event.setSeverity(issue.severity());
event.setRuleKey(issue.getRuleKey().toString());
event.setType(issue.type().name());
-
event.setBranch(analysisMetadataHolder.getBranch().getName());
+ event.setMainLocation(prepareMainLocation(component, issue));
+ event.setFlows(flowGenerator.convertFlows(component.getName(), requireNonNull(issue.getLocations())));
+ issue.getRuleDescriptionContextKey().ifPresent(event::setRuleDescriptionContextKey);
+ return event;
+ }
+ private static Location prepareMainLocation(Component component, DefaultIssue issue) {
DbIssues.Locations issueLocations = requireNonNull(issue.getLocations());
+ TextRange mainLocationTextRange = getTextRange(issueLocations.getTextRange(), issueLocations.getChecksum());
Location mainLocation = new Location();
- mainLocation.setMessage(issue.getMessage());
-
+ Optional.ofNullable(issue.getMessage()).ifPresent(mainLocation::setMessage);
mainLocation.setFilePath(component.getName());
-
- TextRange mainLocationTextRange = getTextRange(issueLocations.getTextRange(), issueLocations.getChecksum());
mainLocation.setTextRange(mainLocationTextRange);
- event.setMainLocation(mainLocation);
-
- event.setFlows(flowGenerator.convertFlows(component.getName(), issueLocations));
- return event;
+ return mainLocation;
}
private static PushEventDto raiseTaintVulnerabilityClosedEvent(String projectUuid, DefaultIssue issue) {
package org.sonar.ce.task.projectanalysis.pushevent;
import java.util.List;
+import java.util.Optional;
import org.sonar.ce.task.projectanalysis.locations.flow.Flow;
import org.sonar.ce.task.projectanalysis.locations.flow.Location;
private String ruleKey;
private String severity;
private String type;
-
private Location mainLocation;
-
private List<Flow> flows;
+ private String ruleDescriptionContextKey;
public TaintVulnerabilityRaised() {
// nothing to do
public void setFlows(List<Flow> flows) {
this.flows = flows;
}
+
+ public Optional<String> getRuleDescriptionContextKey() {
+ return Optional.ofNullable(ruleDescriptionContextKey);
+ }
+
+ public void setRuleDescriptionContextKey(String ruleDescriptionContextKey) {
+ this.ruleDescriptionContextKey = ruleDescriptionContextKey;
+ }
}
*/
package org.sonar.ce.task.projectanalysis.pushevent;
+import com.google.gson.Gson;
+import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.List;
import org.junit.Before;
import org.sonar.db.protobuf.DbIssues;
import org.sonar.server.issue.TaintChecker;
+import static org.apache.commons.lang.RandomStringUtils.randomAlphabetic;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.fail;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
public class PushEventFactoryTest {
+ private static final Gson gson = new Gson();
+ private static final String BRANCH_NAME = "develop";
+
private final TaintChecker taintChecker = mock(TaintChecker.class);
@Rule
public MutableTreeRootHolderRule treeRootHolder = new MutableTreeRootHolderRule();
@Rule
public AnalysisMetadataHolderRule analysisMetadataHolder = new AnalysisMetadataHolderRule()
- .setBranch(new TestBranch("develop"));
+ .setBranch(new TestBranch(BRANCH_NAME));
private final FlowGenerator flowGenerator = new FlowGenerator(treeRootHolder);
private final PushEventFactory underTest = new PushEventFactory(treeRootHolder, analysisMetadataHolder, taintChecker, flowGenerator);
@Test
public void raise_event_to_repository_if_taint_vulnerability_is_new() {
DefaultIssue defaultIssue = createDefaultIssue()
- .setNew(true);
+ .setNew(true)
+ .setRuleDescriptionContextKey(randomAlphabetic(6));
assertThat(underTest.raiseEventOnIssue("some-project-uuid", defaultIssue))
.isNotEmpty()
.hasValueSatisfying(pushEventDto -> {
assertThat(pushEventDto.getName()).isEqualTo("TaintVulnerabilityRaised");
- assertThat(pushEventDto.getPayload()).isNotNull();
+ verifyPayload(pushEventDto.getPayload(), defaultIssue);
assertThat(pushEventDto.getLanguage()).isEqualTo("java");
assertThat(pushEventDto.getProjectUuid()).isEqualTo("some-project-uuid");
});
}
+ private static void verifyPayload(byte[] payload, DefaultIssue defaultIssue) {
+ assertThat(payload).isNotNull();
+
+ TaintVulnerabilityRaised taintVulnerabilityRaised = gson.fromJson(new String(payload, StandardCharsets.UTF_8), TaintVulnerabilityRaised.class);
+ assertThat(taintVulnerabilityRaised.getProjectKey()).isEqualTo(defaultIssue.projectKey());
+ assertThat(taintVulnerabilityRaised.getCreationDate()).isEqualTo(defaultIssue.creationDate().getTime());
+ assertThat(taintVulnerabilityRaised.getKey()).isEqualTo(defaultIssue.key());
+ assertThat(taintVulnerabilityRaised.getSeverity()).isEqualTo(defaultIssue.severity());
+ assertThat(taintVulnerabilityRaised.getRuleKey()).isEqualTo(defaultIssue.ruleKey().toString());
+ assertThat(taintVulnerabilityRaised.getType()).isEqualTo(defaultIssue.type().name());
+ assertThat(taintVulnerabilityRaised.getBranch()).isEqualTo(BRANCH_NAME);
+ String ruleDescriptionContextKey = taintVulnerabilityRaised.getRuleDescriptionContextKey().orElseGet(() -> fail("No rule description context key"));
+ assertThat(ruleDescriptionContextKey).isEqualTo(defaultIssue.getRuleDescriptionContextKey().orElse(null));
+ }
+
@Test
public void raise_event_to_repository_if_taint_vulnerability_is_reopened() {
DefaultIssue defaultIssue = createDefaultIssue()
i.issue_type as type,
i.locations as locations,
i.component_uuid as component_uuid,
- i.assignee as assigneeUuid
+ i.assignee as assigneeUuid,
+ i.rule_description_context_key as ruleDescriptionContextKey
</sql>
<select id="selectByBranch" parameterType="map" resultType="Issue">
.setInternal(true)
.setResponseExample(getClass().getResource(resourceExample))
.setDescription(format("This endpoint fetches and returns all (unless filtered by optional params) the %s for a given branch. " +
- "The %s returned are not paginated, so the response size can be big.", issueType, issueType))
+ "The %s returned are not paginated, so the response size can be big. Requires project 'Browse' permission.", issueType, issueType))
.setSince(sinceVersion);
action.createParam(PROJECT_KEY_PARAM)
taintBuilder.setType(Common.RuleType.forNumber(issueDto.getType()));
taintBuilder.setClosed(false);
taintBuilder.setMainLocation(locationBuilder.build());
+ issueDto.getOptionalRuleDescriptionContextKey().ifPresent(taintBuilder::setRuleDescriptionContextKey);
return taintBuilder.build();
}
optional Location mainLocation = 7;
optional bool closed = 8;
optional Flow flows = 9;
+ optional bool assignedToSubscribedUser = 10;
+ optional string ruleDescriptionContextKey = 11;
}
message Location {
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
+import org.apache.commons.lang.RandomStringUtils;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.sonarqube.ws.Issues;
import static java.lang.String.format;
+import static org.apache.commons.lang.RandomStringUtils.randomAlphabetic;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.Mockito.mock;
RuleDto javaRule = db.rules().insert(r -> r.setRepositoryKey("javasecurity"));
RuleDto javaScriptRule = db.rules().insert(r -> r.setRepositoryKey("javascript"));
+ String ruledescriptionContextKey = randomAlphabetic(6);
IssueDto issueDto = issueDbTester.insertIssue(p -> p.setSeverity("MINOR")
.setManualSeverity(true)
.setMessage("openIssue")
.setStatus(Issue.STATUS_OPEN)
.setProject(correctProject)
.setComponent(correctFile)
- .setType(2));
+ .setType(2)
+ .setRuleDescriptionContextKey(ruledescriptionContextKey));
//this one should not be returned - it is a normal issue, no taint
issueDbTester.insertIssue(p -> p.setSeverity("MINOR")
List<Issues.TaintVulnerabilityLite> taints = readAllTaint(response);
assertThat(taints).hasSize(1);
- assertThat(taints.get(0).getKey()).isEqualTo(issueDto.getKey());
+ Issues.TaintVulnerabilityLite taintVulnerabilityLite = taints.get(0);
+ assertThat(taintVulnerabilityLite.getKey()).isEqualTo(issueDto.getKey());
+ assertThat(taintVulnerabilityLite.getRuleDescriptionContextKey()).isEqualTo(ruledescriptionContextKey);
}
@Test
optional bool closed = 8;
repeated Flow flows = 9;
optional bool assignedToSubscribedUser = 10;
+ optional string ruleDescriptionContextKey = 11;
}
message Flow {
projects / sonarqube.git / commitdiff