Ruby: Rails route resolution

Add `Route` classes which model Rails routing information, typically
defined in a `routes.rb` file. We extract only the most basic
information: HTTP method, path, controller and action. This is enough to
determine whether a given controller method is a route handler, and what
HTTP method it handles, which is useful for, among other things, the URL
redirect query.

Author: hmac

ruby/ql/lib/codeql/ruby/Frameworks.qll

@@ -12,3 +12,4 @@ private import codeql.ruby.frameworks.StandardLibrary
 private import codeql.ruby.frameworks.Files
 private import codeql.ruby.frameworks.HttpClients
 private import codeql.ruby.frameworks.XmlParsing
+private import codeql.ruby.frameworks.ActionDispatch

ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll

@@ -5,6 +5,7 @@ private import codeql.ruby.DataFlow
 private import codeql.ruby.dataflow.RemoteFlowSources
 private import codeql.ruby.ast.internal.Module
 private import ActionView
+private import codeql.ruby.frameworks.ActionDispatch
 
 private class ActionControllerBaseAccess extends ConstantReadAccess {
   ActionControllerBaseAccess() {
@@ -85,6 +86,16 @@ class ActionControllerActionMethod extends Method, HTTP::Server::RequestHandler:
   // not end at an explicit render or redirect
   /** Gets the controller class containing this method. */
   ActionControllerControllerClass getControllerClass() { result = controllerClass }
+
+  /**
+   * Gets a route to this handler, if one exists.
+   * May return multiple results.
+   */
+  ActionDispatch::Route getARoute() {
+    result.getController() + "_controller" =
+      ActionDispatch::underscore(namespaceDeclaration(controllerClass)) and
+    this.getName() = result.getAction()
+  }
 }
 
 // A method call with a `self` receiver from within a controller class