Examples with Argument org.sonar.plugins.python.api.tree.Argument used on opensource projects

Search in sources :

Example 1 with Argument

use of org.sonar.plugins.python.api.tree.Argument in project sonar-python by SonarSource.

the class DebugModeCheck method initialize.

@Override
public void initialize(Context context) {
    context.registerSyntaxNodeConsumer(Kind.CALL_EXPR, ctx -> {
        CallExpression callExpression = (CallExpression) ctx.syntaxNode();
        List<Argument> arguments = callExpression.arguments();
        if (!(callExpression.callee() instanceof QualifiedExpression)) {
            return;
        }
        if ("django.conf.settings.configure".equals(getQualifiedName(callExpression)) && !arguments.isEmpty()) {
            arguments.stream().filter(DebugModeCheck::isDebugArgument).forEach(arg -> ctx.addIssue(arg, MESSAGE));
        }
    });
    context.registerSyntaxNodeConsumer(Kind.ASSIGNMENT_STMT, ctx -> {
        if (!settingFiles.contains(ctx.pythonFile().fileName())) {
            return;
        }
        AssignmentStatement assignmentStatementTree = (AssignmentStatement) ctx.syntaxNode();
        for (ExpressionList lhsExpression : assignmentStatementTree.lhsExpressions()) {
            boolean isDebugProperties = lhsExpression.expressions().stream().anyMatch(DebugModeCheck::isDebugIdentifier);
            if (isDebugProperties && isTrueLiteral(assignmentStatementTree.assignedValue())) {
                ctx.addIssue(assignmentStatementTree, MESSAGE);
            }
        }
    });
}
Also used : RegularArgument(org.sonar.plugins.python.api.tree.RegularArgument) Argument(org.sonar.plugins.python.api.tree.Argument) QualifiedExpression(org.sonar.plugins.python.api.tree.QualifiedExpression) AssignmentStatement(org.sonar.plugins.python.api.tree.AssignmentStatement) CallExpression(org.sonar.plugins.python.api.tree.CallExpression) ExpressionList(org.sonar.plugins.python.api.tree.ExpressionList)

Example 2 with Argument

use of org.sonar.plugins.python.api.tree.Argument in project sonar-python by SonarSource.

the class HttpOnlyCookieCheck method searchForFalsySessionCookieHttponlyInDictCons.

private static Optional<Expression> searchForFalsySessionCookieHttponlyInDictCons(CallExpression callExpression) {
    Symbol callee = callExpression.calleeSymbol();
    if (callee != null && "dict".equals(callee.fullyQualifiedName())) {
        for (Argument arg : callExpression.arguments()) {
            if (arg.is(Tree.Kind.REGULAR_ARGUMENT)) {
                RegularArgument regArg = (RegularArgument) arg;
                Name key = regArg.keywordArgument();
                if (key != null && SESSION_COOKIE_HTTPONLY.equals(key.name()) && Expressions.isFalsy(regArg.expression())) {
                    return Optional.of(regArg.expression());
                }
            }
        }
    }
    return Optional.empty();
}
Also used : RegularArgument(org.sonar.plugins.python.api.tree.RegularArgument) Argument(org.sonar.plugins.python.api.tree.Argument) Symbol(org.sonar.plugins.python.api.symbols.Symbol) RegularArgument(org.sonar.plugins.python.api.tree.RegularArgument) Name(org.sonar.plugins.python.api.tree.Name)

Example 3 with Argument

use of org.sonar.plugins.python.api.tree.Argument in project sonar-python by SonarSource.

the class CorsCheck method reportIfAllowOriginIsStar.

private static void reportIfAllowOriginIsStar(SubscriptionContext ctx, CallExpression callExpression) {
    Argument arg0 = callExpression.arguments().get(0);
    Argument arg1 = callExpression.arguments().get(1);
    if (isString(arg0, ALLOW_ORIGIN) && isString(arg1, STAR)) {
        ctx.addIssue(callExpression, MESSAGE);
    }
}
Also used : RegularArgument(org.sonar.plugins.python.api.tree.RegularArgument) Argument(org.sonar.plugins.python.api.tree.Argument)

Example 4 with Argument

use of org.sonar.plugins.python.api.tree.Argument in project sonar-python by SonarSource.

the class CorsCheck method checkFlaskResponse.

private static void checkFlaskResponse(SubscriptionContext ctx) {
    CallExpression callExpression = (CallExpression) ctx.syntaxNode();
    Symbol symbol = callExpression.calleeSymbol();
    if (isSymbol(symbol, "flask.Response") || isSymbol(symbol, "flask.wrappers.Response")) {
        if (callExpression.arguments().size() > 2) {
            Argument argument = callExpression.arguments().get(2);
            reportOnHeader(ctx, argument);
        }
    } else if (isSymbol(symbol, "flask.make_response") || isSymbol(symbol, "flask.helpers.make_response")) {
        if (callExpression.arguments().size() != 1) {
            return;
        }
        Argument argument = callExpression.arguments().get(0);
        if (argument.is(REGULAR_ARGUMENT) && ((RegularArgument) argument).expression().is(TUPLE)) {
            List<Expression> elements = ((Tuple) ((RegularArgument) argument).expression()).elements();
            if (!elements.isEmpty()) {
                reportOnHeader(ctx, elements.get(elements.size() - 1));
            }
        }
    }
}
Also used : RegularArgument(org.sonar.plugins.python.api.tree.RegularArgument) Argument(org.sonar.plugins.python.api.tree.Argument) Symbol(org.sonar.plugins.python.api.symbols.Symbol) ArgList(org.sonar.plugins.python.api.tree.ArgList) ParameterList(org.sonar.plugins.python.api.tree.ParameterList) List(java.util.List) ExpressionList(org.sonar.plugins.python.api.tree.ExpressionList) RegularArgument(org.sonar.plugins.python.api.tree.RegularArgument) CallExpression(org.sonar.plugins.python.api.tree.CallExpression)

Example 5 with Argument

use of org.sonar.plugins.python.api.tree.Argument in project sonar-python by SonarSource.

the class XMLParserXXEVulnerableCheck method checkSettingFeatureGesToTrue.

private static boolean checkSettingFeatureGesToTrue(CallExpression callExpression) {
    List<Argument> arguments = callExpression.arguments();
    if (arguments.size() != 2 || arguments.stream().anyMatch(argument -> !argument.is(Tree.Kind.REGULAR_ARGUMENT))) {
        return false;
    }
    Expression first = ((RegularArgument) arguments.get(0)).expression();
    Expression second = ((RegularArgument) arguments.get(1)).expression();
    if (!(first instanceof HasSymbol)) {
        return false;
    }
    Symbol symbol = ((HasSymbol) first).symbol();
    if (symbol == null) {
        return false;
    }
    return "xml.sax.handler.feature_external_ges".equals(symbol.fullyQualifiedName()) && !Expressions.isFalsy(second);
}
Also used : RegularArgument(org.sonar.plugins.python.api.tree.RegularArgument) Optional.ofNullable(java.util.Optional.ofNullable) PythonSubscriptionCheck(org.sonar.plugins.python.api.PythonSubscriptionCheck) HasSymbol(org.sonar.plugins.python.api.tree.HasSymbol) SubscriptionContext(org.sonar.plugins.python.api.SubscriptionContext) TreeUtils(org.sonar.python.tree.TreeUtils) List(java.util.List) CallExpression(org.sonar.plugins.python.api.tree.CallExpression) QualifiedExpression(org.sonar.plugins.python.api.tree.QualifiedExpression) Argument(org.sonar.plugins.python.api.tree.Argument) NameImpl(org.sonar.python.tree.NameImpl) Expression(org.sonar.plugins.python.api.tree.Expression) Tree(org.sonar.plugins.python.api.tree.Tree) Rule(org.sonar.check.Rule) CheckForNull(javax.annotation.CheckForNull) Symbol(org.sonar.plugins.python.api.symbols.Symbol) Nullable(javax.annotation.Nullable) RegularArgument(org.sonar.plugins.python.api.tree.RegularArgument) Argument(org.sonar.plugins.python.api.tree.Argument) CallExpression(org.sonar.plugins.python.api.tree.CallExpression) QualifiedExpression(org.sonar.plugins.python.api.tree.QualifiedExpression) Expression(org.sonar.plugins.python.api.tree.Expression) HasSymbol(org.sonar.plugins.python.api.tree.HasSymbol) Symbol(org.sonar.plugins.python.api.symbols.Symbol) RegularArgument(org.sonar.plugins.python.api.tree.RegularArgument) HasSymbol(org.sonar.plugins.python.api.tree.HasSymbol)

Aggregations

Argument (org.sonar.plugins.python.api.tree.Argument)22 RegularArgument (org.sonar.plugins.python.api.tree.RegularArgument)21 CallExpression (org.sonar.plugins.python.api.tree.CallExpression)12 Symbol (org.sonar.plugins.python.api.symbols.Symbol)9 Name (org.sonar.plugins.python.api.tree.Name)7 Expression (org.sonar.plugins.python.api.tree.Expression)6 QualifiedExpression (org.sonar.plugins.python.api.tree.QualifiedExpression)5 List (java.util.List)4 ArgList (org.sonar.plugins.python.api.tree.ArgList)3 HasSymbol (org.sonar.plugins.python.api.tree.HasSymbol)3 Tree (org.sonar.plugins.python.api.tree.Tree)3 UnpackingExpression (org.sonar.plugins.python.api.tree.UnpackingExpression)3 Rule (org.sonar.check.Rule)2 PythonSubscriptionCheck (org.sonar.plugins.python.api.PythonSubscriptionCheck)2 FunctionSymbol (org.sonar.plugins.python.api.symbols.FunctionSymbol)2 BinaryExpression (org.sonar.plugins.python.api.tree.BinaryExpression)2 ExpressionList (org.sonar.plugins.python.api.tree.ExpressionList)2 StringLiteral (org.sonar.plugins.python.api.tree.StringLiteral)2 ArrayList (java.util.ArrayList)1 Arrays (java.util.Arrays)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial