sql checks

src/java-plugin/src/main/java/fr/cnumr/java/checks/AvoidFullSQLRequest.java

@@ -1,7 +1,11 @@
 package fr.cnumr.java.checks;
 
-import java.util.Arrays;
+import static java.util.Collections.singletonList;
+import static java.util.regex.Pattern.CASE_INSENSITIVE;
+import static java.util.regex.Pattern.compile;
+
 import java.util.List;
+import java.util.function.Predicate;
 
 import org.sonar.check.Priority;
 import org.sonar.check.Rule;
@@ -19,23 +23,18 @@
 public class AvoidFullSQLRequest extends IssuableSubscriptionVisitor {
 
 	protected static final String MESSAGERULE = "Don't use the query SELECT * FROM";
-	private static final String REGEXPSELECTFROM = "(?i).*select.*\\*.*from.*";
+	private static final Predicate<String> SELECT_FROM_REGEXP = 
+			compile("select\\s*\\*\\s*from", CASE_INSENSITIVE).asPredicate(); //simple regexp, more precision
 
     @Override
     public List<Kind> nodesToVisit() {
-        return  Arrays.asList(Tree.Kind.STRING_LITERAL);
+        return singletonList(Tree.Kind.STRING_LITERAL);
     }
 
     @Override
     public void visitNode(Tree tree) {
-    	boolean isSelectFrom = false;
-
-    	if (tree.is(Kind.STRING_LITERAL,Kind.TEXT_BLOCK)) {
-    		LiteralTree literal = (LiteralTree) tree;
-    		isSelectFrom = literal.value().matches(REGEXPSELECTFROM);
-    	}
-
-    	if (isSelectFrom) {
+    	String value = ((LiteralTree) tree).value();
+    	if (SELECT_FROM_REGEXP.test(value)) {
     		reportIssue(tree, MESSAGERULE);
     	}
     }

src/java-plugin/src/main/java/fr/cnumr/java/checks/AvoidSQLRequestInLoop.java

@@ -5,7 +5,6 @@
 import java.util.Arrays;
 import java.util.List;
 
-import org.apache.tomcat.util.descriptor.web.MessageDestinationRef;
 import org.sonar.check.Priority;
 import org.sonar.check.Rule;
 import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
@@ -24,7 +23,9 @@ public class AvoidSQLRequestInLoop extends IssuableSubscriptionVisitor {
 
 	@Override
 	public List<Kind> nodesToVisit() {
-		return Arrays.asList(Tree.Kind.FOR_EACH_STATEMENT, Tree.Kind.FOR_STATEMENT, Tree.Kind.WHILE_STATEMENT);
+		return Arrays.asList(
+				Tree.Kind.FOR_EACH_STATEMENT, Tree.Kind.FOR_STATEMENT, 
+				Tree.Kind.WHILE_STATEMENT, Tree.Kind.DO_STATEMENT);
 	}
 
 	@Override
@@ -42,7 +43,7 @@ private class AvoidSQLRequestInLoopVisitor extends BaseTreeVisitor {
 				MethodMatchers.create().ofSubTypes("org.hibernate.Session").names("createQuery", "createSQLQuery")
 						.withAnyParameters().build(),
 				MethodMatchers.create().ofSubTypes(JAVA_SQL_STATEMENT)
-						.names("executeQuery", "execute", "executeUpdate", "executeLargeUpdate", "addBatch")
+						.names("executeQuery", "execute", "executeUpdate", "executeLargeUpdate") // addBatch is recommended
 						.withAnyParameters().build(),
 				MethodMatchers.create().ofSubTypes(JAVA_SQL_CONNECTION)
 						.names("prepareStatement", "prepareCall", "nativeSQL")

src/java-plugin/src/test/files/AvoidFullSQLRequestCheck.java

@@ -1,12 +1,17 @@
 package fr.cnumr.java.checks;
 
+import java.util.regex.Pattern;
+
 class AvoidFullSQLRequestCheck {
 	AvoidFullSQLRequestCheck(AvoidFullSQLRequestCheck mc) {
     }
 
 	   public void literalSQLrequest() {
 		   dummyCall("   sElEcT * fRoM myTable"); // Noncompliant
 		   dummyCall("   sElEcT user fRoM myTable"); 
+
+		   dummyCall("SELECTABLE 2*2 FROMAGE"); //not sql
+		   dummyCall("SELECT     *FROM table"); // Noncompliant
 	   }
 
 
@@ -15,9 +20,13 @@ public void variableSQLrequest() {
 		   String requestCompiliant = "   SeLeCt user FrOm myTable"; 
 		   dummyCall(requestNonCompiliant); 
 		   dummyCall(requestCompiliant); 
+
+		   String noSqlCompiliant = "SELECTABLE 2*2 FROMAGE"; //not sql
+		   String requestNonCompiliant_nSpace = "SELECT   *FROM table"; // Noncompliant
 	   }
 
    private void dummyCall (String request) {
 
    }
+
 }