Examples with ASTVariableExpression net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression used on opensource projects

Example 1 with ASTVariableExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression in project pmd by pmd.

the class ApexCRUDViolationRule method checkForAccessibility.

private void checkForAccessibility(final ASTSoqlExpression node, Object data) {
    final boolean isCount = node.getNode().getCanonicalQuery().startsWith("SELECT COUNT()");
    final Set<String> typesFromSOQL = getTypesFromSOQLQuery(node);
    final Set<ASTMethodCallExpression> prevCalls = getPreviousMethodCalls(node);
    for (ASTMethodCallExpression prevCall : prevCalls) {
        collectCRUDMethodLevelChecks(prevCall);
    }
    boolean isGetter = false;
    String returnType = null;
    final ASTMethod wrappingMethod = node.getFirstParentOfType(ASTMethod.class);
    final ASTUserClass wrappingClass = node.getFirstParentOfType(ASTUserClass.class);
    if (isCount || wrappingClass != null && Helper.isTestMethodOrClass(wrappingClass) || wrappingMethod != null && Helper.isTestMethodOrClass(wrappingMethod)) {
        return;
    }
    if (wrappingMethod != null) {
        isGetter = isMethodAGetter(wrappingMethod);
        returnType = getReturnType(wrappingMethod);
    }
    final ASTVariableDeclaration variableDecl = node.getFirstParentOfType(ASTVariableDeclaration.class);
    if (variableDecl != null) {
        String type = variableDecl.getNode().getLocalInfo().getType().getApexName();
        type = getSimpleType(type);
        StringBuilder typeCheck = new StringBuilder().append(variableDecl.getNode().getDefiningType().getApexName()).append(":").append(type);
        if (!isGetter) {
            if (typesFromSOQL.isEmpty()) {
                validateCRUDCheckPresent(node, data, ANY, typeCheck.toString());
            } else {
                for (String typeFromSOQL : typesFromSOQL) {
                    validateCRUDCheckPresent(node, data, ANY, typeFromSOQL);
                }
            }
        }
    }
    final ASTAssignmentExpression assignment = node.getFirstParentOfType(ASTAssignmentExpression.class);
    if (assignment != null) {
        final ASTVariableExpression variable = assignment.getFirstChildOfType(ASTVariableExpression.class);
        if (variable != null) {
            String variableWithClass = Helper.getFQVariableName(variable);
            if (varToTypeMapping.containsKey(variableWithClass)) {
                String type = varToTypeMapping.get(variableWithClass);
                if (!isGetter) {
                    if (typesFromSOQL.isEmpty()) {
                        validateCRUDCheckPresent(node, data, ANY, type);
                    } else {
                        for (String typeFromSOQL : typesFromSOQL) {
                            validateCRUDCheckPresent(node, data, ANY, typeFromSOQL);
                        }
                    }
                }
            }
        }
    }
    final ASTReturnStatement returnStatement = node.getFirstParentOfType(ASTReturnStatement.class);
    if (returnStatement != null) {
        if (!isGetter) {
            if (typesFromSOQL.isEmpty()) {
                validateCRUDCheckPresent(node, data, ANY, returnType);
            } else {
                for (String typeFromSOQL : typesFromSOQL) {
                    validateCRUDCheckPresent(node, data, ANY, typeFromSOQL);
                }
            }
        }
    }
}

Example 2 with ASTVariableExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression in project pmd by pmd.

the class ApexCRUDViolationRule method checkForCRUD.

private void checkForCRUD(final AbstractApexNode<?> node, final Object data, final String crudMethod) {
    final Set<ASTMethodCallExpression> prevCalls = getPreviousMethodCalls(node);
    for (ASTMethodCallExpression prevCall : prevCalls) {
        collectCRUDMethodLevelChecks(prevCall);
    }
    final ASTMethod wrappingMethod = node.getFirstParentOfType(ASTMethod.class);
    final ASTUserClass wrappingClass = node.getFirstParentOfType(ASTUserClass.class);
    if (wrappingClass != null && Helper.isTestMethodOrClass(wrappingClass) || wrappingMethod != null && Helper.isTestMethodOrClass(wrappingMethod)) {
        return;
    }
    final ASTNewKeyValueObjectExpression newObj = node.getFirstChildOfType(ASTNewKeyValueObjectExpression.class);
    if (newObj != null) {
        final String type = Helper.getFQVariableName(newObj);
        validateCRUDCheckPresent(node, data, crudMethod, type);
    }
    final ASTVariableExpression variable = node.getFirstChildOfType(ASTVariableExpression.class);
    if (variable != null) {
        final String type = varToTypeMapping.get(Helper.getFQVariableName(variable));
        if (type != null) {
            StringBuilder typeCheck = new StringBuilder().append(node.getNode().getDefiningType().getApexName()).append(":").append(type);
            validateCRUDCheckPresent(node, data, crudMethod, typeCheck.toString());
        }
    }
}

Example 3 with ASTVariableExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression in project pmd by pmd.

the class ApexCRUDViolationRule method extractObjectTypeFromESAPI.

private void extractObjectTypeFromESAPI(final ASTMethodCallExpression node, final String dmlOperation) {
    final ASTVariableExpression var = node.getFirstChildOfType(ASTVariableExpression.class);
    if (var != null) {
        final ASTReferenceExpression reference = var.getFirstChildOfType(ASTReferenceExpression.class);
        if (reference != null) {
            List<Identifier> identifiers = reference.getNode().getNames();
            if (identifiers.size() == 1) {
                StringBuilder sb = new StringBuilder().append(node.getNode().getDefiningType().getApexName()).append(":").append(identifiers.get(0).getValue());
                checkedTypeToDMLOperationViaESAPI.put(sb.toString(), dmlOperation);
            }
        }
    }
}

Example 4 with ASTVariableExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression in project pmd by pmd.

the class ApexInsecureEndpointRule method findInsecureEndpoints.

private void findInsecureEndpoints(AbstractApexNode<?> node) {
    ASTVariableExpression variableNode = node.getFirstChildOfType(ASTVariableExpression.class);
    findInnerInsecureEndpoints(node, variableNode);
    ASTBinaryExpression binaryNode = node.getFirstChildOfType(ASTBinaryExpression.class);
    if (binaryNode != null) {
        findInnerInsecureEndpoints(binaryNode, variableNode);
    }
}

Example 5 with ASTVariableExpression

use of net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression in project pmd by pmd.

the class ApexInsecureEndpointRule method runChecks.

private void runChecks(AbstractApexNode<?> node, Object data) {
    ASTLiteralExpression literalNode = node.getFirstChildOfType(ASTLiteralExpression.class);
    if (literalNode != null) {
        Object o = literalNode.getNode().getLiteral();
        if (o instanceof String) {
            String literal = (String) o;
            if (PATTERN.matcher(literal).matches()) {
                addViolation(data, literalNode);
            }
        }
    }
    ASTVariableExpression variableNode = node.getFirstChildOfType(ASTVariableExpression.class);
    if (variableNode != null) {
        if (httpEndpointStrings.contains(Helper.getFQVariableName(variableNode))) {
            addViolation(data, variableNode);
        }
    }
}