Class: RuboCop::Cop::Paraxial::SkipAuthenticityToken

Inherits:

Base

• Object
• Base
• RuboCop::Cop::Paraxial::SkipAuthenticityToken

Defined in:

lib/rubocop/cop/paraxial/csrf_skip.rb

Constant Summary

MSG =

"CSRF, skip_before_action :verify_authenticity_token in controller."

Instance Method Summary

• #on_send(node) ⇒ Object

Instance Method Details

#on_send(node) ⇒ Object

# File 'lib/rubocop/cop/paraxial/csrf_skip.rb', line 8

def on_send(node)
  # Ensure that the cop only applies to controller files
  return unless in_controller_file?

  # Check if the node is `skip_before_action :verify_authenticity_token`
  return unless node.method_name == :skip_before_action
  return unless node.arguments.any? { |arg| arg.respond_to?(:value) && arg.value == :verify_authenticity_token }

  add_offense(node)
end