blob: 529a5808662857f0ce98e1f50d1c9faf170170c5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
# frozen_string_literal: true
module RuboCop
module Cop
module RSpec
# This cop checks for invalid credentials passed to HTTParty
#
# @example
#
# # bad
# HTTParty.get(url, basic_auth: { user: 'foo' })
#
# # good
# HTTParty.get(url, basic_auth: { username: 'foo' })
class HTTPartyBasicAuth < RuboCop::Cop::Cop
MESSAGE = "`basic_auth: { user: ... }` does not work - replace `user:` with `username:`".freeze
RESTRICT_ON_SEND = %i(get put post delete).freeze
def_node_matcher :httparty_basic_auth?, <<~PATTERN
(send
(const _ :HTTParty)
{#{RESTRICT_ON_SEND.map(&:inspect).join(' ')}}
<(hash
<(pair
(sym :basic_auth)
(hash
<(pair $(sym :user) _) ...>
)
) ...>
) ...>
)
PATTERN
def on_send(node)
return unless m = httparty_basic_auth?(node)
add_offense(m, location: :expression, message: MESSAGE)
end
def autocorrect(node)
lambda do |corrector|
corrector.replace(node.loc.expression, 'username')
end
end
end
end
end
end
|