Search in sources :

Example 11 with SECURITY_HOTSPOT

use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.

the class SearchActionTest method returns_issues_when_sinceLeakPeriod_is_true_and_is_application_for_main_branch.

@Test
public void returns_issues_when_sinceLeakPeriod_is_true_and_is_application_for_main_branch() {
    long referenceDate = 800_996_999_332L;
    system2.setNow(referenceDate + 10_000);
    ComponentDto application = dbTester.components().insertPublicApplication();
    ComponentDto project = dbTester.components().insertPublicProject();
    ComponentDto project2 = dbTester.components().insertPublicProject();
    dbTester.components().addApplicationProject(application, project);
    dbTester.components().addApplicationProject(application, project2);
    dbTester.components().insertComponent(ComponentTesting.newProjectCopy(project, application));
    dbTester.components().insertComponent(ComponentTesting.newProjectCopy(project2, application));
    indexViews();
    userSessionRule.registerApplication(application, project, project2);
    indexPermissions();
    ComponentDto file = dbTester.components().insertComponent(newFileDto(project));
    dbTester.components().insertSnapshot(project, t -> t.setPeriodDate(referenceDate).setLast(true));
    RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);
    IssueDto afterRef = dbTester.issues().insertHotspot(rule, project, file, t -> t.setIssueCreationTime(referenceDate + 1000));
    IssueDto atRef = dbTester.issues().insertHotspot(rule, project, file, t -> t.setType(SECURITY_HOTSPOT).setIssueCreationTime(referenceDate));
    IssueDto beforeRef = dbTester.issues().insertHotspot(rule, project, file, t -> t.setIssueCreationTime(referenceDate - 1000));
    ComponentDto file2 = dbTester.components().insertComponent(newFileDto(project2));
    IssueDto project2Issue = dbTester.issues().insertHotspot(rule, project2, file2, t -> t.setIssueCreationTime(referenceDate - 1000));
    indexIssues();
    SearchWsResponse responseAll = newRequest(application).executeProtobuf(SearchWsResponse.class);
    assertThat(responseAll.getHotspotsList()).extracting(SearchWsResponse.Hotspot::getKey).containsExactlyInAnyOrder(afterRef.getKey(), atRef.getKey(), beforeRef.getKey(), project2Issue.getKey());
    SearchWsResponse responseOnLeak = newRequest(application, t -> t.setParam("sinceLeakPeriod", "true")).executeProtobuf(SearchWsResponse.class);
    assertThat(responseOnLeak.getHotspotsList()).extracting(SearchWsResponse.Hotspot::getKey).containsExactlyInAnyOrder(afterRef.getKey());
}
Also used : Arrays(java.util.Arrays) AsyncIssueIndexing(org.sonar.server.issue.index.AsyncIssueIndexing) SecurityStandards(org.sonar.server.security.SecurityStandards) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Random(java.util.Random) ViewIndexer(org.sonar.server.view.index.ViewIndexer) DataProviderRunner(com.tngtech.java.junit.dataprovider.DataProviderRunner) STATUS_CLOSED(org.sonar.api.issue.Issue.STATUS_CLOSED) DbIssues(org.sonar.db.protobuf.DbIssues) WebService(org.sonar.api.server.ws.WebService) Collections.singleton(java.util.Collections.singleton) IssueIndex(org.sonar.server.issue.index.IssueIndex) IssueIteratorFactory(org.sonar.server.issue.index.IssueIteratorFactory) IssueTesting.newIssue(org.sonar.db.issue.IssueTesting.newIssue) Map(java.util.Map) ComponentTesting(org.sonar.db.component.ComponentTesting) DateUtils.formatDateTime(org.sonar.api.utils.DateUtils.formatDateTime) Collectors.toSet(java.util.stream.Collectors.toSet) DbTester(org.sonar.db.DbTester) RuleTesting(org.sonar.db.rule.RuleTesting) PermissionIndexer(org.sonar.server.permission.index.PermissionIndexer) REFERENCE_BRANCH(org.sonar.db.newcodeperiod.NewCodePeriodType.REFERENCE_BRANCH) System2(org.sonar.api.utils.System2) Hotspots(org.sonarqube.ws.Hotspots) Collection(java.util.Collection) Set(java.util.Set) SearchWsResponse(org.sonarqube.ws.Hotspots.SearchWsResponse) Sets(com.google.common.collect.Sets) NotFoundException(org.sonar.server.exceptions.NotFoundException) Collectors.joining(java.util.stream.Collectors.joining) Common(org.sonarqube.ws.Common) STATUS_TO_REVIEW(org.sonar.api.issue.Issue.STATUS_TO_REVIEW) DbClient(org.sonar.db.DbClient) List(java.util.List) ComponentDto(org.sonar.db.component.ComponentDto) Stream(java.util.stream.Stream) STATUS_REVIEWED(org.sonar.api.issue.Issue.STATUS_REVIEWED) ForbiddenException(org.sonar.server.exceptions.ForbiddenException) ProjectDto(org.sonar.db.project.ProjectDto) MoreCollectors.uniqueIndex(org.sonar.core.util.stream.MoreCollectors.uniqueIndex) STATUSES(org.sonar.api.issue.Issue.STATUSES) IssueTesting.newCodeReferenceIssue(org.sonar.db.issue.IssueTesting.newCodeReferenceIssue) SQCategory(org.sonar.server.security.SecurityStandards.SQCategory) ComponentTesting.newDirectory(org.sonar.db.component.ComponentTesting.newDirectory) Mockito.mock(org.mockito.Mockito.mock) IntStream(java.util.stream.IntStream) BranchDto(org.sonar.db.component.BranchDto) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) IssueDto(org.sonar.db.issue.IssueDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) EsTester(org.sonar.server.es.EsTester) ComponentTesting.newFileDto(org.sonar.db.component.ComponentTesting.newFileDto) RunWith(org.junit.runner.RunWith) DataProvider(com.tngtech.java.junit.dataprovider.DataProvider) TestSystem2(org.sonar.api.impl.utils.TestSystem2) RuleType(org.sonar.api.rules.RuleType) WebAuthorizationTypeSupport(org.sonar.server.permission.index.WebAuthorizationTypeSupport) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) TextRangeResponseFormatter(org.sonar.server.issue.TextRangeResponseFormatter) SECURITY_HOTSPOT(org.sonar.api.rules.RuleType.SECURITY_HOTSPOT) RESOLUTION_FIXED(org.sonar.api.issue.Issue.RESOLUTION_FIXED) Nullable(javax.annotation.Nullable) ImmutableSet.of(com.google.common.collect.ImmutableSet.of) UserSessionRule(org.sonar.server.tester.UserSessionRule) BranchType(org.sonar.db.component.BranchType) RandomStringUtils.randomAlphabetic(org.apache.commons.lang.RandomStringUtils.randomAlphabetic) USER(org.sonar.api.web.UserRole.USER) UseDataProvider(com.tngtech.java.junit.dataprovider.UseDataProvider) TestRequest(org.sonar.server.ws.TestRequest) Test(org.junit.Test) Mockito.times(org.mockito.Mockito.times) RESOLUTION_SAFE(org.sonar.api.issue.Issue.RESOLUTION_SAFE) WsActionTester(org.sonar.server.ws.WsActionTester) DbCommons(org.sonar.db.protobuf.DbCommons) Mockito.verify(org.mockito.Mockito.verify) Consumer(java.util.function.Consumer) Component(org.sonarqube.ws.Hotspots.Component) Collectors.toList(java.util.stream.Collectors.toList) Rule(org.junit.Rule) Ordering(com.google.common.collect.Ordering) Issue(org.sonar.api.issue.Issue) IssueIndexSyncProgressChecker(org.sonar.server.issue.index.IssueIndexSyncProgressChecker) Tuple.tuple(org.assertj.core.groups.Tuple.tuple) Comparator(java.util.Comparator) Collections(java.util.Collections) IssueIndexer(org.sonar.server.issue.index.IssueIndexer) ComponentDto(org.sonar.db.component.ComponentDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) IssueDto(org.sonar.db.issue.IssueDto) SearchWsResponse(org.sonarqube.ws.Hotspots.SearchWsResponse) Test(org.junit.Test)

Example 12 with SECURITY_HOTSPOT

use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.

the class SearchActionTest method returns_nothing_when_sinceLeakPeriod_is_true_and_no_period_exists.

@Test
public void returns_nothing_when_sinceLeakPeriod_is_true_and_no_period_exists() {
    long referenceDate = 800_996_999_332L;
    system2.setNow(referenceDate + 10_000);
    ComponentDto project = dbTester.components().insertPublicProject();
    userSessionRule.registerComponents(project);
    indexPermissions();
    ComponentDto file = dbTester.components().insertComponent(newFileDto(project));
    dbTester.components().insertSnapshot(project, t -> t.setPeriodDate(referenceDate).setLast(false));
    dbTester.components().insertSnapshot(project, t -> t.setPeriodDate(null).setLast(true));
    RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);
    IssueDto afterRef = dbTester.issues().insertHotspot(rule, project, file, t -> t.setIssueCreationTime(referenceDate + 1000));
    IssueDto atRef = dbTester.issues().insertHotspot(rule, project, file, t -> t.setType(SECURITY_HOTSPOT).setIssueCreationTime(referenceDate));
    IssueDto beforeRef = dbTester.issues().insertHotspot(rule, project, file, t -> t.setIssueCreationTime(referenceDate - 1000));
    indexIssues();
    SearchWsResponse responseAll = newRequest(project).executeProtobuf(SearchWsResponse.class);
    assertThat(responseAll.getHotspotsList()).extracting(SearchWsResponse.Hotspot::getKey).containsExactlyInAnyOrder(Stream.of(afterRef, atRef, beforeRef).map(IssueDto::getKey).toArray(String[]::new));
    SearchWsResponse responseOnLeak = newRequest(project, t -> t.setParam("sinceLeakPeriod", "true")).executeProtobuf(SearchWsResponse.class);
    assertThat(responseOnLeak.getHotspotsList()).isEmpty();
}
Also used : Arrays(java.util.Arrays) AsyncIssueIndexing(org.sonar.server.issue.index.AsyncIssueIndexing) SecurityStandards(org.sonar.server.security.SecurityStandards) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Random(java.util.Random) ViewIndexer(org.sonar.server.view.index.ViewIndexer) DataProviderRunner(com.tngtech.java.junit.dataprovider.DataProviderRunner) STATUS_CLOSED(org.sonar.api.issue.Issue.STATUS_CLOSED) DbIssues(org.sonar.db.protobuf.DbIssues) WebService(org.sonar.api.server.ws.WebService) Collections.singleton(java.util.Collections.singleton) IssueIndex(org.sonar.server.issue.index.IssueIndex) IssueIteratorFactory(org.sonar.server.issue.index.IssueIteratorFactory) IssueTesting.newIssue(org.sonar.db.issue.IssueTesting.newIssue) Map(java.util.Map) ComponentTesting(org.sonar.db.component.ComponentTesting) DateUtils.formatDateTime(org.sonar.api.utils.DateUtils.formatDateTime) Collectors.toSet(java.util.stream.Collectors.toSet) DbTester(org.sonar.db.DbTester) RuleTesting(org.sonar.db.rule.RuleTesting) PermissionIndexer(org.sonar.server.permission.index.PermissionIndexer) REFERENCE_BRANCH(org.sonar.db.newcodeperiod.NewCodePeriodType.REFERENCE_BRANCH) System2(org.sonar.api.utils.System2) Hotspots(org.sonarqube.ws.Hotspots) Collection(java.util.Collection) Set(java.util.Set) SearchWsResponse(org.sonarqube.ws.Hotspots.SearchWsResponse) Sets(com.google.common.collect.Sets) NotFoundException(org.sonar.server.exceptions.NotFoundException) Collectors.joining(java.util.stream.Collectors.joining) Common(org.sonarqube.ws.Common) STATUS_TO_REVIEW(org.sonar.api.issue.Issue.STATUS_TO_REVIEW) DbClient(org.sonar.db.DbClient) List(java.util.List) ComponentDto(org.sonar.db.component.ComponentDto) Stream(java.util.stream.Stream) STATUS_REVIEWED(org.sonar.api.issue.Issue.STATUS_REVIEWED) ForbiddenException(org.sonar.server.exceptions.ForbiddenException) ProjectDto(org.sonar.db.project.ProjectDto) MoreCollectors.uniqueIndex(org.sonar.core.util.stream.MoreCollectors.uniqueIndex) STATUSES(org.sonar.api.issue.Issue.STATUSES) IssueTesting.newCodeReferenceIssue(org.sonar.db.issue.IssueTesting.newCodeReferenceIssue) SQCategory(org.sonar.server.security.SecurityStandards.SQCategory) ComponentTesting.newDirectory(org.sonar.db.component.ComponentTesting.newDirectory) Mockito.mock(org.mockito.Mockito.mock) IntStream(java.util.stream.IntStream) BranchDto(org.sonar.db.component.BranchDto) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) IssueDto(org.sonar.db.issue.IssueDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) EsTester(org.sonar.server.es.EsTester) ComponentTesting.newFileDto(org.sonar.db.component.ComponentTesting.newFileDto) RunWith(org.junit.runner.RunWith) DataProvider(com.tngtech.java.junit.dataprovider.DataProvider) TestSystem2(org.sonar.api.impl.utils.TestSystem2) RuleType(org.sonar.api.rules.RuleType) WebAuthorizationTypeSupport(org.sonar.server.permission.index.WebAuthorizationTypeSupport) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) TextRangeResponseFormatter(org.sonar.server.issue.TextRangeResponseFormatter) SECURITY_HOTSPOT(org.sonar.api.rules.RuleType.SECURITY_HOTSPOT) RESOLUTION_FIXED(org.sonar.api.issue.Issue.RESOLUTION_FIXED) Nullable(javax.annotation.Nullable) ImmutableSet.of(com.google.common.collect.ImmutableSet.of) UserSessionRule(org.sonar.server.tester.UserSessionRule) BranchType(org.sonar.db.component.BranchType) RandomStringUtils.randomAlphabetic(org.apache.commons.lang.RandomStringUtils.randomAlphabetic) USER(org.sonar.api.web.UserRole.USER) UseDataProvider(com.tngtech.java.junit.dataprovider.UseDataProvider) TestRequest(org.sonar.server.ws.TestRequest) Test(org.junit.Test) Mockito.times(org.mockito.Mockito.times) RESOLUTION_SAFE(org.sonar.api.issue.Issue.RESOLUTION_SAFE) WsActionTester(org.sonar.server.ws.WsActionTester) DbCommons(org.sonar.db.protobuf.DbCommons) Mockito.verify(org.mockito.Mockito.verify) Consumer(java.util.function.Consumer) Component(org.sonarqube.ws.Hotspots.Component) Collectors.toList(java.util.stream.Collectors.toList) Rule(org.junit.Rule) Ordering(com.google.common.collect.Ordering) Issue(org.sonar.api.issue.Issue) IssueIndexSyncProgressChecker(org.sonar.server.issue.index.IssueIndexSyncProgressChecker) Tuple.tuple(org.assertj.core.groups.Tuple.tuple) Comparator(java.util.Comparator) Collections(java.util.Collections) IssueIndexer(org.sonar.server.issue.index.IssueIndexer) ComponentDto(org.sonar.db.component.ComponentDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) IssueDto(org.sonar.db.issue.IssueDto) SearchWsResponse(org.sonarqube.ws.Hotspots.SearchWsResponse) Test(org.junit.Test)

Example 13 with SECURITY_HOTSPOT

use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.

the class SearchActionTest method returns_hotspot_of_branch_or_pullRequest.

@Test
public void returns_hotspot_of_branch_or_pullRequest() {
    ComponentDto project = dbTester.components().insertPublicProject();
    userSessionRule.registerComponents(project);
    indexPermissions();
    ComponentDto branch = dbTester.components().insertProjectBranch(project);
    ComponentDto pullRequest = dbTester.components().insertProjectBranch(project, t -> t.setBranchType(BranchType.PULL_REQUEST));
    ComponentDto fileProject = dbTester.components().insertComponent(newFileDto(project));
    ComponentDto fileBranch = dbTester.components().insertComponent(newFileDto(branch));
    ComponentDto filePR = dbTester.components().insertComponent(newFileDto(pullRequest));
    IssueDto[] hotspotProject = IntStream.range(0, 1 + RANDOM.nextInt(10)).mapToObj(i -> {
        RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);
        return insertHotspot(project, fileProject, rule);
    }).toArray(IssueDto[]::new);
    IssueDto[] hotspotBranch = IntStream.range(0, 1 + RANDOM.nextInt(10)).mapToObj(i -> {
        RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);
        return insertHotspot(branch, fileBranch, rule);
    }).toArray(IssueDto[]::new);
    IssueDto[] hotspotPR = IntStream.range(0, 1 + RANDOM.nextInt(10)).mapToObj(i -> {
        RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);
        return insertHotspot(pullRequest, filePR, rule);
    }).toArray(IssueDto[]::new);
    indexIssues();
    SearchWsResponse responseProject = newRequest(project).executeProtobuf(SearchWsResponse.class);
    SearchWsResponse responseBranch = newRequest(branch).executeProtobuf(SearchWsResponse.class);
    SearchWsResponse responsePR = newRequest(pullRequest).executeProtobuf(SearchWsResponse.class);
    assertThat(responseProject.getHotspotsList()).extracting(SearchWsResponse.Hotspot::getKey).containsExactlyInAnyOrder(Arrays.stream(hotspotProject).map(IssueDto::getKey).toArray(String[]::new));
    assertThat(responseBranch.getHotspotsList()).extracting(SearchWsResponse.Hotspot::getKey).containsExactlyInAnyOrder(Arrays.stream(hotspotBranch).map(IssueDto::getKey).toArray(String[]::new));
    assertThat(responsePR.getHotspotsList()).extracting(SearchWsResponse.Hotspot::getKey).containsExactlyInAnyOrder(Arrays.stream(hotspotPR).map(IssueDto::getKey).toArray(String[]::new));
    verify(issueIndexSyncProgressChecker, times(3)).checkIfComponentNeedIssueSync(any(), eq(project.getDbKey()));
}
Also used : Arrays(java.util.Arrays) AsyncIssueIndexing(org.sonar.server.issue.index.AsyncIssueIndexing) SecurityStandards(org.sonar.server.security.SecurityStandards) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Random(java.util.Random) ViewIndexer(org.sonar.server.view.index.ViewIndexer) DataProviderRunner(com.tngtech.java.junit.dataprovider.DataProviderRunner) STATUS_CLOSED(org.sonar.api.issue.Issue.STATUS_CLOSED) DbIssues(org.sonar.db.protobuf.DbIssues) WebService(org.sonar.api.server.ws.WebService) Collections.singleton(java.util.Collections.singleton) IssueIndex(org.sonar.server.issue.index.IssueIndex) IssueIteratorFactory(org.sonar.server.issue.index.IssueIteratorFactory) IssueTesting.newIssue(org.sonar.db.issue.IssueTesting.newIssue) Map(java.util.Map) ComponentTesting(org.sonar.db.component.ComponentTesting) DateUtils.formatDateTime(org.sonar.api.utils.DateUtils.formatDateTime) Collectors.toSet(java.util.stream.Collectors.toSet) DbTester(org.sonar.db.DbTester) RuleTesting(org.sonar.db.rule.RuleTesting) PermissionIndexer(org.sonar.server.permission.index.PermissionIndexer) REFERENCE_BRANCH(org.sonar.db.newcodeperiod.NewCodePeriodType.REFERENCE_BRANCH) System2(org.sonar.api.utils.System2) Hotspots(org.sonarqube.ws.Hotspots) Collection(java.util.Collection) Set(java.util.Set) SearchWsResponse(org.sonarqube.ws.Hotspots.SearchWsResponse) Sets(com.google.common.collect.Sets) NotFoundException(org.sonar.server.exceptions.NotFoundException) Collectors.joining(java.util.stream.Collectors.joining) Common(org.sonarqube.ws.Common) STATUS_TO_REVIEW(org.sonar.api.issue.Issue.STATUS_TO_REVIEW) DbClient(org.sonar.db.DbClient) List(java.util.List) ComponentDto(org.sonar.db.component.ComponentDto) Stream(java.util.stream.Stream) STATUS_REVIEWED(org.sonar.api.issue.Issue.STATUS_REVIEWED) ForbiddenException(org.sonar.server.exceptions.ForbiddenException) ProjectDto(org.sonar.db.project.ProjectDto) MoreCollectors.uniqueIndex(org.sonar.core.util.stream.MoreCollectors.uniqueIndex) STATUSES(org.sonar.api.issue.Issue.STATUSES) IssueTesting.newCodeReferenceIssue(org.sonar.db.issue.IssueTesting.newCodeReferenceIssue) SQCategory(org.sonar.server.security.SecurityStandards.SQCategory) ComponentTesting.newDirectory(org.sonar.db.component.ComponentTesting.newDirectory) Mockito.mock(org.mockito.Mockito.mock) IntStream(java.util.stream.IntStream) BranchDto(org.sonar.db.component.BranchDto) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) IssueDto(org.sonar.db.issue.IssueDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) EsTester(org.sonar.server.es.EsTester) ComponentTesting.newFileDto(org.sonar.db.component.ComponentTesting.newFileDto) RunWith(org.junit.runner.RunWith) DataProvider(com.tngtech.java.junit.dataprovider.DataProvider) TestSystem2(org.sonar.api.impl.utils.TestSystem2) RuleType(org.sonar.api.rules.RuleType) WebAuthorizationTypeSupport(org.sonar.server.permission.index.WebAuthorizationTypeSupport) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) TextRangeResponseFormatter(org.sonar.server.issue.TextRangeResponseFormatter) SECURITY_HOTSPOT(org.sonar.api.rules.RuleType.SECURITY_HOTSPOT) RESOLUTION_FIXED(org.sonar.api.issue.Issue.RESOLUTION_FIXED) Nullable(javax.annotation.Nullable) ImmutableSet.of(com.google.common.collect.ImmutableSet.of) UserSessionRule(org.sonar.server.tester.UserSessionRule) BranchType(org.sonar.db.component.BranchType) RandomStringUtils.randomAlphabetic(org.apache.commons.lang.RandomStringUtils.randomAlphabetic) USER(org.sonar.api.web.UserRole.USER) UseDataProvider(com.tngtech.java.junit.dataprovider.UseDataProvider) TestRequest(org.sonar.server.ws.TestRequest) Test(org.junit.Test) Mockito.times(org.mockito.Mockito.times) RESOLUTION_SAFE(org.sonar.api.issue.Issue.RESOLUTION_SAFE) WsActionTester(org.sonar.server.ws.WsActionTester) DbCommons(org.sonar.db.protobuf.DbCommons) Mockito.verify(org.mockito.Mockito.verify) Consumer(java.util.function.Consumer) Component(org.sonarqube.ws.Hotspots.Component) Collectors.toList(java.util.stream.Collectors.toList) Rule(org.junit.Rule) Ordering(com.google.common.collect.Ordering) Issue(org.sonar.api.issue.Issue) IssueIndexSyncProgressChecker(org.sonar.server.issue.index.IssueIndexSyncProgressChecker) Tuple.tuple(org.assertj.core.groups.Tuple.tuple) Comparator(java.util.Comparator) Collections(java.util.Collections) IssueIndexer(org.sonar.server.issue.index.IssueIndexer) ComponentDto(org.sonar.db.component.ComponentDto) IssueDto(org.sonar.db.issue.IssueDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) SearchWsResponse(org.sonarqube.ws.Hotspots.SearchWsResponse) Test(org.junit.Test)

Example 14 with SECURITY_HOTSPOT

use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.

the class SearchActionTest method verify_response_example.

@Test
public void verify_response_example() {
    ComponentDto project = dbTester.components().insertPublicProject(componentDto -> componentDto.setName("test-project").setLongName("test-project").setDbKey("com.sonarsource:test-project"));
    userSessionRule.registerComponents(project);
    indexPermissions();
    ComponentDto fileWithHotspot = dbTester.components().insertComponent(newFileDto(project).setDbKey("com.sonarsource:test-project:src/main/java/com/sonarsource/FourthClass.java").setName("FourthClass.java").setLongName("src/main/java/com/sonarsource/FourthClass.java").setPath("src/main/java/com/sonarsource/FourthClass.java"));
    long time = 1577976190000L;
    IssueDto[] hotspots = IntStream.range(0, 3).mapToObj(i -> {
        RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT).setSecurityStandards(Sets.newHashSet(SQCategory.WEAK_CRYPTOGRAPHY.getKey()));
        return insertHotspot(rule, project, fileWithHotspot, issueDto -> issueDto.setKee("hotspot-" + i).setAssigneeUuid("assignee-uuid").setAuthorLogin("joe").setMessage("message-" + i).setLine(10 + i).setIssueCreationTime(time).setIssueUpdateTime(time));
    }).toArray(IssueDto[]::new);
    indexIssues();
    assertThat(actionTester.getDef().responseExampleAsString()).isNotNull();
    newRequest(project).execute().assertJson(actionTester.getDef().responseExampleAsString());
}
Also used : Arrays(java.util.Arrays) AsyncIssueIndexing(org.sonar.server.issue.index.AsyncIssueIndexing) SecurityStandards(org.sonar.server.security.SecurityStandards) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Random(java.util.Random) ViewIndexer(org.sonar.server.view.index.ViewIndexer) DataProviderRunner(com.tngtech.java.junit.dataprovider.DataProviderRunner) STATUS_CLOSED(org.sonar.api.issue.Issue.STATUS_CLOSED) DbIssues(org.sonar.db.protobuf.DbIssues) WebService(org.sonar.api.server.ws.WebService) Collections.singleton(java.util.Collections.singleton) IssueIndex(org.sonar.server.issue.index.IssueIndex) IssueIteratorFactory(org.sonar.server.issue.index.IssueIteratorFactory) IssueTesting.newIssue(org.sonar.db.issue.IssueTesting.newIssue) Map(java.util.Map) ComponentTesting(org.sonar.db.component.ComponentTesting) DateUtils.formatDateTime(org.sonar.api.utils.DateUtils.formatDateTime) Collectors.toSet(java.util.stream.Collectors.toSet) DbTester(org.sonar.db.DbTester) RuleTesting(org.sonar.db.rule.RuleTesting) PermissionIndexer(org.sonar.server.permission.index.PermissionIndexer) REFERENCE_BRANCH(org.sonar.db.newcodeperiod.NewCodePeriodType.REFERENCE_BRANCH) System2(org.sonar.api.utils.System2) Hotspots(org.sonarqube.ws.Hotspots) Collection(java.util.Collection) Set(java.util.Set) SearchWsResponse(org.sonarqube.ws.Hotspots.SearchWsResponse) Sets(com.google.common.collect.Sets) NotFoundException(org.sonar.server.exceptions.NotFoundException) Collectors.joining(java.util.stream.Collectors.joining) Common(org.sonarqube.ws.Common) STATUS_TO_REVIEW(org.sonar.api.issue.Issue.STATUS_TO_REVIEW) DbClient(org.sonar.db.DbClient) List(java.util.List) ComponentDto(org.sonar.db.component.ComponentDto) Stream(java.util.stream.Stream) STATUS_REVIEWED(org.sonar.api.issue.Issue.STATUS_REVIEWED) ForbiddenException(org.sonar.server.exceptions.ForbiddenException) ProjectDto(org.sonar.db.project.ProjectDto) MoreCollectors.uniqueIndex(org.sonar.core.util.stream.MoreCollectors.uniqueIndex) STATUSES(org.sonar.api.issue.Issue.STATUSES) IssueTesting.newCodeReferenceIssue(org.sonar.db.issue.IssueTesting.newCodeReferenceIssue) SQCategory(org.sonar.server.security.SecurityStandards.SQCategory) ComponentTesting.newDirectory(org.sonar.db.component.ComponentTesting.newDirectory) Mockito.mock(org.mockito.Mockito.mock) IntStream(java.util.stream.IntStream) BranchDto(org.sonar.db.component.BranchDto) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) IssueDto(org.sonar.db.issue.IssueDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) EsTester(org.sonar.server.es.EsTester) ComponentTesting.newFileDto(org.sonar.db.component.ComponentTesting.newFileDto) RunWith(org.junit.runner.RunWith) DataProvider(com.tngtech.java.junit.dataprovider.DataProvider) TestSystem2(org.sonar.api.impl.utils.TestSystem2) RuleType(org.sonar.api.rules.RuleType) WebAuthorizationTypeSupport(org.sonar.server.permission.index.WebAuthorizationTypeSupport) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) TextRangeResponseFormatter(org.sonar.server.issue.TextRangeResponseFormatter) SECURITY_HOTSPOT(org.sonar.api.rules.RuleType.SECURITY_HOTSPOT) RESOLUTION_FIXED(org.sonar.api.issue.Issue.RESOLUTION_FIXED) Nullable(javax.annotation.Nullable) ImmutableSet.of(com.google.common.collect.ImmutableSet.of) UserSessionRule(org.sonar.server.tester.UserSessionRule) BranchType(org.sonar.db.component.BranchType) RandomStringUtils.randomAlphabetic(org.apache.commons.lang.RandomStringUtils.randomAlphabetic) USER(org.sonar.api.web.UserRole.USER) UseDataProvider(com.tngtech.java.junit.dataprovider.UseDataProvider) TestRequest(org.sonar.server.ws.TestRequest) Test(org.junit.Test) Mockito.times(org.mockito.Mockito.times) RESOLUTION_SAFE(org.sonar.api.issue.Issue.RESOLUTION_SAFE) WsActionTester(org.sonar.server.ws.WsActionTester) DbCommons(org.sonar.db.protobuf.DbCommons) Mockito.verify(org.mockito.Mockito.verify) Consumer(java.util.function.Consumer) Component(org.sonarqube.ws.Hotspots.Component) Collectors.toList(java.util.stream.Collectors.toList) Rule(org.junit.Rule) Ordering(com.google.common.collect.Ordering) Issue(org.sonar.api.issue.Issue) IssueIndexSyncProgressChecker(org.sonar.server.issue.index.IssueIndexSyncProgressChecker) Tuple.tuple(org.assertj.core.groups.Tuple.tuple) Comparator(java.util.Comparator) Collections(java.util.Collections) IssueIndexer(org.sonar.server.issue.index.IssueIndexer) ComponentDto(org.sonar.db.component.ComponentDto) IssueDto(org.sonar.db.issue.IssueDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) Test(org.junit.Test)

Example 15 with SECURITY_HOTSPOT

use of org.sonar.api.rules.RuleType.SECURITY_HOTSPOT in project sonarqube by SonarSource.

the class SearchActionTest method returns_hotspots_on_the_leak_period_when_sinceLeakPeriod_is_true_and_branch_uses_reference_branch.

@Test
public void returns_hotspots_on_the_leak_period_when_sinceLeakPeriod_is_true_and_branch_uses_reference_branch() {
    ComponentDto project = dbTester.components().insertPublicProject();
    userSessionRule.registerComponents(project);
    indexPermissions();
    ComponentDto file = dbTester.components().insertComponent(newFileDto(project));
    dbTester.components().insertSnapshot(project, t -> t.setPeriodMode(REFERENCE_BRANCH.name()).setPeriodParam("master"));
    RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);
    List<IssueDto> hotspotsInLeakPeriod = IntStream.range(0, 1 + RANDOM.nextInt(20)).mapToObj(i -> dbTester.issues().insertHotspot(rule, project, file, t -> t.setLine(i))).collect(toList());
    hotspotsInLeakPeriod.stream().forEach(i -> dbTester.issues().insertNewCodeReferenceIssue(newCodeReferenceIssue(i)));
    List<IssueDto> hotspotsNotInLeakPeriod = IntStream.range(0, 1 + RANDOM.nextInt(20)).mapToObj(i -> dbTester.issues().insertHotspot(rule, project, file, t -> t.setLine(i))).collect(toList());
    indexIssues();
    SearchWsResponse responseAll = newRequest(project).executeProtobuf(SearchWsResponse.class);
    assertThat(responseAll.getHotspotsList()).extracting(SearchWsResponse.Hotspot::getKey).containsExactlyInAnyOrder(Stream.of(hotspotsInLeakPeriod.stream(), hotspotsNotInLeakPeriod.stream()).flatMap(t -> t).map(IssueDto::getKey).toArray(String[]::new));
    SearchWsResponse responseOnLeak = newRequest(project, t -> t.setParam("sinceLeakPeriod", "true")).executeProtobuf(SearchWsResponse.class);
    assertThat(responseOnLeak.getHotspotsList()).extracting(SearchWsResponse.Hotspot::getKey).containsExactlyInAnyOrder(hotspotsInLeakPeriod.stream().map(IssueDto::getKey).toArray(String[]::new));
}
Also used : Arrays(java.util.Arrays) AsyncIssueIndexing(org.sonar.server.issue.index.AsyncIssueIndexing) SecurityStandards(org.sonar.server.security.SecurityStandards) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Random(java.util.Random) ViewIndexer(org.sonar.server.view.index.ViewIndexer) DataProviderRunner(com.tngtech.java.junit.dataprovider.DataProviderRunner) STATUS_CLOSED(org.sonar.api.issue.Issue.STATUS_CLOSED) DbIssues(org.sonar.db.protobuf.DbIssues) WebService(org.sonar.api.server.ws.WebService) Collections.singleton(java.util.Collections.singleton) IssueIndex(org.sonar.server.issue.index.IssueIndex) IssueIteratorFactory(org.sonar.server.issue.index.IssueIteratorFactory) IssueTesting.newIssue(org.sonar.db.issue.IssueTesting.newIssue) Map(java.util.Map) ComponentTesting(org.sonar.db.component.ComponentTesting) DateUtils.formatDateTime(org.sonar.api.utils.DateUtils.formatDateTime) Collectors.toSet(java.util.stream.Collectors.toSet) DbTester(org.sonar.db.DbTester) RuleTesting(org.sonar.db.rule.RuleTesting) PermissionIndexer(org.sonar.server.permission.index.PermissionIndexer) REFERENCE_BRANCH(org.sonar.db.newcodeperiod.NewCodePeriodType.REFERENCE_BRANCH) System2(org.sonar.api.utils.System2) Hotspots(org.sonarqube.ws.Hotspots) Collection(java.util.Collection) Set(java.util.Set) SearchWsResponse(org.sonarqube.ws.Hotspots.SearchWsResponse) Sets(com.google.common.collect.Sets) NotFoundException(org.sonar.server.exceptions.NotFoundException) Collectors.joining(java.util.stream.Collectors.joining) Common(org.sonarqube.ws.Common) STATUS_TO_REVIEW(org.sonar.api.issue.Issue.STATUS_TO_REVIEW) DbClient(org.sonar.db.DbClient) List(java.util.List) ComponentDto(org.sonar.db.component.ComponentDto) Stream(java.util.stream.Stream) STATUS_REVIEWED(org.sonar.api.issue.Issue.STATUS_REVIEWED) ForbiddenException(org.sonar.server.exceptions.ForbiddenException) ProjectDto(org.sonar.db.project.ProjectDto) MoreCollectors.uniqueIndex(org.sonar.core.util.stream.MoreCollectors.uniqueIndex) STATUSES(org.sonar.api.issue.Issue.STATUSES) IssueTesting.newCodeReferenceIssue(org.sonar.db.issue.IssueTesting.newCodeReferenceIssue) SQCategory(org.sonar.server.security.SecurityStandards.SQCategory) ComponentTesting.newDirectory(org.sonar.db.component.ComponentTesting.newDirectory) Mockito.mock(org.mockito.Mockito.mock) IntStream(java.util.stream.IntStream) BranchDto(org.sonar.db.component.BranchDto) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) IssueDto(org.sonar.db.issue.IssueDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) EsTester(org.sonar.server.es.EsTester) ComponentTesting.newFileDto(org.sonar.db.component.ComponentTesting.newFileDto) RunWith(org.junit.runner.RunWith) DataProvider(com.tngtech.java.junit.dataprovider.DataProvider) TestSystem2(org.sonar.api.impl.utils.TestSystem2) RuleType(org.sonar.api.rules.RuleType) WebAuthorizationTypeSupport(org.sonar.server.permission.index.WebAuthorizationTypeSupport) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) TextRangeResponseFormatter(org.sonar.server.issue.TextRangeResponseFormatter) SECURITY_HOTSPOT(org.sonar.api.rules.RuleType.SECURITY_HOTSPOT) RESOLUTION_FIXED(org.sonar.api.issue.Issue.RESOLUTION_FIXED) Nullable(javax.annotation.Nullable) ImmutableSet.of(com.google.common.collect.ImmutableSet.of) UserSessionRule(org.sonar.server.tester.UserSessionRule) BranchType(org.sonar.db.component.BranchType) RandomStringUtils.randomAlphabetic(org.apache.commons.lang.RandomStringUtils.randomAlphabetic) USER(org.sonar.api.web.UserRole.USER) UseDataProvider(com.tngtech.java.junit.dataprovider.UseDataProvider) TestRequest(org.sonar.server.ws.TestRequest) Test(org.junit.Test) Mockito.times(org.mockito.Mockito.times) RESOLUTION_SAFE(org.sonar.api.issue.Issue.RESOLUTION_SAFE) WsActionTester(org.sonar.server.ws.WsActionTester) DbCommons(org.sonar.db.protobuf.DbCommons) Mockito.verify(org.mockito.Mockito.verify) Consumer(java.util.function.Consumer) Component(org.sonarqube.ws.Hotspots.Component) Collectors.toList(java.util.stream.Collectors.toList) Rule(org.junit.Rule) Ordering(com.google.common.collect.Ordering) Issue(org.sonar.api.issue.Issue) IssueIndexSyncProgressChecker(org.sonar.server.issue.index.IssueIndexSyncProgressChecker) Tuple.tuple(org.assertj.core.groups.Tuple.tuple) Comparator(java.util.Comparator) Collections(java.util.Collections) IssueIndexer(org.sonar.server.issue.index.IssueIndexer) ComponentDto(org.sonar.db.component.ComponentDto) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) IssueDto(org.sonar.db.issue.IssueDto) SearchWsResponse(org.sonarqube.ws.Hotspots.SearchWsResponse) Test(org.junit.Test)

Aggregations

Sets (com.google.common.collect.Sets)27 DataProvider (com.tngtech.java.junit.dataprovider.DataProvider)27 DataProviderRunner (com.tngtech.java.junit.dataprovider.DataProviderRunner)27 UseDataProvider (com.tngtech.java.junit.dataprovider.UseDataProvider)27 Arrays (java.util.Arrays)27 Collections (java.util.Collections)27 List (java.util.List)27 Random (java.util.Random)27 Set (java.util.Set)27 Consumer (java.util.function.Consumer)27 IntStream (java.util.stream.IntStream)27 Stream (java.util.stream.Stream)27 Nullable (javax.annotation.Nullable)27 RandomStringUtils.randomAlphabetic (org.apache.commons.lang.RandomStringUtils.randomAlphabetic)27 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)27 Assertions.assertThatThrownBy (org.assertj.core.api.Assertions.assertThatThrownBy)27 Rule (org.junit.Rule)27 Test (org.junit.Test)27 RunWith (org.junit.runner.RunWith)27 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)27