integrate code checker in the installer

This commit is contained in:
Thomas Müller 2015-01-30 17:31:51 +01:00
parent d74662df7d
commit 9ecb36e81f
3 changed files with 27 additions and 54 deletions

View file

@ -29,6 +29,12 @@ class CodeChecker extends BasicEmitter {
const CLASS_CONST_FETCH_NOT_ALLOWED = 1003;
const CLASS_NEW_FETCH_NOT_ALLOWED = 1004;
/** @var Parser */
private $parser;
/** @var string[] */
private $blackListedClassNames;
public function __construct() {
$this->parser = new Parser(new Lexer);
$this->blackListedClassNames = [
@ -67,14 +73,22 @@ class CodeChecker extends BasicEmitter {
throw new \RuntimeException("No app with given id <$appId> known.");
}
return $this->analyseFolder($appPath);
}
/**
* @param string $folder
* @return array
*/
public function analyseFolder($folder) {
$errors = [];
$excludes = array_map(function($item) use ($appPath) {
return $appPath . '/' . $item;
$excludes = array_map(function($item) use ($folder) {
return $folder . '/' . $item;
}, ['vendor', '3rdparty', '.git', 'l10n']);
$iterator = new RecursiveDirectoryIterator($appPath, RecursiveDirectoryIterator::SKIP_DOTS);
$iterator = new RecursiveCallbackFilterIterator($iterator, function($item) use ($appPath, $excludes){
$iterator = new RecursiveDirectoryIterator($folder, RecursiveDirectoryIterator::SKIP_DOTS);
$iterator = new RecursiveCallbackFilterIterator($iterator, function($item) use ($folder, $excludes){
/** @var SplFileInfo $item */
foreach($excludes as $exclude) {
if (substr($item->getPath(), 0, strlen($exclude)) === $exclude) {
@ -96,6 +110,7 @@ class CodeChecker extends BasicEmitter {
return $errors;
}
/**
* @param string $file
* @return array

View file

@ -308,7 +308,7 @@ class OC_Installer{
}
$info=OC_App::getAppInfo($extractDir.'/appinfo/info.xml', true);
// check the code for not allowed calls
if(!$isShipped && !OC_Installer::checkCode($info['id'], $extractDir)) {
if(!$isShipped && !OC_Installer::checkCode($extractDir)) {
OC_Helper::rmdirr($extractDir);
throw new \Exception($l->t("App can't be installed because of not allowed code in the App"));
}
@ -529,58 +529,16 @@ class OC_Installer{
* @param string $folder the folder of the app to check
* @return boolean true for app is o.k. and false for app is not o.k.
*/
public static function checkCode($appname, $folder) {
$blacklist=array(
// classes replaced by the public api
'OC_API::',
'OC_App::',
'OC_AppConfig::',
'OC_Avatar',
'OC_BackgroundJob::',
'OC_Config::',
'OC_DB::',
'OC_Files::',
'OC_Helper::',
'OC_Hook::',
'OC_Image::',
'OC_JSON::',
'OC_L10N::',
'OC_Log::',
'OC_Mail::',
'OC_Request::',
'OC_Response::',
'OC_Template::',
'OC_User::',
'OC_Util::',
);
public static function checkCode($folder) {
// is the code checker enabled?
if(OC_Config::getValue('appcodechecker', false)) {
// check if grep is installed
$grep = \OC_Helper::findBinaryPath('grep');
if (!$grep) {
OC_Log::write('core',
'grep not installed. So checking the code of the app "'.$appname.'" was not possible',
OC_Log::ERROR);
return true;
}
// iterate the bad patterns
foreach($blacklist as $bl) {
$cmd = 'grep --include \\*.php -ri '.escapeshellarg($bl).' '.$folder.'';
$result = exec($cmd);
// bad pattern found
if($result<>'') {
OC_Log::write('core',
'App "'.$appname.'" is using a not allowed call "'.$bl.'". Installation refused.',
OC_Log::ERROR);
return false;
}
}
return true;
}else{
if(!OC_Config::getValue('appcodechecker', false)) {
return true;
}
$codeChecker = new \OC\App\CodeChecker();
$errors = $codeChecker->analyseFolder($folder);
return empty($errors);
}
}