Sha256: bfbce36fdbb8a86adfed319c822c53606fa72cfe80fd35c4c4627b33d9a350b9
Contents?: true
Size: 1.56 KB
Versions: 1
Compression:
Stored size: 1.56 KB
Contents
# encoding: utf-8
require 'rails_best_practices/reviews/review'
module RailsBestPractices
module Reviews
# Review model files to make sure to use attr_accessible or attr_protected to protect mass assignment.
#
# See the best practices details here http://rails-bestpractices.com/posts/148-protect-mass-assignment.
#
# Implmentation:
#
# Review process:
# check class node to see if there is a command with message attr_accessible or attr_protected.
class ProtectMassAssignmentReview < Review
interesting_nodes :class
interesting_files MODEL_FILES
def url
"http://rails-bestpractices.com/posts/148-protect-mass-assignment"
end
# check class node, grep all command nodes, if none of them is with message attr_accessible or attr_protected,
# then it should add attr_accessible or attr_protected to protect mass assignment.
def start_class(node)
if !rails_builtin?(node) && !devise?(node) && !authlogic?(node)
add_error "protect mass assignment"
end
end
private
def rails_builtin?(node)
node.grep_node(:sexp_type => :command, :message => %w(attr_accessible attr_protected)).present?
end
def devise?(node)
node.grep_node(:sexp_type => :command, :message => "devise").present?
end
def authlogic?(node)
node.grep_node(:sexp_type => :vcall, :to_s => "acts_as_authentic").present? ||
node.grep_node(:sexp_type => :fcall, :message => "acts_as_authentic").present?
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| rails_best_practices-1.9.0 | lib/rails_best_practices/reviews/protect_mass_assignment_review.rb |