From 4975e3b2bfbe32632a43c41e75e2ed28f8eca613 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=A9rald=20Barr=C3=A9?= Date: Mon, 11 Nov 2024 20:41:01 -0500 Subject: [PATCH] Detect DataClassificationAttribute on containing type --- .../Rules/DoNotLogClassifiedDataAnalyzer.cs | 12 +++---- .../DoNotLogClassifiedDataAnalyzerTests.cs | 31 ++++++++++++++++++- 2 files changed, 36 insertions(+), 7 deletions(-) diff --git a/src/Meziantou.Analyzer/Rules/DoNotLogClassifiedDataAnalyzer.cs b/src/Meziantou.Analyzer/Rules/DoNotLogClassifiedDataAnalyzer.cs index 637bb301f..bcd5c35d9 100644 --- a/src/Meziantou.Analyzer/Rules/DoNotLogClassifiedDataAnalyzer.cs +++ b/src/Meziantou.Analyzer/Rules/DoNotLogClassifiedDataAnalyzer.cs @@ -98,23 +98,23 @@ private void ValidateDataClassification(DiagnosticReporter diagnosticReporter, I static void ValidateDataClassification(DiagnosticReporter diagnosticReporter, IOperation operation, IOperation reportOperation, INamedTypeSymbol dataClassificationAttributeSymbol) { operation = operation.UnwrapConversionOperations(); - if (operation is IParameterReferenceOperation parameterReferenceOperation) + if (operation is IParameterReferenceOperation { Parameter: var parameter }) { - if (parameterReferenceOperation.Parameter.HasAttribute(dataClassificationAttributeSymbol, inherits: true)) + if (parameter.HasAttribute(dataClassificationAttributeSymbol, inherits: true) || parameter.Type.HasAttribute(dataClassificationAttributeSymbol, inherits: true)) { diagnosticReporter.ReportDiagnostic(Rule, reportOperation); } } - else if (operation is IPropertyReferenceOperation propertyReferenceOperation) + else if (operation is IPropertyReferenceOperation { Property: var property }) { - if (propertyReferenceOperation.Property.HasAttribute(dataClassificationAttributeSymbol, inherits: true)) + if (property.HasAttribute(dataClassificationAttributeSymbol, inherits: true) || property.ContainingType.HasAttribute(dataClassificationAttributeSymbol, inherits: true)) { diagnosticReporter.ReportDiagnostic(Rule, reportOperation); } } - else if (operation is IFieldReferenceOperation fieldReferenceOperation) + else if (operation is IFieldReferenceOperation { Field: var field }) { - if (fieldReferenceOperation.Field.HasAttribute(dataClassificationAttributeSymbol, inherits: true)) + if (field.HasAttribute(dataClassificationAttributeSymbol, inherits: true) || field.ContainingType.HasAttribute(dataClassificationAttributeSymbol, inherits: true)) { diagnosticReporter.ReportDiagnostic(Rule, reportOperation); } diff --git a/tests/Meziantou.Analyzer.Test/Rules/DoNotLogClassifiedDataAnalyzerTests.cs b/tests/Meziantou.Analyzer.Test/Rules/DoNotLogClassifiedDataAnalyzerTests.cs index 48c704019..7b54fca2e 100755 --- a/tests/Meziantou.Analyzer.Test/Rules/DoNotLogClassifiedDataAnalyzerTests.cs +++ b/tests/Meziantou.Analyzer.Test/Rules/DoNotLogClassifiedDataAnalyzerTests.cs @@ -143,7 +143,36 @@ await CreateProjectBuilder() } [Fact] - public async Task Logger_BeginScope_DataClassification_Parameter() + public async Task Logger_LogInformation_DataClassification_Parameter_AttributeOnType() + { + const string SourceCode = """ +using Microsoft.Extensions.Logging; + +ILogger logger = null; + +void A([TaxonomyAttribute]int param) +{ + logger.LogInformation("{Prop}", [|param|]); +} + +[TaxonomyAttribute()] +class Dummy +{ + public string Prop; +} + +class TaxonomyAttribute : Microsoft.Extensions.Compliance.Classification.DataClassificationAttribute +{ + public TaxonomyAttribute() : base(Microsoft.Extensions.Compliance.Classification.DataClassification.Unknown) { } +} +"""; + await CreateProjectBuilder() + .WithSourceCode(SourceCode) + .ValidateAsync(); + } + + [Fact] + public async Task Logger_BeginScope_DataClassification_Property() { const string SourceCode = """ using Microsoft.Extensions.Logging;