diff options
Diffstat (limited to 'rubocop/cop/gitlab/avoid_uploaded_file_from_params.rb')
| -rw-r--r-- | rubocop/cop/gitlab/avoid_uploaded_file_from_params.rb | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/rubocop/cop/gitlab/avoid_uploaded_file_from_params.rb b/rubocop/cop/gitlab/avoid_uploaded_file_from_params.rb new file mode 100644 index 00000000000..599371aa5a1 --- /dev/null +++ b/rubocop/cop/gitlab/avoid_uploaded_file_from_params.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +module RuboCop + module Cop + module Gitlab + # This cop checks for `UploadedFile.from_params` usage. + # See https://docs.gitlab.com/ee/development/uploads.html#how-to-add-a-new-upload-route + # + # @example + # + # # bad + # class MyAwfulApi < Grape::API::Instance + # params do + # optional 'file.path', type: String + # optional 'file.name', type: String + # optional 'file.type', type: String + # optional 'file.size', type: Integer + # optional 'file.md5', type: String + # optional 'file.sha1', type: String + # optional 'file.sha256', type: String + # end + # put '/files' do + # uploaded_file = UploadedFile.from_params(params, :file, FileUploader.workhorse_local_upload_path) + # end + # end + # + # # good + # class MyMuchBetterApi < Grape::API::Instance + # params do + # requires :file, type: ::API::Validations::Types::WorkhorseFile + # end + # put '/files' do + # uploaded_file = declared_params[:file] + # end + # end + class AvoidUploadedFileFromParams < RuboCop::Cop::Cop + MSG = 'Use the `UploadedFile` set by `multipart.rb` instead of calling `UploadedFile.from_params` directly. See https://docs.gitlab.com/ee/development/uploads.html#how-to-add-a-new-upload-route' + + def_node_matcher :calling_uploaded_file_from_params?, <<~PATTERN + (send (const nil? :UploadedFile) :from_params ...) + PATTERN + + def on_send(node) + return unless calling_uploaded_file_from_params?(node) + + add_offense(node, location: :expression) + end + end + end + end +end |