javascript python java c# php android html jquery c++ css ios mysql sql r node.js arrays reactjs c asp.net json ruby-on-rails .net sql-server swift python-3.x objective-c django angular angularjs excel regex pandas ruby iphone ajax linux xml vba asp.net-mvc spring laravel database wordpress typescript string wpf mongodb windows xcode postgresql bash oracle git vb.net amazon-web-services multithreading list firebase flutter eclipse spring-boot dataframe azure react-native algorithm docker macos forms image visual-studio scala powershell function twitter-bootstrap numpy api performance selenium winforms python-2.7 matlab vue.js sqlite apache hibernate entity-framework loops rest shell facebook express android-studio csv linq maven qt swing unit-testing file tensorflow

[ACCEPTED]-Brakeman unsafe reflection method constantize called with model attribute-ruby

Accepted answer
Score: 17

You can go the other way around, finding 2 the class whose name is of chart_type:

chart_class = [User, Category, Note, Post].find { |x| x.name == chart_type.classify }
if chart_class.nil?
  raise "Unable to find the chart presenter"
end
ChartPresenter.new(chart_class.find(chart_id))

This way Brakeman 1 should be happy, and you are more secure...

Source: stackoverflow.com

More Related questions

To use self. or not.. in Rails

Best way to create custom config options for my Rails app?

Rails (ActiveRecord) many to many table

How to calculate next, previous business day in Rails?

Active Record with Delegate and conditions

Given the session key and secret, how can we decrypt Rails cookies?

Magic First and Last Indicator in a Loop in Ruby/Rails?

Ruby on Rails Case/Switch. How to match against object?

comparision of date in ruby

How do I use RVM and create globally available gems?