diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-04 21:08:48 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-04 21:08:48 +0300 |
commit | b3555357704e2776fc0c960eaf931b0e9b0f0ddf (patch) | |
tree | f51538bb1cd4b1fcb5981b38e31dc13d40381ff6 /rubocop | |
parent | adf76f8f1d6da3ecbd8aa5d2da68dc8456283e8f (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'rubocop')
-rw-r--r-- | rubocop/cop/gitlab/avoid_uploaded_file_from_params.rb | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/rubocop/cop/gitlab/avoid_uploaded_file_from_params.rb b/rubocop/cop/gitlab/avoid_uploaded_file_from_params.rb new file mode 100644 index 00000000000..599371aa5a1 --- /dev/null +++ b/rubocop/cop/gitlab/avoid_uploaded_file_from_params.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +module RuboCop + module Cop + module Gitlab + # This cop checks for `UploadedFile.from_params` usage. + # See https://docs.gitlab.com/ee/development/uploads.html#how-to-add-a-new-upload-route + # + # @example + # + # # bad + # class MyAwfulApi < Grape::API::Instance + # params do + # optional 'file.path', type: String + # optional 'file.name', type: String + # optional 'file.type', type: String + # optional 'file.size', type: Integer + # optional 'file.md5', type: String + # optional 'file.sha1', type: String + # optional 'file.sha256', type: String + # end + # put '/files' do + # uploaded_file = UploadedFile.from_params(params, :file, FileUploader.workhorse_local_upload_path) + # end + # end + # + # # good + # class MyMuchBetterApi < Grape::API::Instance + # params do + # requires :file, type: ::API::Validations::Types::WorkhorseFile + # end + # put '/files' do + # uploaded_file = declared_params[:file] + # end + # end + class AvoidUploadedFileFromParams < RuboCop::Cop::Cop + MSG = 'Use the `UploadedFile` set by `multipart.rb` instead of calling `UploadedFile.from_params` directly. See https://docs.gitlab.com/ee/development/uploads.html#how-to-add-a-new-upload-route' + + def_node_matcher :calling_uploaded_file_from_params?, <<~PATTERN + (send (const nil? :UploadedFile) :from_params ...) + PATTERN + + def on_send(node) + return unless calling_uploaded_file_from_params?(node) + + add_offense(node, location: :expression) + end + end + end + end +end |