rubocop-graphql 0.18.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fb4e28828d5aa07e959ad98fd9da04872c4832d1c8b1d168d440d1ad7c80762c
-  data.tar.gz: eaf5932cba816bfb478fac0cec298bb0e3db98b506b4f7112851503712e77068
+  metadata.gz: aec3ad39e39612f0b537f18b691a38d2e2a5efc9ec5b284b0fabf0d12521136e
+  data.tar.gz: ba04fef687999fdb042a926c27346d89beff1fa59b827c4936b6f819cf5abe74
 SHA512:
-  metadata.gz: cf88847a0b7a49cd1274b30fcff4e4e5ecb47b16f11a7d5e3fddcbcd7985a8d43bb8911080064a23e8d444daab330327f8908355a2ad75b2a94b14f2f4a4b2c8
-  data.tar.gz: a10cf2b637bc06a65338af84928c53ced64c78e634470a7fe988e4bf7a7037cfcd3035895914b99056fa11abc272c328d9be40da6ee608f33c900490dea0504d
+  metadata.gz: f8094f6adb04e83515a0fd6307ddc3a255b17d7fdd8bf432ba84a77f6d4ba1921dbea3ba2739761b3103d8271d8bcab6b807c65f6479617eb8e116717e5861e0
+  data.tar.gz: f9664a1f5fb19d71dcef3976525f955f8c515c0655d4f86203bfa72508baeb9a000576ec3aafc44ee9b61061f0cfc79b978e1cada637335a9d98d0dd0249aea5

data/README.md

@@ -1,13 +1,7 @@
-# RuboCop::GraphQL
+# RuboCop::GraphQL ![](https://ruby-gem-downloads-badge.herokuapp.com/rubocop-graphql?type=total)
 
 [Rubocop](https://github.com/rubocop-hq/rubocop) extension for enforcing [graphql-ruby](https://github.com/rmosolgo/graphql-ruby) best practices.
 
-<p align="center">
-  <a href="https://evilmartians.com/?utm_source=graphql-rubocop">
-    <img src="https://evilmartians.com/badges/sponsored-by-evil-martians.svg" alt="Sponsored by Evil Martians" width="236" height="54">
-  </a>
-</p>
-
 ## Installation
 
 Install the gem:
@@ -69,6 +63,10 @@ GraphQL/ResolverMethodLength:
   Max: 3
 ```
 
+## Credits
+
+Initially sponsored by [Evil Martians](http://evilmartians.com).
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/DmitryTsepelev/rubocop-graphql.

data/config/default.yml

@@ -8,95 +8,129 @@ GraphQL:
 
 GraphQL/ArgumentDescription:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.2.0'
   Description: 'Ensures all arguments have a description'
 
 GraphQL/ArgumentName:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.2.0'
   Description: 'This cop checks whether argument names are snake_case'
 
 GraphQL/ArgumentUniqueness:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.11.0'
   Description: 'This cop enforces arguments to be defined once per block'
 
-GraphQL/ResolverMethodLength:
+GraphQL/ExtractInputType:
   Enabled: true
-  VersionAdded: '0.80'
-  Description: 'Checks resolver methods are not too long'
-  Max: 10
-  CountComments: false
-  ExcludedMethods: []
+  VersionAdded: '0.2.0'
+  Description: 'Suggests using input type instead of many arguments'
+  MaxArguments: 2
+  Include:
+    - '**/graphql/mutations/**/*.rb'
+
+GraphQL/ExtractType:
+  Enabled: true
+  VersionAdded: '0.2.0'
+  Description: 'Suggests extracting fields with common prefixes to the separate type'
+  MaxFields: 2
+  Prefixes:
+    - is
+    - has
+    - with
+    - avg
+    - min
+    - max
 
 GraphQL/FieldDefinitions:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.1.0'
   Description: 'Checks consistency of field definitions'
   EnforcedStyle: group_definitions
   SupportedStyles:
     - group_definitions
     - define_resolver_after_definition
 
-GraphQL/MultipleFieldDefinitions:
-  Enabled: true
-  Description: 'Ensures that fields with multiple definitions are grouped together'
-
 GraphQL/FieldDescription:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.1.0'
   Description: 'Ensures all fields have a description'
 
 GraphQL/FieldHashKey:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.4.0'
   Description: 'Checks :hash_key option is used for appropriate fields'
 
 GraphQL/FieldMethod:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.2.0'
   Description: 'Checks :method option is used for appropriate fields'
 
 GraphQL/FieldName:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.2.0'
   Description: 'This cop checks whether field names are snake_case'
   SafeAutoCorrect: false
 
 GraphQL/FieldUniqueness:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.11.0'
   Description: 'This cop enforces fields to be defined once'
 
-GraphQL/ExtractInputType:
+GraphQL/GraphqlName:
   Enabled: true
-  VersionAdded: '0.80'
-  Description: 'Suggests using input type instead of many arguments'
-  MaxArguments: 2
+  VersionAdded: '1.0.0'
+  Description: 'This cop check proper configuration of graphql_name'
   Include:
-    - 'graphql/mutations/**/*.rb'
-
-GraphQL/ExtractType:
-  Enabled: true
-  VersionAdded: '0.80'
-  Description: 'Suggests extracting fields with common prefixes to the separate type'
-  MaxFields: 2
-  Prefixes:
-    - is
-    - has
-    - with
-    - avg
-    - min
-    - max
+    - "**/graphql/types/**/*"
+    - "**/graphql/mutations/**/*"
+  EnforcedStyle: only_override
+  SupportedStyles:
+    - required
+    - only_override
 
 GraphQL/LegacyDsl:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.9.0'
   Description: 'Checks that types are defined with class-based API'
 
+GraphQL/MaxComplexitySchema:
+  Enabled: true
+  VersionAdded: '1.0.0'
+  Description: 'Enforces max_complexity configuration in schema'
+  Include:
+    - '**/graphql/**/*_schema.rb'
+
+GraphQL/MaxDepthSchema:
+  Enabled: true
+  VersionAdded: '1.0.0'
+  Description: 'Enforces max_depth configuration in schema'
+  Include:
+    - '**/graphql/**/*_schema.rb'
+
+GraphQL/MultipleFieldDefinitions:
+  Enabled: true
+  VersionAdded: '0.15.0'
+  Description: 'Ensures that fields with multiple definitions are grouped together'
+
+GraphQL/NotAuthorizedNodeType:
+  Enabled: true
+  VersionAdded: '1.0.0'
+  Description: 'Detects types that implement Node interface and not have `.authorized?` check'
+  Include:
+    - '**/graphql/types/**/*'
+
+GraphQL/ResolverMethodLength:
+  Enabled: true
+  VersionAdded: '0.1.0'
+  Description: 'Checks resolver methods are not too long'
+  Max: 10
+  CountComments: false
+  ExcludedMethods: []
+
 GraphQL/ObjectDescription:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.3.0'
   Description: 'Ensures all types have a description'
   Exclude:
     - '**/*_schema.rb'
@@ -105,26 +139,31 @@ GraphQL/ObjectDescription:
 
 GraphQL/OrderedArguments:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.7.0'
   Description: 'Arguments should be alphabetically sorted within groups'
 
 GraphQL/OrderedFields:
   Enabled: true
-  VersionAdded: '0.80'
+  VersionAdded: '0.5.0'
   Description: 'Fields should be alphabetically sorted within groups'
+  Groups: true
 
 GraphQL/UnusedArgument:
   Enabled: true
+  VersionAdded: '0.12.0'
   Description: 'Arguments should either be listed explicitly or **rest should be in the resolve signature'
 
 GraphQL/UnnecessaryFieldAlias:
   Enabled: true
+  VersionAdded: '0.18.0'
   Description: 'Field aliases should be different than their field names'
 
 GraphQL/UnnecessaryArgumentCamelize:
   Enabled: true
+  VersionAdded: '0.18.0'
   Description: "Camelize isn't necessary if the argument name doesn't contain underscores"
 
 GraphQL/UnnecessaryFieldCamelize:
   Enabled: true
+  VersionAdded: '0.18.0'
   Description: "Camelize isn't necessary if the field name doesn't contain underscores"

data/lib/rubocop/cop/graphql/field_definitions.rb

@@ -80,6 +80,16 @@ module RuboCop
           end
         end
 
+        def on_module(node)
+          return if style != :group_definitions
+
+          schema_member = RuboCop::GraphQL::SchemaMember.new(node)
+
+          if (body = schema_member.body)
+            check_grouped_field_declarations(body)
+          end
+        end
+
         private
 
         GROUP_DEFS_MSG = "Group all field definitions together."
@@ -100,7 +110,6 @@ module RuboCop
 
         def group_field_declarations(corrector, node)
           field = RuboCop::GraphQL::Field.new(node)
-
           first_field = field.schema_member.body.find do |node|
             field_definition?(node) || field_definition_with_body?(node)
           end

data/lib/rubocop/cop/graphql/graphql_name.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module GraphQL
+      # Checks consistency of graphql_name usage
+      #
+      # EnforcedStyle supports two modes:
+      #
+      # `only_override` : types and mutations should have graphql_name configured only if it's
+      #  different from the default name
+      #
+      # `required` : all types and mutations should have graphql_name configured
+      #
+      # @example EnforcedStyle: only_override (default)
+      #   # good
+      #
+      #   class UserType < BaseType
+      #     graphql_name 'Viewer'
+      #   end
+      #
+      #   # bad
+      #
+      #   class UserType < BaseType
+      #     graphql_name 'User'
+      #   end
+      #
+      # @example EnforcedStyle: required
+      #   # good
+      #
+      #   class UserType < BaseType
+      #     graphql_name 'User'
+      #   end
+      #
+      #   # bad
+      #
+      #   class UserType < BaseType
+      #   end
+      #
+      class GraphqlName < Base
+        include ConfigurableEnforcedStyle
+
+        # @!method graphql_name(node)
+        def_node_matcher :graphql_name, <<~PATTERN
+          `(send nil? :graphql_name (str $_))
+        PATTERN
+
+        # @!method class_name(node)
+        def_node_matcher :class_name, <<~PATTERN
+          (class (const _ $_) ...)
+        PATTERN
+
+        MISSING_NAME = "graphql_name should be configured."
+        UNNEEDED_OVERRIDE = "graphql_name should be specified only for overrides."
+
+        def on_class(node)
+          specified_name = graphql_name(node)
+
+          case style
+          when :required
+            add_offense(node, message: MISSING_NAME) if specified_name.nil?
+          when :only_override
+            default_graphql_name = class_name(node).to_s.sub(/Type\Z/, "")
+            add_offense(node, message: UNNEEDED_OVERRIDE) if specified_name == default_graphql_name
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/graphql/max_complexity_schema.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module GraphQL
+      # Detects missing max_complexity configuration in schema files
+      #
+      # @example
+      #   # good
+      #
+      #   class AppSchema < BaseSchema
+      #     max_complexity 42
+      #   end
+      #
+      class MaxComplexitySchema < Base
+        # @!method max_complexity(node)
+        def_node_matcher :max_complexity, <<~PATTERN
+          `(send nil? :max_complexity ...)
+        PATTERN
+
+        MSG = "max_complexity should be configured for schema."
+
+        def on_class(node)
+          return if max_complexity(node)
+
+          add_offense(node)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/graphql/max_depth_schema.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module GraphQL
+      # Detects missing max_depth configuration in schema files
+      #
+      # @example
+      #   # good
+      #
+      #   class AppSchema < BaseSchema
+      #     max_depth 42
+      #   end
+      #
+      class MaxDepthSchema < Base
+        # @!method max_depth(node)
+        def_node_matcher :max_depth, <<~PATTERN
+          `(send nil? :max_depth ...)
+        PATTERN
+
+        MSG = "max_depth should be configured for schema."
+
+        def on_class(node)
+          return if max_depth(node)
+
+          add_offense(node)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/graphql/not_authorized_node_type.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module GraphQL
+      # Detects types that implement Node interface and not have `.authorized?` check.
+      # Such types can be fetched by ID and therefore should have type level check to
+      # avoid accidental information exposure.
+      #
+      # @example
+      #   # good
+      #
+      #   class UserType < BaseType
+      #     implements GraphQL::Types::Relay::Node
+      #
+      #     field :uuid, ID, null: false
+      #
+      #     def self.authorized?(object, context)
+      #       super && object.owner == context[:viewer]
+      #     end
+      #   end
+      #
+      #   # bad
+      #
+      #   class UserType < BaseType
+      #     implements GraphQL::Types::Relay::Node
+      #
+      #     field :uuid, ID, null: false
+      #   end
+      #
+      class NotAuthorizedNodeType < Base
+        MSG = ".authorized? should be defined for types implementing Node interface."
+
+        # @!method implements_node_type?(node)
+        def_node_matcher :implements_node_type?, <<~PATTERN
+          `(send nil? :implements
+            (const
+              (const
+                (const
+                  (const nil? :GraphQL) :Types) :Relay) :Node))
+        PATTERN
+
+        # @!method has_authorized_method?(node)
+        def_node_matcher :has_authorized_method?, <<~PATTERN
+          `(:defs (:self) :authorized? ...)
+        PATTERN
+
+        def on_class(node)
+          add_offense(node) if implements_node_type?(node) && !has_authorized_method?(node)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/graphql/ordered_fields.rb

@@ -39,9 +39,18 @@ module RuboCop
               "section. "\
               "Field `%<current>s` should appear before `%<previous>s`."
 
+        # @!method field_declarations(node)
+        def_node_search :field_declarations, <<~PATTERN
+          {
+            (send nil? :field (:sym _) ...)
+            (block
+              (send nil? :field (:sym _) ...) ...)
+          }
+        PATTERN
+
         def on_class(node)
           field_declarations(node).each_cons(2) do |previous, current|
-            next unless consecutive_lines(previous, current)
+            next unless consecutive_fields(previous, current)
             next if field_name(current) >= field_name(previous)
 
             register_offense(previous, current)
@@ -50,6 +59,14 @@ module RuboCop
 
         private
 
+        def consecutive_fields(previous, current)
+          return true if cop_config["Groups"] == false
+
+          (previous.source_range.last_line == current.source_range.first_line - 1) ||
+            (previous.parent.block_type? &&
+               previous.parent.last_line == current.source_range.first_line - 1)
+        end
+
         def register_offense(previous, current)
           message = format(
             self.class::MSG,
@@ -69,19 +86,6 @@ module RuboCop
             node.first_argument.value.to_s
           end
         end
-
-        def consecutive_lines(previous, current)
-          previous.source_range.last_line == current.source_range.first_line - 1
-        end
-
-        # @!method field_declarations(node)
-        def_node_search :field_declarations, <<~PATTERN
-          {
-            (send nil? :field (:sym _) ...)
-            (block
-              (send nil? :field (:sym _) ...) ...)
-          }
-        PATTERN
       end
     end
   end

data/lib/rubocop/cop/graphql/unnecessary_argument_camelize.rb

@@ -23,14 +23,14 @@ module RuboCop
       #  # bad
       #
       #   class UserType < BaseType
-      #     argument :filter, String, required: false, camelize: false
+      #     argument :filter, String, required: false
       #   end
       #
       #  # bad
       #
       #   class UserType < BaseType
       #     field :name, String, "Name of the user", null: true do
-      #       argument :filter, String, required: false, camelize: true
+      #       argument :filter, String, required: false
       #     end
       #   end
       #

data/lib/rubocop/cop/graphql_cops.rb

@@ -11,8 +11,12 @@ require_relative "graphql/field_hash_key"
 require_relative "graphql/field_method"
 require_relative "graphql/field_name"
 require_relative "graphql/field_uniqueness"
+require_relative "graphql/graphql_name"
 require_relative "graphql/legacy_dsl"
+require_relative "graphql/max_complexity_schema"
+require_relative "graphql/max_depth_schema"
 require_relative "graphql/multiple_field_definitions"
+require_relative "graphql/not_authorized_node_type"
 require_relative "graphql/resolver_method_length"
 require_relative "graphql/object_description"
 require_relative "graphql/ordered_arguments"

data/lib/rubocop/graphql/field.rb

@@ -84,7 +84,7 @@ module RuboCop
       end
 
       def root_node?(node)
-        node.parent.nil? || node.parent.module_type? || root_with_siblings?(node.parent)
+        node.parent.nil? || node.class_type? || root_with_siblings?(node.parent)
       end
 
       def root_with_siblings?(node)

data/lib/rubocop/graphql/schema_member.rb

@@ -7,7 +7,7 @@ module RuboCop
 
       # @!method class_contents(node)
       def_node_matcher :class_contents, <<~PATTERN
-        (class _ _ $_)
+        {(class _ _ $_) | (module _ $_)}
       PATTERN
 
       attr_reader :node

data/lib/rubocop/graphql/swap_range.rb

@@ -16,11 +16,20 @@ module RuboCop
       def declaration(node)
         buffer = processed_source.buffer
         begin_pos = range_by_whole_lines(node.source_range).begin_pos
-        end_line = buffer.line_for_position(node.loc.expression.end_pos)
+        end_line = buffer.line_for_position(final_end_location(node).end_pos)
         end_pos = range_by_whole_lines(buffer.line_range(end_line),
                                        include_final_newline: true).end_pos
         Parser::Source::Range.new(buffer, begin_pos, end_pos)
       end
+
+      def final_end_location(start_node)
+        heredoc_endings =
+          start_node.each_node(:str, :dstr, :xstr)
+                    .select(&:heredoc?)
+                    .map { |node| node.loc.heredoc_end }
+
+        [start_node.source_range.end, *heredoc_endings].max_by(&:line)
+      end
     end
   end
 end

data/lib/rubocop/graphql/version.rb

@@ -1,5 +1,5 @@
 module RuboCop
   module GraphQL
-    VERSION = "0.18.0".freeze
+    VERSION = "1.0.0".freeze
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rubocop-graphql
 version: !ruby/object:Gem::Version
-  version: 0.18.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Dmitry Tsepelev
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-10-30 00:00:00.000000000 Z
+date: 2023-02-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -95,8 +95,12 @@ files:
 - lib/rubocop/cop/graphql/field_method.rb
 - lib/rubocop/cop/graphql/field_name.rb
 - lib/rubocop/cop/graphql/field_uniqueness.rb
+- lib/rubocop/cop/graphql/graphql_name.rb
 - lib/rubocop/cop/graphql/legacy_dsl.rb
+- lib/rubocop/cop/graphql/max_complexity_schema.rb
+- lib/rubocop/cop/graphql/max_depth_schema.rb
 - lib/rubocop/cop/graphql/multiple_field_definitions.rb
+- lib/rubocop/cop/graphql/not_authorized_node_type.rb
 - lib/rubocop/cop/graphql/object_description.rb
 - lib/rubocop/cop/graphql/ordered_arguments.rb
 - lib/rubocop/cop/graphql/ordered_fields.rb