Sign upLogin

autotelik/datashift_journey

View on GitHub
Star
app/controllers/datashift_journey/journey_plans_controller.rb

Summary

Maintainability
A
0 mins
Test Coverage

Unsafe reflection method constantize called with parameter value
Open

      @journey_plan_class = params[:journey_plan_class] ? params[:journey_plan_class].constantize : DatashiftJourney.journey_plan_class
Severity: Critical
Found in app/controllers/datashift_journey/journey_plans_controller.rb by brakeman

Brakeman reports on several cases of remote code execution, in which a user is able to control and execute code in ways unintended by application authors.

The obvious form of this is the use of eval with user input.

However, Brakeman also reports on dangerous uses of send, constantize, and other methods which allow creation of arbitrary objects or calling of arbitrary methods.

TODO found
Open

      # TODO: how to auto insert has_secure_token into the underlying journey plan model
Severity: Minor
Found in app/controllers/datashift_journey/journey_plans_controller.rb by fixme

Use %i or %I for an array of symbols.
Open

    prepend_before_action :set_journey_plan, only: [:new, :destroy, :back_a_state]
Severity: Minor
Found in app/controllers/datashift_journey/journey_plans_controller.rb by rubocop

This cop can check for array literals made up of symbols that are not using the %i() syntax.

Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.

Configuration option: MinSize If set, arrays with fewer elements than this value will not trigger the cop. For example, a MinSize of3` will not enforce a style on an array of 2 or fewer elements.

Example: EnforcedStyle: percent (default)

# good
%i[foo bar baz]

# bad
[:foo, :bar, :baz]

Example: EnforcedStyle: brackets

# good
[:foo, :bar, :baz]

# bad
%i[foo bar baz]

Use %i or %I for an array of symbols.
Open

    prepend_before_action :set_reform_object, only: [:edit, :update]
Severity: Minor
Found in app/controllers/datashift_journey/journey_plans_controller.rb by rubocop

This cop can check for array literals made up of symbols that are not using the %i() syntax.

Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.

Configuration option: MinSize If set, arrays with fewer elements than this value will not trigger the cop. For example, a MinSize of3` will not enforce a style on an array of 2 or fewer elements.

Example: EnforcedStyle: percent (default)

# good
%i[foo bar baz]

# bad
[:foo, :bar, :baz]

Example: EnforcedStyle: brackets

# good
[:foo, :bar, :baz]

# bad
%i[foo bar baz]

Use %i or %I for an array of symbols.
Open

    before_action :validate_state, only: [:edit, :update]
Severity: Minor
Found in app/controllers/datashift_journey/journey_plans_controller.rb by rubocop

This cop can check for array literals made up of symbols that are not using the %i() syntax.

Alternatively, it checks for symbol arrays using the %i() syntax on projects which do not want to use that syntax.

Configuration option: MinSize If set, arrays with fewer elements than this value will not trigger the cop. For example, a MinSize of3` will not enforce a style on an array of 2 or fewer elements.

Example: EnforcedStyle: percent (default)

# good
%i[foo bar baz]

# bad
[:foo, :bar, :baz]

Example: EnforcedStyle: brackets

# good
[:foo, :bar, :baz]

# bad
%i[foo bar baz]

Prefer single-quoted strings when you don't need string interpolation or special symbols.
Open

      logger.info("JOURNEY moved to next state - Current Plan :")
Severity: Minor
Found in app/controllers/datashift_journey/journey_plans_controller.rb by rubocop

Checks if uses of quotes match the configured preference.

Example: EnforcedStyle: single_quotes (default)

# bad
"No special symbols"
"No string interpolation"
"Just text"

# good
'No special symbols'
'No string interpolation'
'Just text'
"Wait! What's #{this}!"

Example: EnforcedStyle: double_quotes

# bad
'Just some text'
'No special chars or interpolation'

# good
"Just some text"
"No special chars or interpolation"
"Every string in #{project} uses double_quotes"

Do not place comments on the same line as the end keyword.
Open

    end # UPDATE
Severity: Minor
Found in app/controllers/datashift_journey/journey_plans_controller.rb by rubocop

This cop checks for comments put on the same line as some keywords. These keywords are: begin, class, def, end, module.

Note that some comments (such as :nodoc: and rubocop:disable) are allowed.

Example:

# bad
if condition
  statement
end # end if

# bad
class X # comment
  statement
end

# bad
def x; end # comment

# good
if condition
  statement
end

# good
class X # :nodoc:
  y
end

Extra empty line detected at method body beginning.
Open


      # result = form.validate(params)
Severity: Minor
Found in app/controllers/datashift_journey/journey_plans_controller.rb by rubocop

This cops checks if empty lines exist around the bodies of methods.

Example:

# good

def foo
  # ...
end

# bad

def bar

  # ...

end

There are no issues that match your filters.

Category
Status