Press n or j to go to the next uncovered block, b, p or k for the previous block.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 | 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 1x 10895x 10895x 10895x 10895x 32507x 32507x 32507x 32507x 32507x 32507x 32507x 32507x 32507x 32507x 10895x 10895x 10347x 10347x 10895x 10895x 258x 258x 10895x 10895x 293x 293x 293x 293x 23x 23x 270x 270x 293x 270x 293x 1464x 1464x 1464x 1464x 1464x 1464x 25x 25x 12x 12x 12x 7x 7x 7x 7x 7x 7x 7x 12x 25x 25x 16x 16x 10x 10x 6x 6x 6x 16x 16x 16x 16x 16x 25x 1464x 270x 270x 270x 10895x | import * as Statements from "../abap/2_statements/statements"; import * as Expressions from "../abap/2_statements/expressions"; import {Issue} from "../issue"; import {ABAPRule} from "./_abap_rule"; import {BasicRuleConfig} from "./_basic_rule_config"; import {Version} from "../version"; import {RuleTag, IRuleMetadata} from "./_irule"; import {ABAPFile} from "../abap/abap_file"; import {ABAPObject} from "../objects/_abap_object"; import {EditHelper} from "../edit_helper"; export class SQLEscapeHostVariablesConf extends BasicRuleConfig { } export class SQLEscapeHostVariables extends ABAPRule { private conf = new SQLEscapeHostVariablesConf(); public getMetadata(): IRuleMetadata { return { key: "sql_escape_host_variables", title: "Escape SQL host variables", shortDescription: `Escape SQL host variables, from 740sp05`, extendedInformation: `https://github.com/SAP/styleguides/blob/main/clean-abap/CleanABAP.md#avoid-obsolete-language-elements`, tags: [RuleTag.Upport, RuleTag.Styleguide, RuleTag.Quickfix, RuleTag.Syntax], badExample: `SELECT * FROM tab INTO TABLE res WHERE field = val.`, goodExample: `SELECT * FROM tab INTO TABLE @res WHERE field = @val.`, }; } public getConfig() { return this.conf; } public setConfig(conf: SQLEscapeHostVariablesConf) { this.conf = conf; } public runParsed(file: ABAPFile, obj: ABAPObject) { const issues: Issue[] = []; const type = obj.getType(); if (type === "INTF" || type === "TYPE") { return []; } if (this.reg.getConfig().getVersion() < Version.v740sp02 && this.reg.getConfig().getVersion() !== Version.Cloud) { return []; } for (const s of file.getStatements()) { if (s.get() instanceof Statements.UpdateDatabase || s.get() instanceof Statements.ModifyDatabase || s.get() instanceof Statements.Select || s.get() instanceof Statements.SelectLoop || s.get() instanceof Statements.InsertDatabase || s.get() instanceof Statements.DeleteDatabase) { for (const o of s.findAllExpressionsMulti([Expressions.SQLSource, Expressions.SQLSourceSimple])) { const first = o.getFirstChild(); if ((first?.get() instanceof Expressions.Source && first.getChildren()[0].get() instanceof Expressions.FieldChain) || (first?.get() instanceof Expressions.SimpleSource3 && first.getChildren()[0].get() instanceof Expressions.FieldChain)) { const message = "Escape SQL host variables"; const firstToken = o.getFirstChild()!.getFirstToken(); const fix = EditHelper.replaceToken(file, firstToken, "@" + firstToken?.getStr()); const issue = Issue.atToken(file, first.getFirstToken(), message, this.getMetadata().key, this.conf.severity, fix); issues.push(issue); break; } } for (const o of s.findAllExpressions(Expressions.SQLTarget)) { const escaped = o.findDirectTokenByText("@"); if (escaped !== undefined) { continue; } const message = "Escape SQL host variables"; const firstToken = o.getFirstChild()!.getFirstToken(); const fix = EditHelper.replaceToken(file, firstToken, "@" + firstToken?.getStr()); const issue = Issue.atToken(file, o.getFirstToken(), message, this.getMetadata().key, this.conf.severity, fix); issues.push(issue); break; } } } return issues; } } |