Issues - ece517-p3/expertiza

Prefer `each` over `for`.
Open

    for i in 0..3

Found in app/models/multiple_choice_checkbox.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop looks for uses of the for keyword, or each method. The preferred alternative is set in the EnforcedStyle configuration parameter. An each call with a block on a single line is always allowed, however.

Tagging a string as html safe may be a security risk.
Open

    safe_join(["<TR>".html_safe, "</TR>".html_safe], html.html_safe)

Found in app/models/criterion.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop checks for the use of output safety calls like htmlsafe, raw, and safeconcat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

Example:

user_content = "hi"

# bad
"#{user_content}".html_safe
# => ActiveSupport::SafeBuffer "hi"

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "<b>hi</b>"

# bad
out = ""
out << "#{user_content}"
out << "#{user_content}"
out.html_safe
# => ActiveSupport::SafeBuffer "hi
hi"

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "<b>hi</b>
<b>hi</b>"

# bad
out = "trusted content".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "trusted_content
hi"

# good
out = "trusted content".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "trusted_content<b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

Specify an `:inverse_of` option.
Open

  belongs_to :assignment, class_name: 'Assignment', foreign_key: 'parent_id'

Found in app/models/assignment_due_date.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop looks for has(one|many) and belongsto associations where ActiveRecord can't automatically determine the inverse association because of a scope or the options used. This can result in unnecessary queries in some circumstances. :inverse_of must be manually specified for associations to work in both ways, or set to false to opt-out.

Example:

# good
class Blog < ApplicationRecord
  has_many :posts
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Blog < ApplicationRecord
  has_many :posts, -> { order(published_at: :desc) }
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  has_many(:posts,
    -> { order(published_at: :desc) },
    inverse_of: :blog
  )
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  with_options inverse_of: :blog do
    has_many :posts, -> { order(published_at: :desc) }
  end
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable
end

# good
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

Example:

# bad
# However, RuboCop can not detect this pattern...
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician
  belongs_to :patient
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

# good
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician, inverse_of: :appointments
  belongs_to :patient, inverse_of: :appointments
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

@see http://guides.rubyonrails.org/association_basics.html#bi-directional-associations @see http://api.rubyonrails.org/classes/ActiveRecord/Associations/ClassMethods.html#module-ActiveRecord::Associations::ClassMethods-label-Setting+Inverses

Tagging a string as html safe may be a security risk.
Open

      html += '<br>' + answer.comments.html_safe

Found in app/models/criterion.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop checks for the use of output safety calls like htmlsafe, raw, and safeconcat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

Example:

user_content = "hi"

# bad
"#{user_content}".html_safe
# => ActiveSupport::SafeBuffer "hi"

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "<b>hi</b>"

# bad
out = ""
out << "#{user_content}"
out << "#{user_content}"
out.html_safe
# => ActiveSupport::SafeBuffer "hi
hi"

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "<b>hi</b>
<b>hi</b>"

# bad
out = "trusted content".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "trusted_content
hi"

# good
out = "trusted content".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "trusted_content<b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

Avoid more than 3 levels of block nesting.
Open

            if assignment_due_date.due_at >= Time.zone.now
              next_due_date = assignment_due_date
              break
            end

Found in app/models/due_date.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop checks for excessive nesting of conditional and looping constructs.

You can configure if blocks are considered using the CountBlocks option. When set to false (the default) blocks are not counted towards the nesting level. Set to true to count blocks as well.

The maximum level of nesting allowed is configurable.

Specify an `:inverse_of` option.
Open

  has_many :participants, class_name: 'Participant', foreign_key: 'user_id', dependent: :destroy

Found in app/models/user.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop looks for has(one|many) and belongsto associations where ActiveRecord can't automatically determine the inverse association because of a scope or the options used. This can result in unnecessary queries in some circumstances. :inverse_of must be manually specified for associations to work in both ways, or set to false to opt-out.

Example:

# good
class Blog < ApplicationRecord
  has_many :posts
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Blog < ApplicationRecord
  has_many :posts, -> { order(published_at: :desc) }
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  has_many(:posts,
    -> { order(published_at: :desc) },
    inverse_of: :blog
  )
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  with_options inverse_of: :blog do
    has_many :posts, -> { order(published_at: :desc) }
  end
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable
end

# good
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

Example:

# bad
# However, RuboCop can not detect this pattern...
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician
  belongs_to :patient
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

# good
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician, inverse_of: :appointments
  belongs_to :patient, inverse_of: :appointments
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

@see http://guides.rubyonrails.org/association_basics.html#bi-directional-associations @see http://api.rubyonrails.org/classes/ActiveRecord/Associations/ClassMethods.html#module-ActiveRecord::Associations::ClassMethods-label-Setting+Inverses

Specify an `:inverse_of` option.
Open

  belongs_to :response_map, class_name: 'ResponseMap', foreign_key: 'map_id'

Found in app/models/response.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop looks for has(one|many) and belongsto associations where ActiveRecord can't automatically determine the inverse association because of a scope or the options used. This can result in unnecessary queries in some circumstances. :inverse_of must be manually specified for associations to work in both ways, or set to false to opt-out.

Example:

# good
class Blog < ApplicationRecord
  has_many :posts
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Blog < ApplicationRecord
  has_many :posts, -> { order(published_at: :desc) }
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  has_many(:posts,
    -> { order(published_at: :desc) },
    inverse_of: :blog
  )
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  with_options inverse_of: :blog do
    has_many :posts, -> { order(published_at: :desc) }
  end
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable
end

# good
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

Example:

# bad
# However, RuboCop can not detect this pattern...
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician
  belongs_to :patient
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

# good
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician, inverse_of: :appointments
  belongs_to :patient, inverse_of: :appointments
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

@see http://guides.rubyonrails.org/association_basics.html#bi-directional-associations @see http://api.rubyonrails.org/classes/ActiveRecord/Associations/ClassMethods.html#module-ActiveRecord::Associations::ClassMethods-label-Setting+Inverses

Use `find_by` instead of `where.first`.
Open

      score = Answer.where(response_id: response_id, question_id: question.id).first

Found in app/models/quiz_response_map.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop is used to identify usages of where.first and change them to use find_by instead.

Example:

# bad
User.where(name: 'Bruce').first
User.where(name: 'Bruce').take

# good
User.find_by(name: 'Bruce')

Use a guard clause instead of wrapping the code inside a conditional expression.
Open

        if ap1.reviews_by_reviewer(ap2).nil?

Found in app/models/collusion_cycle.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Use a guard clause instead of wrapping the code inside a conditional expression

Example:

# bad
def test
  if something
    work
  end
end

# good
def test
  return unless something
  work
end

# also good
def test
  work if something
end

# bad
if something
  raise 'exception'
else
  ok
end

# good
raise 'exception' if something
ok

Specify an `:inverse_of` option.
Open

  has_many :assignment_participants, class_name: 'AssignmentParticipant', foreign_key: 'user_id', dependent: :destroy

Found in app/models/user.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop looks for has(one|many) and belongsto associations where ActiveRecord can't automatically determine the inverse association because of a scope or the options used. This can result in unnecessary queries in some circumstances. :inverse_of must be manually specified for associations to work in both ways, or set to false to opt-out.

Example:

# good
class Blog < ApplicationRecord
  has_many :posts
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Blog < ApplicationRecord
  has_many :posts, -> { order(published_at: :desc) }
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  has_many(:posts,
    -> { order(published_at: :desc) },
    inverse_of: :blog
  )
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  with_options inverse_of: :blog do
    has_many :posts, -> { order(published_at: :desc) }
  end
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable
end

# good
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

Example:

# bad
# However, RuboCop can not detect this pattern...
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician
  belongs_to :patient
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

# good
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician, inverse_of: :appointments
  belongs_to :patient, inverse_of: :appointments
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

@see http://guides.rubyonrails.org/association_basics.html#bi-directional-associations @see http://api.rubyonrails.org/classes/ActiveRecord/Associations/ClassMethods.html#module-ActiveRecord::Associations::ClassMethods-label-Setting+Inverses

Tagging a string as html safe may be a security risk.
Open

    safe_join(["".html_safe, "".html_safe], html.html_safe)

Found in app/models/checkbox.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop checks for the use of output safety calls like htmlsafe, raw, and safeconcat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

Example:

user_content = "hi"

# bad
"#{user_content}".html_safe
# => ActiveSupport::SafeBuffer "hi"

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "<b>hi</b>"

# bad
out = ""
out << "#{user_content}"
out << "#{user_content}"
out.html_safe
# => ActiveSupport::SafeBuffer "hi
hi"

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "<b>hi</b>
<b>hi</b>"

# bad
out = "trusted content".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "trusted_content
hi"

# good
out = "trusted content".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "trusted_content<b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

Tagging a string as html safe may be a security risk.
Open

    safe_join(["".html_safe, "".html_safe], html.html_safe)

Found in app/models/checkbox.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop checks for the use of output safety calls like htmlsafe, raw, and safeconcat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

Example:

user_content = "hi"

# bad
"#{user_content}".html_safe
# => ActiveSupport::SafeBuffer "hi"

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "<b>hi</b>"

# bad
out = ""
out << "#{user_content}"
out << "#{user_content}"
out.html_safe
# => ActiveSupport::SafeBuffer "hi
hi"

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "<b>hi</b>
<b>hi</b>"

# bad
out = "trusted content".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "trusted_content
hi"

# good
out = "trusted content".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "trusted_content<b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

Tagging a string as html safe may be a security risk.
Open

    safe_join(["".html_safe, "".html_safe], html.html_safe)

Found in app/models/checkbox.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop checks for the use of output safety calls like htmlsafe, raw, and safeconcat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

Example:

user_content = "hi"

# bad
"#{user_content}".html_safe
# => ActiveSupport::SafeBuffer "hi"

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "<b>hi</b>"

# bad
out = ""
out << "#{user_content}"
out << "#{user_content}"
out.html_safe
# => ActiveSupport::SafeBuffer "hi
hi"

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "<b>hi</b>
<b>hi</b>"

# bad
out = "trusted content".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "trusted_content
hi"

# good
out = "trusted content".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "trusted_content<b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

Use a guard clause instead of wrapping the code inside a conditional expression.
Open

          if ap2.reviews_by_reviewer(ap3).nil?

Found in app/models/collusion_cycle.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

Use a guard clause instead of wrapping the code inside a conditional expression

Example:

# bad
def test
  if something
    work
  end
end

# good
def test
  return unless something
  work
end

# also good
def test
  work if something
end

# bad
if something
  raise 'exception'
else
  ok
end

# good
raise 'exception' if something
ok

Specify an `:inverse_of` option.
Open

  belongs_to :reviewee, class_name: 'Participant', foreign_key: 'reviewee_id'

Found in app/models/teammate_review_response_map.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop looks for has(one|many) and belongsto associations where ActiveRecord can't automatically determine the inverse association because of a scope or the options used. This can result in unnecessary queries in some circumstances. :inverse_of must be manually specified for associations to work in both ways, or set to false to opt-out.

Example:

# good
class Blog < ApplicationRecord
  has_many :posts
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Blog < ApplicationRecord
  has_many :posts, -> { order(published_at: :desc) }
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  has_many(:posts,
    -> { order(published_at: :desc) },
    inverse_of: :blog
  )
end

class Post < ApplicationRecord
  belongs_to :blog
end

# good
class Blog < ApplicationRecord
  with_options inverse_of: :blog do
    has_many :posts, -> { order(published_at: :desc) }
  end
end

class Post < ApplicationRecord
  belongs_to :blog
end

Example:

# bad
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable
end

# good
class Picture < ApplicationRecord
  belongs_to :imageable, polymorphic: true
end

class Employee < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

class Product < ApplicationRecord
  has_many :pictures, as: :imageable, inverse_of: :imageable
end

Example:

# bad
# However, RuboCop can not detect this pattern...
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician
  belongs_to :patient
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

# good
class Physician < ApplicationRecord
  has_many :appointments
  has_many :patients, through: :appointments
end

class Appointment < ApplicationRecord
  belongs_to :physician, inverse_of: :appointments
  belongs_to :patient, inverse_of: :appointments
end

class Patient < ApplicationRecord
  has_many :appointments
  has_many :physicians, through: :appointments
end

@see http://guides.rubyonrails.org/association_basics.html#bi-directional-associations @see http://api.rubyonrails.org/classes/ActiveRecord/Associations/ClassMethods.html#module-ActiveRecord::Associations::ClassMethods-label-Setting+Inverses

Use `each_value` instead of `each`.
Open

    choice_info.each do |_idx, value|

Found in app/models/multiple_choice_checkbox.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop checks for uses of each_key and each_value Hash methods.

Note: If you have an array of two-element arrays, you can put parentheses around the block arguments to indicate that you're not working with a hash, and suppress RuboCop offenses.

Example:

# bad
hash.keys.each { |k| p k }
hash.values.each { |v| p v }
hash.each { |k, _v| p k }
hash.each { |_k, v| p v }

# good
hash.each_key { |k| p k }
hash.each_value { |v| p v }

Tagging a string as html safe may be a security risk.
Open

    safe_join(["".html_safe, "".html_safe], html.html_safe)

Found in app/models/checkbox.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop checks for the use of output safety calls like htmlsafe, raw, and safeconcat. These methods do not escape content. They simply return a SafeBuffer containing the content as is. Instead, use safe_join to join content and escape it and concat to concatenate content and escape it, ensuring its safety.

Example:

user_content = "hi"

# bad
"#{user_content}".html_safe
# => ActiveSupport::SafeBuffer "hi"

# good
content_tag(:p, user_content)
# => ActiveSupport::SafeBuffer "<b>hi</b>"

# bad
out = ""
out << "#{user_content}"
out << "#{user_content}"
out.html_safe
# => ActiveSupport::SafeBuffer "hi
hi"

# good
out = []
out << content_tag(:li, user_content)
out << content_tag(:li, user_content)
safe_join(out)
# => ActiveSupport::SafeBuffer
#    "<b>hi</b>
<b>hi</b>"

# bad
out = "trusted content".html_safe
out.safe_concat(user_content)
# => ActiveSupport::SafeBuffer "trusted_content
hi"

# good
out = "trusted content".html_safe
out.concat(user_content)
# => ActiveSupport::SafeBuffer
#    "trusted_content<b>hi</b>"

# safe, though maybe not good style
out = "trusted content"
result = out.concat(user_content)
# => String "trusted contenthi"
# because when rendered in ERB the String will be escaped:
# <%= result %>
# => trusted content<b>hi</b>

# bad
(user_content + " " + content_tag(:span, user_content)).html_safe
# => ActiveSupport::SafeBuffer "hi <span><b>hi</b></span>"

# good
safe_join([user_content, " ", content_tag(:span, user_content)])
# => ActiveSupport::SafeBuffer
#    "<b>hi</b> <span>&lt;b&gt;hi&lt;/b&gt;</span>"

Specify a `:dependent` option.
Open

  has_many :children, class_name: 'User', foreign_key: 'parent_id'

Found in app/models/user.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop looks for has_many or has_one associations that don't specify a :dependent option. It doesn't register an offense if :through option was specified.

Example:

# bad
class User < ActiveRecord::Base
  has_many :comments
  has_one :avatar
end

# good
class User < ActiveRecord::Base
  has_many :comments, dependent: :restrict_with_exception
  has_one :avatar, dependent: :destroy
  has_many :patients, through: :appointments
end

Replace class var @@ta_role with a class instance var.
Open

    @@ta_role ||= find_by name: 'Teaching Assistant'

Found in app/models/role.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop checks for uses of class variables. Offenses are signaled only on assignment to class variables to reduce the number of offenses that would be reported.

Prefer `each` over `for`.
Open

    for pivot in 0...cycle.size - 1 do

Found in app/models/collusion_cycle.rb by rubocop

Read up
Read up
Exclude checks
- Disable engine
- Disable check

This cop looks for uses of the for keyword, or each method. The preferred alternative is set in the EnforcedStyle configuration parameter. An each call with a block on a single line is always allowed, however.

ece517-p3/expertiza

Showing 2,813 of 2,813 total issues

Prefer each over for. Open

Tagging a string as html safe may be a security risk. Open

Example:

trusted content

trusted_content

trusted content

trusted_content

Specify an :inverse_of option. Open

Example:

Example:

Example:

Example:

Tagging a string as html safe may be a security risk. Open

Example:

trusted content

trusted_content

trusted content

trusted_content

Avoid more than 3 levels of block nesting. Open

Specify an :inverse_of option. Open

Example:

Example:

Example:

Example:

Specify an :inverse_of option. Open

Example:

Example:

Example:

Example:

Use find_by instead of where.first. Open

Example:

Use a guard clause instead of wrapping the code inside a conditional expression. Open

Example:

Specify an :inverse_of option. Open

Example:

Example:

Example:

Example:

Tagging a string as html safe may be a security risk. Open

Example:

trusted content

trusted_content

trusted content

trusted_content

Tagging a string as html safe may be a security risk. Open

Example:

trusted content

trusted_content

trusted content

trusted_content

Tagging a string as html safe may be a security risk. Open

Example:

trusted content

trusted_content

trusted content

trusted_content

Use a guard clause instead of wrapping the code inside a conditional expression. Open

Example:

Specify an :inverse_of option. Open

Example:

Example:

Example:

Example:

Use each_value instead of each. Open

Example:

Tagging a string as html safe may be a security risk. Open

Example:

trusted content

trusted_content

trusted content

trusted_content

Specify a :dependent option. Open

Example:

Replace class var @@ta_role with a class instance var. Open

Prefer each over for. Open

Severity

Category

Status

Prefer `each` over `for`.
Open

Tagging a string as html safe may be a security risk.
Open

Specify an `:inverse_of` option.
Open

Tagging a string as html safe may be a security risk.
Open

Avoid more than 3 levels of block nesting.
Open

Specify an `:inverse_of` option.
Open

Specify an `:inverse_of` option.
Open

Use `find_by` instead of `where.first`.
Open

Use a guard clause instead of wrapping the code inside a conditional expression.
Open

Specify an `:inverse_of` option.
Open

Tagging a string as html safe may be a security risk.
Open

Tagging a string as html safe may be a security risk.
Open

Tagging a string as html safe may be a security risk.
Open

Use a guard clause instead of wrapping the code inside a conditional expression.
Open

Specify an `:inverse_of` option.
Open

Use `each_value` instead of `each`.
Open

Tagging a string as html safe may be a security risk.
Open

Specify a `:dependent` option.
Open

Replace class var @@ta_role with a class instance var.
Open

Prefer `each` over `for`.
Open