blob: d188002673f646aff5e39948189cfa6679510cb1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
# frozen_string_literal: true
require 'rubocop-rspec'
module RuboCop
module Cop
module RSpec
# This cop checks for invalid credentials passed to HTTParty
#
# @example
#
# # bad
# HTTParty.get(url, basic_auth: { user: 'foo' })
#
# # good
# HTTParty.get(url, basic_auth: { username: 'foo' })
class HTTPartyBasicAuth < RuboCop::Cop::Base
extend RuboCop::Cop::AutoCorrector
MESSAGE = "`basic_auth: { user: ... }` does not work - replace `user:` with `username:`"
RESTRICT_ON_SEND = %i(get put post delete).freeze
def_node_matcher :httparty_basic_auth?, <<~PATTERN
(send
(const _ :HTTParty)
{#{RESTRICT_ON_SEND.map(&:inspect).join(' ')}}
<(hash
<(pair
(sym :basic_auth)
(hash
<(pair $(sym :user) _) ...>
)
) ...>
) ...>
)
PATTERN
def on_send(node)
return unless m = httparty_basic_auth?(node)
add_offense(m, message: MESSAGE) do |corrector|
corrector.replace(m, 'username')
end
end
end
end
end
end
|