Class: RuboCop::Cop::Ezcater::GraphQL::NotAuthorizedScalarField

Inherits:
Base
  • Object
show all
Includes:
GraphQL::NodePattern
Defined in:
lib/rubocop/cop/ezcater/graphql/not_authorized_scalar_field.rb

Overview

# good

field :name, String, pundit_role: :owner

# good
field :name, String, pundit_role: :view, pundit_policy_class: "SecretNamePolicy"

Examples:

AllowGuards: true

# In addition to the pundit enforcement demonstrated in the previous
# example, guard-style authentication is allowed for scalar fields
# when a resolver is defined in the same class.

# bad
field :secret_name, String

def secret_name
  "Rumplestiltskin"
end

# good
field :secret_name, String

def secret_name
  SecretNameGuard.new(context, object).guard do |person|
    person.secret_name
  end
end

AdditionalScalarTypes: [] (default)

# This option specifies additional scalar types for this cop to pay
# attention to. By default, this list is empty.

# bad
field :secret_id, ID

# good (i.e. the cop doesn't pay attention to UUID by default)
field :secret_id, UUID

AdditionalScalarTypes: [“UUID”]

# This example adds UUID to the types to observe.

# bad
field :secret_id, UUID

# good
field :secret_id, pundit_role: owner

IgnoredFieldNames: [] (default)

# This option specifies field names to ignore.

# bad (the field name is not in the ignore list)
field :id, ID

IgnoredFieldNames: [“id”]

# This examples adds "id" to the list of ignored field names.

# good
field :id, ID

Constant Summary collapse

MSG = 
"Ezcater/GraphQL/NotAuthorizedScalarFields: must be authorized."
STANDARD_SCALAR_TYPES =

graphql-ruby.org/type_definitions/scalars.html

%w(BigInt Boolean Float Int ID ISO8601Date ISO8601DateTime ISO8601Duration JSON
String).freeze

Instance Method Summary collapse

Instance Method Details

#contains_resolver_method_with_guard?(node) ⇒ Object 



135
136
137
138
139
140
141
142
143
144
145
 
# File 'lib/rubocop/cop/ezcater/graphql/not_authorized_scalar_field.rb', line 135

def_node_search :contains_resolver_method_with_guard?, <<~PATTERN
  (def %1
    (args)
    (block
      (send
        (send
          (:const ...) :new
          (send nil? :context)
          (send nil? :object)) :guard)
      ...) ...)
PATTERN

#field_type(node) ⇒ Object 



101
102
103
 
# File 'lib/rubocop/cop/ezcater/graphql/not_authorized_scalar_field.rb', line 101

def_node_matcher :field_type, <<~PATTERN
  (send nil? :field _ (:const nil? $_) ...)
PATTERN

#field_with_body_type(node) ⇒ Object 



106
107
108
 
# File 'lib/rubocop/cop/ezcater/graphql/not_authorized_scalar_field.rb', line 106

def_node_matcher :field_with_body_type, <<~PATTERN
  (block (send nil? :field _ (:const nil? $_) ...) ...)
PATTERN

#field_with_guard_in_body?(node) ⇒ Object 



111
112
113
114
115
116
117
118
119
120
121
122
 
# File 'lib/rubocop/cop/ezcater/graphql/not_authorized_scalar_field.rb', line 111

def_node_matcher :field_with_guard_in_body?, <<~PATTERN
  (block
    (send nil? :field ...)
    _?
    (block
      (send
        (send
          (:const ...) :new
          (send nil? :context)
          (send nil? :object)) :guard)
      ...) ...)
PATTERN

#field_with_pundit?(node) ⇒ Object 



125
126
127
 
# File 'lib/rubocop/cop/ezcater/graphql/not_authorized_scalar_field.rb', line 125

def_node_matcher :field_with_pundit?, <<~PATTERN
  (send nil? :field _ _ (hash <(pair (sym :pundit_role) _) ...>))
PATTERN

#field_with_pundit_with_body?(node) ⇒ Object 



130
131
132
 
# File 'lib/rubocop/cop/ezcater/graphql/not_authorized_scalar_field.rb', line 130

def_node_matcher :field_with_pundit_with_body?, <<~PATTERN
  (block (send nil? :field _ _ (hash <(pair (sym :pundit_role) _) ...>)) ...)
PATTERN

#on_class(node) ⇒ Object 



147
148
149
150
151
152
153
 
# File 'lib/rubocop/cop/ezcater/graphql/not_authorized_scalar_field.rb', line 147

def on_class(node)
  body = RuboCop::GraphQL::SchemaMember.new(node).body

  each_field_node(body) do |field_node|
    check_field_for_offense(field_node, node)
  end
end