app/controllers/concerns/orderable.rb from autoforce/APIcasso

app/controllers/concerns/orderable.rb

Summary

Maintainability

0 mins

Test Coverage

Unsafe reflection method constantize called with parameter value
Confirmed

    (params[:nested] || params[:resource] || controller_name).classify.constantize

Found in app/controllers/concerns/orderable.rb by brakeman

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

Brakeman reports on several cases of remote code execution, in which a user is able to control and execute code in ways unintended by application authors.

The obvious form of this is the use of eval with user input.

However, Brakeman also reports on dangerous uses of send, constantize, and other methods which allow creation of arbitrary objects or calling of arbitrary methods.

Orderable#parse_attr doesn't depend on instance state (maybe move it to another class?)
Open

  def parse_attr(attr)

Found in app/controllers/concerns/orderable.rb by reek

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

A Utility Function is any instance method that has no dependency on the state of the instance.

Orderable#parse_sign performs a nil-check
Open

    attr.match(/\A[+-]/).nil? ? '+': attr.slice!(0)

Found in app/controllers/concerns/orderable.rb by reek

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.

Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.

Example

Given

class Klass
  def nil_checker(argument)
    if argument.nil?
      puts "argument isn't nil!"
    end
  end
end

Reek would emit the following warning:

test.rb -- 1 warning:
  [3]:Klass#nil_checker performs a nil-check. (NilCheck)

Orderable#parse_sign doesn't depend on instance state (maybe move it to another class?)
Open

  def parse_sign(attr)

Found in app/controllers/concerns/orderable.rb by reek

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

A Utility Function is any instance method that has no dependency on the state of the instance.

Orderable#parse_attr performs a nil-check
Open

    return attr[1..-1] unless attr.match(/\A[+-]/).nil?

Found in app/controllers/concerns/orderable.rb by reek

Read up
Read up
Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

A NilCheck is a type check. Failures of NilCheck violate the "tell, don't ask" principle.

Additionally, type checks often mask bigger problems in your source code like not using OOP and / or polymorphism when you should.

Example

Given

class Klass
  def nil_checker(argument)
    if argument.nil?
      puts "argument isn't nil!"
    end
  end
end

Reek would emit the following warning:

test.rb -- 1 warning:
  [3]:Klass#nil_checker performs a nil-check. (NilCheck)

unexpected token error (Using Ruby 2.1 parser; configure using `TargetRubyVersion` parameter, under `AllCops`)
Open

    params[:sort]&.delete(' ').try(:split, ',').try(:each) do |attr|

Found in app/controllers/concerns/orderable.rb by rubocop

Create a ticket
Create a ticket
Exclude checks
- Disable engine
- Disable check

autoforce/APIcasso

Summary

Maintainability

Test Coverage

Unsafe reflection method constantize called with parameter value
Confirmed

Orderable#parse_attr doesn't depend on instance state (maybe move it to another class?)
Open

Orderable#parse_sign performs a nil-check
Open

Example

Orderable#parse_sign doesn't depend on instance state (maybe move it to another class?)
Open

Orderable#parse_attr performs a nil-check
Open

Example

unexpected token error (Using Ruby 2.1 parser; configure using `TargetRubyVersion` parameter, under `AllCops`)
Open

There are no issues that match your filters.

Category

Status

autoforce/APIcasso

Summary

Maintainability

Test Coverage

Unsafe reflection method constantize called with parameter value Confirmed

Orderable#parse_attr doesn't depend on instance state (maybe move it to another class?) Open

Orderable#parse_sign performs a nil-check Open

Example

Orderable#parse_sign doesn't depend on instance state (maybe move it to another class?) Open

Orderable#parse_attr performs a nil-check Open

Example

unexpected token error (Using Ruby 2.1 parser; configure using TargetRubyVersion parameter, under AllCops) Open

There are no issues that match your filters.

Category

Status

Unsafe reflection method constantize called with parameter value
Confirmed

Orderable#parse_attr doesn't depend on instance state (maybe move it to another class?)
Open

Orderable#parse_sign performs a nil-check
Open

Orderable#parse_sign doesn't depend on instance state (maybe move it to another class?)
Open

Orderable#parse_attr performs a nil-check
Open

unexpected token error (Using Ruby 2.1 parser; configure using `TargetRubyVersion` parameter, under `AllCops`)
Open