Java: add 'Spring' prefix to public class names

github · jcogs33 · Mar 11, 2025 · Feb 16, 2025 · Feb 16, 2025 · Feb 16, 2025
commit 746f022cfa614fa3bb6330ed0e142b8773003f36
@@ -8,17 +8,17 @@ import java
 /**
  * The class `org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest`.
  */
-class TypeEndpointRequest extends Class {
-  TypeEndpointRequest() {
+class SpringEndpointRequest extends Class {
+  SpringEndpointRequest() {
     this.hasQualifiedName("org.springframework.boot.actuate.autoconfigure.security.servlet",
       "EndpointRequest")
   }
 }
 
 /** A call to `EndpointRequest.toAnyEndpoint` method. */
-class ToAnyEndpointCall extends MethodCall {
-  ToAnyEndpointCall() {
+class SpringToAnyEndpointCall extends MethodCall {
+  SpringToAnyEndpointCall() {
     this.getMethod().hasName("toAnyEndpoint") and
-    this.getMethod().getDeclaringType() instanceof TypeEndpointRequest
+    this.getMethod().getDeclaringType() instanceof SpringEndpointRequest
   }
 }
@@ -6,8 +6,8 @@
 import java
 
 /** The class `org.springframework.security.config.annotation.web.builders.HttpSecurity`. */
-class TypeHttpSecurity extends Class {
-  TypeHttpSecurity() {
+class SpringHttpSecurity extends Class {
+  SpringHttpSecurity() {
     this.hasQualifiedName("org.springframework.security.config.annotation.web.builders",
       "HttpSecurity")
   }
@@ -19,8 +19,8 @@ class TypeHttpSecurity extends Class {
  * or the class
  * `org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer$AuthorizedUrl`.
  */
-class TypeAuthorizedUrl extends Class {
-  TypeAuthorizedUrl() {
+class SpringAuthorizedUrl extends Class {
+  SpringAuthorizedUrl() {
     this.hasQualifiedName("org.springframework.security.config.annotation.web.configurers",
       [
         "ExpressionUrlAuthorizationConfigurer<HttpSecurity>$AuthorizedUrl<>",
@@ -32,8 +32,8 @@ class TypeAuthorizedUrl extends Class {
 /**
  * The class `org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry`.
  */
-class TypeAbstractRequestMatcherRegistry extends Class {
-  TypeAbstractRequestMatcherRegistry() {
+class SpringAbstractRequestMatcherRegistry extends Class {
+  SpringAbstractRequestMatcherRegistry() {
     this.hasQualifiedName("org.springframework.security.config.annotation.web",
       "AbstractRequestMatcherRegistry<AuthorizedUrl<>>")
   }
@@ -45,10 +45,10 @@ class TypeAbstractRequestMatcherRegistry extends Class {
  * Note: this method is deprecated and scheduled for removal
  * in Spring Security 7.0.
  */
-class AuthorizeRequestsCall extends MethodCall {
-  AuthorizeRequestsCall() {
+class SpringAuthorizeRequestsCall extends MethodCall {
+  SpringAuthorizeRequestsCall() {
     this.getMethod().hasName("authorizeRequests") and
-    this.getMethod().getDeclaringType() instanceof TypeHttpSecurity
+    this.getMethod().getDeclaringType() instanceof SpringHttpSecurity
   }
 }
 
@@ -58,10 +58,10 @@ class AuthorizeRequestsCall extends MethodCall {
  * Note: the no-argument version of this method is deprecated
  * and scheduled for removal in Spring Security 7.0.
  */
-class AuthorizeHttpRequestsCall extends MethodCall {
-  AuthorizeHttpRequestsCall() {
+class SpringAuthorizeHttpRequestsCall extends MethodCall {
+  SpringAuthorizeHttpRequestsCall() {
     this.getMethod().hasName("authorizeHttpRequests") and
-    this.getMethod().getDeclaringType() instanceof TypeHttpSecurity
+    this.getMethod().getDeclaringType() instanceof SpringHttpSecurity
   }
 }
 
@@ -71,10 +71,10 @@ class AuthorizeHttpRequestsCall extends MethodCall {
  * Note: this method was removed in Spring Security 6.0.
  * It was replaced by `securityMatcher`.
  */
-class RequestMatcherCall extends MethodCall {
-  RequestMatcherCall() {
+class SpringRequestMatcherCall extends MethodCall {
+  SpringRequestMatcherCall() {
     this.getMethod().hasName("requestMatcher") and
-    this.getMethod().getDeclaringType() instanceof TypeHttpSecurity
+    this.getMethod().getDeclaringType() instanceof SpringHttpSecurity
   }
 }
 
@@ -84,41 +84,41 @@ class RequestMatcherCall extends MethodCall {
  * Note: this method was removed in Spring Security 6.0.
  * It was replaced by `securityMatchers`.
  */
-class RequestMatchersCall extends MethodCall {
-  RequestMatchersCall() {
+class SpringRequestMatchersCall extends MethodCall {
+  SpringRequestMatchersCall() {
     this.getMethod().hasName("requestMatchers") and
-    this.getMethod().getDeclaringType() instanceof TypeHttpSecurity
+    this.getMethod().getDeclaringType() instanceof SpringHttpSecurity
   }
 }
 
 /** A call to the `HttpSecurity.securityMatcher` method. */
-class SecurityMatcherCall extends MethodCall {
-  SecurityMatcherCall() {
+class SpringSecurityMatcherCall extends MethodCall {
+  SpringSecurityMatcherCall() {
     this.getMethod().hasName("securityMatcher") and
-    this.getMethod().getDeclaringType() instanceof TypeHttpSecurity
+    this.getMethod().getDeclaringType() instanceof SpringHttpSecurity
   }
 }
 
 /** A call to the `HttpSecurity.securityMatchers` method. */
-class SecurityMatchersCall extends MethodCall {
-  SecurityMatchersCall() {
+class SpringSecurityMatchersCall extends MethodCall {
+  SpringSecurityMatchersCall() {
     this.getMethod().hasName("securityMatchers") and
-    this.getMethod().getDeclaringType() instanceof TypeHttpSecurity
+    this.getMethod().getDeclaringType() instanceof SpringHttpSecurity
   }
 }
 
 /** A call to the `AuthorizedUrl.permitAll` method. */
-class PermitAllCall extends MethodCall {
-  PermitAllCall() {
+class SpringPermitAllCall extends MethodCall {
+  SpringPermitAllCall() {
     this.getMethod().hasName("permitAll") and
-    this.getMethod().getDeclaringType() instanceof TypeAuthorizedUrl
+    this.getMethod().getDeclaringType() instanceof SpringAuthorizedUrl
   }
 }
 
 /** A call to the `AbstractRequestMatcherRegistry.anyRequest` method. */
-class AnyRequestCall extends MethodCall {
-  AnyRequestCall() {
+class SpringAnyRequestCall extends MethodCall {
+  SpringAnyRequestCall() {
     this.getMethod().hasName("anyRequest") and
-    this.getMethod().getDeclaringType() instanceof TypeAbstractRequestMatcherRegistry
+    this.getMethod().getDeclaringType() instanceof SpringAbstractRequestMatcherRegistry
   }
 }
@@ -11,10 +11,10 @@ private import semmle.code.java.frameworks.spring.SpringBoot
 private class HttpSecurityMatcherCall extends MethodCall {
   HttpSecurityMatcherCall() {
     (
-      this instanceof RequestMatcherCall or
-      this instanceof SecurityMatcherCall
+      this instanceof SpringRequestMatcherCall or
+      this instanceof SpringSecurityMatcherCall
     ) and
-    this.getArgument(0) instanceof ToAnyEndpointCall
+    this.getArgument(0) instanceof SpringToAnyEndpointCall
   }
 }
 
@@ -25,10 +25,10 @@ private class HttpSecurityMatcherCall extends MethodCall {
 private class HttpSecurityMatchersCall extends MethodCall {
   HttpSecurityMatchersCall() {
     (
-      this instanceof RequestMatchersCall or
-      this instanceof SecurityMatchersCall
+      this instanceof SpringRequestMatchersCall or
+      this instanceof SpringSecurityMatchersCall
     ) and
-    this.getArgument(0).(LambdaExpr).getExprBody() instanceof ToAnyEndpointCall
+    this.getArgument(0).(LambdaExpr).getExprBody() instanceof SpringToAnyEndpointCall
   }
 }
 
@@ -39,21 +39,21 @@ private class HttpSecurityMatchersCall extends MethodCall {
 private class RegistryRequestMatchersCall extends MethodCall {
   RegistryRequestMatchersCall() {
     this.getMethod().hasName("requestMatchers") and
-    this.getMethod().getDeclaringType() instanceof TypeAbstractRequestMatcherRegistry and
-    this.getAnArgument() instanceof ToAnyEndpointCall
+    this.getMethod().getDeclaringType() instanceof SpringAbstractRequestMatcherRegistry and
+    this.getAnArgument() instanceof SpringToAnyEndpointCall
   }
 }
 
 /** A call to an `HttpSecurity` method that authorizes requests. */
 private class AuthorizeCall extends MethodCall {
   AuthorizeCall() {
-    this instanceof AuthorizeRequestsCall or
-    this instanceof AuthorizeHttpRequestsCall
+    this instanceof SpringAuthorizeRequestsCall or
+    this instanceof SpringAuthorizeHttpRequestsCall
   }
 }
 
 /** Holds if `permitAllCall` is called on request(s) mapped to actuator endpoint(s). */
-predicate permitsSpringBootActuators(PermitAllCall permitAllCall) {
+predicate permitsSpringBootActuators(SpringPermitAllCall permitAllCall) {
   exists(AuthorizeCall authorizeCall |
     // .requestMatcher(EndpointRequest).authorizeRequests([...]).[...]
     authorizeCall.getQualifier() instanceof HttpSecurityMatcherCall
@@ -65,7 +65,7 @@ predicate permitsSpringBootActuators(PermitAllCall permitAllCall) {
     // [...].authorizeRequests(r -> r.requestMatchers(EndpointRequest).permitAll())
     authorizeCall.getArgument(0).(LambdaExpr).getExprBody() = permitAllCall and
     (
-      permitAllCall.getQualifier() instanceof AnyRequestCall or
+      permitAllCall.getQualifier() instanceof SpringAnyRequestCall or
       permitAllCall.getQualifier() instanceof RegistryRequestMatchersCall
     )
     or
@@ -77,7 +77,7 @@ predicate permitsSpringBootActuators(PermitAllCall permitAllCall) {
       permitAllCall.getQualifier() = registryRequestMatchersCall
     )
     or
-    exists(AnyRequestCall anyRequestCall |
+    exists(SpringAnyRequestCall anyRequestCall |
       anyRequestCall.getQualifier() = authorizeCall and
       permitAllCall.getQualifier() = anyRequestCall
     )
@@ -104,7 +104,7 @@ predicate permitsSpringBootActuators(PermitAllCall permitAllCall) {
       v.getAnAccess() = authorizeCall.getQualifier() and
       v.getAnAccess() = matcherCall.getQualifier() and
       authorizeCall.getArgument(0).(LambdaExpr).getExprBody() = permitAllCall and
-      permitAllCall.getQualifier() instanceof AnyRequestCall
+      permitAllCall.getQualifier() instanceof SpringAnyRequestCall
     )
   )
 }
@@ -15,6 +15,6 @@ import java
 import semmle.code.java.frameworks.spring.SpringSecurity
 import semmle.code.java.security.SpringBootActuatorsQuery
 
-from PermitAllCall permitAllCall
+from SpringPermitAllCall permitAllCall
 where permitsSpringBootActuators(permitAllCall)
 select permitAllCall, "Unauthenticated access to Spring Boot actuator is allowed."