Merge pull request #495 from StefanMaron/development

Prep for SecretText on IsolatedStorage
StefanMaron · Jan 9, 2024 · f06fd8a · f06fd8a
2 parents 1eaead2 + a7aebe6
commit f06fd8a
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 3 deletions.
diff --git a/Design/Rule0043SecretText.cs b/Design/Rule0043SecretText.cs
@@ -11,14 +11,56 @@ public class Rule0043SecretText : DiagnosticAnalyzer
         public override ImmutableArray<DiagnosticDescriptor> SupportedDiagnostics { get; } = ImmutableArray.Create<DiagnosticDescriptor>(DiagnosticDescriptors.Rule0043SecretText);
 
         private static readonly string authorization = "Authorization";
+
         private static readonly List<string> buildInMethodNames = new List<string>
         {
             "add",
             "getvalues",
             "tryaddwithoutvalidation"
         };
 
-        public override void Initialize(AnalysisContext context) => context.RegisterOperationAction(new Action<OperationAnalysisContext>(this.AnalyzeHttpObjects), OperationKind.InvocationExpression);
+        public override void Initialize(AnalysisContext context)
+        {
+            context.RegisterOperationAction(new Action<OperationAnalysisContext>(this.AnalyzeHttpObjects), OperationKind.InvocationExpression);
+            // TODO: enable after Spring2024OrGreater release
+            // context.RegisterOperationAction(new Action<OperationAnalysisContext>(this.AnalyzeIsolatedStorage), OperationKind.InvocationExpression);
+        }
+
+        private void AnalyzeIsolatedStorage(OperationAnalysisContext ctx)
+        {
+            // TODO: enable after Spring2024OrGreater release
+            // if (!VersionChecker.IsSupported(ctx.ContainingSymbol, VersionCompatibility.Spring2024OrGreater)) return;
+
+            if (ctx.ContainingSymbol.GetContainingObjectTypeSymbol().IsObsoletePending || ctx.ContainingSymbol.GetContainingObjectTypeSymbol().IsObsoleteRemoved) return;
+            if (ctx.ContainingSymbol.IsObsoletePending || ctx.ContainingSymbol.IsObsoleteRemoved) return;
+
+            IInvocationExpression operation = (IInvocationExpression)ctx.Operation;
+            if (operation.Arguments.Count() < 3) return;
+
+            IMethodSymbol targetMethod = operation.TargetMethod;
+            if (targetMethod == null || targetMethod.ContainingSymbol.Kind != SymbolKind.Class) return;
+            if (!SemanticFacts.IsSameName(targetMethod.ContainingSymbol.Name, "IsolatedStorage")) return;
+
+            int argumentIndex;
+            switch (operation.TargetMethod.Name.ToLowerInvariant())
+            {
+                case "get":
+                    argumentIndex = 2;
+                    break;
+                case "set":
+                case "setencrypted":
+                    argumentIndex = 1;
+                    break;
+                default:
+                    argumentIndex = -1;
+                    break;
+            }
+
+            if (argumentIndex == -1) return;
+
+            if (!IsArgumentOfTypeSecretText(operation.Arguments[argumentIndex]))
+                ctx.ReportDiagnostic(Diagnostic.Create(DiagnosticDescriptors.Rule0043SecretText, ctx.Operation.Syntax.GetLocation()));
+        }
 
         private void AnalyzeHttpObjects(OperationAnalysisContext ctx)
         {
@@ -51,10 +93,15 @@ private void AnalyzeHttpObjects(OperationAnalysisContext ctx)
 
             if (!IsAuthorizationArgument(operation.Arguments[0])) return;
 
-            if (operation.Arguments[1].Parameter.OriginalDefinition.GetTypeSymbol().GetNavTypeKindSafe() != NavTypeKind.SecretText)
+            if (!IsArgumentOfTypeSecretText(operation.Arguments[1]))
                 ctx.ReportDiagnostic(Diagnostic.Create(DiagnosticDescriptors.Rule0043SecretText, ctx.Operation.Syntax.GetLocation()));
         }
 
+        private bool IsArgumentOfTypeSecretText(IArgument argument)
+        {
+            return argument.Parameter.OriginalDefinition.GetTypeSymbol().GetNavTypeKindSafe() == NavTypeKind.SecretText;
+        }
+
         private static bool IsAuthorizationArgument(IArgument argument)
         {
             switch (argument.Syntax.Kind)

diff --git a/Design/Rule0050SetFilterOperatorCharInFilterExpression.cs b/Design/Rule0050SetFilterOperatorCharInFilterExpression.cs
@@ -41,7 +41,7 @@ private void CheckParameter(IOperation operand, ref IInvocationExpression operat
 
             string parameterString = operand.Syntax.ToFullString();
 
-            string pattern = @"%\d+"; // Only when a %1 is used in the filter expression the unsupported operators are threaded as a literal character
+            string pattern = @"%\d+"; // Only when a %1 is used in the filter expression the unsupported operators are treated as a literal character
             Regex regex = new Regex(pattern);
             if (!regex.IsMatch(parameterString)) return;