excellent 1.5.4

data/lib/simplabs/excellent/checks/rails/params_hash_in_view_check.rb

@@ -0,0 +1,38 @@
+require 'simplabs/excellent/checks/base'
+
+module Simplabs
+
+  module Excellent
+
+    module Checks
+
+      module Rails
+
+        # This check reports views (and partials) that access the +params+ hash. Accessing the +params+ hash directly in views can result in security
+        # problems if the value is printed to the HTML output and in general is a bad habit because the controller, which is actually the part of the
+        # application that is responsible for dealing with parameters, is circumvented.
+        #
+        # ==== Applies to
+        #
+        # * partials and regular views
+        class ParamsHashInViewCheck < Base
+
+          def initialize #:nodoc:
+            super
+            @interesting_nodes = [:call]
+            @interesting_files = [/^.*\.(erb|rhtml)$/]
+          end
+
+          def evaluate(context) #:nodoc:
+            add_warning(context, 'Params hash used in view.') if (context.full_name == 'params')
+          end
+
+        end
+
+      end
+
+    end
+
+  end
+
+end

data/lib/simplabs/excellent/checks/rails/session_hash_in_view_check.rb

@@ -0,0 +1,38 @@
+require 'simplabs/excellent/checks/base'
+
+module Simplabs
+
+  module Excellent
+
+    module Checks
+
+      module Rails
+
+        # This check reports views (and partials) that access the +session+ hash. Accessing the +session+ hash directly in views can result in security
+        # problems if the value is printed to the HTML output and in general is a bad habit because the controller, which is actually the part of the
+        # application that is responsible for dealing with session data, is circumvented.
+        #
+        # ==== Applies to
+        #
+        # * partials and regular views
+        class SessionHashInViewCheck < Base
+
+          def initialize #:nodoc:
+            super
+            @interesting_nodes = [:call]
+            @interesting_files = [/^.*\.(erb|rhtml)$/]
+          end
+
+          def evaluate(context) #:nodoc:
+            add_warning(context, 'Session hash used in view.') if (context.full_name == 'session')
+          end
+
+        end
+
+      end
+
+    end
+
+  end
+
+end

data/lib/simplabs/excellent/checks/rails/validations_check.rb

@@ -0,0 +1,36 @@
+require 'simplabs/excellent/checks/base'
+
+module Simplabs
+
+  module Excellent
+
+    module Checks
+
+      module Rails
+
+        # This check reports +ActiveRecord+ models that do not validate anything. Not validating anything in the model is usually not intended and has
+        # most likely just been forgotten. For more information on validations and why to use them, see http://guides.rubyonrails.org/activerecord_validations_callbacks.html#why-use-validations.
+        #
+        # ==== Applies to
+        #
+        # * +ActiveRecord+ models
+        class ValidationsCheck < Base
+
+          def initialize #:nodoc:
+            super
+            @interesting_nodes = [:class]
+          end
+
+          def evaluate(context) #:nodoc:
+            add_warning(context, '{{class}} does not validate any attributes.', { :class => context.full_name }) if context.active_record_model? && !context.validating?
+          end
+
+        end
+
+      end
+
+    end
+
+  end
+
+end

data/lib/simplabs/excellent/checks/singleton_variable_check.rb

@@ -0,0 +1,33 @@
+require 'simplabs/excellent/checks/base'
+
+module Simplabs
+
+  module Excellent
+
+    module Checks
+
+      # This check reports class variables. Class variables in Ruby have a very complicated inheritance policy that often leads to errors. Usually class
+      # variables can be replaced with another construct which will also lead to better design.
+      #
+      # ==== Applies to
+      #
+      # * class variables
+      class SingletonVariableCheck < Base
+
+        def initialize #:nodoc:
+          super
+          @interesting_nodes = [:cvar]
+          @interesting_files = [/\.rb$/, /\.erb$/]
+        end
+
+        def evaluate(context) #:nodoc:
+          add_warning(context, 'Singleton variable {{variable}} used.', { :variable => context.full_name })
+        end
+
+      end
+
+    end
+
+  end
+
+end

data/lib/simplabs/excellent/command_line_runner.rb

@@ -0,0 +1,37 @@
+require 'simplabs/excellent/runner'
+require 'simplabs/excellent/formatters'
+
+module Simplabs
+
+  module Excellent
+
+    class CommandLineRunner < Runner #:nodoc:
+
+      def initialize(*checks)
+        super
+        @formatter = Formatters::Text.new
+        @formatter.start
+      end
+
+      def check_paths(paths)
+        paths.each do |path|
+          if File.file?(path)
+            check_file(path)
+          elsif File.directory?(path)
+            Dir.glob(File.join(path, '**/*.rb')).each { |file| check_file(file) }
+          else
+            next
+          end
+        end
+      end
+
+      def check_file(filename)
+        super
+        @formatter.file(filename, (@checks || []).collect { |check| check.warnings }.flatten)
+      end
+
+    end
+
+  end
+
+end

data/lib/simplabs/excellent/extensions/sexp.rb

@@ -0,0 +1,21 @@
+module Simplabs
+
+  module Excellent
+
+    module Extensions #:nodoc:
+
+      ::Sexp.class_eval do
+
+        def children
+          sexp_body.select { |child| child.is_a?(Sexp) }
+        rescue
+          []
+        end
+
+      end
+
+    end
+
+  end
+
+end

data/lib/simplabs/excellent/extensions/string.rb

@@ -0,0 +1,28 @@
+module Simplabs
+
+  module Excellent
+
+    module Extensions #:nodoc:
+
+      ::String.class_eval do
+
+        def underscore
+          to_s.gsub(/::/, '/').
+            gsub(/([A-Z]+)([A-Z][a-z])/,'\1_\2').
+            gsub(/([a-z\d])([A-Z])/,'\1_\2').
+            tr("-", "_").
+            downcase
+        end
+
+        def lpad(to, with = ' ')
+          return self if self.length >= to
+          "#{with * (to - self.length)}#{self}"
+        end
+
+      end
+
+    end
+
+  end
+
+end

data/lib/simplabs/excellent/formatters.rb

@@ -0,0 +1,13 @@
+module Simplabs
+
+  module Excellent
+
+    module Formatters #:nodoc:
+    end
+
+  end
+
+end
+
+require 'simplabs/excellent/formatters/text'
+require 'simplabs/excellent/formatters/html'

data/lib/simplabs/excellent/formatters/base.rb

@@ -0,0 +1,49 @@
+module Simplabs
+
+  module Excellent
+
+    module Formatters
+
+      # The base class for all formatters.
+      class Base
+
+        # Initializes the formatter.
+        #
+        # Always call +super+ in custom formatters!
+        def initialize(stream)
+          @stream = stream
+        end
+
+        # Called when the Simplabs::Excellent::Runner starts processing code.
+        #
+        # The text formatter renders the heading here ('Excellent result')
+        def start
+        end
+
+        # Called whenever the Simplabs::Excellent::Runner processes a file. Yields the formatter
+        #
+        # You have to <tt>yield self</tt> in custom formatters. +file+ is called like that by the runner:
+        #
+        #  formatter.file(filename) do |formatter|
+        #    warnings.each { |warning| formatter.warning(warning) }
+        #  end
+        def file(filename)
+        end
+
+        # Called when the Simplabs::Excellent::Runner found a warning. This warning will always refer to the last filename, +file+ was invoked with.
+        def warning(warning)
+        end
+
+        # Called when the Simplabs::Excellent::Runner ends processing code.
+        #
+        # The text formatter renders the footer here ('Found <x> warnings').
+        def end
+        end
+
+      end
+
+    end
+
+  end
+
+end

data/lib/simplabs/excellent/formatters/html.rb

@@ -0,0 +1,153 @@
+require 'simplabs/excellent/formatters/base'
+
+module Simplabs
+
+  module Excellent
+
+    module Formatters
+
+      class Html < Base #:nodoc:
+
+        def initialize(stream = $stdout)
+          super
+        end
+
+        def start
+          @stream.write(HEADER_TEMPLATE)
+        end
+
+        def file(filename)
+          @stream.write(START_FIlE_TAMPLATE.sub('{{filename}}', filename))
+          yield self
+          @stream.write(END_FIlE_TAMPLATE)
+        end
+
+        def warning(warning)
+          @stream.write(WARNING_TEMPLATE.sub('{{line_number}}', warning.line_number.to_s).sub('{{message}}', warning.message))
+        end
+
+        def end
+          @stream.write(FOOTER_TEMPLATE)
+        end
+
+        HEADER_TEMPLATE = <<-END
+          <?xml version="1.0" encoding="UTF-8"?>
+          <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+          <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+          	<head>
+            	<title>Excellent result</title>
+            	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+            	<style type="text/css">
+            		body {
+              		margin: 0;
+              		padding: 0;
+              		background: #fff;
+              		font-size: 80%;
+          				font-family: "Lucida Grande", Helvetica, sans-serif;
+            		}
+
+          			#header {
+            			background: #ccc;
+          				color: #000;
+          				height: 4em;
+          			}
+
+          			#header h1 {
+          				font-size: 1.8em;
+          				margin: 0px 10px 0px 10px;
+          				padding: 10px;
+          				position: absolute;
+          			}
+
+          			#results {
+          				margin: 0px 10px 5px;
+          			}
+
+          			dt {
+          				background: #ccc;
+          				padding: 5px;
+          				font-weight: bold;
+          				margin: 30px 0 0 0;
+          			}
+
+          			dd {
+          				margin: 5px 0px 5px 20px;
+          			}
+
+          			dd.warning {
+          				background: #faf834;
+          			}
+
+          			dd.warning span.lineNumber {
+          				background: #ccc;
+          				font-weight: bold;
+          				padding: 3px;
+          				display: inline-block;
+          				margin: 0 10px 0 0;
+          			}
+
+          			dd.warning span.number {
+          				width: 30px;
+          				text-align: right;
+          				display: inline-block;
+          			}
+
+                #footer {
+                  margin: 20px 0 20px 0;
+                  padding: 5px;
+                  text-align: center;
+                }
+
+                #footer a {
+                  color: #000;
+                  background-color: #ddd;
+                  text-decoration: none;
+                  padding: 0 2px 0 2px;
+                }
+
+                #footer a:active, #footer a:hover {
+                  color: #fff;
+                  background-color: #222;
+                }
+            	</style>
+          	</head>
+          	<body>
+          		<div id="header">
+           			<div id="label">
+             			<h1>Excellent result</h1>
+           			</div>
+          		</div>
+          		<div id="results">
+        END
+
+        START_FIlE_TAMPLATE = <<-END
+          <div class="file">
+     				<dl>
+     				  <dt>{{filename}}</dt>
+        END
+
+        END_FIlE_TAMPLATE = <<-END
+            </dl>
+  			  </div>
+        END
+
+        WARNING_TEMPLATE = <<-END
+          <dd class="warning"><span class="lineNumber">Line <span class="number">{{line_number}}</span></span>{{message}}</dd>
+        END
+
+        FOOTER_TEMPLATE = <<-END
+              </div>
+              <div id="footer">
+                <a href="http://github.com/simplabs/excellent" title="Excellent at github">Excellent</a> by <a href="http://simplabs.com" title="simplabs">simplabs</a>
+              </div>
+      	    </body>
+          </html>
+        END
+
+      end
+
+    end
+
+  end
+
+end