Sign upLogin

ece517-p3/expertiza

View on GitHub
Star

Showing 2,813 of 2,813 total issues

Mass assignment is not restricted using attr_accessible
Open

class SystemSettings < ActiveRecord::Base
Severity: Critical
Found in app/models/system_settings.rb by brakeman

This warning comes up if a model does not limit what attributes can be set through mass assignment.

In particular, this check looks for attr_accessible inside model definitions. If it is not found, this warning will be issued.

Brakeman also warns on use of attr_protected - especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected will be reported, but at a lower confidence level.

Note that disabling mass assignment globally will suppress these warnings.

Mass assignment is not restricted using attr_accessible
Open

class Ta < User
Severity: Critical
Found in app/models/ta.rb by brakeman

This warning comes up if a model does not limit what attributes can be set through mass assignment.

In particular, this check looks for attr_accessible inside model definitions. If it is not found, this warning will be issued.

Brakeman also warns on use of attr_protected - especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected will be reported, but at a lower confidence level.

Note that disabling mass assignment globally will suppress these warnings.

Mass assignment is not restricted using attr_accessible
Open

class TagPromptDeployment < ActiveRecord::Base
Severity: Critical
Found in app/models/tag_prompt_deployment.rb by brakeman

This warning comes up if a model does not limit what attributes can be set through mass assignment.

In particular, this check looks for attr_accessible inside model definitions. If it is not found, this warning will be issued.

Brakeman also warns on use of attr_protected - especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected will be reported, but at a lower confidence level.

Note that disabling mass assignment globally will suppress these warnings.

Mass assignment is not restricted using attr_accessible
Open

class TeammateReviewQuestionnaire < Questionnaire
Severity: Critical
Found in app/models/teammate_review_questionnaire.rb by brakeman

This warning comes up if a model does not limit what attributes can be set through mass assignment.

In particular, this check looks for attr_accessible inside model definitions. If it is not found, this warning will be issued.

Brakeman also warns on use of attr_protected - especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected will be reported, but at a lower confidence level.

Note that disabling mass assignment globally will suppress these warnings.

Mass assignment is not restricted using attr_accessible
Open

class TeammateReviewResponseMap < ResponseMap
Severity: Critical
Found in app/models/teammate_review_response_map.rb by brakeman

This warning comes up if a model does not limit what attributes can be set through mass assignment.

In particular, this check looks for attr_accessible inside model definitions. If it is not found, this warning will be issued.

Brakeman also warns on use of attr_protected - especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected will be reported, but at a lower confidence level.

Note that disabling mass assignment globally will suppress these warnings.

Mass assignment is not restricted using attr_accessible
Open

class TextResponse < Question
Severity: Critical
Found in app/models/text_response.rb by brakeman

This warning comes up if a model does not limit what attributes can be set through mass assignment.

In particular, this check looks for attr_accessible inside model definitions. If it is not found, this warning will be issued.

Brakeman also warns on use of attr_protected - especially since it was found to be vulnerable to bypass. Warnings for mass assignment on models using attr_protected will be reported, but at a lower confidence level.

Note that disabling mass assignment globally will suppress these warnings.

Block has too many lines. [27/25]
Open

  describe '#email' do
    it 'returns the email of the user' do
      expect(user.email).to eq('abcxyz@gmail.com')
    end
Severity: Minor
Found in spec/models/user_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

  describe '.search_users' do
    let(:role) { Role.new }

    before(:each) do
      allow(User).to receive_message_chain(:order, :where).with("(role_id in (?) or id = ?) and name like ?", role.get_available_roles, @user_id, '%name%')
Severity: Minor
Found in spec/models/user_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

describe "scale" do
  let(:questionnaire) { Questionnaire.new min_question_score: 0, max_question_score: 5 }
  let(:scale) { Scale.new id: 1, type: "Scale", seq: 1.0, txt: "test txt", weight: 1, questionnaire: questionnaire }
  let(:answer) { Answer.new answer: 8 }
Severity: Minor
Found in spec/models/scale_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

    context 'when inputted variable (permission_ids) is nil' do
      context 'when the controller_action_id of current item is bigger than 0' do
        context 'when perms does not exist' do
          it 'returns corresponding items' do
            test1.update_attributes(controller_action_id: 1, content_page_id: nil)
Severity: Minor
Found in spec/models/menu_item_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

  describe "#import" do
    it "raise error if record is empty" do
      row = []
      expect { CourseParticipant.import(row, nil, nil, nil) }.to raise_error("No user id has been specified.")
    end
Severity: Minor
Found in spec/models/course_participant_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

describe "criterion" do
  let(:questionnaire) { Questionnaire.new min_question_score: 0, max_question_score: 5 }
  let(:criterion) { Criterion.new id: 1, type: "Criterion", seq: 1.0, txt: "test txt", weight: 1, questionnaire: questionnaire }
  let(:answer) { Answer.new answer: 8 }
Severity: Minor
Found in spec/models/criterion_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

describe ReviewMappingController do
  before(:each) do
    user = build(:instructor)
    stub_current_user(user, user.role.name, user.role)
    # to deal with redirect_to :back
Severity: Minor
Found in spec/controllers/airbrake_exception_errors_controller_tests_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

  describe "tone analysis tests" do
    before(:each) do
      allow(ReviewResponseMap).to receive(:where).with('reviewee_id = ?', team.id).and_return([response_map])
      allow(Assignment).to receive(:find).with('reviewee_id = ?', team.id).and_return(assignment)
      allow(ReviewResponseMap).to receive(:final_versions_from_reviewer).with(1).and_return(final_versions)
Severity: Minor
Found in spec/controllers/popup_controller_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

    it 'save successfully without the same name' do
      session = {user: admin}
      params = {
        user: {name: 'instructor6',
               crypted_password: 'password',
Severity: Minor
Found in spec/controllers/users_controller_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

    it 'works correctly', js: true do
      # click 'REQUEST ACCOUNT' button on root path, redirect to users#request_new page
      visit '/'
      click_link 'Request account'
      expect(page).to have_current_path('/users/request_new?role=Instructor')
Severity: Minor
Found in spec/features/new_user_request_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

  describe '#view' do
    before(:each) do
      allow(Answer).to receive(:compute_scores).with([review_response], [question]).and_return(max: 95, min: 88, avg: 90)
      allow(Participant).to receive(:where).with(parent_id: 1).and_return([participant])
      allow(AssignmentParticipant).to receive(:find).with(1).and_return(participant)
Severity: Minor
Found in spec/controllers/grades_controller_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

  describe '#delete' do
    before(:each) do
      user = build(:instructor)
      stub_current_user(user, user.role.name, user.role)
      # to deal with redirect_to :back
Severity: Minor
Found in spec/controllers/airbrake_exception_errors_controller_tests_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Block has too many lines. [27/25]
Open

describe 'displaying inherit teams section' do
  it 'should display inherit teams option while creating an assignment team' do
    create(:assignment)
    create(:assignment_node)
    create(:assignment_team)
Severity: Minor
Found in spec/features/inherit_teams_display_spec.rb by rubocop

This cop checks if the length of a block exceeds some maximum value. Comment lines can optionally be ignored. The maximum allowed length is configurable. The cop can be configured to ignore blocks passed to certain methods.

Similar blocks of code found in 2 locations. Consider refactoring.
Open

  factory :assignment_team, class: AssignmentTeam do
    sequence(:name) {|n| "team#{n}" }
    assignment { Assignment.first || association(:assignment) }
    type 'AssignmentTeam'
    comments_for_advertisement nil
Severity: Minor
Found in spec/factories/factories.rb and 1 other location - About 25 mins to fix
spec/factories/factories.rb on lines 210..218

Duplicated Code

Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

Tuning

This issue has a mass of 31.

We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

Refactorings

Further Reading

Severity
Category
Status
Source
Language