Beispiel #1
0
        private void VisitMethods(SyntaxNodeAnalysisContext ctx)
        {
            bool          hasActionMethod             = false;
            bool          hasValidateAntiForgeryToken = false;
            SyntaxNode    node = null;
            List <string> attributesList;

            if (ctx.Node.Language == LanguageNames.CSharp)
            {
                node = ctx.Node as CSharpSyntax.MethodDeclarationSyntax;
                if (node == null)
                {
                    return;
                }
                attributesList = AnalyzerUtil.getAttributesForMethod((CSharpSyntax.MethodDeclarationSyntax)node);
            }
            else
            {
                node = ctx.Node as VBSyntax.MethodBlockSyntax;
                if (node == null)
                {
                    return;
                }
                attributesList = AnalyzerUtil.getAttributesForMethod((VBSyntax.MethodBlockSyntax)node);
            }

            //Extract the annotation identifier
            foreach (var attribute in attributesList)
            {
                if (MethodsHttp.Contains(attribute))
                {
                    //Create the diagnostic on the annotation rather than the complete method
                    if (ctx.Node.Language == LanguageNames.CSharp)
                    {
                        var attributes = AnalyzerUtil.getAttributesByName(attribute, node as CSharpSyntax.MethodDeclarationSyntax);
                        if (attributes.Count > 0)
                        {
                            node = attributes[0];
                        }
                    }
                    else
                    {
                        var attributes = AnalyzerUtil.getAttributesByName(attribute, node as VBSyntax.MethodBlockSyntax);
                        if (attributes.Count > 0)
                        {
                            node = attributes[0];
                        }
                    }
                    hasActionMethod = true;
                }
                else if (attribute.Equals("ValidateAntiForgeryToken"))
                {
                    hasValidateAntiForgeryToken = true;
                }
            }

            if (hasActionMethod && !hasValidateAntiForgeryToken)
            {
                ctx.ReportDiagnostic(Diagnostic.Create(Rule, node.GetLocation()));
            }
        }