From 6b0a2a1ffa8e8f26ddc5272fb386211c7f947803 Mon Sep 17 00:00:00 2001 From: Andreas Dangel Date: Fri, 6 Sep 2024 18:41:25 +0200 Subject: [PATCH] [apex] Fix ApexCRUDViolation for triggers --- .../rule/security/ApexCRUDViolationRule.java | 23 +++++++++++- .../rule/security/xml/ApexCRUDViolation.xml | 37 +++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) diff --git a/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/security/ApexCRUDViolationRule.java b/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/security/ApexCRUDViolationRule.java index d705a8cb32..21257734fe 100644 --- a/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/security/ApexCRUDViolationRule.java +++ b/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/security/ApexCRUDViolationRule.java @@ -823,9 +823,30 @@ public class ApexCRUDViolationRule extends AbstractApexRule { StringBuilder typeCheck = new StringBuilder().append(variableDeclFor.getDefiningType()) .append(":").append(type); - validateCRUDCheckPresent(node, data, ANY, typeCheck.toString()); + violationAdded = validateCRUDCheckPresent(node, data, ANY, typeCheck.toString()); } + } else { + for (String typeFromSOQL : typesFromSOQL) { + violationAdded |= validateCRUDCheckPresent(node, data, ANY, typeFromSOQL); + } + } + } + + // If the node's already in violation, we don't need to keep checking. + if (violationAdded) { + return; + } + + final ASTFieldDeclarationStatements fieldDeclarationStatements = node.ancestors(ASTFieldDeclarationStatements.class).first(); + if (fieldDeclarationStatements != null) { + String type = fieldDeclarationStatements.getTypeName(); + type = getSimpleType(type); + StringBuilder typeCheck = new StringBuilder().append(fieldDeclarationStatements.getDefiningType()) + .append(":").append(type); + + if (typesFromSOQL.isEmpty()) { + validateCRUDCheckPresent(node, data, ANY, typeCheck.toString()); } else { for (String typeFromSOQL : typesFromSOQL) { validateCRUDCheckPresent(node, data, ANY, typeFromSOQL); diff --git a/pmd-apex/src/test/resources/net/sourceforge/pmd/lang/apex/rule/security/xml/ApexCRUDViolation.xml b/pmd-apex/src/test/resources/net/sourceforge/pmd/lang/apex/rule/security/xml/ApexCRUDViolation.xml index 7d5ec7d018..9be853be4a 100644 --- a/pmd-apex/src/test/resources/net/sourceforge/pmd/lang/apex/rule/security/xml/ApexCRUDViolation.xml +++ b/pmd-apex/src/test/resources/net/sourceforge/pmd/lang/apex/rule/security/xml/ApexCRUDViolation.xml @@ -1823,6 +1823,43 @@ public void coverAllCasesWithTest() { update as user c2; } } +]]> + + + + SOQL and Update within trigger (#5138) + 2 + 6,14 + tasks = new List(); + for (DataGeneratorStep__e event : Trigger.New) { + GenerateDataTask__c task = [SELECT Id, TaskStatus__c FROM GenerateDataTask__c WHERE Id=:event.SObjectId__c LIMIT 1]; + + if (task.TaskStatus__c != 'CREATED_ORDERS') { + task.TaskStatus__c = event.Status__c; + tasks.add(task); + } + } + + update tasks; +} +]]> + + + + SOQL in trigger (#5138) + 1 + 3 +