Class: RuboCop::Cop::Betterment::UnsafeJob

Inherits:

RuboCop::Cop

• Object
• RuboCop::Cop
• RuboCop::Cop::Betterment::UnsafeJob

Defined in:

lib/rubocop/cop/betterment/unsafe_job.rb

Constant Summary

MSG =

<<~MSG
  This job takes a parameter that will end up serialized in plaintext. Do not pass sensitive data as bare arguments into jobs.

  See here for more information on this error:
  https://github.com/Betterment/betterlint#bettermentunsafejob
MSG

Instance Attribute Summary

• #class_regex ⇒ Object

  Returns the value of attribute class_regex.

• #sensitive_params ⇒ Object

  Returns the value of attribute sensitive_params.

Instance Method Summary

• #initialize(config = nil, options = nil) ⇒ UnsafeJob constructor

  A new instance of UnsafeJob.

• #on_def(node) ⇒ Object

Constructor Details

#initialize(config = nil, options = nil) ⇒ UnsafeJob

Returns a new instance of UnsafeJob.

# File 'lib/rubocop/cop/betterment/unsafe_job.rb', line 16

def initialize(config = nil, options = nil)
  super(config, options)
  config = @config.for_cop(self)
  @sensitive_params = config.fetch("sensitive_params", []).map(&:to_sym)
  @class_regex = Regexp.new config.fetch("class_regex", ".*Job$")
end

Instance Attribute Details

#class_regex ⇒ Object

Returns the value of attribute class_regex.

# File 'lib/rubocop/cop/betterment/unsafe_job.rb', line 7

def class_regex
  @class_regex
end

#sensitive_params ⇒ Object

Returns the value of attribute sensitive_params.

# File 'lib/rubocop/cop/betterment/unsafe_job.rb', line 7

def sensitive_params
  @sensitive_params
end

Instance Method Details

#on_def(node) ⇒ Object

# File 'lib/rubocop/cop/betterment/unsafe_job.rb', line 23

def on_def(node)
  return unless %i(perform initialize).include?(node.method_name)
  return unless @class_regex.match(node.parent_module_name)

  node.arguments.any? do |argument|
    name, = *argument
    add_offense(argument) if @sensitive_params.include?(name)
  end
end