diff --git a/.gitignore b/.gitignore index 2e34aaf..341e717 100644 --- a/.gitignore +++ b/.gitignore @@ -8,4 +8,5 @@ atlassian-ide-plugin.xml .classpath .project .settings/ -.java-version \ No newline at end of file +.java-version +.DS_Store \ No newline at end of file diff --git a/src/main/java/com/cognifide/aemrules/htl/checks/DefaultDisplayContextCheck.java b/src/main/java/com/cognifide/aemrules/htl/checks/DefaultDisplayContextCheck.java index f287c4a..a7ca95f 100644 --- a/src/main/java/com/cognifide/aemrules/htl/checks/DefaultDisplayContextCheck.java +++ b/src/main/java/com/cognifide/aemrules/htl/checks/DefaultDisplayContextCheck.java @@ -21,13 +21,14 @@ import com.cognifide.aemrules.metadata.Metadata; import com.cognifide.aemrules.tag.Tags; -import com.cognifide.aemrules.utils.MultiMap; import com.cognifide.aemrules.version.AemVersion; import org.sonar.check.Priority; import org.sonar.check.Rule; import org.sonar.plugins.html.node.TagNode; import java.util.Collection; +import java.util.List; +import java.util.Map; import java.util.regex.Pattern; @Rule( @@ -52,36 +53,35 @@ public class DefaultDisplayContextCheck extends AbstractHtlCheck { private static final String VIOLATION_MESSAGE = "Explicitly using default display context, please remove display context from expression"; - private static final MultiMap TAG_ATTRIBUTE_MAPPING = MultiMap.builder(m -> { - m.add("form", "action"); - m.add("blockquote", "cite"); - m.add("del", "cite"); - m.add("ins", "cite"); - m.add("q", "cite"); - m.add("object", "data"); - m.add("button", "formaction"); - m.add("input", "formaction"); - m.add("a", "href"); - m.add("area", "href"); - m.add("link", "href"); - m.add("base", "href"); - m.add("html", "manifest"); - m.add("video", "poster"); - m.add("audio", "src"); - m.add("embed", "src"); - m.add("iframe", "src"); - m.add("img", "src"); - m.add("input", "src"); - m.add("script", "src"); - m.add("source", "src"); - m.add("track", "src"); - }); + private static final Map> TAG_ATTRIBUTE_MAPPING = Map.ofEntries( + Map.entry("a", List.of("href")), + Map.entry("area", List.of("href")), + Map.entry("audio", List.of("src")), + Map.entry("base", List.of("href")), + Map.entry("blockquote", List.of("cite")), + Map.entry("button", List.of("formaction")), + Map.entry("del", List.of("cite")), + Map.entry("embed", List.of("src")), + Map.entry("form", List.of("action")), + Map.entry("html", List.of("manifest")), + Map.entry("img", List.of("src")), + Map.entry("ins", List.of("cite")), + Map.entry("input", List.of("formaction", "src")), + Map.entry("iframe", List.of("src")), + Map.entry("link", List.of("href")), + Map.entry("q", List.of("cite")), + Map.entry("object", List.of("data")), + Map.entry("video", List.of("poster")), + Map.entry("script", List.of("src")), + Map.entry("source", List.of("src")), + Map.entry("track", List.of("src")) + ); @Override public void startElement(TagNode node) { String nodeName = node.getNodeName(); if (TAG_ATTRIBUTE_MAPPING.containsKey(nodeName)) { - Collection supportedAttributes = TAG_ATTRIBUTE_MAPPING.getAll(nodeName); + Collection supportedAttributes = TAG_ATTRIBUTE_MAPPING.get(nodeName); node.getAttributes().stream() .filter(attribute -> supportedAttributes.contains(attribute.getName())) .filter(a -> CONTEXT_URI_DEFINITION.matcher(a.getValue()).find()) diff --git a/src/main/java/com/cognifide/aemrules/htl/lex/ElementTokenizer.java b/src/main/java/com/cognifide/aemrules/htl/lex/ElementTokenizer.java index e7b18c1..7cbb68e 100644 --- a/src/main/java/com/cognifide/aemrules/htl/lex/ElementTokenizer.java +++ b/src/main/java/com/cognifide/aemrules/htl/lex/ElementTokenizer.java @@ -32,11 +32,11 @@ class ElementTokenizer extends AbstractTokenizer> { - private static final EndQNameMatcher endQNameMatcher = new EndQNameMatcher(); + private static final EndQNameMatcher END_Q_NAME_MATCHER = new EndQNameMatcher(); - private static final EndTokenMatcher endTokenMatcher = new EndTokenMatcher(); + private static final EndTokenMatcher END_TOKEN_MATCHER = new EndTokenMatcher(); - private static final EndUnquotedAttributeMatcher endUnquotedAttributeMatcher = new EndUnquotedAttributeMatcher(); + private static final EndUnquotedAttributeMatcher END_UNQUOTED_ATTRIBUTE_MATCHER = new EndUnquotedAttributeMatcher(); public ElementTokenizer(String startToken, String endToken) { super(startToken, endToken); @@ -80,7 +80,7 @@ private static void handleBeforeAttributeValue(CodeReader codeReader, TagNode el codeReader.pop(); attribute.setQuoteChar((char) ch); } else { - codeReader.popTo(endUnquotedAttributeMatcher, sbValue); + codeReader.popTo(END_UNQUOTED_ATTRIBUTE_MATCHER, sbValue); attribute.setValue(sbValue.toString().trim()); } } @@ -89,7 +89,7 @@ private static void handleBeforeAttributeValue(CodeReader codeReader, TagNode el private static void handleBeforeAttributeName(CodeReader codeReader, TagNode element) { Attribute attribute; StringBuilder sbQName = new StringBuilder(); - codeReader.popTo(endQNameMatcher, sbQName); + codeReader.popTo(END_Q_NAME_MATCHER, sbQName); attribute = new Attribute(sbQName.toString().trim()); attribute.setLine(codeReader.getLinePosition() + element.getStartLinePosition() - 1); element.getAttributes().add(attribute); @@ -97,7 +97,7 @@ private static void handleBeforeAttributeName(CodeReader codeReader, TagNode ele private static void handleBeforeNodeName(CodeReader codeReader, TagNode element) { StringBuilder sbNodeName = new StringBuilder(); - codeReader.popTo(endTokenMatcher, sbNodeName); + codeReader.popTo(END_TOKEN_MATCHER, sbNodeName); element.setNodeName(sbNodeName.toString()); } diff --git a/src/main/java/com/cognifide/aemrules/java/checks/ThreadSafeFieldCheck.java b/src/main/java/com/cognifide/aemrules/java/checks/ThreadSafeFieldCheck.java index 11a3664..4c0a932 100644 --- a/src/main/java/com/cognifide/aemrules/java/checks/ThreadSafeFieldCheck.java +++ b/src/main/java/com/cognifide/aemrules/java/checks/ThreadSafeFieldCheck.java @@ -55,24 +55,24 @@ public class ThreadSafeFieldCheck extends BaseTreeVisitor implements JavaFileSca public static final String RULE_MESSAGE = "Usage of %s as a field is not thread safe."; - private static final Set vulnerableClasses = Set.of( + private static final Set VULNERABLE_CLASSES = Set.of( // empty for now ); - private static final Set vulnerableInterfaces = Set.of( + private static final Set VULNERABLE_INTERFACES = Set.of( "javax.servlet.Servlet", "javax.servlet.Filter", "org.osgi.service.event.EventHandler" ); - private static final Set vulnerableAnnotations = Set.of( + private static final Set VULNERABLE_ANNOTATIONS = Set.of( "org.apache.felix.scr.annotations.Component", "org.osgi.service.component.annotations.Component", "org.apache.felix.scr.annotations.sling.SlingServlet", // this is possibly duplicative, but that shouldn't be a problem. "org.apache.felix.scr.annotations.sling.SlingFilter" // this is possibly duplicative, but that shouldn't be a problem. ); - private static final Set nonThreadSafeTypes = Set.of( + private static final Set NON_THREAD_SAFE_TYPES = Set.of( "org.apache.sling.api.resource.ResourceResolver", "javax.jcr.Session", "com.day.cq.wcm.api.PageManager", @@ -116,7 +116,7 @@ private void checkMember(Tree member) { if (isVariableField) { VariableTree variableField = (VariableTree) member; String name = variableField.type().symbolType().fullyQualifiedName(); - if (nonThreadSafeTypes.contains(name)) { + if (NON_THREAD_SAFE_TYPES.contains(name)) { context.reportIssue(this, member, String.format(RULE_MESSAGE, name)); } } @@ -126,7 +126,7 @@ private boolean hasAnnotation(ClassTree clazz) { boolean hasAnnotation = false; for (AnnotationTree annotationTree : clazz.modifiers().annotations()) { String name = annotationTree.annotationType().symbolType().fullyQualifiedName(); - hasAnnotation |= vulnerableAnnotations.contains(name); + hasAnnotation |= VULNERABLE_ANNOTATIONS.contains(name); } return hasAnnotation; } @@ -136,7 +136,7 @@ private boolean extendsVulnerableClass(ClassTree clazz) { TypeTree type = clazz.superClass(); if (type != null) { String name = type.symbolType().fullyQualifiedName(); - extendsClass = vulnerableClasses.contains(name); + extendsClass = VULNERABLE_CLASSES.contains(name); } return extendsClass; } @@ -145,7 +145,7 @@ private boolean implementsVulnerableInterface(ClassTree clazz) { boolean implementsInterface = false; for (TypeTree typeTree : clazz.superInterfaces()) { String name = typeTree.symbolType().fullyQualifiedName(); - implementsInterface |= vulnerableInterfaces.contains(name); + implementsInterface |= VULNERABLE_INTERFACES.contains(name); } return implementsInterface; } diff --git a/src/main/java/com/cognifide/aemrules/utils/MultiMap.java b/src/main/java/com/cognifide/aemrules/utils/MultiMap.java deleted file mode 100644 index dcbf396..0000000 --- a/src/main/java/com/cognifide/aemrules/utils/MultiMap.java +++ /dev/null @@ -1,96 +0,0 @@ -/*- - * #%L - * AEM Rules for SonarQube - * %% - * Copyright (C) 2015-2019 Cognifide Limited - * %% - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * #L% - */ -package com.cognifide.aemrules.utils; - -import java.util.*; -import java.util.function.Consumer; - -/** - * @link https://gist.github.com/kendfinger/9007632 - */ -public class MultiMap { - - private Map> delegate; - - public static MultiMap builder(Consumer> builder) { - MultiMap result = new MultiMap<>(); - builder.accept(result); - return result; - } - - public void put(K key, Collection values) { - createMap(); - delegate.put(key, values); - } - - private void createMap() { - if (delegate == null) { - delegate = new HashMap<>(); - } - } - - public Collection getAll(K key) { - if (getAll().containsKey(key)) { - return getAll().get(key); - } else { - LinkedList value = new LinkedList<>(); - getAll().put(key, value); - return value; - } - } - - public void add(K key, V value) { - getAll(key).add(value); - } - - public boolean remove(K key, V value) { - return getAll(key).remove(value); - } - - public void clear() { - delegate = null; - createMap(); - } - - public void clear(K key) { - put(key, new LinkedList()); - } - - public Map> getAll() { - createMap(); - return delegate; - } - - public boolean addAll(K key, Collection values) { - return getAll(key).addAll(values); - } - - public boolean isEmpty() { - return getAll().isEmpty(); - } - - public boolean isEmpty(K key) { - return getAll(key).isEmpty(); - } - - public boolean containsKey(V key) { - return getAll().containsKey(key); - } -} \ No newline at end of file