Definitions for the missing function level access control query
Import path
import semmle.code.csharp.security.auth.MissingFunctionLevelAccessControlQuery
Imports
ActionMethods | Common definitions for queries checking for access control measures on action methods. |
AspNetCore | Provides classes for working with |
UI | Provides definitions related to the namespace |
WebConfig | Provides classes and predicates related to ASP.NET Web.config files. |
csharp | The default C# QL library. |
Predicates
hasAuthViaAttribute | Holds if the given action has an attribute that indications authorization. |
hasAuthViaCode | Holds if |
hasAuthViaXml | Holds if the given action has an xml |
missingAuth | Holds if |
needsAuth | Holds if the method |
Classes
AuthExpr | An expression that indicates that some authorization/authentication check is being performed. |
AuthorizationXmlElement | An |