sonarqube-plugins
/
sonar-keyware
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修复:单元测试时部分规则ID找不到的问题

Browse Source
wuhaoyang
Guo XIn 8 months ago
parent c47ab1eacb
commit 219eb4ab20
2 changed files with 21 additions and 33 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 52
      sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/checkers/RedirectUrlChecker.java
  2. 2
      sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/checkers/UploadFileVerifyChecker.java

52
sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/checkers/RedirectUrlChecker.java
Unescape View File

@ -38,7 +38,7 @@ public class RedirectUrlChecker extends IssuableSubscriptionVisitor {
// 判断方法的返回节点的类型为RedirectView 或 String 类型 // 判断方法的返回节点的类型为RedirectView 或 String 类型
if ("RedirectView".equals(methodTree.returnType().toString())) { if ("RedirectView".equals(methodTree.returnType().toString())) {
// 传递上下文,和方法的参数列表 // 传递上下文,和方法的参数列表
new RedirectViewCheckVisitor(this, parameters).check(block); block.accept(new RedirectViewCheckVisitor(this, parameters));
} else if ("String".equals(methodTree.returnType().toString())) { } else if ("String".equals(methodTree.returnType().toString())) {
checkByStringType(block, parameters); checkByStringType(block, parameters);
} }
@ -110,7 +110,7 @@ public class RedirectUrlChecker extends IssuableSubscriptionVisitor {
} }
static class RedirectViewCheckVisitor extends IssuableSubscriptionVisitor { static class RedirectViewCheckVisitor extends BaseTreeVisitor {
private final RedirectUrlChecker checker; private final RedirectUrlChecker checker;
// 方法的参数列表 // 方法的参数列表
private final List<? extends VariableTree> methodParameters; private final List<? extends VariableTree> methodParameters;
@ -120,40 +120,28 @@ public class RedirectUrlChecker extends IssuableSubscriptionVisitor {
this.methodParameters = parameters; this.methodParameters = parameters;
} }
public void check(Tree block) {
this.scanTree(block);
}
@Override @Override
public List<Tree.Kind> nodesToVisit() { public void visitNewClass(NewClassTree classTree) {
// 订阅new class和 函数调用的节点 // 判断是否为RedirectView,如果是,则判断是否有参数,如果有参数,则判断参数的类型是否由方法传递进来的
var nodeType = new Tree.Kind[]{Tree.Kind.NEW_CLASS, Tree.Kind.METHOD_INVOCATION}; String name = classTree.identifier().toString();
return Arrays.asList(nodeType); if ("RedirectView".equals(name)) {
if (classTree.arguments().size() > 0) {
// 获取第一个参数语法树节点
ExpressionTree argNode = classTree.arguments().get(0);
checkArgs(argNode, classTree);
}
}
} }
@Override @Override
public void visitNode(Tree tree) { public void visitMethodInvocation(MethodInvocationTree invocationTree) {
if (tree.is(Tree.Kind.NEW_CLASS)) { ExpressionTree expressionTree = invocationTree.methodSelect();
NewClassTree classTree = (NewClassTree) tree; if (expressionTree instanceof MemberSelectExpressionTree) {
// 判断是否为RedirectView,如果是,则判断是否有参数,如果有参数,则判断参数的类型是否由方法传递进来的 MemberSelectExpressionTree member = (MemberSelectExpressionTree) expressionTree;
String name = classTree.identifier().toString(); if (member.expression().symbolType().is("RedirectView")
if ("RedirectView".equals(name)) { && "setUrl".equals(member.identifier().name())) {
if (classTree.arguments().size() > 0) { ExpressionTree argNode = invocationTree.arguments().get(0);
// 获取第一个参数语法树节点 checkArgs(argNode, invocationTree);
ExpressionTree argNode = classTree.arguments().get(0);
checkArgs(argNode, tree);
}
}
} else {
MethodInvocationTree invocationTree = (MethodInvocationTree) tree;
ExpressionTree expressionTree = invocationTree.methodSelect();
if (expressionTree instanceof MemberSelectExpressionTree) {
MemberSelectExpressionTree member = (MemberSelectExpressionTree) expressionTree;
if (member.expression().symbolType().is("RedirectView")
&& "setUrl".equals(member.identifier().name())) {
ExpressionTree argNode = invocationTree.arguments().get(0);
checkArgs(argNode, tree);
}
} }
} }
} }

2
sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/checkers/UploadFileVerifyChecker.java
Unescape View File

@ -20,7 +20,7 @@ import java.util.List;
* @date 2024/1/8 * @date 2024/1/8
*/ */
@Rule(key = "UploadFileVerify") @Rule(key = "UploadFileVerifyChecker")
public class UploadFileVerifyChecker extends IssuableSubscriptionVisitor { public class UploadFileVerifyChecker extends IssuableSubscriptionVisitor {
private final String value = "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型"; private final String value = "程序设计时,应以“白名单”方式限制允许用户上传的文件的类型";

Write Preview
Loading…
Cancel
Save