All files / src/rules call_transaction_authority_check.ts

100% Statements 65/65
100% Branches 15/15
100% Functions 6/6
100% Lines 65/65

Press n or j to go to the next uncovered block, b, p or k for the previous block. 



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
651x
1x
1x
1x
1x
1x
1x
1x
1x
1x
1x
11284x
11284x
11284x
11284x
11284x
11284x
33684x
33684x
33684x
33684x
33684x
33684x
33684x
33684x
33684x
33684x
33684x
33684x
33684x
11284x
11284x
3x
3x
11284x
11284x
10791x
10791x
11284x
11284x
229x
229x
11284x
11284x
246x
246x
246x
2x
2x
244x
244x
246x
20x
20x
224x
246x
1294x
1294x
3x
3x
1294x
224x
224x
11284x
11284x
import {BasicRuleConfig} from "./_basic_rule_config";
import {ABAPRule} from "./_abap_rule";
import {IRuleMetadata, RuleTag} from "./_irule";
import * as Statements from "../abap/2_statements/statements";
import {ABAPFile} from "../abap/abap_file";
import {Issue} from "../issue";
import {ABAPObject} from "../objects/_abap_object";
import {Version} from "../version";
 
export class CallTransactionAuthorityCheckConf extends BasicRuleConfig {
}
export class CallTransactionAuthorityCheck extends ABAPRule {
 
  private conf = new CallTransactionAuthorityCheckConf();
  private readonly MINIMUM_VERSION = Version.v740sp02;
 
  public getMetadata(): IRuleMetadata {
    return {
      key: "call_transaction_authority_check",
      title: "Call Transaction Authority-Check",
      shortDescription: `Checks that usages of CALL TRANSACTION contain an authority-check.`,
      extendedInformation: `https://docs.abapopenchecks.org/checks/54/`,
      tags: [RuleTag.Styleguide, RuleTag.SingleFile, RuleTag.Security],
      badExample: `CALL TRANSACTION 'FOO'.`,
      goodExample: `TRY.
    CALL TRANSACTION 'FOO' WITH AUTHORITY-CHECK.
  CATCH cx_sy_authorization_error.
ENDTRY.`,
    };
  }
 
  private getMessage(): string {
    return "Add an authority check to CALL TRANSACTION";
  }
 
  public getConfig() {
    return this.conf;
  }
 
  public setConfig(conf: CallTransactionAuthorityCheckConf) {
    this.conf = conf;
  }
 
  public runParsed(file: ABAPFile, obj: ABAPObject) {
    const currentVersion = this.reg.getConfig().getVersion();
    // Cloud version does not support CALL TRANSACTION
    if (currentVersion < this.MINIMUM_VERSION || currentVersion === Version.Cloud) {
      return [];
    }
    const issues: Issue[] = [];
 
    if (obj.getType() === "INTF") {
      return [];
    }
 
    for (const statNode of file.getStatements()) {
      const statement = statNode.get();
      if (statement instanceof Statements.CallTransaction && !statNode.concatTokensWithoutStringsAndComments().toUpperCase().includes("WITH AUTHORITY-CHECK")) {
        issues.push(Issue.atStatement(file, statNode, this.getMessage(), this.getMetadata().key));
      }
    }
    return issues;
  }
 
}
Code coverage generated by istanbul at 2025-11-17T14:50:34.522Z