Class: Rubopolis::Cop::QueryInjection
- Inherits:
-
RuboCop::Cop::Base
- Object
- RuboCop::Cop::Base
- Rubopolis::Cop::QueryInjection
- Includes:
- RuboCop::Cop::ActiveRecordHelper, RuboCop::Cop::RangeHelp
- Defined in:
- lib/rubopolis/cop/query_injection.rb
Overview
Constant Summary collapse
- MSG =
'`%s` should be called with hash or array arguments only: see lib/custom_cops/query_injection'
Instance Method Summary collapse
Instance Method Details
#on_send(node) ⇒ Object
26 27 28 29 30 31 32 33 34 35 36 37 |
# File 'lib/rubopolis/cop/query_injection.rb', line 26 def on_send(node) return if node.receiver.nil? && !inherit_active_record_base?(node) return unless method?(node) return unless where_or_find_by?(node) return if acceptable_arg?(node.arguments[0]) # when arguments are > 1 strings, it should be templated and are most likely safe. return if node.arguments.length > 1 range = offense_range(node) add_offense(range, message: format(MSG, @method)) end |