All files / src/rules call_transaction_authority_check.ts

100% Statements 20/20
100% Branches 6/6
100% Functions 6/6
100% Lines 20/20

Press n or j to go to the next uncovered block, b, p or k for the previous block.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 551x 1x 1x 1x   1x     1x   1x   7265x     21661x                       2x       7008x       114x       131x   131x 10x     121x 683x 683x 2x     121x      
import {BasicRuleConfig} from "./_basic_rule_config";
import {ABAPRule} from "./_abap_rule";
import {IRuleMetadata, RuleTag} from "./_irule";
import * as Statements from "../abap/2_statements/statements";
import {ABAPFile} from "../abap/abap_file";
import {Issue} from "../issue";
import {ABAPObject} from "../objects/_abap_object";
 
export class CallTransactionAuthorityCheckConf extends BasicRuleConfig {
}
export class CallTransactionAuthorityCheck extends ABAPRule {
 
  private conf = new CallTransactionAuthorityCheckConf();
 
  public getMetadata(): IRuleMetadata {
    return {
      key: "call_transaction_authority_check",
      title: "Call Transaction Authority-Check",
      shortDescription: `Checks that usages of CALL TRANSACTION contain an authority-check.`,
      extendedInformation: `https://docs.abapopenchecks.org/checks/54/`,
      tags: [RuleTag.Styleguide, RuleTag.SingleFile, RuleTag.Security],
      badExample: `CALL TRANSACTION 'FOO'.`,
      goodExample: `CALL TRANSACTION 'FOO' WITH AUTHORITY-CHECK.`,
    };
  }
 
  private getMessage(): string {
    return "Add an authority check to CALL TRANSACTION";
  }
 
  public getConfig() {
    return this.conf;
  }
 
  public setConfig(conf: CallTransactionAuthorityCheckConf) {
    this.conf = conf;
  }
 
  public runParsed(file: ABAPFile, obj: ABAPObject) {
    const issues: Issue[] = [];
 
    if (obj.getType() === "INTF") {
      return [];
    }
 
    for (const statNode of file.getStatements()) {
      const statement = statNode.get();
      if (statement instanceof Statements.CallTransaction && !statNode.concatTokensWithoutStringsAndComments().toUpperCase().includes("WITH AUTHORITY-CHECK")) {
        issues.push(Issue.atStatement(file, statNode, this.getMessage(), this.getMetadata().key));
      }
    }
    return issues;
  }
 
}