private void ReportDiagnostics(
SyntaxNodeAnalysisContext context,
InvocationExpressionSyntax invocationExpressionSyntax)
{
string sqlText = null;
ICollection <string> sharpParameters = null;
foreach (var argument in invocationExpressionSyntax.ArgumentList.Arguments)
{
var parameter = argument.DetermineParameter(context.SemanticModel);
if (string.Equals(parameter.Name, "sql"))
{
var sourceText = argument.TryGetArgumentStringValue(context.SemanticModel);
// If SQL code is not constant, return
if (sourceText == null)
{
return;
}
sqlText = sourceText;
continue;
}
if (string.Equals(parameter.Name, "param"))
{
sharpParameters = FindParameters(context, argument);
}
}
ParametersMatchingRule.TryReportDiagnostics(sqlText, sharpParameters, invocationExpressionSyntax.GetLocation(), context, Orm.Dapper);
}
private void AnalyzeInvocationExpression(SyntaxNodeAnalysisContext context)
{
var invocationExpressionSyntax = (InvocationExpressionSyntax)context.Node;
if (!invocationExpressionSyntax.IsSqlCommandExecuteMethod(context.SemanticModel))
{
return;
}
var sqlCommandIdentifier = invocationExpressionSyntax.DescendantNodes().OfType <IdentifierNameSyntax>().FirstOrDefault();
if (sqlCommandIdentifier == null)
{
return;
}
var symbolInfo = context.SemanticModel.GetSymbolInfo(sqlCommandIdentifier);
if (!(symbolInfo.Symbol is ILocalSymbol localSymbol))
{
return;
}
var scope = localSymbol.GetVariableScope();
var sqlCommandParametersWalker = new SqlCommandParametersWalker(localSymbol, context.SemanticModel);
sqlCommandParametersWalker.Visit(scope);
if (!sqlCommandParametersWalker.IsInlineSql || !sqlCommandParametersWalker.IsAllParametersStatic || string.IsNullOrEmpty(sqlCommandParametersWalker.SqlText))
{
return;
}
ParametersMatchingRule.TryReportDiagnostics(
sqlCommandParametersWalker.SqlText,
sqlCommandParametersWalker.SqlParameters,
invocationExpressionSyntax.GetLocation(),
context,
Orm.AdoNet);
}
