Updated existing rule for verifiying the presence of WMI cmdlets in a script - new WMI cmdlets covered

Author: raghushantha

Rules/AvoidUsingWMICmdlet.cs

@@ -0,0 +1,144 @@
+//
+// Copyright (c) Microsoft Corporation.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+//
+
+using System;
+using System.Collections.ObjectModel;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Management.Automation;
+using System.Management.Automation.Language;
+using Microsoft.Windows.Powershell.ScriptAnalyzer.Generic;
+using System.ComponentModel.Composition;
+using System.Resources;
+using System.Globalization;
+using System.Threading;
+using System.Reflection;
+
+namespace Microsoft.Windows.Powershell.ScriptAnalyzer.BuiltinRules
+{
+    /// <summary>
+    /// AvoidUsingWMICmdlet: Avoid Using Get-WMIObject, Remove-WMIObject, Invoke-WmiMethod, Register-WmiEvent, Set-WmiInstance
+    /// </summary>
+    [Export(typeof(IScriptRule))]
+    public class AvoidUsingWMICmdlet : IScriptRule
+    {
+        /// <summary>
+        /// AnalyzeScript: Avoid Using Get-WMIObject, Remove-WMIObject, Invoke-WmiMethod, Register-WmiEvent, Set-WmiInstance
+        /// </summary>
+        public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName)
+        {
+            if (ast == null) throw new ArgumentNullException(Strings.NullAstErrorMessage);
+
+            // Rule is applicable only when PowerShell Version is < 3.0, since CIM cmdlet was introduced in 3.0
+            int majorPSVersion = GetPSMajorVersion(ast);
+            if (!(3 > majorPSVersion && 0 < majorPSVersion))
+            {
+                // Finds all CommandAsts.
+                IEnumerable<Ast> commandAsts = ast.FindAll(testAst => testAst is CommandAst, true);
+
+                // Iterate all CommandAsts and check the command name
+                foreach (CommandAst cmdAst in commandAsts)
+                {
+                    if (cmdAst.GetCommandName() != null && 
+                        (String.Equals(cmdAst.GetCommandName(), "get-wmiobject", StringComparison.OrdinalIgnoreCase) 
+                            || String.Equals(cmdAst.GetCommandName(), "remove-wmiobject", StringComparison.OrdinalIgnoreCase)
+                            || String.Equals(cmdAst.GetCommandName(), "invoke-wmimethod", StringComparison.OrdinalIgnoreCase)
+                            || String.Equals(cmdAst.GetCommandName(), "register-wmievent", StringComparison.OrdinalIgnoreCase)
+                            || String.Equals(cmdAst.GetCommandName(), "set-wmiinstance", StringComparison.OrdinalIgnoreCase))
+                        )
+                    {
+                        yield return new DiagnosticRecord(String.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingWMICmdletError, System.IO.Path.GetFileName(fileName)),
+                            cmdAst.Extent, GetName(), DiagnosticSeverity.Warning, fileName);
+                    }
+                }
+            }
+        }
+
+        /// <summary>
+        /// GetPSMajorVersion: Retrieves Major PowerShell Version when supplied using #requires keyword in the script
+        /// </summary>
+        /// <returns>The name of this rule</returns>
+        private int GetPSMajorVersion(Ast ast)
+        {
+            if (ast == null) throw new ArgumentNullException(Strings.NullAstErrorMessage);
+
+            IEnumerable<Ast> scriptBlockAsts = ast.FindAll(testAst => testAst is ScriptBlockAst, true);
+            
+            foreach (ScriptBlockAst scriptBlockAst in scriptBlockAsts)
+            {
+                if (null != scriptBlockAst.ScriptRequirements && null != scriptBlockAst.ScriptRequirements.RequiredPSVersion)
+                {
+                    return scriptBlockAst.ScriptRequirements.RequiredPSVersion.Major;
+                }
+            }
+
+            // return a non valid Major version if #requires -Version is not supplied in the Script
+            return -1;
+        }
+
+        /// <summary>
+        /// GetName: Retrieves the name of this rule.
+        /// </summary>
+        /// <returns>The name of this rule</returns>
+        public string GetName()
+        {
+            return string.Format(CultureInfo.CurrentCulture, Strings.NameSpaceFormat, GetSourceName(), Strings.AvoidUsingWMICmdletName);
+        }
+
+        /// <summary>
+        /// GetCommonName: Retrieves the common name of this rule.
+        /// </summary>
+        /// <returns>The common name of this rule</returns>
+        public string GetCommonName()
+        {
+            return string.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingWMICmdletCommonName);
+        }
+
+        /// <summary>
+        /// GetDescription: Retrieves the description of this rule.
+        /// </summary>
+        /// <returns>The description of this rule</returns>
+        public string GetDescription()
+        {
+            return string.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingWMICmdletDescription);
+        }
+
+        /// <summary>
+        /// GetSourceType: Retrieves the type of the rule: builtin, managed or module.
+        /// </summary>
+        public SourceType GetSourceType()
+        {
+            return SourceType.Builtin;
+        }
+
+
+        /// <summary>
+        /// GetSeverity:Retrieves the severity of the rule: error, warning of information.
+        /// </summary>
+        /// <returns></returns>
+        public RuleSeverity GetSeverity()
+        {
+            return RuleSeverity.Warning;
+        }
+
+
+        /// <summary>
+        /// GetSourceName: Retrieves the module/assembly name the rule is from.
+        /// </summary>
+        public string GetSourceName()
+        {
+            return string.Format(CultureInfo.CurrentCulture, Strings.SourceName);
+        }
+    }
+}

Rules/ScriptAnalyzerBuiltinRules.csproj

@@ -66,7 +66,7 @@
     <Compile Include="AvoidUsingInternalURLs.cs" />
     <Compile Include="AvoidUsingInvokeExpression.cs" />
     <Compile Include="AvoidUsingPlainTextForPassword.cs" />
-    <Compile Include="AvoidUsingWMIObjectCmdlet.cs" />
+    <Compile Include="AvoidUsingWMICmdlet.cs" />
     <Compile Include="AvoidUsingWriteHost.cs" />
     <Compile Include="MissingModuleManifestField.cs" />
     <Compile Include="PossibleIncorrectComparisonWithNull.cs" />

Rules/Strings.resx

@@ -666,16 +666,16 @@
   <data name="UseShouldProcessForStateChangingFunctionsName" xml:space="preserve">
     <value>UseShouldProcessForStateChangingFunctions</value>
   </data>
-  <data name="AvoidUsingWMIObjectCmdletCommonName" xml:space="preserve">
-    <value>Avoid Using Get-WMIObject, Remove-WMIObject</value>
+  <data name="AvoidUsingWMICmdletCommonName" xml:space="preserve">
+    <value>Avoid Using Get-WMIObject, Remove-WMIObject, Invoke-WmiMethod, Register-WmiEvent, Set-WmiInstance</value>
   </data>
-  <data name="AvoidUsingWMIObjectCmdletDescription" xml:space="preserve">
-    <value>Depricated. Starting in Windows PowerShell 3.0, these cmdlets have been superseded by CimInstance cmdlets.</value>
+  <data name="AvoidUsingWMICmdletDescription" xml:space="preserve">
+    <value>Depricated. Starting in Windows PowerShell 3.0, these cmdlets have been superseded by CIM cmdlets.</value>
   </data>
-  <data name="AvoidUsingWMIObjectCmdletError" xml:space="preserve">
-    <value>File '{0}' uses WMIObject cmdlet. For PowerShell 3.0 and above, this is not recommended because the cmdlet is based on a non-standard DCOM protocol. Use CIMInstance cmdlet instead. This is CIM and WS-Man standards compliant and works in a heterogeneous environment.</value>
+  <data name="AvoidUsingWMICmdletError" xml:space="preserve">
+    <value>File '{0}' uses WMI cmdlet. For PowerShell 3.0 and above, use CIM cmdlet which perform the same tasks as the WMI cmdlets. The CIM cmdlets comply with WS-Management (WSMan) standards and with the Common Information Model (CIM) standard, which enables the cmdlets to use the same techniques to manage Windows computers and those running other operating systems.</value>
   </data>
-  <data name="AvoidUsingWMIObjectCmdletName" xml:space="preserve">
-    <value>AvoidUsingWMIObjectCmdlet</value>
+  <data name="AvoidUsingWMICmdletName" xml:space="preserve">
+    <value>AvoidUsingWMICmdlet</value>
   </data>
 </root>