Skip to content

Commit 939b8da

Browse files
committed
test: 敏感信息告警Linter test
1 parent f0f00b0 commit 939b8da

File tree

4 files changed

+83
-22
lines changed

4 files changed

+83
-22
lines changed

src/extension.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ import { updateDiagnostics } from "./provider/linter";
1818

1919
export async function activate(context: vscode.ExtensionContext) {
2020
// 插件诊断器
21-
const collection = vscode.languages.createDiagnosticCollection("test");
21+
const collection = vscode.languages.createDiagnosticCollection("alicloud-linter");
2222
if (vscode.window.activeTextEditor) {
2323
updateDiagnostics(vscode.window.activeTextEditor.document, collection);
2424
}

src/provider/linter.ts

Lines changed: 12 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -16,38 +16,33 @@ class Rule {
1616
}>;
1717
}
1818
export const LintRules: Array<Rule> = [
19-
{
20-
LintName: "AccessKey-KeyValue",
21-
source: "Alicloud AccessKey Lint",
22-
pattern:
23-
'(?<keyword>access|key|secret|scret|ak|sk)[^\\w\\n]*(?:\\n)?(?<separator>["\'\\s]*[:=@,]\\s*(?:"|\')?|\\w*"\\s*?,\\s*?")[\\s"\']*(?<key>[0-9A-Za-z]{14,40})(?<suffix>["\'\\s]*)',
24-
message: "工程代码泄露可能会导致 AccessKey 泄露,并威胁账号下所有资源的安全性。",
25-
information: "在此处透露了 AccessKey。",
26-
methods: [{ title: "凭据的安全使用方案", command: "alicloud.api.akSecurityHelper" }],
27-
},
2819
{
2920
LintName: "AccessKey-NewAK",
3021
source: "Alicloud AccessKey Lint",
3122
information: "在此处透露了 AccessKey。",
32-
pattern:
33-
"^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{12}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{16}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{18}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{20}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{22}$",
23+
pattern: `^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{12}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{16}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{18}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{20}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{22}$`,
3424
message: "工程代码泄露可能会导致 AccessKey 泄露,并威胁账号下所有资源的安全性。",
3525
methods: [{ title: "凭据的安全使用方案", command: "alicloud.api.akSecurityHelper" }],
3626
},
3727
];
3828

39-
function searchCode(
29+
export function searchCode(
4030
diagnosticCollection: vscode.Diagnostic[],
4131
rule: Rule,
4232
text: string,
4333
document: vscode.TextDocument,
4434
) {
4535
const regex = new RegExp(rule.pattern, "gi");
46-
let match;
47-
while ((match = regex.exec(text)) !== null) {
48-
const range = new vscode.Range(document.positionAt(match.index), document.positionAt(regex.lastIndex));
36+
const strRegex = new RegExp(`[\'\"\`](.*?)[\'\"\`]`, "gi");
37+
let strMatch;
38+
let matchTexts = [];
39+
while ((strMatch = strRegex.exec(text)) !== null) {
40+
const range = new vscode.Range(document.positionAt(strMatch.index), document.positionAt(strRegex.lastIndex));
4941
const matchText = document.getText(range);
50-
if (!diagnosticCollection?.find((item) => item.code === matchText)) {
42+
const pureString = matchText.substring(1, matchText.length - 1);
43+
const isMatch = regex.test(pureString);
44+
if (isMatch) {
45+
matchTexts.push(pureString);
5146
diagnosticCollection.push({
5247
code: "",
5348
message: rule.message,
@@ -60,6 +55,7 @@ function searchCode(
6055
});
6156
}
6257
}
58+
return matchTexts;
6359
}
6460

6561
export async function updateDiagnostics(

src/test/suite/extension.test.ts

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -25,9 +25,4 @@ suite("Extension Test Suite", () => {
2525
console.log("alicloud.api.restart successfully executed");
2626
assert.strictEqual("ok", result);
2727
});
28-
29-
test("Sample test", () => {
30-
assert.strictEqual(-1, [1, 2, 3].indexOf(5));
31-
assert.strictEqual(-1, [1, 2, 3].indexOf(0));
32-
});
3328
});

src/test/suite/linter.test.ts

Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
import * as assert from "assert";
2+
import { after, before } from "mocha";
3+
import path from "path";
4+
import * as vscode from "vscode";
5+
import { LintRules, searchCode } from "../../provider/linter";
6+
7+
suite("Alicloud linter Test Suite", function () {
8+
let document;
9+
10+
// 运行前的初始化
11+
setup(async function () {
12+
const text = `String[] tests = {
13+
"LTAIAbcd1234abcd", // Length 16, should match
14+
"LTAIAbcd1234abcdefgh", // Length 20, should match
15+
"LTAIAbcd1234abcdefghij", // Length 22, should match
16+
"LTAIAbcd1234abcdefghijkl", // Length 24, should match
17+
"LTAIAbcd1234abcdefghijklmn", // Length 26, should match
18+
"LTAIabc", // Too short, should not match
19+
"LTAIabcdefghijklm", // Too short, should not match
20+
"LTAIAbcd1234abcdefghijklmnop", // Too long, should not match
21+
"LTAIabcd1234abcdefghij", // Length 22, missing uppercase letter, should not match
22+
"LTAIABCD1234ABCDEFGHIJ", // Length 22, missing lowercase letter, should not match
23+
"LTAIAbcdabcdabcdefghij", // Length 22, missing digit, should not match
24+
"LTAIAbcd1234abcdefghiJ", // Length 22, should match
25+
"ltaiAbcd1234abcdefghij", // Length 22, does not start with "LTAI", should not match
26+
"LTAIAbcd1234abcdefghi", // Length 21, should not match
27+
};`;
28+
29+
const uri = vscode.Uri.file(path.join(__dirname, "testDocument.txt"));
30+
31+
// 写入自定义文本到文件
32+
await vscode.workspace.fs.writeFile(uri, Buffer.from(text, "utf8"));
33+
34+
// 打开文件作为 TextDocument
35+
document = await vscode.workspace.openTextDocument(uri);
36+
});
37+
38+
// 测试指定单词是否存在于文档中
39+
test("Check if document contains the AK", async function () {
40+
// 指定要查找的单词
41+
const wordToFind = "sample";
42+
const text = document.getText();
43+
44+
let diagnosticCollection: vscode.Diagnostic[] = [];
45+
46+
let matches = [];
47+
48+
LintRules.forEach((rule) => {
49+
matches = matches.concat(matches, searchCode(diagnosticCollection, rule, text, document));
50+
});
51+
52+
console.log(diagnosticCollection);
53+
54+
const mock = [
55+
"LTAIAbcd1234abcd",
56+
"LTAIAbcd1234abcdefghij",
57+
"LTAIAbcd1234abcdefghijklmn",
58+
"LTAIabcd1234abcdefghij",
59+
"LTAIAbcd1234abcdefghiJ",
60+
];
61+
assert.equal(matches.toString(), mock.toString());
62+
// assert.ok(matches, `test failed`);
63+
});
64+
65+
// 清理工作
66+
teardown(async function () {
67+
const uri = vscode.Uri.file(path.join(__dirname, "testDocument.txt"));
68+
await vscode.workspace.fs.delete(uri, { useTrash: true });
69+
});
70+
});

0 commit comments

Comments
 (0)