Merge pull request #21101 from hvitved/ruby/fix-bad-join

Ruby: Fix bad join

Author: hvitved

ruby/ql/lib/codeql/ruby/frameworks/actioncontroller/Filters.qll

@@ -55,28 +55,35 @@ module Filters {
   private class FilterCall extends MethodCallCfgNode {
     private FilterKind kind;
 
+    pragma[nomagic]
     FilterCall() {
       this.getExpr().getEnclosingModule() = any(ActionControllerClass c).getADeclaration() and
       this.getMethodName() = ["", "prepend_", "append_", "skip_"] + kind + "_action"
     }
 
     FilterKind getKind() { result = kind }
 
+    pragma[nomagic]
+    private ActionControllerActionMethod getAnActionCand(string name) {
+      result = getADescendentAction(this) and
+      name = result.getName() and
+      // A filter cannot apply to another filter
+      not result = any(Filter f).getFilterCallable() and
+      // Only include routable actions. This can exclude valid actions if we can't parse the `routes.rb` file fully.
+      exists(result.getARoute())
+    }
+
     /**
      * Gets an action which this filter is applied to.
      */
+    pragma[nomagic]
     ActionControllerActionMethod getAnAction() {
-      // A filter cannot apply to another filter
-      result != any(Filter f).getFilterCallable() and
-      // Only include routable actions. This can exclude valid actions if we can't parse the `routes.rb` file fully.
-      exists(result.getARoute()) and
-      (
-        result.getName() = this.getOnlyArgument()
+      exists(string name | result = this.getAnActionCand(name) |
+        name = this.getOnlyArgument()
         or
         not exists(this.getOnlyArgument()) and
-        forall(string except | except = this.getExceptArgument() | result.getName() != except)
-      ) and
-      result = getADescendentAction(this)
+        forall(string except | except = this.getExceptArgument() | name != except)
+      )
     }
 
     private string getOnlyArgument() {