Add correction extent to AvoidUsingPlainTextForPassword rule

Kapil Borle · Kapil Borle · commit 8a02fa728860 · 2016-03-30T14:23:24.000-07:00
diff --git a/Rules/AvoidUsingPlainTextForPassword.cs b/Rules/AvoidUsingPlainTextForPassword.cs
@@ -60,11 +60,30 @@ public IEnumerable<DiagnosticRecord> AnalyzeScript(Ast ast, string fileName)
                 {
                     yield return new DiagnosticRecord(
                         String.Format(CultureInfo.CurrentCulture, Strings.AvoidUsingPlainTextForPasswordError, paramAst.Name),
-                        paramAst.Extent, GetName(), DiagnosticSeverity.Warning, fileName);
+                        paramAst.Extent, 
+                        GetName(), 
+                        DiagnosticSeverity.Warning, 
+                        fileName,
+                        suggestedCorrections: GetCorrectionExtent(paramAst));
                 }
             }
         }
 
+        private List<CorrectionExtent> GetCorrectionExtent(ParameterAst paramAst)
+        {
+            IScriptExtent ext = paramAst.Extent;
+            var corrections = new List<CorrectionExtent>();            
+            string correctionText = string.Format("{0} {1}", "[SecureString]", paramAst.Name.Extent.Text);
+            corrections.Add(new CorrectionExtent(
+                ext.StartLineNumber,
+                ext.EndLineNumber,
+                ext.StartColumnNumber,
+                ext.EndColumnNumber,
+                correctionText,
+                ext.File));
+            return corrections;
+        }
+
         /// <summary>
         /// GetName: Retrieves the name of this rule.
         /// </summary>
diff --git a/Tests/Rules/AvoidUsingPlainTextForPassword.tests.ps1 b/Tests/Rules/AvoidUsingPlainTextForPassword.tests.ps1
@@ -3,7 +3,8 @@
 $violationMessage = [regex]::Escape("Parameter '`$password' should use SecureString, otherwise this will expose sensitive information. See ConvertTo-SecureString for more information.")
 $violationName = "PSAvoidUsingPlainTextForPassword"
 $directory = Split-Path -Parent $MyInvocation.MyCommand.Path
-$violations = Invoke-ScriptAnalyzer $directory\AvoidUsingPlainTextForPassword.ps1 | Where-Object {$_.RuleName -eq $violationName}
+$violationsFilepath = Join-Path $directory 'AvoidUsingPlainTextForPassword.ps1'
+$violations = Invoke-ScriptAnalyzer $violationsFilepath | Where-Object {$_.RuleName -eq $violationName}
 $noViolations = Invoke-ScriptAnalyzer $directory\AvoidUsingPlainTextForPasswordNoViolations.ps1 | Where-Object {$_.RuleName -eq $violationName}
 
 Describe "AvoidUsingPlainTextForPassword" {
@@ -12,6 +13,22 @@ Describe "AvoidUsingPlainTextForPassword" {
             $violations.Count | Should Be 4
         }
 
+	It "suggests corrections" {
+	   Import-Module .\PSScriptAnalyzerTestHelper.psm1
+	    Function Test-Extent($idx, $violationText, $correctionText)
+	    {
+		$violation = $violations[$idx]
+	    	$violation.SuggestedCorrections.Count | Should Be 1
+	    	Get-ExtentText $violation.SuggestedCorrections[0] $violationsFilepath | Should Be $violationText
+	    	$violation.SuggestedCorrections[0].Text | Should Be $correctionText
+	    }
+
+	    Test-Extent 0 '$passphrases' '[SecureString] $passphrases'
+	    Test-Extent 1 '$passwordparam' '[SecureString] $passwordparam'
+	    Test-Extent 2 '$credential' '[SecureString] $credential'
+	    Test-Extent 3 '$password' '[SecureString] $password'
+	}
+
         It "has the correct violation message" {
             $violations[3].Message | Should Match $violationMessage
         }
