@W-17915877@ Implemented path start points for SFGE

Author: jfeingold35

packages/code-analyzer-sfge-engine/src/engine.ts

@@ -31,10 +31,9 @@ export class SfgeEngine extends Engine {
 
     public constructor(config: SfgeEngineConfig, clock: Clock = new RealClock()) {
         super();
-        // TODO: When we support custom Java commands, we'll need to use the config property instead of the hardcoded string here.
-        const javaCommandExecutor: JavaCommandExecutor = new JavaCommandExecutor('java', this.emitLogEvent.bind(this));
-        this.sfgeWrapper = new RuntimeSfgeWrapper(javaCommandExecutor, clock, this.emitLogEvent.bind(this));
         this.config = config;
+        const javaCommandExecutor: JavaCommandExecutor = new JavaCommandExecutor(this.config.java_command, this.emitLogEvent.bind(this));
+        this.sfgeWrapper = new RuntimeSfgeWrapper(javaCommandExecutor, clock, this.emitLogEvent.bind(this));
     }
 
     public override getName(): string {
@@ -96,7 +95,7 @@ export class SfgeEngine extends Engine {
 
         const sfgeResults: SfgeRunResult[] = await this.sfgeWrapper.invokeRunCommand(
             selectedRuleInfoList,
-            relevantFiles, // TODO: WHEN WE ADD PATH-START TARGETING, THIS NEEDS TO CHANGE.
+            runOptions.pathStartPoints ?? [],
             relevantFiles,
             sfgeRunOptions,
             (innerPerc: number, message?: string) => this.emitRunRulesProgressEvent(5 + 93*innerPerc/100, message) // 5%-98%

packages/code-analyzer-sfge-engine/src/sfge-wrapper.ts

@@ -3,6 +3,7 @@ import fs from 'node:fs';
 import {
     getMessageFromCatalog,
     LogLevel,
+    PathPoint,
     SHARED_MESSAGE_CATALOG
 } from '@salesforce/code-analyzer-engine-api';
 import {createTempDir, JavaCommandExecutor} from '@salesforce/code-analyzer-engine-api/utils';
@@ -108,15 +109,15 @@ export class RuntimeSfgeWrapper {
         }
     }
 
-    public async invokeRunCommand(selectedRuleInfos: SfgeRuleInfo[], targetPaths: string[], projectFilePaths: string[], sfgeRunOptions: SfgeRunOptions, emitProgress: (percComplete: number) => void): Promise<SfgeRunResult[]> {
+    public async invokeRunCommand(selectedRuleInfos: SfgeRuleInfo[], pathStarts: PathPoint[], projectFilePaths: string[], sfgeRunOptions: SfgeRunOptions, emitProgress: (percComplete: number) => void): Promise<SfgeRunResult[]> {
         const tmpDir: string = await this.getTemporaryWorkingDir();
         emitProgress(2);
 
         const inputFileName: string = path.join(tmpDir, 'sfgeInput.json');
         const logFilePath: string = path.join(sfgeRunOptions.logFolder, this.logFileName);
         const ruleNames: string[] = selectedRuleInfos.map(sri => sri.name);
 
-        await this.createSfgeInputFile(inputFileName, ruleNames, targetPaths, projectFilePaths);
+        await this.createSfgeInputFile(inputFileName, ruleNames, pathStarts, projectFilePaths);
         const resultsOutputFile: string = path.join(tmpDir, 'resultsFile.json');
         this.emitLogEvent(LogLevel.Debug, getMessage('LoggingToFile', 'run', logFilePath));
         emitProgress(10);
@@ -163,15 +164,29 @@ export class RuntimeSfgeWrapper {
         return this.temporaryWorkingDir;
     }
 
-    private async createSfgeInputFile(filePath: string, rules: string[], targets: string[], allWorkspaceFiles: string[]): Promise<void> {
-        const sfgeTargets: SfgeTarget[] = targets.map(target => {
-            return {
-                targetFile: target,
-                targetMethods: []
-            };
-        });
+    private async createSfgeInputFile(filePath: string, rules: string[], pathStarts: PathPoint[], allWorkspaceFiles: string[]): Promise<void> {
+        const sfgeTargetsByFile: Map<string, SfgeTarget> = new Map();
+        if (pathStarts.length > 0) {
+            pathStarts.forEach(pathStart => {
+                const sfgeTarget: SfgeTarget = sfgeTargetsByFile.get(pathStart.file) ?? {
+                    targetFile: pathStart.file,
+                    targetMethods: []
+                };
+                if (pathStart.methodName) {
+                    sfgeTarget.targetMethods = [...sfgeTarget.targetMethods, pathStart.methodName];
+                }
+                sfgeTargetsByFile.set(pathStart.file, sfgeTarget);
+            });
+        } else {
+            allWorkspaceFiles.map(file => {
+                sfgeTargetsByFile.set(file, {
+                    targetFile: file,
+                    targetMethods: []
+                });
+            });
+        }
         const inputFileContents: SfgeInputFile = {
-            targets: sfgeTargets,
+            targets: [...sfgeTargetsByFile.values()],
             projectDirs: allWorkspaceFiles,
             rulesToRun: rules
         };

packages/code-analyzer-sfge-engine/test/engine.test.ts

@@ -8,6 +8,7 @@ import {
     EventType,
     LogEvent,
     LogLevel,
+    PathPoint,
     RuleDescription,
     RunOptions,
     RunRulesProgressEvent,
@@ -182,10 +183,10 @@ describe('SfgeEngine', () => {
                     path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace', 'SomeOtherClass.cls')
                 ]
             }
-        ])('When workspace is $case, those violations are returned', async () => {
+        ])('When workspace is $case, those violations are returned', async ({workspacePaths}) => {
             // ====== SETUP ======
             const engine: SfgeEngine = new SfgeEngine(DEFAULT_SFGE_ENGINE_CONFIG, fixedClock);
-            const workspace: Workspace = new Workspace([path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace')]);
+            const workspace: Workspace = new Workspace(workspacePaths);
             const progressEvents: RunRulesProgressEvent[] = [];
             engine.onEvent(EventType.RunRulesProgressEvent, (e: RunRulesProgressEvent) => progressEvents.push(e));
             const ruleNames: string[] = ['ApexFlsViolationRule', 'UseWithSharingOnDatabaseOperation', 'UnimplementedTypeRule', 'RemoveUnusedMethod'];
@@ -194,7 +195,46 @@ describe('SfgeEngine', () => {
             const results: EngineRunResults = await engine.runRules(ruleNames, createRunOptions(workspace));
 
             // ====== ASSERTIONS ======
-            await expectResultsToMatchGoldfile(results, 'all_sampleRelevantWorkspace_violations.goldfile.json', path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace'));
+            await expectResultsToMatchGoldfile(results, path.join('sampleRelevantWorkspace', 'all_violations.goldfile.json'), path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace'));
+            const progressPercents: number[] = progressEvents.map(pe => pe.percentComplete);
+            expect(progressPercents[0]).toEqual(2);
+            expect(progressPercents[progressPercents.length - 1]).toEqual(100);
+            expectProgressEventsToAscend(progressPercents);
+        });
+
+        it.each([
+            {
+                case: 'a file that violates the selected rules',
+                pathStartPoints: [
+                    {
+                        file: path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace2', 'EntryClass1.cls')
+                    }
+                ],
+                goldfile: 'EntryClass1_violations.goldfile.json'
+            },
+            {
+                case: 'a single method that violates the selected rules',
+                pathStartPoints: [
+                    {
+                        file: path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace2', 'EntryClass1.cls'),
+                        methodName: 'entryPointMethod1'
+                    }
+                ],
+                goldfile: 'EntryClass1_entryPointMethod1_violations.goldfile.json'
+            }
+        ])('When path start point is $case, the appropriate violations are returned', async ({pathStartPoints, goldfile}) => {
+            // ====== SETUP ======
+            const engine: SfgeEngine = new SfgeEngine(DEFAULT_SFGE_ENGINE_CONFIG, fixedClock);
+            const workspace: Workspace = new Workspace([path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace2')]);
+            const progressEvents: RunRulesProgressEvent[] = [];
+            engine.onEvent(EventType.RunRulesProgressEvent, (e: RunRulesProgressEvent) => progressEvents.push(e));
+            const ruleNames: string[] = ['ApexFlsViolationRule', 'UseWithSharingOnDatabaseOperation', 'UnimplementedTypeRule', 'RemoveUnusedMethod'];
+
+            // ====== TESTED BEHAVIOR ======
+            const results: EngineRunResults = await engine.runRules(ruleNames, createRunOptions(workspace, pathStartPoints));
+
+            // ====== ASSERTIONS ======
+            await expectResultsToMatchGoldfile(results, path.join('sampleRelevantWorkspace2', goldfile), path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace2'));
             const progressPercents: number[] = progressEvents.map(pe => pe.percentComplete);
             expect(progressPercents[0]).toEqual(2);
             expect(progressPercents[progressPercents.length - 1]).toEqual(100);
@@ -213,7 +253,7 @@ describe('SfgeEngine', () => {
             const results: EngineRunResults = await engine.runRules(ruleNames, createRunOptions(workspace));
 
             // ====== ASSERTIONS ======
-            await expectResultsToMatchGoldfile(results, 'ApexFlsViolationRule_sampleRelevantWorkspace_violations.goldfile.json', path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace'));
+            await expectResultsToMatchGoldfile(results, path.join('sampleRelevantWorkspace', 'ApexFlsViolationRule_violations.goldfile.json'), path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace'));
             const expectedProgressDescriptors: {percent: number, message?: string}[] = [
                 {percent: 2, message: undefined},
                 {percent: 2.3, message: undefined},
@@ -292,7 +332,7 @@ describe('SfgeEngine', () => {
             const results: EngineRunResults = await engine.runRules(ruleNames, createRunOptions(workspace));
 
             // ====== ASSERTIONS ======
-            await expectResultsToMatchGoldfile(results, 'ApexFlsViolationRule_sampleRelevantWorkspace_violations.goldfile.json', path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace'));
+            await expectResultsToMatchGoldfile(results, path.join('sampleRelevantWorkspace', 'ApexFlsViolationRule_violations.goldfile.json'), path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace'));
             const warningLogEvents: LogEvent[] = logEvents.filter(e => e.logLevel === LogLevel.Warn);
             expect(warningLogEvents.length).toBeGreaterThanOrEqual(1);
             expect(warningLogEvents[0].message).toContain(`Specified workspace is missing 1 possibly-relevant file(s) from the folder ${path.join(TEST_DATA_FOLDER, 'sampleRelevantWorkspace')}.`);
@@ -333,9 +373,10 @@ function createDescribeOptions(workspace?: Workspace): DescribeOptions {
     };
 }
 
-function createRunOptions(workspace: Workspace): RunOptions {
+function createRunOptions(workspace: Workspace, pathStartPoints?: PathPoint[]): RunOptions {
     return {
         logFolder: os.tmpdir(),
-        workspace
+        workspace,
+        pathStartPoints
     };
 }

packages/code-analyzer-sfge-engine/test/test-data/goldfiles/ApexFlsViolationRule_sampleRelevantWorkspace_violations.goldfile.json packages/code-analyzer-sfge-engine/test/test-data/goldfiles/sampleRelevantWorkspace/ApexFlsViolationRule_violations.goldfile.json

@@ -0,0 +1,21 @@
+{
+  "violations": [
+    {
+      "ruleName": "ApexFlsViolationRule",
+      "message": "FLS validation is missing for [READ] operation on [Account] with field(s) [CustomField__c,Name].",
+      "codeLocations": [
+        {
+          "file": "{{RUNDIR}}EntryClass1.cls",
+          "startLine": 2,
+          "startColumn": 24
+        },
+        {
+          "file": "{{RUNDIR}}InternalOnlyClass.cls",
+          "startLine": 5,
+          "startColumn": 26
+        }
+      ],
+      "primaryLocationIndex": 1
+    }
+  ]
+}

packages/code-analyzer-sfge-engine/test/test-data/goldfiles/all_sampleRelevantWorkspace_violations.goldfile.json packages/code-analyzer-sfge-engine/test/test-data/goldfiles/sampleRelevantWorkspace/all_violations.goldfile.json

@@ -0,0 +1,38 @@
+{
+  "violations": [
+    {
+      "ruleName": "ApexFlsViolationRule",
+      "message": "FLS validation is missing for [READ] operation on [Account] with field(s) [CustomField__c,Name].",
+      "codeLocations": [
+        {
+          "file": "{{RUNDIR}}EntryClass1.cls",
+          "startLine": 2,
+          "startColumn": 24
+        },
+        {
+          "file": "{{RUNDIR}}InternalOnlyClass.cls",
+          "startLine": 5,
+          "startColumn": 26
+        }
+      ],
+      "primaryLocationIndex": 1
+    },
+    {
+      "ruleName": "ApexFlsViolationRule",
+      "message": "FLS validation is missing for [READ] operation on [Account] with field(s) [CustomField__c,Name].",
+      "codeLocations": [
+        {
+          "file": "{{RUNDIR}}EntryClass1.cls",
+          "startLine": 7,
+          "startColumn": 24
+        },
+        {
+          "file": "{{RUNDIR}}InternalOnlyClass.cls",
+          "startLine": 5,
+          "startColumn": 26
+        }
+      ],
+      "primaryLocationIndex": 1
+    }
+  ]
+}

packages/code-analyzer-sfge-engine/test/test-data/goldfiles/sampleRelevantWorkspace2/EntryClass1_entryPointMethod1_violations.goldfile.json

@@ -0,0 +1,11 @@
+global with sharing class EntryClass1 {
+    global static void entryPointMethod1() {
+        InternalOnlyClass i = new InternalOnlyClass();
+        i.doAnInsecureQuery();
+    }
+
+    global static void entryPointMethod2() {
+        InternalOnlyClass i = new InternalOnlyClass();
+        i.doAnInsecureQuery();
+    }
+}

packages/code-analyzer-sfge-engine/test/test-data/goldfiles/sampleRelevantWorkspace2/EntryClass1_violations.goldfile.json

@@ -0,0 +1,11 @@
+global with sharing class EntryClass2 {
+    global static void entryPointMethod1() {
+        InternalOnlyClass i = new InternalOnlyClass();
+        i.doAnInsecureQuery();
+    }
+
+    global static void entryPointMethod2() {
+        InternalOnlyClass i = new InternalOnlyClass();
+        i.doAnInsecureQuery();
+    }
+}

packages/code-analyzer-sfge-engine/test/test-data/sampleRelevantWorkspace2/EntryClass1.cls

@@ -0,0 +1,7 @@
+public inherited sharing class InternalOnlyClass {
+
+    public void doAnInsecureQuery() {
+        // This query should be using the USER_MODE syntax for CRUD/FLS reasons. It doesn't, and is therefore insecure.
+        Account[] accs = [SELECT Name, CustomField__c FROM Account];
+    }
+}