diff options
| author | Robert Speicher <rspeicher@gmail.com> | 2017-03-25 13:45:31 -0400 |
|---|---|---|
| committer | Robert Speicher <rspeicher@gmail.com> | 2017-03-25 13:45:31 -0400 |
| commit | 2b445fbd903cfa46338b06dc801e87326d7a7c33 (patch) | |
| tree | 8784e52c96b70f152b711ad91ad3093751bb7b0b | |
| parent | fc312799684f9e6126815f602cef85a75e7887b8 (diff) | |
| download | gitlab-ce-2b445fbd903cfa46338b06dc801e87326d7a7c33.tar.gz | |
fixup! WIP: to_json cop
| -rw-r--r-- | spec/rubocop/cop/security/to_json_spec.rb | 53 |
1 files changed, 27 insertions, 26 deletions
diff --git a/spec/rubocop/cop/security/to_json_spec.rb b/spec/rubocop/cop/security/to_json_spec.rb index 2b5a656adf9..c81d41c0a55 100644 --- a/spec/rubocop/cop/security/to_json_spec.rb +++ b/spec/rubocop/cop/security/to_json_spec.rb @@ -16,13 +16,36 @@ describe RuboCop::Cop::Security::ToJson do expect(cop.offenses).to be_empty end - it 'ignores `to_json` sent to a Serializer instance' do - inspect_source(cop, 'MergeRequestSerializer.new.represent(issuable).to_json') + context '`to_json` without options' do + it 'does nothing when sent to nil receiver' do + inspect_source(cop, 'to_json') - expect(cop.offenses).to be_empty + expect(cop.offenses).to be_empty + end + + it 'does nothing when sent to a Hash' do + inspect_source(cop, '{}.to_json') + + expect(cop.offenses).to be_empty + end + + it 'does nothing when sent to a Serializer instance' do + inspect_source(cop, 'MergeRequestSerializer.new.represent(issuable).to_json') + + expect(cop.offenses).to be_empty + end + + it 'adds an offense when sent to any other receiver' do + inspect_source(cop, 'foo.to_json') + + aggregate_failures do + expect(cop.offenses.size).to eq(1) + expect(cop.highlights).to contain_exactly('foo.to_json') + end + end end - context 'to_json with options' do + context '`to_json` with options' do it 'does nothing when provided `only`' do inspect_source(cop, <<~EOS) render json: @issue.to_json(only: [:name, :username]) @@ -102,26 +125,4 @@ describe RuboCop::Cop::Security::ToJson do end end end - - context 'to_json without options' do - it 'does nothing when called with nil receiver' do - inspect_source(cop, 'to_json') - - expect(cop.offenses).to be_empty - end - it 'does nothing when called directly on a Hash' do - inspect_source(cop, '{}.to_json') - - expect(cop.offenses).to be_empty - end - - it 'adds an offense when called on variable' do - inspect_source(cop, 'foo.to_json') - - aggregate_failures do - expect(cop.offenses.size).to eq(1) - expect(cop.highlights).to contain_exactly('foo.to_json') - end - end - end end |