private void ReportDiagnostics( SyntaxNodeAnalysisContext context, InvocationExpressionSyntax invocationExpressionSyntax) { string sqlText = null; ICollection <string> sharpParameters = null; foreach (var argument in invocationExpressionSyntax.ArgumentList.Arguments) { var parameter = argument.DetermineParameter(context.SemanticModel); if (string.Equals(parameter.Name, "sql")) { var sourceText = argument.TryGetArgumentStringValue(context.SemanticModel); // If SQL code is not constant, return if (sourceText == null) { return; } sqlText = sourceText; continue; } if (string.Equals(parameter.Name, "param")) { sharpParameters = FindParameters(context, argument); } } ParametersMatchingRule.TryReportDiagnostics(sqlText, sharpParameters, invocationExpressionSyntax.GetLocation(), context, Orm.Dapper); }
private void AnalyzeInvocationExpression(SyntaxNodeAnalysisContext context) { var invocationExpressionSyntax = (InvocationExpressionSyntax)context.Node; if (!invocationExpressionSyntax.IsSqlCommandExecuteMethod(context.SemanticModel)) { return; } var sqlCommandIdentifier = invocationExpressionSyntax.DescendantNodes().OfType <IdentifierNameSyntax>().FirstOrDefault(); if (sqlCommandIdentifier == null) { return; } var symbolInfo = context.SemanticModel.GetSymbolInfo(sqlCommandIdentifier); if (!(symbolInfo.Symbol is ILocalSymbol localSymbol)) { return; } var scope = localSymbol.GetVariableScope(); var sqlCommandParametersWalker = new SqlCommandParametersWalker(localSymbol, context.SemanticModel); sqlCommandParametersWalker.Visit(scope); if (!sqlCommandParametersWalker.IsInlineSql || !sqlCommandParametersWalker.IsAllParametersStatic || string.IsNullOrEmpty(sqlCommandParametersWalker.SqlText)) { return; } ParametersMatchingRule.TryReportDiagnostics( sqlCommandParametersWalker.SqlText, sqlCommandParametersWalker.SqlParameters, invocationExpressionSyntax.GetLocation(), context, Orm.AdoNet); }