use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.
the class ShowActionTest method verify_response_example.
@Test
public void verify_response_example() {
ComponentDto project = dbTester.components().insertPublicProject(componentDto -> componentDto.setName("test-project").setLongName("test-project").setDbKey("com.sonarsource:test-project"));
userSessionRule.registerComponents(project).addProjectPermission(UserRole.SECURITYHOTSPOT_ADMIN, project);
ComponentDto file = dbTester.components().insertComponent(newFileDto(project).setDbKey("com.sonarsource:test-project:src/main/java/com/sonarsource/FourthClass.java").setName("FourthClass.java").setLongName("src/main/java/com/sonarsource/FourthClass.java").setPath("src/main/java/com/sonarsource/FourthClass.java"));
UserDto author = dbTester.users().insertUser(u -> u.setLogin("joe").setName("Joe"));
long time = 1577976190000L;
RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT, r -> r.setRuleKey("S4787").setRepositoryKey("java").setName("rule-name").setSecurityStandards(Sets.newHashSet(SQCategory.WEAK_CRYPTOGRAPHY.getKey())));
IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, h -> h.setAssigneeUuid("assignee-uuid").setAuthorLogin("joe").setMessage("message").setLine(10).setChecksum("a227e508d6646b55a086ee11d63b21e9").setIssueCreationTime(time).setIssueUpdateTime(time).setAuthorLogin(author.getLogin()).setAssigneeUuid(author.getUuid()).setKee("AW9mgJw6eFC3pGl94Wrf"));
List<Common.Changelog> changelog = IntStream.range(0, 3).mapToObj(i -> Common.Changelog.newBuilder().setUser("joe").setCreationDate("2020-01-02T14:44:55+0100").addDiffs(Diff.newBuilder().setKey("diff-key-" + i).setNewValue("new-value-" + i).setOldValue("old-value-" + i)).setIsUserActive(true).setUserName("Joe").setAvatar("my-avatar").build()).collect(Collectors.toList());
List<Common.Comment> comments = IntStream.range(0, 3).mapToObj(i -> Common.Comment.newBuilder().setKey("comment-" + i).setHtmlText("html text " + i).setLogin("Joe").setMarkdown("markdown " + i).setCreatedAt("2020-01-02T14:47:47+0100").build()).collect(Collectors.toList());
mockChangelogAndCommentsFormattingContext();
when(issueChangeSupport.formatChangelog(any(), any())).thenReturn(changelog.stream());
when(issueChangeSupport.formatComments(any(), any(), any())).thenReturn(comments.stream());
assertThat(actionTester.getDef().responseExampleAsString()).isNotNull();
newRequest(hotspot).execute().assertJson(actionTester.getDef().responseExampleAsString());
}
use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.
the class ShowActionTest method returns_user_of_users_from_ChangelogAndComments_and_assignee_and_author.
@Test
public void returns_user_of_users_from_ChangelogAndComments_and_assignee_and_author() {
ComponentDto project = dbTester.components().insertPublicProject();
userSessionRule.registerComponents(project);
RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);
ComponentDto file = dbTester.components().insertComponent(newFileDto(project));
UserDto author = dbTester.users().insertUser();
UserDto assignee = dbTester.users().insertUser();
IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setAuthorLogin(author.getLogin()).setAssigneeUuid(assignee.getUuid()));
FormattingContext formattingContext = mockChangelogAndCommentsFormattingContext();
Set<UserDto> changeLogAndCommentsUsers = IntStream.range(0, 1 + RANDOM.nextInt(14)).mapToObj(i -> UserTesting.newUserDto()).collect(Collectors.toSet());
when(formattingContext.getUsers()).thenReturn(changeLogAndCommentsUsers);
Hotspots.ShowWsResponse response = newRequest(hotspot).executeProtobuf(Hotspots.ShowWsResponse.class);
assertThat(response.getUsersList()).extracting(User::getLogin, User::getName, User::getActive).containsExactlyInAnyOrder(Stream.concat(Stream.of(author, assignee), changeLogAndCommentsUsers.stream()).map(t -> tuple(t.getLogin(), t.getName(), t.isActive())).toArray(Tuple[]::new));
}
use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.
the class ShowActionTest method returns_hotspot_changelog_and_comments.
@Test
public void returns_hotspot_changelog_and_comments() {
ComponentDto project = dbTester.components().insertPublicProject();
userSessionRule.registerComponents(project);
RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);
ComponentDto file = dbTester.components().insertComponent(newFileDto(project));
IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setLocations(DbIssues.Locations.newBuilder().setTextRange(DbCommons.TextRange.newBuilder().build()).build()));
List<Common.Changelog> changelog = IntStream.range(0, 1 + new Random().nextInt(12)).mapToObj(i -> Common.Changelog.newBuilder().setUser("u" + i).build()).collect(Collectors.toList());
List<Common.Comment> comments = IntStream.range(0, 1 + new Random().nextInt(12)).mapToObj(i -> Common.Comment.newBuilder().setKey("u" + i).build()).collect(Collectors.toList());
FormattingContext formattingContext = mockChangelogAndCommentsFormattingContext();
when(issueChangeSupport.formatChangelog(any(), any())).thenReturn(changelog.stream());
when(issueChangeSupport.formatComments(any(), any(), any())).thenReturn(comments.stream());
Hotspots.ShowWsResponse response = newRequest(hotspot).executeProtobuf(Hotspots.ShowWsResponse.class);
assertThat(response.getChangelogList()).extracting(Common.Changelog::getUser).containsExactly(changelog.stream().map(Common.Changelog::getUser).toArray(String[]::new));
assertThat(response.getCommentList()).extracting(Common.Comment::getKey).containsExactly(comments.stream().map(Common.Comment::getKey).toArray(String[]::new));
verify(issueChangeSupport).newFormattingContext(any(DbSession.class), argThat(new IssueDtoSetArgumentMatcher(hotspot)), eq(Load.ALL), eq(Collections.emptySet()), eq(ImmutableSet.of(project, file)));
verify(issueChangeSupport).formatChangelog(argThat(new IssueDtoArgumentMatcher(hotspot)), eq(formattingContext));
verify(issueChangeSupport).formatComments(argThat(new IssueDtoArgumentMatcher(hotspot)), any(Common.Comment.Builder.class), eq(formattingContext));
}
use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.
the class SearchActionTest method returns_no_hotspot_component_nor_rule_when_project_has_no_hotspot.
@Test
public void returns_no_hotspot_component_nor_rule_when_project_has_no_hotspot() {
ComponentDto project = dbTester.components().insertPublicProject();
userSessionRule.registerComponents(project);
indexPermissions();
ComponentDto file = dbTester.components().insertComponent(newFileDto(project));
Arrays.stream(RuleType.values()).filter(t -> t != SECURITY_HOTSPOT).forEach(ruleType -> {
RuleDefinitionDto rule = newRule(ruleType);
dbTester.issues().insert(rule, project, file, t -> t.setType(ruleType));
});
indexIssues();
SearchWsResponse response = newRequest(project).executeProtobuf(SearchWsResponse.class);
assertThat(response.getHotspotsList()).isEmpty();
}
use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.
the class SearchActionTest method does_not_fail_if_rule_of_hotspot_does_not_exist_in_DB.
@Test
public void does_not_fail_if_rule_of_hotspot_does_not_exist_in_DB() {
ComponentDto project = dbTester.components().insertPublicProject();
userSessionRule.registerComponents(project);
ComponentDto file = dbTester.components().insertComponent(newFileDto(project));
indexPermissions();
IssueDto[] hotspots = IntStream.range(0, 1 + RANDOM.nextInt(10)).mapToObj(i -> {
RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);
return insertHotspot(project, file, rule);
}).toArray(IssueDto[]::new);
indexIssues();
IssueDto hotspotWithoutRule = hotspots[RANDOM.nextInt(hotspots.length)];
dbTester.executeUpdateSql("delete from rules where uuid=?", hotspotWithoutRule.getRuleUuid());
SearchWsResponse response = newRequest(project).executeProtobuf(SearchWsResponse.class);
assertThat(response.getHotspotsList()).extracting(Hotspots.SearchWsResponse.Hotspot::getKey).containsOnly(Arrays.stream(hotspots).filter(t -> !t.getKey().equals(hotspotWithoutRule.getKey())).map(IssueDto::getKey).toArray(String[]::new));
}
Aggregations