From 4eb7a56f67406141b84a1ebe5bed699619abf917 Mon Sep 17 00:00:00 2001 From: =?utf8?q?S=C3=A9bastien=20Lesaint?= Date: Fri, 29 Nov 2019 15:35:54 +0100 Subject: [PATCH] SONAR-12717 small computation optimization in SecurityStandards do not cache owaspTop10 and sansTop25 they are not used all the time when used, they are called only once per constructor --- .../server/security/SecurityStandards.java | 27 ++++++++----------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/security/SecurityStandards.java b/server/sonar-server-common/src/main/java/org/sonar/server/security/SecurityStandards.java index 267a48bb2e7..b954d454339 100644 --- a/server/sonar-server-common/src/main/java/org/sonar/server/security/SecurityStandards.java +++ b/server/sonar-server-common/src/main/java/org/sonar/server/security/SecurityStandards.java @@ -139,16 +139,12 @@ public final class SecurityStandards { private final Set standards; private final Set cwe; - private final Set owaspTop10; - private final Set sansTop25; private final SQCategory sqCategory; private final Set ignoredSQCategories; - private SecurityStandards(Set standards, Set cwe, Set owaspTop10, Set sansTop25, SQCategory sqCategory, Set ignoredSQCategories) { + private SecurityStandards(Set standards, Set cwe, SQCategory sqCategory, Set ignoredSQCategories) { this.standards = standards; this.cwe = cwe; - this.owaspTop10 = owaspTop10; - this.sansTop25 = sansTop25; this.sqCategory = sqCategory; this.ignoredSQCategories = ignoredSQCategories; } @@ -162,17 +158,20 @@ public final class SecurityStandards { } public Set getOwaspTop10() { - return owaspTop10; + return toOwaspTop10(standards); } public Set getSansTop25() { - return sansTop25; + return toSansTop25(cwe); } public SQCategory getSqCategory() { return sqCategory; } + /** + * If CWEs mapped to multiple {@link SQCategory}, those which are not taken into account are listed here. + */ public Set getIgnoredSQCategories() { return ignoredSQCategories; } @@ -181,16 +180,12 @@ public final class SecurityStandards { * @throws IllegalStateException if {@code securityStandards} maps to multiple {@link SQCategory SQCategories} */ public static SecurityStandards fromSecurityStandards(Set securityStandards) { - Set standards = securityStandards.stream() - .filter(Objects::nonNull) - .collect(toSet()); - Set cwe = toCwe(standards); - Set owaspTop10 = toOwaspTop10(standards); - Set sansTop25 = toSansTop25(cwe); + Set standards = securityStandards.stream().filter(Objects::nonNull).collect(toSet()); + Set cwe = toCwes(standards); List sq = toSortedSQCategories(cwe); SQCategory sqCategory = sq.iterator().next(); - Set ignoredSQCategories = sq.stream().skip(1).collect(Collectors.toSet()); - return new SecurityStandards(standards, cwe, owaspTop10, sansTop25, sqCategory, ignoredSQCategories); + Set ignoredSQCategories = sq.stream().skip(1).collect(toSet()); + return new SecurityStandards(standards, cwe, sqCategory, ignoredSQCategories); } private static Set toOwaspTop10(Set securityStandards) { @@ -200,7 +195,7 @@ public final class SecurityStandards { .collect(toSet()); } - private static Set toCwe(Collection securityStandards) { + private static Set toCwes(Collection securityStandards) { Set result = securityStandards.stream() .filter(s -> s.startsWith(CWE_PREFIX)) .map(s -> s.substring(CWE_PREFIX.length())) -- 2.39.5