Add an Optional Parameter Filter For JSON Rules

[haeter525]

Description

This PR proposes to add an optional keyword filter for JSON Rules.
Users can use the keyword filter to match APIs with specified parameters.

When will the detection be triggered?

The detection is applied when a rule's confidence reaches 100%.
If no parameters in the corresponding API contain the specified keyword, the rule will be discarded.

How to use it

Append key match_keywords with a keyword list to an API.
For example, add the keyword content://call_log/calls to the second one as below.

{
    "api": [
        {
            "descriptor": "()Landroid/content/ContentResolver;",
            "class": "Landroid/content/Context;",
            "method": "getContentResolver"
        },
        {
            "descriptor": "(Landroid/net/Uri; [Ljava/lang/String; Ljava/lang/String; [Ljava/lang/String; Ljava/lang/String;)Landroid/database/Cursor;",
            "class": "Landroid/content/ContentResolver;",
            "method": "query",
            "match_keywords": [					<--- Added Keyword filter.
                "content://call_log/calls"		<--- The keyword
            ]
        }
    ],
}

Code Changes

1. quark/Objects/quark.py
   • Add a method to check the provided keywords.

Test Plans

1. Add four tests for the filter

[pep8speaks]

Hello @haeter525! Thanks for updating this PR. We checked the lines you've touched for PEP 8 issues, and found:

There are currently no PEP 8 issues detected in this Pull Request. Cheers! 🍻

Comment last updated at 2021-07-12 07:41:31 UTC

[krnick]

Thank you @haeter525 for adding this feature!
Resolve related issue in #127.
Awesome!

[krnick]

For the match_keywords, I would prefer to change it to keyword, which is simpler.

[sourcery-ai]

Sourcery Code Quality Report

✅  Merging this PR will increase code quality in the affected files by 1.65%.

Quality metrics	Before	After	Change
Complexity	9.54 🙂	9.79 🙂	0.25 👎
Method Length	67.53 🙂	62.30 🙂	-5.23 👍
Working memory	9.28 🙂	9.02 🙂	-0.26 👍
Quality	62.70% 🙂	64.35% 🙂	1.65% 👍

Other metrics	Before	After	Change
Lines	876	1044	168

Changed files	Quality Before	Quality After	Quality Change
quark/Objects/quark.py	50.91% 🙂	50.28% 🙂	-0.63% 👎
tests/Object/test_quark.py	85.98% ⭐	87.87% ⭐	1.89% 👍

Here are some functions in these files that still need a tune-up:

File	Function	Complexity	Length	Working Memory	Quality	Recommendation
quark/Objects/quark.py	Quark.check_parameter	48 ⛔	201 😞	13 😞	23.34% ⛔	Refactor to reduce nesting. Try splitting into smaller methods. Extract out complex expressions
quark/Objects/quark.py	Quark.run	19 😞	326 ⛔	14 😞	28.65% 😞	Refactor to reduce nesting. Try splitting into smaller methods. Extract out complex expressions
quark/Objects/quark.py	Quark.generate_json_report	15 🙂	198 😞	18 ⛔	33.64% 😞	Try splitting into smaller methods. Extract out complex expressions
quark/Objects/quark.py	Quark.show_detail_report	13 🙂	201 😞	11 😞	44.06% 😞	Try splitting into smaller methods. Extract out complex expressions
quark/Objects/quark.py	Quark.show_label_report	5 ⭐	177 😞	11 😞	53.44% 🙂	Try splitting into smaller methods. Extract out complex expressions

Legend and Explanation

The emojis denote the absolute quality of the code:

• ⭐ excellent
• 🙂 good
• 😞 poor
• ⛔ very poor

The 👍 and 👎 indicate whether the quality has improved or gotten worse with this pull request.

---

Please see our documentation here for details on how these metrics are calculated.

We are actively working on this report - lots more documentation and extra metrics to come!

Help us improve this quality report!

[haeter525]

Hi @krnick

I have renamed the key according to your advice.
Thank you.