3 * Copyright (C) 2009-2024 SonarSource SA
4 * mailto:info AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 package org.sonar.server.issue.index;
22 import java.util.List;
23 import org.junit.Test;
24 import org.sonar.api.issue.Issue;
25 import org.sonar.api.rule.Severity;
26 import org.sonar.api.rules.RuleType;
27 import org.sonar.db.component.ComponentDto;
29 import static java.util.Arrays.asList;
30 import static java.util.Arrays.stream;
31 import static java.util.stream.Collectors.toList;
32 import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto;
33 import static org.sonar.server.issue.IssueDocTesting.newDocForProject;
35 public class IssueIndexSecurityCategoriesTest extends IssueIndexTestCommon {
38 public void searchSinglePciDss32Category() {
39 ComponentDto project = newPrivateProjectDto();
42 newDocForProject("openvul1", project).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN)
43 .setSeverity(Severity.MAJOR),
44 newDocForProject("openvul2", project).setPciDss32(asList("3.3.2", "1.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED)
45 .setSeverity(Severity.MINOR)
48 assertThatSearchReturnsOnly(queryPciDss32("1"), "openvul1", "openvul2");
49 assertThatSearchReturnsOnly(queryPciDss32("1.2.0"), "openvul1");
50 assertThatSearchReturnsEmpty(queryPciDss32("1.2"));
54 public void searchMultiplePciDss32Categories() {
55 ComponentDto project = newPrivateProjectDto();
58 newDocForProject("openvul1", project).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN)
59 .setSeverity(Severity.MAJOR),
60 newDocForProject("openvul2", project).setPciDss32(asList("3.3.2", "2.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED)
61 .setSeverity(Severity.MINOR),
62 newDocForProject("openvul3", project).setPciDss32(asList("4.1", "5.4")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED)
63 .setSeverity(Severity.MINOR)
66 assertThatSearchReturnsOnly(queryPciDss32("1", "4"), "openvul1", "openvul3");
67 assertThatSearchReturnsOnly(queryPciDss32("1.2.0", "5.4"), "openvul1", "openvul3");
68 assertThatSearchReturnsEmpty(queryPciDss32("6", "7", "8", "9", "10", "11", "12"));
72 public void searchSinglePciDss40Category() {
73 ComponentDto project = newPrivateProjectDto();
76 newDocForProject("openvul1", project).setPciDss40(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN)
77 .setSeverity(Severity.MAJOR),
78 newDocForProject("openvul2", project).setPciDss40(asList("3.3.2", "1.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED)
79 .setSeverity(Severity.MINOR)
82 assertThatSearchReturnsOnly(queryPciDss40("1"), "openvul1", "openvul2");
83 assertThatSearchReturnsOnly(queryPciDss40("1.2.0"), "openvul1");
84 assertThatSearchReturnsEmpty(queryPciDss40("1.2"));
88 public void searchMultiplePciDss40Categories() {
89 ComponentDto project = newPrivateProjectDto();
92 newDocForProject("openvul1", project).setPciDss40(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN)
93 .setSeverity(Severity.MAJOR),
94 newDocForProject("openvul2", project).setPciDss40(asList("3.3.2", "2.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED)
95 .setSeverity(Severity.MINOR),
96 newDocForProject("openvul3", project).setPciDss40(asList("4.1", "5.4")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED)
97 .setSeverity(Severity.MINOR)
100 assertThatSearchReturnsOnly(queryPciDss40("1", "4"), "openvul1", "openvul3");
101 assertThatSearchReturnsOnly(queryPciDss40("1.2.0", "5.4"), "openvul1", "openvul3");
102 assertThatSearchReturnsEmpty(queryPciDss40("6", "7", "8", "9", "10", "11", "12"));
106 public void searchMixedPciDssCategories() {
107 ComponentDto project = newPrivateProjectDto();
110 newDocForProject("openvul1", project).setPciDss40(asList("1.2.0", "3.4.5")).setPciDss32(List.of("2.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN)
111 .setSeverity(Severity.MAJOR),
112 newDocForProject("openvul2", project).setPciDss40(asList("3.3.2", "2.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED)
113 .setSeverity(Severity.MINOR),
114 newDocForProject("openvul3", project).setPciDss32(asList("4.1", "5.4")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED)
115 .setSeverity(Severity.MINOR)
118 assertThatSearchReturnsOnly(queryPciDss40("1", "4"), "openvul1");
119 assertThatSearchReturnsOnly(queryPciDss40("1.2.0", "5.4"), "openvul1");
120 assertThatSearchReturnsEmpty(queryPciDss40("6", "7", "8", "9", "10", "11", "12"));
122 assertThatSearchReturnsOnly(queryPciDss32("3", "2.1"), "openvul1");
123 assertThatSearchReturnsOnly(queryPciDss32("1", "2"), "openvul1");
124 assertThatSearchReturnsOnly(queryPciDss32("4", "3"), "openvul3");
125 assertThatSearchReturnsEmpty(queryPciDss32("1", "3", "6", "7", "8", "9", "10", "11", "12"));
129 private IssueQuery.Builder queryPciDss32(String... values) {
130 return IssueQuery.builder()
131 .pciDss32(stream(values).collect(toList()))
132 .types(List.of("CODE_SMELL", "BUG", "VULNERABILITY"));
135 private IssueQuery.Builder queryPciDss40(String... values) {
136 return IssueQuery.builder()
137 .pciDss40(stream(values).collect(toList()))
138 .types(List.of("CODE_SMELL", "BUG", "VULNERABILITY"));
projects / sonarqube.git / blob