RubyGems - cookstyle - Versions diffs - 7.12.2 → 7.12.3 - Mend

cookstyle 7.12.2 → 7.12.3

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/cookstyle/version.rb +1 -1
data/lib/rubocop/cop/chef/modernize/windows_registry_uac.rb +31 -12
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 68835852d8021cee74896aa171d78ca5b540fca9fdee42632719d867910c107e
-  data.tar.gz: f71d3a8f4bc874dd86f81b0b01d4caa929ba62c2bf2222ca66a3e726eb398611
+  metadata.gz: d6b4ac76f05be60a51f678d80bb34d68d4396560b2887214a0a3dd7ac6cd038f
+  data.tar.gz: 74a95cd52549baf8086aa14e3579370d917b8db198deafdc6ced6c28071b3956
 SHA512:
-  metadata.gz: a8ce79400b3866f0ac4b5b94ed0eb39da7a7b19dcd6dcf5fb0e6347affc31a70c0d56d8e2d671b776cea74465b6c715a20d9d88b3941291655ed01833c38796b
-  data.tar.gz: 1d324b44b1ce454718685eb5339e14d4063072b2d66dec6707091a871aa1fbef6f8eb4a13aeee683552b4b6d54f0821b5fa82493b4bde31d62aac48e9577a396
+  metadata.gz: 105f70150e5c66d01b6e157b7f07660a3bf4c755dbb7eed18709fca10b911b54c14fbfff2a2cd41d04ce11b649525b742a469f5f3631ee6c13eaa9f7fa1dc90b
+  data.tar.gz: fb7ffae6e230fa1f26f68626cd9adf4f8d265aee2feeec5fed68c963fde79bbce1022fa973e6bc2cccfbb07e396e4784d81ba0747778915eb3c288ea7e20f19b

data/lib/cookstyle/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Cookstyle
-  VERSION = "7.12.2" # rubocop: disable Style/StringLiterals
+  VERSION = "7.12.3" # rubocop: disable Style/StringLiterals
   RUBOCOP_VERSION = '1.14.0'
 end

data/lib/rubocop/cop/chef/modernize/windows_registry_uac.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 #
-# Copyright:: 2020, Chef Software, Inc.
+# Copyright:: 2020-2021, Chef Software, Inc.
 # Author:: Tim Smith (<tsmith@chef.io>)
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -47,24 +47,43 @@ module RuboCop
           MSG = 'Chef Infra Client 15.0 and later includes a windows_uac resource that should be used to set Windows UAC values instead of setting registry keys directly.'
           RESTRICT_ON_SEND = [:registry_key].freeze
+          VALID_VALUES = %w(EnableLUA ValidateAdminCodeSignatures PromptOnSecureDesktop ConsentPromptBehaviorAdmin ConsentPromptBehaviorUser EnableInstallerDetection).freeze
-          # non block execute resources
-          def on_send(node)
-            return unless node&.arguments.first&.source.match?(/(HKLM|HKEY_LOCAL_MACHINE)\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System/i) &&
-                          node.parent&.method_name != :describe
-            # use source instead of .value in case there's string interpolation which adds a complex dstr type
-            # with a nested string and a begin. Source allows us to avoid a lot of defensive programming here
+          # block registry_key resources
+          def on_block(node)
+            return unless node.method_name == :registry_key
+            return unless correct_key?(node)
+            return unless uac_supported_values?(node)
             add_offense(node, message: MSG, severity: :refactor)
           end
-          # block execute resources
-          def on_block(node)
+          # make sure the values passed are all the ones in the uac resource
+          # this key has other values we don't support in the windows_uac resource
+          def uac_supported_values?(node)
+            match_property_in_resource?(:registry_key, 'values', node) do |val_prop|
+              return false unless val_prop&.arguments[0].array_type? # make sure values isn't being passed a variable or method
+              val_prop.arguments[0].each_value do |array|
+                array.each_pair do |key, value|
+                  if key == s(:sym, :name)
+                    return false unless value.str_type? # make sure it isn't being a variable or method that we can't parse
+                    return false unless VALID_VALUES.include?(value.value)
+                  end
+                end
+              end
+            end
+            true
+          end
+          # make sure the registry_key resource is running against the correct key
+          # check the block name and the key property (registry_key's name property)
+          def correct_key?(node)
+            return true if node.send_node.arguments.first.source.match?(/(HKLM|HKEY_LOCAL_MACHINE)\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System/i)
             match_property_in_resource?(:registry_key, 'key', node) do |key_prop|
               property_data = method_arg_ast_to_string(key_prop)
-              return unless property_data && property_data.match?(/(HKLM|HKEY_LOCAL_MACHINE)\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System/i)
-              add_offense(node, message: MSG, severity: :refactor)
+              return true if property_data && property_data.match?(/(HKLM|HKEY_LOCAL_MACHINE)\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System/i)
             end
+            false
           end
         end
       end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cookstyle
 version: !ruby/object:Gem::Version
-  version: 7.12.2
+  version: 7.12.3
 platform: ruby
 authors:
 - Thom May
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-05-10 00:00:00.000000000 Z
+date: 2021-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop