From: Pierre Guillot <50145663+pierre-guillot-sonarsource@users.noreply.github.com> Date: Fri, 10 May 2019 14:44:14 +0000 (+0200) Subject: SONAR-12026 Add transition "Open as Vulnerability" X-Git-Tag: 7.8~200 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=020c4390d4d830041ec5f640a543d2f56101c16f;p=sonarqube.git SONAR-12026 Add transition "Open as Vulnerability" --- diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/issue/workflow/IssueWorkflow.java b/server/sonar-server-common/src/main/java/org/sonar/server/issue/workflow/IssueWorkflow.java index 631e6cb3480..4304fb721c8 100644 --- a/server/sonar-server-common/src/main/java/org/sonar/server/issue/workflow/IssueWorkflow.java +++ b/server/sonar-server-common/src/main/java/org/sonar/server/issue/workflow/IssueWorkflow.java @@ -169,6 +169,32 @@ public class IssueWorkflow implements Startable { .functions(new SetResolution(RESOLUTION_FIXED)) .requiredProjectPermission(UserRole.SECURITYHOTSPOT_ADMIN) .build()) + .transition(Transition.builder(DefaultTransitions.RESOLVE_AS_REVIEWED) + .from(STATUS_OPEN).to(STATUS_REVIEWED) + .conditions(new HasType(RuleType.VULNERABILITY), IsManualVulnerability.INSTANCE) + .functions(new SetType(RuleType.SECURITY_HOTSPOT), new SetResolution(RESOLUTION_FIXED)) + .requiredProjectPermission(UserRole.SECURITYHOTSPOT_ADMIN) + .build()) + + .transition(Transition.builder(DefaultTransitions.OPEN_AS_VULNERABILITY) + .from(STATUS_REVIEWED).to(STATUS_OPEN) + .conditions(new HasType(RuleType.SECURITY_HOTSPOT)) + .functions(new SetResolution(null)) + .functions(new SetType(RuleType.VULNERABILITY)) + .requiredProjectPermission(UserRole.SECURITYHOTSPOT_ADMIN) + .build()) + .transition(Transition.builder(DefaultTransitions.OPEN_AS_VULNERABILITY) + .from(STATUS_IN_REVIEW).to(STATUS_OPEN) + .conditions(new HasType(RuleType.SECURITY_HOTSPOT)) + .functions(new SetType(RuleType.VULNERABILITY)) + .requiredProjectPermission(UserRole.SECURITYHOTSPOT_ADMIN) + .build()) + .transition(Transition.builder(DefaultTransitions.OPEN_AS_VULNERABILITY) + .from(STATUS_TO_REVIEW).to(STATUS_OPEN) + .conditions(new HasType(RuleType.SECURITY_HOTSPOT)) + .functions(new SetType(RuleType.VULNERABILITY)) + .requiredProjectPermission(UserRole.SECURITYHOTSPOT_ADMIN) + .build()) // all transitions below have to be removed by the end of the MMF-1635 .transition(Transition.builder(DefaultTransitions.DETECT) diff --git a/server/sonar-server-common/src/test/java/org/sonar/server/issue/workflow/IssueWorkflowForSecurityHotspotsTest.java b/server/sonar-server-common/src/test/java/org/sonar/server/issue/workflow/IssueWorkflowForSecurityHotspotsTest.java index 519873b3324..6e37f7bca71 100644 --- a/server/sonar-server-common/src/test/java/org/sonar/server/issue/workflow/IssueWorkflowForSecurityHotspotsTest.java +++ b/server/sonar-server-common/src/test/java/org/sonar/server/issue/workflow/IssueWorkflowForSecurityHotspotsTest.java @@ -48,6 +48,7 @@ import static org.sonar.api.issue.Issue.RESOLUTION_REMOVED; import static org.sonar.api.issue.Issue.RESOLUTION_WONT_FIX; import static org.sonar.api.issue.Issue.STATUS_CLOSED; import static org.sonar.api.issue.Issue.STATUS_IN_REVIEW; +import static org.sonar.api.issue.Issue.STATUS_OPEN; import static org.sonar.api.issue.Issue.STATUS_RESOLVED; import static org.sonar.api.issue.Issue.STATUS_REVIEWED; import static org.sonar.api.issue.Issue.STATUS_TO_REVIEW; @@ -71,7 +72,7 @@ public class IssueWorkflowForSecurityHotspotsTest { List transitions = underTest.outTransitions(issue); - assertThat(keys(transitions)).containsOnly("setinreview", "detect", "clear", "resolveasreviewed"); + assertThat(keys(transitions)).containsOnly("setinreview", "detect", "clear", "resolveasreviewed", "openasvulnerability"); } @Test @@ -81,7 +82,27 @@ public class IssueWorkflowForSecurityHotspotsTest { List transitions = underTest.outTransitions(issue); - assertThat(keys(transitions)).containsOnly("resolveasreviewed"); + assertThat(keys(transitions)).containsOnly("resolveasreviewed", "openasvulnerability"); + } + + @Test + public void list_out_transitions_in_status_reviwed() { + underTest.start(); + DefaultIssue issue = new DefaultIssue().setType(RuleType.SECURITY_HOTSPOT).setStatus(STATUS_REVIEWED); + + List transitions = underTest.outTransitions(issue); + + assertThat(keys(transitions)).containsOnly("openasvulnerability"); + } + + @Test + public void list_out_transitions_in_status_open() { + underTest.start(); + DefaultIssue issue = new DefaultIssue().setType(RuleType.VULNERABILITY).setStatus(STATUS_OPEN).setResolution(RESOLUTION_FIXED).setIsFromHotspot(true); + + List transitions = underTest.outTransitions(issue); + + assertThat(keys(transitions)).containsOnly("resolveasreviewed", "dismiss"); // dismiss to be remove by the end of the MMF-1635 } @Test @@ -120,14 +141,65 @@ public class IssueWorkflowForSecurityHotspotsTest { DefaultIssue issue = new DefaultIssue() .setType(RuleType.SECURITY_HOTSPOT) .setIsFromHotspot(true) - .setStatus(STATUS_IN_REVIEW); + .setStatus(STATUS_IN_REVIEW) + .setResolution(null); boolean result = underTest.doManualTransition(issue, DefaultTransitions.RESOLVE_AS_REVIEWED, IssueChangeContext.createUser(new Date(), "USER1")); assertThat(result).isTrue(); assertThat(issue.getStatus()).isEqualTo(STATUS_REVIEWED); assertThat(issue.resolution()).isEqualTo(RESOLUTION_FIXED); + } + + @Test + public void open_as_vulnerability_from_in_review() { + underTest.start(); + DefaultIssue issue = new DefaultIssue() + .setType(RuleType.SECURITY_HOTSPOT) + .setIsFromHotspot(true) + .setStatus(STATUS_IN_REVIEW) + .setResolution(null); + + boolean result = underTest.doManualTransition(issue, DefaultTransitions.OPEN_AS_VULNERABILITY, IssueChangeContext.createUser(new Date(), "USER1")); + + assertThat(result).isTrue(); + assertThat(issue.type()).isEqualTo(RuleType.VULNERABILITY); + assertThat(issue.getStatus()).isEqualTo(Issue.STATUS_OPEN); + assertThat(issue.resolution()).isNull(); + } + @Test + public void open_as_vulnerability_from_to_review() { + underTest.start(); + DefaultIssue issue = new DefaultIssue() + .setType(RuleType.SECURITY_HOTSPOT) + .setIsFromHotspot(true) + .setStatus(STATUS_TO_REVIEW) + .setResolution(null); + + boolean result = underTest.doManualTransition(issue, DefaultTransitions.OPEN_AS_VULNERABILITY, IssueChangeContext.createUser(new Date(), "USER1")); + + assertThat(result).isTrue(); + assertThat(issue.type()).isEqualTo(RuleType.VULNERABILITY); + assertThat(issue.getStatus()).isEqualTo(Issue.STATUS_OPEN); + assertThat(issue.resolution()).isNull(); + } + + @Test + public void open_as_vulnerability_from_reviewed() { + underTest.start(); + DefaultIssue issue = new DefaultIssue() + .setType(RuleType.SECURITY_HOTSPOT) + .setIsFromHotspot(true) + .setResolution(RESOLUTION_FIXED) + .setStatus(STATUS_REVIEWED); + + boolean result = underTest.doManualTransition(issue, DefaultTransitions.OPEN_AS_VULNERABILITY, IssueChangeContext.createUser(new Date(), "USER1")); + + assertThat(result).isTrue(); + assertThat(issue.type()).isEqualTo(RuleType.VULNERABILITY); + assertThat(issue.getStatus()).isEqualTo(Issue.STATUS_OPEN); + assertThat(issue.resolution()).isNull(); } @Test diff --git a/server/sonar-server/src/main/java/org/sonar/server/issue/ws/DoTransitionAction.java b/server/sonar-server/src/main/java/org/sonar/server/issue/ws/DoTransitionAction.java index e11c4dfdedb..463f1cd52f4 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/issue/ws/DoTransitionAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/issue/ws/DoTransitionAction.java @@ -39,6 +39,7 @@ import org.sonar.server.issue.TransitionService; import org.sonar.server.user.UserSession; import static java.lang.String.format; +import static org.sonar.api.issue.DefaultTransitions.OPEN_AS_VULNERABILITY; import static org.sonar.api.issue.DefaultTransitions.RESOLVE_AS_REVIEWED; import static org.sonar.api.issue.DefaultTransitions.SET_AS_IN_REVIEW; import static org.sonarqube.ws.client.issue.IssuesWsParameters.ACTION_DO_TRANSITION; @@ -74,7 +75,7 @@ public class DoTransitionAction implements IssuesWsAction { "The transitions involving security hotspots require the permission 'Administer Security Hotspot'.") .setSince("3.6") .setChangelog( - new Change("7.8", format("added transitions '%s' and %s for security hotspots ", SET_AS_IN_REVIEW, RESOLVE_AS_REVIEWED)), + new Change("7.8", format("added '%s', %s and %s transitions for security hotspots ", SET_AS_IN_REVIEW, RESOLVE_AS_REVIEWED, OPEN_AS_VULNERABILITY)), new Change("7.3", "added transitions for security hotspots"), new Change("6.5", "the database ids of the components are removed from the response"), new Change("6.5", "the response field components.uuid is deprecated. Use components.key instead.")) diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/issue/DefaultTransitions.java b/sonar-plugin-api/src/main/java/org/sonar/api/issue/DefaultTransitions.java index b6869181373..b000f18aa21 100644 --- a/sonar-plugin-api/src/main/java/org/sonar/api/issue/DefaultTransitions.java +++ b/sonar-plugin-api/src/main/java/org/sonar/api/issue/DefaultTransitions.java @@ -61,9 +61,14 @@ public interface DefaultTransitions { */ String RESOLVE_AS_REVIEWED = "resolveasreviewed"; + /** + * @since 7.8 + */ + String OPEN_AS_VULNERABILITY = "openasvulnerability"; + /** * @since 4.4 */ List ALL = unmodifiableList(asList(CONFIRM, UNCONFIRM, REOPEN, RESOLVE, FALSE_POSITIVE, WONT_FIX, CLOSE, - DETECT, DISMISS, REJECT, SET_AS_IN_REVIEW, ACCEPT, CLEAR, REOPEN_HOTSPOT, RESOLVE_AS_REVIEWED)); + DETECT, DISMISS, REJECT, SET_AS_IN_REVIEW, ACCEPT, CLEAR, REOPEN_HOTSPOT, RESOLVE_AS_REVIEWED, OPEN_AS_VULNERABILITY)); }