JS: Port checks to JS

Author: asgerf

javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModels.qll

@@ -363,6 +363,42 @@ Specific::InvokeNode getInvocationFromPath(string package, string type, AccessPa
   result = getInvocationFromPath(package, type, path, path.getNumToken())
 }
 
+/**
+ * Holds if `name` is a valid name for an access path token in the identifying access path.
+ */
+bindingset[name]
+predicate isValidTokenNameInIdentifyingAccessPath(string name) {
+  name = ["Argument", "Parameter", "ReturnValue", "WithArity"]
+  or
+  Specific::isExtraValidTokenNameInIdentifyingAccessPath(name)
+}
+
+/**
+ * Holds if `name` is a valid name for an access path token with no arguments, occuring
+ * in an identifying access path.
+ */
+bindingset[name]
+predicate isValidNoArgumentTokenInIdentifyingAccessPath(string name) {
+  name = "ReturnValue"
+  or
+  Specific::isExtraValidNoArgumentTokenInIdentifyingAccessPath(name)
+}
+
+/**
+ * Holds if `argument` is a valid argument to an access path token with the given `name`, occurring
+ * in an identifying access path.
+ */
+bindingset[name, argument]
+predicate isValidTokenArgumentInIdentifyingAccessPath(string name, string argument) {
+  name = ["Argument", "Parameter"] and
+  argument.regexpMatch("(N-|-)?\\d+(\\.\\.(N-|-)?\\d+)?")
+  or
+  name = "WithArity" and
+  argument.regexpMatch("\\d+(\\.\\.\\d+)?")
+  or
+  Specific::isExtraValidTokenArgumentInIdentifyingAccessPath(name, argument)
+}
+
 /**
  * Module providing access to the imported models in terms of API graph nodes.
  */
@@ -441,5 +477,27 @@ module ModelOutput {
         "CSV " + kind + " row should have " + expectedArity + " columns but has " + actualArity +
           ": " + row
     )
+    or
+    // Check names and arguments of access path tokens
+    exists(AccessPath path, AccessPathToken token |
+      isRelevantFullPath(_, _, path) and
+      token = path.getToken(_)
+    |
+      not isValidTokenNameInIdentifyingAccessPath(token.getName()) and
+      result = "Invalid token name '" + token.getName() + "' in access path: " + path
+      or
+      isValidTokenNameInIdentifyingAccessPath(token.getName()) and
+      exists(string argument |
+        argument = token.getAnArgument() and
+        not isValidTokenArgumentInIdentifyingAccessPath(token.getName(), argument) and
+        result =
+          "Invalid argument '" + argument + "' in token '" + token + "' in access path: " + path
+      )
+      or
+      isValidTokenNameInIdentifyingAccessPath(token.getName()) and
+      token.getNumArgument() = 0 and
+      not isValidNoArgumentTokenInIdentifyingAccessPath(token.getName()) and
+      result = "Invalid token '" + token + "' is missing its arguments, in access path: " + path
+    )
   }
 }

javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll

@@ -190,3 +190,29 @@ class InvokeNode = API::InvokeNode;
 
 /** Gets an `InvokeNode` corresponding to an invocation of `node`. */
 InvokeNode getAnInvocationOf(API::Node node) { result = node.getAnInvocation() }
+
+/**
+ * Holds if `name` is a valid name for an access path token in the identifying access path.
+ */
+bindingset[name]
+predicate isExtraValidTokenNameInIdentifyingAccessPath(string name) {
+  name = ["Member", "Instance", "Awaited", "ArrayElement", "Element", "MapValue", "NewCall", "Call"]
+}
+
+/**
+ * Holds if `name` is a valid name for an access path token with no arguments, occuring
+ * in an identifying access path.
+ */
+predicate isExtraValidNoArgumentTokenInIdentifyingAccessPath(string name) {
+  name = ["Instance", "Awaited", "ArrayElement", "Element", "MapValue", "NewCall", "Call"]
+}
+
+/**
+ * Holds if `argument` is a valid argument to an access path token with the given `name`, occurring
+ * in an identifying access path.
+ */
+bindingset[name, argument]
+predicate isExtraValidTokenArgumentInIdentifyingAccessPath(string name, string argument) {
+  name = ["Member"] and
+  argument = any(string s)
+}

javascript/ql/test/library-tests/frameworks/data/test.expected

@@ -89,5 +89,15 @@ syntaxErrors
 | Member[foo]] |
 | Member[foo]].Member[bar] |
 warning
-| CSV type row should have 5 columns but has 2: test;TooFewColumns |
-| CSV type row should have 5 columns but has 8: test;TooManyColumns;;;Member[Foo].Instance;too;many;columns |
+| CSV type row should have 5 columns but has 2: testlib;TooFewColumns |
+| CSV type row should have 5 columns but has 8: testlib;TooManyColumns;;;Member[Foo].Instance;too;many;columns |
+| Invalid argument '0-1' in token 'Argument[0-1]' in access path: Method[foo].Argument[0-1] |
+| Invalid argument '*' in token 'Argument[*]' in access path: Method[foo].Argument[*] |
+| Invalid token 'Argument' is missing its arguments, in access path: Method[foo].Argument |
+| Invalid token 'Member' is missing its arguments, in access path: Method[foo].Member |
+| Invalid token name 'Arg' in access path: Method[foo].Arg[0] |
+| Invalid token name 'Method' in access path: Method[foo].Arg[0] |
+| Invalid token name 'Method' in access path: Method[foo].Argument |
+| Invalid token name 'Method' in access path: Method[foo].Argument[0-1] |
+| Invalid token name 'Method' in access path: Method[foo].Argument[*] |
+| Invalid token name 'Method' in access path: Method[foo].Member |

javascript/ql/test/library-tests/frameworks/data/test.ql

@@ -78,8 +78,13 @@ private class InvalidTypeModel extends ModelInput::TypeModelCsv {
   override predicate row(string row) {
     row =
       [
-        "test;TooManyColumns;;;Member[Foo].Instance;too;many;columns", //
-        "test;TooFewColumns", //
+        "testlib;TooManyColumns;;;Member[Foo].Instance;too;many;columns", //
+        "testlib;TooFewColumns", //
+        "testlib;X;testlib;Y;Method[foo].Arg[0]", //
+        "testlib;X;testlib;Y;Method[foo].Argument[0-1]", //
+        "testlib;X;testlib;Y;Method[foo].Argument[*]", //
+        "testlib;X;testlib;Y;Method[foo].Argument", //
+        "testlib;X;testlib;Y;Method[foo].Member", //
       ]
   }
 }