diff options
author | Jarka Košanová <jarka@gitlab.com> | 2018-11-15 12:50:04 +0300 |
---|---|---|
committer | Jarka Košanová <jarka@gitlab.com> | 2018-11-22 12:08:18 +0300 |
commit | 186b2143abacf60611896bad829ad7eb3456f77d (patch) | |
tree | 0bab42fde6b47a24a50961ec5b1a7d3044404c9c /rubocop/cop | |
parent | 9804df11ac5d4f36500b7ea97c80ea4275465e9b (diff) |
Add cop prohibiting params argument in url_for
Diffstat (limited to 'rubocop/cop')
-rw-r--r-- | rubocop/cop/safe_params.rb | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/rubocop/cop/safe_params.rb b/rubocop/cop/safe_params.rb new file mode 100644 index 00000000000..250c16232e4 --- /dev/null +++ b/rubocop/cop/safe_params.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: true + +module RuboCop + module Cop + class SafeParams < RuboCop::Cop::Cop + MSG = 'Use `safe_params` instead of `params` in url_for.'.freeze + + METHOD_NAME_PATTERN = :url_for + UNSAFE_PARAM = :params + + def on_send(node) + return unless method_name(node) == METHOD_NAME_PATTERN + + add_offense(node, location: :expression) unless safe_params?(node) + end + + private + + def safe_params?(node) + node.descendants.each do |param_node| + next unless param_node.descendants.empty? + + return false if method_name(param_node) == UNSAFE_PARAM + end + + true + end + + def method_name(node) + node.children[1] + end + end + end +end |