActiveRecord.rb:21:1:25:3 | Admin | ActiveRecord.rb:76:5:76:24 | call to create |
+| ActiveRecord.rb:21:1:25:3 | Admin | ActiveRecord.rb:80:5:80:66 | call to create |
+| ActiveRecord.rb:21:1:25:3 | Admin | ActiveRecord.rb:84:5:84:68 | call to create |
+| ActiveRecord.rb:21:1:25:3 | Admin | ActiveRecord.rb:88:5:88:16 | call to create |
+| ActiveRecord.rb:21:1:25:3 | Admin | ActiveRecord.rb:92:5:92:27 | call to update |
+| ActiveRecord.rb:21:1:25:3 | Admin | ActiveRecord.rb:96:5:96:69 | call to update |
+| ActiveRecord.rb:21:1:25:3 | Admin | ActiveRecord.rb:100:5:100:71 | call to update |
 | associations.rb:1:1:3:3 | Author | associations.rb:2:3:2:17 | call to has_many |
 | associations.rb:1:1:3:3 | Author | associations.rb:19:11:19:20 | call to new |
 | associations.rb:5:1:9:3 | Post | associations.rb:6:3:6:20 | call to belongs_to |
@@ -244,28 +248,29 @@ activeRecordModelClassMethodCallsReplacement
 | associations.rb:15:1:17:3 | Comment | associations.rb:16:3:16:18 | call to belongs_to |
 potentiallyUnsafeSqlExecutingMethodCall
 | ActiveRecord.rb:9:5:9:68 | call to find |
-| ActiveRecord.rb:19:5:19:25 | call to destroy_by |
-| ActiveRecord.rb:28:5:28:45 | call to calculate |
-| ActiveRecord.rb:29:5:29:43 | call to delete_by |
-| ActiveRecord.rb:30:5:30:46 | call to destroy_by |
-| ActiveRecord.rb:31:5:31:35 | call to where |
-| ActiveRecord.rb:34:5:34:48 | call to not |
-| ActiveRecord.rb:46:5:46:33 | call to delete_by |
-| ActiveRecord.rb:52:5:52:29 | call to order |
-| ActiveRecord.rb:56:7:56:40 | call to find_by |
-| ActiveRecord.rb:106:13:106:77 | call to annotate |
+| ActiveRecord.rb:23:5:23:25 | call to destroy_by |
+| ActiveRecord.rb:32:5:32:45 | call to calculate |
+| ActiveRecord.rb:33:5:33:43 | call to delete_by |
+| ActiveRecord.rb:34:5:34:46 | call to destroy_by |
+| ActiveRecord.rb:35:5:35:35 | call to where |
+| ActiveRecord.rb:38:5:38:48 | call to not |
+| ActiveRecord.rb:50:5:50:33 | call to delete_by |
+| ActiveRecord.rb:56:5:56:29 | call to order |
+| ActiveRecord.rb:60:7:60:40 | call to find_by |
+| ActiveRecord.rb:110:13:110:77 | call to annotate |
 activeRecordModelInstantiations
-| ActiveRecord.rb:9:5:9:68 | call to find | ActiveRecord.rb:5:1:15:3 | User |
+| ActiveRecord.rb:9:5:9:68 | call to find | ActiveRecord.rb:5:1:19:3 | User |
 | ActiveRecord.rb:13:5:13:40 | call to find_by | ActiveRecord.rb:1:1:3:3 | UserGroup |
-| ActiveRecord.rb:13:5:13:46 | call to users | ActiveRecord.rb:5:1:15:3 | User |
-| ActiveRecord.rb:36:5:36:30 | call to find_by_name | ActiveRecord.rb:5:1:15:3 | User |
-| ActiveRecord.rb:56:7:56:40 | call to find_by | ActiveRecord.rb:5:1:15:3 | User |
-| ActiveRecord.rb:60:5:60:33 | call to find_by | ActiveRecord.rb:5:1:15:3 | User |
-| ActiveRecord.rb:62:5:62:34 | call to find | ActiveRecord.rb:5:1:15:3 | User |
-| ActiveRecord.rb:72:5:72:24 | call to create | ActiveRecord.rb:17:1:21:3 | Admin |
-| ActiveRecord.rb:76:5:76:66 | call to create | ActiveRecord.rb:17:1:21:3 | Admin |
-| ActiveRecord.rb:80:5:80:68 | call to create | ActiveRecord.rb:17:1:21:3 | Admin |
-| ActiveRecord.rb:84:5:84:16 | call to create | ActiveRecord.rb:17:1:21:3 | Admin |
+| ActiveRecord.rb:13:5:13:46 | call to users | ActiveRecord.rb:5:1:19:3 | User |
+| ActiveRecord.rb:16:3:18:5 | self in exec | ActiveRecord.rb:5:1:19:3 | User |
+| ActiveRecord.rb:40:5:40:30 | call to find_by_name | ActiveRecord.rb:5:1:19:3 | User |
+| ActiveRecord.rb:60:7:60:40 | call to find_by | ActiveRecord.rb:5:1:19:3 | User |
+| ActiveRecord.rb:64:5:64:33 | call to find_by | ActiveRecord.rb:5:1:19:3 | User |
+| ActiveRecord.rb:66:5:66:34 | call to find | ActiveRecord.rb:5:1:19:3 | User |
+| ActiveRecord.rb:76:5:76:24 | call to create | ActiveRecord.rb:21:1:25:3 | Admin |
+| ActiveRecord.rb:80:5:80:66 | call to create | ActiveRecord.rb:21:1:25:3 | Admin |
+| ActiveRecord.rb:84:5:84:68 | call to create | ActiveRecord.rb:21:1:25:3 | Admin |
+| ActiveRecord.rb:88:5:88:16 | call to create | ActiveRecord.rb:21:1:25:3 | Admin |
 | associations.rb:19:11:19:20 | call to new | associations.rb:1:1:3:3 | Author |
 | associations.rb:21:9:21:21 | call to posts | associations.rb:5:1:9:3 | Post |
 | associations.rb:21:9:21:28 | call to create | associations.rb:5:1:9:3 | Post |
@@ -307,13 +312,13 @@ activeRecordModelInstantiations
 | associations.rb:53:1:53:13 | call to posts | associations.rb:5:1:9:3 | Post |
 | associations.rb:53:1:53:20 | call to reload | associations.rb:5:1:9:3 | Post |
 persistentWriteAccesses
-| ActiveRecord.rb:72:5:72:24 | call to create | ActiveRecord.rb:72:18:72:23 | call to params |
-| ActiveRecord.rb:76:5:76:66 | call to create | ActiveRecord.rb:76:24:76:36 | ...[...] |
-| ActiveRecord.rb:76:5:76:66 | call to create | ActiveRecord.rb:76:49:76:65 | ...[...] |
-| ActiveRecord.rb:80:5:80:68 | call to create | ActiveRecord.rb:80:25:80:37 | ...[...] |
-| ActiveRecord.rb:80:5:80:68 | call to create | ActiveRecord.rb:80:50:80:66 | ...[...] |
-| ActiveRecord.rb:88:5:88:27 | call to update | ActiveRecord.rb:88:21:88:26 | call to params |
-| ActiveRecord.rb:92:5:92:69 | call to update | ActiveRecord.rb:92:27:92:39 | ...[...] |
-| ActiveRecord.rb:92:5:92:69 | call to update | ActiveRecord.rb:92:52:92:68 | ...[...] |
-| ActiveRecord.rb:96:5:96:71 | call to update | ActiveRecord.rb:96:21:96:70 | call to [] |
+| ActiveRecord.rb:76:5:76:24 | call to create | ActiveRecord.rb:76:18:76:23 | call to params |
+| ActiveRecord.rb:80:5:80:66 | call to create | ActiveRecord.rb:80:24:80:36 | ...[...] |
+| ActiveRecord.rb:80:5:80:66 | call to create | ActiveRecord.rb:80:49:80:65 | ...[...] |
+| ActiveRecord.rb:84:5:84:68 | call to create | ActiveRecord.rb:84:25:84:37 | ...[...] |
+| ActiveRecord.rb:84:5:84:68 | call to create | ActiveRecord.rb:84:50:84:66 | ...[...] |
+| ActiveRecord.rb:92:5:92:27 | call to update | ActiveRecord.rb:92:21:92:26 | call to params |
+| ActiveRecord.rb:96:5:96:69 | call to update | ActiveRecord.rb:96:27:96:39 | ...[...] |
+| ActiveRecord.rb:96:5:96:69 | call to update | ActiveRecord.rb:96:52:96:68 | ...[...] |
+| ActiveRecord.rb:100:5:100:71 | call to update | ActiveRecord.rb:100:21:100:70 | call to [] |
 | associations.rb:31:16:31:22 | ... = ... | associations.rb:31:16:31:22 | author2 |
diff --git a/ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.rb b/ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.rb
index 8e5961c87710..dca8f3c43d36 100644
--- a/ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.rb
+++ b/ruby/ql/test/library-tests/frameworks/active_record/ActiveRecord.rb
@@ -12,6 +12,10 @@ def self.authenticate(name, pass)
   def self.from(user_group_id)
     UserGroup.find_by(id: user_group_id).users
   end
+
+  def exec(q)
+    connection.execute(q)
+  end
 end
 
 class Admin < User