rubocop-netlify 0.4.0 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 14ac9b91a394e30090e1f4f99216db1f5f5e13f5d6cd08a712d655305a9df733
-  data.tar.gz: 1baf31dc8a12f876322724a2941e93bd455b813ea07abe57aa15fb311519e55b
+  metadata.gz: f7840def645448a07e1449ee73e06840e07fbbc3f0b98446a16f6e0dd8a9290a
+  data.tar.gz: af284fab249cf5746b8cdf2bee7c4391a2a5b74beecadd300c70e4b336babeba
 SHA512:
-  metadata.gz: c1b35300934ab6fa79388c1ff2897749f34c866f1868eb005b6815b78ab7e2cf098fcbb8edca44cd400419f982e1f2fdf6c457976d742c7980b27ff4dd3b645b
-  data.tar.gz: 50da279bb3147da507117b36421a48c9c6b93368658cae3b4527b4f4dbbbd2d1b9a2a6252321100f23cd1b8ffdd83bee7a2f5a9bb30bb3e130cef19ba187954b
+  metadata.gz: aa2f814950a4fb23af00edd90b1fa78eaf3c8b2889470e4b5b79bc35e3a3ce87cc07b5a961724bce2b670037150e83bcdc8924e9e74916036fbe6107442789a7
+  data.tar.gz: 202af5b55defcbe32e56fe189907609ac95062a21765096d7e662e6df82354fc25690b911e9ba00e10110f19c6249e618449ccf6b29d4f5954e10d69ef5e28cf

data/.github/workflows/fossa.yml

@@ -3,7 +3,8 @@ name: Dependency License Scanning
 on:
   push:
     branches:
-      - master
+      - chore/fossa-workflow
+      - main
 
 defaults:
   run:
@@ -15,10 +16,13 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v2
-      - name: Fossa init
+      - name: Download fossa cli
         run: |-
-          curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install.sh | bash
-          fossa init
+          mkdir -p $HOME/.local/bin
+          curl https://raw.githubusercontent.com/fossas/fossa-cli/master/install.sh | bash -s -- -b $HOME/.local/bin
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+      - name: Fossa init
+        run: fossa init
       - name: Set env
         run: echo "line_number=$(grep -n "project" .fossa.yml | cut -f1 -d:)" >> $GITHUB_ENV
       - name: Configuration
@@ -29,3 +33,4 @@ jobs:
         run: fossa analyze --debug
         env:
           FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
+

data/README.md

@@ -27,3 +27,12 @@ bundle exec rake test
 
 ## The Cops
 All cops are located under [lib/rubocop/cop/netlify](lib/rubocop/cop/netlify), and contain examples/documentation.
+
+## Release
+
+1. Make sure you have an account in https://rubygems.org/ and be a part of https://rubygems.org/gems/rubocop-netlify owners
+2. Update a version in [lib/rubocop/netlify/version.rb](lib/rubocop/netlify/version.rb)
+3. Tag it (also maybe make a new release in GitHub)
+4. Run `gem build rubocop-netlify.gemspec` to build a gem
+5. Run `gem push` with a newly created gem file
+6. Done done!

data/lib/rubocop/cop/netlify/rails_env_check.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module RuboCop
+    module Cop
+      module Netlify
+        # This cop checks for use of Rails.env to check the environment
+        #
+        # @example
+        #   # bad
+        #   Rails.env.production?
+        #
+        #   # good
+        #   Netlify.env.production?
+        class RailsEnvCheck < Cop
+          MSG = "Prefer using `Netlify.env` instead of `Rails.env` to check the environment"
+
+          def_node_matcher :rails_env?, <<~PATTERN
+            (send (send (const {nil? cbase} :Rails) :env) /staging?|production?/)
+          PATTERN
+
+          def on_send(node)
+            add_offense(node) if rails_env? node
+          end
+        end
+      end
+    end
+  end

data/lib/rubocop/cop/netlify/require_scope_base.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module RuboCop
+  module Cop
+    module Netlify
+      class RequireScopeBase < Cop
+        RESTRICT_ON_SEND = [:require_scope, :public, :private, :protected]
+        
+        def on_class(node)
+          @require_scopes = []
+          @method_protection = :public
+          @is_controller = node.identifier.short_name.to_s.end_with?("Controller")
+        end
+        
+        def on_send(node)
+          if node.method_name == :require_scope
+            scopes = []
+            limits = {}
+            node.arguments.each do |option|
+              if option.is_a? RuboCop::AST::StrNode
+                scopes << option.value
+              elsif option.is_a? RuboCop::AST::HashNode
+                option.pairs.each do |pair|
+                  if pair.value.is_a? RuboCop::AST::ArrayNode
+                    limits[pair.key.value] = pair.value.values.map(&:value)
+                  elsif pair.value.is_a? RuboCop::AST::SymbolNode
+                    limits[pair.key.value] = [pair.value.value]
+                  end
+                end
+              end
+            end
+
+            @require_scopes << {
+              scopes: scopes,
+              limits: limits,
+              node: node
+            }
+          else
+            @method_protection = node.method_name
+          end
+        end
+
+        private
+
+        def require_scopes_for_method(action)
+          matches = []
+          @require_scopes.each do |require_scope|
+            if require_scope[:limits][:only]
+              matches << require_scope if require_scope[:limits][:only].include?(action)
+            elsif require_scope[:limits][:except]
+              matches << require_scope unless require_scope[:limits][:except].include?(action)
+            else
+              matches << require_scope
+            end
+          end
+
+          return matches
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/netlify/require_scope_duplication.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+require_relative "require_scope_base"
+
+module RuboCop
+  module Cop
+    module Netlify
+      # This cop checks OAuth scope definition duplication
+      #
+      # @example
+      #   # bad
+      #   require_scope "all:read"
+      #   require_scope "public"
+      #
+      #   # good
+      #   require_scope "public", "all:read"
+      #
+      #   # bad
+      #   require_scope "all:read", only: :index
+      #   require_scope "all:read", only: [:index, :show]
+      #
+      #   # good
+      #   require_scope "all:read", only: [:index, :show]
+      #
+      #   # bad
+      #   require_scope "all:read"
+      #   require_scope "all:write"
+      #
+      #   # good
+      #   require_scope "??" # Be careful! 
+      class RequireScopeDuplication < RequireScopeBase
+        def on_def(node)
+          return unless @is_controller
+          return unless @method_protection == :public
+      
+          require_scopes = require_scopes_for_method(node.method_name)
+          if require_scopes.size > 1
+            add_offense(require_scopes.last[:node], message: "Multiple overlapping definitions: #{require_scopes.map { |rs| rs[:scopes].inspect }.join(" and ")}.")
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/netlify/require_scope_semantics.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+require_relative "require_scope_base"
+
+module RuboCop
+  module Cop
+    module Netlify
+      # This cop checks OAuth scope semantic mismatches
+      #
+      # @example
+      #   # bad
+      #   require_scope "all:read"
+      #   def destroy
+      #
+      #   # good
+      #   require_scope "all:read"
+      #   def index
+      class RequireScopeSemantics < RequireScopeBase
+        WRITE_KEYWORDS = ["update", "create", "destroy", "new", "edit", "revoke", "delete"].freeze
+        READ_KEYWORDS = ["show", "index"].freeze
+
+        def on_def(node)
+          return unless @is_controller
+          return unless @method_protection == :public
+
+          require_scopes = require_scopes_for_method(node.method_name)
+          return if require_scopes.empty?
+          require_scope = require_scopes.last # this is the observed matching behavior
+          scopes = require_scope[:scopes]
+
+          if WRITE_KEYWORDS.any? { |s| node.method_name.to_s.include?(s) }
+            read_semantic_scopes = scopes.select { |scope| scope.include?("read") }
+            unless read_semantic_scopes.empty?
+              add_offense(node, message: format("Semantic naming mismatch between method `%s` and scope `%s`", node.method_name, read_semantic_scopes[0]))
+            end
+          end
+
+          if READ_KEYWORDS.any? { |s| node.method_name.to_s.include?(s) }
+            write_semantic_scopes = scopes.select { |scope| scope.include?("write") }
+            unless write_semantic_scopes.empty?
+              add_offense(node, message: format("Semantic naming mismatch between method `%s` and scope `%s`", node.method_name, write_semantic_scopes[0]))
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/netlify_cops.rb

@@ -3,3 +3,6 @@
 require_relative "netlify/request_tests_param_encoding"
 require_relative "netlify/sidekiq_keyword_arguments"
 require_relative "netlify/invalid_model_assignment"
+require_relative "netlify/rails_env_check"
+require_relative "netlify/require_scope_semantics"
+require_relative "netlify/require_scope_duplication"

data/lib/rubocop/netlify/version.rb

@@ -2,6 +2,6 @@
 
 module RuboCop
   module Netlify
-    VERSION = "0.4.0"
+    VERSION = "0.6.0"
   end
 end

data/rubocop-netlify.gemspec

@@ -14,7 +14,7 @@ Gem::Specification.new do |spec|
   spec.license       = "MIT"
   spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
 
-  spec.add_dependency "rubocop", "~> 0.72", "< 2.0"
+  spec.add_dependency "rubocop", ">= 0.72", "< 2.0"
   spec.add_development_dependency "minitest", "~> 5.10"
 
   # Specify which files should be added to the gem when it is released.

metadata

@@ -1,20 +1,20 @@
 --- !ruby/object:Gem::Specification
 name: rubocop-netlify
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.6.0
 platform: ruby
 authors:
 - Esteban Pastorino
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-03-29 00:00:00.000000000 Z
+date: 2023-02-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.72'
     - - "<"
@@ -24,7 +24,7 @@ dependencies:
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.72'
     - - "<"
@@ -62,7 +62,11 @@ files:
 - bin/setup
 - lib/rubocop-netlify.rb
 - lib/rubocop/cop/netlify/invalid_model_assignment.rb
+- lib/rubocop/cop/netlify/rails_env_check.rb
 - lib/rubocop/cop/netlify/request_tests_param_encoding.rb
+- lib/rubocop/cop/netlify/require_scope_base.rb
+- lib/rubocop/cop/netlify/require_scope_duplication.rb
+- lib/rubocop/cop/netlify/require_scope_semantics.rb
 - lib/rubocop/cop/netlify/sidekiq_keyword_arguments.rb
 - lib/rubocop/cop/netlify_cops.rb
 - lib/rubocop/netlify.rb