From 6443246194c0ed45f981727189df68c412d7d035 Mon Sep 17 00:00:00 2001
From: Justin Collins <collins@twitter.com>
Date: Tue, 28 Feb 2012 15:32:36 -0800
Subject: [PATCH] Ignore resource routes if default routes already

fixes bug where resource routes attempted to merge into
:allow_all_actions
---
 lib/brakeman/processors/lib/route_helper.rb | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/brakeman/processors/lib/route_helper.rb b/lib/brakeman/processors/lib/route_helper.rb
index f2fb3802..a199fbd3 100644
--- a/lib/brakeman/processors/lib/route_helper.rb
+++ b/lib/brakeman/processors/lib/route_helper.rb
@@ -23,12 +23,19 @@ module Brakeman::RouteHelper
 
   #Add default routes
   def add_resources_routes
-    @tracker.routes[@current_controller].merge [:index, :new, :create, :show, :edit, :update, :destroy]
-  end
+    existing_routes = @tracker.routes[@current_controller]
 
+    unless existing_routes.is_a? Array and existing_routes.first == :allow_all_actions
+      existing_routes.merge [:index, :new, :create, :show, :edit, :update, :destroy]
+    end
+  end
 
   #Add default routes minus :index
   def add_resource_routes
-    @tracker.routes[@current_controller].merge [:new, :create, :show, :edit, :update, :destroy]
+    existing_routes = @tracker.routes[@current_controller]
+
+    unless existing_routes.is_a? Array and existing_routes.first == :allow_all_actions
+      existing_routes.merge [:new, :create, :show, :edit, :update, :destroy]
+    end
   end
 end
-- 
GitLab