def process_result res
call = res[:call]
last_arg = call.last_arg
if hash? last_arg and not call.original_line and not duplicate? res
if value = hash_access(last_arg, :without_protection)
if true? value
add_result res
if input = include_user_input?(call.arglist)
confidence = :high
elsif all_literals? call
return
else
confidence = :medium
end
warn :result => res,
:warning_type => "Mass Assignment",
:warning_code => :mass_assign_without_protection,
:message => "Unprotected mass assignment",
:code => call,
:user_input => input,
:confidence => confidence
end
end
end
end