def run_check
check_models do |name, model|
model.attr_accessible.each do |attribute|
next if role_limited? model, attribute
SUSP_ATTRS.each do |susp_attr, confidence|
if susp_attr.is_a?(Regexp) and susp_attr =~ attribute.to_s or susp_attr == attribute
warn :model => name,
:file => model.file,
:warning_type => "Mass Assignment",
:warning_code => :dangerous_attr_accessible,
:message => "Potentially dangerous attribute available for mass assignment",
:confidence => confidence,
:code => Sexp.new(:lit, attribute)
break
end
end
end
end
end