Merge pull request #919 from presidentbeef/fix_debug_template_output

Fix template debug output in text/markdown reports
presidentbeef · Aug 12, 2016 · afb8997 · afb8997
2 parents 860c8e7 + 091a3d6
commit afb8997
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 1 deletion.
diff --git a/lib/brakeman/report/report_table.rb b/lib/brakeman/report/report_table.rb
@@ -54,6 +54,36 @@ def generate_overview
     end
   end
 
+  #Generate listings of templates and their output
+  def generate_templates
+    out_processor = Brakeman::OutputProcessor.new
+    template_rows = {}
+    tracker.templates.each do |name, template|
+      template.each_output do |out|
+        out = out_processor.format out
+        template_rows[name] ||= []
+        template_rows[name] << out.gsub("\n", ";").gsub(/\s+/, " ")
+      end
+    end
+
+    template_rows = template_rows.sort_by{|name, value| name.to_s}
+
+    output = ''
+    template_rows.each do |template|
+      output << template.first.to_s << "\n\n"
+      table = @table.new(:headings => ['Output']) do |t|
+        # template[1] is an array of calls
+        template[1].each do |v|
+          t.add_row [v]
+        end
+      end
+
+      output << table.to_s << "\n\n"
+    end
+
+    output
+  end
+
   def render_array template, headings, value_array, locals
     return if value_array.empty?
 

diff --git a/test/tests/report_generation.rb b/test/tests/report_generation.rb
@@ -2,7 +2,8 @@
 
 class TestReportGeneration < Minitest::Test
   def setup
-    @@report ||= Brakeman.run(:app_path => "#{TEST_PATH}/apps/rails3.2", :quiet => true, :report_routes => true).report
+    @@tracker||= Brakeman.run(:app_path => "#{TEST_PATH}/apps/rails3.2", :quiet => true, :report_routes => true)
+    @@report ||= @@tracker.report
   end
 
   def test_html_sanity
@@ -60,12 +61,30 @@ def test_text_sanity
     assert report.is_a? String
   end
 
+  def test_text_debug_sanity
+    @@tracker.options[:debug] = true
+    report = @@report.to_s
+
+    assert report.is_a? String
+  ensure
+    @@tracker.options[:debug] = false
+  end
+
   def test_markdown_sanity
     report = @@report.to_markdown
 
     assert report.is_a? String
   end
 
+  def test_markdown_debug_sanity
+    @@tracker.options[:debug] = true
+    report = @@report.to_markdown
+
+    assert report.is_a?(String), "Report wasn't a String, it was a #{report.class}"
+  ensure
+    @@tracker.options[:debug] = false
+  end
+
   def test_bad_format_type
     assert_raises RuntimeError do
       @@report.format(:to_something_else)