diff options
Diffstat (limited to 'rubocop/cop/rspec/httparty_basic_auth.rb')
-rw-r--r-- | rubocop/cop/rspec/httparty_basic_auth.rb | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/rubocop/cop/rspec/httparty_basic_auth.rb b/rubocop/cop/rspec/httparty_basic_auth.rb new file mode 100644 index 00000000000..529a5808662 --- /dev/null +++ b/rubocop/cop/rspec/httparty_basic_auth.rb @@ -0,0 +1,49 @@ +# frozen_string_literal: true + +module RuboCop + module Cop + module RSpec + # This cop checks for invalid credentials passed to HTTParty + # + # @example + # + # # bad + # HTTParty.get(url, basic_auth: { user: 'foo' }) + # + # # good + # HTTParty.get(url, basic_auth: { username: 'foo' }) + class HTTPartyBasicAuth < RuboCop::Cop::Cop + MESSAGE = "`basic_auth: { user: ... }` does not work - replace `user:` with `username:`".freeze + + RESTRICT_ON_SEND = %i(get put post delete).freeze + + def_node_matcher :httparty_basic_auth?, <<~PATTERN + (send + (const _ :HTTParty) + {#{RESTRICT_ON_SEND.map(&:inspect).join(' ')}} + <(hash + <(pair + (sym :basic_auth) + (hash + <(pair $(sym :user) _) ...> + ) + ) ...> + ) ...> + ) + PATTERN + + def on_send(node) + return unless m = httparty_basic_auth?(node) + + add_offense(m, location: :expression, message: MESSAGE) + end + + def autocorrect(node) + lambda do |corrector| + corrector.replace(node.loc.expression, 'username') + end + end + end + end + end +end |