summaryrefslogtreecommitdiff
path: root/rubocop/cop/user_admin.rb
blob: 3ba0e770ec1c9d8f4b78ec8b146c8cecb7a470e7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# frozen_string_literal: true

module RuboCop
  module Cop
    # Cop that rejects the usage of `User#admin?`
    class UserAdmin < RuboCop::Cop::Cop
      MSG = 'Direct calls to `User#admin?` to determine admin status should be ' \
        'avoided as they will not take into account the policies framework ' \
        'and will ignore Admin Mode if enabled. Please use a policy check ' \
        'with `User#can_admin_all_resources?` or `User#can_read_all_resources?`.'

      def_node_matcher :admin_call?, <<~PATTERN
        ({send | csend} _ :admin? ...)
      PATTERN

      def on_send(node)
        on_handler(node)
      end

      def on_csend(node)
        on_handler(node)
      end

      private

      def on_handler(node)
        return unless admin_call?(node)

        add_offense(node, location: :selector)
      end
    end
  end
end