Package org.sonar.python.checks.cdk
Class AbstractIamPolicyStatementCheck
- java.lang.Object
-
- org.sonar.plugins.python.api.PythonSubscriptionCheck
-
- org.sonar.python.checks.cdk.AbstractCdkResourceCheck
-
- org.sonar.python.checks.cdk.AbstractIamPolicyStatementCheck
-
- All Implemented Interfaces:
PythonCheck,SubscriptionCheck
- Direct Known Subclasses:
IamPolicyPublicAccessCheck,IamPrivilegeEscalationCheck,PrivilegePolicyCheck,ResourceAccessPolicyCheck
public abstract class AbstractIamPolicyStatementCheck extends AbstractCdkResourceCheck
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.sonar.plugins.python.api.PythonCheck
PythonCheck.CheckScope, PythonCheck.PreciseIssue
-
Nested classes/interfaces inherited from interface org.sonar.plugins.python.api.SubscriptionCheck
SubscriptionCheck.Context
-
-
Constructor Summary
Constructors Constructor Description AbstractIamPolicyStatementCheck()
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected abstract voidcheckAllowingPolicyStatement(PolicyStatement policyStatement)protected voidcheckPolicyStatement(PolicyStatement policyStatement)protected voidcheckPolicyStatementFromJson(PolicyStatement policyStatementFormJson)protected static Optional<DictionaryLiteral>getDictionaryFromJson(SubscriptionContext ctx, CallExpression call)protected static List<DictionaryLiteral>getPolicyStatements(SubscriptionContext ctx, DictionaryLiteral json)Return a list of PolicyStatement json representation from a PolicyDocument.from_json callprotected static org.sonar.python.checks.cdk.CdkUtils.ExpressionFlowgetSensitiveExpression(org.sonar.python.checks.cdk.CdkUtils.ExpressionFlow expression, Predicate<Expression> predicate)protected static booleanhasAllowEffect(org.sonar.python.checks.cdk.CdkUtils.ExpressionFlow effect)protected voidregisterFqnConsumer()-
Methods inherited from class org.sonar.python.checks.cdk.AbstractCdkResourceCheck
checkFqn, checkFqns, initialize, visitNode
-
Methods inherited from class org.sonar.plugins.python.api.PythonSubscriptionCheck
leaveFile, scanFile
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.sonar.plugins.python.api.PythonCheck
scanWithoutParsing, scope
-
-
-
-
Method Detail
-
registerFqnConsumer
protected void registerFqnConsumer()
- Specified by:
registerFqnConsumerin classAbstractCdkResourceCheck
-
checkPolicyStatement
protected void checkPolicyStatement(PolicyStatement policyStatement)
-
checkPolicyStatementFromJson
protected void checkPolicyStatementFromJson(PolicyStatement policyStatementFormJson)
-
hasAllowEffect
protected static boolean hasAllowEffect(@Nullable org.sonar.python.checks.cdk.CdkUtils.ExpressionFlow effect)
-
checkAllowingPolicyStatement
protected abstract void checkAllowingPolicyStatement(PolicyStatement policyStatement)
-
getDictionaryFromJson
protected static Optional<DictionaryLiteral> getDictionaryFromJson(SubscriptionContext ctx, CallExpression call)
-
getPolicyStatements
protected static List<DictionaryLiteral> getPolicyStatements(SubscriptionContext ctx, DictionaryLiteral json)
Return a list of PolicyStatement json representation from a PolicyDocument.from_json call
-
getSensitiveExpression
protected static org.sonar.python.checks.cdk.CdkUtils.ExpressionFlow getSensitiveExpression(org.sonar.python.checks.cdk.CdkUtils.ExpressionFlow expression, Predicate<Expression> predicate)
-
-