diff --git a/src/lib/ACLAnalyzer.py b/src/lib/ACLAnalyzer.py index 298011980f7e196c29b61fa29c81748884725707..320615e436a75aa08cd26303625633e521a37985 100644 --- a/src/lib/ACLAnalyzer.py +++ b/src/lib/ACLAnalyzer.py @@ -13,7 +13,7 @@ class ACLAnalyzer(): real_acl:ACLData = ACLData(self.acl_info.principal_list,{},self.acl_info.acl_context) for route in self.project_info.service_class: - format_log(f"Searching for {route.get_base_element_name()} in {route.location}...") + format_log(f"Start Analyzing Service {route.get_base_element_name()} in {route.location} Control Access...") # Tentukan tipenya if(route.type == 'function'): service_acl = self.analyze_function(route) @@ -34,6 +34,7 @@ class ACLAnalyzer(): def analyze_class(self,route:ElementContext)->list[str]: + format_log(f"Start Analyzing class {route.get_base_element_name()} in {route.location} Control Access...") file_method_list = self.project_info.dependency_manager.get(route.location).method_list method_lists = list(filter(lambda x:x['name']!='__init__' and x['type']=='class_method' and x['parent']==route.get_base_element_name(),file_method_list)) # Remove yang ada di no check list @@ -53,6 +54,7 @@ class ACLAnalyzer(): return class_acls def analyze_function(self,route:ElementContext,is_route=True)->list[str]: + format_log(f"Start Analyzing function {route.get_base_element_name()} in {route.location} Control Access...") file_method_list = self.project_info.dependency_manager.get(route.location).method_list # Cek parent nya untuk menentukaan apakah ada dekorator # Inisialisasi principal_list @@ -78,6 +80,8 @@ class ACLAnalyzer(): # Gak ada dekorator/dekorator gak cocok # Traverse fungsinya while node: + # if "get_admin_mail" in route.name: + # print(node) # Cek detail untuk beberapa tipe node if node.type in ['call','assignment']: # Cek call method @@ -146,6 +150,7 @@ class ACLAnalyzer(): mode = '' role_name = "" var_key = "" + # print(var_list) for var in var_list: if var=='==': mode = 'eq' @@ -315,6 +320,8 @@ class ACLAnalyzer(): components += flatten_node(child.children) # Cek tiap componentnya fun_name = "" + # if "admin_mail" in route.name: + # print("KOMP",components) for i in range(len(components)): if components[i] in ['and','or','not']: continue @@ -352,7 +359,15 @@ class ACLAnalyzer(): # Cek apakah variabel sebelum atau sesudanya adalah acl context left_var_name = self.search_acl_var(fun_name,route) right_var_name = self.search_acl_var(components[i+1],route) + # if "admin_mail" in route.name: + # print(fun_name) + # print(components[i+1]) + # print(left_var_name) + # print(right_var_name) if right_var_name in self.acl_info.acl_context: + # Sanitasi left var name + left_var_name = left_var_name.replace('\"',"").replace("\'","") + components[i-1] = components[i-1].replace('\"',"").replace("\'","") # Cek apakah right var name adalah string if type(self.acl_info.acl_context[right_var_name])==dict: # Cek nilainya @@ -365,9 +380,14 @@ class ACLAnalyzer(): # Langsung cari yg terkecil principal_list = list(set(principal_list) & set(self.acl_info.acl_context[right_var_name])) elif left_var_name in self.acl_info.acl_context: + # Sanitasi + right_var_name = right_var_name.replace('\"',"").replace("\'","") + components[i+1] = components[i+1].replace('\"',"").replace("\'","") + # print(right_var_name) # Cek apakah right var name adalah string if type(self.acl_info.acl_context[left_var_name])==dict: # Cek nilainya + # print("masuk") if components[i+1] in self.acl_info.acl_context[left_var_name]: if components[i]=='==': principal_list = list(set(principal_list) & set([self.acl_info.acl_context[left_var_name][components[i+1]]])) @@ -385,6 +405,7 @@ class ACLAnalyzer(): return principal_list def analyze_module(self,route:ElementContext)->list[list[str,list[str]]]: + format_log(f"Start Analyzing module {route.get_base_element_name()} in {route.location} Control Access...") file_method_list = self.project_info.dependency_manager.get(route.location).method_list # Cari info semua fungsi di module method_lists = [m for m in file_method_list if not (m['type']=='class_method' and m['name']=='__init__')] diff --git a/src/lib/ACReader.py b/src/lib/ACReader.py index 95e3a3725170b0bdcb801bcde55b230da8745006..ddc9e3c7c8ca144dc16859bc9a8991325b770d1a 100644 --- a/src/lib/ACReader.py +++ b/src/lib/ACReader.py @@ -84,4 +84,5 @@ class ACReader(): content = detail[1].replace(" ","").split(",") acl_context[detail[0]] = content acl_data = ACLData(principal_list,service_acl,acl_context) + # print(acl_data) return acl_data \ No newline at end of file diff --git a/src/lib/CFGGenerator.py b/src/lib/CFGGenerator.py index 3b7e258e573535fa2243ce451f2fa0aab93647d0..b4db3664af5a2b8bd4c8c76c8eb8c2a4d896ca8e 100644 --- a/src/lib/CFGGenerator.py +++ b/src/lib/CFGGenerator.py @@ -92,7 +92,7 @@ class CFG(): # for statement -> block (V) # while statement -> block (V) def traverse_function(self)->Node|None: - print("initial",self.cursor.node) + # print("initial",self.cursor.node) # Terminate if self.is_node_equal(self.cursor.node,self.original_cursor.node) and self.is_traversing: return None @@ -112,7 +112,7 @@ class CFG(): elif(self.cursor.node.type=='block'): # Blok fungsi self.cursor.goto_first_child() - print("return",self.cursor.node,self.cursor.node.parent.children) + # print("return",self.cursor.node,self.cursor.node.parent.children) return self.cursor.node elif(self.cursor.node.type=='try_statement'): # Blok try-catch @@ -161,7 +161,7 @@ class CFG(): # self.cursor.reset_to(tmp_ptr) else: self.next_branch = tmp_ptr.copy() - print("if return",node,self.cursor.node) + # print("if return",node,self.cursor.node) return node elif(self.cursor.node.type=='elif_clause'): # Ada percabangan diff --git a/src/lib/ServiceSanitizationAnalyzer.py b/src/lib/ServiceSanitizationAnalyzer.py index bf55e3f11d3bc596a630631390f8976b715f3a76..11711fdae06714d8fe6812a9506b750348cd3e2b 100644 --- a/src/lib/ServiceSanitizationAnalyzer.py +++ b/src/lib/ServiceSanitizationAnalyzer.py @@ -50,11 +50,8 @@ class ServiceSanitizationAnalyzer(): for f in method_lists: ctx = ElementContext(f['name'],'function',route.location,[]) ctx.set_cfg(CFG(f['ast'],f['ctx'],f['cursor'],route.cfg.source_code)) - format_log(f"Finish analyzing function {ctx.get_base_element_name()} in {ctx.location}...") if(not self.analyze_function(ctx)): unsanitized_methods.append(f['name']) - format_log(f"Finish analyzing function {ctx.get_base_element_name()} in {ctx.location}...") - format_log(f"Finish analyzing class {route.get_base_element_name()} in {route.location}...") return unsanitized_methods def analyze_function(self,route:ElementContext)->bool: @@ -302,12 +299,10 @@ class ServiceSanitizationAnalyzer(): # set cfg ctx.set_cfg(CFG(f['ast'],f['ctx'],f['cursor'],route.cfg.source_code)) if(not self.analyze_function(ctx)): - format_log(f"Finish analyzing function {ctx.get_base_element_name()} in {ctx.location}...") if f['type']=='class_method': unsanitized_methods.append(["class",f['name'],f['parent']]) else: unsanitized_methods.append(["function",f['name']]) - format_log(f"Finish analyzing module {route.get_base_element_name()} in {route.location}...") return unsanitized_methods def is_in_acl_list(self,route:ElementContext,name:str,ctx:list[str]=[]):