Fix #5270: [apex] AvoidNonRestrictiveQueries: Fix regex for detecting LIMIT clause (#5273)

Merge pull request #5273 from adangel:issue-5270
2024-10-24 14:22:25 +02:00 · 2024-10-24 14:22:25 +02:00 · 8f2d47dfb7
commit 8f2d47dfb7
parent e6097d6090 49f2c15b83
5 changed files with 130 additions and 87 deletions
--- a/.all-contributorsrc
+++ b/.all-contributorsrc
@ -7821,6 +7821,15 @@
        "bug"
      ]
    },
+    {
+      "login": "thesunlover",
+      "name": "Iskren Stanislavov",
+      "avatar_url": "https://avatars.githubusercontent.com/u/6734600?v=4",
+      "profile": "https://interop.io/",
+      "contributions": [
+        "bug"
+      ]
+    },
    {
      "login": "gudzpoz",
      "name": "gudzpoz",
--- a/docs/pages/pmd/projectdocs/credits.md
+++ b/docs/pages/pmd/projectdocs/credits.md
--- a/docs/pages/release_notes.md
+++ b/docs/pages/release_notes.md
@ -50,6 +50,8 @@ See [PR #5040](https://github.com/pmd/pmd/pull/5040) for details.
 The old rule names still work but are deprecated.

 ### 🐛 Fixed Issues
+* apex-performance
+  * [#5270](https://github.com/pmd/pmd/issues/5270): \[apex] AvoidNonRestrictiveQueries when LIMIT is followed by bind expression
 * java
  * [#4532](https://github.com/pmd/pmd/issues/4532): \[java] Rule misnomer for JUnit* rules
  * [#5261](https://github.com/pmd/pmd/issues/5261): \[java] Record patterns with empty deconstructor lists lead to NPE
@ -99,6 +101,7 @@ The old rule names still work but are deprecated.
 * [#5264](https://github.com/pmd/pmd/pull/5264): Fix #5261: \[java] Fix NPE with empty pattern list - [Clément Fournier](https://github.com/oowekyala) (@oowekyala)
 * [#5267](https://github.com/pmd/pmd/pull/5267): \[java] Rename rule SwitchStmtsShouldHaveDefault to NonExhaustiveSwitch - [Andreas Dangel](https://github.com/adangel) (@adangel)
 * [#5269](https://github.com/pmd/pmd/pull/5269): Fix #5253: \[java] Support Boolean wrapper class for BooleanGetMethodName rule - [Aryant Tripathi](https://github.com/Aryant-Tripathi) (@Aryant-Tripathi)
+* [#5273](https://github.com/pmd/pmd/pull/5273): Fix #5270: \[apex] AvoidNonRestrictiveQueries: Fix regex for detecting LIMIT clause - [Andreas Dangel](https://github.com/adangel) (@adangel)
 * [#5275](https://github.com/pmd/pmd/pull/5275): Use plugin-classpath to simplify javacc-wrapper.xml - [Andreas Dangel](https://github.com/adangel) (@adangel)
 * [#5278](https://github.com/pmd/pmd/pull/5278): \[java] CouplingBetweenObjects: improve violation message - [Andreas Dangel](https://github.com/adangel) (@adangel)

--- a/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/performance/AvoidNonRestrictiveQueriesRule.java
+++ b/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/performance/AvoidNonRestrictiveQueriesRule.java
@ -24,7 +24,7 @@ import net.sourceforge.pmd.lang.rule.RuleTargetSelector;
 import net.sourceforge.pmd.reporting.RuleContext;

 public class AvoidNonRestrictiveQueriesRule extends AbstractApexRule {
-    private static final Pattern RESTRICTIVE_PATTERN = Pattern.compile("(where\\s+)|(limit\\s+)", Pattern.CASE_INSENSITIVE);
+    private static final Pattern RESTRICTIVE_PATTERN = Pattern.compile("\\b(where|limit)\\b", Pattern.CASE_INSENSITIVE);
    private static final Pattern SELECT_OR_FIND_PATTERN = Pattern.compile("(select\\s+|find\\s+)", Pattern.CASE_INSENSITIVE);
    private static final Pattern SUB_QUERY_PATTERN = Pattern.compile("(?i)\\(\\s*select\\s+[^)]+\\)");

--- a/pmd-apex/src/test/resources/net/sourceforge/pmd/lang/apex/rule/performance/xml/AvoidNonRestrictiveQueries.xml
+++ b/pmd-apex/src/test/resources/net/sourceforge/pmd/lang/apex/rule/performance/xml/AvoidNonRestrictiveQueries.xml
@ -260,6 +260,36 @@ public class Something {
          .isEmpty();
  }
 }
+]]></code>
+    </test-code>
+
+    <test-code>
+        <description>[apex] AvoidNonRestrictiveQueries when LIMIT is followed by bind expression #5270</description>
+        <expected-problems>0</expected-problems>
+        <code><![CDATA[
+public with sharing class DemoController {
+    public static final Integer LIMIT_ACCOUNTS = 2;
+    @AuraEnabled
+    public static List<Account> getTwoAccounts() {
+        List<Account> result = [
+            SELECT Id, Name FROM Account WITH SECURITY_ENFORCED
+            LIMIT:LIMIT_ACCOUNTS // note: no spaces... - false positive here
+        ];
+        List<Account> result2 = [
+            SELECT Id, Name FROM Account WITH SECURITY_ENFORCED
+            LIMIT :LIMIT_ACCOUNTS
+        ];
+        List<Account> result3 = [
+            SELECT Id, Name FROM Account WITH SECURITY_ENFORCED
+            LIMIT : LIMIT_ACCOUNTS
+        ];
+
+        // sosl:
+        List<List<SObject>> searchList = [FIND 'map*' IN ALL FIELDS RETURNING Account (Id, Name), Contact, Opportunity, Lead LIMIT:LIMIT_ACCOUNTS];
+
+        return result;
+    }
+}
 ]]></code>
    </test-code>
 </test-data>