phoedos/pmd
1
1
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed more style changes and improved logic

Browse Source
This commit is contained in:
Joshua Arquilevich
2020-03-12 14:06:13 -07:00
parent 7b34f04be1
commit be72ec153d
1 changed files with 13 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/security/ApexCRUDViolationRule.java
View File

@ -340,16 +340,11 @@ public class ApexCRUDViolationRule extends AbstractApexRule {
} }
private boolean isWithSecurityEnforced(final AbstractApexNode<?> node) { private boolean isWithSecurityEnforced(final AbstractApexNode<?> node) {
// if (node instanceof ASTSoqlExpression) { if (node instanceof ASTSoqlExpression) {
// String pattern = "(?i).*[^']\\s*WITH SECURITY_ENFORCED\\s*[^']*"; boolean temp = WITH_SECURITY_ENFORCED.matcher(((ASTSoqlExpression) node).getQuery()).matches();
// String query = ((ASTSoqlExpression) node).getQuery(); return temp;//WITH_SECURITY_ENFORCED.matcher(((ASTSoqlExpression) node).getQuery()).matches();
// return query.matches(pattern); }
// } return false;
// return false;
if (node instanceof ASTSoqlExpression) {
return WITH_SECURITY_ENFORCED.matcher(((ASTSoqlExpression) node).getQuery()).matches();
}
return false;
} }
private String getType(final ASTMethodCallExpression methodNode) { private String getType(final ASTMethodCallExpression methodNode) {
@ -517,13 +512,16 @@ public class ApexCRUDViolationRule extends AbstractApexRule {
} }
private void validateCRUDCheckPresent(final AbstractApexNode<?> node, final Object data, final String crudMethod, private void validateCRUDCheckPresent(final AbstractApexNode<?> node, final Object data, final String crudMethod,
final String typeCheck) { final String typeCheck) {
if (!typeToDMLOperationMapping.containsKey(typeCheck)) { boolean missingKey = !typeToDMLOperationMapping.containsKey(typeCheck);
if (!isProperESAPICheckForDML(typeCheck, crudMethod)) { boolean isImproperDMLCheck = !isProperESAPICheckForDML(typeCheck, crudMethod);
if (!isWithSecurityEnforced(node)) { boolean noSecurityEnforced = !isWithSecurityEnforced(node);
addViolation(data, node); if (missingKey) {
} //if condition returns true, add violation, otherwise return.
if (isImproperDMLCheck && noSecurityEnforced) {
addViolation(data, node);
} }
} else { } else {
boolean properChecksHappened = false; boolean properChecksHappened = false;