Search in sources :

Example 36 with RuleDefinitionDto

use of org.sonar.db.rule.RuleDefinitionDto in project sonarqube by SonarSource.

the class RuleIndexerTest method log_debug_when_hotspot_rule_description_has_none_of_the_key_titles.

@Test
public void log_debug_when_hotspot_rule_description_has_none_of_the_key_titles() {
    RuleDefinitionDto rule = dbTester.rules().insert(RuleTesting.newRule().setType(RuleType.SECURITY_HOTSPOT).setDescription(randomAlphabetic(30)));
    underTest.commitAndIndex(dbTester.getSession(), rule.getUuid());
    assertThat(logTester.getLogs()).hasSize(1);
    assertThat(logTester.logs(LoggerLevel.DEBUG).get(0)).isEqualTo(format("Description of Security Hotspot Rule %s can't be fully parsed: What is the risk?=ok, Are you vulnerable?=missing, How to fix it=missing", rule.getKey()));
}
Also used : RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) Test(org.junit.Test)

Example 37 with RuleDefinitionDto

use of org.sonar.db.rule.RuleDefinitionDto in project sonarqube by SonarSource.

the class RuleIndexerTest method log_debug_when_hotspot_rule_description_is_missing_fixIt_tab_content.

@Test
public void log_debug_when_hotspot_rule_description_is_missing_fixIt_tab_content() {
    RuleDefinitionDto rule = dbTester.rules().insert(RuleTesting.newRule().setType(RuleType.SECURITY_HOTSPOT).setDescription("bar\n" + "<h2>Ask Yourself Whether</h2>\n" + "foo"));
    underTest.commitAndIndex(dbTester.getSession(), rule.getUuid());
    assertThat(logTester.getLogs()).hasSize(1);
    assertThat(logTester.logs(LoggerLevel.DEBUG).get(0)).isEqualTo(format("Description of Security Hotspot Rule %s can't be fully parsed: What is the risk?=ok, Are you vulnerable?=ok, How to fix it=missing", rule.getKey()));
}
Also used : RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) Test(org.junit.Test)

Example 38 with RuleDefinitionDto

use of org.sonar.db.rule.RuleDefinitionDto in project sonarqube by SonarSource.

the class RuleIndexerTest method log_debug_if_hotspot_rule_maps_to_multiple_SQCategories.

@Test
@UseDataProvider("twoDifferentCategoriesButOTHERS")
public void log_debug_if_hotspot_rule_maps_to_multiple_SQCategories(SQCategory sqCategory1, SQCategory sqCategory2) {
    Set<String> standards = Stream.of(sqCategory1, sqCategory2).flatMap(t -> CWES_BY_SQ_CATEGORY.get(t).stream().map(e -> "cwe:" + e)).collect(toSet());
    SecurityStandards securityStandards = SecurityStandards.fromSecurityStandards(standards);
    RuleDefinitionDto rule = dbTester.rules().insert(RuleTesting.newRule().setType(RuleType.SECURITY_HOTSPOT).setSecurityStandards(standards).setDescription(VALID_HOTSPOT_RULE_DESCRIPTION));
    underTest.commitAndIndex(dbTester.getSession(), rule.getUuid());
    assertThat(logTester.getLogs()).hasSize(1);
    assertThat(logTester.logs(LoggerLevel.DEBUG).get(0)).isEqualTo(format("Rule %s with CWEs '%s' maps to multiple SQ Security Categories: %s", rule.getKey(), String.join(", ", securityStandards.getCwe()), ImmutableSet.of(sqCategory1, sqCategory2).stream().map(SQCategory::getKey).sorted(SQ_CATEGORY_KEYS_ORDERING).collect(joining(", "))));
}
Also used : IntStream(java.util.stream.IntStream) SecurityStandards(org.sonar.server.security.SecurityStandards) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) EsTester(org.sonar.server.es.EsTester) RuleStatus(org.sonar.api.rule.RuleStatus) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) RunWith(org.junit.runner.RunWith) TYPE_RULE(org.sonar.server.rule.index.RuleIndexDefinition.TYPE_RULE) Random(java.util.Random) CWES_BY_SQ_CATEGORY(org.sonar.server.security.SecurityStandards.CWES_BY_SQ_CATEGORY) DataProvider(com.tngtech.java.junit.dataprovider.DataProvider) DataProviderRunner(com.tngtech.java.junit.dataprovider.DataProviderRunner) DbSession(org.sonar.db.DbSession) RuleType(org.sonar.api.rules.RuleType) Severity(org.sonar.api.rule.Severity) SQ_CATEGORY_KEYS_ORDERING(org.sonar.server.security.SecurityStandards.SQ_CATEGORY_KEYS_ORDERING) Sets.newHashSet(com.google.common.collect.Sets.newHashSet) Scope(org.sonar.db.rule.RuleDto.Scope) EnumSet(java.util.EnumSet) Nullable(javax.annotation.Nullable) Collectors.toSet(java.util.stream.Collectors.toSet) DbTester(org.sonar.db.DbTester) RuleTesting(org.sonar.db.rule.RuleTesting) ImmutableSet(com.google.common.collect.ImmutableSet) RandomStringUtils.randomAlphabetic(org.apache.commons.lang.RandomStringUtils.randomAlphabetic) Collections.emptyList(java.util.Collections.emptyList) UseDataProvider(com.tngtech.java.junit.dataprovider.UseDataProvider) Set(java.util.Set) Test(org.junit.Test) String.format(java.lang.String.format) Collectors.joining(java.util.stream.Collectors.joining) DbClient(org.sonar.db.DbClient) Stream(java.util.stream.Stream) Rule(org.junit.Rule) LogTester(org.sonar.api.utils.log.LogTester) RuleDto(org.sonar.db.rule.RuleDto) SQCategory(org.sonar.server.security.SecurityStandards.SQCategory) LoggerLevel(org.sonar.api.utils.log.LoggerLevel) RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) SecurityStandards(org.sonar.server.security.SecurityStandards) SQCategory(org.sonar.server.security.SecurityStandards.SQCategory) Test(org.junit.Test) UseDataProvider(com.tngtech.java.junit.dataprovider.UseDataProvider)

Example 39 with RuleDefinitionDto

use of org.sonar.db.rule.RuleDefinitionDto in project sonarqube by SonarSource.

the class RuleIndexerTest method log_debug_when_hotspot_rule_description_is_missing_risk_tab_content.

@Test
public void log_debug_when_hotspot_rule_description_is_missing_risk_tab_content() {
    RuleDefinitionDto rule = dbTester.rules().insert(RuleTesting.newRule().setType(RuleType.SECURITY_HOTSPOT).setDescription("<h2>Ask Yourself Whether</h2>\n" + "bar\n" + "<h2>Recommended Secure Coding Practices</h2>\n" + "foo"));
    underTest.commitAndIndex(dbTester.getSession(), rule.getUuid());
    assertThat(logTester.getLogs()).hasSize(1);
    assertThat(logTester.logs(LoggerLevel.DEBUG).get(0)).isEqualTo(format("Description of Security Hotspot Rule %s can't be fully parsed: What is the risk?=missing, Are you vulnerable?=ok, How to fix it=ok", rule.getKey()));
}
Also used : RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) Test(org.junit.Test)

Example 40 with RuleDefinitionDto

use of org.sonar.db.rule.RuleDefinitionDto in project sonarqube by SonarSource.

the class RuleIndexTest method search_by_is_template.

@Test
public void search_by_is_template() {
    RuleDefinitionDto ruleNoTemplate = createRule(setIsTemplate(false));
    RuleDefinitionDto ruleIsTemplate = createRule(setIsTemplate(true));
    index();
    // find all
    RuleQuery query = new RuleQuery();
    SearchIdResult<String> results = underTest.search(query, new SearchOptions());
    assertThat(results.getUuids()).hasSize(2);
    // Only template
    query = new RuleQuery().setIsTemplate(true);
    results = underTest.search(query, new SearchOptions());
    assertThat(results.getUuids()).containsOnly(ruleIsTemplate.getUuid());
    // Only not template
    query = new RuleQuery().setIsTemplate(false);
    results = underTest.search(query, new SearchOptions());
    assertThat(results.getUuids()).containsOnly(ruleNoTemplate.getUuid());
    // null => no filter
    query = new RuleQuery().setIsTemplate(null);
    results = underTest.search(query, new SearchOptions());
    assertThat(results.getUuids()).containsOnly(ruleIsTemplate.getUuid(), ruleNoTemplate.getUuid());
}
Also used : RuleDefinitionDto(org.sonar.db.rule.RuleDefinitionDto) SearchOptions(org.sonar.server.es.SearchOptions) Test(org.junit.Test)

Aggregations

RuleDefinitionDto (org.sonar.db.rule.RuleDefinitionDto)654 Test (org.junit.Test)583 ComponentDto (org.sonar.db.component.ComponentDto)305 IssueDto (org.sonar.db.issue.IssueDto)219 QProfileDto (org.sonar.db.qualityprofile.QProfileDto)144 UserDto (org.sonar.db.user.UserDto)96 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)93 DbTester (org.sonar.db.DbTester)93 System2 (org.sonar.api.utils.System2)91 UserSessionRule (org.sonar.server.tester.UserSessionRule)84 List (java.util.List)80 Rule (org.junit.Rule)77 DbClient (org.sonar.db.DbClient)68 RuleParamDto (org.sonar.db.rule.RuleParamDto)67 Mockito.mock (org.mockito.Mockito.mock)65 TestRequest (org.sonar.server.ws.TestRequest)64 Consumer (java.util.function.Consumer)63 EsTester (org.sonar.server.es.EsTester)61 Random (java.util.Random)60 RuleType (org.sonar.api.rules.RuleType)60