Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-03-18 00:11:29 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-03-18 00:11:29 +0300
commit: a0b4a462b0c6f333651ae9e0c0ca1e5794e7b4e1 (patch)
tree: 37dce5303162eaf08841616347de9f65ba8dabf7 /rubocop/cop
parent: e388691e4a5b5b69be903c7eceb606b853719cd5 (diff)
1 files changed, 33 insertions, 0 deletions
diff --git a/rubocop/cop/user_admin.rb b/rubocop/cop/user_admin.rb
new file mode 100644
index 00000000000..3ba0e770ec1
--- /dev/null
+++ b/rubocop/cop/user_admin.rb
@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    # Cop that rejects the usage of `User#admin?`
+    class UserAdmin < RuboCop::Cop::Cop
+      MSG = 'Direct calls to `User#admin?` to determine admin status should be ' \
+        'avoided as they will not take into account the policies framework ' \
+        'and will ignore Admin Mode if enabled. Please use a policy check ' \
+        'with `User#can_admin_all_resources?` or `User#can_read_all_resources?`.'
+
+      def_node_matcher :admin_call?, <<~PATTERN
+        ({send | csend} _ :admin? ...)
+      PATTERN
+
+      def on_send(node)
+        on_handler(node)
+      end
+
+      def on_csend(node)
+        on_handler(node)
+      end
+
+      private
+
+      def on_handler(node)
+        return unless admin_call?(node)
+
+        add_offense(node, location: :selector)
+      end
+    end
+  end
+end
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-03-18 00:11:29 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-03-18 00:11:29 +0300
commit	a0b4a462b0c6f333651ae9e0c0ca1e5794e7b4e1 (patch)
tree	37dce5303162eaf08841616347de9f65ba8dabf7 /rubocop/cop
parent	e388691e4a5b5b69be903c7eceb606b853719cd5 (diff)