Merge branch 'dev' into dependabot/npm_and_yarn/vm2-3.9.19

Author: rmohan20

sfge/lib/apex-jorje-lsp-sfge.jar

@@ -68,6 +68,7 @@ public final class ApexStringValue extends ApexSimpleValue<ApexStringValue, Stri
     static final String METHOD_STARTS_WITH_IGNORE_CASE = "startsWithIgnoreCase";
     static final String METHOD_SUB_STRING = "subString";
     static final String METHOD_SUB_STRING_AFTER = "subStringAfter";
+    static final String METHOD_SUB_STRING_AFTER_LAST = "subStringAfterLast";
     static final String METHOD_SUB_STRING_BEFORE = "subStringBefore";
     static final String METHOD_SUB_STRING_BETWEEN = "subStringBetween";
     static final String METHOD_TO_LOWER_CASE = "toLowerCase";
@@ -198,6 +199,7 @@ public TypeableUtil.OrderedTreeSet getTypes() {
                                     METHOD_REMOVE_START_IGNORE_CASE,
                                     StringUtils::removeStartIgnoreCase),
                             Pair.of(METHOD_SUB_STRING_AFTER, StringUtils::substringAfter),
+                            Pair.of(METHOD_SUB_STRING_AFTER_LAST, StringUtils::substringAfterLast),
                             Pair.of(METHOD_SUB_STRING_BEFORE, StringUtils::substringBefore),
                             Pair.of(METHOD_SUB_STRING_BETWEEN, StringUtils::substringBetween));
 

sfge/src/main/java/com/salesforce/graph/symbols/apex/ApexStringValue.java

@@ -1,9 +1,86 @@
 package com.salesforce.graph.vertex;
 
+import com.salesforce.apex.jorje.ASTConstants;
+import java.util.List;
 import java.util.Map;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 
+/** Represents a vertex that can perform DML through Apex. */
 public abstract class DmlStatementVertex extends BaseSFVertex {
+    protected static final Logger LOGGER = LogManager.getLogger(DmlStatementVertex.class);
+
+    private static final String ACCESS_LEVEL_REFERENCE = "AccessLevel";
+
+    private enum AccessLevel {
+        USER_MODE,
+        SYSTEM_MODE
+    }
+
+    private final AccessLevel accessLevel;
+
     DmlStatementVertex(Map<Object, Object> properties) {
         super(properties);
+        accessLevel = calculateAccessLevel(this);
+    }
+
+    private static AccessLevel calculateAccessLevel(DmlStatementVertex vertex) {
+        // Default to System mode to begin with.
+        AccessLevel accessLevel = AccessLevel.SYSTEM_MODE;
+
+        // If AccessLevel is included in the syntax, it's usually the last child. It shows up in the
+        // form of a VariableExpression with a ReferenceExpression child.
+
+        // spotless:off
+        // Example:
+        //<DmlUpdateStatement BeginColumn="9" BeginLine="6" DefiningType="MyClass" DefiningType_CaseSafe="myclass" EndLine="6" EndScopes="[BlockStatement]" FirstChild="false" LastChild="true" childIdx="2">
+        //  <VariableExpression BeginColumn="24" BeginLine="6" DefiningType="MyClass" DefiningType_CaseSafe="myclass" EndLine="6" FirstChild="true" LastChild="false" Name="a" Name_CaseSafe="a" childIdx="0">
+        //    <EmptyReferenceExpression BeginColumn="24" BeginLine="6" DefiningType="MyClass" DefiningType_CaseSafe="myclass" EndLine="6" FirstChild="true" LastChild="true" childIdx="0"/>
+        //  </VariableExpression>
+        //  <VariableExpression BeginColumn="30" BeginLine="-1" DefiningType="MyClass" DefiningType_CaseSafe="myclass" EndLine="-1" FirstChild="false" LastChild="true" Name="USER_MODE" Name_CaseSafe="user_mode" childIdx="1">
+        //    <ReferenceExpression BeginColumn="19" BeginLine="6" DefiningType="MyClass" DefiningType_CaseSafe="myclass" EndLine="6" FirstChild="true" LastChild="true" Name="AccessLevel" Name_CaseSafe="accesslevel" Names="[AccessLevel]" ReferenceType="LOAD" childIdx="0"/>
+        //  </VariableExpression>
+        //</DmlUpdateStatement>
+
+        // spotless:on
+
+        final List<VariableExpressionVertex> children =
+                vertex.getChildren(ASTConstants.NodeType.VARIABLE_EXPRESSION);
+        if (children.size() > 0) {
+            final VariableExpressionVertex lastChild = children.get(children.size() - 1);
+            ReferenceExpressionVertex referenceExpression =
+                    lastChild.getOnlyChildOrNull(ASTConstants.NodeType.REFERENCE_EXPRESSION);
+            if (referenceExpression != null) {
+                if (ACCESS_LEVEL_REFERENCE.equalsIgnoreCase(referenceExpression.getName())) {
+                    // lastChild's name holds AccessLevel value
+                    final String accessLevelValueString = lastChild.getName();
+                    final AccessLevel accessLevelValue =
+                            AccessLevel.valueOf(accessLevelValueString);
+                    if (accessLevelValue != null) {
+                        accessLevel = accessLevelValue;
+                    } else {
+                        if (LOGGER.isInfoEnabled()) {
+                            LOGGER.info(
+                                    "AccessLevel is unknown. accessLevelValueString="
+                                            + accessLevelValueString);
+                        }
+                    }
+                } else {
+                    if (LOGGER.isInfoEnabled()) {
+                        LOGGER.info(
+                                "Unknown ReferenceExpression name. referenceExpression="
+                                        + referenceExpression);
+                    }
+                }
+            }
+        }
+        return accessLevel;
+    }
+
+    /**
+     * @return true if the DML statement has System access level.
+     */
+    public boolean isSystemMode() {
+        return accessLevel == AccessLevel.SYSTEM_MODE;
     }
 }

sfge/src/main/java/com/salesforce/graph/vertex/DmlStatementVertex.java

@@ -36,6 +36,11 @@ public boolean visit(CatchBlockStatementVertex vertex, SymbolProvider symbols) {
         return DefaultNoOpScopeVisitor.shouldVisitChildren(vertex);
     }
 
+    @Override
+    public boolean visit(DoLoopStatementVertex vertex, SymbolProvider symbols) {
+        return DefaultNoOpScopeVisitor.shouldVisitChildren(vertex);
+    }
+
     @Override
     public boolean visit(DmlDeleteStatementVertex vertex, SymbolProvider symbols) {
         return DefaultNoOpScopeVisitor.shouldVisitChildren(vertex);
@@ -241,6 +246,11 @@ public boolean visit(VariableExpressionVertex.Single vertex, SymbolProvider symb
         return DefaultNoOpScopeVisitor.shouldVisitChildren(vertex);
     }
 
+    @Override
+    public boolean visit(WhileLoopStatementVertex vertex, SymbolProvider symbols) {
+        return DefaultNoOpScopeVisitor.shouldVisitChildren(vertex);
+    }
+
     @Override
     public void afterVisit(BaseSFVertex vertex, SymbolProvider symbols) {}
 

sfge/src/main/java/com/salesforce/graph/visitor/DefaultNoOpPathVertexVisitor.java

@@ -23,6 +23,8 @@ void recursionDetected(
 
     boolean visit(CatchBlockStatementVertex vertex, SymbolProvider symbols);
 
+    boolean visit(DoLoopStatementVertex vertex, SymbolProvider symbols);
+
     boolean visit(DmlDeleteStatementVertex vertex, SymbolProvider symbols);
 
     boolean visit(DmlInsertStatementVertex vertex, SymbolProvider symbols);
@@ -105,6 +107,8 @@ void recursionDetected(
 
     boolean visit(VariableExpressionVertex.Single vertex, SymbolProvider symbols);
 
+    boolean visit(WhileLoopStatementVertex vertex, SymbolProvider symbols);
+
     void afterVisit(BaseSFVertex vertex, SymbolProvider symbols);
 
     void afterVisit(DoLoopStatementVertex vertex, SymbolProvider symbols);

sfge/src/main/java/com/salesforce/graph/visitor/PathVertexVisitor.java

@@ -58,7 +58,7 @@ protected String getCategory() {
 
     @Override
     protected boolean isEnabled() {
-        return false;
+        return true;
     }
 
     public static MultipleMassSchemaLookupRule getInstance() {

sfge/src/main/java/com/salesforce/rules/MultipleMassSchemaLookupRule.java

@@ -91,7 +91,9 @@ protected boolean shouldCollectInfo(BaseSFVertex vertex) {
     }
 
     protected void afterVisitDmlStatementVertex(DmlStatementVertex vertex, SymbolProvider symbols) {
-        if (shouldCollectInfo(vertex)) {
+        // If the DML statement is in User mode, the operation is already considered safe.
+        // Continue only if the statement is in System mode.
+        if (vertex.isSystemMode() && shouldCollectInfo(vertex)) {
             validationCentral.createExpectedValidations(vertex, symbols);
             validationCentral.tallyValidations(vertex);
         }

sfge/src/main/java/com/salesforce/rules/fls/apex/AbstractFlsVisitor.java

@@ -142,10 +142,6 @@ public void createExpectedValidations(DmlStatementVertex vertex, SymbolProvider
         }
 
         final List<BaseSFVertex> dmlStatementVertexChildren = vertex.getChildren();
-        if (dmlStatementVertexChildren.size() != validationType.parameterCount) {
-            throw new UnexpectedException(
-                    "Unexpected count of parameters: " + dmlStatementVertexChildren.size());
-        }
 
         // Create expected validations based on the first parameter.
         // Even though MERGE operation takes two parameters, both of them need to be of the same
@@ -166,7 +162,6 @@ public void createExpectedValidations(DmlStatementVertex vertex, SymbolProvider
                 if (LOGGER.isWarnEnabled()) {
                     LOGGER.warn(
                             "TODO: Apex value not detected for dml's child vertex: " + childVertex);
-                    // TODO: add telemetry
                 }
                 violations.add(
                         FlsViolationCreatorUtil.createUnresolvedCrudFlsViolation(
@@ -175,7 +170,6 @@ public void createExpectedValidations(DmlStatementVertex vertex, SymbolProvider
         } else {
             if (LOGGER.isWarnEnabled()) {
                 LOGGER.warn("TODO: Child vertex of DML is not a chained vertex: " + childVertex);
-                // TODO: add telemetry
             }
             violations.add(
                     FlsViolationCreatorUtil.createUnresolvedCrudFlsViolation(

sfge/src/main/java/com/salesforce/rules/fls/apex/operations/FlsValidationCentral.java

@@ -1,15 +1,15 @@
 package com.salesforce.rules.multiplemassschemalookup;
 
 import com.salesforce.graph.symbols.SymbolProvider;
-import com.salesforce.graph.vertex.BaseSFVertex;
-import com.salesforce.graph.vertex.MethodCallExpressionVertex;
-import com.salesforce.graph.vertex.SFVertex;
-import com.salesforce.rules.ops.LoopDetectionVisitor;
+import com.salesforce.graph.vertex.*;
+import com.salesforce.rules.ops.visitor.LoopDetectionVisitor;
 import java.util.HashSet;
+import java.util.Optional;
 import java.util.Set;
 
 /**
- * Visitor detects when more than one invocation of Schema.getGlobalDescribe() is made in a path.
+ * Visitor detects when more than one invocation of Schema.getGlobalDescribe() or
+ * Schema.describeSObjects is made in a path.
  */
 class MultipleMassSchemaLookupVisitor extends LoopDetectionVisitor {
     /** Represents the path entry point that this visitor is walking */
@@ -30,13 +30,8 @@ class MultipleMassSchemaLookupVisitor extends LoopDetectionVisitor {
         this.violations = new HashSet<>();
     }
 
-    @Override
-    protected void execAfterLoopVertexVisit(BaseSFVertex vertex, SymbolProvider symbols) {
-        if (shouldContinue()) {
-            violations.add(
-                    new MultipleMassSchemaLookupInfo(
-                            sourceVertex, sinkVertex, RuleConstants.RepetitionType.LOOP, vertex));
-        }
+    public boolean visit(BlockStatementVertex vertex, SymbolProvider symbols) {
+        return true;
     }
 
     @Override
@@ -46,16 +41,49 @@ public void afterVisit(MethodCallExpressionVertex vertex, SymbolProvider symbols
             // look for anymore loops or additional calls.
             // TODO: A more performant approach would be to stop walking path from this point
             isSinkVisited = true;
+            checkIfInsideLoop(vertex, symbols);
         } else if (RuleConstants.isSchemaExpensiveMethod(vertex) && shouldContinue()) {
-            violations.add(
-                    new MultipleMassSchemaLookupInfo(
-                            sourceVertex,
-                            sinkVertex,
-                            RuleConstants.RepetitionType.MULTIPLE,
-                            vertex));
+            createViolation(RuleConstants.RepetitionType.MULTIPLE, vertex);
+        }
+
+        // Perform super method's logic as well to remove exclusion boundary if needed.
+        super.afterVisit(vertex, symbols);
+    }
+
+    private void checkIfInsideLoop(MethodCallExpressionVertex vertex, SymbolProvider symbols) {
+        final Optional<? extends SFVertex> loopedVertexOpt = isInsideLoop();
+        if (loopedVertexOpt.isPresent()) {
+            // Method has been invoked inside a loop. Create a violation.
+            createViolation(RuleConstants.RepetitionType.LOOP, loopedVertexOpt.get());
         }
     }
 
+    private void createViolation(RuleConstants.RepetitionType type, SFVertex repetitionVertex) {
+        violations.add(
+                new MultipleMassSchemaLookupInfo(sourceVertex, sinkVertex, type, repetitionVertex));
+    }
+
+    /**
+     * Identifies cases where even if the call is within a loop, this action wouldn't be called
+     * multiple times.
+     *
+     * @param vertex Method call to examine
+     * @param symbols
+     * @return true if the method call would be called only once even if it's in a loop.
+     */
+    private boolean isLoopOutlier(MethodCallExpressionVertex vertex, SymbolProvider symbols) {
+        // If method call is in the ForEach value stream, consider the call an outlier.
+        // For example, getValues() method would get invoked only once:
+        // for (String s : getValues()) {...}
+        // In this case, the method's immediate parent is the ForEachStatementVertex
+        final BaseSFVertex parent = vertex.getParent();
+        if (parent instanceof ForEachStatementVertex) {
+            return true;
+        }
+
+        return false;
+    }
+
     /**
      * Decides whether the rule should continue collecting violations
      *

sfge/src/main/java/com/salesforce/rules/multiplemassschemalookup/MultipleMassSchemaLookupVisitor.java

@@ -35,7 +35,7 @@ public enum RepetitionType {
         }
 
         public String getMessage(String... params) {
-            return String.format(messageTemplate, params);
+            return String.format(messageTemplate, (Object[]) params);
         }
     }
 }