rubocop-betterment 1.17.0 → 1.19.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8239d7858cb48ea9f9d93ee9f84ad1619b85eba879b9d426ee6170013b8fa822
-  data.tar.gz: b3543e852dd249fa2be8ee46d12a8742a2c9de750a1a77847a7a22cb4c47a98b
+  metadata.gz: e45880e05081ae8b62a4b1e1fb9778a5580b9b17fe839973f1046242222881e1
+  data.tar.gz: 4212f8e0f60a70d61db53a2f9af447248efc686d593af0145c715a5a831db683
 SHA512:
-  metadata.gz: f2195af7a4f7c629cfee631d365854d507791fa5aa96fbdcbcbab0dadb6e0d70f13c6908fd5949ba3be565527098a37112cdc55dc8dd1b1b13664c3f489d9298
-  data.tar.gz: 5cda689379c9b1ba9d5508120b0a6479a73f06f158273ef67b0039e64f7c56a2199f23658204b3c873f2623b99f2d54580cf930e51002a84addc8767805134d6
+  metadata.gz: be0a7163ee430bcc93333c227cdbe56180864dbac0f128e0e70fc526a2a82b202d36f8e54fad30d8bdf33c66fc668c9ad207ddc29d1f6eaeea97b35f4a676070
+  data.tar.gz: a4aefcc523eb8c4c63ce31d851e4a47461288a6ee152e9a53572258135778098e55e7b470d1058f2dbd283d4d9c45abcd714717327db5ee1d6114d4f0bfd8d91

data/STYLEGUIDE.md

@@ -87,4 +87,25 @@ user1 = User.first
 user2 = User.second
 ```
 
-The snake case style is more readable.
+The snake case style is more readable.
+
+## Betterment/ServerErrorAssertion
+
+In RSpec tests, we prevent HTTP response status assertions against server error codes (e.g., 500). While it’s acceptable to
+“under-build” APIs under assumption of controlled and well-behaving clients, these exceptions should be treated as undefined behavior and
+thus do not need request spec coverage. In cases where the server must communicate an expected failure to the client, an appropriate
+semantic status code must be used (e.g., 403, 422, etc.).
+
+### GOOD:
+
+```ruby
+expect(response).to have_http_status :forbidden
+expect(response).to have_http_status 422
+```
+
+### BAD:
+
+```ruby
+expect(response).to have_http_status :internal_server_error
+expect(response).to have_http_status 500
+```

data/config/default.yml

@@ -17,6 +17,11 @@ AllCops:
   DisplayStyleGuide: true
   DisplayCopNames: true
 
+Betterment/ServerErrorAssertion:
+  Description: 'Detects assertions on 5XX HTTP statuses.'
+  Include:
+    - 'spec/requests/**/*_spec.rb'
+
 Betterment/AuthorizationInController:
   Description: 'Detects unsafe handling of id-like parameters in controllers.'
   Enabled: false

data/lib/rubocop/cop/betterment.rb

@@ -10,3 +10,4 @@ require 'rubocop/cop/betterment/spec_helper_required_outside_spec_dir'
 require 'rubocop/cop/betterment/implicit_redirect_type'
 require 'rubocop/cop/betterment/active_job_performable'
 require 'rubocop/cop/betterment/allowlist_blocklist'
+require 'rubocop/cop/betterment/server_error_assertion'

data/lib/rubocop/cop/betterment/allowlist_blocklist.rb

@@ -21,7 +21,7 @@ module RuboCop
         def evaluate_node(node)
           return unless should_use_allowlist?(node) || should_use_blocklist?(node)
 
-          add_offense(node, message: MSG)
+          add_offense(node)
         end
 
         def should_use_allowlist?(node)

data/lib/rubocop/cop/betterment/authorization_in_controller.rb

@@ -51,12 +51,12 @@ module RuboCop
           return if !model_new?(node) && !model_update?(node)
 
           arg_nodes.each do |argument|
-            if argument.type == :send
+            if argument.send_type?
               tag_unsafe_param_hash(argument)
               tag_unsafe_param_permit_wrapper(argument)
             elsif argument.variable?
               tag_unsafe_param_permit_wrapper(argument)
-            elsif argument.type == :hash
+            elsif argument.hash_type?
               argument.children.each do |pair|
                 next if pair.type != :pair
 
@@ -130,7 +130,7 @@ module RuboCop
         end
 
         def get_all_assignments(node)
-          return [] unless node.children && node.type == :class
+          return [] unless node.children && node.class_type?
 
           node.descendants.select do |descendant|
             _lhs, rhs = *descendant
@@ -143,10 +143,10 @@ module RuboCop
         end
 
         def get_all_methods(node)
-          return [] unless node.children && node.type == :class
+          return [] unless node.children && node.class_type?
 
           node.descendants.select do |descendant|
-            descendant.type == :def
+            descendant.def_type?
           end
         end
 
@@ -158,10 +158,10 @@ module RuboCop
           wrappers = []
 
           methods.each do |method|
-            return [] unless method.type == :def || method.type == :send
+            return [] unless method.def_type? || method.send_type?
 
-            method.descendants.each  do |child|
-              next unless child.type == :send
+            method.descendants.each do |child|
+              next unless child.send_type?
               next unless param_symbol?(child.method_name)
 
               child.ancestors.each do |ancestor|

data/lib/rubocop/cop/betterment/dynamic_params.rb

@@ -27,7 +27,7 @@ module RuboCop
           return unless arg_nodes
 
           arg_nodes.find do |arg|
-            arg.type == :array && find_dynamic_param(arg.values) || !arg.literal? && !arg.const_type?
+            arg.array_type? && find_dynamic_param(arg.values) || !arg.literal? && !arg.const_type?
           end
         end
       end

data/lib/rubocop/cop/betterment/implicit_redirect_type.rb

@@ -47,7 +47,7 @@ module RuboCop
           return unless routes_file?
 
           if block_form_with_options(node) { |options| options.none?(&method(:valid_status_option?)) } || block_form_without_options?(node)
-            add_offense(node, message: MSG)
+            add_offense(node)
           end
         end
 
@@ -55,7 +55,7 @@ module RuboCop
           return unless routes_file?
 
           if arg_form_with_options(node) { |options| options.none?(&method(:valid_status_option?)) } || arg_form_without_options?(node)
-            add_offense(node, message: MSG)
+            add_offense(node)
           end
         end
 

data/lib/rubocop/cop/betterment/server_error_assertion.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Betterment
+      # Checks the status passed to have_http_status
+      #
+      # If a number, enforces that it doesn't start with 5. If a symbol or a string, enforces that it's not one of:
+      #
+      # * internal_server_error
+      # * not_implemented
+      # * bad_gateway
+      # * service_unavailable
+      # * gateway_timeout
+      # * http_version_not_supported
+      # * insufficient_storage
+      # * not_extended
+      #
+      # @example
+      #
+      #     # bad
+      #     expect(response).to have_http_status :internal_server_error
+      #
+      #     # bad
+      #     expect(response).to have_http_status 500
+      #
+      #     # good
+      #     expect(response).to have_http_status :forbidden
+      #
+      #     # good
+      #     expect(response).to have_http_status 422
+      class ServerErrorAssertion < Cop
+        MSG = 'Do not assert on 5XX statuses. Use a semantic status (e.g., 403, 422, etc.) or treat them as bugs (omit tests).'
+        BAD_STATUSES = %i(
+          internal_server_error
+          not_implemented
+          bad_gateway
+          service_unavailable
+          gateway_timeout
+          http_version_not_supported
+          insufficient_storage
+          not_extended
+        ).freeze
+
+        def_node_matcher :offensive_node?, <<-PATTERN
+          (send nil? :have_http_status
+            {
+              (int {#{(500..599).map(&:to_s).join(' ')}})
+              (str {#{BAD_STATUSES.map(&:to_s).map(&:inspect).join(' ')}})
+              (sym {#{BAD_STATUSES.map(&:inspect).join(' ')}})
+            }
+          )
+        PATTERN
+
+        def on_send(node)
+          return unless offensive_node?(node)
+
+          add_offense(node)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/betterment/spec_helper_required_outside_spec_dir.rb

@@ -21,7 +21,7 @@ module RuboCop
         PATTERN
 
         def on_send(node)
-          add_offense(node, message: MSG) if requires_spec_helper?(node) && !spec_directory?
+          add_offense(node) if requires_spec_helper?(node) && !spec_directory?
         end
 
         private

data/lib/rubocop/cop/betterment/unscoped_find.rb

@@ -43,7 +43,7 @@ module RuboCop
                 static_method_name(node.method_name)
             ) && !@unauthenticated_models.include?(Utils::Parser.get_root_token(node))
 
-          add_offense(node, message: MSG) if find_param_arg(arg_nodes)
+          add_offense(node) if find_param_arg(arg_nodes)
         end
 
         private
@@ -52,7 +52,7 @@ module RuboCop
           return unless arg_nodes
 
           arg_nodes.find do |arg|
-            if arg.type == :hash
+            if arg.hash_type?
               arg.children.each do |pair|
                 _key, value = *pair.children
                 return arg if Utils::Parser.get_root_token(value) == :params

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rubocop-betterment
 version: !ruby/object:Gem::Version
-  version: 1.17.0
+  version: 1.19.0
 platform: ruby
 authors:
 - Development
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-08-13 00:00:00.000000000 Z
+date: 2020-12-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop
@@ -97,16 +97,17 @@ files:
 - lib/rubocop/cop/betterment/dynamic_params.rb
 - lib/rubocop/cop/betterment/implicit_redirect_type.rb
 - lib/rubocop/cop/betterment/memoization_with_arguments.rb
+- lib/rubocop/cop/betterment/server_error_assertion.rb
 - lib/rubocop/cop/betterment/site_prism_loaded.rb
 - lib/rubocop/cop/betterment/spec_helper_required_outside_spec_dir.rb
 - lib/rubocop/cop/betterment/timeout.rb
 - lib/rubocop/cop/betterment/unscoped_find.rb
 - lib/rubocop/cop/betterment/utils/parser.rb
-homepage: 
+homepage:
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -122,7 +123,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.4
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Betterment rubocop configuration
 test_files: []