Class: RailsBestPractices::Reviews::ProtectMassAssignmentReview

Inherits:

Review

Object
Core::Check
Review
RailsBestPractices::Reviews::ProtectMassAssignmentReview

show all

Defined in:: lib/rails_best_practices/reviews/protect_mass_assignment_review.rb

Overview

Review model files to make sure to use attr_accessible or attr_protected to protect mass assignment.

See the best practices details here rails-bestpractices.com/posts/148-protect-mass-assignment.

Implmentation:

Review process:

check class node to see if there is a command with message attr_accessible or attr_protected.

Constant Summary

Constants inherited from Core::Check

Core::Check::ALL_FILES, Core::Check::CONTROLLER_FILES, Core::Check::DEPLOY_FILES, Core::Check::HELPER_FILES, Core::Check::MAILER_FILES, Core::Check::MIGRATION_FILES, Core::Check::MODEL_FILES, Core::Check::PARTIAL_VIEW_FILES, Core::Check::ROUTE_FILES, Core::Check::SCHEMA_FILE, Core::Check::VIEW_FILES

Instance Method Summary collapse

#start_class(node) ⇒ Object

check class node, grep all command nodes, if none of them is with message attr_accessible or attr_protected, then it should add attr_accessible or attr_protected to protect mass assignment.
#url ⇒ Object

Methods inherited from Review

#model_associations, #model_attributes, #models, #remember_variable_use_count, #reset_variable_use_count, #variable, #variable_use_count

Methods inherited from Core::Check

add_callback, #add_error, #after_prepare, #after_review, callbacks, #errors, #increment_total_files_checked!, #initialize, interesting_files, #interesting_files, #interesting_nodes, interesting_nodes, #method_missing, #node_end, #node_start, #parse_file?, #result, #total_files_checked

Constructor Details

This class inherits a constructor from RailsBestPractices::Core::Check

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class RailsBestPractices::Core::Check

Instance Method Details

#start_class(node) ⇒ `Object`

check class node, grep all command nodes, if none of them is with message attr_accessible or attr_protected, then it should add attr_accessible or attr_protected to protect mass assignment.

# File 'lib/rails_best_practices/reviews/protect_mass_assignment_review.rb', line 24

def start_class(node)
  if !rails_builtin?(node) && !devise?(node) && !authlogic?(node)
    add_error "protect mass assignment"
  end
end

#url ⇒ `Object`



18
19
20

# File 'lib/rails_best_practices/reviews/protect_mass_assignment_review.rb', line 18

def url
  "http://rails-bestpractices.com/posts/148-protect-mass-assignment"
end