10: Create StrictModePlugin

src/main/java/com/bartek/esa/core/di/PluginModule.java

@@ -75,4 +75,10 @@ public class PluginModule {
     public Plugin cipherInstancePlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) {
         return new CipherInstancePlugin(globMatcher, xmlHelper);
     }
+
+    @Provides
+    @IntoSet
+    public Plugin strictModePlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) {
+        return new StrictModePlugin(globMatcher, xmlHelper);
+    }
 }

src/main/java/com/bartek/esa/core/plugin/StrictModePlugin.java

@@ -0,0 +1,63 @@
+package com.bartek.esa.core.plugin;
+
+import com.bartek.esa.core.archetype.JavaPlugin;
+import com.bartek.esa.core.model.enumeration.Severity;
+import com.bartek.esa.core.xml.XmlHelper;
+import com.bartek.esa.file.matcher.GlobMatcher;
+import com.github.javaparser.ast.CompilationUnit;
+import com.github.javaparser.ast.ImportDeclaration;
+import com.github.javaparser.ast.Node;
+import com.github.javaparser.ast.expr.*;
+
+import javax.inject.Inject;
+import java.util.Optional;
+
+public class StrictModePlugin extends JavaPlugin {
+
+    @Inject
+    public StrictModePlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) {
+        super(globMatcher, xmlHelper);
+    }
+
+    @Override
+    public void run(CompilationUnit compilationUnit) {
+        compilationUnit.findAll(MethodCallExpr.class).stream()
+                .filter(expr -> expr.getName().getIdentifier().equals("setThreadPolicy"))
+                .filter(expr -> isStrictModeScope(expr, compilationUnit))
+                .forEach(expr -> addIssue(Severity.INFO, getLineNumberFromExpression(expr), expr.toString()));
+    }
+
+    private boolean isStrictModeScope(MethodCallExpr expr, CompilationUnit compilationUnit) {
+        boolean isStrictModeScope =  expr.getScope()
+                .filter(Expression::isNameExpr)
+                .map(Expression::asNameExpr)
+                .map(NameExpr::getName)
+                .map(SimpleName::getIdentifier)
+                .map(s -> s.equals("StrictMode"))
+                .orElse(false);
+
+        if(!isStrictModeScope) {
+            isStrictModeScope = compilationUnit.findAll(ImportDeclaration.class).stream()
+                    .filter(ImportDeclaration::isStatic)
+                    .filter(e -> e.getName().getIdentifier().equals("setThreadPolicy"))
+                    .map(ImportDeclaration::getName)
+                    .map(Name::getQualifier)
+                    .flatMap(Optional::stream)
+                    .map(Node::toString)
+                    .anyMatch(q -> q.equals("android.os.StrictMode"));
+        }
+
+        if(!isStrictModeScope) {
+            isStrictModeScope = compilationUnit.findAll(ImportDeclaration.class).stream()
+                    .filter(ImportDeclaration::isStatic)
+                    .filter(ImportDeclaration::isAsterisk)
+                    .map(ImportDeclaration::getName)
+                    .map(Name::getQualifier)
+                    .flatMap(Optional::stream)
+                    .map(Node::toString)
+                    .anyMatch(q -> q.equals("android.os"));
+        }
+
+        return isStrictModeScope;
+    }
+}

src/main/resources/description.properties

@@ -75,4 +75,7 @@ com.bartek.esa.core.plugin.CipherInstancePlugin=Not fully-qualified algorithm na
   Passing a shortcut instead of fully-qualified algorithm name in Cipher.getInstance() method is not portable across providers\n\
   and can impact the system low secure than intended to be.\n\
   Fully-qualified name matches the pattern: algorithm/mode/pattern\n\
-  For example: AES/CBC/PKCS5Padding
+  For example: AES/CBC/PKCS5Padding
+
+com.bartek.esa.core.plugin.StrictModePlugin=Strict mode is turned on.\n\
+  Strict mode was found in the file. Remember to delete it before publishing.