Press n or j to go to the next uncovered block, b, p or k for the previous block.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 | 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 11150x 11150x 11150x 11150x 11150x 11150x 33245x 33245x 33245x 33245x 33245x 33245x 33245x 33245x 33245x 33245x 33245x 33245x 33245x 11150x 11150x 3x 3x 11150x 11150x 10583x 10583x 11150x 11150x 266x 266x 11150x 11150x 283x 283x 283x 2x 2x 281x 281x 283x 20x 20x 261x 283x 1508x 1508x 3x 3x 1508x 261x 261x 11150x 11150x | import {BasicRuleConfig} from "./_basic_rule_config"; import {ABAPRule} from "./_abap_rule"; import {IRuleMetadata, RuleTag} from "./_irule"; import * as Statements from "../abap/2_statements/statements"; import {ABAPFile} from "../abap/abap_file"; import {Issue} from "../issue"; import {ABAPObject} from "../objects/_abap_object"; import {Version} from "../version"; export class CallTransactionAuthorityCheckConf extends BasicRuleConfig { } export class CallTransactionAuthorityCheck extends ABAPRule { private conf = new CallTransactionAuthorityCheckConf(); private readonly MINIMUM_VERSION = Version.v740sp02; public getMetadata(): IRuleMetadata { return { key: "call_transaction_authority_check", title: "Call Transaction Authority-Check", shortDescription: `Checks that usages of CALL TRANSACTION contain an authority-check.`, extendedInformation: `https://docs.abapopenchecks.org/checks/54/`, tags: [RuleTag.Styleguide, RuleTag.SingleFile, RuleTag.Security], badExample: `CALL TRANSACTION 'FOO'.`, goodExample: `TRY. CALL TRANSACTION 'FOO' WITH AUTHORITY-CHECK. CATCH cx_sy_authorization_error. ENDTRY.`, }; } private getMessage(): string { return "Add an authority check to CALL TRANSACTION"; } public getConfig() { return this.conf; } public setConfig(conf: CallTransactionAuthorityCheckConf) { this.conf = conf; } public runParsed(file: ABAPFile, obj: ABAPObject) { const currentVersion = this.reg.getConfig().getVersion(); // Cloud version does not support CALL TRANSACTION if (currentVersion < this.MINIMUM_VERSION || currentVersion === Version.Cloud) { return []; } const issues: Issue[] = []; if (obj.getType() === "INTF") { return []; } for (const statNode of file.getStatements()) { const statement = statNode.get(); if (statement instanceof Statements.CallTransaction && !statNode.concatTokensWithoutStringsAndComments().toUpperCase().includes("WITH AUTHORITY-CHECK")) { issues.push(Issue.atStatement(file, statNode, this.getMessage(), this.getMetadata().key)); } } return issues; } } |