Add tests for JAX-RS

Author: owen-mc

java/ql/test/library-tests/frameworks/JaxWs/JaxRs.expected

@@ -0,0 +1,147 @@
+import java
+import semmle.code.java.frameworks.JaxWS
+import TestUtilities.InlineExpectationsTest
+
+class JaxRsTest extends InlineExpectationsTest {
+  JaxRsTest() { this = "JaxRsTest" }
+
+  override string getARelevantTag() {
+    result =
+      [
+        "ResourceMethod", "RootResourceClass", "NonRootResourceClass",
+        "ResourceMethodOnResourceClass", "InjectableConstructor", "InjectableField",
+        "InjectionAnnotation", "ResponseDeclaration", "ResponseBuilderDeclaration",
+        "ClientDeclaration", "BeanParamConstructor", "MessageBodyReaderDeclaration",
+        "MessageBodyReaderReadFromCall", "MessageBodyReaderReadCall", "ProducesAnnotation",
+        "ConsumesAnnotation"
+      ]
+  }
+
+  override predicate hasActualResult(Location location, string element, string tag, string value) {
+    tag = "ResourceMethod" and
+    exists(JaxRsResourceMethod resourceMethod |
+      resourceMethod.getLocation() = location and
+      element = resourceMethod.toString() and
+      if exists(resourceMethod.getProducesAnnotation())
+      then value = resourceMethod.getProducesAnnotation().getADeclaredContentType()
+      else value = ""
+    )
+    or
+    tag = "RootResourceClass" and
+    exists(JaxRsResourceClass resourceClass |
+      resourceClass.isRootResource() and
+      resourceClass.getLocation() = location and
+      element = resourceClass.toString() and
+      value = ""
+    )
+    or
+    tag = "NonRootResourceClass" and
+    exists(JaxRsResourceClass resourceClass |
+      not resourceClass.isRootResource() and
+      resourceClass.getLocation() = location and
+      element = resourceClass.toString() and
+      value = ""
+    )
+    or
+    tag = "ResourceMethodOnResourceClass" and
+    exists(JaxRsResourceMethod resourceMethod |
+      resourceMethod = any(JaxRsResourceClass ResourceClass).getAResourceMethod()
+    |
+      resourceMethod.getLocation() = location and
+      element = resourceMethod.toString() and
+      value = ""
+    )
+    or
+    tag = "InjectableConstructor" and
+    exists(Constructor cons |
+      cons = any(JaxRsResourceClass resourceClass).getAnInjectableConstructor()
+    |
+      cons.getLocation() = location and
+      element = cons.toString() and
+      value = ""
+    )
+    or
+    tag = "InjectableField" and
+    exists(Field field | field = any(JaxRsResourceClass resourceClass).getAnInjectableField() |
+      field.getLocation() = location and
+      element = field.toString() and
+      value = ""
+    )
+    or
+    tag = "InjectionAnnotation" and
+    exists(JaxRsInjectionAnnotation injectionAnnotation |
+      injectionAnnotation.getLocation() = location and
+      element = injectionAnnotation.toString() and
+      value = ""
+    )
+    or
+    tag = "ResponseDeclaration" and
+    exists(LocalVariableDecl decl |
+      decl.getType() instanceof JaxRsResponse and
+      decl.getLocation() = location and
+      element = decl.toString() and
+      value = ""
+    )
+    or
+    tag = "ResponseBuilderDeclaration" and
+    exists(LocalVariableDecl decl |
+      decl.getType() instanceof JaxRsResponseBuilder and
+      decl.getLocation() = location and
+      element = decl.toString() and
+      value = ""
+    )
+    or
+    tag = "ClientDeclaration" and
+    exists(LocalVariableDecl decl |
+      decl.getType() instanceof JaxRsClient and
+      decl.getLocation() = location and
+      element = decl.toString() and
+      value = ""
+    )
+    or
+    tag = "BeanParamConstructor" and
+    exists(JaxRsBeanParamConstructor cons |
+      cons.getLocation() = location and
+      element = cons.toString() and
+      value = ""
+    )
+    or
+    tag = "MessageBodyReaderDeclaration" and
+    exists(LocalVariableDecl decl |
+      decl.getType().(RefType).getSourceDeclaration() instanceof MessageBodyReader and
+      decl.getLocation() = location and
+      element = decl.toString() and
+      value = ""
+    )
+    or
+    tag = "MessageBodyReaderReadFromCall" and
+    exists(MethodAccess ma |
+      ma.getMethod() instanceof MessageBodyReaderReadFrom and
+      ma.getLocation() = location and
+      element = ma.toString() and
+      value = ""
+    )
+    or
+    tag = "MessageBodyReaderReadCall" and
+    exists(MethodAccess ma |
+      ma.getMethod() instanceof MessageBodyReaderRead and
+      ma.getLocation() = location and
+      element = ma.toString() and
+      value = ""
+    )
+    or
+    tag = "ProducesAnnotation" and
+    exists(JaxRSProducesAnnotation producesAnnotation |
+      producesAnnotation.getLocation() = location and
+      element = producesAnnotation.toString() and
+      value = producesAnnotation.getADeclaredContentType()
+    )
+    or
+    tag = "ConsumesAnnotation" and
+    exists(JaxRSConsumesAnnotation consumesAnnotation |
+      consumesAnnotation.getLocation() = location and
+      element = consumesAnnotation.toString() and
+      value = ""
+    )
+  }
+}

java/ql/test/library-tests/frameworks/JaxWs/JaxRs.ql

@@ -0,0 +1,173 @@
+import java.io.InputStream;
+import java.io.IOException;
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Type;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.DELETE;
+import javax.ws.rs.PUT;
+import javax.ws.rs.OPTIONS;
+import javax.ws.rs.HEAD;
+import javax.ws.rs.Path;
+import javax.ws.rs.BeanParam;
+import javax.ws.rs.CookieParam;
+import javax.ws.rs.FormParam;
+import javax.ws.rs.HeaderParam;
+import javax.ws.rs.MatrixParam;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.client.Client;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.MessageBodyReader;
+
+@Path("")
+public class JaxRs1 { // $RootResourceClass
+  public JaxRs1() { // $InjectableConstructor
+  }
+
+  @GET
+  void Get() { // $ResourceMethod $ResourceMethodOnResourceClass
+  }
+
+  @POST
+  void Post() { // $ResourceMethod $ResourceMethodOnResourceClass
+  }
+
+  @Produces("text/plain") // $ProducesAnnotation=text/plain
+  @DELETE
+  void Delete() { // $ResourceMethod=text/plain $ResourceMethodOnResourceClass
+  }
+
+  @Produces(MediaType.TEXT_HTML) // $ProducesAnnotation=text/html
+  @PUT
+  void Put() { // $ResourceMethod=text/html $ResourceMethodOnResourceClass
+  }
+
+  @OPTIONS
+  void Options() { // $ResourceMethod $ResourceMethodOnResourceClass
+  }
+
+  @HEAD
+  void Head() { // $ResourceMethod $ResourceMethodOnResourceClass
+  }
+
+  @Path("")
+  NonRootResourceClass subResourceLocator() { // $SubResourceLocator
+    return null;
+  }
+}
+
+class NonRootResourceClass { // $NonRootResourceClass
+  @Path("")
+  AnotherNonRootResourceClass subResourceLocator1() { // $SubResourceLocator
+    return null;
+  }
+
+  @GET
+  @Path("")
+  NotAResourceClass1 NotASubResourceLocator1() { // $ResourceMethod
+    return null;
+  }
+
+  @GET
+  NotAResourceClass2 NotASubResourceLocator2() { // $ResourceMethod
+    return null;
+  }
+
+  NotAResourceClass2 NotASubResourceLocator3() {
+    return null;
+  }
+}
+
+class AnotherNonRootResourceClass { // $NonRootResourceClass
+  public AnotherNonRootResourceClass() {
+  }
+
+  public AnotherNonRootResourceClass(@BeanParam int beanParam, @CookieParam("") int cookieParam, @FormParam("") int formParam, // $InjectionAnnotation
+      @HeaderParam("") int headerParam, @MatrixParam("") int matrixParam, @PathParam("") int pathParam, @QueryParam("") int queryParam, // $InjectionAnnotation
+      @Context int context) { // $InjectionAnnotation
+  }
+
+  @Path("")
+  public void resourceMethodWithBeanParamParameter(@BeanParam Foo foo) { // $SubResourceLocator $InjectionAnnotation
+  }
+}
+
+class Foo {
+  Foo() { // $BeanParamConstructor
+  }
+
+  public Foo(@BeanParam int beanParam, @CookieParam("") int cookieParam, @FormParam("") int formParam, // $InjectionAnnotation $BeanParamConstructor
+      @HeaderParam("") int headerParam, @MatrixParam("") int matrixParam, @PathParam("") int pathParam, @QueryParam("") int queryParam, // $InjectionAnnotation
+      @Context int context) { // $InjectionAnnotation
+  }
+
+  public Foo(@BeanParam int beanParam, @CookieParam("") int cookieParam, @FormParam("") int formParam, // $InjectionAnnotation
+      @HeaderParam("") int headerParam, @MatrixParam("") int matrixParam, @PathParam("") int pathParam, @QueryParam("") int queryParam, // $InjectionAnnotation
+      @Context int context, int paramWithoutAnnotation) { // $InjectionAnnotation
+  }
+}
+
+class NotAResourceClass1 {
+}
+
+class NotAResourceClass2 {
+}
+
+class ExtendsJaxRs1 extends JaxRs1 {
+  @Override
+  void Get() { // $ResourceMethod
+  }
+  
+  @Override
+  @QueryParam("") // $InjectionAnnotation
+  void Post() {
+  }
+
+  @Override
+  void Delete() { // $ResourceMethod=text/plain
+  }
+
+  @Override
+  void Put() { // $ResourceMethod=text/html
+  }
+
+  @Produces("application/json") // $ProducesAnnotation=application/json
+  @Override
+  void Options() {
+  }
+
+  @Produces(MediaType.TEXT_XML) // $ProducesAnnotation=text/xml
+  @Override
+  void Head() {
+  }
+
+}
+
+@Produces(MediaType.TEXT_XML) // $ProducesAnnotation=text/xml
+class ExtendsJaxRs1WithProducesAnnotation extends JaxRs1 {
+  @Override
+  void Get() { // $ResourceMethod=text/xml
+  }
+  
+  @Override
+  @QueryParam("") // $InjectionAnnotation
+  void Post() {
+  }
+
+  @Override
+  void Delete() { // $ResourceMethod=text/plain
+  }
+
+  @Override
+  void Put() { // $ResourceMethod=text/html
+  }
+
+  @Override
+  void Options() { // $ResourceMethod=text/xml
+  }
+}