Ejemplos de NewtonsoftJsonVersion en C# (CSharp)

Ejemplo n.º 1

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Insecure_Return_InstanceMethod_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public JsonSerializerSettings GetSerializerSettings(bool flag)
    {
        JsonSerializerSettings settings;
        if (flag)
        {
            settings = new JsonSerializerSettings() { TypeNameHandling = TypeNameHandling.All };
        }
        else
        {
            settings = new JsonSerializerSettings();
        }
        
        return settings;
    }
}",
                                               GetCSharpResultAt(19, 16, DefinitelyRule));
        }

Ejemplo n.º 2

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Secure_FieldInitialization_BinderSet_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            string serializationBinderType = "System.Runtime.Serialization.SerializationBinder";

#if NETCOREAPP
            if (version < NewtonsoftJsonVersion.Version12)
            {
                serializationBinderType = "Newtonsoft.Json.SerializationBinder";
            }
#endif

            await VerifyCSharpWithJsonNetAsync(version, $@"
using System;
using Newtonsoft.Json;

class Blah
{{
    public static readonly JsonSerializerSettings Settings = 
        new JsonSerializerSettings()
        {{
            TypeNameHandling = TypeNameHandling.Objects,
            Binder = new MyBinder(),
        }};
}}

public class MyBinder : {serializationBinderType}
{{
    public override Type BindToType(string assemblyName, string typeName) => throw new NotImplementedException();
    public override void BindToName(Type serializedType, out string assemblyName, out string typeName) => throw new NotImplementedException();
}}");
        }

Ejemplo n.º 3

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task DocSample1_VB_Solution(NewtonsoftJsonVersion version)
        {
            await VerifyBasicWithJsonNetAsync(version, @"
Imports System
Imports Newtonsoft.Json
Imports Newtonsoft.Json.Serialization

Public Class BookRecordSerializationBinder
    Implements ISerializationBinder

    ' To maintain backwards compatibility with serialized data before using an ISerializationBinder.
    Private Shared ReadOnly Property Binder As New DefaultSerializationBinder()

    Public Sub BindToName(serializedType As Type, ByRef assemblyName As String, ByRef typeName As String) Implements ISerializationBinder.BindToName
        Binder.BindToName(serializedType, assemblyName, typeName)
    End Sub

    Public Function BindToType(assemblyName As String, typeName As String) As Type Implements ISerializationBinder.BindToType
        ' If the type isn't expected, then stop deserialization.
        If typeName <> ""BookRecord"" AndAlso typeName <> ""AisleLocation"" AndAlso typeName <> ""WarehouseLocation"" Then
            Return Nothing
        End If

        Return Binder.BindToType(assemblyName, typeName)
    End Function
End Class

Public Class BookRecord
    Public Property Title As String
    Public Property Location As Location
End Class

Public MustInherit Class Location
    Public Property StoreId As String
End Class

Public Class AisleLocation
    Inherits Location

    Public Property Aisle As Char
    Public Property Shelf As Byte
End Class

Public Class WarehouseLocation
    Inherits Location

    Public Property Bay As String
    Public Property Shelf As Byte
End Class

Public Class ExampleClass
    Public Function DeserializeBookRecord(s As String) As BookRecord
        Dim settings As JsonSerializerSettings = New JsonSerializerSettings()
        settings.TypeNameHandling = TypeNameHandling.Auto
        settings.SerializationBinder = New BookRecordSerializationBinder()
        Return JsonConvert.DeserializeObject(Of BookRecord)(s, settings)
    End Function
End Class
");
        }

Ejemplo n.º 4

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Insecure_Instance_Constructor_Interprocedural_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public JsonSerializerSettings Settings { get; set; }

    public Blah(bool flag)
    {
        this.Initialize(flag);
    }

    public void Initialize(bool flag)
    {
        if (flag)
        {
            this.Settings = new JsonSerializerSettings() { TypeNameHandling = TypeNameHandling.All };
        }
        else
        {
            this.Settings = new JsonSerializerSettings();
        }
    }
}
",
                                               GetCSharpResultAt(18, 13, DefinitelyRule));
        }

Ejemplo n.º 5

        public async Task AllAndBinder_JsonSerializer_Deserialize_NoDiagnosticAsync(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;

class Blah
{
    private Func<ISerializationBinder> SbGetter;

    object Method(JsonReader jr)
    {
        ISerializationBinder sb = SbGetter();
        if (sb != null)
        {
            JsonSerializer serializer = new JsonSerializer();
            serializer.TypeNameHandling = TypeNameHandling.All;
            serializer.SerializationBinder = sb;
            return serializer.Deserialize(jr);
        }
        else
        {
            return null;
        }
    }
}");
        }

Ejemplo n.º 6

 private async Task VerifyCSharpWithJsonNetAsync(NewtonsoftJsonVersion version, string source, params DiagnosticResult[] expected)
 {
     var csharpTest = new VerifyCS.Test
     {
         ReferenceAssemblies = version switch
         {
             NewtonsoftJsonVersion.Version10 => AdditionalMetadataReferences.DefaultWithNewtonsoftJson10,
             NewtonsoftJsonVersion.Version12 => AdditionalMetadataReferences.DefaultWithNewtonsoftJson12,
             _ => throw new NotSupportedException(),
         },

Ejemplo n.º 7

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Insecure_PropertyInitialization_DefinitelyDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using Newtonsoft.Json;

class Blah
{
    public static JsonSerializerSettings Settings { get; } = new JsonSerializerSettings() { TypeNameHandling = TypeNameHandling.Objects };
}",
                                               GetCSharpResultAt(6, 60, DefinitelyRule));
        }

Ejemplo n.º 8

        public async Task Reference_AttributeTargets_All_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public static void Main(string[] args)
    {
        Console.WriteLine(AttributeTargets.All);
    }
}");
        }

Ejemplo n.º 9

        public async Task Assign_TypeNameHandling_None_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public static void Main(string[] args)
    {
        TypeNameHandling tnh = TypeNameHandling.None;
    }
}");
        }

Ejemplo n.º 10

        public async Task Reference_TypeNameHandling_None_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public static void Main(string[] args)
    {
        Console.WriteLine(TypeNameHandling.None);
    }
}");
        }

Ejemplo n.º 11

        public async Task Reference_TypeNameHandling_All_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public static void Main(string[] args)
    {
        Console.WriteLine(TypeNameHandling.All);
    }
}",
                                               GetCSharpResultAt(9, 27, Rule));
        }

Ejemplo n.º 12

        public async Task Assign_TypeNameHandling_1_Or_Arrays_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public static void Main(string[] args)
    {
        TypeNameHandling tnh = (TypeNameHandling) 1 | TypeNameHandling.Arrays;
    }
}",
                                               GetCSharpResultAt(9, 55, Rule));
        }

Ejemplo n.º 13

        public async Task DocSample1_VB_Violation_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyBasicWithJsonNetAsync(version, @"
Imports Newtonsoft.Json

Public Class ExampleClass
    Public ReadOnly Property Settings() As JsonSerializerSettings

    Public Sub New()
        Settings = New JsonSerializerSettings()
        Settings.TypeNameHandling = TypeNameHandling.All    ' CA2326 violation.
    End Sub
End Class",
                                              GetBasicResultAt(9, 37, Rule));
        }

Ejemplo n.º 14

        public async Task DocSample1_VB_Solution_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyBasicWithJsonNetAsync(version, @"
Imports Newtonsoft.Json

Public Class ExampleClass
    Public ReadOnly Property Settings() As JsonSerializerSettings

    Public Sub New()
        Settings = New JsonSerializerSettings()

        ' The default value of Settings.TypeNameHandling is TypeNameHandling.None.
    End Sub
End Class");
        }

Ejemplo n.º 15

Archivo: DoNotUseInsecureDeserializerJsonNetWithoutBinderTests.cs Proyecto: reduckted/roslyn-analyzers

        public async Task ExplicitlyNone_JsonSerializer_Deserialize_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using Newtonsoft.Json;

class Blah
{
    object Method(JsonReader jr)
    {
        JsonSerializer serializer = new JsonSerializer();
        serializer.TypeNameHandling = TypeNameHandling.None;
        return serializer.Deserialize(jr);
    }
}");
        }

Ejemplo n.º 16

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Secure_JsonSerializer_CreateDefault_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System.IO;
using Newtonsoft.Json;

class Blah
{
    T Deserialize<T>(string s)
    {
        JsonSerializerSettings settings = new JsonSerializerSettings();
        JsonSerializer serializer = JsonSerializer.Create(settings);
        return (T) serializer.Deserialize(new StringReader(s), typeof(T));
    }
}");
        }

Ejemplo n.º 17

Archivo: DoNotUseInsecureDeserializerJsonNetWithoutBinderTests.cs Proyecto: reduckted/roslyn-analyzers

        public async Task Insecure_JsonSerializer_Deserialize_DefinitelyDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using Newtonsoft.Json;

class Blah
{
    object Method(JsonReader jr)
    {
        JsonSerializer serializer = new JsonSerializer();
        serializer.TypeNameHandling = TypeNameHandling.All;
        return serializer.Deserialize(jr);
    }
}",
                                               GetCSharpResultAt(10, 16, DefinitelyRule));
        }

Ejemplo n.º 18

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Insecure_Lazy_Field_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    private static readonly Lazy<JsonSerializerSettings> jsonSerializerSettings =
        new Lazy<JsonSerializerSettings>(() => 
            new JsonSerializerSettings {
                TypeNameHandling = TypeNameHandling.Objects,
            });
}",
                                               GetCSharpResultAt(9, 13, DefinitelyRule));
        }

Ejemplo n.º 19

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Field_Interprocedural_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;
using Newtonsoft.Json.Serialization;

class Blah
{
    public class BookRecordSerializationBinder : ISerializationBinder
    {
        // To maintain backwards compatibility with serialized data before using an ISerializationBinder.
        private static readonly DefaultSerializationBinder Binder = new DefaultSerializationBinder();

        public BookRecordSerializationBinder()
        {
        }

        public void BindToName(Type serializedType, out string assemblyName, out string typeName)
        {
            Binder.BindToName(serializedType, out assemblyName, out typeName);
        }

        public Type BindToType(string assemblyName, string typeName)
        {
            // If the type isn't expected, then stop deserialization.
            if (typeName != ""BookRecord"" && typeName != ""AisleLocation"" && typeName != ""WarehouseLocation"")
            {
                return null;
            }

            return Binder.BindToType(assemblyName, typeName);
        }
    }

    private static ISerializationBinder GetSerializationBinder()
    {
        return new BookRecordSerializationBinder();
    }

    protected static readonly JsonSerializerSettings Settings = new JsonSerializerSettings()
    {
        SerializationBinder = GetSerializationBinder(),
    };
}
");
        }

Ejemplo n.º 20

        public async Task InitializeField_JsonSerializer_DiagnosticAsync(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using Newtonsoft.Json;

class Blah
{
    JsonSerializer MyJsonSerializer;

    void Init()
    {
        this.MyJsonSerializer = new JsonSerializer();
        this.MyJsonSerializer.TypeNameHandling = TypeNameHandling.All;
    }
}",
                                               GetCSharpResultAt(10, 9, DefinitelyRule));
        }

Ejemplo n.º 21

        public async Task DocSample1_CSharp_Solution_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using Newtonsoft.Json;

public class ExampleClass
{
    public JsonSerializerSettings Settings { get; }

    public ExampleClass()
    {
        Settings = new JsonSerializerSettings();
        
        // The default value of Settings.TypeNameHandling is TypeNameHandling.None.
    }
}");
        }

Ejemplo n.º 22

        public async Task DocSample1_CSharp_Violation_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using Newtonsoft.Json;

public class ExampleClass
{
    public JsonSerializerSettings Settings { get; }

    public ExampleClass()
    {
        Settings = new JsonSerializerSettings();
        Settings.TypeNameHandling = TypeNameHandling.All;    // CA2326 violation.
    }
}",
                                               GetCSharpResultAt(11, 37, Rule));
        }

Ejemplo n.º 23

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task InsecureThenSecure_PropertyInitialized_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public JsonSerializerSettings Settings { get; set; }

    public Blah()
    {
        this.Settings = new JsonSerializerSettings() { TypeNameHandling = TypeNameHandling.All };
        this.Settings.TypeNameHandling = TypeNameHandling.None;
    }
}
");
        }

Ejemplo n.º 24

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Insecure_Field_Initialized_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    private static readonly JsonSerializerSettings Settings;

    static Blah()
    {
        Settings = new JsonSerializerSettings() { TypeNameHandling = TypeNameHandling.Auto };
    }
}
",
                                               GetCSharpResultAt(11, 9, DefinitelyRule));
        }

Ejemplo n.º 25

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Insecure_Instance_Constructor_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public JsonSerializerSettings Settings { get; }

    public Blah()
    {
        this.Settings = new JsonSerializerSettings();
        this.Settings.TypeNameHandling = TypeNameHandling.Objects;
    }
}",
                                               GetCSharpResultAt(11, 9, DefinitelyRule));
        }

Ejemplo n.º 26

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Insecure_JsonSerializer_Create_DefinitelyDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System.IO;
using Newtonsoft.Json;

class Blah
{
    T Deserialize<T>(string s)
    {
        JsonSerializerSettings settings = new JsonSerializerSettings();
        settings.TypeNameHandling = TypeNameHandling.All;
        JsonSerializer serializer = JsonSerializer.Create(settings);
        return (T) serializer.Deserialize(new StringReader(s), typeof(T));
    }
}",
                                               GetCSharpResultAt(11, 37, DefinitelyRule));
        }

Ejemplo n.º 27

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Unknown_PropertyInitialized_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public JsonSerializerSettings Settings { get; set; }

    public static Func<JsonSerializerSettings> GetSettings;

    public Blah()
    {
        this.Settings = GetSettings();
    }
}
");
        }

Ejemplo n.º 28

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task SecureThenInsecure_FieldInitialized_Diagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using System;
using Newtonsoft.Json;

class Blah
{
    public JsonSerializerSettings Settings;

    public Blah()
    {
        this.Settings = new JsonSerializerSettings();
        this.Settings.TypeNameHandling = TypeNameHandling.All;
    }
}
",
                                               GetCSharpResultAt(11, 9, DefinitelyRule));
        }

Ejemplo n.º 29

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task Secure_SometimesInitialization_NoDiagnostic(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using Newtonsoft.Json;

class Blah
{
    public JsonSerializerSettings Settings { get; set; }

    public void EnsureInitialized()
    {
        if (this.Settings == null)
        {
            this.Settings = new JsonSerializerSettings();
        }
    }
}
");
        }

Ejemplo n.º 30

Archivo: DoNotUseInsecureSettingsForJsonNetTests.cs Proyecto: vrenken/roslyn-analyzers

        public async Task DocSample1_CSharp_Violation(NewtonsoftJsonVersion version)
        {
            await VerifyCSharpWithJsonNetAsync(version, @"
using Newtonsoft.Json;

public class BookRecord
{
    public string Title { get; set; }
    public string Author { get; set; }
    public object Location { get; set; }
}

public abstract class Location
{
    public string StoreId { get; set; }
}

public class AisleLocation : Location
{
    public char Aisle { get; set; }
    public byte Shelf { get; set; }
}

public class WarehouseLocation : Location
{
    public string Bay { get; set; }
    public byte Shelf { get; set; }
}

public class ExampleClass
{
    public BookRecord DeserializeBookRecord(string s)
    {
        JsonSerializerSettings settings = new JsonSerializerSettings();
        settings.TypeNameHandling = TypeNameHandling.Auto;
        return JsonConvert.DeserializeObject<BookRecord>(s, settings);    // CA2327 violation
    }
}
",
                                               GetCSharpResultAt(34, 16, DefinitelyRule));
        }