package net.sourceforge.pmd.lang.apex.rule.security;

import java.util.Iterator;
import net.sourceforge.pmd.lang.apex.ast.ASTLiteralExpression;
import net.sourceforge.pmd.lang.apex.ast.ASTMethodCallExpression;
import net.sourceforge.pmd.lang.apex.ast.ASTUserClass;
import net.sourceforge.pmd.lang.apex.ast.ASTVariableExpression;
import net.sourceforge.pmd.lang.apex.ast.ApexNode;
import net.sourceforge.pmd.lang.apex.rule.AbstractApexRule;

/* loaded from: input_file:net/sourceforge/pmd/lang/apex/rule/security/ApexXSSFromEscapeFalseRule.class */
public class ApexXSSFromEscapeFalseRule extends AbstractApexRule {
    private static final String ADD_ERROR = "addError";

    public ApexXSSFromEscapeFalseRule() {
        addRuleChainVisit(ASTUserClass.class);
        setProperty(CODECLIMATE_CATEGORIES, new String[]{"Security"});
        setProperty(CODECLIMATE_REMEDIATION_MULTIPLIER, 100);
        setProperty(CODECLIMATE_BLOCK_HIGHLIGHTING, false);
    }

    @Override // net.sourceforge.pmd.lang.apex.rule.AbstractApexRule, net.sourceforge.pmd.lang.apex.ast.ApexParserVisitor
    public Object visit(ASTUserClass aSTUserClass, Object obj) {
        if (net.sourceforge.pmd.lang.apex.rule.internal.Helper.isTestMethodOrClass(aSTUserClass) || net.sourceforge.pmd.lang.apex.rule.internal.Helper.isSystemLevelClass(aSTUserClass)) {
            return obj;
        }
        for (ASTMethodCallExpression aSTMethodCallExpression : aSTUserClass.findDescendantsOfType(ASTMethodCallExpression.class)) {
            if (net.sourceforge.pmd.lang.apex.rule.internal.Helper.isMethodName(aSTMethodCallExpression, ADD_ERROR)) {
                validateBooleanParameter(aSTMethodCallExpression, obj);
            }
        }
        return obj;
    }

    private void validateBooleanParameter(ASTMethodCallExpression aSTMethodCallExpression, Object obj) {
        if (aSTMethodCallExpression.getNumChildren() == 3) {
            ApexNode<?> child = aSTMethodCallExpression.mo5getChild(2);
            if (child instanceof ASTLiteralExpression) {
                ASTLiteralExpression aSTLiteralExpression = (ASTLiteralExpression) child;
                if (!aSTLiteralExpression.isBoolean() || Boolean.parseBoolean(aSTLiteralExpression.getImage())) {
                    return;
                }
                validateLiteralPresence(aSTMethodCallExpression, obj);
            }
        }
    }

    private void validateLiteralPresence(ASTMethodCallExpression aSTMethodCallExpression, Object obj) {
        Iterator it = aSTMethodCallExpression.findDescendantsOfType(ASTVariableExpression.class).iterator();
        while (it.hasNext()) {
            addViolation(obj, (ASTVariableExpression) it.next());
        }
    }
}
