[ACCEPTED]-Brakeman unsafe reflection method constantize called with model attribute-ruby

Accepted answer
Score: 17

You can go the other way around, finding 2 the class whose name is of chart_type:

chart_class = [User, Category, Note, Post].find { |x| x.name == chart_type.classify }
if chart_class.nil?
  raise "Unable to find the chart presenter"

This way Brakeman 1 should be happy, and you are more secure...

More Related questions