Skip to content

Commit fc10212

Browse files
Octokitmichaelnebel
Octokit
authored and
michaelnebel
committed
Add ApiController support
1 parent c96b938 commit fc10212

File tree

1 file changed

+11
-9
lines changed

1 file changed

+11
-9
lines changed

csharp/ql/lib/semmle/code/csharp/frameworks/microsoft/AspNetCore.qll

Lines changed: 11 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -69,11 +69,6 @@ class MicrosoftAspNetCoreMvcNonControllerAttribute extends MicrosoftAspNetCoreMv
6969
}
7070
}
7171

72-
/** A `Microsoft.AspNetCore.Mvc.Controller` attribute. */
73-
class MicrosoftAspNetCoreMvcControllerAttribute extends MicrosoftAspNetCoreMvcAttribute {
74-
MicrosoftAspNetCoreMvcControllerAttribute() { this.getType().hasName("ControllerAttribute") }
75-
}
76-
7772
/** The `Microsoft.AspNetCore.Antiforgery` namespace. */
7873
class MicrosoftAspNetCoreAntiforgeryNamespace extends Namespace {
7974
MicrosoftAspNetCoreAntiforgeryNamespace() {
@@ -196,7 +191,7 @@ class MicrosoftAspNetCoreMvcControllerBaseClass extends Class {
196191

197192
/**
198193
* A valid ASP.NET Core controller according to:
199-
* https://docs.microsoft.com/en-us/aspnet/core/mvc/controllers/actions?view=aspnetcore-3.1
194+
* https://docs.microsoft.com/en-us/aspnet/core/mvc/controllers/actions?view=aspnetcore-3.1
200195
* https://github.com/dotnet/aspnetcore/blob/b3c93967ba508b8ef139add27132d9483c1a9eb4/src/Mvc/Mvc.Core/src/Controllers/ControllerFeatureProvider.cs#L39-L75
201196
*/
202197
class MicrosoftAspNetCoreMvcController extends Class {
@@ -212,9 +207,16 @@ class MicrosoftAspNetCoreMvcController extends Class {
212207
not this.isAbstract() and
213208
not this.containsTypeParameters() and
214209
(
215-
this.getABaseType*() instanceof MicrosoftAspNetCoreMvcControllerBaseClass or
216-
this.getABaseType*().getName().matches("%Controller") or
217-
this.getABaseType*().getAnAttribute() instanceof MicrosoftAspNetCoreMvcControllerAttribute
210+
this.getABaseType*() instanceof MicrosoftAspNetCoreMvcControllerBaseClass
211+
or
212+
this.getABaseType*().getName().matches("%Controller")
213+
or
214+
this.getABaseType*()
215+
.getAnAttribute()
216+
.getType()
217+
.getABaseType*()
218+
// ApiControllerAttribute is derived from ControllerAttribute
219+
.hasQualifiedName("Microsoft.AspNetCore.Mvc.ControllerAttribute")
218220
) and
219221
not this.getABaseType*().getAnAttribute() instanceof
220222
MicrosoftAspNetCoreMvcNonControllerAttribute

0 commit comments

Comments
 (0)