Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 | 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 23139x 23139x 23139x 23139x 23139x 1x 11573x 11573x 11573x 11573x 11573x 34547x 34547x 34547x 34547x 34547x 34547x 34547x 34547x 34547x 34547x 11573x 11573x 11312x 11312x 11573x 11573x 236x 236x 11573x 11573x 244x 244x 244x 11573x 11573x 314x 67x 67x 247x 247x 247x 247x 314x 254x 254x 12x 12x 242x 242x 242x 254x 1378x 1378x 1378x 1378x 1378x 6x 6x 6x 6x 2x 1x 1x 2x 2x 4x 4x 6x 3x 3x 3x 3x 3x 3x 3x 3x 3x 3x 2x 2x 3x 3x 3x 3x 6x 1378x 242x 235x 235x 235x 11573x 11573x | import * as Statements from "../abap/2_statements/statements";
import * as Expressions from "../abap/2_statements/expressions";
import {Issue} from "../issue";
import {BasicRuleConfig} from "./_basic_rule_config";
import {IRule, IRuleMetadata, RuleTag} from "./_irule";
import {IRegistry} from "../_iregistry";
import {IObject} from "../objects/_iobject";
import {ABAPObject} from "../objects/_abap_object";
import {SyntaxLogic} from "../abap/5_syntax/syntax";
import {ISpaghettiScope} from "../abap/5_syntax/_spaghetti_scope";
export class ModifyOnlyOwnDBTablesConf extends BasicRuleConfig {
public reportDynamic: boolean = true;
/** Case insensitve regex for own tables */
public ownTables: string = "^[yz]";
}
export class ModifyOnlyOwnDBTables implements IRule {
private conf = new ModifyOnlyOwnDBTablesConf();
protected reg: IRegistry;
public getMetadata(): IRuleMetadata {
return {
key: "modify_only_own_db_tables",
title: "Modify only own DB tables",
shortDescription: `Modify only own DB tables`,
badExample: `DELETE FROM mara WHERE matnr = '123456'.`,
goodExample: `DELETE FROM yflight WHERE carrid = 'LH'.`,
extendedInformation: `https://docs.abapopenchecks.org/checks/26/`,
tags: [RuleTag.Security],
};
}
public getConfig() {
return this.conf;
}
public setConfig(conf: ModifyOnlyOwnDBTablesConf) {
this.conf = conf;
}
public initialize(reg: IRegistry) {
this.reg = reg;
return this;
}
public run(obj: IObject): readonly Issue[] {
if (!(obj instanceof ABAPObject)) {
return [];
}
let spaghetti: ISpaghettiScope | undefined = undefined;
const output: Issue[] = [];
for (const file of obj.getABAPFiles()) {
const struc = file.getStructure();
if (struc === undefined) {
return [];
}
const regExp = new RegExp(this.getConfig().ownTables, "i");
for (const s of file.getStatements()) {
const g = s.get();
if (g instanceof Statements.DeleteDatabase
|| g instanceof Statements.UpdateDatabase
|| g instanceof Statements.InsertDatabase
|| g instanceof Statements.ModifyDatabase) {
const databaseTable = s.findFirstExpression(Expressions.DatabaseTable);
if (databaseTable === undefined) {
continue;
}
if (databaseTable.getFirstChild()?.get() instanceof Expressions.Dynamic) {
if (this.getConfig().reportDynamic === true) {
output.push(Issue.atStatement(file, s, this.getMetadata().title, this.getMetadata().key, this.getConfig().severity));
}
continue;
}
const concat = databaseTable.concatTokens().toUpperCase();
if (regExp.test(concat) === false) {
// must contain a ReferenceType.TableVoidReference or a ReferenceType.TableReference if its a dependency
if (spaghetti === undefined) {
spaghetti = new SyntaxLogic(this.reg, obj).run().spaghetti;
}
const start = databaseTable.getFirstToken().getStart();
const scope = spaghetti.lookupPosition(start, file.getFilename());
const found1 = scope?.findTableVoidReference(start);
if (found1) {
output.push(Issue.atStatement(file, s, this.getMetadata().title, this.getMetadata().key, this.getConfig().severity));
}
const found2 = scope?.findTableReference(start);
if (found2) {
output.push(Issue.atStatement(file, s, this.getMetadata().title, this.getMetadata().key, this.getConfig().severity));
}
}
}
}
}
return output;
}
}
|