mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36369 Commits
59 Branches
Tree: 34db7bd261
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '34db7bd261'
${ noResults }
sonarqube/server/sonar-webserver-common/src/main/java/org/sonar/server/common/rule/RuleCreator.java

RuleCreator.java 13KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.common.rule;

  21. 

  22. import com.google.common.base.Splitter;

  23. import com.google.common.base.Strings;

  24. import java.util.ArrayList;

  25. import java.util.List;

  26. import java.util.Map;

  27. import java.util.Optional;

  28. import java.util.Set;

  29. import java.util.function.Function;

  30. import java.util.stream.Collectors;

  31. import javax.annotation.Nullable;

  32. import org.apache.commons.lang3.StringUtils;

  33. import org.sonar.api.issue.impact.SoftwareQuality;

  34. import org.sonar.api.rule.RuleKey;

  35. import org.sonar.api.rule.RuleStatus;

  36. import org.sonar.api.rule.Severity;

  37. import org.sonar.api.rules.CleanCodeAttribute;

  38. import org.sonar.api.rules.RuleType;

  39. import org.sonar.api.server.ServerSide;

  40. import org.sonar.api.server.rule.RuleParamType;

  41. import org.sonar.api.server.rule.internal.ImpactMapper;

  42. import org.sonar.api.utils.System2;

  43. import org.sonar.core.util.UuidFactory;

  44. import org.sonar.db.DbClient;

  45. import org.sonar.db.DbSession;

  46. import org.sonar.db.issue.ImpactDto;

  47. import org.sonar.db.rule.RuleDescriptionSectionDto;

  48. import org.sonar.db.rule.RuleDto;

  49. import org.sonar.db.rule.RuleDto.Format;

  50. import org.sonar.db.rule.RuleParamDto;

  51. import org.sonar.server.common.rule.service.NewCustomRule;

  52. import org.sonar.server.exceptions.BadRequestException;

  53. import org.sonar.server.rule.index.RuleIndexer;

  54. import org.sonar.server.util.TypeValidations;

  55. import org.springframework.util.CollectionUtils;

  56. 

  57. import static com.google.common.base.Preconditions.checkArgument;

  58. import static com.google.common.collect.Lists.newArrayList;

  59. import static java.lang.String.format;

  60. import static java.util.Objects.requireNonNull;

  61. import static java.util.Optional.ofNullable;

  62. import static org.sonar.db.rule.RuleDescriptionSectionDto.createDefaultRuleDescriptionSection;

  63. import static org.sonar.server.exceptions.BadRequestException.checkRequest;

  64. 

  65. @ServerSide

  66. public class RuleCreator {

  67.   private static final String TEMPLATE_KEY_NOT_EXIST_FORMAT = "The template key doesn't exist: %s";

  68.   private final System2 system2;

  69.   private final RuleIndexer ruleIndexer;

  70.   private final DbClient dbClient;

  71.   private final TypeValidations typeValidations;

  72.   private final UuidFactory uuidFactory;

  73. 

  74.   public RuleCreator(System2 system2, RuleIndexer ruleIndexer, DbClient dbClient, TypeValidations typeValidations, UuidFactory uuidFactory) {

  75.     this.system2 = system2;

  76.     this.ruleIndexer = ruleIndexer;

  77.     this.dbClient = dbClient;

  78.     this.typeValidations = typeValidations;

  79.     this.uuidFactory = uuidFactory;

  80.   }

  81. 

  82.   public RuleDto create(DbSession dbSession, NewCustomRule newRule) {

  83.     RuleKey templateKey = newRule.templateKey();

  84.     RuleDto templateRule = dbClient.ruleDao().selectByKey(dbSession, templateKey)

  85.       .orElseThrow(() -> new IllegalArgumentException(format(TEMPLATE_KEY_NOT_EXIST_FORMAT, templateKey)));

  86.     checkArgument(templateRule.isTemplate(), "This rule is not a template rule: %s", templateKey.toString());

  87.     checkArgument(templateRule.getStatus() != RuleStatus.REMOVED, TEMPLATE_KEY_NOT_EXIST_FORMAT, templateKey.toString());

  88.     validateCustomRule(newRule, dbSession, templateKey);

  89. 

  90.     Optional<RuleDto> definition = loadRule(dbSession, newRule.ruleKey());

  91.     RuleDto ruleDto = definition.map(dto -> updateExistingRule(dto, newRule, dbSession))

  92.       .orElseGet(() -> createCustomRule(newRule, templateRule, dbSession));

  93. 

  94.     ruleIndexer.commitAndIndex(dbSession, ruleDto.getUuid());

  95.     return ruleDto;

  96.   }

  97. 

  98.   public List<RuleDto> create(DbSession dbSession, List<NewCustomRule> newRules) {

  99.     Set<RuleKey> templateKeys = newRules.stream().map(NewCustomRule::templateKey).collect(Collectors.toSet());

  100.     Map<RuleKey, RuleDto> templateRules = dbClient.ruleDao().selectByKeys(dbSession, templateKeys)

  101.       .stream()

  102.       .collect(Collectors.toMap(

  103.         RuleDto::getKey,

  104.         Function.identity()));

  105.     if (!templateRules.isEmpty()) {

  106.         final Set keys = new java.util.HashSet(templateKeys);

  107.         keys.removeAll(templateRules.keySet());

  108.         checkArgument(keys.isEmpty(), "Rule template keys(" + keys + ") should exists for each custom rule!");

  109.     }

  110.     templateRules.values().forEach(ruleDto -> {

  111.       checkArgument(ruleDto.isTemplate(), "This rule is not a template rule: %s", ruleDto.getKey().toString());

  112.       checkArgument(ruleDto.getStatus() != RuleStatus.REMOVED, TEMPLATE_KEY_NOT_EXIST_FORMAT, ruleDto.getKey().toString());

  113.     });

  114. 

  115.     List<RuleDto> customRules = newRules.stream()

  116.       .map(newCustomRule -> {

  117.         RuleDto templateRule = templateRules.get(newCustomRule.templateKey());

  118.         validateCustomRule(newCustomRule, dbSession, templateRule.getKey());

  119.         return createCustomRule(newCustomRule, templateRule, dbSession);

  120.       })

  121.       .toList();

  122. 

  123.     ruleIndexer.commitAndIndex(dbSession, customRules.stream().map(RuleDto::getUuid).toList());

  124.     return customRules;

  125.   }

  126. 

  127.   private void validateCustomRule(NewCustomRule newRule, DbSession dbSession, RuleKey templateKey) {

  128.     List<String> errors = new ArrayList<>();

  129. 

  130.     validateRuleKey(errors, newRule.ruleKey(), templateKey);

  131.     validateName(errors, newRule);

  132.     validateDescription(errors, newRule);

  133. 

  134.     if (newRule.status() == RuleStatus.REMOVED) {

  135.       errors.add(format("Rule status '%s' is not allowed", RuleStatus.REMOVED));

  136.     }

  137.     String severity = newRule.severity();

  138.     if (severity != null && !Severity.ALL.contains(severity)) {

  139.       errors.add(format("Severity \"%s\" is invalid", severity));

  140.     }

  141.     if (!CollectionUtils.isEmpty(newRule.getImpacts()) && (StringUtils.isNotBlank(newRule.severity()) || newRule.type() != null)) {

  142.       errors.add("The rule cannot have both impacts and type/severity specified");

  143.     }

  144. 

  145.     for (RuleParamDto ruleParam : dbClient.ruleDao().selectRuleParamsByRuleKey(dbSession, templateKey)) {

  146.       try {

  147.         validateParam(ruleParam, newRule.parameter(ruleParam.getName()));

  148.       } catch (BadRequestException validationError) {

  149.         errors.addAll(validationError.errors());

  150.       }

  151.     }

  152.     checkRequest(errors.isEmpty(), errors);

  153.   }

  154. 

  155.   private void validateParam(RuleParamDto ruleParam, @Nullable String value) {

  156.     if (value != null) {

  157.       RuleParamType ruleParamType = RuleParamType.parse(ruleParam.getType());

  158.       if (ruleParamType.multiple()) {

  159.         List<String> values = newArrayList(Splitter.on(",").split(value));

  160.         typeValidations.validate(values, ruleParamType.type(), ruleParamType.values());

  161.       } else {

  162.         typeValidations.validate(value, ruleParamType.type(), ruleParamType.values());

  163.       }

  164.     }

  165.   }

  166. 

  167.   private static void validateName(List<String> errors, NewCustomRule newRule) {

  168.     if (Strings.isNullOrEmpty(newRule.name())) {

  169.       errors.add("The name is missing");

  170.     }

  171.   }

  172. 

  173.   private static void validateDescription(List<String> errors, NewCustomRule newRule) {

  174.     if (Strings.isNullOrEmpty(newRule.markdownDescription())) {

  175.       errors.add("The description is missing");

  176.     }

  177.   }

  178. 

  179.   private static void validateRuleKey(List<String> errors, RuleKey ruleKey, RuleKey templateKey) {

  180.     if (!ruleKey.repository().equals(templateKey.repository())) {

  181.       errors.add("Custom and template keys must be in the same repository");

  182.     }

  183.   }

  184. 

  185.   private Optional<RuleDto> loadRule(DbSession dbSession, RuleKey ruleKey) {

  186.     return dbClient.ruleDao().selectByKey(dbSession, ruleKey);

  187.   }

  188. 

  189.   private RuleDto createCustomRule(NewCustomRule newRule, RuleDto templateRuleDto, DbSession dbSession) {

  190.     RuleDescriptionSectionDto ruleDescriptionSectionDto = createDefaultRuleDescriptionSection(uuidFactory.create(), requireNonNull(newRule.markdownDescription()));

  191. 

  192.     RuleDto ruleDto = new RuleDto()

  193.       .setUuid(uuidFactory.create())

  194.       .setRuleKey(newRule.ruleKey())

  195.       .setPluginKey(templateRuleDto.getPluginKey())

  196.       .setTemplateUuid(templateRuleDto.getUuid())

  197.       .setConfigKey(templateRuleDto.getConfigKey())

  198.       .setName(newRule.name())

  199.       .setStatus(ofNullable(newRule.status()).orElse(RuleStatus.READY))

  200.       .setLanguage(templateRuleDto.getLanguage())

  201.       .setDefRemediationFunction(templateRuleDto.getDefRemediationFunction())

  202.       .setDefRemediationGapMultiplier(templateRuleDto.getDefRemediationGapMultiplier())

  203.       .setDefRemediationBaseEffort(templateRuleDto.getDefRemediationBaseEffort())

  204.       .setGapDescription(templateRuleDto.getGapDescription())

  205.       .setScope(templateRuleDto.getScope())

  206.       .setSystemTags(templateRuleDto.getSystemTags())

  207.       .setSecurityStandards(templateRuleDto.getSecurityStandards())

  208.       .setIsExternal(false)

  209.       .setIsAdHoc(false)

  210.       .setCreatedAt(system2.now())

  211.       .setUpdatedAt(system2.now())

  212.       .setDescriptionFormat(Format.MARKDOWN)

  213.       .addRuleDescriptionSectionDto(ruleDescriptionSectionDto);

  214. 

  215.     setCleanCodeAttributeAndImpacts(newRule, ruleDto, templateRuleDto);

  216. 

  217.     Set<String> tags = templateRuleDto.getTags();

  218.     if (!tags.isEmpty()) {

  219.       ruleDto.setTags(tags);

  220.     }

  221.     dbClient.ruleDao().insert(dbSession, ruleDto);

  222. 

  223.     for (RuleParamDto templateRuleParamDto : dbClient.ruleDao().selectRuleParamsByRuleKey(dbSession, templateRuleDto.getKey())) {

  224.       String customRuleParamValue = Strings.emptyToNull(newRule.parameter(templateRuleParamDto.getName()));

  225.       createCustomRuleParams(customRuleParamValue, ruleDto, templateRuleParamDto, dbSession);

  226.     }

  227.     return ruleDto;

  228.   }

  229. 

  230.   private static void setCleanCodeAttributeAndImpacts(NewCustomRule newRule, RuleDto ruleDto, RuleDto templateRuleDto) {

  231.     RuleType ruleType = newRule.type();

  232.     int type = ruleType == null ? templateRuleDto.getType() : ruleType.getDbConstant();

  233.     String severity = ofNullable(newRule.severity()).orElse(Severity.MAJOR);

  234. 

  235.     if (type == RuleType.SECURITY_HOTSPOT.getDbConstant()) {

  236.       ruleDto.setType(type).setSeverity(severity);

  237.     } else {

  238.       ruleDto.setCleanCodeAttribute(ofNullable(newRule.getCleanCodeAttribute()).orElse(CleanCodeAttribute.CONVENTIONAL));

  239. 

  240.       if (!CollectionUtils.isEmpty(newRule.getImpacts())) {

  241.         newRule.getImpacts().stream()

  242.           .map(impact -> new ImpactDto(impact.softwareQuality(), impact.severity()))

  243.           .forEach(ruleDto::addDefaultImpact);

  244.         // Back-map old type and severity from the impact

  245.         Map.Entry<SoftwareQuality, org.sonar.api.issue.impact.Severity> impact = ImpactMapper.getBestImpactForBackmapping(

  246.           newRule.getImpacts().stream().collect(Collectors.toMap(NewCustomRule.Impact::softwareQuality, NewCustomRule.Impact::severity)));

  247.         ruleDto.setType(ImpactMapper.convertToRuleType(impact.getKey()).getDbConstant());

  248.         ruleDto.setSeverity(ImpactMapper.convertToDeprecatedSeverity(impact.getValue()));

  249.       } else {

  250.         // Map old type and severity to impact

  251.         SoftwareQuality softwareQuality = ImpactMapper.convertToSoftwareQuality(RuleType.valueOf(type));

  252.         org.sonar.api.issue.impact.Severity impactSeverity = ImpactMapper.convertToImpactSeverity(severity);

  253.         ruleDto.addDefaultImpact(new ImpactDto()

  254.           .setSoftwareQuality(softwareQuality)

  255.           .setSeverity(impactSeverity))

  256.           .setType(type)

  257.           .setSeverity(severity);

  258.       }

  259.     }

  260.   }

  261. 

  262.   private void createCustomRuleParams(@Nullable String paramValue, RuleDto ruleDto, RuleParamDto templateRuleParam, DbSession dbSession) {

  263.     RuleParamDto ruleParamDto = RuleParamDto.createFor(ruleDto)

  264.       .setName(templateRuleParam.getName())

  265.       .setType(templateRuleParam.getType())

  266.       .setDescription(templateRuleParam.getDescription())

  267.       .setDefaultValue(paramValue);

  268.     dbClient.ruleDao().insertRuleParam(dbSession, ruleDto, ruleParamDto);

  269.   }

  270. 

  271.   private RuleDto updateExistingRule(RuleDto ruleDto, NewCustomRule newRule, DbSession dbSession) {

  272.     if (ruleDto.getStatus().equals(RuleStatus.REMOVED)) {

  273.       if (newRule.isPreventReactivation()) {

  274.         throw new ReactivationException(format("A removed rule with the key '%s' already exists", ruleDto.getKey().rule()), ruleDto.getKey());

  275.       } else {

  276.         ruleDto.setStatus(RuleStatus.READY)

  277.           .setUpdatedAt(system2.now());

  278.         dbClient.ruleDao().update(dbSession, ruleDto);

  279.       }

  280.     } else {

  281.       throw new IllegalArgumentException(format("A rule with the key '%s' already exists", ruleDto.getKey().rule()));

  282.     }

  283.     return ruleDto;

  284.   }

  285. 

  286. }