Class: Security::RejectAllRequestsLocal

Inherits:

RuboCop::Cop::Base

• Object
• RuboCop::Cop::Base
• Security::RejectAllRequestsLocal

Defined in:

lib/simplycop/security/reject_all_requests_local.rb

Constant Summary

RAILS_ENV =

['integration', 'staging', 'production']

MSG =

"RAILS CONFIG: Restrict usage of option 'consider_all_requests_local' on #{RAILS_ENV.join(', ')} envs"

Instance Method Summary

• #block_listed?(string) ⇒ Boolean
• #found_match(string) ⇒ Object
• #on_send(node) ⇒ Object

Instance Method Details

#block_listed?(string) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/simplycop/security/reject_all_requests_local.rb', line 15

def block_listed?(string)
  RAILS_ENV.any? { |env| string.include?(env) }
end

#found_match(string) ⇒ Object

# File 'lib/simplycop/security/reject_all_requests_local.rb', line 19

def found_match(string)
  # Don't match commented lines
  return false if /^\s*#/.match?(string)

  /config.consider_all_requests\S?.*=\s?.*true/.match?(string)
end

#on_send(node) ⇒ Object

# File 'lib/simplycop/security/reject_all_requests_local.rb', line 8

def on_send(node)
  source = node.source
  file_name = node.loc.operator.to_s

  add_offense(node.loc.selector) if found_match(source) && block_listed?(file_name)
end