10: Create IntentFilterPlugin

2019-04-10 16:08:16 +02:00
parent 40e50cb0f4
commit 6b8c72cb86
3 changed files with 54 additions and 0 deletions
--- a/src/main/java/com/bartek/esa/core/di/PluginModule.java
+++ b/src/main/java/com/bartek/esa/core/di/PluginModule.java
@@ -113,4 +113,10 @@ public class PluginModule {
    public Plugin textInputValidationPlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) {
        return new TextInputValidationPlugin(globMatcher, xmlHelper);
    }
+
+    @Provides
+    @IntoSet
+    public Plugin intentFilterPlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) {
+        return new IntentFilterPlugin(globMatcher, xmlHelper);
+    }
 }
--- a/src/main/java/com/bartek/esa/core/plugin/IntentFilterPlugin.java
+++ b/src/main/java/com/bartek/esa/core/plugin/IntentFilterPlugin.java
@@ -0,0 +1,43 @@
+package com.bartek.esa.core.plugin;
+
+import com.bartek.esa.core.archetype.AndroidManifestPlugin;
+import com.bartek.esa.core.model.enumeration.Severity;
+import com.bartek.esa.core.xml.XmlHelper;
+import com.bartek.esa.file.matcher.GlobMatcher;
+import org.w3c.dom.Document;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+import javax.inject.Inject;
+
+public class IntentFilterPlugin extends AndroidManifestPlugin {
+
+    @Inject
+    public IntentFilterPlugin(GlobMatcher globMatcher, XmlHelper xmlHelper) {
+        super(globMatcher, xmlHelper);
+    }
+
+    @Override
+    protected void run(Document xml) {
+        NodeList filters = xml.getElementsByTagName("intent-filter");
+        stream(filters)
+                .filter(this::isNotMainActivity)
+                .map(Node::getParentNode)
+                .forEach(n -> addIssue(Severity.INFO, null, tagString(n)));
+    }
+
+    private boolean isNotMainActivity(Node filter) {
+        long mainActivityIntentFilters = stream(filter.getChildNodes())
+                .filter(n -> n.getNodeName().matches("action|category"))
+                .map(n -> n.getAttributes().getNamedItem("android:name"))
+                .map(Node::getNodeValue)
+                .filter(v -> v.equals("android.intent.action.MAIN") || v.equals("android.intent.category.LAUNCHER"))
+                .count();
+
+        long currentIntentFilters = stream(filter.getChildNodes())
+                .filter(n -> n.getNodeName().matches("action|category"))
+                .count();
+
+        return mainActivityIntentFilters != currentIntentFilters;
+    }
+}
--- a/src/main/resources/description.properties
+++ b/src/main/resources/description.properties
@@ -117,3 +117,8 @@ com.bartek.esa.core.plugin.TextInputValidationPlugin=Input type is no selected.\
  The EditText view doesn't have a input type selected.\n\
  Consider associating a input type with this view.\n\
  For example: <EditText android:inputType="number" ...
+
+com.bartek.esa.core.plugin.IntentFilterPlugin=Implemented intent filter.\n\
+  Component with intent filter was found. It means, that the component is implicitly exposed to public.\n\
+  Consider removing intent filter.\n\
+  Also be aware, that intent filter is not a security tool. It can be easily omitted.