/**
 * @fileoverview Rule to flag use of implied eval via setTimeout and setInterval
 * @author James Allardice
 * @copyright 2015 Mathias Schreck. All rights reserved.
 * @copyright 2013 James Allardice. All rights reserved.
 */

"use strict";

//------------------------------------------------------------------------------
// Rule Definition
//------------------------------------------------------------------------------

module.exports = function(context) {
    var CALLEE_RE = /set(?:Timeout|Interval)|execScript/;

    // Figures out if we should inspect a given binary expression. Is a stack of
    // stacks, where the first element in each substack is a CallExpression.
    var impliedEvalAncestorsStack = [];

    //--------------------------------------------------------------------------
    // Helpers
    //--------------------------------------------------------------------------

    /**
     * Get the last element of an array, without modifying arr, like pop(), but non-destructive.
     * @param {array} arr What to inspect
     * @returns {*} The last element of arr
     * @private
     */
    function last(arr) {
        return arr ? arr[arr.length - 1] : null;
    }

    /**
     * Checks if the given MemberExpression node is a potentially implied eval identifier on window.
     * @param {ASTNode} node The MemberExpression node to check.
     * @returns {boolean} Whether or not the given node is potentially an implied eval.
     * @private
     */
    function isImpliedEvalMemberExpression(node) {
        var object = node.object,
            property = node.property,
            hasImpliedEvalName = CALLEE_RE.test(property.name) || CALLEE_RE.test(property.value);

        return object.name === "window" && hasImpliedEvalName;
    }

    /**
     * Determines if a node represents a call to a potentially implied eval.
     *
     * This checks the callee name and that there's an argument, but not the type of the argument.
     *
     * @param {ASTNode} node The CallExpression to check.
     * @returns {boolean} True if the node matches, false if not.
     * @private
     */
    function isImpliedEvalCallExpression(node) {
        var isMemberExpression = (node.callee.type === "MemberExpression"),
            isIdentifier = (node.callee.type === "Identifier"),
            isImpliedEvalCallee =
                (isIdentifier && CALLEE_RE.test(node.callee.name)) ||
                (isMemberExpression && isImpliedEvalMemberExpression(node.callee));

        return isImpliedEvalCallee && node.arguments.length;
    }

    /**
     * Checks that the parent is a direct descendent of an potential implied eval CallExpression, and if the parent is a CallExpression, that we're the first argument.
     * @param {ASTNode} node The node to inspect the parent of.
     * @returns {boolean} Was the parent a direct descendent, and is the child therefore potentially part of a dangerous argument?
     * @private
     */
    function hasImpliedEvalParent(node) {
        // make sure our parent is marked
        return node.parent === last(last(impliedEvalAncestorsStack)) &&
            // if our parent is a CallExpression, make sure we're the first argument
            (node.parent.type !== "CallExpression" || node === node.parent.arguments[0]);
    }

    /**
     * Checks if our parent is marked as part of an implied eval argument. If
     * so, collapses the top of impliedEvalAncestorsStack and reports on the
     * original CallExpression.
     * @param {ASTNode} node The CallExpression to check.
     * @returns {boolean} True if the node matches, false if not.
     * @private
     */
    function checkString(node) {
        if (hasImpliedEvalParent(node)) {
            // remove the entire substack, to avoid duplicate reports
            var substack = impliedEvalAncestorsStack.pop();
            context.report(substack[0], "Implied eval. Consider passing a function instead of a string.");
        }
    }

    //--------------------------------------------------------------------------
    // Public
    //--------------------------------------------------------------------------

    return {
        "CallExpression": function(node) {
            if (isImpliedEvalCallExpression(node)) {
                // call expressions create a new substack
                impliedEvalAncestorsStack.push([node]);
            }
        },

        "CallExpression:exit": function(node) {
            if (node === last(last(impliedEvalAncestorsStack))) {
                // destroys the entire sub-stack, rather than just using
                // last(impliedEvalAncestorsStack).pop(), as a CallExpression is
                // always the bottom of a impliedEvalAncestorsStack substack.
                impliedEvalAncestorsStack.pop();
            }
        },

        "BinaryExpression": function(node) {
            if (node.operator === "+" && hasImpliedEvalParent(node)) {
                last(impliedEvalAncestorsStack).push(node);
            }
        },

        "BinaryExpression:exit": function(node) {
            if (node === last(last(impliedEvalAncestorsStack))) {
                last(impliedEvalAncestorsStack).pop();
            }
        },

        "Literal": function(node) {
            if (typeof node.value === "string") {
                checkString(node);
            }
        },

        "TemplateLiteral": function(node) {
            checkString(node);
        }
    };

};

module.exports.schema = [];