Merge pull request Azure#3089 from cormacpayne/verbs-check

cormacpayne · web-flow · commit 29a9043eb7a4 · 2016-12-06T13:01:11.000-08:00
Add StaticAnalysis rule to fail cmdlets not using approved verbs
diff --git a/tools/StaticAnalysis/Exceptions/SignatureIssues.csv b/tools/StaticAnalysis/Exceptions/SignatureIssues.csv
@@ -856,6 +856,7 @@
 "Microsoft.Azure.Commands.Websites.dll","Microsoft.Azure.Commands.WebApps.Cmdlets.DeploymentSlots.StartAzureWebAppSlotCmdlet","Start-AzureRmWebAppSlot","1","8100","Start-AzureRmWebAppSlot Does not support ShouldProcess but the cmdlet verb Start indicates that it should.","Determine if the cmdlet should implement ShouldProcess and if so determine if it should implement Force / ShouldContinue"
 "Microsoft.Azure.Commands.Websites.dll","Microsoft.Azure.Commands.WebApps.Cmdlets.DeploymentSlots.StopAzureWebAppSlotCmdlet","Stop-AzureRmWebAppSlot","1","8100","Stop-AzureRmWebAppSlot Does not support ShouldProcess but the cmdlet verb Stop indicates that it should.","Determine if the cmdlet should implement ShouldProcess and if so determine if it should implement Force / ShouldContinue"
 "Microsoft.Azure.Commands.Websites.dll","Microsoft.Azure.Commands.WebApps.Cmdlets.DeploymentSlots.StopAzureWebAppSlotCmdlet","Stop-AzureRmWebAppSlot","2","8210","Stop-AzureRmWebAppSlot does not have a Force parameter but the cmdlet verb 'Stop' indicates that it may perform destructive actions under certain circumstances. Consider whether the cmdlet should have a Force parameter anduse ShouldContinue under some circumstances. ","Consider wether the cmdlet should have a Force parameter and use ShouldContinue under some circumstances. "
+"Microsoft.Azure.Commands.Websites.dll","Microsoft.Azure.Commands.WebApps.Cmdlets.DeploymentSlots.SwapAzureWebAppSlot","Swap-AzureRmWebAppSlot","1","8300","Swap-AzureRmWebAppSlot uses the verb 'Swap', which is not on the list of approved verbs for PowerShell commands. Use the cmdlet 'Get-Verb' to see the full list of approved verbs and consider renaming the cmdlet.","Consider renaming the cmdlet to use an approved verb for PowerShell."
 "Microsoft.Azure.Commands.Websites.dll","Microsoft.Azure.Commands.WebApps.Cmdlets.BackupRestore.NewAzureRmWebAppDatabaseBackupSetting","New-AzureRmWebAppDatabaseBackupSetting","1","8100","New-AzureRmWebAppDatabaseBackupSetting Does not support ShouldProcess but the cmdlet verb New indicates that it should.","Determine if the cmdlet should implement ShouldProcess and if so determine if it should implement Force / ShouldContinue"
 "Microsoft.Azure.Commands.Websites.dll","Microsoft.Azure.Commands.WebApps.Cmdlets.BackupRestore.RestoreAzureWebAppBackup","Restore-AzureRmWebAppBackup","1","8100","Restore-AzureRmWebAppBackup Does not support ShouldProcess but the cmdlet verb Restore indicates that it should.","Determine if the cmdlet should implement ShouldProcess and if so determine if it should implement Force / ShouldContinue"
 "Microsoft.Azure.Commands.Websites.dll","Microsoft.Azure.Commands.WebApps.Cmdlets.BackupRestore.RestoreAzureWebAppBackup","Restore-AzureRmWebAppBackup","2","8210","Restore-AzureRmWebAppBackup does not have a Force parameter but the cmdlet verb 'Restore' indicates that it may perform destructive actions under certain circumstances. Consider whether the cmdlet should have a Force parameter anduse ShouldContinue under some circumstances. ","Consider wether the cmdlet should have a Force parameter and use ShouldContinue under some circumstances. "
diff --git a/tools/StaticAnalysis/ProblemIDs.cs b/tools/StaticAnalysis/ProblemIDs.cs
@@ -7,6 +7,7 @@ public static class SignatureProblemId
         public const int ActionIndicatesShouldProcess = 8100;
         public const int ConfirmLevelChange = 8200;
         public const int CmdletWithDestructiveVerbNoForce = 8210;
+        public const int CmdletWithUnapprovedVerb = 8300;
         public const int CmdletWithDestructiveVerb = 98300;
         public const int CmdletWithForceParameter = 98310;
     }
diff --git a/tools/StaticAnalysis/SignatureVerifier/CmdletSignatureMetadata.cs b/tools/StaticAnalysis/SignatureVerifier/CmdletSignatureMetadata.cs
@@ -116,7 +116,31 @@ public class CmdletSignatureMetadata
             VerbsSecurity.Unblock
         };
         #endregion
-        
+
+        #region ApprovedVerbs
+        private List<string> ApprovedVerbs;
+
+        private List<string> GetApprovedVerbs()
+        {
+            if (ApprovedVerbs == null)
+            {
+                ApprovedVerbs = new List<string>();
+
+                PowerShell powershell = PowerShell.Create();
+                powershell.AddCommand("Get-Verb");
+
+                var cmdletResult = powershell.Invoke();
+
+                foreach (PSObject result in cmdletResult)
+                {
+                    ApprovedVerbs.Add(result.Members["Verb"].Value.ToString());
+                }
+            }
+
+            return ApprovedVerbs;
+        }
+        #endregion
+
         /// <summary>
         /// The name of the assembly containing cmdlet
         /// </summary>
@@ -153,6 +177,14 @@ public bool IsShouldContinueVerb
             get { return VerbName != null && ShouldContinueVerbs.Contains(VerbName); }
         }
 
+        /// <summary>
+        /// True if the cmdlet has an approved verb
+        /// </summary>
+        public bool IsApprovedVerb
+        {
+            get { return VerbName != null && GetApprovedVerbs().Contains(VerbName); }
+        }
+
         /// <summary>
         /// The name of the class that implements the cmdlet
         /// </summary>
diff --git a/tools/StaticAnalysis/SignatureVerifier/SignatureVerifier.cs b/tools/StaticAnalysis/SignatureVerifier/SignatureVerifier.cs
@@ -155,6 +155,21 @@ public void Analyze(IEnumerable<string> cmdletProbingDirs,
                                         remediation: "Consider wether the cmdlet should have a Force " +
                                                       "parameter and use ShouldContinue under some circumstances. ");
                                     }
+
+                                    if (!cmdlet.IsApprovedVerb)
+                                    {
+                                        issueLogger.LogSignatureIssue(
+                                            cmdlet: cmdlet,
+                                            severity: 1,
+                                        problemId: SignatureProblemId.CmdletWithUnapprovedVerb,
+                                        description:
+                                            string.Format(
+                                                "{0} uses the verb '{1}', which is not on the list of approved " +
+                                                "verbs for PowerShell commands. Use the cmdlet 'Get-Verb' to see " +
+                                                "the full list of approved verbs and consider renaming the cmdlet.",
+                                                cmdlet.Name, cmdlet.VerbName),
+                                        remediation: "Consider renaming the cmdlet to use an approved verb for PowerShell.");
+                                    }
                                 }
 
                                 AppDomain.Unload(_appDomain);
diff --git a/tools/StaticAnalysis/StaticAnalysis.Test/SignatureVerifierTests.cs b/tools/StaticAnalysis/StaticAnalysis.Test/SignatureVerifierTests.cs
@@ -50,7 +50,7 @@ public void AddVerbWithoutSupportsShouldProcessParameter()
 
             AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
 
-            Assert.True(testReport.ProblemIdList.Count == 1);
+            Assert.Equal(1, testReport.ProblemIdList.Count);
             Assert.True(testReport.ProblemIdList.Where<int>((problemId) => problemId.Equals(SignatureProblemId.ActionIndicatesShouldProcess)).SingleOrDefault<int>().Equals(SignatureProblemId.ActionIndicatesShouldProcess));
         }
 
@@ -64,7 +64,7 @@ public void AddVerbWithSupportsShouldProcessParameter()
                 (cmdletName) => cmdletName.Equals("Add-AddVerbWithSupportsShouldProcessParameter", StringComparison.OrdinalIgnoreCase));
 
             AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
-            Assert.True(testReport.ProblemIdList.Count == 0);
+            Assert.Equal(0, testReport.ProblemIdList.Count);
             //Assert.True(testReport.ProblemIdList.Where<int>((problemId) => problemId.Equals(SignatureProblemId.ActionIndicatesShouldProcess)).SingleOrDefault<int>().Equals(SignatureProblemId.ActionIndicatesShouldProcess));
         }
         #endregion
@@ -84,7 +84,7 @@ public void ForceParameterWithoutSupportsShouldProcess()
 
 
             AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
-            Assert.True(testReport.ProblemIdList.Count == 1);
+            Assert.Equal(1, testReport.ProblemIdList.Count);
             Assert.True(testReport.ProblemIdList.Where<int>((problemId) => problemId.Equals(SignatureProblemId.ForceWithoutShouldProcessAttribute)).SingleOrDefault<int>().Equals(SignatureProblemId.ForceWithoutShouldProcessAttribute));
         }
 
@@ -98,7 +98,7 @@ public void ForceParameterWithSupportsShouldProcess()
                 (cmdletName) => cmdletName.Equals("Test-ForceParameterWithSupportsShouldProcess", StringComparison.OrdinalIgnoreCase));
 
             AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
-            Assert.True(testReport.ProblemIdList.Count == 0);
+            Assert.Equal(0, testReport.ProblemIdList.Count);
         }
 
         #endregion
@@ -114,7 +114,7 @@ public void ConfirmImpactWithSupportsShouldProcess()
                 (cmdletName) => cmdletName.Equals("Test-ConfirmImpactWithSupportsShouldProcess", StringComparison.OrdinalIgnoreCase));
 
             AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
-            Assert.True(testReport.ProblemIdList.Count == 0);
+            Assert.Equal(0, testReport.ProblemIdList.Count);
         }
         
         [Fact]
@@ -127,7 +127,7 @@ public void ConfirmImpactWithoutSupportsShouldProcess()
                 (cmdletName) => cmdletName.Equals("Test-ConfirmImpactWithoutSupportsShouldProcess", StringComparison.OrdinalIgnoreCase));
 
             AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
-            Assert.True(testReport.ProblemIdList.Count == 2);
+            Assert.Equal(2, testReport.ProblemIdList.Count);
             Assert.True(testReport.ProblemIdList.Where<int>((problemId) => problemId.Equals(SignatureProblemId.ConfirmLeveleWithNoShouldProcess)).SingleOrDefault<int>().Equals(SignatureProblemId.ConfirmLeveleWithNoShouldProcess));
             Assert.True(testReport.ProblemIdList.Where<int>((problemId) => problemId.Equals(SignatureProblemId.ConfirmLevelChange)).SingleOrDefault<int>().Equals(SignatureProblemId.ConfirmLevelChange));
         }
@@ -144,7 +144,7 @@ public void ShouldContinueVerbWithForceSwitch()
                 (cmdletName) => cmdletName.Equals("Copy-ShouldContinueVerbWithForceSwitch", StringComparison.OrdinalIgnoreCase));
 
             AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
-            Assert.True(testReport.ProblemIdList.Count == 0);
+            Assert.Equal(0, testReport.ProblemIdList.Count);
         }
                 
         [Fact]
@@ -157,10 +157,39 @@ public void ShouldContinueVerbWithoutForceSwitch()
                 (cmdletName) => cmdletName.Equals("Export-ShouldContinueVerbWithoutForceSwitch", StringComparison.OrdinalIgnoreCase));
 
             AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
-            Assert.True(testReport.ProblemIdList.Count == 2);
+            Assert.Equal(2, testReport.ProblemIdList.Count);
             Assert.True(testReport.ProblemIdList.Where<int>((problemId) => problemId.Equals(SignatureProblemId.CmdletWithDestructiveVerbNoForce)).SingleOrDefault<int>().Equals(SignatureProblemId.CmdletWithDestructiveVerbNoForce));
             Assert.True(testReport.ProblemIdList.Where<int>((problemId) => problemId.Equals(SignatureProblemId.ActionIndicatesShouldProcess)).SingleOrDefault<int>().Equals(SignatureProblemId.ActionIndicatesShouldProcess));
         }
         #endregion
+
+        #region CmdletWithUnapprovedVerb
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void CmdletWithApprovedVerb()
+        {
+            cmdletSignatureVerifier.Analyze(
+                new List<string> { _testCmdletDirPath },
+                ((dirList) => { return new List<string> { _testCmdletDirPath }; }),
+                (cmdletName) => cmdletName.Equals("Get-SampleCmdlet", StringComparison.OrdinalIgnoreCase));
+
+            AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
+            Assert.Equal(0, testReport.ProblemIdList.Count);
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void CmdletWithUnapprovedVerb()
+        {
+            cmdletSignatureVerifier.Analyze(
+                new List<string> { _testCmdletDirPath },
+                ((dirList) => { return new List<string> { _testCmdletDirPath }; }),
+                (cmdletName) => cmdletName.Equals("Prepare-SampleCmdlet", StringComparison.OrdinalIgnoreCase));
+
+            AnalysisReport testReport = cmdletSignatureVerifier.GetAnalysisReport();
+            Assert.Equal(1, testReport.ProblemIdList.Count);
+            Assert.True(testReport.ProblemIdList.Where<int>((problemId) => problemId.Equals(SignatureProblemId.CmdletWithUnapprovedVerb)).SingleOrDefault<int>().Equals(SignatureProblemId.CmdletWithUnapprovedVerb));
+        }
+        #endregion
     }
 }
diff --git a/tools/StaticAnalysis/StaticAnalysis.Test/StaticAnalysis.Test.csproj b/tools/StaticAnalysis/StaticAnalysis.Test/StaticAnalysis.Test.csproj
@@ -4,15 +4,15 @@
   <Import Project="..\..\..\src\packages\xunit.core.2.1.0\build\portable-net45+win8+wp8+wpa81\xunit.core.props" Condition="Exists('..\..\..\src\packages\xunit.core.2.1.0\build\portable-net45+win8+wp8+wpa81\xunit.core.props')" />
   <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
   <PropertyGroup>
-    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
-    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <!--<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>-->
     <ProjectGuid>{A034BE7F-0CD8-4A03-85B3-44CC2E58B86F}</ProjectGuid>
     <OutputType>Library</OutputType>
     <AppDesignerFolder>Properties</AppDesignerFolder>
     <RootNamespace>StaticAnalysis.Test</RootNamespace>
     <AssemblyName>StaticAnalysis.Test</AssemblyName>
     <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
-	<RestorePackages>true</RestorePackages>
+	  <RestorePackages>true</RestorePackages>
     <FileAlignment>512</FileAlignment>
     <NuGetPackageImportStamp>ba98ab34</NuGetPackageImportStamp>
     <TestCmdletModuleAssemblyName>TestCmdletsModule</TestCmdletModuleAssemblyName>
@@ -21,15 +21,15 @@
     <DebugSymbols>true</DebugSymbols>
     <DebugType>full</DebugType>
     <Optimize>false</Optimize>
-    <OutputPath>bin\Debug\</OutputPath>
+    <OutputPath>bin\Debug</OutputPath>
     <DefineConstants>DEBUG;TRACE</DefineConstants>
     <ErrorReport>prompt</ErrorReport>
     <WarningLevel>4</WarningLevel>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
     <DebugType>pdbonly</DebugType>
     <Optimize>true</Optimize>
-    <OutputPath>bin\Release\</OutputPath>
+    <OutputPath>bin\Debug</OutputPath>
     <DefineConstants>TRACE</DefineConstants>
     <ErrorReport>prompt</ErrorReport>
     <WarningLevel>4</WarningLevel>
diff --git a/tools/StaticAnalysis/StaticAnalysis.Test/TestCmdlets/SignatureVerifier_Cmdlet.cs b/tools/StaticAnalysis/StaticAnalysis.Test/TestCmdlets/SignatureVerifier_Cmdlet.cs
@@ -226,4 +226,48 @@ protected override void BeginProcessing()
         }
     }
 }
+#endregion
+
+#region CmdletWithUnapprovedVerb
+namespace StaticAnalysis.Test.CmdletTest.Signature.CmdletWithApprovedVerb
+{
+    using System.Management.Automation;
+
+    /// <summary>
+    /// Verify if a cmdlet has an approved verb in its name.
+    /// </summary>
+    [Cmdlet(VerbsCommon.Get, "SampleCmdlet")]
+    public class CmdletWithApprovedVerb : Cmdlet
+    {
+        /// <summary>
+        /// Begin processing the cmdlet.
+        /// </summary>
+        protected override void BeginProcessing()
+        {
+            WriteObject("Get-SampleCmdlet BeginProcessing()");
+            WriteInformation("Info", null);
+        }
+    }
+}
+
+namespace StaticAnalysis.Test.CmdletTest.Signature.CmdletWithUnapprovedVerb
+{
+    using System.Management.Automation;
+
+    /// <summary>
+    /// Verify if a cmdlet has an approved verb in its name.
+    /// </summary>
+    [Cmdlet("Prepare", "SampleCmdlet")]
+    public class CmdletWithUnapprovedVerb : Cmdlet
+    {
+        /// <summary>
+        /// Begin processing the cmdlet.
+        /// </summary>
+        protected override void BeginProcessing()
+        {
+            WriteObject("Prepare-SampleCmdlet BeginProcessing()");
+            WriteInformation("Info", null);
+        }
+    }
+}
 #endregion

Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ public static class SignatureProblemId`
`7`	`7`	`public const int ActionIndicatesShouldProcess = 8100;`
`8`	`8`	`public const int ConfirmLevelChange = 8200;`
`9`	`9`	`public const int CmdletWithDestructiveVerbNoForce = 8210;`
	`10`	`+ public const int CmdletWithUnapprovedVerb = 8300;`
`10`	`11`	`public const int CmdletWithDestructiveVerb = 98300;`
`11`	`12`	`public const int CmdletWithForceParameter = 98310;`
`12`	`13`	`}`