Ruby: test for RequestInputAccess instances in ActionDispatch

Author: alexrford

ruby/ql/test/library-tests/frameworks/action_dispatch/ActionDispatch.expected

@@ -66,3 +66,16 @@ mimeTypeMatchRegExpInterpretations
 | mime_type.rb:12:7:12:15 | "foo/bar" |
 | mime_type.rb:13:11:13:11 | s |
 | mime_type.rb:14:7:14:7 | s |
+requestInputAccesses
+| app/controllers/comments_controller.rb:3:5:3:18 | call to params |
+| app/controllers/comments_controller.rb:4:5:4:22 | call to parameters |
+| app/controllers/comments_controller.rb:5:5:5:15 | call to GET |
+| app/controllers/comments_controller.rb:6:5:6:16 | call to POST |
+| app/controllers/comments_controller.rb:7:5:7:28 | call to query_parameters |
+| app/controllers/comments_controller.rb:8:5:8:30 | call to request_parameters |
+| app/controllers/comments_controller.rb:9:5:9:31 | call to filtered_parameters |
+| app/controllers/foo/bars_controller.rb:10:27:10:33 | call to cookies |
+| app/controllers/foo/bars_controller.rb:13:21:13:26 | call to params |
+| app/controllers/foo/bars_controller.rb:14:10:14:15 | call to params |
+| app/controllers/foo/bars_controller.rb:21:21:21:26 | call to params |
+| app/controllers/foo/bars_controller.rb:22:10:22:15 | call to params |

ruby/ql/test/library-tests/frameworks/action_dispatch/ActionDispatch.ql

@@ -2,6 +2,7 @@ private import codeql.ruby.AST
 private import codeql.ruby.frameworks.ActionDispatch
 private import codeql.ruby.frameworks.ActionController
 private import codeql.ruby.ApiGraphs
+private import codeql.ruby.Concepts
 private import codeql.ruby.frameworks.data.ModelsAsData
 private import codeql.ruby.DataFlow
 private import codeql.ruby.Regexp as RE
@@ -36,3 +37,5 @@ query predicate mimeTypeMatchRegExpInterpretations(
 ) {
   any()
 }
+
+query predicate requestInputAccesses(Http::Server::RequestInputAccess a) { any() }