Ruby: Identify ActionController::API

`ActionController::API < ActionController::Base` is a base controller
class, so we should recognise it as such.

Author: hmac

ruby/ql/lib/codeql/ruby/frameworks/ActionController.qll

@@ -110,11 +110,11 @@ private DataFlow::ConstRef actionControllerBaseClass() {
       // In Rails applications `ApplicationController` typically extends `ActionController::Base`, but we
       // treat it separately in case the `ApplicationController` definition is not in the database.
       DataFlow::getConstant("ActionController").getConstant("Base"),
-      // ActionController::Metal technically doesn't contain all of the
+      // ActionController::Metal and ActionController::API technically don't contain all of the
       // methods available in Base, such as those for rendering views.
-      // However we prefer to be over-sensitive in this case in order to find
-      // more results.
-      DataFlow::getConstant("ActionController").getConstant("Metal")
+      // However we prefer to be over-sensitive in this case in order to find more results.
+      DataFlow::getConstant("ActionController").getConstant("Metal"),
+      DataFlow::getConstant("ActionController").getConstant("API")
     ]
 }