Class: RuboCop::Cop::Netlify::RequireScopeSemantics

Inherits:
RequireScopeBase show all
Defined in:
lib/rubocop/cop/netlify/require_scope_semantics.rb

Overview

This cop checks OAuth scope semantic mismatches

Examples:

# bad
require_scope "all:read"
def destroy

# good
require_scope "all:read"
def index

Constant Summary collapse

WRITE_KEYWORDS = 
["update", "create", "destroy", "new", "edit", "revoke", "delete"].freeze
READ_KEYWORDS = 
["show", "index"].freeze

Constants inherited from RequireScopeBase

RuboCop::Cop::Netlify::RequireScopeBase::RESTRICT_ON_SEND

Instance Method Summary collapse

Methods inherited from RequireScopeBase

#on_class, #on_send

Instance Method Details

#on_def(node) ⇒ Object 



22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
 
# File 'lib/rubocop/cop/netlify/require_scope_semantics.rb', line 22

def on_def(node)
  return unless @is_controller
  return unless @method_protection == :public

  require_scopes = require_scopes_for_method(node.method_name)
  return if require_scopes.empty?
  require_scope = require_scopes.last # this is the observed matching behavior
  scopes = require_scope[:scopes]

  if WRITE_KEYWORDS.any? { |s| node.method_name.to_s.include?(s) }
    read_semantic_scopes = scopes.select { |scope| scope.include?("read") }
    unless read_semantic_scopes.empty?
      add_offense(node, message: format("Semantic naming mismatch between method `%s` and scope `%s`", node.method_name, read_semantic_scopes[0]))
    end
  end

  if READ_KEYWORDS.any? { |s| node.method_name.to_s.include?(s) }
    write_semantic_scopes = scopes.select { |scope| scope.include?("write") }
    unless write_semantic_scopes.empty?
      add_offense(node, message: format("Semantic naming mismatch between method `%s` and scope `%s`", node.method_name, write_semantic_scopes[0]))
    end
  end
end