-
azul authored
here's what i did to find the routes that are too permissive: routes = Rails.application.routes.routes; nil route_defaults = routes.map(&:defaults); nil route_actions = route_defaults.inject(Hash.new) do |h, d| h[d[:controller]] ||= [] h[d[:controller]] << d[:action] h end ; nil routes_too_permissive = route_actions.map do |controller, actions| next unless controller.present? controller_class = "#{controller}_controller".classify next unless defined?(controller_class) controller_actions = controller_class.constantize.action_methods.to_a next if (actions - controller_actions).blank? {controller: controller, route_actions: actions.sort.uniq, controller_actions: controller_actions.map(&:to_sym)} end; nil pp routes_too_permissive.compact
df6e67cf