Skip to content

Commit 8064e8f

Browse files
Jami CogswellJami Cogswell
Jami Cogswell
authored and
Jami Cogswell
committed
Java: convert tests to inline expectations
1 parent 5e5bc2a commit 8064e8f

File tree

7 files changed

+29
-17
lines changed

7 files changed

+29
-17
lines changed

java/ql/src/Security/CWE/CWE-016/SpringBootActuators.qll renamed to java/ql/lib/semmle/code/java/security/SpringBootActuatorsQuery.qll

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
/** Provides classes and predicates to reason about exposed actuators in Spring Boot. */
2+
13
import java
24

35
/** The class `org.springframework.security.config.annotation.web.builders.HttpSecurity`. */

java/ql/src/Security/CWE/CWE-016/SpringBootActuators.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
*/
1313

1414
import java
15-
import SpringBootActuators
15+
import semmle.code.java.security.SpringBootActuatorsQuery
1616

1717
from PermitAllCall permitAllCall
1818
where permitAllCall.permitsSpringBootActuators()

java/ql/test/query-tests/security/CWE-016/SpringBootActuators.expected

Lines changed: 0 additions & 7 deletions
This file was deleted.

java/ql/test/query-tests/security/CWE-016/SpringBootActuators.qlref

Lines changed: 0 additions & 1 deletion
This file was deleted.

java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.expected

Whitespace-only changes.

java/ql/test/query-tests/security/CWE-016/SpringBootActuators.java renamed to java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.java

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,33 +1,33 @@
11
import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
22
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
33

4-
public class SpringBootActuators {
4+
public class SpringBootActuatorsTest {
55
protected void configure(HttpSecurity http) throws Exception {
6-
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests(requests -> requests.anyRequest().permitAll());
6+
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests(requests -> requests.anyRequest().permitAll()); // $ hasExposedSpringBootActuator
77
}
88

99
protected void configure2(HttpSecurity http) throws Exception {
10-
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll();
10+
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll(); // $ hasExposedSpringBootActuator
1111
}
1212

1313
protected void configure3(HttpSecurity http) throws Exception {
14-
http.requestMatchers(matcher -> EndpointRequest.toAnyEndpoint()).authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll();
14+
http.requestMatchers(matcher -> EndpointRequest.toAnyEndpoint()).authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll(); // $ hasExposedSpringBootActuator
1515
}
1616

1717
protected void configure4(HttpSecurity http) throws Exception {
18-
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests().anyRequest().permitAll();
18+
http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests().anyRequest().permitAll(); // $ hasExposedSpringBootActuator
1919
}
2020

2121
protected void configure5(HttpSecurity http) throws Exception {
22-
http.authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll();
22+
http.authorizeRequests().requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll(); // $ hasExposedSpringBootActuator
2323
}
2424

2525
protected void configure6(HttpSecurity http) throws Exception {
26-
http.authorizeRequests(requests -> requests.requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll());
26+
http.authorizeRequests(requests -> requests.requestMatchers(EndpointRequest.toAnyEndpoint()).permitAll()); // $ hasExposedSpringBootActuator
2727
}
2828

2929
protected void configure7(HttpSecurity http) throws Exception {
30-
http.requestMatchers(matcher -> EndpointRequest.toAnyEndpoint()).authorizeRequests().anyRequest().permitAll();
30+
http.requestMatchers(matcher -> EndpointRequest.toAnyEndpoint()).authorizeRequests().anyRequest().permitAll(); // $ hasExposedSpringBootActuator
3131
}
3232

3333
protected void configureOk1(HttpSecurity http) throws Exception {

java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.ql

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
import java
2+
import semmle.code.java.security.SpringBootActuatorsQuery
3+
import utils.test.InlineExpectationsTest
4+
5+
module SpringBootActuatorsTest implements TestSig {
6+
string getARelevantTag() { result = "hasExposedSpringBootActuator" }
7+
8+
predicate hasActualResult(Location location, string element, string tag, string value) {
9+
tag = "hasExposedSpringBootActuator" and
10+
exists(PermitAllCall permitAllCall | permitAllCall.permitsSpringBootActuators() |
11+
permitAllCall.getLocation() = location and
12+
element = permitAllCall.toString() and
13+
value = ""
14+
)
15+
}
16+
}
17+
18+
import MakeTest<SpringBootActuatorsTest>

0 commit comments

Comments
 (0)