Class: RuboCop::Cop::Doctolib::NoAsymmetricalPunditAfterActions

Inherits:

Base

Object
Base
RuboCop::Cop::Doctolib::NoAsymmetricalPunditAfterActions

Defined in:: lib/rubocop/cop/doctolib/no_asymmetrical_pundit_after_actions.rb

Overview

Prevent uses of the ‘verify_authorized` and `verify_policy_scoped` after-action filters from Pundit, which potentially let some actions covered by neither after-action filter.

Examples:


# bad
after_action :verify_policy_scoped, only: :show
after_action :verify_authorized, only: :index

# bad
after_action :verify_policy_scoped, only: :show
after_action :verify_authorized, except: :index

# good
after_action :verify_policy_scoped, only: :show
after_action :verify_authorized, except: :show

# good
after_action :verify_policy_scoped, only: :show
after_action :verify_authorized

Constant Summary collapse

MSG =

<<~MESSAGE.chomp.gsub("\n", ' ')
  Some actions may not be covered by either of `:verify_policy_scoped` or `:verify_authorized`.
  Prefer setting these with complementary `except` and `only` parameters.
MESSAGE

Instance Method Summary collapse

#on_class(node) ⇒ Object

Instance Method Details

#on_class(node) ⇒ `Object`

# File 'lib/rubocop/cop/doctolib/no_asymmetrical_pundit_after_actions.rb', line 83

def on_class(node)
  verified_class?(node) do |policy_scoped, authorized|
    policy_scoped = Verify.new policy_scoped
    authorized = Verify.new authorized
    return if policy_scoped.covers_all?
    return if authorized.covers_all?
    return if only_superset_of_except? policy_scoped, authorized
    return if disjoint_excepts? policy_scoped, authorized
    add_offense policy_scoped.node
    add_offense authorized.node
  end
end