Updated regex

2020-02-24 16:27:12 -08:00
parent c54c9887a9
commit a2aba08c9a
2 changed files with 27 additions and 5 deletions
--- a/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/security/ApexCRUDViolationRule.java
+++ b/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/security/ApexCRUDViolationRule.java
@ -339,8 +339,9 @@ public class ApexCRUDViolationRule extends AbstractApexRule {

    private boolean isWithSecurityEnforced(final AbstractApexNode<?> node){
        if(node instanceof ASTSoqlExpression){
-            String pattern = ".*\\b[Ww][Ii][Tt][Hh] [Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy]_[Ee][Nn][Ff][Oo][Rr][Cc][Ee][Dd]\\b.*";
-            return ((ASTSoqlExpression) node).getQuery().matches(pattern);
+            String pattern = "(?i).*[^']\\s*WITH SECURITY_ENFORCED\\s*[^']*";
+            String query = ((ASTSoqlExpression) node).getQuery();
+            return query.matches(pattern);
        }
        return false;
    }
@ -515,7 +516,6 @@ public class ApexCRUDViolationRule extends AbstractApexRule {
         if (!typeToDMLOperationMapping.containsKey(typeCheck)) {
             if (!isProperESAPICheckForDML(typeCheck, crudMethod))  {
                 if(!isWithSecurityEnforced(node)) {
-
                     addViolation(data, node);
                 }
            }
--- a/pmd-apex/src/test/resources/net/sourceforge/pmd/lang/apex/rule/security/xml/ApexCRUDViolation.xml
+++ b/pmd-apex/src/test/resources/net/sourceforge/pmd/lang/apex/rule/security/xml/ApexCRUDViolation.xml
@ -276,7 +276,7 @@ public class Foo {
 	</test-code>

 	<test-code>
-		<description>Accepts Closure SECURITY ENFORCED 2 </description>
+		<description>Accepts Closure SECURITY ENFORCED in a List </description>
 		<expected-problems>0</expected-problems>
 		<code><![CDATA[
 public class Foo {
@ -288,7 +288,7 @@ public class Foo {
 	</test-code>

 	<test-code>
-		<description>Accepts Closure SECURITY ENFORCED 3 </description>
+		<description>Accepts Closure SECURITY ENFORCED with Case Insensitivity </description>
 		<expected-problems>0</expected-problems>
 		<code><![CDATA[
 public class Foo {
@ -311,7 +311,29 @@ public class Foo {
 } ]]></code>
 	</test-code>

+	<test-code>
+		<description>Accepts Closure SECURITY ENFORCED Not Secured </description>
+		<expected-problems>1</expected-problems>
+		<code><![CDATA[
+public class Foo {
+	public Contact foo() {
+		Contact c = [SELECT Name FROM Contact WHERE Id=: 'WITH SECURITY_ENFORCED'];
+		return c;
+	}
+} ]]></code>
+	</test-code>

+	<test-code>
+		<description>Accepts Closure SECURITY ENFORCED Secured </description>
+		<expected-problems>0</expected-problems>
+		<code><![CDATA[
+public class Foo {
+	public Contact foo(String tempID) {
+		Contact c = [SELECT Name FROM Contact WHERE Name = 'WITH SECURITY_ENFORCED' WITH SECURITY_ENFORCED];
+		return c;
+	}
+} ]]></code>
+	</test-code>

 	<test-code>
 		<description>Proper accessibility CRUD,FLS </description>