diff --git a/andy/src/main/java/nl/tudelft/cse1110/andy/execution/step/SourceCodeSecurityCheckStep.java b/andy/src/main/java/nl/tudelft/cse1110/andy/execution/step/SourceCodeSecurityCheckStep.java index 12d69595a..6fbad9d5f 100644 --- a/andy/src/main/java/nl/tudelft/cse1110/andy/execution/step/SourceCodeSecurityCheckStep.java +++ b/andy/src/main/java/nl/tudelft/cse1110/andy/execution/step/SourceCodeSecurityCheckStep.java @@ -12,6 +12,8 @@ import java.nio.file.Path; import java.util.List; import java.util.Map; +import java.util.Optional; +import java.util.regex.Matcher; import java.util.regex.Pattern; import java.util.stream.Collectors; @@ -30,7 +32,6 @@ public void execute(Context ctx, ResultBuilder result) { } String code; - try { code = Files.readString(Path.of(solutionFile.get(0).getPath())); } catch (IOException e) { @@ -38,6 +39,7 @@ public void execute(Context ctx, ResultBuilder result) { return; } + code = removeComments(code); if (!checkPackageName(code, result)) return; if (!checkForKeywords(code, result)) return; @@ -46,7 +48,7 @@ public void execute(Context ctx, ResultBuilder result) { private boolean checkPackageName(String code, ResultBuilder result) { Pattern pattern = Pattern.compile("^\\s*package\\s+delft\\s*;.*", Pattern.DOTALL); if (!pattern.matcher(code).find()) { - result.compilationSecurityFail("The package name of your solution must be \"delft\""); + result.compilationSecurityFail("The package name of your solution must be \"delft\"", null); return false; } @@ -90,14 +92,32 @@ private boolean checkForKeywords(String code, ResultBuilder result) { ); for (String keyword : keywords.keySet()) { if (code.contains(keyword)) { - result.compilationSecurityFail(keywords.get(keyword)); - return false; + String[] lines = code.split("\\n"); + // Split lines and search every line for keyword + for (int lineNumber = 0; lineNumber < lines.length; lineNumber++) + if (lines[lineNumber].contains(keyword)) { + // Adding 1 to lineNumber to convert from zero-based index to one-based index + result.compilationSecurityFail(keywords.get(keyword), Optional.of(lineNumber+1)); + return false; + } } } return true; } + public String removeComments(String code) { + // Remove single-line comments (//) + code = code.replaceAll("//.*", ""); + + // Remove multi-line comments (/* */) + Pattern pattern = Pattern.compile("/\\*.*?\\*/", Pattern.DOTALL); + Matcher matcher = pattern.matcher(code); + code = matcher.replaceAll(""); + + return code; + } + @Override public boolean equals(Object other) { return other instanceof SourceCodeSecurityCheckStep; diff --git a/andy/src/main/java/nl/tudelft/cse1110/andy/result/ResultBuilder.java b/andy/src/main/java/nl/tudelft/cse1110/andy/result/ResultBuilder.java index 6b127a2aa..35aff375f 100644 --- a/andy/src/main/java/nl/tudelft/cse1110/andy/result/ResultBuilder.java +++ b/andy/src/main/java/nl/tudelft/cse1110/andy/result/ResultBuilder.java @@ -79,9 +79,9 @@ public void compilationFail(List> errors) { this.compilation = CompilationResult.compilationFail(compilationErrors); } - public void compilationSecurityFail(String message) { + public void compilationSecurityFail(String message, Optional lineNumber) { this.compilation = CompilationResult.compilationFail(List.of( - new CompilationErrorInfo("Solution.java", 1, message) + new CompilationErrorInfo("Solution.java", lineNumber.orElse(1), message) // Highlight first line if the line number does not exist )); }