From 587e5f676e750c0c79ab45730a01c0f7ed1cb183 Mon Sep 17 00:00:00 2001 From: Teryk Bellahsene Date: Mon, 3 Jul 2017 12:08:24 +0200 Subject: [PATCH] SONAR-8890 Restrict ps parameter of WS api/rules/tags --- .../sonar/server/rule/index/RuleIndex.java | 8 ++++ .../org/sonar/server/rule/ws/TagsAction.java | 10 ++--- .../server/rule/index/RuleIndexTest.java | 14 ++++++- .../sonar/server/rule/ws/TagsActionTest.java | 39 ++++++++++--------- 4 files changed, 43 insertions(+), 28 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/rule/index/RuleIndex.java b/server/sonar-server/src/main/java/org/sonar/server/rule/index/RuleIndex.java index 240145724e6..4767f12549c 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/rule/index/RuleIndex.java +++ b/server/sonar-server/src/main/java/org/sonar/server/rule/index/RuleIndex.java @@ -66,6 +66,7 @@ import org.sonar.server.es.StickyFacetBuilder; import static com.google.common.base.Preconditions.checkArgument; import static java.lang.Boolean.FALSE; import static java.lang.Boolean.TRUE; +import static java.util.Collections.emptyList; import static java.util.Optional.ofNullable; import static org.elasticsearch.index.query.QueryBuilders.boolQuery; import static org.elasticsearch.index.query.QueryBuilders.matchAllQuery; @@ -122,6 +123,7 @@ public class RuleIndex { private static final String AGGREGATION_NAME = "_ref"; private static final String AGGREGATION_NAME_FOR_TAGS = "tagsAggregation"; + private final EsClient client; public RuleIndex(EsClient client) { @@ -518,6 +520,12 @@ public class RuleIndex { } public List listTags(OrganizationDto organization, @Nullable String query, int size) { + int maxPageSize = 500; + checkArgument(size <= maxPageSize, "Page size must be lower than or equals to " + maxPageSize); + if (size <= 0) { + return emptyList(); + } + TermsQueryBuilder scopeFilter = QueryBuilders.termsQuery( FIELD_RULE_EXTENSION_SCOPE, RuleExtensionScope.system().getScope(), diff --git a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/TagsAction.java b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/TagsAction.java index 16f926667de..2c454c3b228 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/rule/ws/TagsAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/rule/ws/TagsAction.java @@ -59,13 +59,9 @@ public class TagsAction implements RulesWsAction { .setHandler(this) .setResponseExample(Resources.getResource(getClass(), "example-tags.json")); - action.createParam(Param.TEXT_QUERY) - .setDescription("A pattern to match tags against") - .setExampleValue("misra"); - action.createParam("ps") - .setDescription("The size of the list to return, 0 for all tags") - .setExampleValue("25") - .setDefaultValue("0"); + action.createSearchQuery("misra", "tags"); + action.createPageSize(10, 100); + action.createParam(PARAM_ORGANIZATION) .setDescription("Organization key") .setRequired(false) diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/index/RuleIndexTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/index/RuleIndexTest.java index 3e0afe24407..01c8e3e6857 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/rule/index/RuleIndexTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/rule/index/RuleIndexTest.java @@ -94,7 +94,7 @@ public class RuleIndexTest { @Rule public DbTester db = DbTester.create(system2); @Rule - public ExpectedException thrown = ExpectedException.none(); + public ExpectedException expectedException = ExpectedException.none(); private RuleIndex underTest; private RuleIndexer ruleIndexer; @@ -639,6 +639,16 @@ public class RuleIndexTest { assertThat(underTest.listTags(organization3, null, 10)).containsOnly("sys1", "sys2"); } + @Test + public void fail_to_list_tags_when_size_greater_than_500() { + OrganizationDto organization = db.organizations().insert(); + + expectedException.expect(IllegalArgumentException.class); + expectedException.expectMessage("Page size must be lower than or equals to 500"); + + underTest.listTags(organization, null, 501); + } + @Test public void available_since() { RuleDefinitionDto ruleOld = createRule(setCreatedAt(1_000L)); @@ -841,7 +851,7 @@ public class RuleIndexTest { RuleQuery query = new RuleQuery(); SearchOptions options = new SearchOptions().addFacets(singletonList(FACET_TAGS)); - thrown.expectMessage("Cannot use tags facet, if no organization is specified."); + expectedException.expectMessage("Cannot use tags facet, if no organization is specified."); underTest.search(query, options); } diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/TagsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/TagsActionTest.java index d8e56b62b29..29caf1b717e 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/TagsActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/TagsActionTest.java @@ -48,26 +48,27 @@ public class TagsActionTest { @Rule public UserSessionRule userSession = UserSessionRule.standalone(); @Rule - public DbTester dbTester = DbTester.create(); + public DbTester db = DbTester.create(); @Rule - public EsTester esTester = new EsTester(new RuleIndexDefinition(new MapSettings().asConfig())); + public EsTester es = new EsTester(new RuleIndexDefinition(new MapSettings().asConfig())); - private DbClient dbClient = dbTester.getDbClient(); - private EsClient esClient = esTester.client(); + private DbClient dbClient = db.getDbClient(); + private EsClient esClient = es.client(); private RuleIndex ruleIndex = new RuleIndex(esClient); private RuleIndexer ruleIndexer = new RuleIndexer(esClient, dbClient); - private WsActionTester tester = new WsActionTester(new org.sonar.server.rule.ws.TagsAction(ruleIndex, dbClient, TestDefaultOrganizationProvider.from(dbTester))); + private WsActionTester ws = new WsActionTester(new org.sonar.server.rule.ws.TagsAction(ruleIndex, dbClient, TestDefaultOrganizationProvider.from(db))); + private OrganizationDto organization; @Before public void before() { - organization = dbTester.organizations().insert(); + organization = db.organizations().insert(); } @Test - public void test_definition() { - WebService.Action action = tester.getDef(); + public void definition() { + WebService.Action action = ws.getDef(); assertThat(action.description()).isNotEmpty(); assertThat(action.responseExampleAsString()).isNotEmpty(); assertThat(action.isPost()).isFalse(); @@ -83,7 +84,7 @@ public class TagsActionTest { WebService.Param pageSize = action.param("ps"); assertThat(pageSize).isNotNull(); assertThat(pageSize.isRequired()).isFalse(); - assertThat(pageSize.defaultValue()).isEqualTo("0"); + assertThat(pageSize.defaultValue()).isEqualTo("10"); assertThat(pageSize.description()).isNotEmpty(); assertThat(pageSize.exampleValue()).isNotEmpty(); @@ -97,22 +98,22 @@ public class TagsActionTest { } @Test - public void return_system_tag() throws Exception { - RuleDefinitionDto r = dbTester.rules().insert(setSystemTags("tag")); - ruleIndexer.commitAndIndex(dbTester.getSession(), r.getKey()); + public void system_tag() throws Exception { + RuleDefinitionDto r = db.rules().insert(setSystemTags("tag")); + ruleIndexer.commitAndIndex(db.getSession(), r.getKey()); - String result = tester.newRequest().execute().getInput(); + String result = ws.newRequest().execute().getInput(); assertJson(result).isSimilarTo("{\"tags\":[\"tag\"]}"); } @Test - public void return_tag() throws Exception { - RuleDefinitionDto r = dbTester.rules().insert(setSystemTags()); - ruleIndexer.commitAndIndex(dbTester.getSession(), r.getKey()); - dbTester.rules().insertOrUpdateMetadata(r, organization, setTags("tag")); - ruleIndexer.commitAndIndex(dbTester.getSession(), r.getKey(), organization); + public void tag() throws Exception { + RuleDefinitionDto r = db.rules().insert(setSystemTags()); + ruleIndexer.commitAndIndex(db.getSession(), r.getKey()); + db.rules().insertOrUpdateMetadata(r, organization, setTags("tag")); + ruleIndexer.commitAndIndex(db.getSession(), r.getKey(), organization); - String result = tester.newRequest().setParam("organization", organization.getKey()).execute().getInput(); + String result = ws.newRequest().setParam("organization", organization.getKey()).execute().getInput(); assertJson(result).isSimilarTo("{\"tags\":[\"tag\"]}"); } } -- 2.39.5