CodeQL library for C#
codeql/csharp-all 1.0.3-dev (changelog, source)
Search

Module MissingFunctionLevelAccessControlQuery

Definitions for the missing function level access control query

Import path

import semmle.code.csharp.security.auth.MissingFunctionLevelAccessControlQuery

Imports

ActionMethods

Common definitions for queries checking for access control measures on action methods.

AspNetCore

Provides classes for working with Microsoft.AspNetCore.Mvc.

UI

Provides definitions related to the namespace System.Web.UI.

WebConfig

Provides classes and predicates related to ASP.NET Web.config files.

csharp

The default C# QL library.

Predicates

hasAuthViaAttribute

Holds if the given action has an attribute that indications authorization.

hasAuthViaCode

Holds if m is a method that should have an auth check, and does indeed have one.

hasAuthViaXml

Holds if the given action has an xml authorization tag that refers to it.

missingAuth

Holds if m is a method that should have an auth check, but is missing it.

needsAuth

Holds if the method m may need an authorization check.

Classes

AuthExpr

An expression that indicates that some authorization/authentication check is being performed.

AuthorizationXmlElement

An <authorization> XML element.