# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

module Contrast
  module Agent
    module Protect
      module Rule
        class NoSqli
          # The Mongo specific NoSQL scanner, used by the NoSQLI rule to
          # determine if a NoSQL attack was performed against a Mongo database.
          #
          # @deprecated RUBY-356
          class MongoNoSqlScanner < Contrast::Agent::Protect::Rule::DefaultScanner
            # Is the current & next character '//' or are the current and
            # subsequent characters '<--' ?
            def start_line_comment? char, index, query
              if char == Contrast::Utils::ObjectShare::SLASH &&
                    query[index + 1] == Contrast::Utils::ObjectShare::SLASH

                return true
              end

              char == Contrast::Utils::ObjectShare::LEFT_ANGLE &&
                  query[index + 1] == Contrast::Utils::ObjectShare::DASH &&
                  query[index + 2] == Contrast::Utils::ObjectShare::DASH
            end

            def start_block_comment? _char, _index, _query
              false
            end

            # Indicates if '""' inside of double quotes is the equivalent of '\"'
            def double_quote_escape_in_double_quote?
              true
            end
          end
        end
      end
    end
  end
end