Hello
I am creating a plugin in SonarQube with custom rules and as my first rule, I want to do a validation on If statements where an alarm is triggered every time a literal String enters as a parameter.
I'm following the example framework that is in software documentation , but I can not find any documentation on possible alternatives in building Rules.
To test, I'm using a code from an Android DIVA screen:
import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.view.View;
import android.widget.EditText;
import android.widget.Toast;
public class HardcodeActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_hardcode);
}
public void access(View view) {
EditText hckey = (EditText) findViewById(R.id.hcKey);
if (hckey.getText().toString().equals("vendorsecretkey")) { // Noncompliant
Toast.makeText(this, "Access granted! See you on the other side :)", Toast.LENGTH_SHORT).show();
}
else {
Toast.makeText(this, "Access denied! See you in hell :D", Toast.LENGTH_SHORT).show();
}
}
}
Given this, the comparison is being made by my Rule in the following section:
@Override
public void visitNode(Tree tree){
IfStatementTree ifStatement = (IfStatementTree) tree;
ifStatement.condition().kind();
if (ifStatement.condition().kind() == (Kind.STRING_LITERAL)){
reportIssue(ifStatement.ifKeyword(), "Comparação if sendo feita com string literal!");
}
}
The problem is occurring due to the factors being used for rule comparison, but I can not find any method or attribute that can help me in this comparison. (I also did not find documentation that explains more about IfStatementTree, the most I found was it ).
Could someone please help me with this question or point me to some content that has more information?
Thanks in advance for your attention!