betterlint 1.0.0

data/lib/rubocop/cop/betterment.rb

@@ -0,0 +1,15 @@
+require 'rubocop'
+require 'rubocop/cop/betterment/utils/parser'
+require 'rubocop/cop/betterment/utils/method_return_table'
+require 'rubocop/cop/betterment/authorization_in_controller'
+require 'rubocop/cop/betterment/dynamic_params'
+require 'rubocop/cop/betterment/unscoped_find'
+require 'rubocop/cop/betterment/unsafe_job'
+require 'rubocop/cop/betterment/timeout'
+require 'rubocop/cop/betterment/memoization_with_arguments'
+require 'rubocop/cop/betterment/site_prism_loaded'
+require 'rubocop/cop/betterment/spec_helper_required_outside_spec_dir'
+require 'rubocop/cop/betterment/implicit_redirect_type'
+require 'rubocop/cop/betterment/active_job_performable'
+require 'rubocop/cop/betterment/allowlist_blocklist'
+require 'rubocop/cop/betterment/server_error_assertion'

data/lib/rubocop/cop/betterment/active_job_performable.rb

@@ -0,0 +1,40 @@
+module RuboCop
+  module Cop
+    module Betterment
+      class ActiveJobPerformable < Cop
+        MSG = <<-DOC.freeze
+          Classes that are "performable" should be ActiveJobs
+
+          class MyJob < ApplicationJob
+            def perform
+            end
+          end
+
+          You can learn more about ActiveJob here:
+          https://guides.rubyonrails.org/active_job_basics.html
+        DOC
+
+        def_node_matcher :subclasses_application_job?, <<-PATTERN
+          (class (const ...) (const _ :ApplicationJob) ...)
+        PATTERN
+
+        def_node_matcher :is_perform_method?, <<-PATTERN
+          (def :perform ...)
+        PATTERN
+
+        def on_class(node)
+          return unless has_perform_method?(node)
+          return if subclasses_application_job?(node)
+
+          add_offense(node.children.first)
+        end
+
+        private
+
+        def has_perform_method?(node)
+          node.descendants.find(&method(:is_perform_method?))
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/betterment/allowlist_blocklist.rb

@@ -0,0 +1,35 @@
+# rubocop:disable Betterment/AllowlistBlocklist
+module RuboCop
+  module Cop
+    module Betterment
+      class AllowlistBlocklist < Cop
+        MSG = <<-DOC.freeze
+          Avoid usages of whitelist & blacklist, in favor of more inclusive and descriptive language.
+          For consistency, favor 'allowlist' and 'blocklist' where possible, but other terms (such as
+          denylist, ignorelist, warnlist, safelist, etc) may be appropriate, depending on the use case.
+        DOC
+
+        def on_class(node)
+          evaluate_node(node)
+        end
+
+        private
+
+        def evaluate_node(node)
+          return unless should_use_allowlist?(node) || should_use_blocklist?(node)
+
+          add_offense(node)
+        end
+
+        def should_use_allowlist?(node)
+          node.to_s.downcase.include?('whitelist')
+        end
+
+        def should_use_blocklist?(node)
+          node.to_s.downcase.include?('blacklist')
+        end
+      end
+    end
+  end
+end
+# rubocop:enable Betterment/AllowlistBlocklist

data/lib/rubocop/cop/betterment/authorization_in_controller.rb

@@ -0,0 +1,148 @@
+module RuboCop
+  module Cop
+    module Betterment
+      class AuthorizationInController < Cop
+        attr_accessor :unsafe_parameters, :unsafe_regex
+
+        # MSG_UNSAFE_CREATE = 'Model created/updated using unsafe parameters'.freeze
+        MSG_UNSAFE_CREATE = <<~MSG.freeze
+          Model created/updated using unsafe parameters.
+          Please query for the associated record in a way that enforces authorization (e.g. "trust-root chaining"),
+          and then pass the resulting object into your model instead of the unsafe parameter.
+
+          INSTEAD OF THIS:
+          post_parameters = params.permit(:album_id, :caption)
+          Post.new(post_parameters)
+
+          DO THIS:
+          album = current_user.albums.find(params[:album_id])
+          post_parameters = params.permit(:caption).merge(album: album)
+          Post.new(post_parameters)
+
+          See here for more information on this error:
+          https://github.com/Betterment/betterlint/blob/main/README.md#bettermentauthorizationincontroller
+        MSG
+
+        def_node_matcher :model_new?, <<-PATTERN
+          (send (const ... _) {:new :build :create :create! :find_or_create_by :find_or_create_by! :find_or_initialize_by :find_or_initialize_by!} ...)
+        PATTERN
+
+        def_node_matcher :model_update?, <<-PATTERN
+          (send (...) {:assign_attributes :update :update! :find_or_create_by :find_or_create_by! :find_or_initialize_by :find_or_initialize_by! :update_attribute :update_attributes :update_attributes! :update_all :update_column :update_columns} ...)
+        PATTERN
+
+        def initialize(config = nil, options = nil)
+          super(config, options)
+          config = @config.for_cop(self)
+          @unsafe_parameters = config.fetch("unsafe_parameters", []).map(&:to_sym)
+          @unsafe_regex = Regexp.new config.fetch("unsafe_regex", ".*_id$")
+          @param_wrappers = []
+        end
+
+        def on_class(node)
+          Utils::MethodReturnTable.populate_index node
+          Utils::MethodReturnTable.indexed_methods.each do |method_name, method_returns|
+            method_returns.each do |x|
+              name = Utils::Parser.get_root_token(x)
+              @param_wrappers << method_name if name == :params || @param_wrappers.include?(name)
+            end
+          end
+        end
+
+        def on_send(node) # rubocop:disable Metrics/AbcSize, Metrics/PerceivedComplexity
+          return if !model_new?(node) && !model_update?(node)
+
+          node.arguments.each do |argument|
+            if argument.send_type? || argument.variable?
+              flag_literal_param_use(argument)
+              flag_indirect_param_use(argument)
+            elsif argument.hash_type?
+              argument.children.select(&:pair_type?).each do |pair|
+                _key, value = *pair.children
+                flag_literal_param_use(value)
+                flag_indirect_param_use(value)
+              end
+            end
+          end
+        end
+
+        private
+
+        # Flags objects being created/updated with unsafe
+        # params directly from params or through params.permit
+        #
+        # class MyController < ApplicationController
+        #   def create
+        #     Object.create params.permit(:user_id)
+        #     Object.create(user_id: params[:user_id])
+        #   end
+        # end
+        #
+        def flag_literal_param_use(node)
+          name = Utils::Parser.get_root_token(node)
+          extracted_params = Utils::Parser.get_extracted_parameters(node)
+          add_offense(node, message: MSG_UNSAFE_CREATE) if name == :params && contains_id_parameter?(extracted_params)
+        end
+
+        # Flags objects being created/updated with unsafe
+        # params indirectly from params or through params.permit
+        def flag_indirect_param_use(node) # rubocop:disable Metrics/AbcSize, Metrics/PerceivedComplexity, Metrics/CyclomaticComplexity
+          name = Utils::Parser.get_root_token(node)
+          # extracted_params contains parameters used like:
+          # def create
+          #   Object.new(user_id: indirect_params[:user_id])
+          # end
+          # def indirect_params
+          #   params.permit(:user_id)
+          # end
+          extracted_params = Utils::Parser.get_extracted_parameters(node, param_aliases: @param_wrappers)
+
+          returns = Utils::MethodReturnTable.get_method(name) || []
+          returns.each do |ret|
+            # # propagated_params contains parameters used like:
+            # def create
+            #   Object.new indirect_params
+            # end
+            # def indirect_params
+            #   params.permit(:user_id)
+            # end
+            propagated_params = Utils::Parser.get_extracted_parameters(ret, param_aliases: @param_wrappers)
+
+            # # internal_params contains parameters used like:
+            # def create
+            #   Object.new(user_id: indirect_params)
+            # end
+            # def indirect_params
+            #   params[:user_id]
+            # end
+            if ret.send_type? && ret.method?(:[])
+              internal_params = ret.arguments.select { |x| x.sym_type? || x.str_type? }.map(&:value)
+            else
+              internal_returns = Utils::MethodReturnTable.get_method(Utils::Parser.get_root_token(ret)) || []
+              internal_params = internal_returns.flat_map { |x| Utils::Parser.get_extracted_parameters(x, param_aliases: @param_wrappers) }
+            end
+
+            add_offense(node, message: MSG_UNSAFE_CREATE) if flag_indirect_param_use?(extracted_params, internal_params, propagated_params)
+          end
+        end
+
+        def flag_indirect_param_use?(extracted_params, internal_params, propagated_params)
+          return contains_id_parameter?(extracted_params) if extracted_params.any?
+
+          contains_id_parameter?(extracted_params) || contains_id_parameter?(internal_params) || contains_id_parameter?(propagated_params)
+        end
+
+        def contains_id_parameter?(params)
+          params.any? do |arg|
+            suspicious_id?(arg)
+          end
+        end
+
+        # check a symbol name against the cop's config parameters
+        def suspicious_id?(symbol_name)
+          @unsafe_parameters.include?(symbol_name.to_sym) || @unsafe_regex.match(symbol_name) # symbol_name.to_s.end_with?("_id")
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/betterment/dynamic_params.rb

@@ -0,0 +1,36 @@
+module RuboCop
+  module Cop
+    module Betterment
+      class DynamicParams < Cop
+        MSG_DYNAMIC_PARAMS = <<~MSG.freeze
+          Parameter names accessed dynamically, cannot determine safeness. Please inline the keys explicitly when calling `permit` or when accessing `params` like a hash.
+
+          See here for more information on this error:
+          https://github.com/Betterment/betterlint/blob/main/README.md#bettermentdynamicparams
+        MSG
+
+        def_node_matcher :permit_or_hash?, <<-PATTERN
+          (send (...) {:[] :permit} ...)
+        PATTERN
+
+        def on_send(node)
+          _, _, *arg_nodes = *node # rubocop:disable InternalAffairs/NodeDestructuring
+          return unless permit_or_hash?(node) && Utils::Parser.get_root_token(node) == :params
+
+          dynamic_param = find_dynamic_param(arg_nodes)
+          add_offense(dynamic_param, message: MSG_DYNAMIC_PARAMS) if dynamic_param
+        end
+
+        private
+
+        def find_dynamic_param(arg_nodes)
+          return unless arg_nodes
+
+          arg_nodes.find do |arg|
+            arg.array_type? && find_dynamic_param(arg.values) || !arg.literal? && !arg.const_type?
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/betterment/implicit_redirect_type.rb

@@ -0,0 +1,70 @@
+module RuboCop
+  module Cop
+    module Betterment
+      # Require explicit redirect statuses in routes.rb. Permanent redirects (301) are cached by clients,
+      # which makes it difficult to change later, and/or reuse the route for something else.
+      #
+      # @example
+      #   # bad
+      #   get '/', redirect('/dashboard')
+      #   get { |params, request| '/dashboard' }
+      #
+      #   # good
+      #   get '/', redirect('/dashboard', status: 301)
+      #   get(status: 302) { |params, request| '/dashboard' }
+      class ImplicitRedirectType < Cop
+        ROUTES_FILE_NAME = 'routes.rb'.freeze
+        MSG =
+          'Rails will create a permanent (301) redirect, which is dangerous. ' \
+          'Please specify your desired status, e.g. redirect(..., status: 302)'.freeze
+
+        # redirect('/')
+        def_node_matcher :arg_form_without_options?, <<-PATTERN
+          (send nil? :redirect (str _))
+        PATTERN
+
+        # redirect { |_params, _request| '/' }
+        def_node_matcher :block_form_without_options?, <<-PATTERN
+          (block (send nil? :redirect) ...)
+        PATTERN
+
+        # redirect('/', foo: 'bar')
+        def_node_matcher :arg_form_with_options, <<-PATTERN
+          (send nil? :redirect (str _) (hash $...))
+        PATTERN
+
+        # redirect(foo: 'bar') { |_params, _request| '/' }
+        def_node_matcher :block_form_with_options, <<-PATTERN
+          (block (send nil? :redirect (hash $...)) ...)
+        PATTERN
+
+        # status: anything
+        def_node_matcher :valid_status_option?, <<-PATTERN
+          (pair (sym :status) _)
+        PATTERN
+
+        def on_block(node)
+          return unless routes_file?
+
+          if block_form_with_options(node) { |options| options.none?(&method(:valid_status_option?)) } || block_form_without_options?(node)
+            add_offense(node)
+          end
+        end
+
+        def on_send(node)
+          return unless routes_file?
+
+          if arg_form_with_options(node) { |options| options.none?(&method(:valid_status_option?)) } || arg_form_without_options?(node)
+            add_offense(node)
+          end
+        end
+
+        private
+
+        def routes_file?
+          Pathname.new(processed_source.buffer.name).basename.to_s == ROUTES_FILE_NAME
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/betterment/memoization_with_arguments.rb

@@ -0,0 +1,33 @@
+module RuboCop
+  module Cop
+    module Betterment
+      class MemoizationWithArguments < Cop
+        MSG = 'Memoized method `%<method>s` accepts arguments, ' \
+          'which may cause it to return a stale result. ' \
+          'Remove memoization or refactor to remove arguments.'.freeze
+
+        def self.node_pattern
+          memo_assign = '(or_asgn $(ivasgn _) _)'
+          memoized_at_end_of_method = "(begin ... #{memo_assign})"
+          instance_method =
+            "(def $_ _ {#{memo_assign} #{memoized_at_end_of_method}})"
+          class_method =
+            "(defs self $_ _ {#{memo_assign} #{memoized_at_end_of_method}})"
+          "{#{instance_method} #{class_method}}"
+        end
+
+        private_class_method :node_pattern
+        def_node_matcher :memoized?, node_pattern
+
+        def on_def(node)
+          (method_name, ivar_assign) = memoized?(node)
+          return if ivar_assign.nil? || node.arguments.length.zero?
+
+          msg = format(MSG, method: method_name)
+          add_offense(node, location: ivar_assign.source_range, message: msg)
+        end
+        alias on_defs on_def
+      end
+    end
+  end
+end

data/lib/rubocop/cop/betterment/server_error_assertion.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Betterment
+      # Checks the status passed to have_http_status
+      #
+      # If a number, enforces that it doesn't start with 5. If a symbol or a string, enforces that it's not one of:
+      #
+      # * internal_server_error
+      # * not_implemented
+      # * bad_gateway
+      # * service_unavailable
+      # * gateway_timeout
+      # * http_version_not_supported
+      # * insufficient_storage
+      # * not_extended
+      #
+      # @example
+      #
+      #     # bad
+      #     expect(response).to have_http_status :internal_server_error
+      #
+      #     # bad
+      #     expect(response).to have_http_status 500
+      #
+      #     # good
+      #     expect(response).to have_http_status :forbidden
+      #
+      #     # good
+      #     expect(response).to have_http_status 422
+      class ServerErrorAssertion < Cop
+        MSG = 'Do not assert on 5XX statuses. Use a semantic status (e.g., 403, 422, etc.) or treat them as bugs (omit tests).'
+        BAD_STATUSES = %i(
+          internal_server_error
+          not_implemented
+          bad_gateway
+          service_unavailable
+          gateway_timeout
+          http_version_not_supported
+          insufficient_storage
+          not_extended
+        ).freeze
+
+        def_node_matcher :offensive_node?, <<-PATTERN
+          (send nil? :have_http_status
+            {
+              (int {#{(500..599).map(&:to_s).join(' ')}})
+              (str {#{BAD_STATUSES.map(&:to_s).map(&:inspect).join(' ')}})
+              (sym {#{BAD_STATUSES.map(&:inspect).join(' ')}})
+            }
+          )
+        PATTERN
+
+        def on_send(node)
+          return unless offensive_node?(node)
+
+          add_offense(node)
+        end
+      end
+    end
+  end
+end