debian-mirror-gitlab/rubocop/cop/safe_params.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

35 lines
711 B
Ruby
Raw Normal View History

2019-02-15 15:39:39 +05:30
# frozen_string_literal: true
module RuboCop
module Cop
2022-10-11 01:57:18 +05:30
class SafeParams < RuboCop::Cop::Base
2021-04-29 21:17:54 +05:30
MSG = 'Use `safe_params` instead of `params` in url_for.'
2019-02-15 15:39:39 +05:30
METHOD_NAME_PATTERN = :url_for
UNSAFE_PARAM = :params
def on_send(node)
return unless method_name(node) == METHOD_NAME_PATTERN
2022-10-11 01:57:18 +05:30
add_offense(node) unless safe_params?(node)
2019-02-15 15:39:39 +05:30
end
private
def safe_params?(node)
node.descendants.each do |param_node|
next unless param_node.descendants.empty?
return false if method_name(param_node) == UNSAFE_PARAM
end
true
end
def method_name(node)
node.children[1]
end
end
end
end