From 865b3112294654f3f3bbf1fd25d7520a397bbf30 Mon Sep 17 00:00:00 2001 From: Dejan Milisavljevic Date: Thu, 21 Nov 2024 08:05:01 +0100 Subject: [PATCH] SONAR-23341 Security report data are based on Security impact when in MQR mode --- .../sonar/server/rule/index/RuleIndexIT.java | 225 +++++++---- .../sonar/server/rule/index/RuleIndex.java | 52 ++- .../server/common/rule/RuleCreatorIT.java | 6 +- .../rule/registration/RulesRegistrantIT.java | 4 +- .../sonar/server/issue/index/IssueIndex.java | 157 ++++++-- .../issue/index/IssueIndexFacetsTest.java | 125 +++--- .../issue/index/IssueIndexFiltersTest.java | 104 +++-- .../IssueIndexSecurityCategoriesTest.java | 70 ++-- .../index/IssueIndexSecurityReportsTest.java | 249 ++++++++---- .../issue/index/IssueIndexTestCommon.java | 6 +- .../developers/ws/SearchEventsActionIT.java | 48 +-- .../ws/SearchEventsActionNewIssuesIT.java | 48 +-- .../ws/SearchEventsActionQualityGateIT.java | 42 +- .../ws/SearchActionDependenciesIT.java | 5 +- .../server/hotspot/ws/SearchActionIT.java | 219 +++++------ .../server/issue/ws/AuthorsActionIT.java | 46 ++- .../issue/ws/SearchActionComponentsIT.java | 68 ++-- .../issue/ws/SearchActionDependenciesIT.java | 5 +- .../server/issue/ws/SearchActionFacetsIT.java | 74 ++-- .../sonar/server/issue/ws/SearchActionIT.java | 372 ++++++++++-------- .../sonar/server/issue/ws/TagsActionIT.java | 63 +-- .../qualityprofile/QProfileComparisonIT.java | 4 +- .../qualityprofile/QProfileRuleImplIT.java | 25 +- .../qualityprofile/QProfileRulesImplIT.java | 18 +- .../ws/ChangeParentActionIT.java | 47 +-- .../qualityprofile/ws/CreateActionIT.java | 57 +-- .../ws/InheritanceActionIT.java | 55 +-- .../ws/QProfilesWsMediumIT.java | 53 +-- .../org/sonar/server/rule/RuleUpdaterIT.java | 62 +-- .../sonar/server/rule/ws/SearchActionIT.java | 14 +- 30 files changed, 1377 insertions(+), 946 deletions(-) diff --git a/server/sonar-server-common/src/it/java/org/sonar/server/rule/index/RuleIndexIT.java b/server/sonar-server-common/src/it/java/org/sonar/server/rule/index/RuleIndexIT.java index 87c8474ffe6..17865560586 100644 --- a/server/sonar-server-common/src/it/java/org/sonar/server/rule/index/RuleIndexIT.java +++ b/server/sonar-server-common/src/it/java/org/sonar/server/rule/index/RuleIndexIT.java @@ -25,10 +25,14 @@ import java.util.ArrayList; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.Set; import java.util.function.Consumer; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.ValueSource; +import org.sonar.api.config.Configuration; import org.sonar.api.impl.utils.AlwaysIncreasingSystem2; import org.sonar.api.issue.impact.Severity; import org.sonar.api.issue.impact.SoftwareQuality; @@ -60,6 +64,8 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.Assertions.entry; import static org.junit.Assert.fail; +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.mock; import static org.sonar.api.rule.Severity.BLOCKER; import static org.sonar.api.rule.Severity.CRITICAL; import static org.sonar.api.rule.Severity.INFO; @@ -69,6 +75,7 @@ import static org.sonar.api.rules.RuleType.BUG; import static org.sonar.api.rules.RuleType.CODE_SMELL; import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT; import static org.sonar.api.rules.RuleType.VULNERABILITY; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_ENABLED; import static org.sonar.db.rule.RuleDescriptionSectionDto.createDefaultRuleDescriptionSection; import static org.sonar.db.rule.RuleTesting.newRule; import static org.sonar.db.rule.RuleTesting.setCleanCodeAttribute; @@ -99,23 +106,24 @@ import static org.sonar.server.rule.index.RuleIndexDefinition.TYPE_RULE; import static org.sonar.server.security.SecurityStandards.SANS_TOP_25_INSECURE_INTERACTION; import static org.sonar.server.security.SecurityStandards.SANS_TOP_25_RISKY_RESOURCE; -public class RuleIndexIT { +class RuleIndexIT { private final System2 system2 = new AlwaysIncreasingSystem2(); - @Rule - public EsTester es = EsTester.create(); - @Rule - public DbTester db = DbTester.create(system2); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final DbTester db = DbTester.create(system2); private final RuleIndexer ruleIndexer = new RuleIndexer(es.client(), db.getDbClient()); private final ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(db.getDbClient(), es.client()); + private final Configuration config = mock(Configuration.class); - private final RuleIndex underTest = new RuleIndex(es.client(), system2); + private final RuleIndex underTest = new RuleIndex(es.client(), system2, config); private final UuidFactory uuidFactory = UuidFactoryFast.getInstance(); @Test - public void search_all_rules() { + void search_all_rules() { createRule(); createRule(); index(); @@ -127,7 +135,7 @@ public class RuleIndexIT { } @Test - public void search_by_key() { + void search_by_key() { RuleDto js1 = createRule( setRepositoryKey("javascript"), setRuleKey("X001")); @@ -153,7 +161,7 @@ public class RuleIndexIT { } @Test - public void search_by_case_insensitive_key() { + void search_by_case_insensitive_key() { RuleDto ruleDto = createRule( setRepositoryKey("javascript"), setRuleKey("X001")); @@ -164,7 +172,7 @@ public class RuleIndexIT { } @Test - public void filter_by_key() { + void filter_by_key() { createRule( setRepositoryKey("javascript"), setRuleKey("X001")); @@ -187,7 +195,7 @@ public class RuleIndexIT { } @Test - public void search_name_by_query() { + void search_name_by_query() { createRule(setName("testing the partial match and matching of rule")); index(); @@ -209,7 +217,7 @@ public class RuleIndexIT { } @Test - public void search_name_with_protected_chars() { + void search_name_with_protected_chars() { RuleDto rule = createRule(setName("ja#va&sc\"r:ipt")); index(); @@ -219,7 +227,7 @@ public class RuleIndexIT { } @Test - public void search_content_by_query() { + void search_content_by_query() { // it's important to set all the fields being used by the search (name, desc, key, lang, ...), // otherwise the generated random values may raise false-positives RuleDto rule1 = insertJavaRule("My great rule CWE-123 which makes your code 1000 times better!", "123", "rule 123"); @@ -276,7 +284,7 @@ public class RuleIndexIT { } @Test - public void search_by_any_of_repositories() { + void search_by_any_of_repositories() { RuleDto findbugs = createRule( setRepositoryKey("findbugs"), setRuleKey("S001")); @@ -299,7 +307,7 @@ public class RuleIndexIT { } @Test - public void filter_by_tags() { + void filter_by_tags() { RuleDto rule1 = createRule(setSystemTags("tag1s"), setTags("tag1")); RuleDto rule2 = createRule(setSystemTags("tag2s"), setTags("tag2")); index(); @@ -323,7 +331,7 @@ public class RuleIndexIT { } @Test - public void tags_facet_supports_selected_value_with_regexp_special_characters() { + void tags_facet_supports_selected_value_with_regexp_special_characters() { createRule(r -> r.setTags(of("misra++"))); index(); @@ -336,7 +344,7 @@ public class RuleIndexIT { } @Test - public void search_by_types() { + void search_by_types() { createRule(setType(CODE_SMELL)); RuleDto vulnerability = createRule(setType(VULNERABILITY)); RuleDto bug1 = createRule(setType(BUG)); @@ -368,7 +376,7 @@ public class RuleIndexIT { } @Test - public void search_by_is_template() { + void search_by_is_template() { RuleDto ruleNoTemplate = createRule(setIsTemplate(false)); RuleDto ruleIsTemplate = createRule(setIsTemplate(true)); index(); @@ -395,7 +403,7 @@ public class RuleIndexIT { } @Test - public void search_by_is_external() { + void search_by_is_external() { RuleDto ruleIsNotExternal = createRule(setIsExternal(false)); RuleDto ruleIsExternal = createRule(setIsExternal(true)); index(); @@ -412,7 +420,7 @@ public class RuleIndexIT { } @Test - public void search_by_template_key() { + void search_by_template_key() { RuleDto template = createRule(setIsTemplate(true)); RuleDto customRule = createRule(setTemplateId(template.getUuid())); index(); @@ -433,7 +441,7 @@ public class RuleIndexIT { } @Test - public void search_by_any_of_languages() { + void search_by_any_of_languages() { createRule(setLanguage("java")); RuleDto javascript = createRule(setLanguage("js")); index(); @@ -455,11 +463,15 @@ public class RuleIndexIT { assertThat(underTest.search(query, new SearchOptions()).getUuids()).hasSize(2); } - @Test - public void search_by_security_cwe_return_vulnerabilities_and_hotspots_only() { - RuleDto rule1 = createRule(setSecurityStandards(of("cwe:543", "cwe:123", "owaspTop10:a1")), r -> r.setType(VULNERABILITY)); + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void search_by_security_cwe_return_correct_data_based_on_mode(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); + RuleDto rule1 = createRule(setSecurityStandards(of("cwe:543", "cwe:123", "owaspTop10:a1")), + r -> r.setType(VULNERABILITY).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.SECURITY, Severity.HIGH)))); RuleDto rule2 = createRule(setSecurityStandards(of("cwe:543", "owaspTop10:a1")), r -> r.setType(SECURITY_HOTSPOT)); - createRule(setSecurityStandards(of("owaspTop10:a1")), r -> r.setType(CODE_SMELL)); + createRule(setSecurityStandards(of("owaspTop10:a1")), + r -> r.setType(CODE_SMELL).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.MAINTAINABILITY, Severity.HIGH)))); index(); RuleQuery query = new RuleQuery().setCwe(of("543")); @@ -467,11 +479,15 @@ public class RuleIndexIT { assertThat(results.getUuids()).containsOnly(rule1.getUuid(), rule2.getUuid()); } - @Test - public void search_by_security_owaspTop10_2017_return_vulnerabilities_and_hotspots_only() { - RuleDto rule1 = createRule(setSecurityStandards(of("owaspTop10:a1", "owaspTop10:a10", "cwe:543")), r -> r.setType(VULNERABILITY)); + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void search_by_security_owaspTop10_2017_return_correct_data_based_on_mode(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); + RuleDto rule1 = createRule(setSecurityStandards(of("owaspTop10:a1", "owaspTop10:a10", "cwe:543")), + r -> r.setType(VULNERABILITY).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.SECURITY, Severity.HIGH)))); RuleDto rule2 = createRule(setSecurityStandards(of("owaspTop10:a10", "cwe:543")), r -> r.setType(SECURITY_HOTSPOT)); - createRule(setSecurityStandards(of("cwe:543")), r -> r.setType(CODE_SMELL)); + createRule(setSecurityStandards(of("cwe:543")), + r -> r.setType(CODE_SMELL).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.MAINTAINABILITY, Severity.HIGH)))); index(); RuleQuery query = new RuleQuery().setOwaspTop10(of("a5", "a10")); @@ -479,12 +495,15 @@ public class RuleIndexIT { assertThat(results.getUuids()).containsOnly(rule1.getUuid(), rule2.getUuid()); } - @Test - public void search_by_security_owaspTop10_2021_return_vulnerabilities_and_hotspots_only() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void search_by_security_owaspTop10_2021_return_correct_data_based_on_mode(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); RuleDto rule1 = createRule(setSecurityStandards(of("owaspTop10-2021:a1", "owaspTop10-2021:a10", "cwe:543")), - r -> r.setType(VULNERABILITY)); + r -> r.setType(VULNERABILITY).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.SECURITY, Severity.HIGH)))); RuleDto rule2 = createRule(setSecurityStandards(of("owaspTop10-2021:a10", "cwe:543")), r -> r.setType(SECURITY_HOTSPOT)); - createRule(setSecurityStandards(of("cwe:543")), r -> r.setType(CODE_SMELL)); + createRule(setSecurityStandards(of("cwe:543")), + r -> r.setType(CODE_SMELL).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.MAINTAINABILITY, Severity.HIGH)))); index(); RuleQuery query = new RuleQuery().setOwaspTop10For2021(of("a5", "a10")); @@ -492,11 +511,15 @@ public class RuleIndexIT { assertThat(results.getUuids()).containsOnly(rule1.getUuid(), rule2.getUuid()); } - @Test - public void search_by_security_sansTop25_return_vulnerabilities_and_hotspots_only() { - RuleDto rule1 = createRule(setSecurityStandards(of("owaspTop10:a1", "owaspTop10:a10", "cwe:89")), r -> r.setType(VULNERABILITY)); + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void search_by_security_sansTop25_return_correct_data_based_on_mode(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); + RuleDto rule1 = createRule(setSecurityStandards(of("owaspTop10:a1", "owaspTop10:a10", "cwe:89")), + r -> r.setType(VULNERABILITY).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.SECURITY, Severity.HIGH)))); RuleDto rule2 = createRule(setSecurityStandards(of("owaspTop10:a10", "cwe:829")), r -> r.setType(SECURITY_HOTSPOT)); - createRule(setSecurityStandards(of("cwe:306")), r -> r.setType(CODE_SMELL)); + createRule(setSecurityStandards(of("cwe:306")), + r -> r.setType(CODE_SMELL).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.MAINTAINABILITY, Severity.HIGH)))); index(); RuleQuery query = new RuleQuery().setSansTop25(of(SANS_TOP_25_INSECURE_INTERACTION, SANS_TOP_25_RISKY_RESOURCE)); @@ -504,10 +527,14 @@ public class RuleIndexIT { assertThat(results.getUuids()).containsOnly(rule1.getUuid(), rule2.getUuid()); } - @Test - public void search_by_security_sonarsource_return_vulnerabilities_and_hotspots_only() { - RuleDto rule1 = createRule(setSecurityStandards(of("owaspTop10:a1", "owaspTop10-2021:a10", "cwe:89")), r -> r.setType(VULNERABILITY)); - createRule(setSecurityStandards(of("owaspTop10:a10", "cwe:829")), r -> r.setType(CODE_SMELL)); + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void search_by_security_sonarsource_return_correct_data_based_on_mode(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); + RuleDto rule1 = createRule(setSecurityStandards(of("owaspTop10:a1", "owaspTop10-2021:a10", "cwe:89")), + r -> r.setType(VULNERABILITY).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.SECURITY, Severity.HIGH)))); + createRule(setSecurityStandards(of("owaspTop10:a10", "cwe:829")), + r -> r.setType(CODE_SMELL).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.MAINTAINABILITY, Severity.HIGH)))); RuleDto rule3 = createRule(setSecurityStandards(of("cwe:601")), r -> r.setType(SECURITY_HOTSPOT)); index(); @@ -517,8 +544,34 @@ public class RuleIndexIT { } @Test - public void search_by_security_sonarsource_return_complete_list_of_facets() { + void search_by_security_should_count_issues_based_on_the_mode() { + + //Should not be counted in MQR mode as it has no security impact + RuleDto rule1 = createRule(setSecurityStandards(of("owaspTop10:a1", "owaspTop10-2021:a10", "cwe:89")), r -> r.setType(VULNERABILITY)); + + //Should not be counted in Standard mode because it is not a Vulnerability type + RuleDto rule2 = createRule(setSecurityStandards(of("owaspTop10:a1", "owaspTop10-2021:a10", "cwe:89")), + r -> r.setType(CODE_SMELL).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.SECURITY, Severity.HIGH)))); + + //Hotspots should be counted in both modes + RuleDto rule3 = createRule(setSecurityStandards(of("cwe:601")), r -> r.setType(SECURITY_HOTSPOT)); + index(); + + RuleQuery query = new RuleQuery().setSonarsourceSecurity(of("sql-injection", "open-redirect")); + + doReturn(Optional.of(true)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); + SearchIdResult results = underTest.search(query, new SearchOptions().addFacets("sonarsourceSecurity")); + assertThat(results.getUuids()).containsOnly(rule2.getUuid(), rule3.getUuid()); + doReturn(Optional.of(false)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); + results = underTest.search(query, new SearchOptions().addFacets("sonarsourceSecurity")); + assertThat(results.getUuids()).containsOnly(rule1.getUuid(), rule3.getUuid()); + } + + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void search_by_security_sonarsource_return_complete_list_of_facets(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); List rules = new ArrayList<>(); // Creation of one rule for each standard security category defined (except other) @@ -526,6 +579,10 @@ public class RuleIndexIT { rules.add(createRule(setSecurityStandards(of("cwe:" + sqCategorySetEntry.getValue().iterator().next())), r -> r.setType(SECURITY_HOTSPOT))); } + + // Should be ignore because it is not a hotspot, and not a vulnerability (in Standard mode) and not having Security impact (in MQR mode) + createRule(setSecurityStandards(of("cwe:787")), + r -> r.setType(CODE_SMELL).replaceAllDefaultImpacts(List.of(new ImpactDto(SoftwareQuality.MAINTAINABILITY, Severity.HIGH)))); index(); RuleQuery query = new RuleQuery(); @@ -537,7 +594,7 @@ public class RuleIndexIT { } @Test - public void compare_to_another_profile() { + void compare_to_another_profile() { String xoo = "xoo"; QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(xoo)); QProfileDto anotherProfile = db.qualityProfiles().insert(p -> p.setLanguage(xoo)); @@ -574,7 +631,7 @@ public class RuleIndexIT { } @Test - public void search_by_any_of_severities() { + void search_by_any_of_severities() { createRule(setSeverity(BLOCKER)); RuleDto info = createRule(setSeverity(INFO)); index(); @@ -597,7 +654,7 @@ public class RuleIndexIT { } @Test - public void search_by_any_of_statuses() { + void search_by_any_of_statuses() { createRule(setStatus(RuleStatus.BETA)); RuleDto ready = createRule(setStatus(RuleStatus.READY)); index(); @@ -620,7 +677,7 @@ public class RuleIndexIT { } @Test - public void activation_parameter_is_ignored_if_profile_is_not_set() { + void activation_parameter_is_ignored_if_profile_is_not_set() { RuleDto rule1 = createJavaRule(); RuleDto rule2 = createJavaRule(); QProfileDto profile1 = createJavaProfile(); @@ -632,7 +689,7 @@ public class RuleIndexIT { } @Test - public void search_by_activation() { + void search_by_activation() { RuleDto rule1 = createJavaRule(); RuleDto rule2 = createJavaRule(); RuleDto rule3 = createJavaRule(); @@ -679,7 +736,7 @@ public class RuleIndexIT { } @Test - public void search_by_activation_and_inheritance() { + void search_by_activation_and_inheritance() { RuleDto rule1 = createJavaRule(); RuleDto rule2 = createJavaRule(); RuleDto rule3 = createJavaRule(); @@ -714,7 +771,7 @@ public class RuleIndexIT { } @Test - public void search_by_activation_and_severity() { + void search_by_activation_and_severity() { RuleDto major = createRule(setSeverity(MAJOR)); RuleDto minor = createRule(setSeverity(MINOR)); createRule(setSeverity(INFO)); @@ -737,7 +794,7 @@ public class RuleIndexIT { } @Test - public void facet_by_activation_severity_is_ignored_when_profile_is_not_specified() { + void facet_by_activation_severity_is_ignored_when_profile_is_not_specified() { RuleDto rule = createJavaRule(); QProfileDto profile = createJavaProfile(); db.qualityProfiles().activateRule(profile, rule); @@ -759,7 +816,7 @@ public class RuleIndexIT { } @Test - public void listTags_should_return_tags() { + void listTags_should_return_tags() { createRule(setSystemTags("sys1", "sys2"), setTags("tag1")); createRule(setSystemTags(), setTags("tag2")); @@ -769,14 +826,14 @@ public class RuleIndexIT { } @Test - public void fail_to_list_tags_when_size_greater_than_500() { + void fail_to_list_tags_when_size_greater_than_500() { assertThatThrownBy(() -> underTest.listTags(null, 501)) .isInstanceOf(IllegalArgumentException.class) .hasMessageContaining("Page size must be lower than or equals to 500"); } @Test - public void available_since() { + void available_since() { RuleDto ruleOld = createRule(setCreatedAt(-2_000L)); RuleDto ruleOlder = createRule(setCreatedAt(-1_000L)); index(); @@ -794,7 +851,7 @@ public class RuleIndexIT { } @Test - public void search_by_clean_code_attribute() { + void search_by_clean_code_attribute() { RuleDto ruleDto = createRule(setRepositoryKey("php"), setCleanCodeAttribute(CleanCodeAttribute.FOCUSED)); index(); @@ -812,7 +869,7 @@ public class RuleIndexIT { } @Test - public void search_by_software_quality() { + void search_by_software_quality() { ImpactDto impactDto = new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(Severity.HIGH); RuleDto phpRule = createRule(setRepositoryKey("php"), setImpacts(List.of(impactDto))); index(); @@ -829,7 +886,7 @@ public class RuleIndexIT { } @Test - public void search_by_severity() { + void search_by_severity() { ImpactDto impactDto = new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(Severity.BLOCKER); RuleDto phpRule = createRule(setRepositoryKey("php"), setImpacts(List.of(impactDto))); index(); @@ -844,7 +901,7 @@ public class RuleIndexIT { } @Test - public void search_should_support_clean_code_attribute_category_facet() { + void search_should_support_clean_code_attribute_category_facet() { createRule(setRepositoryKey("php"), setCleanCodeAttribute(CleanCodeAttribute.FOCUSED)); createRule(setRepositoryKey("php"), setCleanCodeAttribute(CleanCodeAttribute.LOGICAL)); index(); @@ -859,7 +916,7 @@ public class RuleIndexIT { } @Test - public void search_should_support_clean_code_attribute_category_facet_with_filtering() { + void search_should_support_clean_code_attribute_category_facet_with_filtering() { RuleDto php = createRule(setRepositoryKey("php"), setCleanCodeAttribute(CleanCodeAttribute.FOCUSED)); RuleDto php1 = createRule(setRepositoryKey("php"), setCleanCodeAttribute(CleanCodeAttribute.LOGICAL)); RuleDto java = createRule(setRepositoryKey("java"), setCleanCodeAttribute(CleanCodeAttribute.CONVENTIONAL)); @@ -876,7 +933,7 @@ public class RuleIndexIT { } @Test - public void search_should_support_software_quality_facet() { + void search_should_support_software_quality_facet() { ImpactDto impactDto = new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(Severity.HIGH); ImpactDto impactDto2 = new ImpactDto().setSoftwareQuality(SoftwareQuality.MAINTAINABILITY).setSeverity(Severity.LOW); createRule(setRepositoryKey("php"), setImpacts(List.of(impactDto))); @@ -896,7 +953,7 @@ public class RuleIndexIT { } @Test - public void search_should_support_software_quality_facet_with_filtering() { + void search_should_support_software_quality_facet_with_filtering() { ImpactDto impactDto = new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(Severity.HIGH); ImpactDto impactDto2 = new ImpactDto().setSoftwareQuality(SoftwareQuality.MAINTAINABILITY).setSeverity(Severity.LOW); createRule(setRepositoryKey("php"), setImpacts(List.of(impactDto))); @@ -917,7 +974,7 @@ public class RuleIndexIT { } @Test - public void search_whenFilteringOnSeverityAndSoftwareQuality_shouldReturnFacet() { + void search_whenFilteringOnSeverityAndSoftwareQuality_shouldReturnFacet() { ImpactDto impactDto = new ImpactDto().setSoftwareQuality(SoftwareQuality.MAINTAINABILITY).setSeverity(Severity.HIGH); ImpactDto impactDto2 = new ImpactDto().setSoftwareQuality(SoftwareQuality.MAINTAINABILITY).setSeverity(Severity.LOW); ImpactDto impactDto3 = new ImpactDto().setSoftwareQuality(SoftwareQuality.RELIABILITY).setSeverity(Severity.LOW); @@ -955,7 +1012,7 @@ public class RuleIndexIT { } @Test - public void search_should_support_severity_facet() { + void search_should_support_severity_facet() { ImpactDto impactDto = new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(Severity.HIGH); ImpactDto impactDto2 = new ImpactDto().setSoftwareQuality(SoftwareQuality.MAINTAINABILITY).setSeverity(Severity.LOW); ImpactDto impactDto3 = new ImpactDto().setSoftwareQuality(SoftwareQuality.RELIABILITY).setSeverity(Severity.BLOCKER); @@ -978,7 +1035,7 @@ public class RuleIndexIT { } @Test - public void search_should_support_severity_facet_with_filters() { + void search_should_support_severity_facet_with_filters() { ImpactDto impactDto = new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(Severity.HIGH); ImpactDto impactDto2 = new ImpactDto().setSoftwareQuality(SoftwareQuality.MAINTAINABILITY).setSeverity(Severity.LOW); ImpactDto impactDto3 = new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(Severity.INFO); @@ -1005,7 +1062,7 @@ public class RuleIndexIT { } @Test - public void search_should_support_software_quality_and_severity_facets_with_filtering() { + void search_should_support_software_quality_and_severity_facets_with_filtering() { ImpactDto impactDto = new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(Severity.HIGH); ImpactDto impactDto2 = new ImpactDto().setSoftwareQuality(SoftwareQuality.MAINTAINABILITY).setSeverity(Severity.LOW); ImpactDto impactDto3 = new ImpactDto().setSoftwareQuality(SoftwareQuality.MAINTAINABILITY).setSeverity(Severity.BLOCKER); @@ -1034,7 +1091,7 @@ public class RuleIndexIT { } @Test - public void global_facet_on_repositories_and_tags() { + void global_facet_on_repositories_and_tags() { createRule(setRepositoryKey("php"), setSystemTags("sysTag"), setTags()); createRule(setRepositoryKey("php"), setSystemTags(), setTags("tag1")); createRule(setRepositoryKey("javascript"), setSystemTags(), setTags("tag1", "tag2")); @@ -1082,7 +1139,7 @@ public class RuleIndexIT { } @Test - public void sticky_facets_base() { + void sticky_facets_base() { setupStickyFacets(); RuleQuery query = new RuleQuery(); @@ -1094,7 +1151,7 @@ public class RuleIndexIT { * Facet with no filters at all */ @Test - public void sticky_facets_no_filters() { + void sticky_facets_no_filters() { setupStickyFacets(); RuleQuery query = new RuleQuery(); @@ -1113,7 +1170,7 @@ public class RuleIndexIT { * -- lang facet should still have all language */ @Test - public void sticky_facets_with_1_filter() { + void sticky_facets_with_1_filter() { setupStickyFacets(); RuleQuery query = new RuleQuery().setLanguages(ImmutableList.of("cpp")); @@ -1127,7 +1184,7 @@ public class RuleIndexIT { } @Test - public void languages_facet_should_return_top_100_items() { + void languages_facet_should_return_top_100_items() { rangeClosed(1, 101).forEach(i -> db.rules().insert(r -> r.setLanguage("lang" + i))); index(); @@ -1137,7 +1194,7 @@ public class RuleIndexIT { } @Test - public void repositories_facet_should_return_top_100_items() { + void repositories_facet_should_return_top_100_items() { rangeClosed(1, 101).forEach(i -> db.rules().insert(r -> r.setRepositoryKey("repo" + i))); index(); @@ -1147,7 +1204,7 @@ public class RuleIndexIT { } @Test - public void tags_facet_should_find_tags() { + void tags_facet_should_find_tags() { createRule(setSystemTags(), setTags("bla")); index(); @@ -1159,7 +1216,7 @@ public class RuleIndexIT { } @Test - public void tags_facet_should_return_top_100_items() { + void tags_facet_should_return_top_100_items() { // default number of items returned in tag facet = 100 String[] tags = get101Tags(); createRule(setSystemTags(tags)); @@ -1174,7 +1231,7 @@ public class RuleIndexIT { } @Test - public void tags_facet_should_include_matching_selected_items() { + void tags_facet_should_include_matching_selected_items() { // default number of items returned in tag facet = 100 String[] tags = get101Tags(); createRule(setSystemTags(tags)); @@ -1194,7 +1251,7 @@ public class RuleIndexIT { } @Test - public void tags_facet_should_be_available() { + void tags_facet_should_be_available() { RuleQuery query = new RuleQuery(); SearchOptions options = new SearchOptions().addFacets(singletonList(FACET_TAGS)); @@ -1209,7 +1266,7 @@ public class RuleIndexIT { * -- repository for cpp & T2 */ @Test - public void sticky_facets_with_2_filters() { + void sticky_facets_with_2_filters() { setupStickyFacets(); RuleQuery query = new RuleQuery() @@ -1234,7 +1291,7 @@ public class RuleIndexIT { * -- type */ @Test - public void sticky_facets_with_3_filters() { + void sticky_facets_with_3_filters() { setupStickyFacets(); RuleQuery query = new RuleQuery() @@ -1254,7 +1311,7 @@ public class RuleIndexIT { } @Test - public void sort_by_name() { + void sort_by_name() { RuleDto abcd = createRule(setName("abcd")); RuleDto abc = createRule(setName("ABC")); RuleDto fgh = createRule(setName("FGH")); @@ -1272,7 +1329,7 @@ public class RuleIndexIT { } @Test - public void default_sort_is_by_updated_at_desc() { + void default_sort_is_by_updated_at_desc() { long currentTimeMillis = System.currentTimeMillis(); RuleDto old = createRule(setCreatedAt(1000L), setUpdatedAt(currentTimeMillis + 1000L)); @@ -1285,7 +1342,7 @@ public class RuleIndexIT { } @Test - public void fail_sort_by_language() { + void fail_sort_by_language() { try { // Sorting on a field not tagged as sortable new RuleQuery().setSortField(RuleIndexDefinition.FIELD_RULE_LANGUAGE); @@ -1296,7 +1353,7 @@ public class RuleIndexIT { } @Test - public void paging() { + void paging() { createRule(); createRule(); createRule(); @@ -1323,7 +1380,7 @@ public class RuleIndexIT { } @Test - public void search_all_keys_by_query() { + void search_all_keys_by_query() { createRule(setRepositoryKey("javascript"), setRuleKey("X001")); createRule(setRepositoryKey("cobol"), setRuleKey("X001")); createRule(setRepositoryKey("php"), setRuleKey("S002")); @@ -1340,7 +1397,7 @@ public class RuleIndexIT { } @Test - public void searchAll_keys_by_profile() { + void searchAll_keys_by_profile() { RuleDto rule1 = createRule(); RuleDto rule2 = createRule(); RuleDto rule3 = createRule(); diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndex.java b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndex.java index c3b6f438e97..872fe7a69a9 100644 --- a/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndex.java +++ b/server/sonar-server-common/src/main/java/org/sonar/server/rule/index/RuleIndex.java @@ -53,6 +53,7 @@ import org.elasticsearch.search.builder.SearchSourceBuilder; import org.elasticsearch.search.sort.FieldSortBuilder; import org.elasticsearch.search.sort.SortBuilders; import org.elasticsearch.search.sort.SortOrder; +import org.sonar.api.config.Configuration; import org.sonar.api.issue.impact.SoftwareQuality; import org.sonar.api.rule.RuleStatus; import org.sonar.api.rule.Severity; @@ -83,6 +84,8 @@ import static org.elasticsearch.search.aggregations.AggregationBuilders.filters; import static org.elasticsearch.search.aggregations.AggregationBuilders.reverseNested; import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT; import static org.sonar.api.rules.RuleType.VULNERABILITY; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_DEFAULT_VALUE; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_ENABLED; import static org.sonar.server.es.EsUtils.SCROLL_TIME_IN_MINUTES; import static org.sonar.server.es.EsUtils.optimizeScrollRequest; import static org.sonar.server.es.EsUtils.scrollIds; @@ -155,6 +158,14 @@ public class RuleIndex { public static final String FACET_IMPACT_SOFTWARE_QUALITY = "impactSoftwareQualities"; public static final String FACET_IMPACT_SEVERITY = "impactSeverities"; + private static final BoolQueryBuilder SECURITY_IMPACT_AND_HOTSPOT_FILTER = + boolQuery() + .should( + nestedQuery(FIELD_RULE_IMPACTS, termsQuery(FIELD_RULE_IMPACT_SOFTWARE_QUALITY, SoftwareQuality.SECURITY.name()), ScoreMode.Avg)) + .should(termsQuery(FIELD_RULE_TYPE, SECURITY_HOTSPOT.name())) + .minimumShouldMatch(1); + + private static final int MAX_FACET_SIZE = 100; public static final List ALL_STATUSES_EXCEPT_REMOVED = Arrays.stream(RuleStatus.values()) @@ -166,10 +177,13 @@ public class RuleIndex { private final EsClient client; private final System2 system2; + private final Configuration config; - public RuleIndex(EsClient client, System2 system2) { + + public RuleIndex(EsClient client, System2 system2, Configuration config) { this.client = client; this.system2 = system2; + this.config = config; } public SearchIdResult search(RuleQuery query, SearchOptions options) { @@ -266,7 +280,7 @@ public class RuleIndex { } /* Build main filter (match based) */ - private static Map buildFilters(RuleQuery query) { + private Map buildFilters(RuleQuery query) { Map filters = new HashMap<>(); /* Add enforced filter on main type Rule */ @@ -407,12 +421,14 @@ public class RuleIndex { allFilters.put(FIELD_RULE_IMPACTS, nestedQuery(FIELD_ISSUE_IMPACTS, impactsFilter, ScoreMode.Avg)); } - private static void addSecurityStandardFilter(Map filters, String key, Collection values) { + private void addSecurityStandardFilter(Map filters, String key, Collection values) { if (isNotEmpty(values)) { filters.put(key, boolQuery() .must(QueryBuilders.termsQuery(key, values)) - .must(QueryBuilders.termsQuery(FIELD_RULE_TYPE, VULNERABILITY.name(), SECURITY_HOTSPOT.name()))); + .must(isMQRMode() ? + SECURITY_IMPACT_AND_HOTSPOT_FILTER : + QueryBuilders.termsQuery(FIELD_RULE_TYPE, VULNERABILITY.name(), SECURITY_HOTSPOT.name()))); } } @@ -482,7 +498,7 @@ public class RuleIndex { return filter; } - private static Map getFacets(RuleQuery query, SearchOptions options, QueryBuilder queryBuilder, + private Map getFacets(RuleQuery query, SearchOptions options, QueryBuilder queryBuilder, Map filters) { Map aggregations = new HashMap<>(); StickyFacetBuilder stickyFacetBuilder = stickyFacetBuilder(queryBuilder, filters); @@ -500,7 +516,7 @@ public class RuleIndex { return aggregations; } - private static void addDefaultFacets(RuleQuery query, SearchOptions options, Map aggregations, + private void addDefaultFacets(RuleQuery query, SearchOptions options, Map aggregations, StickyFacetBuilder stickyFacetBuilder) { if (options.getFacets().contains(FACET_LANGUAGES) || options.getFacets().contains(FACET_OLD_DEFAULT)) { Collection languages = query.getLanguages(); @@ -600,16 +616,20 @@ public class RuleIndex { return boolQueryBuilder; } - private static Function filterSecurityCategories() { - return termsAggregation -> AggregationBuilders.filter( - "filter_by_rule_types_" + termsAggregation.getName(), - termsQuery(FIELD_RULE_TYPE, - VULNERABILITY.name(), - SECURITY_HOTSPOT.name())) - .subAggregation(termsAggregation); + private Function filterSecurityCategories() { + if (isMQRMode()) { + return termsAggregation -> AggregationBuilders.filter("filter_by_security_impact_" + termsAggregation.getName(), + SECURITY_IMPACT_AND_HOTSPOT_FILTER).subAggregation(termsAggregation); + + } else { + return termsAggregation -> AggregationBuilders.filter( + "filter_by_rule_types_" + termsAggregation.getName(), + termsQuery(FIELD_RULE_TYPE, VULNERABILITY.name(), SECURITY_HOTSPOT.name())) + .subAggregation(termsAggregation); + } } - private static void addDefaultSecurityFacets(RuleQuery query, SearchOptions options, Map aggregations, + private void addDefaultSecurityFacets(RuleQuery query, SearchOptions options, Map aggregations, StickyFacetBuilder stickyFacetBuilder) { if (options.getFacets().contains(FACET_CWE)) { Collection categories = query.getCwe(); @@ -771,4 +791,8 @@ public class RuleIndex { private static boolean isEmpty(@Nullable Collection list) { return list == null || list.isEmpty(); } + + private boolean isMQRMode() { + return config.getBoolean(MULTI_QUALITY_MODE_ENABLED).orElse(MULTI_QUALITY_MODE_DEFAULT_VALUE); + } } diff --git a/server/sonar-webserver-common/src/it/java/org/sonar/server/common/rule/RuleCreatorIT.java b/server/sonar-webserver-common/src/it/java/org/sonar/server/common/rule/RuleCreatorIT.java index dea97caa528..3634ee7c22c 100644 --- a/server/sonar-webserver-common/src/it/java/org/sonar/server/common/rule/RuleCreatorIT.java +++ b/server/sonar-webserver-common/src/it/java/org/sonar/server/common/rule/RuleCreatorIT.java @@ -29,6 +29,8 @@ import java.util.concurrent.atomic.AtomicReference; import org.assertj.core.api.Fail; import org.junit.Rule; import org.junit.Test; +import org.mockito.Mockito; +import org.sonar.api.config.Configuration; import org.sonar.api.impl.utils.TestSystem2; import org.sonar.api.rule.RuleKey; import org.sonar.api.rule.RuleStatus; @@ -61,6 +63,7 @@ import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.groups.Tuple.tuple; import static org.junit.Assert.fail; +import static org.mockito.Mockito.mock; import static org.sonar.api.issue.impact.Severity.HIGH; import static org.sonar.api.issue.impact.Severity.LOW; import static org.sonar.api.issue.impact.Severity.MEDIUM; @@ -84,7 +87,8 @@ public class RuleCreatorIT { @Rule public EsTester es = EsTester.create(); - private final RuleIndex ruleIndex = new RuleIndex(es.client(), system2); + private final Configuration config = mock(Configuration.class); + private final RuleIndex ruleIndex = new RuleIndex(es.client(), system2, config); private final RuleIndexer ruleIndexer = new RuleIndexer(es.client(), dbTester.getDbClient()); private final DbSession dbSession = dbTester.getSession(); private final UuidFactory uuidFactory = new SequenceUuidFactory(); diff --git a/server/sonar-webserver-core/src/it/java/org/sonar/server/rule/registration/RulesRegistrantIT.java b/server/sonar-webserver-core/src/it/java/org/sonar/server/rule/registration/RulesRegistrantIT.java index 3e379453cc7..a3f3e7ccfa3 100644 --- a/server/sonar-webserver-core/src/it/java/org/sonar/server/rule/registration/RulesRegistrantIT.java +++ b/server/sonar-webserver-core/src/it/java/org/sonar/server/rule/registration/RulesRegistrantIT.java @@ -35,6 +35,7 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.RegisterExtension; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; +import org.sonar.api.config.Configuration; import org.sonar.api.impl.utils.TestSystem2; import org.sonar.api.issue.impact.Severity; import org.sonar.api.issue.impact.SoftwareQuality; @@ -159,6 +160,7 @@ class RulesRegistrantIT { private ActiveRulesImpactInitializer activeRulesImpactInitializer; private final RuleDescriptionSectionsGenerator ruleDescriptionSectionsGenerator = mock(); private final RuleDescriptionSectionsGeneratorResolver resolver = mock(); + private final Configuration config = mock(); private final RulesKeyVerifier rulesKeyVerifier = new RulesKeyVerifier(); private final StartupRuleUpdater startupRuleUpdater = new StartupRuleUpdater(dbClient, system, uuidFactory, resolver); @@ -168,7 +170,7 @@ class RulesRegistrantIT { @BeforeEach void before() { ruleIndexer = new RuleIndexer(es.client(), dbClient); - ruleIndex = new RuleIndex(es.client(), system); + ruleIndex = new RuleIndex(es.client(), system, config); activeRuleIndexer = new ActiveRuleIndexer(dbClient, es.client()); internalProperties = new MapInternalProperties(); activeRulesImpactInitializer = new ActiveRulesImpactInitializer(internalProperties, dbClient); diff --git a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java index 6b0d2b1b10a..c86fa25354d 100644 --- a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java +++ b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java @@ -45,9 +45,11 @@ import org.apache.lucene.search.join.ScoreMode; import org.elasticsearch.action.search.SearchRequest; import org.elasticsearch.action.search.SearchResponse; import org.elasticsearch.index.query.BoolQueryBuilder; +import org.elasticsearch.index.query.NestedQueryBuilder; import org.elasticsearch.index.query.QueryBuilder; import org.elasticsearch.index.query.QueryBuilders; import org.elasticsearch.indices.TermsLookup; +import org.elasticsearch.search.aggregations.Aggregation; import org.elasticsearch.search.aggregations.AggregationBuilder; import org.elasticsearch.search.aggregations.AggregationBuilders; import org.elasticsearch.search.aggregations.BucketOrder; @@ -57,6 +59,7 @@ import org.elasticsearch.search.aggregations.bucket.filter.FiltersAggregator; import org.elasticsearch.search.aggregations.bucket.filter.ParsedFilter; import org.elasticsearch.search.aggregations.bucket.histogram.DateHistogramInterval; import org.elasticsearch.search.aggregations.bucket.histogram.LongBounds; +import org.elasticsearch.search.aggregations.bucket.nested.ParsedNested; import org.elasticsearch.search.aggregations.bucket.terms.IncludeExclude; import org.elasticsearch.search.aggregations.bucket.terms.ParsedStringTerms; import org.elasticsearch.search.aggregations.bucket.terms.Terms; @@ -68,6 +71,7 @@ import org.elasticsearch.search.aggregations.metrics.SumAggregationBuilder; import org.elasticsearch.search.builder.SearchSourceBuilder; import org.elasticsearch.search.sort.FieldSortBuilder; import org.joda.time.Duration; +import org.sonar.api.config.Configuration; import org.sonar.api.issue.Issue; import org.sonar.api.issue.IssueStatus; import org.sonar.api.issue.impact.SoftwareQuality; @@ -118,6 +122,8 @@ import static org.elasticsearch.search.aggregations.AggregationBuilders.filters; import static org.elasticsearch.search.aggregations.AggregationBuilders.reverseNested; import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT; import static org.sonar.api.rules.RuleType.VULNERABILITY; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_DEFAULT_VALUE; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_ENABLED; import static org.sonar.server.es.EsUtils.escapeSpecialRegexChars; import static org.sonar.server.es.IndexType.FIELD_INDEX_TYPE; import static org.sonar.server.es.searchrequest.TopAggregationDefinition.NON_STICKY; @@ -247,6 +253,8 @@ public class IssueIndex { private static final int MAX_FACET_SIZE = 100; private static final String AGG_VULNERABILITIES = "vulnerabilities"; private static final String AGG_SEVERITIES = "severities"; + private static final String ISSUES_WITH_SECURITY_IMPACT = "issues_with_security_impact"; + private static final String AGG_IMPACT_SEVERITIES = "impact_severities"; private static final String AGG_TO_REVIEW_SECURITY_HOTSPOTS = "toReviewSecurityHotspots"; private static final String AGG_IN_REVIEW_SECURITY_HOTSPOTS = "inReviewSecurityHotspots"; private static final String AGG_REVIEWED_SECURITY_HOTSPOTS = "reviewedSecurityHotspots"; @@ -254,6 +262,10 @@ public class IssueIndex { private static final BoolQueryBuilder NON_RESOLVED_VULNERABILITIES_FILTER = boolQuery() .filter(termQuery(FIELD_ISSUE_TYPE, VULNERABILITY.name())) .mustNot(existsQuery(FIELD_ISSUE_RESOLUTION)); + private static final BoolQueryBuilder NON_RESOLVED_SECURITY_IMPACT_FILTER = boolQuery() + .filter(nestedQuery(FIELD_ISSUE_IMPACTS, termsQuery(FIELD_ISSUE_IMPACT_SOFTWARE_QUALITY, SoftwareQuality.SECURITY.name()), + ScoreMode.Avg)) + .mustNot(existsQuery(FIELD_ISSUE_RESOLUTION)); private static final BoolQueryBuilder IN_REVIEW_HOTSPOTS_FILTER = boolQuery() .filter(termQuery(FIELD_ISSUE_TYPE, SECURITY_HOTSPOT.name())) .filter(termQuery(FIELD_ISSUE_STATUS, Issue.STATUS_IN_REVIEW)) @@ -266,6 +278,14 @@ public class IssueIndex { .filter(termQuery(FIELD_ISSUE_TYPE, SECURITY_HOTSPOT.name())) .filter(termQuery(FIELD_ISSUE_STATUS, Issue.STATUS_REVIEWED)) .filter(termQuery(FIELD_ISSUE_RESOLUTION, Issue.RESOLUTION_FIXED)); + private static final NestedQueryBuilder SECURITY_IMPACT_FILTER = nestedQuery(FIELD_ISSUE_IMPACTS, + termsQuery(FIELD_ISSUE_IMPACT_SOFTWARE_QUALITY, SoftwareQuality.SECURITY.name()), ScoreMode.Avg); + private static final BoolQueryBuilder SECURITY_IMPACT_AND_HOTSPOT_FILTER = + boolQuery() + .should(SECURITY_IMPACT_FILTER) + .should(termsQuery(FIELD_ISSUE_TYPE, SECURITY_HOTSPOT.name())) + .minimumShouldMatch(1); + private static final Object[] NO_SELECTED_VALUES = {0}; private static final SimpleFieldTopAggregationDefinition EFFORT_TOP_AGGREGATION = new SimpleFieldTopAggregationDefinition(FIELD_ISSUE_EFFORT, NON_STICKY); @@ -362,12 +382,15 @@ public class IssueIndex { private final System2 system; private final UserSession userSession; private final WebAuthorizationTypeSupport authorizationTypeSupport; + private final Configuration config; - public IssueIndex(EsClient client, System2 system, UserSession userSession, WebAuthorizationTypeSupport authorizationTypeSupport) { + public IssueIndex(EsClient client, System2 system, UserSession userSession, WebAuthorizationTypeSupport authorizationTypeSupport, + Configuration config) { this.client = client; this.system = system; this.userSession = userSession; this.authorizationTypeSupport = authorizationTypeSupport; + this.config = config; this.sorting = new Sorting(); this.sorting.add(IssueQuery.SORT_BY_STATUS, FIELD_ISSUE_STATUS); @@ -526,7 +549,7 @@ public class IssueIndex { return filters; } - private static void addOwaspAsvsFilter(String fieldName, Facet facet, IssueQuery query, AllFilters allFilters) { + private void addOwaspAsvsFilter(String fieldName, Facet facet, IssueQuery query, AllFilters allFilters) { if (!CollectionUtils.isEmpty(query.owaspAsvs40())) { Set requirements = calculateRequirementsForOwaspAsvs40Params(query); QueryBuilder securityCategoryFilter = termsQuery(fieldName, requirements); @@ -535,10 +558,14 @@ public class IssueIndex { facet.getFilterScope(), boolQuery() .must(securityCategoryFilter) - .must(termsQuery(FIELD_ISSUE_TYPE, VULNERABILITY.name(), SECURITY_HOTSPOT.name()))); + .must(getQueryBuilderForSecurityCategory())); } } + private QueryBuilder getQueryBuilderForSecurityCategory() { + return isMQRMode() ? SECURITY_IMPACT_AND_HOTSPOT_FILTER : termsQuery(FIELD_ISSUE_TYPE, VULNERABILITY.name(), SECURITY_HOTSPOT.name()); + } + private static Set calculateRequirementsForOwaspAsvs40Params(IssueQuery query) { int level = query.getOwaspAsvsLevel().orElse(3); List levelRequirements = OWASP_ASVS_40_REQUIREMENTS_BY_LEVEL.get(level); @@ -553,7 +580,7 @@ public class IssueIndex { }).collect(Collectors.toSet()); } - private static void addSecurityCategoryFilter(String fieldName, Facet facet, Collection values, AllFilters allFilters) { + private void addSecurityCategoryFilter(String fieldName, Facet facet, Collection values, AllFilters allFilters) { QueryBuilder securityCategoryFilter = createTermsFilter(fieldName, values); if (securityCategoryFilter != null) { allFilters.addFilter( @@ -561,7 +588,7 @@ public class IssueIndex { facet.getFilterScope(), boolQuery() .must(securityCategoryFilter) - .must(termsQuery(FIELD_ISSUE_TYPE, VULNERABILITY.name(), SECURITY_HOTSPOT.name()))); + .must(getQueryBuilderForSecurityCategory())); } } @@ -585,7 +612,7 @@ public class IssueIndex { * @param values The PCI DSS categories to search for * @param allFilters Object that holds all the filters for the Elastic search call */ - private static void addSecurityCategoryPrefixFilter(String fieldName, Facet facet, Collection values, AllFilters allFilters) { + private void addSecurityCategoryPrefixFilter(String fieldName, Facet facet, Collection values, AllFilters allFilters) { if (values.isEmpty()) { return; } @@ -593,8 +620,7 @@ public class IssueIndex { BoolQueryBuilder boolQueryBuilder = boolQuery() // ensures that at least one "should" query is matched. Without it, "should" queries are optional, when a "must" is also present. .minimumShouldMatch(1) - // the field type must be vulnerability or security hotspot - .must(termsQuery(FIELD_ISSUE_TYPE, VULNERABILITY.name(), SECURITY_HOTSPOT.name())); + .must(getQueryBuilderForSecurityCategory()); // for top level categories a prefix query is added, while for subcategories a term query is used for exact matching values.stream().map(v -> choosePrefixQuery(fieldName, v)).forEach(boolQueryBuilder::should); @@ -929,7 +955,8 @@ public class IssueIndex { esRequest.aggregation(topAggregation); } - private static void addSecurityCategoryFacetIfNeeded(String param, Facet facet, SearchOptions options, TopAggregationHelper aggregationHelper, SearchSourceBuilder esRequest, + private void addSecurityCategoryFacetIfNeeded(String param, Facet facet, SearchOptions options, TopAggregationHelper aggregationHelper, + SearchSourceBuilder esRequest, Object[] selectedValues) { if (!options.getFacets().contains(param)) { return; @@ -937,7 +964,7 @@ public class IssueIndex { AggregationBuilder aggregation = aggregationHelper.buildTermTopAggregation( facet.getName(), facet.getTopAggregationDef(), facet.getNumberOfTerms(), - filter -> filter.must(termQuery(FIELD_ISSUE_TYPE, VULNERABILITY.name())), + filter -> filter.must(isMQRMode() ? SECURITY_IMPACT_FILTER : termQuery(FIELD_ISSUE_TYPE, VULNERABILITY.name())), t -> aggregationHelper.getSubAggregationHelper().buildSelectedItemsAggregation(facet.getName(), facet.getTopAggregationDef(), selectedValues) .ifPresent(t::subAggregation)); esRequest.aggregation(aggregation); @@ -1375,7 +1402,8 @@ public class IssueIndex { return client.search(request); } - private static SecurityStandardCategoryStatistics processSecurityReportIssueSearchResultsWithDistribution(ParsedFilter categoryFilter, @Nullable String version, + private SecurityStandardCategoryStatistics processSecurityReportIssueSearchResultsWithDistribution(ParsedFilter categoryFilter, + @Nullable String version, @Nullable Integer level) { var list = ((ParsedStringTerms) categoryFilter.getAggregations().get(AGG_DISTRIBUTION)).getBuckets(); List children = list.stream() @@ -1387,7 +1415,8 @@ public class IssueIndex { return processSecurityReportCategorySearchResults(categoryFilter, categoryFilter.getName(), children, version); } - private static SecurityStandardCategoryStatistics processSecurityReportIssueSearchResultsWithLevelDistribution(ParsedFilter categoryFilter, String version, String level) { + private SecurityStandardCategoryStatistics processSecurityReportIssueSearchResultsWithLevelDistribution(ParsedFilter categoryFilter, + String version, String level) { var list = ((ParsedStringTerms) categoryFilter.getAggregations().get(AGG_DISTRIBUTION)).getBuckets(); List children = list.stream() .filter(categoryBucket -> OWASP_ASVS_40_REQUIREMENTS_BY_LEVEL.get(Integer.parseInt(level)).contains(categoryBucket.getKeyAsString())) @@ -1397,7 +1426,8 @@ public class IssueIndex { return processSecurityReportCategorySearchResults(categoryFilter, categoryFilter.getName(), children, version); } - private static SecurityStandardCategoryStatistics processSecurityReportIssueSearchResults(ParsedFilter categoryBucket, boolean includeDistribution, String version) { + private SecurityStandardCategoryStatistics processSecurityReportIssueSearchResults(ParsedFilter categoryBucket, + boolean includeDistribution, String version) { List children = new ArrayList<>(); if (includeDistribution) { Stream stream = ((ParsedStringTerms) categoryBucket.getAggregations().get(AGG_DISTRIBUTION)).getBuckets().stream(); @@ -1408,16 +1438,16 @@ public class IssueIndex { return processSecurityReportCategorySearchResults(categoryBucket, categoryBucket.getName(), children, version); } - private static SecurityStandardCategoryStatistics processSecurityReportCategorySearchResults(HasAggregations categoryBucket, String categoryName, + private SecurityStandardCategoryStatistics processSecurityReportCategorySearchResults(HasAggregations categoryBucket, String categoryName, @Nullable List children, @Nullable String version) { - List severityBuckets = ((ParsedStringTerms) ((ParsedFilter) categoryBucket.getAggregations().get(AGG_VULNERABILITIES)).getAggregations() - .get(AGG_SEVERITIES)).getBuckets(); - long vulnerabilities = severityBuckets.stream().mapToLong(b -> ((ParsedValueCount) b.getAggregations().get(AGG_COUNT)).getValue()).sum(); + + Aggregation severitiesAggregations = + ((ParsedFilter) categoryBucket.getAggregations().get(AGG_VULNERABILITIES)).getAggregations().get(AGG_SEVERITIES); + + CountAndRating countAndRating = getCountAndRating(severitiesAggregations); + long vulnerabilities = countAndRating.getCount(); // Worst severity having at least one issue - OptionalInt severityRating = severityBuckets.stream() - .filter(b -> ((ParsedValueCount) b.getAggregations().get(AGG_COUNT)).getValue() != 0) - .mapToInt(b -> Severity.ALL.indexOf(b.getKeyAsString()) + 1) - .max(); + OptionalInt severityRating = countAndRating.getRating(); long toReviewSecurityHotspots = ((ParsedValueCount) ((ParsedFilter) categoryBucket.getAggregations().get(AGG_TO_REVIEW_SECURITY_HOTSPOTS)).getAggregations().get(AGG_COUNT)) .getValue(); @@ -1431,7 +1461,32 @@ public class IssueIndex { reviewedSecurityHotspots, securityReviewRating, children, version); } - private static AggregationBuilder newSecurityReportSubAggregations(AggregationBuilder categoriesAggs, String securityStandardVersionPrefix) { + private CountAndRating getCountAndRating(Aggregation severitiesAggregations) { + if (isMQRMode()) { + List severityBuckets = + ((ParsedStringTerms) ((ParsedFilter) ((ParsedNested) severitiesAggregations).getAggregations().get(ISSUES_WITH_SECURITY_IMPACT)).getAggregations().get(AGG_IMPACT_SEVERITIES)).getBuckets(); + long vulnerabilities = + severityBuckets.stream().mapToLong(b -> ((ParsedValueCount) b.getAggregations().get(AGG_COUNT)).getValue()).sum(); + // Worst severity having at least one issue + OptionalInt severityRating = severityBuckets.stream() + .filter(b -> ((ParsedValueCount) b.getAggregations().get(AGG_COUNT)).getValue() != 0) + .mapToInt(b -> org.sonar.api.issue.impact.Severity.valueOf(b.getKeyAsString()).ordinal() + 1) + .max(); + return new CountAndRating(vulnerabilities, severityRating); + } else { + List severityBuckets = ((ParsedStringTerms) severitiesAggregations).getBuckets(); + long vulnerabilities = + severityBuckets.stream().mapToLong(b -> ((ParsedValueCount) b.getAggregations().get(AGG_COUNT)).getValue()).sum(); + // Worst severity having at least one issue + OptionalInt severityRating = severityBuckets.stream() + .filter(b -> ((ParsedValueCount) b.getAggregations().get(AGG_COUNT)).getValue() != 0) + .mapToInt(b -> Severity.ALL.indexOf(b.getKeyAsString()) + 1) + .max(); + return new CountAndRating(vulnerabilities, severityRating); + } + } + + private AggregationBuilder newSecurityReportSubAggregations(AggregationBuilder categoriesAggs, String securityStandardVersionPrefix) { AggregationBuilder aggregationBuilder = addSecurityReportIssueCountAggregations(categoriesAggs); final TermsAggregationBuilder distributionAggregation = AggregationBuilders.terms(AGG_DISTRIBUTION) .field(securityStandardVersionPrefix) @@ -1442,7 +1497,8 @@ public class IssueIndex { return aggregationBuilder; } - private static AggregationBuilder newSecurityReportSubAggregations(AggregationBuilder categoriesAggs, boolean includeCwe, @Nullable Collection cwesInCategory) { + private AggregationBuilder newSecurityReportSubAggregations(AggregationBuilder categoriesAggs, boolean includeCwe, + @Nullable Collection cwesInCategory) { AggregationBuilder aggregationBuilder = addSecurityReportIssueCountAggregations(categoriesAggs); if (includeCwe) { final TermsAggregationBuilder cwesAgg = AggregationBuilders.terms(AGG_DISTRIBUTION) @@ -1457,14 +1513,11 @@ public class IssueIndex { return aggregationBuilder; } - private static AggregationBuilder addSecurityReportIssueCountAggregations(AggregationBuilder categoryAggs) { + private AggregationBuilder addSecurityReportIssueCountAggregations(AggregationBuilder categoryAggs) { return categoryAggs .subAggregation( - AggregationBuilders.filter(AGG_VULNERABILITIES, NON_RESOLVED_VULNERABILITIES_FILTER) - .subAggregation( - AggregationBuilders.terms(AGG_SEVERITIES).field(FIELD_ISSUE_SEVERITY) - .subAggregation( - AggregationBuilders.count(AGG_COUNT).field(FIELD_ISSUE_KEY)))) + AggregationBuilders.filter(AGG_VULNERABILITIES, getNonResolvedIssuesOrNonResolvedSecurityImpactQueryBuilderBasedOnMode()) + .subAggregation(getAggregationBuilderBasedOnMode())) .subAggregation(AggregationBuilders.filter(AGG_TO_REVIEW_SECURITY_HOTSPOTS, TO_REVIEW_HOTSPOTS_FILTER) .subAggregation( AggregationBuilders.count(AGG_COUNT).field(FIELD_ISSUE_KEY))) @@ -1476,7 +1529,27 @@ public class IssueIndex { AggregationBuilders.count(AGG_COUNT).field(FIELD_ISSUE_KEY))); } - private static SearchSourceBuilder prepareNonClosedVulnerabilitiesAndHotspotSearch(String projectUuid, boolean isViewOrApp) { + private AggregationBuilder getAggregationBuilderBasedOnMode() { + if (isMQRMode()) { + return AggregationBuilders.nested(AGG_SEVERITIES, FIELD_ISSUE_IMPACTS) + .subAggregation(AggregationBuilders.filter(ISSUES_WITH_SECURITY_IMPACT, + boolQuery().filter(termsQuery(FIELD_ISSUE_IMPACT_SOFTWARE_QUALITY, SoftwareQuality.SECURITY.name()))) + .subAggregation(AggregationBuilders.terms(AGG_IMPACT_SEVERITIES).field(FIELD_ISSUE_IMPACT_SEVERITY) + .subAggregation( + AggregationBuilders.count(AGG_COUNT).field(FIELD_ISSUE_IMPACT_SEVERITY)))); + + } else { + return AggregationBuilders.terms(AGG_SEVERITIES).field(FIELD_ISSUE_SEVERITY) + .subAggregation( + AggregationBuilders.count(AGG_COUNT).field(FIELD_ISSUE_KEY)); + + } + } + private QueryBuilder getNonResolvedIssuesOrNonResolvedSecurityImpactQueryBuilderBasedOnMode() { + return isMQRMode() ? NON_RESOLVED_SECURITY_IMPACT_FILTER : NON_RESOLVED_VULNERABILITIES_FILTER; + } + + private SearchSourceBuilder prepareNonClosedVulnerabilitiesAndHotspotSearch(String projectUuid, boolean isViewOrApp) { BoolQueryBuilder componentFilter = boolQuery(); if (isViewOrApp) { componentFilter.filter(QueryBuilders.termsLookupQuery(FIELD_ISSUE_BRANCH_UUID, @@ -1492,7 +1565,7 @@ public class IssueIndex { return sourceBuilder .query( componentFilter - .should(NON_RESOLVED_VULNERABILITIES_FILTER) + .should(getNonResolvedIssuesOrNonResolvedSecurityImpactQueryBuilderBasedOnMode()) .should(TO_REVIEW_HOTSPOTS_FILTER) .should(IN_REVIEW_HOTSPOTS_FILTER) .should(REVIEWED_HOTSPOTS_FILTER) @@ -1500,4 +1573,26 @@ public class IssueIndex { .size(0); } + private boolean isMQRMode() { + return config.getBoolean(MULTI_QUALITY_MODE_ENABLED).orElse(MULTI_QUALITY_MODE_DEFAULT_VALUE); + } + + + private static class CountAndRating { + private long count; + private OptionalInt rating; + + public CountAndRating(long count, OptionalInt rating) { + this.count = count; + this.rating = rating; + } + + public long getCount() { + return count; + } + + public OptionalInt getRating() { + return rating; + } + } } diff --git a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexFacetsTest.java b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexFacetsTest.java index ffeffc9647e..e9d7adf197d 100644 --- a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexFacetsTest.java +++ b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexFacetsTest.java @@ -23,9 +23,12 @@ import java.time.ZoneId; import java.util.Collections; import java.util.Date; import java.util.Map; +import java.util.Optional; import java.util.Set; import org.elasticsearch.action.search.SearchResponse; import org.junit.jupiter.api.Test; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.ValueSource; import org.sonar.api.issue.IssueStatus; import org.sonar.api.issue.impact.Severity; import org.sonar.api.rules.RuleType; @@ -41,6 +44,7 @@ import static java.util.Collections.singletonList; import static java.util.stream.IntStream.rangeClosed; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.entry; +import static org.mockito.Mockito.doReturn; import static org.sonar.api.issue.Issue.RESOLUTION_FALSE_POSITIVE; import static org.sonar.api.issue.Issue.RESOLUTION_FIXED; import static org.sonar.api.issue.Issue.RESOLUTION_REMOVED; @@ -50,6 +54,7 @@ import static org.sonar.api.issue.Issue.STATUS_CONFIRMED; import static org.sonar.api.issue.Issue.STATUS_OPEN; import static org.sonar.api.issue.Issue.STATUS_REOPENED; import static org.sonar.api.issue.Issue.STATUS_RESOLVED; +import static org.sonar.api.issue.impact.Severity.HIGH; import static org.sonar.api.issue.impact.SoftwareQuality.MAINTAINABILITY; import static org.sonar.api.issue.impact.SoftwareQuality.RELIABILITY; import static org.sonar.api.issue.impact.SoftwareQuality.SECURITY; @@ -67,6 +72,7 @@ import static org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version.Y2021; import static org.sonar.api.server.rule.RulesDefinition.PciDssVersion.V3_2; import static org.sonar.api.server.rule.RulesDefinition.PciDssVersion.V4_0; import static org.sonar.api.utils.DateUtils.parseDateTime; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_ENABLED; import static org.sonar.db.component.ComponentTesting.newDirectory; import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; @@ -160,14 +166,17 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { , 102); } - @Test - void facets_on_cwe() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void facets_on_cwe(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setCwe(asList("20", "564", "89", "943")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setCwe(asList("943")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setCwe(asList("20", "564", + "89", "943")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setCwe(asList("943")), newDoc("I3", project.uuid(), file)); assertThatFacetHasOnly(IssueQuery.builder(), "cwe", @@ -177,14 +186,16 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { entry("89", 1L)); } - @Test - void facets_on_pciDss32() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void facets_on_pciDss32(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setPciDss32(asList("1", "2")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setPciDss32(singletonList("3")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setPciDss32(asList("1", "2")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setPciDss32(singletonList("3")), newDoc("I3", project.uuid(), file)); assertThatFacetHasOnly(IssueQuery.builder(), V3_2.prefix(), @@ -193,14 +204,16 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { entry("3", 1L)); } - @Test - void facets_on_pciDss40() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void facets_on_pciDss40(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setPciDss40(asList("1", "2")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setPciDss40(singletonList("3")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setPciDss40(asList("1", "2")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setPciDss40(singletonList("3")), newDoc("I3", project.uuid(), file)); assertThatFacetHasOnly(IssueQuery.builder(), V4_0.prefix(), @@ -209,14 +222,18 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { entry("3", 1L)); } - @Test - void facets_on_owaspAsvs40() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void facets_on_owaspAsvs40(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(asList("1", "2")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(singletonList("3")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspAsvs40(asList("1", "2" + )), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspAsvs40(singletonList( + "3")), newDoc("I3", project.uuid(), file)); assertThatFacetHasOnly(IssueQuery.builder(), OwaspAsvsVersion.V4_0.prefix(), @@ -225,14 +242,18 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { entry("3", 1L)); } - @Test - void facets_on_owaspTop10() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void facets_on_owaspTop10(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspTop10(asList("a1", "a2")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspTop10(singletonList("a3")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspTop10(asList("a1", + "a2")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspTop10(singletonList( + "a3")), newDoc("I3", project.uuid(), file)); assertThatFacetHasOnly(IssueQuery.builder(), Y2017.prefix(), @@ -241,14 +262,17 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { entry("a3", 1L)); } - @Test - void facets_on_owaspTop10_2021() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void facets_on_owaspTop10_2021(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspTop10For2021(asList("a1", "a2")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspTop10For2021(singletonList("a3")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspTop10For2021(asList( + "a1", "a2")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspTop10For2021(singletonList("a3")), newDoc("I3", project.uuid(), file)); assertThatFacetHasExactly(IssueQuery.builder(), Y2021.prefix(), @@ -257,14 +281,17 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { entry("a3", 1L)); } - @Test - void facets_on_owaspTop10_2021_stay_ordered() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void facets_on_owaspTop10_2021_stay_ordered(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspTop10For2021(asList("a1", "a2")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspTop10For2021(singletonList("a3")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspTop10For2021(asList( + "a1", "a2")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspTop10For2021(singletonList("a3")), newDoc("I3", project.uuid(), file)); assertThatFacetHasExactly(IssueQuery.builder().owaspTop10For2021(Collections.singletonList("a3")), Y2021.prefix(), @@ -273,15 +300,19 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { entry("a3", 1L)); } - @Test - void facets_on_sansTop25() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void facets_on_sansTop25(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setSansTop25(asList("porous-defenses", "risky-resource", + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setSansTop25(asList("porous" + + "-defenses", "risky-resource", "insecure-interaction")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setSansTop25(singletonList("porous-defenses")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setSansTop25(singletonList( + "porous-defenses")), newDoc("I3", project.uuid(), file)); assertThatFacetHasOnly(IssueQuery.builder(), "sansTop25", @@ -290,14 +321,16 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { entry("risky-resource", 1L)); } - @Test - void facets_on_sonarSourceSecurity() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void facets_on_sonarSourceSecurity(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setSonarSourceSecurityCategory(SQCategory.BUFFER_OVERFLOW), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setSonarSourceSecurityCategory(SQCategory.DOS), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setSonarSourceSecurityCategory(SQCategory.BUFFER_OVERFLOW), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setSonarSourceSecurityCategory(SQCategory.DOS), newDoc("I3", project.uuid(), file)); assertThatFacetHasOnly(IssueQuery.builder(), "sonarsourceSecurity", @@ -723,12 +756,12 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { indexIssues( newDoc("I1", project.uuid(), file).setImpacts(Map.of( - MAINTAINABILITY, org.sonar.api.issue.impact.Severity.HIGH, + MAINTAINABILITY, HIGH, RELIABILITY, org.sonar.api.issue.impact.Severity.MEDIUM)), newDoc("I2", project.uuid(), file).setImpacts(Map.of( MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW)), newDoc("I3", project.uuid(), file).setImpacts(Map.of( - RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH)), + RELIABILITY, HIGH)), newDoc("I4", project.uuid(), file).setImpacts(Map.of( MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW))); @@ -745,13 +778,13 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { indexIssues( newDoc("I1", project.uuid(), file).setImpacts(Map.of( - MAINTAINABILITY, org.sonar.api.issue.impact.Severity.HIGH, + MAINTAINABILITY, HIGH, RELIABILITY, org.sonar.api.issue.impact.Severity.MEDIUM)) .setTags(singletonList("my-tag")), newDoc("I2", project.uuid(), file).setImpacts(Map.of( MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW)), newDoc("I3", project.uuid(), file).setImpacts(Map.of( - RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH)), + RELIABILITY, HIGH)), newDoc("I4", project.uuid(), file).setImpacts(Map.of( MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW))); @@ -771,7 +804,7 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { entry("RELIABILITY", 1L), entry("SECURITY", 0L)); - assertThatFacetHasOnly(IssueQuery.builder().impactSeverities(Set.of(org.sonar.api.issue.impact.Severity.HIGH.name())), + assertThatFacetHasOnly(IssueQuery.builder().impactSeverities(Set.of(HIGH.name())), "impactSoftwareQualities", entry("MAINTAINABILITY", 1L), entry("RELIABILITY", 1L), @@ -779,7 +812,7 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { assertThatFacetHasOnly(IssueQuery.builder() .tags(singletonList("my-tag")) - .impactSeverities(Set.of(org.sonar.api.issue.impact.Severity.HIGH.name())), "impactSoftwareQualities", + .impactSeverities(Set.of(HIGH.name())), "impactSoftwareQualities", entry("MAINTAINABILITY", 1L), entry("RELIABILITY", 0L), entry("SECURITY", 0L)); @@ -822,12 +855,12 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { indexIssues( newDoc("I1", project.uuid(), file).setImpacts(Map.of( - MAINTAINABILITY, org.sonar.api.issue.impact.Severity.HIGH, + MAINTAINABILITY, HIGH, RELIABILITY, org.sonar.api.issue.impact.Severity.MEDIUM)), newDoc("I2", project.uuid(), file).setImpacts(Map.of( MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW)), newDoc("I3", project.uuid(), file).setImpacts(Map.of( - RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH, + RELIABILITY, HIGH, SECURITY, org.sonar.api.issue.impact.Severity.BLOCKER)), newDoc("I4", project.uuid(), file).setImpacts(Map.of( MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW, @@ -848,12 +881,12 @@ class IssueIndexFacetsTest extends IssueIndexTestCommon { indexIssues( newDoc("I1", project.uuid(), file).setImpacts(Map.of( - MAINTAINABILITY, org.sonar.api.issue.impact.Severity.HIGH, + MAINTAINABILITY, HIGH, RELIABILITY, org.sonar.api.issue.impact.Severity.MEDIUM)), newDoc("I2", project.uuid(), file).setImpacts(Map.of( MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW)), newDoc("I3", project.uuid(), file).setImpacts(Map.of( - RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH)), + RELIABILITY, HIGH)), newDoc("I4", project.uuid(), file).setImpacts(Map.of( MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW))); diff --git a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexFiltersTest.java b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexFiltersTest.java index 75277fbfbc3..1156777cbd2 100644 --- a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexFiltersTest.java +++ b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexFiltersTest.java @@ -22,9 +22,12 @@ package org.sonar.server.issue.index; import java.util.Date; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.Set; import org.assertj.core.api.Fail; import org.junit.jupiter.api.Test; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.ValueSource; import org.sonar.api.issue.Issue; import org.sonar.api.issue.IssueStatus; import org.sonar.api.rule.Severity; @@ -40,10 +43,13 @@ import static java.util.Collections.emptyList; import static java.util.Collections.singletonList; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; +import static org.mockito.Mockito.doReturn; +import static org.sonar.api.issue.impact.Severity.BLOCKER; +import static org.sonar.api.issue.impact.Severity.HIGH; +import static org.sonar.api.issue.impact.Severity.LOW; import static org.sonar.api.issue.impact.SoftwareQuality.MAINTAINABILITY; import static org.sonar.api.issue.impact.SoftwareQuality.RELIABILITY; import static org.sonar.api.issue.impact.SoftwareQuality.SECURITY; -import static org.sonar.db.component.ComponentQualifiers.APP; import static org.sonar.api.rules.CleanCodeAttributeCategory.ADAPTABLE; import static org.sonar.api.rules.CleanCodeAttributeCategory.CONSISTENT; import static org.sonar.api.rules.CleanCodeAttributeCategory.INTENTIONAL; @@ -51,6 +57,8 @@ import static org.sonar.api.rules.CleanCodeAttributeCategory.RESPONSIBLE; import static org.sonar.api.utils.DateUtils.addDays; import static org.sonar.api.utils.DateUtils.parseDate; import static org.sonar.api.utils.DateUtils.parseDateTime; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_ENABLED; +import static org.sonar.db.component.ComponentQualifiers.APP; import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; import static org.sonar.db.rule.RuleTesting.newRule; @@ -757,27 +765,34 @@ class IssueIndexFiltersTest extends IssueIndexTestCommon { assertThatSearchReturnsOnly(IssueQuery.builder().newCodeOnReference(true), "I1"); } - @Test - void filter_by_cwe() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void filter_by_cwe(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setCwe(asList("20", "564", "89", "943")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setCwe(singletonList("943")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setCwe(asList("20", "564", + "89", "943")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setCwe(singletonList("943")), newDoc("I3", project.uuid(), file)); assertThatSearchReturnsOnly(IssueQuery.builder().cwe(singletonList("20")), "I1"); } - @Test - void filter_by_owaspAsvs40_category() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void filter_by_owaspAsvs40_category(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(asList("1.1.1", "1.2.2", "2.2.2")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(asList("1.1.1", "1.2.2")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspAsvs40(asList("1.1.1" + , "1.2.2", "2.2.2")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspAsvs40(asList("1.1.1" + , "1.2.2")), newDoc("I3", project.uuid(), file)); assertThatSearchReturnsOnly(IssueQuery.builder().owaspAsvs40(singletonList("1")), "I1", "I2"); @@ -785,14 +800,18 @@ class IssueIndexFiltersTest extends IssueIndexTestCommon { assertThatSearchReturnsOnly(IssueQuery.builder().owaspAsvs40(singletonList("3"))); } - @Test - void filter_by_owaspAsvs40_specific_requirement() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void filter_by_owaspAsvs40_specific_requirement(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(asList("1.1.1", "1.2.2", "2.2.2")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(asList("1.1.1", "1.2.2")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspAsvs40(asList("1.1.1" + , "1.2.2", "2.2.2")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspAsvs40(asList("1.1.1" + , "1.2.2")), newDoc("I3", project.uuid(), file)); assertThatSearchReturnsOnly(IssueQuery.builder().owaspAsvs40(singletonList("1.1.1")), "I1", "I2"); @@ -800,16 +819,22 @@ class IssueIndexFiltersTest extends IssueIndexTestCommon { assertThatSearchReturnsOnly(IssueQuery.builder().owaspAsvs40(singletonList("3.3.3"))); } - @Test - void filter_by_owaspAsvs40_level() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void filter_by_owaspAsvs40_level(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(asList("2.1.1", "1.1.1", "1.11.3")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(asList("1.1.1", "1.11.3")), - newDoc("I3", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(singletonList("1.11.3")), - newDoc("IError1", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspAsvs40(asList("5.5.1", "7.2.2", "10.2.6")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspAsvs40(asList("2.1.1" + , "1.1.1", "1.11.3")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, BLOCKER)).setOwaspAsvs40(asList("1.1" + + ".1", "1.11.3")), + newDoc("I3", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setOwaspAsvs40(singletonList( + "1.11.3")), + newDoc("IError1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspAsvs40(asList("5" + + ".5.1", "7.2.2", "10.2.6")), newDoc("IError2", project.uuid(), file)); assertThatSearchReturnsOnly( @@ -822,40 +847,49 @@ class IssueIndexFiltersTest extends IssueIndexTestCommon { "I1", "I2"); } - @Test - void filter_by_owaspTop10() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void filter_by_owaspTop10(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setOwaspTop10(asList("a1", "a2")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setCwe(singletonList("a3")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setOwaspTop10(asList("a1", + "a2")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setCwe(singletonList("a3")), newDoc("I3", project.uuid(), file)); assertThatSearchReturnsOnly(IssueQuery.builder().owaspTop10(singletonList("a1")), "I1"); } - @Test - void filter_by_sansTop25() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void filter_by_sansTop25(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setSansTop25(asList("porous-defenses", "risky-resource", "insecure-interaction")), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setSansTop25(singletonList("porous-defenses")), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setSansTop25(asList("porous" + + "-defenses", "risky-resource", "insecure-interaction")), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setSansTop25(singletonList( + "porous-defenses")), newDoc("I3", project.uuid(), file)); assertThatSearchReturnsOnly(IssueQuery.builder().sansTop25(singletonList("risky-resource")), "I1"); } - @Test - void filter_by_sonarSecurity() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void filter_by_sonarSecurity(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto file = newFileDto(project); indexIssues( - newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setSonarSourceSecurityCategory(SQCategory.BUFFER_OVERFLOW), - newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setSonarSourceSecurityCategory(SQCategory.DOS), + newDoc("I1", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setSonarSourceSecurityCategory(SQCategory.BUFFER_OVERFLOW), + newDoc("I2", project.uuid(), file).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setSonarSourceSecurityCategory(SQCategory.DOS), newDoc("I3", project.uuid(), file)); assertThatSearchReturnsOnly(IssueQuery.builder().sonarsourceSecurity(singletonList("buffer-overflow")), "I1"); @@ -882,7 +916,7 @@ class IssueIndexFiltersTest extends IssueIndexTestCommon { indexIssues( newDoc("I1", project.uuid(), file).setImpacts(Map.of( - MAINTAINABILITY, org.sonar.api.issue.impact.Severity.HIGH, + MAINTAINABILITY, HIGH, SECURITY, org.sonar.api.issue.impact.Severity.LOW, RELIABILITY, org.sonar.api.issue.impact.Severity.MEDIUM)), @@ -890,7 +924,7 @@ class IssueIndexFiltersTest extends IssueIndexTestCommon { MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW, SECURITY, org.sonar.api.issue.impact.Severity.LOW)), newDoc("I3", project.uuid(), file).setImpacts(Map.of( - RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH)), + RELIABILITY, HIGH)), newDoc("I4", project.uuid(), file).setImpacts(Map.of( MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW))); @@ -900,7 +934,7 @@ class IssueIndexFiltersTest extends IssueIndexTestCommon { assertThatSearchReturnsOnly(IssueQuery.builder().impactSoftwareQualities(Set.of(MAINTAINABILITY.name(), RELIABILITY.name())), "I1", "I2", "I3", "I4"); - assertThatSearchReturnsOnly(IssueQuery.builder().impactSeverities(Set.of(org.sonar.api.issue.impact.Severity.HIGH.name())), + assertThatSearchReturnsOnly(IssueQuery.builder().impactSeverities(Set.of(HIGH.name())), "I1", "I3"); assertThatSearchReturnsOnly(IssueQuery.builder().impactSeverities(Set.of(org.sonar.api.issue.impact.Severity.LOW.name(), org.sonar.api.issue.impact.Severity.MEDIUM.name())), @@ -908,7 +942,7 @@ class IssueIndexFiltersTest extends IssueIndexTestCommon { assertThatSearchReturnsOnly(IssueQuery.builder() .impactSoftwareQualities(Set.of(MAINTAINABILITY.name())) - .impactSeverities(Set.of(org.sonar.api.issue.impact.Severity.HIGH.name())), + .impactSeverities(Set.of(HIGH.name())), "I1"); } diff --git a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexSecurityCategoriesTest.java b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexSecurityCategoriesTest.java index 04990f9dc7d..78d3e9d2b4e 100644 --- a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexSecurityCategoriesTest.java +++ b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexSecurityCategoriesTest.java @@ -20,7 +20,10 @@ package org.sonar.server.issue.index; import java.util.List; -import org.junit.jupiter.api.Test; +import java.util.Map; +import java.util.Optional; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.ValueSource; import org.sonar.api.issue.Issue; import org.sonar.api.rule.Severity; import org.sonar.api.rules.RuleType; @@ -29,19 +32,25 @@ import org.sonar.db.component.ComponentDto; import static java.util.Arrays.asList; import static java.util.Arrays.stream; import static java.util.stream.Collectors.toList; +import static org.mockito.Mockito.doReturn; +import static org.sonar.api.issue.impact.Severity.HIGH; +import static org.sonar.api.issue.impact.SoftwareQuality.SECURITY; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_ENABLED; import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; import static org.sonar.server.issue.IssueDocTesting.newDocForProject; class IssueIndexSecurityCategoriesTest extends IssueIndexTestCommon { - @Test - void searchSinglePciDss32Category() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void searchSinglePciDss32Category(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project).setPciDss32(asList("3.3.2", "1.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project).setPciDss32(asList("3.3.2", "1.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR) ); @@ -50,17 +59,19 @@ class IssueIndexSecurityCategoriesTest extends IssueIndexTestCommon { assertThatSearchReturnsEmpty(queryPciDss32("1.2")); } - @Test - void searchMultiplePciDss32Categories() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void searchMultiplePciDss32Categories(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project).setPciDss32(asList("3.3.2", "2.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project).setPciDss32(asList("3.3.2", "2.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("openvul3", project).setPciDss32(asList("4.1", "5.4")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) - .setSeverity(Severity.MINOR) + newDocForProject("openvul3", project).setPciDss32(asList("4.1", "5.4")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, + HIGH)).setStatus(Issue.STATUS_REOPENED).setSeverity(Severity.MINOR) ); assertThatSearchReturnsOnly(queryPciDss32("1", "4"), "openvul1", "openvul3"); @@ -68,14 +79,16 @@ class IssueIndexSecurityCategoriesTest extends IssueIndexTestCommon { assertThatSearchReturnsEmpty(queryPciDss32("6", "7", "8", "9", "10", "11", "12")); } - @Test - void searchSinglePciDss40Category() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void searchSinglePciDss40Category(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setPciDss40(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project).setPciDss40(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project).setPciDss40(asList("3.3.2", "1.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project).setPciDss40(asList("3.3.2", "1.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR) ); @@ -84,17 +97,19 @@ class IssueIndexSecurityCategoriesTest extends IssueIndexTestCommon { assertThatSearchReturnsEmpty(queryPciDss40("1.2")); } - @Test - void searchMultiplePciDss40Categories() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void searchMultiplePciDss40Categories(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setPciDss40(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project).setPciDss40(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project).setPciDss40(asList("3.3.2", "2.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project).setPciDss40(asList("3.3.2", "2.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("openvul3", project).setPciDss40(asList("4.1", "5.4")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) - .setSeverity(Severity.MINOR) + newDocForProject("openvul3", project).setPciDss40(asList("4.1", "5.4")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, + HIGH)).setStatus(Issue.STATUS_REOPENED).setSeverity(Severity.MINOR) ); assertThatSearchReturnsOnly(queryPciDss40("1", "4"), "openvul1", "openvul3"); @@ -102,16 +117,19 @@ class IssueIndexSecurityCategoriesTest extends IssueIndexTestCommon { assertThatSearchReturnsEmpty(queryPciDss40("6", "7", "8", "9", "10", "11", "12")); } - @Test - void searchMixedPciDssCategories() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void searchMixedPciDssCategories(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setPciDss40(asList("1.2.0", "3.4.5")).setPciDss32(List.of("2.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project).setPciDss40(asList("1.2.0", "3.4.5")).setPciDss32(List.of("2.1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project).setPciDss40(asList("3.3.2", "2.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project).setPciDss40(asList("3.3.2", "2.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("openvul3", project).setPciDss32(asList("4.1", "5.4")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul3", project).setPciDss32(asList("4.1", "5.4")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, + HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR) ); diff --git a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexSecurityReportsTest.java b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexSecurityReportsTest.java index 3bdc73cf4d5..18a69fb0974 100644 --- a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexSecurityReportsTest.java +++ b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexSecurityReportsTest.java @@ -22,10 +22,13 @@ package org.sonar.server.issue.index; import java.util.ArrayList; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.OptionalInt; import java.util.stream.Collectors; import org.jetbrains.annotations.NotNull; import org.junit.jupiter.api.Test; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.ValueSource; import org.sonar.api.issue.Issue; import org.sonar.api.rule.Severity; import org.sonar.api.rules.RuleType; @@ -40,30 +43,43 @@ import static java.util.Comparator.comparing; import static java.util.stream.Collectors.toList; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.tuple; +import static org.mockito.Mockito.doReturn; +import static org.sonar.api.issue.impact.Severity.BLOCKER; +import static org.sonar.api.issue.impact.Severity.HIGH; +import static org.sonar.api.issue.impact.Severity.LOW; +import static org.sonar.api.issue.impact.Severity.MEDIUM; +import static org.sonar.api.issue.impact.SoftwareQuality.MAINTAINABILITY; +import static org.sonar.api.issue.impact.SoftwareQuality.SECURITY; import static org.sonar.api.server.rule.RulesDefinition.OwaspAsvsVersion; -import static org.sonar.api.server.rule.RulesDefinition.PciDssVersion; import static org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version.Y2017; import static org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version.Y2021; +import static org.sonar.api.server.rule.RulesDefinition.PciDssVersion; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_ENABLED; import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; import static org.sonar.server.issue.IssueDocTesting.newDocForProject; -import static org.sonar.server.security.SecurityStandards.UNKNOWN_STANDARD; import static org.sonar.server.security.SecurityStandards.StigSupportedRequirement.V222391; import static org.sonar.server.security.SecurityStandards.StigSupportedRequirement.V222397; +import static org.sonar.server.security.SecurityStandards.UNKNOWN_STANDARD; class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { - @Test - void getOwaspTop10Report_dont_count_vulnerabilities_from_other_projects() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getOwaspTop10Report_dont_count_vulnerabilities_from_other_projects(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); ComponentDto another = newPrivateProjectDto(); - IssueDoc openVulDoc = newDocForProject("openvul1", project).setOwaspTop10(singletonList("a1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + IssueDoc openVulDoc = + newDocForProject("openvul1", project).setOwaspTop10(singletonList("a1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY + , MEDIUM, MAINTAINABILITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR); - openVulDoc.setOwaspTop10For2021(singletonList("a2")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.MAJOR); + openVulDoc.setOwaspTop10For2021(singletonList("a2")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.MAJOR); - IssueDoc otherProjectDoc = newDocForProject("anotherProject", another).setOwaspTop10(singletonList("a1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + IssueDoc otherProjectDoc = + newDocForProject("anotherProject", another).setOwaspTop10(singletonList("a1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.CRITICAL); - otherProjectDoc.setOwaspTop10For2021(singletonList("a2")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.CRITICAL); + otherProjectDoc.setOwaspTop10For2021(singletonList("a2")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.CRITICAL); indexIssues(openVulDoc, otherProjectDoc); @@ -83,15 +99,19 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { } - @Test - void getOwaspTop10Report_dont_count_closed_vulnerabilities() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getOwaspTop10Report_dont_count_closed_vulnerabilities(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setOwaspTop10(List.of("a1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.MAJOR), - newDocForProject("openvul12021", project).setOwaspTop10For2021(List.of("a2")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.MAJOR), - newDocForProject("notopenvul", project).setOwaspTop10(List.of("a1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_CLOSED).setResolution(Issue.RESOLUTION_FIXED) + newDocForProject("openvul1", project).setOwaspTop10(List.of("a1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, + MEDIUM)).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.MAJOR), + newDocForProject("openvul12021", project).setOwaspTop10For2021(List.of("a2")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.MAJOR), + newDocForProject("notopenvul", project).setOwaspTop10(List.of("a1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, + HIGH)).setStatus(Issue.STATUS_CLOSED).setResolution(Issue.RESOLUTION_FIXED) .setSeverity(Severity.BLOCKER), - newDocForProject("notopenvul2021", project).setOwaspTop10For2021(List.of("a2")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_CLOSED) + newDocForProject("notopenvul2021", project).setOwaspTop10For2021(List.of("a2")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_CLOSED) .setResolution(Issue.RESOLUTION_FIXED) .setSeverity(Severity.BLOCKER)); @@ -180,7 +200,46 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { } @Test - void getOwaspTop10Report_aggregation_no_cwe() { + void getOwaspTop10Report_counts_issues_based_on_mode() { + ComponentDto project = newPrivateProjectDto(); + indexIssues( + //Should not be counted in MQR mode as there is no security impact + newDocForProject("openvul1", project).setOwaspTop10(List.of("a1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.MAJOR), + //Should not be counted in Standard mode as this is not a Vulnerability type + newDocForProject("openvul12021", project).setOwaspTop10(List.of("a2")).setType(RuleType.CODE_SMELL).setImpacts(Map.of(SECURITY, + MEDIUM)).setStatus(Issue.STATUS_OPEN).setSeverity(Severity.MAJOR), + //Ensure each mode is taking in account the correct severity + newDocForProject("openvul7", project).setOwaspTop10(List.of("a5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN).setImpacts(Map.of(SECURITY, + BLOCKER)).setSeverity(Severity.INFO), + //Hotspots should be counted in both modes + newDocForProject("openhotspot1", project).setOwaspTop10(List.of("a3")).setType(RuleType.SECURITY_HOTSPOT).setStatus(Issue.STATUS_TO_REVIEW) + ); + + doReturn(Optional.of(true)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); + List owaspTop10Report = underTest.getOwaspTop10Report(project.uuid(), false, false, Y2017); + assertThat(owaspTop10Report) + .extracting(SecurityStandardCategoryStatistics::getCategory, SecurityStandardCategoryStatistics::getVulnerabilities, + SecurityStandardCategoryStatistics::getVulnerabilityRating, SecurityStandardCategoryStatistics::getToReviewSecurityHotspots) + .contains( + tuple("a2", 1L, OptionalInt.of(3)/* MAJOR = C */, 0L), + tuple("a5", 1L, OptionalInt.of(5)/* BLOCKER = E */, 0L), + tuple("a3", 0L, OptionalInt.empty(), 1L)); + + doReturn(Optional.of(false)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); + owaspTop10Report = underTest.getOwaspTop10Report(project.uuid(), false, false, Y2017); + assertThat(owaspTop10Report) + .extracting(SecurityStandardCategoryStatistics::getCategory, SecurityStandardCategoryStatistics::getVulnerabilities, + SecurityStandardCategoryStatistics::getVulnerabilityRating, SecurityStandardCategoryStatistics::getToReviewSecurityHotspots) + .contains( + tuple("a1", 1L, OptionalInt.of(3)/* MAJOR = C */, 0L), + tuple("a5", 1L, OptionalInt.of(1)/* INFO = A */, 0L), + tuple("a3", 0L, OptionalInt.empty(), 1L)); + } + + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getOwaspTop10Report_aggregation_no_cwe(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); List owaspTop10Report = indexIssuesAndAssertOwaspReport(false); assertThat(owaspTop10Report) @@ -188,8 +247,10 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { .allMatch(category -> category.getChildren().isEmpty()); } - @Test - void getPciDss32Report_aggregation() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getPciDss32Report_aggregation(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); List pciDss32Report = indexIssuesAndAssertPciDss32Report(); assertThat(pciDss32Report) @@ -232,8 +293,10 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { assertThat(owaspAsvsReport.get(13).getChildren()).isEmpty(); } - @Test - void getOwaspAsvs40ReportGroupedByLevel_aggregation() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getOwaspAsvs40ReportGroupedByLevel_aggregation(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); List owaspAsvsReportGroupedByLevel = indexIssuesAndAssertOwaspAsvsReportGroupedByLevel(); assertThat(owaspAsvsReportGroupedByLevel) @@ -244,8 +307,10 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { assertThat(owaspAsvsReportGroupedByLevel.get(2).getChildren()).hasSize(11); } - @Test - void getOwaspTop10Report_aggregation_with_cwe() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getOwaspTop10Report_aggregation_with_cwe(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); List owaspTop10Report = indexIssuesAndAssertOwaspReport(true); Map> cweByOwasp = owaspTop10Report.stream() @@ -267,8 +332,10 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { tuple("unknown", 0L, OptionalInt.empty(), 1L /* openhotspot1 */, 0L, 5)); } - @Test - void getOwaspTop10For2021Report_aggregation_with_cwe() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getOwaspTop10For2021Report_aggregation_with_cwe(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); List owaspTop10Report = indexIssuesAndAssertOwasp2021Report(true); Map> cweByOwasp = owaspTop10Report.stream() @@ -293,11 +360,11 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { private List indexIssuesAndAssertOwaspReport(boolean includeCwe) { ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setOwaspTop10(asList("a1", "a3")).setCwe(asList("123", "456")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project).setOwaspTop10(asList("a1", "a3")).setCwe(asList("123", "456")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project).setOwaspTop10(asList("a3", "a6")).setCwe(List.of("123")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project).setOwaspTop10(asList("a3", "a6")).setCwe(List.of("123")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("notowaspvul", project).setOwaspTop10(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("notowaspvul", project).setOwaspTop10(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.CRITICAL), newDocForProject("toreviewhotspot1", project).setOwaspTop10(asList("a1", "a3")).setCwe(singletonList(UNKNOWN_STANDARD)).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), @@ -328,13 +395,13 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { private List indexIssuesAndAssertPciDss32Report() { ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project).setPciDss32(asList("3.3.2", "6.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project).setPciDss32(asList("3.3.2", "6.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("openvul3", project).setPciDss32(asList("10.1.2", "6.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul3", project).setPciDss32(asList("10.1.2", "6.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("notpcidssvul", project).setPciDss32(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("notpcidssvul", project).setPciDss32(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.CRITICAL), newDocForProject("toreviewhotspot1", project).setPciDss32(asList("1.3.0", "3.3.2")).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), @@ -426,13 +493,13 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { private ComponentDto getProjectWithOwaspAsvsIssuesIndexed() { ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setOwaspAsvs40(asList("2.4.1", "3.2.4")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project).setOwaspAsvs40(asList("2.4.1", "3.2.4")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project).setOwaspAsvs40(asList("3.4.5", "6.2.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project).setOwaspAsvs40(asList("3.4.5", "6.2.1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("openvul3", project).setOwaspAsvs40(asList("10.2.4", "6.2.8")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul3", project).setOwaspAsvs40(asList("10.2.4", "6.2.8")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("notowaspasvsvul", project).setOwaspAsvs40(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("notowaspasvsvul", project).setOwaspAsvs40(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.CRITICAL), newDocForProject("toreviewhotspot1", project).setOwaspAsvs40(asList("2.2.5", "3.2.4")).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), @@ -446,11 +513,11 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { private List indexIssuesAndAssertOwasp2021Report(boolean includeCwe) { ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul1", project).setOwaspTop10For2021(asList("a1", "a3")).setCwe(asList("123", "456")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project).setOwaspTop10For2021(asList("a1", "a3")).setCwe(asList("123", "456")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project).setOwaspTop10For2021(asList("a3", "a6")).setCwe(List.of("123")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project).setOwaspTop10For2021(asList("a3", "a6")).setCwe(List.of("123")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("notowaspvul", project).setOwaspTop10For2021(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("notowaspvul", project).setOwaspTop10For2021(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.CRITICAL), newDocForProject("toreviewhotspot1", project).setOwaspTop10For2021(asList("a1", "a3")).setCwe(singletonList(UNKNOWN_STANDARD)).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), @@ -478,21 +545,23 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { return owaspTop10Report; } - @Test - void getPciDssReport_aggregation_on_portfolio() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getPciDssReport_aggregation_on_portfolio(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto portfolio1 = db.components().insertPrivateApplication().getMainBranchComponent(); ComponentDto portfolio2 = db.components().insertPrivateApplication().getMainBranchComponent(); ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); indexIssues( - newDocForProject("openvul1", project1).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project1).setPciDss32(asList("1.2.0", "3.4.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project2).setPciDss32(asList("3.3.2", "6.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project2).setPciDss32(asList("3.3.2", "6.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("openvul3", project1).setPciDss32(asList("10.1.2", "6.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul3", project1).setPciDss32(asList("10.1.2", "6.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("notpcidssvul", project1).setPciDss32(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("notpcidssvul", project1).setPciDss32(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.CRITICAL), newDocForProject("toreviewhotspot1", project2).setPciDss32(asList("1.3.0", "3.3.2")).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), @@ -526,21 +595,23 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { tuple("12", 0L, OptionalInt.empty(), 0L, 0L, 1)); } - @Test - void getOwaspAsvsReport_aggregation_on_portfolio() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getOwaspAsvsReport_aggregation_on_portfolio(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto portfolio1 = db.components().insertPrivateApplication().getMainBranchComponent(); ComponentDto portfolio2 = db.components().insertPrivateApplication().getMainBranchComponent(); ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); indexIssues( - newDocForProject("openvul1", project1).setOwaspAsvs40(asList("2.1.1", "3.4.5")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project1).setOwaspAsvs40(asList("2.1.1", "3.4.5")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project2).setOwaspAsvs40(asList("3.3.2", "6.2.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project2).setOwaspAsvs40(asList("3.3.2", "6.2.1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("openvul3", project1).setOwaspAsvs40(asList("10.3.2", "6.2.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul3", project1).setOwaspAsvs40(asList("10.3.2", "6.2.1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, LOW)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("notowaspasvsvul", project1).setOwaspAsvs40(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("notowaspasvsvul", project1).setOwaspAsvs40(singletonList(UNKNOWN_STANDARD)).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.CRITICAL), newDocForProject("toreviewhotspot1", project2).setOwaspAsvs40(asList("2.1.3", "3.3.2")).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), @@ -576,20 +647,22 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { tuple("14", 0L, OptionalInt.empty(), 0L, 0L, 1)); } - @Test - void getCWETop25Report_aggregation() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getCWETop25Report_aggregation(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul", project).setCwe(List.of("119")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul", project).setCwe(List.of("119")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("notopenvul", project).setCwe(List.of("119")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_CLOSED) + newDocForProject("notopenvul", project).setCwe(List.of("119")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_CLOSED) .setResolution(Issue.RESOLUTION_FIXED) .setSeverity(Severity.BLOCKER), newDocForProject("toreviewhotspot", project).setCwe(List.of("89")).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), - newDocForProject("only2020", project).setCwe(List.of("862")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("only2020", project).setCwe(List.of("862")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("unknown", project).setCwe(List.of("999")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("unknown", project).setCwe(List.of("999")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR)); List cweTop25Reports = underTest.getCweTop25Reports(project.uuid(), false); @@ -656,22 +729,24 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { assertThat(findRuleInCweByYear(cwe2023, "999")).isNull(); } - @Test - void getCWETop25Report_aggregation_on_portfolio() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getCWETop25Report_aggregation_on_portfolio(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto application = db.components().insertPrivateApplication().getMainBranchComponent(); ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); indexIssues( - newDocForProject("openvul1", project1).setCwe(List.of("119")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project1).setCwe(List.of("119")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project2).setCwe(List.of("119")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project2).setCwe(List.of("119")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), newDocForProject("toreviewhotspot", project1).setCwe(List.of("89")).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), - newDocForProject("only2020", project2).setCwe(List.of("862")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("only2020", project2).setCwe(List.of("862")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), - newDocForProject("unknown", project2).setCwe(List.of("999")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("unknown", project2).setCwe(List.of("999")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR)); indexView(application.uuid(), asList(project1.uuid(), project2.uuid())); @@ -740,21 +815,23 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { assertThat(findRuleInCweByYear(cwe2023, "999")).isNull(); } - @Test - void getStigAsdV5R3_whenRequestingReportOnApplication_ShouldAggregateBasedOnStigReportRequirement() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getStigAsdV5R3_whenRequestingReportOnApplication_ShouldAggregateBasedOnStigReportRequirement(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto application = db.components().insertPrivateApplication().getMainBranchComponent(); ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); indexIssues( - newDocForProject("openvul1", project1).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project1).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project2).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project2).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), newDocForProject("toreviewhotspot", project1).setStigAsdV5R3(List.of(V222397.getRequirement())).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), - newDocForProject("unknown", project2).setStigAsdV5R3(List.of("V-999999")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("unknown", project2).setStigAsdV5R3(List.of("V-999999")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR)); indexView(application.uuid(), asList(project1.uuid(), project2.uuid())); @@ -775,15 +852,17 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { }); } - @Test - void getStigAsdV5R3_whenRequestingReportOnProject_ShouldAggregateBasedOnStigRequirement() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getStigAsdV5R3_whenRequestingReportOnProject_ShouldAggregateBasedOnStigRequirement(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto branch = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul", branch).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) - .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", branch).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul", branch).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, BLOCKER)).setStatus(Issue.STATUS_OPEN) + .setSeverity(Severity.BLOCKER), + newDocForProject("openvul2", branch).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("notopenvul", branch).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_CLOSED) + newDocForProject("notopenvul", branch).setStigAsdV5R3(List.of(V222391.getRequirement())).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_CLOSED) .setResolution(Issue.RESOLUTION_FIXED) .setSeverity(Severity.BLOCKER), newDocForProject("toreviewhotspot", branch).setStigAsdV5R3(List.of(V222397.getRequirement())).setType(RuleType.SECURITY_HOTSPOT) @@ -799,7 +878,7 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { assertThat(stat.getVulnerabilities()).isEqualTo(2); assertThat(stat.getToReviewSecurityHotspots()).isZero(); assertThat(stat.getReviewedSecurityHotspots()).isZero(); - assertThat(stat.getVulnerabilityRating()).as("MAJOR = C").isEqualTo(OptionalInt.of(3)); + assertThat(stat.getVulnerabilityRating()).as("BLOCKER = E").isEqualTo(OptionalInt.of(5)); }) .hasEntrySatisfying(V222397.getRequirement(), stat -> { assertThat(stat.getVulnerabilities()).isZero(); @@ -809,15 +888,17 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { }); } - @Test - void getCasa_whenRequestingReportOnProject_ShouldAggregateBasedOnCasaReportRequirement() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getCasa_whenRequestingReportOnProject_ShouldAggregateBasedOnCasaReportRequirement(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto branch = newPrivateProjectDto(); indexIssues( - newDocForProject("openvul", branch).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul", branch).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", branch).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul2", branch).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, MEDIUM)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("notopenvul", branch).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_CLOSED) + newDocForProject("notopenvul", branch).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_CLOSED) .setResolution(Issue.RESOLUTION_FIXED) .setSeverity(Severity.BLOCKER), newDocForProject("toreviewhotspot", branch).setCasa(List.of("2.7.6")).setType(RuleType.SECURITY_HOTSPOT) @@ -850,21 +931,23 @@ class IssueIndexSecurityReportsTest extends IssueIndexTestCommon { }); } - @Test - void getCasa_whenRequestingReportOnApplication_ShouldAggregateBasedOnCasaReportRequirement() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void getCasa_whenRequestingReportOnApplication_ShouldAggregateBasedOnCasaReportRequirement(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto application = db.components().insertPrivateApplication().getMainBranchComponent(); ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); indexIssues( - newDocForProject("openvul1", project1).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_OPEN) + newDocForProject("openvul1", project1).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_OPEN) .setSeverity(Severity.MAJOR), - newDocForProject("openvul2", project2).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("openvul2", project2).setCasa(List.of("2.6.1")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR), newDocForProject("toreviewhotspot", project1).setCasa(List.of("2.6.1")).setType(RuleType.SECURITY_HOTSPOT) .setStatus(Issue.STATUS_TO_REVIEW), - newDocForProject("unknown", project2).setCasa(List.of("2.7.6")).setType(RuleType.VULNERABILITY).setStatus(Issue.STATUS_REOPENED) + newDocForProject("unknown", project2).setCasa(List.of("2.7.6")).setType(RuleType.VULNERABILITY).setImpacts(Map.of(SECURITY, HIGH)).setStatus(Issue.STATUS_REOPENED) .setSeverity(Severity.MINOR)); indexView(application.uuid(), asList(project1.uuid(), project2.uuid())); diff --git a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexTestCommon.java b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexTestCommon.java index 25a893b6f66..10c57842563 100644 --- a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexTestCommon.java +++ b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueIndexTestCommon.java @@ -23,6 +23,7 @@ import java.util.Arrays; import java.util.List; import org.elasticsearch.search.SearchHit; import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.impl.utils.TestSystem2; import org.sonar.api.utils.System2; import org.sonar.db.DbTester; @@ -53,13 +54,16 @@ public class IssueIndexTestCommon { @RegisterExtension public DbTester db = DbTester.create(system2); + final Configuration config = mock(Configuration.class); + private final AsyncIssueIndexing asyncIssueIndexing = mock(AsyncIssueIndexing.class); protected final IssueIndexer issueIndexer = new IssueIndexer(es.client(), db.getDbClient(), new IssueIteratorFactory(db.getDbClient()), asyncIssueIndexing); protected final RuleIndexer ruleIndexer = new RuleIndexer(es.client(), db.getDbClient()); protected final PermissionIndexerTester authorizationIndexer = new PermissionIndexerTester(es, issueIndexer); protected final ViewIndexer viewIndexer = new ViewIndexer(db.getDbClient(), es.client()); - protected final IssueIndex underTest = new IssueIndex(es.client(), system2, userSessionRule, new WebAuthorizationTypeSupport(userSessionRule)); + protected final IssueIndex underTest = new IssueIndex(es.client(), system2, userSessionRule, + new WebAuthorizationTypeSupport(userSessionRule), config); /** * Execute the search request and return the document ids of results. diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionIT.java index 61512fd0dac..9284fd66bc8 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionIT.java @@ -24,8 +24,9 @@ import java.util.Date; import java.util.Random; import java.util.stream.IntStream; import java.util.stream.Stream; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.platform.Server; import org.sonar.api.rules.RuleType; import org.sonar.api.server.ws.WebService; @@ -69,28 +70,29 @@ import static org.sonar.server.developers.ws.SearchEventsAction.PARAM_FROM; import static org.sonar.server.developers.ws.SearchEventsAction.PARAM_PROJECTS; import static org.sonar.test.JsonAssert.assertJson; -public class SearchEventsActionIT { +class SearchEventsActionIT { private static final RuleType[] RULE_TYPES_EXCEPT_HOTSPOT = Stream.of(RuleType.values()) .filter(r -> r != RuleType.SECURITY_HOTSPOT) .toArray(RuleType[]::new); - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); - @Rule - public UserSessionRule userSession = UserSessionRule.standalone().logIn(); - private Server server = mock(Server.class); - private IssueIndex issueIndex = new IssueIndex(es.client(), null, null, null); - private IssueIndexSyncProgressChecker issueIndexSyncProgressChecker = mock(IssueIndexSyncProgressChecker.class); - private IssueIndexer issueIndexer = new IssueIndexer(es.client(), db.getDbClient(), new IssueIteratorFactory(db.getDbClient()), null); - private WsActionTester ws = new WsActionTester(new SearchEventsAction(db.getDbClient(), userSession, server, issueIndex, + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = UserSessionRule.standalone().logIn(); + private final Server server = mock(Server.class); + private final Configuration config = mock(Configuration.class); + private final IssueIndex issueIndex = new IssueIndex(es.client(), null, null, null, config); + private final IssueIndexSyncProgressChecker issueIndexSyncProgressChecker = mock(IssueIndexSyncProgressChecker.class); + private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), db.getDbClient(), new IssueIteratorFactory(db.getDbClient()), null); + private final WsActionTester ws = new WsActionTester(new SearchEventsAction(db.getDbClient(), userSession, server, issueIndex, issueIndexSyncProgressChecker)); private final Random random = new SecureRandom(); @Test - public void definition() { + void definition() { WebService.Action definition = ws.getDef(); assertThat(definition.key()).isEqualTo("search_events"); @@ -108,7 +110,7 @@ public class SearchEventsActionIT { } @Test - public void json_example() { + void json_example() { ProjectData projectData = db.components().insertPrivateProject(p -> p.setName("My Project").setKey(KeyExamples.KEY_PROJECT_EXAMPLE_001)); ComponentDto mainBranch = projectData.getMainBranchComponent(); userSession.addProjectPermission(USER, projectData.getProjectDto()); @@ -127,7 +129,7 @@ public class SearchEventsActionIT { } @Test - public void events() { + void events() { when(server.getPublicRootUrl()).thenReturn("https://sonarcloud.io"); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -159,7 +161,7 @@ public class SearchEventsActionIT { } @Test - public void does_not_return_old_events() { + void does_not_return_old_events() { ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); userSession.addProjectPermission(USER, projectData.getProjectDto()); @@ -184,7 +186,7 @@ public class SearchEventsActionIT { } @Test - public void empty_response_for_empty_list_of_projects() { + void empty_response_for_empty_list_of_projects() { SearchEventsWsResponse result = ws.newRequest() .setParam(PARAM_PROJECTS, "") .setParam(PARAM_FROM, "") @@ -194,7 +196,7 @@ public class SearchEventsActionIT { } @Test - public void does_not_return_events_of_project_for_which_the_current_user_has_no_browse_permission() { + void does_not_return_events_of_project_for_which_the_current_user_has_no_browse_permission() { ProjectData projectData1 = db.components().insertPrivateProject(); ComponentDto mainBranch1 = projectData1.getMainBranchComponent(); userSession.addProjectPermission(UserRole.CODEVIEWER, projectData1.getProjectDto()); @@ -226,7 +228,7 @@ public class SearchEventsActionIT { } @Test - public void empty_response_if_project_key_is_unknown() { + void empty_response_if_project_key_is_unknown() { long from = 1_500_000_000_000L; SearchEventsWsResponse result = ws.newRequest() .setParam(PARAM_PROJECTS, "unknown") @@ -237,7 +239,7 @@ public class SearchEventsActionIT { } @Test - public void fail_when_not_loggued() { + void fail_when_not_loggued() { userSession.anonymous(); ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); @@ -251,7 +253,7 @@ public class SearchEventsActionIT { } @Test - public void fail_if_date_format_is_not_valid() { + void fail_if_date_format_is_not_valid() { assertThatThrownBy(() -> { ws.newRequest() .setParam(PARAM_PROJECTS, "foo") diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionNewIssuesIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionNewIssuesIT.java index 57d63155358..bc95a93a560 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionNewIssuesIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionNewIssuesIT.java @@ -25,8 +25,9 @@ import java.security.SecureRandom; import java.util.Date; import java.util.Random; import java.util.stream.Stream; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.platform.Server; import org.sonar.api.rules.RuleType; import org.sonar.db.DbTester; @@ -61,30 +62,31 @@ import static org.sonar.db.component.BranchType.BRANCH; import static org.sonar.server.developers.ws.SearchEventsAction.PARAM_FROM; import static org.sonar.server.developers.ws.SearchEventsAction.PARAM_PROJECTS; -public class SearchEventsActionNewIssuesIT { +class SearchEventsActionNewIssuesIT { private static final RuleType[] RULE_TYPES_EXCEPT_HOTSPOT = Stream.of(RuleType.values()) .filter(r -> r != RuleType.SECURITY_HOTSPOT) .toArray(RuleType[]::new); - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); - @Rule - public UserSessionRule userSession = UserSessionRule.standalone(); - - private Server server = mock(Server.class); - - private IssueIndex issueIndex = new IssueIndex(es.client(), null, null, null); - private IssueIndexer issueIndexer = new IssueIndexer(es.client(), db.getDbClient(), new IssueIteratorFactory(db.getDbClient()), null); - private IssueIndexSyncProgressChecker issueIndexSyncProgressChecker = mock(IssueIndexSyncProgressChecker.class); - private WsActionTester ws = new WsActionTester(new SearchEventsAction(db.getDbClient(), userSession, server, issueIndex, + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = UserSessionRule.standalone(); + + private final Server server = mock(Server.class); + private final Configuration config = mock(Configuration.class); + private final IssueIndex issueIndex = new IssueIndex(es.client(), null, null, null, config); + private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), db.getDbClient(), new IssueIteratorFactory(db.getDbClient()), + null); + private final IssueIndexSyncProgressChecker issueIndexSyncProgressChecker = mock(IssueIndexSyncProgressChecker.class); + private final WsActionTester ws = new WsActionTester(new SearchEventsAction(db.getDbClient(), userSession, server, issueIndex, issueIndexSyncProgressChecker)); private final Random random = new SecureRandom(); @Test - public void issue_event() { + void issue_event() { userSession.logIn(); when(server.getPublicRootUrl()).thenReturn("https://sonarcloud.io"); ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); @@ -112,7 +114,7 @@ public class SearchEventsActionNewIssuesIT { } @Test - public void many_issues_events() { + void many_issues_events() { userSession.logIn(); long from = 1_500_000_000_000L; ProjectData projectData = db.components().insertPrivateProject(p -> p.setName("SonarQube")); @@ -135,7 +137,7 @@ public class SearchEventsActionNewIssuesIT { } @Test - public void does_not_return_old_issue() { + void does_not_return_old_issue() { userSession.logIn(); ProjectData project = db.components().insertPrivateProject(); userSession.addProjectPermission(USER, project.getProjectDto()); @@ -153,7 +155,7 @@ public class SearchEventsActionNewIssuesIT { } @Test - public void return_link_to_issue_search_for_new_issues_event() { + void return_link_to_issue_search_for_new_issues_event() { userSession.logIn("my_login"); ComponentDto project = db.components().insertPrivateProject(p -> p.setKey("my_project")).getMainBranchComponent(); userSession.addProjectPermission(USER, db.components().getProjectDtoByMainBranch(project)); @@ -172,7 +174,7 @@ public class SearchEventsActionNewIssuesIT { } @Test - public void branch_issues_events() { + void branch_issues_events() { userSession.logIn().setSystemAdministrator(); when(server.getPublicRootUrl()).thenReturn("https://sonarcloud.io"); ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); @@ -208,7 +210,7 @@ public class SearchEventsActionNewIssuesIT { } @Test - public void pull_request_issues_events() { + void pull_request_issues_events() { userSession.logIn().setSystemAdministrator(); when(server.getPublicRootUrl()).thenReturn("https://sonarcloud.io"); ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); @@ -245,7 +247,7 @@ public class SearchEventsActionNewIssuesIT { } @Test - public void encode_link() { + void encode_link() { userSession.logIn("rågnar").setSystemAdministrator(); long from = 1_500_000_000_000L; ComponentDto project = db.components().insertPrivateProject(p -> p.setKey("M&M's")).getMainBranchComponent(); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionQualityGateIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionQualityGateIT.java index 9a256d6c399..da45b5739c2 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionQualityGateIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/developers/ws/SearchEventsActionQualityGateIT.java @@ -19,8 +19,9 @@ */ package org.sonar.server.developers.ws; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.platform.Server; import org.sonar.db.DbTester; import org.sonar.db.ce.CeActivityDto; @@ -53,25 +54,26 @@ import static org.sonar.db.event.EventTesting.newEvent; import static org.sonar.server.developers.ws.SearchEventsAction.PARAM_FROM; import static org.sonar.server.developers.ws.SearchEventsAction.PARAM_PROJECTS; -public class SearchEventsActionQualityGateIT { - - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); - @Rule - public UserSessionRule userSession = UserSessionRule.standalone().logIn(); +class SearchEventsActionQualityGateIT { + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = UserSessionRule.standalone().logIn(); + private static final long ANY_TIMESTAMP = 1666666666L; + private final Configuration config = mock(Configuration.class); private final Server server = mock(Server.class); - private final IssueIndex issueIndex = new IssueIndex(es.client(), null, userSession, null); + private final IssueIndex issueIndex = new IssueIndex(es.client(), null, userSession, null, config); private final IssueIndexSyncProgressChecker issueIndexSyncProgressChecker = mock(IssueIndexSyncProgressChecker.class); private final WsActionTester ws = new WsActionTester(new SearchEventsAction(db.getDbClient(), userSession, server, issueIndex, issueIndexSyncProgressChecker)); @Test - public void quality_gate_events() { + void quality_gate_events() { when(server.getPublicRootUrl()).thenReturn("https://sonarcloud.io"); ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); userSession.addProjectPermission(USER, db.components().getProjectDtoByMainBranch(project)); @@ -95,7 +97,7 @@ public class SearchEventsActionQualityGateIT { } @Test - public void branch_quality_gate_events() { + void branch_quality_gate_events() { when(server.getPublicRootUrl()).thenReturn("https://sonarcloud.io"); ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); userSession.addProjectPermission(USER, db.components().getProjectDtoByMainBranch(project)); @@ -121,7 +123,7 @@ public class SearchEventsActionQualityGateIT { } @Test - public void does_not_return_quality_gate_events_on_pull_request() { + void does_not_return_quality_gate_events_on_pull_request() { userSession.logIn().setSystemAdministrator(); when(server.getPublicRootUrl()).thenReturn("https://sonarcloud.io"); ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); @@ -139,7 +141,7 @@ public class SearchEventsActionQualityGateIT { } @Test - public void return_only_latest_quality_gate_event() { + void return_only_latest_quality_gate_event() { ComponentDto project = db.components().insertPrivateProject(p -> p.setName("My Project")).getMainBranchComponent(); userSession.addProjectPermission(USER, db.components().getProjectDtoByMainBranch(project)); SnapshotDto a1 = insertSuccessfulActivity(project, 1_500_000_000_000L); @@ -157,7 +159,7 @@ public class SearchEventsActionQualityGateIT { } @Test - public void return_link_to_dashboard_for_quality_gate_event() { + void return_link_to_dashboard_for_quality_gate_event() { ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); userSession.addProjectPermission(USER, db.components().getProjectDtoByMainBranch(project)); SnapshotDto analysis = insertSuccessfulActivity(project, 1_500_000_000_000L); @@ -174,7 +176,7 @@ public class SearchEventsActionQualityGateIT { } @Test - public void encode_link() { + void encode_link() { ComponentDto project = db.components().insertPrivateProject(p -> p.setKey("M&M's")).getMainBranchComponent(); userSession.addProjectPermission(USER, db.components().getProjectDtoByMainBranch(project)); SnapshotDto analysis = insertSuccessfulActivity(project, 1_500_000_000_000L); @@ -191,7 +193,7 @@ public class SearchEventsActionQualityGateIT { } @Test - public void filter_quality_gate_event() { + void filter_quality_gate_event() { ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); userSession.addProjectPermission(USER, db.components().getProjectDtoByMainBranch(project)); SnapshotDto analysis = insertSuccessfulActivity(project, 1_500_000_000_000L); @@ -209,7 +211,7 @@ public class SearchEventsActionQualityGateIT { } @Test - public void filter_by_from_date_inclusive() { + void filter_by_from_date_inclusive() { ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); userSession.addProjectPermission(USER, db.components().getProjectDtoByMainBranch(project1)); ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); @@ -237,7 +239,7 @@ public class SearchEventsActionQualityGateIT { } @Test - public void return_one_quality_gate_change_per_project() { + void return_one_quality_gate_change_per_project() { ComponentDto project1 = db.components().insertPrivateProject(p -> p.setName("p1")).getMainBranchComponent(); userSession.addProjectPermission(USER, db.components().getProjectDtoByMainBranch(project1)); ComponentDto project2 = db.components().insertPrivateProject(p -> p.setName("p2")).getMainBranchComponent(); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/hotspot/ws/SearchActionDependenciesIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/hotspot/ws/SearchActionDependenciesIT.java index 87b282c9e16..47563fe48d4 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/hotspot/ws/SearchActionDependenciesIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/hotspot/ws/SearchActionDependenciesIT.java @@ -23,6 +23,7 @@ import java.util.Arrays; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.impl.utils.TestSystem2; import org.sonar.api.utils.System2; import org.sonar.db.DbClient; @@ -63,10 +64,12 @@ class SearchActionDependenciesIT { private final DbTester db = DbTester.create(); @RegisterExtension private final EsTester es = EsTester.create(); + private final Configuration config = mock(Configuration.class); private final TestSystem2 system2 = new TestSystem2(); private final DbClient dbClient = db.getDbClient(); - private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, new WebAuthorizationTypeSupport(userSession)); + private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, + new WebAuthorizationTypeSupport(userSession), config); private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), dbClient, new IssueIteratorFactory(dbClient), mock(AsyncIssueIndexing.class)); private final PermissionIndexerTester permissionIndexer = new PermissionIndexerTester(es, issueIndexer); private final HotspotWsResponseFormatter responseFormatter = new HotspotWsResponseFormatter(new TextRangeResponseFormatter()); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/hotspot/ws/SearchActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/hotspot/ws/SearchActionIT.java index 4a739cad218..57a0ae3b1d8 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/hotspot/ws/SearchActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/hotspot/ws/SearchActionIT.java @@ -21,9 +21,6 @@ package org.sonar.server.hotspot.ws; import com.google.common.collect.Ordering; import com.google.common.collect.Sets; -import com.tngtech.java.junit.dataprovider.DataProvider; -import com.tngtech.java.junit.dataprovider.DataProviderRunner; -import com.tngtech.java.junit.dataprovider.UseDataProvider; import java.util.Arrays; import java.util.Collection; import java.util.Collections; @@ -38,9 +35,11 @@ import java.util.stream.Collectors; import java.util.stream.IntStream; import java.util.stream.Stream; import javax.annotation.Nullable; -import org.junit.Rule; -import org.junit.Test; -import org.junit.runner.RunWith; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.MethodSource; +import org.sonar.api.config.Configuration; import org.sonar.api.impl.utils.TestSystem2; import org.sonar.api.issue.Issue; import org.sonar.api.rule.RuleKey; @@ -116,9 +115,7 @@ import static org.sonar.db.newcodeperiod.NewCodePeriodType.REFERENCE_BRANCH; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_CASA; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_STIG_ASD_V5R3; -@SuppressWarnings("ALL") -@RunWith(DataProviderRunner.class) -public class SearchActionIT { +class SearchActionIT { private static final String PARAM_PROJECT = "project"; private static final String PARAM_STATUS = "status"; @@ -143,16 +140,18 @@ public class SearchActionIT { private static final int ONE_MINUTE = 60_000; private static final List RESOLUTION_TYPES = List.of(RESOLUTION_FIXED, RESOLUTION_SAFE, RESOLUTION_ACKNOWLEDGED); - @Rule - public DbTester dbTester = DbTester.create(System2.INSTANCE); - @Rule - public EsTester es = EsTester.create(); - @Rule - public UserSessionRule userSessionRule = UserSessionRule.standalone(); + @RegisterExtension + private final DbTester dbTester = DbTester.create(System2.INSTANCE); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSessionRule = UserSessionRule.standalone(); + private final Configuration config = mock(Configuration.class); private final TestSystem2 system2 = new TestSystem2(); private final DbClient dbClient = dbTester.getDbClient(); - private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSessionRule, new WebAuthorizationTypeSupport(userSessionRule)); + private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSessionRule, + new WebAuthorizationTypeSupport(userSessionRule), config); private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), dbClient, new IssueIteratorFactory(dbClient), mock(AsyncIssueIndexing.class)); private final ViewIndexer viewIndexer = new ViewIndexer(dbClient, es.client()); private final PermissionIndexer permissionIndexer = new PermissionIndexer(dbClient, es.client(), issueIndexer); @@ -164,7 +163,7 @@ public class SearchActionIT { private final WsActionTester actionTester = new WsActionTester(underTest); @Test - public void verify_ws_def() { + void verify_ws_def() { WebService.Param onlyMineParam = actionTester.getDef().param(PARAM_ONLY_MINE); WebService.Param pciDss32Param = actionTester.getDef().param(PARAM_PCI_DSS_32); WebService.Param pciDss40Param = actionTester.getDef().param(PARAM_PCI_DSS_40); @@ -202,7 +201,7 @@ public class SearchActionIT { } @Test - public void fails_with_IAE_if_parameters_project_and_hotspots_are_missing() { + void fails_with_IAE_if_parameters_project_and_hotspots_are_missing() { TestRequest request = actionTester.newRequest(); assertThatThrownBy(request::execute) @@ -211,7 +210,7 @@ public class SearchActionIT { } @Test - public void fail_with_IAE_if_parameter_branch_is_used_without_parameter_project() { + void fail_with_IAE_if_parameter_branch_is_used_without_parameter_project() { TestRequest request = actionTester.newRequest() .setParam(PARAM_HOTSPOTS, secure().nextAlphabetic(2)) .setParam(PARAM_BRANCH, secure().nextAlphabetic(1)); @@ -222,7 +221,7 @@ public class SearchActionIT { } @Test - public void fail_with_IAE_if_parameter_pullRequest_is_used_without_parameter_project() { + void fail_with_IAE_if_parameter_pullRequest_is_used_without_parameter_project() { TestRequest request = actionTester.newRequest() .setParam(PARAM_HOTSPOTS, secure().nextAlphabetic(2)) .setParam(PARAM_PULL_REQUEST, secure().nextAlphabetic(1)); @@ -233,7 +232,7 @@ public class SearchActionIT { } @Test - public void fail_with_IAE_if_both_parameters_pullRequest_and_branch_are_provided() { + void fail_with_IAE_if_both_parameters_pullRequest_and_branch_are_provided() { TestRequest request = actionTester.newRequest() .setParam(PARAM_PROJECT, secure().nextAlphabetic(2)) .setParam(PARAM_BRANCH, secure().nextAlphabetic(1)) @@ -244,9 +243,9 @@ public class SearchActionIT { .hasMessage("Only one of parameters 'branch' and 'pullRequest' can be provided"); } - @Test - @UseDataProvider("badStatuses") - public void fails_with_IAE_if_status_parameter_is_neither_TO_REVIEW_or_REVIEWED(String badStatus) { + @ParameterizedTest + @MethodSource("badStatuses") + void fails_with_IAE_if_status_parameter_is_neither_TO_REVIEW_or_REVIEWED(String badStatus) { TestRequest request = actionTester.newRequest() .setParam(PARAM_PROJECT, secure().nextAlphabetic(13)) .setParam(PARAM_STATUS, badStatus); @@ -256,8 +255,7 @@ public class SearchActionIT { .hasMessage("Value of parameter 'status' (" + badStatus + ") must be one of: [TO_REVIEW, REVIEWED]"); } - @DataProvider - public static Object[][] badStatuses() { + static Object[][] badStatuses() { return Stream.concat( Issue.STATUSES.stream(), Stream.of(secure().nextAlphabetic(3))) @@ -267,9 +265,9 @@ public class SearchActionIT { .toArray(Object[][]::new); } - @Test - @UseDataProvider("validStatusesAndResolutions") - public void fail_with_IAE_if_parameter_status_is_specified_with_hotspots_parameter(String status, @Nullable String notUsed) { + @ParameterizedTest + @MethodSource("validStatusesAndResolutions") + void fail_with_IAE_if_parameter_status_is_specified_with_hotspots_parameter(String status, @Nullable String notUsed) { TestRequest request = actionTester.newRequest() .setParam(PARAM_HOTSPOTS, secure().nextAlphabetic(12)) .setParam(PARAM_STATUS, status); @@ -279,9 +277,9 @@ public class SearchActionIT { .hasMessage("Parameter 'status' can't be used with parameter 'hotspots'"); } - @Test - @UseDataProvider("badResolutions") - public void fails_with_IAE_if_resolution_parameter_is_neither_FIXED_nor_SAFE(String badResolution) { + @ParameterizedTest + @MethodSource("badResolutions") + void fails_with_IAE_if_resolution_parameter_is_neither_FIXED_nor_SAFE(String badResolution) { TestRequest request = actionTester.newRequest() .setParam(PARAM_PROJECT, secure().nextAlphabetic(13)) .setParam(PARAM_STATUS, STATUS_TO_REVIEW) @@ -292,8 +290,7 @@ public class SearchActionIT { .hasMessage("Value of parameter 'resolution' (" + badResolution + ") must be one of: [FIXED, SAFE, ACKNOWLEDGED]"); } - @DataProvider - public static Object[][] badResolutions() { + static Object[][] badResolutions() { return Stream.of( Issue.RESOLUTIONS.stream(), Issue.SECURITY_HOTSPOT_RESOLUTIONS.stream(), @@ -304,9 +301,9 @@ public class SearchActionIT { .toArray(Object[][]::new); } - @Test - @UseDataProvider("fixedOrSafeResolution") - public void fails_with_IAE_if_resolution_is_provided_with_status_TO_REVIEW(String resolution) { + @ParameterizedTest + @MethodSource("fixedOrSafeResolution") + void fails_with_IAE_if_resolution_is_provided_with_status_TO_REVIEW(String resolution) { TestRequest request = actionTester.newRequest() .setParam(PARAM_PROJECT, secure().nextAlphabetic(13)) .setParam(PARAM_STATUS, STATUS_TO_REVIEW) @@ -317,9 +314,9 @@ public class SearchActionIT { .hasMessage("Value '" + resolution + "' of parameter 'resolution' can only be provided if value of parameter 'status' is 'REVIEWED'"); } - @Test - @UseDataProvider("fixedOrSafeResolution") - public void fails_with_IAE_if_resolution_is_provided_with_hotspots_parameter(String resolution) { + @ParameterizedTest + @MethodSource("fixedOrSafeResolution") + void fails_with_IAE_if_resolution_is_provided_with_hotspots_parameter(String resolution) { TestRequest request = actionTester.newRequest() .setParam(PARAM_HOTSPOTS, secure().nextAlphabetic(13)) .setParam(PARAM_RESOLUTION, resolution); @@ -329,8 +326,7 @@ public class SearchActionIT { .hasMessage("Parameter 'resolution' can't be used with parameter 'hotspots'"); } - @DataProvider - public static Object[][] fixedOrSafeResolution() { + static Object[][] fixedOrSafeResolution() { return new Object[][] { {RESOLUTION_SAFE}, {RESOLUTION_FIXED} @@ -338,7 +334,7 @@ public class SearchActionIT { } @Test - public void fails_with_NotFoundException_if_project_does_not_exist() { + void fails_with_NotFoundException_if_project_does_not_exist() { String key = secure().nextAlphabetic(12); TestRequest request = actionTester.newRequest() .setParam(PARAM_PROJECT, key); @@ -349,7 +345,7 @@ public class SearchActionIT { } @Test - public void fails_with_NotFoundException_if_project_is_neither_a_project_nor_an_application() { + void fails_with_NotFoundException_if_project_is_neither_a_project_nor_an_application() { ComponentDto project = dbTester.components().insertPrivateProject().getMainBranchComponent(); ComponentDto directory = dbTester.components().insertComponent(ComponentTesting.newDirectory(project, "foo")); ComponentDto file = dbTester.components().insertComponent(ComponentTesting.newFileDto(project)); @@ -366,7 +362,7 @@ public class SearchActionIT { } @Test - public void fails_with_ForbiddenException_if_project_is_private_and_not_allowed() { + void fails_with_ForbiddenException_if_project_is_private_and_not_allowed() { ProjectData projectData = dbTester.components().insertPrivateProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -379,7 +375,7 @@ public class SearchActionIT { } @Test - public void fails_with_ForbiddenException_if_application_is_private_and_not_allowed() { + void fails_with_ForbiddenException_if_application_is_private_and_not_allowed() { ProjectData projectData = dbTester.components().insertPrivateApplication(); ComponentDto application = projectData.getMainBranchComponent(); @@ -392,7 +388,7 @@ public class SearchActionIT { } @Test - public void succeeds_on_public_project() { + void succeeds_on_public_project() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -406,7 +402,7 @@ public class SearchActionIT { } @Test - public void succeeds_on_public_application() { + void succeeds_on_public_application() { ProjectData applicationData = dbTester.components().insertPublicApplication(); ComponentDto application = applicationData.getMainBranchComponent(); userSessionRule.registerApplication(applicationData.getProjectDto()); @@ -419,7 +415,7 @@ public class SearchActionIT { } @Test - public void succeeds_on_private_project_with_permission() { + void succeeds_on_private_project_with_permission() { ProjectData projectData = dbTester.components().insertPrivateProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -433,7 +429,7 @@ public class SearchActionIT { } @Test - public void succeeds_on_private_application_with_permission() { + void succeeds_on_private_application_with_permission() { ProjectData applicationData = dbTester.components().insertPrivateApplication(); ComponentDto application = applicationData.getMainBranchComponent(); userSessionRule.logIn().registerApplication(applicationData.getProjectDto()).addProjectPermission(USER, applicationData.getProjectDto()); @@ -445,7 +441,7 @@ public class SearchActionIT { } @Test - public void does_not_fail_if_rule_of_hotspot_does_not_exist_in_DB() { + void does_not_fail_if_rule_of_hotspot_does_not_exist_in_DB() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -474,7 +470,7 @@ public class SearchActionIT { } @Test - public void returns_no_hotspot_component_nor_rule_when_project_has_no_hotspot() { + void returns_no_hotspot_component_nor_rule_when_project_has_no_hotspot() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -496,7 +492,7 @@ public class SearchActionIT { } @Test - public void returns_hotspot_components_when_project_has_hotspots() { + void returns_hotspot_components_when_project_has_hotspots() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -530,7 +526,7 @@ public class SearchActionIT { } @Test - public void returns_single_component_when_all_hotspots_are_on_project() { + void returns_single_component_when_all_hotspots_are_on_project() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -556,7 +552,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_of_specified_project() { + void returns_hotspots_of_specified_project() { ProjectData projectData1 = dbTester.components().insertPublicProject(); ComponentDto project1 = projectData1.getMainBranchComponent(); ProjectData projectData2 = dbTester.components().insertPublicProject(); @@ -596,7 +592,7 @@ public class SearchActionIT { } @Test - public void returns_only_hotspots_to_review_or_reviewed_of_project() { + void returns_only_hotspots_to_review_or_reviewed_of_project() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -620,7 +616,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_of_specified_application() { + void returns_hotspots_of_specified_application() { ProjectData application1 = dbTester.components().insertPublicApplication(); ProjectData application2 = dbTester.components().insertPublicApplication(); ProjectData project1 = dbTester.components().insertPublicProject(); @@ -664,7 +660,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_of_specified_application_branch() { + void returns_hotspots_of_specified_application_branch() { ProjectData applicationData = dbTester.components().insertPublicApplication(); ComponentDto application = applicationData.getMainBranchComponent(); ComponentDto applicationBranch = dbTester.components().insertProjectBranch(application, b -> b.setKey("appBranch")); @@ -711,7 +707,7 @@ public class SearchActionIT { } @Test - public void returns_hotspot_of_branch_or_pullRequest() { + void returns_hotspot_of_branch_or_pullRequest() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -762,9 +758,9 @@ public class SearchActionIT { verify(issueIndexSyncProgressChecker, times(3)).checkIfComponentNeedIssueSync(any(), eq(project.getKey())); } - @Test - @UseDataProvider("onlyMineParamValues") - public void returns_hotspots_of_specified_project_assigned_to_current_user_if_only_mine_is_set(String onlyMineParameter, boolean shouldFilter) { + @ParameterizedTest + @MethodSource("onlyMineParamValues") + void returns_hotspots_of_specified_project_assigned_to_current_user_if_only_mine_is_set(String onlyMineParameter, boolean shouldFilter) { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project1 = projectData.getMainBranchComponent(); String assigneeUuid = this.userSessionRule.logIn().registerProjects(projectData.getProjectDto()).getUuid(); @@ -803,8 +799,7 @@ public class SearchActionIT { } } - @DataProvider - public static Object[][] onlyMineParamValues() { + static Object[][] onlyMineParamValues() { return new Object[][] { {"yes", true}, {"true", true}, @@ -814,7 +809,7 @@ public class SearchActionIT { } @Test - public void fail_if_hotspots_provided_with_onlyMine_param() { + void fail_if_hotspots_provided_with_onlyMine_param() { ProjectData projectData = dbTester.components().insertPrivateProject(); userSessionRule.registerProjects(projectData.getProjectDto()); @@ -829,7 +824,7 @@ public class SearchActionIT { } @Test - public void fail_if_user_not_authenticated_with_onlyMine_param() { + void fail_if_user_not_authenticated_with_onlyMine_param() { ComponentDto project = dbTester.components().insertPublicProject().getMainBranchComponent(); userSessionRule.anonymous(); @@ -843,7 +838,7 @@ public class SearchActionIT { } @Test - public void returns_hotpots_with_any_status_if_no_status_nor_resolution_parameter() { + void returns_hotpots_with_any_status_if_no_status_nor_resolution_parameter() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -863,7 +858,7 @@ public class SearchActionIT { } @Test - public void returns_hotpots_reviewed_as_safe_and_fixed_if_status_is_REVIEWED_and_resolution_is_not_set() { + void returns_hotpots_reviewed_as_safe_and_fixed_if_status_is_REVIEWED_and_resolution_is_not_set() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -884,7 +879,7 @@ public class SearchActionIT { } @Test - public void returns_hotpots_reviewed_as_safe_if_status_is_REVIEWED_and_resolution_is_SAFE() { + void returns_hotpots_reviewed_as_safe_if_status_is_REVIEWED_and_resolution_is_SAFE() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -905,7 +900,7 @@ public class SearchActionIT { } @Test - public void returns_hotpots_reviewed_as_fixed_if_status_is_REVIEWED_and_resolution_is_FIXED() { + void returns_hotpots_reviewed_as_fixed_if_status_is_REVIEWED_and_resolution_is_FIXED() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -926,7 +921,7 @@ public class SearchActionIT { } @Test - public void returns_only_unresolved_hotspots_when_status_is_TO_REVIEW() { + void returns_only_unresolved_hotspots_when_status_is_TO_REVIEW() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -971,9 +966,9 @@ public class SearchActionIT { return hotspots.stream(); } - @Test - @UseDataProvider("validStatusesAndResolutions") - public void returns_fields_of_hotspot(String status, @Nullable String resolution) { + @ParameterizedTest + @MethodSource("validStatusesAndResolutions") + void returns_fields_of_hotspot(String status, @Nullable String resolution) { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1013,8 +1008,7 @@ public class SearchActionIT { assertThat(actual.getUpdateDate()).isEqualTo(formatDateTime(hotspot.getIssueUpdateDate())); } - @DataProvider - public static Object[][] validStatusesAndResolutions() { + static Object[][] validStatusesAndResolutions() { return new Object[][] { {STATUS_TO_REVIEW, null}, {STATUS_REVIEWED, RESOLUTION_FIXED}, @@ -1022,9 +1016,9 @@ public class SearchActionIT { }; } - @Test - @UseDataProvider("allSQCategories") - public void returns_SQCategory_and_VulnerabilityProbability_of_rule(Set securityStandards, SQCategory expected) { + @ParameterizedTest + @MethodSource("allSQCategories") + void returns_SQCategory_and_VulnerabilityProbability_of_rule(Set securityStandards, SQCategory expected) { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1044,8 +1038,7 @@ public class SearchActionIT { assertThat(actual.getVulnerabilityProbability()).isEqualTo(expected.getVulnerability().name()); } - @DataProvider - public static Object[][] allSQCategories() { + static Object[][] allSQCategories() { Stream allCategoriesButOTHERS = SecurityStandards.CWES_BY_SQ_CATEGORY.entrySet() .stream() .map(t -> new Object[] { @@ -1059,7 +1052,7 @@ public class SearchActionIT { } @Test - public void does_not_fail_when_hotspot_has_none_of_the_nullable_fields() { + void does_not_fail_when_hotspot_has_none_of_the_nullable_fields() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1089,7 +1082,7 @@ public class SearchActionIT { } @Test - public void returns_details_of_components() { + void returns_details_of_components() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1140,7 +1133,7 @@ public class SearchActionIT { } @Test - public void returns_branch_field_of_components_of_branch() { + void returns_branch_field_of_components_of_branch() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); String branchName = secure().nextAlphanumeric(248); @@ -1177,7 +1170,7 @@ public class SearchActionIT { } @Test - public void returns_pullRequest_field_of_components_of_pullRequest() { + void returns_pullRequest_field_of_components_of_pullRequest() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); String pullRequestKey = secure().nextAlphanumeric(100); @@ -1215,7 +1208,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_ordered_by_vulnerabilityProbability_score_then_rule_uuid() { + void returns_hotspots_ordered_by_vulnerabilityProbability_score_then_rule_uuid() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1254,7 +1247,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_ordered_by_file_path_then_line_then_key() { + void returns_hotspots_ordered_by_file_path_then_line_then_key() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1289,7 +1282,7 @@ public class SearchActionIT { } @Test - public void returns_hotspot_with_secondary_locations() { + void returns_hotspot_with_secondary_locations() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1336,7 +1329,7 @@ public class SearchActionIT { } @Test - public void returns_first_page_with_100_results_by_default() { + void returns_first_page_with_100_results_by_default() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1363,7 +1356,7 @@ public class SearchActionIT { } @Test - public void returns_specified_page_with_100_results_by_default() { + void returns_specified_page_with_100_results_by_default() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1376,7 +1369,7 @@ public class SearchActionIT { } @Test - public void returns_specified_page_with_specified_number_of_results() { + void returns_specified_page_with_specified_number_of_results() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1435,7 +1428,7 @@ public class SearchActionIT { } @Test - public void returns_empty_if_none_of_hotspot_keys_exist() { + void returns_empty_if_none_of_hotspot_keys_exist() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1456,7 +1449,7 @@ public class SearchActionIT { } @Test - public void returns_specified_hotspots() { + void returns_specified_hotspots() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1481,7 +1474,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_sonarsourceSecurity_category() { + void returns_hotspots_with_specified_sonarsourceSecurity_category() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1505,7 +1498,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_cwes() { + void returns_hotspots_with_specified_cwes() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1529,7 +1522,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_owaspTop10_category() { + void returns_hotspots_with_specified_owaspTop10_category() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1553,7 +1546,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_stig_category() { + void returns_hotspots_with_specified_stig_category() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1577,7 +1570,7 @@ public class SearchActionIT { } @Test - public void executeProtobuf_WhenHotspotHasCwe_shoultReturnExpectedHotspotOnCasaParam() { + void executeProtobuf_WhenHotspotHasCwe_shoultReturnExpectedHotspotOnCasaParam() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1608,7 +1601,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_pciDss_category() { + void returns_hotspots_with_specified_pciDss_category() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1641,7 +1634,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_owaspAsvs_category() { + void returns_hotspots_with_specified_owaspAsvs_category() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1674,7 +1667,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_owaspAsvs_level() { + void returns_hotspots_with_specified_owaspAsvs_level() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1731,7 +1724,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_owasp2021Top10_category() { + void returns_hotspots_with_specified_owasp2021Top10_category() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1755,7 +1748,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_sansTop25_category() { + void returns_hotspots_with_specified_sansTop25_category() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1779,7 +1772,7 @@ public class SearchActionIT { } @Test - public void search_whenMoreThan500KeysPassed_throwException() { + void search_whenMoreThan500KeysPassed_throwException() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); userSessionRule.registerProjects(projectData.getProjectDto()); @@ -1793,7 +1786,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_specified_files() { + void returns_hotspots_with_specified_files() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1817,7 +1810,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_on_the_leak_period_when_inNewCodePeriod_is_true() { + void returns_hotspots_on_the_leak_period_when_inNewCodePeriod_is_true() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1875,7 +1868,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_on_the_leak_period_when_inNewCodePeriod_is_true_and_branch_uses_reference_branch() { + void returns_hotspots_on_the_leak_period_when_inNewCodePeriod_is_true_and_branch_uses_reference_branch() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -1918,7 +1911,7 @@ public class SearchActionIT { } @Test - public void returns_nothing_when_inNewCodePeriod_is_true_and_no_period_exists() { + void returns_nothing_when_inNewCodePeriod_is_true_and_no_period_exists() { long referenceDate = 800_996_999_332L; system2.setNow(referenceDate + 10_000); @@ -1951,7 +1944,7 @@ public class SearchActionIT { } @Test - public void returns_all_issues_when_inNewCodePeriod_is_true_and_is_pr() { + void returns_all_issues_when_inNewCodePeriod_is_true_and_is_pr() { long referenceDate = 800_996_999_332L; system2.setNow(referenceDate + 10_000); @@ -1984,7 +1977,7 @@ public class SearchActionIT { } @Test - public void returns_issues_when_inNewCodePeriod_is_true_and_is_application_for_main_branch() { + void returns_issues_when_inNewCodePeriod_is_true_and_is_application_for_main_branch() { long referenceDate = 800_996_999_332L; system2.setNow(referenceDate + 10_000); @@ -2029,7 +2022,7 @@ public class SearchActionIT { } @Test - public void returns_issues_when_inNewCodePeriod_is_true_and_is_application_for_branch_other_than_main() { + void returns_issues_when_inNewCodePeriod_is_true_and_is_application_for_branch_other_than_main() { long referenceDate = 800_996_999_332L; system2.setNow(referenceDate + 10_000); @@ -2089,7 +2082,7 @@ public class SearchActionIT { } @Test - public void verify_response_example() { + void verify_response_example() { ProjectData projectData = dbTester.components().insertPublicProject(componentDto -> componentDto .setName("test-project") .setLongName("test-project") @@ -2129,7 +2122,7 @@ public class SearchActionIT { } @Test - public void returns_hotspots_with_ruleKey() { + void returns_hotspots_with_ruleKey() { ProjectData projectData = dbTester.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/AuthorsActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/AuthorsActionIT.java index af60c7b1179..e7d83b8dd97 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/AuthorsActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/AuthorsActionIT.java @@ -19,8 +19,9 @@ */ package org.sonar.server.issue.ws; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.server.ws.WebService; import org.sonar.api.server.ws.WebService.Param; import org.sonar.api.utils.System2; @@ -55,15 +56,18 @@ import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; import static org.sonar.db.component.ComponentTesting.newProjectCopy; import static org.sonar.test.JsonAssert.assertJson; -public class AuthorsActionIT { - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); - @Rule - public UserSessionRule userSession = UserSessionRule.standalone(); +class AuthorsActionIT { + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = UserSessionRule.standalone(); - private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, new WebAuthorizationTypeSupport(userSession)); + private final Configuration config = mock(Configuration.class); + + private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, + new WebAuthorizationTypeSupport(userSession), config); private final AsyncIssueIndexing asyncIssueIndexing = mock(AsyncIssueIndexing.class); private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), db.getDbClient(), new IssueIteratorFactory(db.getDbClient()), asyncIssueIndexing); private final PermissionIndexerTester permissionIndexer = new PermissionIndexerTester(es, issueIndexer); @@ -73,7 +77,7 @@ public class AuthorsActionIT { issueIndexSyncProgressChecker)); @Test - public void search_authors() { + void search_authors() { String leia = "leia.organa"; String luke = "luke.skywalker"; ComponentDto mainBranchComponent = db.components().insertPrivateProject().getMainBranchComponent(); @@ -91,7 +95,7 @@ public class AuthorsActionIT { } @Test - public void search_authors_by_query() { + void search_authors_by_query() { String leia = "leia.organa"; String luke = "luke.skywalker"; ComponentDto mainBranchComponent = db.components().insertPrivateProject().getMainBranchComponent(); @@ -112,7 +116,7 @@ public class AuthorsActionIT { } @Test - public void search_authors_by_project() { + void search_authors_by_project() { String leia = "leia.organa"; String luke = "luke.skywalker"; ComponentDto mainBranch1 = db.components().insertPrivateProject().getMainBranchComponent(); @@ -143,7 +147,7 @@ public class AuthorsActionIT { } @Test - public void search_authors_by_portfolio() { + void search_authors_by_portfolio() { String leia = "leia.organa"; ComponentDto portfolio = db.components().insertPrivatePortfolio(); ComponentDto mainBranch = db.components().insertPrivateProject().getMainBranchComponent(); @@ -162,7 +166,7 @@ public class AuthorsActionIT { } @Test - public void search_authors_by_application() { + void search_authors_by_application() { String leia = "leia.organa"; ComponentDto appMainBranch = db.components().insertPrivateApplication().getMainBranchComponent(); ComponentDto projectMainBranch = db.components().insertPrivateProject().getMainBranchComponent(); @@ -181,7 +185,7 @@ public class AuthorsActionIT { } @Test - public void set_page_size() { + void set_page_size() { String han = "han.solo"; String leia = "leia.organa"; String luke = "luke.skywalker"; @@ -204,7 +208,7 @@ public class AuthorsActionIT { } @Test - public void should_ignore_authors_of_hotspot() { + void should_ignore_authors_of_hotspot() { String luke = "luke.skywalker"; ComponentDto mainBranch = db.components().insertPrivateProject().getMainBranchComponent(); permissionIndexer.allowOnlyAnyone(db.components().getProjectDtoByMainBranch(mainBranch)); @@ -223,7 +227,7 @@ public class AuthorsActionIT { } @Test - public void fail_when_user_is_not_logged() { + void fail_when_user_is_not_logged() { userSession.anonymous(); assertThatThrownBy(() -> ws.newRequest().execute()) @@ -231,7 +235,7 @@ public class AuthorsActionIT { } @Test - public void fail_when_project_does_not_exist() { + void fail_when_project_does_not_exist() { userSession.logIn(); assertThatThrownBy(() -> { @@ -244,7 +248,7 @@ public class AuthorsActionIT { } @Test - public void json_example() { + void json_example() { ComponentDto mainBranch = db.components().insertPrivateProject().getMainBranchComponent(); permissionIndexer.allowOnlyAnyone(db.components().getProjectDtoByMainBranch(mainBranch)); RuleDto rule = db.rules().insertIssueRule(); @@ -260,7 +264,7 @@ public class AuthorsActionIT { } @Test - public void definition() { + void definition() { WebService.Action definition = ws.getDef(); assertThat(definition.key()).isEqualTo("authors"); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionComponentsIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionComponentsIT.java index cb268bf3942..6fd0a28fdff 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionComponentsIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionComponentsIT.java @@ -22,8 +22,10 @@ package org.sonar.server.issue.ws; import java.time.Clock; import java.util.Arrays; import java.util.Date; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.mockito.Mockito; +import org.sonar.api.config.Configuration; import org.sonar.api.resources.Languages; import org.sonar.db.component.ComponentQualifiers; import org.sonar.api.rule.RuleKey; @@ -82,17 +84,19 @@ import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_IN_NEW_CODE import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_PROJECTS; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_PULL_REQUEST; -public class SearchActionComponentsIT { +class SearchActionComponentsIT { - @Rule - public UserSessionRule userSession = UserSessionRule.standalone(); - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = UserSessionRule.standalone(); + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + + private final Configuration config = Mockito.mock(Configuration.class); private final DbClient dbClient = db.getDbClient(); - private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, new WebAuthorizationTypeSupport(userSession)); + private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, new WebAuthorizationTypeSupport(userSession), config); private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), dbClient, new IssueIteratorFactory(dbClient), null); private final ViewIndexer viewIndexer = new ViewIndexer(dbClient, es.client()); private final IssueQueryFactory issueQueryFactory = new IssueQueryFactory(dbClient, Clock.systemUTC(), userSession); @@ -111,7 +115,7 @@ public class SearchActionComponentsIT { System2.INSTANCE, dbClient)); @Test - public void search_all_issues_when_no_parameter() { + void search_all_issues_when_no_parameter() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -127,7 +131,7 @@ public class SearchActionComponentsIT { } @Test - public void issues_on_different_projects() { + void issues_on_different_projects() { RuleDto rule = db.rules().insertIssueRule(r -> r.setRuleKey(RuleKey.of("xoo", "x1"))); ProjectData projectData1 = db.components().insertPublicProject(); ComponentDto project = projectData1.getMainBranchComponent(); @@ -153,7 +157,7 @@ public class SearchActionComponentsIT { } @Test - public void search_since_in_new_code_period_on_project() { + void search_since_in_new_code_period_on_project() { ProjectData projectData = db.components().insertPublicProject(p -> p.setKey("PK1")); ComponentDto project = projectData.getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "F1").setKey("FK1")); @@ -176,7 +180,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_file_uuid() { + void search_by_file_uuid() { ProjectData projectData = db.components().insertPublicProject(p -> p.setKey("PK1")); ComponentDto project = projectData.getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "F1").setKey("FK1")); @@ -197,7 +201,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_file_key() { + void search_by_file_key() { ProjectData projectData = db.components().insertPublicProject(p -> p.setKey("PK1")); ComponentDto project = projectData.getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "F1").setKey("FK1")); @@ -220,7 +224,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_directory_path() { + void search_by_directory_path() { ProjectData projectData = db.components().insertPublicProject(p -> p.setKey("PK1")); ComponentDto project = projectData.getMainBranchComponent(); ComponentDto directory = db.components().insertComponent(newDirectory(project, "D1", "src/main/java/dir")); @@ -252,7 +256,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_view_uuid() { + void search_by_view_uuid() { ProjectData projectData = db.components().insertPublicProject(p -> p.setKey("PK1")); ComponentDto project = projectData.getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "F1").setKey("FK1")); @@ -272,7 +276,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_sub_view_uuid() { + void search_by_sub_view_uuid() { ProjectData projectData = db.components().insertPublicProject(p -> p.setKey("PK1")); ComponentDto project = projectData.getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "F1").setKey("FK1")); @@ -292,7 +296,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_sub_view_uuid_return_only_authorized_view() { + void search_by_sub_view_uuid_return_only_authorized_view() { ProjectData projectData = db.components().insertPublicProject(p -> p.setKey("PK1")); ComponentDto project = projectData.getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "F1").setKey("FK1")); @@ -312,7 +316,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_application_key() { + void search_by_application_key() { ProjectData applicationData = db.components().insertPrivateApplication(); ComponentDto application = applicationData.getMainBranchComponent(); ProjectData projectData1 = db.components().insertPrivateProject(); @@ -338,7 +342,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_application_key_and_branch() { + void search_by_application_key_and_branch() { ProjectData applicatioData = db.components().insertPrivateProject(c -> c.setQualifier(APP).setKey("app")); ComponentDto application = applicatioData.getMainBranchComponent(); String appBranch1 = "app-branch1"; @@ -395,7 +399,7 @@ public class SearchActionComponentsIT { } @Test - public void ignore_application_without_browse_permission() { + void ignore_application_without_browse_permission() { ProjectData projectData = db.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); ComponentDto application = db.components().insertPublicApplication().getMainBranchComponent(); @@ -413,7 +417,7 @@ public class SearchActionComponentsIT { } @Test - public void search_application_without_projects() { + void search_application_without_projects() { ProjectData projectData = db.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); ProjectData applicationData = db.components().insertPublicApplication(); @@ -431,7 +435,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_application_and_by_new_code_period() { + void search_by_application_and_by_new_code_period() { Date now = new Date(); RuleDto rule = db.rules().insertIssueRule(); ProjectData applicationData = db.components().insertPublicApplication(); @@ -466,7 +470,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_application_and_project() { + void search_by_application_and_project() { ProjectData projectData1 = db.components().insertPublicProject(); ComponentDto project1 = projectData1.getMainBranchComponent(); ProjectData projectData2 = db.components().insertPublicProject(); @@ -493,7 +497,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_application_and_project_and_new_code_period() { + void search_by_application_and_project_and_new_code_period() { Date now = new Date(); RuleDto rule = db.rules().insertIssueRule(); ProjectData applicationData = db.components().insertPublicApplication(); @@ -529,7 +533,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_application_and_by_new_code_period_when_one_project_has_no_leak() { + void search_by_application_and_by_new_code_period_when_one_project_has_no_leak() { Date now = new Date(); RuleDto rule = db.rules().insertIssueRule(); ProjectData applicationData = db.components().insertPublicApplication(); @@ -564,7 +568,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_branch() { + void search_by_branch() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -603,7 +607,7 @@ public class SearchActionComponentsIT { } @Test - public void return_branch_in_component_list() { + void return_branch_in_component_list() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -629,7 +633,7 @@ public class SearchActionComponentsIT { } @Test - public void search_by_pull_request() { + void search_by_pull_request() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -659,7 +663,7 @@ public class SearchActionComponentsIT { } @Test - public void search_using_main_branch_name() { + void search_using_main_branch_name() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPublicProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -684,7 +688,7 @@ public class SearchActionComponentsIT { } @Test - public void does_not_return_branch_issues_on_not_contextualized_search() { + void does_not_return_branch_issues_on_not_contextualized_search() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto project = projectData.getMainBranchComponent(); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionDependenciesIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionDependenciesIT.java index f7bf2db5d24..b564e5f5352 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionDependenciesIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionDependenciesIT.java @@ -24,6 +24,7 @@ import java.util.Arrays; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.resources.Languages; import org.sonar.api.utils.Durations; import org.sonar.api.utils.System2; @@ -70,8 +71,10 @@ class SearchActionDependenciesIT { @RegisterExtension private final EsTester es = EsTester.create(); + private final Configuration config = mock(Configuration.class); + private final DbClient dbClient = db.getDbClient(); - private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, new WebAuthorizationTypeSupport(userSession)); + private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, new WebAuthorizationTypeSupport(userSession), config); private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), dbClient, new IssueIteratorFactory(dbClient), mock(AsyncIssueIndexing.class)); private final IssueQueryFactory issueQueryFactory = new IssueQueryFactory(dbClient, Clock.systemUTC(), userSession); private final IssueFieldsSetter issueFieldsSetter = new IssueFieldsSetter(); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionFacetsIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionFacetsIT.java index 8c2a1e8c596..c7d2ad3a345 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionFacetsIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionFacetsIT.java @@ -24,8 +24,9 @@ import java.time.Clock; import java.util.Map; import java.util.Random; import java.util.stream.IntStream; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.issue.Issue; import org.sonar.api.resources.Languages; import org.sonar.api.rules.RuleType; @@ -36,8 +37,8 @@ import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDto; import org.sonar.db.rule.RuleDto; import org.sonar.db.user.UserDto; -import org.sonar.server.es.EsTester; import org.sonar.server.common.avatar.AvatarResolverImpl; +import org.sonar.server.es.EsTester; import org.sonar.server.issue.TextRangeResponseFormatter; import org.sonar.server.issue.TransitionService; import org.sonar.server.issue.index.IssueIndex; @@ -58,6 +59,7 @@ import static java.util.stream.Collectors.toMap; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.groups.Tuple.tuple; +import static org.mockito.Mockito.mock; import static org.sonar.api.server.ws.WebService.Param.FACETS; import static org.sonar.db.component.ComponentTesting.newDirectory; import static org.sonar.db.component.ComponentTesting.newFileDto; @@ -66,32 +68,38 @@ import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_COMPONENTS; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_FILES; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_PROJECTS; -public class SearchActionFacetsIT { +class SearchActionFacetsIT { private static final String[] ISSUE_STATUSES = Issue.STATUSES.stream().filter(s -> !Issue.STATUS_TO_REVIEW.equals(s)).filter(s -> !Issue.STATUS_REVIEWED.equals(s)) .toArray(String[]::new); - @Rule - public UserSessionRule userSession = standalone(); - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); - - private IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, new WebAuthorizationTypeSupport(userSession)); - private IssueIndexer issueIndexer = new IssueIndexer(es.client(), db.getDbClient(), new IssueIteratorFactory(db.getDbClient()), null); - private PermissionIndexer permissionIndexer = new PermissionIndexer(db.getDbClient(), es.client(), issueIndexer); - private IssueQueryFactory issueQueryFactory = new IssueQueryFactory(db.getDbClient(), Clock.systemUTC(), userSession); - private SearchResponseLoader searchResponseLoader = new SearchResponseLoader(userSession, db.getDbClient(), new TransitionService(userSession, null)); - private Languages languages = new Languages(); - private UserResponseFormatter userFormatter = new UserResponseFormatter(new AvatarResolverImpl()); - private SearchResponseFormat searchResponseFormat = new SearchResponseFormat(new Durations(), languages, new TextRangeResponseFormatter(), userFormatter); - private IssueIndexSyncProgressChecker issueIndexSyncProgressChecker = new IssueIndexSyncProgressChecker(db.getDbClient()); - private WsActionTester ws = new WsActionTester( + @RegisterExtension + private final UserSessionRule userSession = standalone(); + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + + private final Configuration config = mock(Configuration.class); + + private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, + new WebAuthorizationTypeSupport(userSession), config); + private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), db.getDbClient(), new IssueIteratorFactory(db.getDbClient()), + null); + private final PermissionIndexer permissionIndexer = new PermissionIndexer(db.getDbClient(), es.client(), issueIndexer); + private final IssueQueryFactory issueQueryFactory = new IssueQueryFactory(db.getDbClient(), Clock.systemUTC(), userSession); + private final SearchResponseLoader searchResponseLoader = new SearchResponseLoader(userSession, db.getDbClient(), + new TransitionService(userSession, null)); + private final Languages languages = new Languages(); + private final UserResponseFormatter userFormatter = new UserResponseFormatter(new AvatarResolverImpl()); + private final SearchResponseFormat searchResponseFormat = new SearchResponseFormat(new Durations(), languages, + new TextRangeResponseFormatter(), userFormatter); + private final IssueIndexSyncProgressChecker issueIndexSyncProgressChecker = new IssueIndexSyncProgressChecker(db.getDbClient()); + private final WsActionTester ws = new WsActionTester( new SearchAction(userSession, issueIndex, issueQueryFactory, issueIndexSyncProgressChecker, searchResponseLoader, searchResponseFormat, System2.INSTANCE, db.getDbClient())); @Test - public void display_all_facets() { + void display_all_facets() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto rule = db.rules().insertIssueRule(); @@ -128,7 +136,7 @@ public class SearchActionFacetsIT { } @Test - public void display_projects_facet() { + void display_projects_facet() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto rule = db.rules().insertIssueRule(); @@ -147,7 +155,7 @@ public class SearchActionFacetsIT { } @Test - public void projects_facet_is_sticky() { + void projects_facet_is_sticky() { ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto project3 = db.components().insertPublicProject().getMainBranchComponent(); @@ -172,7 +180,7 @@ public class SearchActionFacetsIT { } @Test - public void display_directory_facet_using_project() { + void display_directory_facet_using_project() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto directory = db.components().insertComponent(newDirectory(project, "src/main/java/dir")); ComponentDto file = db.components().insertComponent(newFileDto(project, directory)); @@ -193,7 +201,7 @@ public class SearchActionFacetsIT { } @Test - public void fail_to_display_directory_facet_when_no_project_is_set() { + void fail_to_display_directory_facet_when_no_project_is_set() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto directory = db.components().insertComponent(newDirectory(project, "src")); ComponentDto file = db.components().insertComponent(newFileDto(project, directory)); @@ -212,7 +220,7 @@ public class SearchActionFacetsIT { } @Test - public void display_files_facet_with_project() { + void display_files_facet_with_project() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file1 = db.components().insertComponent(newFileDto(project)); ComponentDto file2 = db.components().insertComponent(newFileDto(project)); @@ -235,7 +243,7 @@ public class SearchActionFacetsIT { } @Test - public void fail_to_display_fileUuids_facet_when_no_project_is_set() { + void fail_to_display_fileUuids_facet_when_no_project_is_set() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto rule = db.rules().insertIssueRule(); @@ -254,7 +262,7 @@ public class SearchActionFacetsIT { } @Test - public void check_facets_max_size_for_issues() { + void check_facets_max_size_for_issues() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); Random random = new Random(); IntStream.rangeClosed(1, 110) @@ -306,7 +314,7 @@ public class SearchActionFacetsIT { } @Test - public void check_projects_facet_max_size() { + void check_projects_facet_max_size() { RuleDto rule = db.rules().insertIssueRule(); IntStream.rangeClosed(1, 110) .forEach(i -> { @@ -325,7 +333,7 @@ public class SearchActionFacetsIT { } @Test - public void display_zero_valued_facets_for_selected_items_having_no_issue() { + void display_zero_valued_facets_for_selected_items_having_no_issue() { ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file1 = db.components().insertComponent(newFileDto(project1)); @@ -372,7 +380,7 @@ public class SearchActionFacetsIT { } @Test - public void assignedToMe_facet_must_escape_login_of_authenticated_user() { + void assignedToMe_facet_must_escape_login_of_authenticated_user() { // login looks like an invalid regexp UserDto user = db.users().insertUser(u -> u.setLogin("foo[")); userSession.logIn(user); @@ -389,7 +397,7 @@ public class SearchActionFacetsIT { } @Test - public void assigned_to_me_facet_is_sticky_relative_to_assignees() { + void assigned_to_me_facet_is_sticky_relative_to_assignees() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); indexPermissions(); ComponentDto file = db.components().insertComponent(newFileDto(project)); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionIT.java index c2110e2a284..66fd1979232 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/SearchActionIT.java @@ -34,9 +34,12 @@ import java.util.function.Consumer; import java.util.stream.Collectors; import java.util.stream.IntStream; import java.util.stream.Stream; -import org.junit.Before; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.ValueSource; +import org.sonar.api.config.Configuration; import org.sonar.api.issue.IssueStatus; import org.sonar.api.issue.impact.SoftwareQuality; import org.sonar.api.resources.Languages; @@ -102,6 +105,8 @@ import static org.apache.commons.lang3.StringUtils.EMPTY; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.groups.Tuple.tuple; +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.mock; import static org.sonar.api.issue.Issue.RESOLUTION_FALSE_POSITIVE; import static org.sonar.api.issue.Issue.RESOLUTION_FIXED; import static org.sonar.api.issue.Issue.RESOLUTION_REMOVED; @@ -113,13 +118,16 @@ import static org.sonar.api.issue.Issue.STATUS_OPEN; import static org.sonar.api.issue.Issue.STATUS_REOPENED; import static org.sonar.api.issue.Issue.STATUS_RESOLVED; import static org.sonar.api.issue.Issue.STATUS_REVIEWED; -import static org.sonar.db.component.ComponentQualifiers.UNIT_TEST_FILE; +import static org.sonar.api.issue.impact.Severity.HIGH; +import static org.sonar.api.issue.impact.SoftwareQuality.SECURITY; import static org.sonar.api.rules.RuleType.CODE_SMELL; import static org.sonar.api.server.ws.WebService.Param.FACETS; import static org.sonar.api.utils.DateUtils.formatDateTime; import static org.sonar.api.utils.DateUtils.parseDate; import static org.sonar.api.utils.DateUtils.parseDateTime; import static org.sonar.api.web.UserRole.ISSUE_ADMIN; +import static org.sonar.core.config.MQRModeConstants.MULTI_QUALITY_MODE_ENABLED; +import static org.sonar.db.component.ComponentQualifiers.UNIT_TEST_FILE; import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.issue.IssueTesting.newIssue; import static org.sonar.db.protobuf.DbIssues.MessageFormattingType.CODE; @@ -150,22 +158,24 @@ import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_PULL_REQUES import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_RULES; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_STATUSES; -public class SearchActionIT { +class SearchActionIT { - public static final DbIssues.MessageFormatting MESSAGE_FORMATTING = DbIssues.MessageFormatting.newBuilder() + private static final DbIssues.MessageFormatting MESSAGE_FORMATTING = DbIssues.MessageFormatting.newBuilder() .setStart(0).setEnd(11).setType(CODE).build(); private final UuidFactoryFast uuidFactory = UuidFactoryFast.getInstance(); - @Rule - public UserSessionRule userSession = standalone(); - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = standalone(); + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + + private final Configuration config = mock(Configuration.class); private final DbClient dbClient = db.getDbClient(); private final DbSession session = db.getSession(); private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, - new WebAuthorizationTypeSupport(userSession)); + new WebAuthorizationTypeSupport(userSession), config); private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), dbClient, new IssueIteratorFactory(dbClient), null); private final IssueQueryFactory issueQueryFactory = new IssueQueryFactory(dbClient, Clock.systemUTC(), userSession); private final IssueFieldsSetter issueFieldsSetter = new IssueFieldsSetter(); @@ -182,13 +192,13 @@ public class SearchActionIT { searchResponseFormat, System2.INSTANCE, dbClient)); private final PermissionIndexer permissionIndexer = new PermissionIndexer(dbClient, es.client(), issueIndexer); - @Before - public void setUp() { + @BeforeEach + void setUp() { issueWorkflow.start(); } @Test - public void givenPrivateProject_responseContainsAllFieldsExceptAdditionalFields() { + void givenPrivateProject_responseContainsAllFieldsExceptAdditionalFields() { UserDto user = db.users().insertUser(); userSession.logIn(user); ProjectData projectData = db.components().insertPrivateProject(); @@ -236,7 +246,7 @@ public class SearchActionIT { } @Test - public void response_contains_correct_actions() { + void response_contains_correct_actions() { UserDto user = db.users().insertUser(); userSession.logIn(user); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); @@ -274,7 +284,7 @@ public class SearchActionIT { } @Test - public void issue_on_external_rule() { + void issue_on_external_rule() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto rule = db.rules().insertIssueRule(RuleTesting.EXTERNAL_XOO, r -> r.setIsExternal(true).setLanguage("xoo")); @@ -290,7 +300,7 @@ public class SearchActionIT { } @Test - public void issue_on_external_adhoc_rule_without_metadata() { + void issue_on_external_adhoc_rule_without_metadata() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); indexPermissions(); ComponentDto file = db.components().insertComponent(newFileDto(project)); @@ -316,7 +326,7 @@ public class SearchActionIT { } @Test - public void issue_on_external_adhoc_rule_with_metadata() { + void issue_on_external_adhoc_rule_with_metadata() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); indexPermissions(); ComponentDto file = db.components().insertComponent(newFileDto(project)); @@ -343,7 +353,7 @@ public class SearchActionIT { } @Test - public void issue_with_cross_file_locations() { + void issue_with_cross_file_locations() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); indexPermissions(); ComponentDto file = db.components().insertComponent(newFileDto(project)); @@ -397,7 +407,7 @@ public class SearchActionIT { } @Test - public void issue_with_comments() { + void issue_with_comments() { UserDto john = db.users().insertUser(u -> u.setLogin("john").setName("John")); UserDto fabrice = db.users().insertUser(u -> u.setLogin("fabrice").setName("Fabrice").setEmail("fabrice@email.com")); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); @@ -445,7 +455,7 @@ public class SearchActionIT { } @Test - public void issue_with_comment_hidden() { + void issue_with_comment_hidden() { UserDto john = db.users().insertUser(u -> u.setLogin("john").setName("John").setEmail("john@email.com")); UserDto fabrice = db.users().insertUser(u -> u.setLogin("fabrice").setName("Fabrice").setEmail("fabrice@email.com")); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); @@ -487,7 +497,7 @@ public class SearchActionIT { } @Test - public void load_additional_fields() { + void load_additional_fields() { UserDto simon = db.users().insertUser(u -> u.setLogin("simon").setName("Simon").setEmail("simon@email.com")); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); indexPermissions(); @@ -503,7 +513,7 @@ public class SearchActionIT { } @Test - public void load_additional_fields_with_issue_admin_permission() { + void load_additional_fields_with_issue_admin_permission() { UserDto simon = db.users().insertUser(u -> u.setLogin("simon").setName("Simon").setEmail("simon@email.com")); UserDto fabrice = db.users().insertUser(u -> u.setLogin("fabrice").setName("Fabrice").setEmail("fabrice@email.com")); @@ -530,7 +540,7 @@ public class SearchActionIT { } @Test - public void search_by_rule_key() { + void search_by_rule_key() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID").setLanguage("java")).getMainBranchComponent(); @@ -552,7 +562,7 @@ public class SearchActionIT { } @Test - public void search_adhoc_issue_by_rule_key_returns_correct_rule_name() { + void search_adhoc_issue_by_rule_key_returns_correct_rule_name() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); @@ -575,7 +585,7 @@ public class SearchActionIT { } @Test - public void search_by_non_existing_rule_key() { + void search_by_non_existing_rule_key() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID").setLanguage("java")).getMainBranchComponent(); @@ -597,7 +607,7 @@ public class SearchActionIT { } @Test - public void search_by_variants_with_facets() { + void search_by_variants_with_facets() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID").setLanguage("java")).getMainBranchComponent(); @@ -616,7 +626,7 @@ public class SearchActionIT { } @Test - public void search_whenFilteringByIssueStatuses_shouldReturnIssueStatusesFacet() { + void search_whenFilteringByIssueStatuses_shouldReturnIssueStatusesFacet() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID").setLanguage("java")).getMainBranchComponent(); @@ -654,7 +664,7 @@ public class SearchActionIT { } @Test - public void search_whenIssueStatusesFacetRequested_shouldReturnFacet() { + void search_whenIssueStatusesFacetRequested_shouldReturnFacet() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID").setLanguage("java")).getMainBranchComponent(); @@ -690,18 +700,18 @@ public class SearchActionIT { } @Test - public void search_whenImpactSoftwareQualitiesFacetRequested_shouldReturnFacet() { + void search_whenImpactSoftwareQualitiesFacetRequested_shouldReturnFacet() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID").setLanguage("java")).getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "FILE_ID").setKey("FILE_KEY").setLanguage("java")); IssueDto issue1 = db.issues().insertIssue(rule, project, file, i -> i - .addImpact(new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.HIGH)) - .addImpact(new ImpactDto(SoftwareQuality.RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH))); + .addImpact(new ImpactDto(SECURITY, HIGH)) + .addImpact(new ImpactDto(SoftwareQuality.RELIABILITY, HIGH))); IssueDto issue2 = db.issues().insertIssue(rule, project, file, i -> i - .addImpact(new ImpactDto(SoftwareQuality.RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH))); + .addImpact(new ImpactDto(SoftwareQuality.RELIABILITY, HIGH))); IssueDto issue3 = db.issues().insertIssue(rule, project, file, i -> i - .addImpact(new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.MEDIUM)) + .addImpact(new ImpactDto(SECURITY, org.sonar.api.issue.impact.Severity.MEDIUM)) .addImpact(new ImpactDto(SoftwareQuality.RELIABILITY, org.sonar.api.issue.impact.Severity.LOW))); indexPermissionsAndIssues(); @@ -725,19 +735,19 @@ public class SearchActionIT { } @Test - public void search_whenFilteredByImpactSeverities_shouldReturnImpactSoftwareQualitiesFacet() { + void search_whenFilteredByImpactSeverities_shouldReturnImpactSoftwareQualitiesFacet() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID").setLanguage("java")).getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "FILE_ID").setKey("FILE_KEY").setLanguage("java")); - IssueDto issue1 = db.issues().insertIssue(rule, project, file, i -> i - .addImpact(new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(org.sonar.api.issue.impact.Severity.HIGH)) - .addImpact(new ImpactDto().setSoftwareQuality(SoftwareQuality.RELIABILITY).setSeverity(org.sonar.api.issue.impact.Severity.HIGH))); - IssueDto issue2 = db.issues().insertIssue(rule, project, file, i -> i - .addImpact(new ImpactDto().setSoftwareQuality(SoftwareQuality.RELIABILITY).setSeverity(org.sonar.api.issue.impact.Severity.HIGH))); + db.issues().insertIssue(rule, project, file, i -> i + .addImpact(new ImpactDto().setSoftwareQuality(SECURITY).setSeverity(HIGH)) + .addImpact(new ImpactDto().setSoftwareQuality(SoftwareQuality.RELIABILITY).setSeverity(HIGH))); + db.issues().insertIssue(rule, project, file, i -> i + .addImpact(new ImpactDto().setSoftwareQuality(SoftwareQuality.RELIABILITY).setSeverity(HIGH))); IssueDto issue3 = db.issues().insertIssue(rule, project, file, i -> i - .addImpact(new ImpactDto().setSoftwareQuality(SoftwareQuality.SECURITY).setSeverity(org.sonar.api.issue.impact.Severity.MEDIUM)) + .addImpact(new ImpactDto().setSoftwareQuality(SECURITY).setSeverity(org.sonar.api.issue.impact.Severity.MEDIUM)) .addImpact(new ImpactDto().setSoftwareQuality(SoftwareQuality.RELIABILITY).setSeverity(org.sonar.api.issue.impact.Severity.INFO))); indexPermissionsAndIssues(); Map expectedImpacts = Map.of(Common.SoftwareQuality.SECURITY, @@ -774,23 +784,23 @@ public class SearchActionIT { } @Test - public void search_whenImpactSeveritiesFacetRequested_shouldReturnFacet() { + void search_whenImpactSeveritiesFacetRequested_shouldReturnFacet() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID").setLanguage("java")).getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "FILE_ID").setKey("FILE_KEY").setLanguage("java")); IssueDto issue1 = db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( - new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.HIGH), - new ImpactDto(SoftwareQuality.RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH)))); + new ImpactDto(SECURITY, HIGH), + new ImpactDto(SoftwareQuality.RELIABILITY, HIGH)))); IssueDto issue2 = db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( - new ImpactDto(SoftwareQuality.RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH)))); + new ImpactDto(SoftwareQuality.RELIABILITY, HIGH)))); IssueDto issue3 = db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( new ImpactDto(SoftwareQuality.MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW), - new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.MEDIUM), + new ImpactDto(SECURITY, org.sonar.api.issue.impact.Severity.MEDIUM), new ImpactDto(SoftwareQuality.RELIABILITY, org.sonar.api.issue.impact.Severity.LOW)))); IssueDto issue4 = db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( new ImpactDto(SoftwareQuality.MAINTAINABILITY, org.sonar.api.issue.impact.Severity.INFO), - new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.BLOCKER)))); + new ImpactDto(SECURITY, org.sonar.api.issue.impact.Severity.BLOCKER)))); indexPermissionsAndIssues(); SearchWsResponse response = ws.newRequest() @@ -815,30 +825,30 @@ public class SearchActionIT { } @Test - public void search_whenFilteredByImpactSoftwareQualities_shouldReturnFacet() { + void search_whenFilteredByImpactSoftwareQualities_shouldReturnFacet() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID").setLanguage("java")).getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project, null, "FILE_ID").setKey("FILE_KEY").setLanguage("java")); IssueDto issue1 = db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( - new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.HIGH), - new ImpactDto(SoftwareQuality.RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH)))); + new ImpactDto(SECURITY, HIGH), + new ImpactDto(SoftwareQuality.RELIABILITY, HIGH)))); db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( - new ImpactDto(SoftwareQuality.RELIABILITY, org.sonar.api.issue.impact.Severity.HIGH)))); + new ImpactDto(SoftwareQuality.RELIABILITY, HIGH)))); IssueDto issue2 = db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( - new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.BLOCKER)))); + new ImpactDto(SECURITY, org.sonar.api.issue.impact.Severity.BLOCKER)))); IssueDto issue3 = db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( - new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.BLOCKER)))); + new ImpactDto(SECURITY, org.sonar.api.issue.impact.Severity.BLOCKER)))); IssueDto issue4 = db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( - new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.INFO)))); + new ImpactDto(SECURITY, org.sonar.api.issue.impact.Severity.INFO)))); IssueDto issue5 = db.issues().insertIssue(rule, project, file, i -> i.replaceAllImpacts(List.of( new ImpactDto(SoftwareQuality.MAINTAINABILITY, org.sonar.api.issue.impact.Severity.LOW), - new ImpactDto(SoftwareQuality.SECURITY, org.sonar.api.issue.impact.Severity.MEDIUM), + new ImpactDto(SECURITY, org.sonar.api.issue.impact.Severity.MEDIUM), new ImpactDto(SoftwareQuality.RELIABILITY, org.sonar.api.issue.impact.Severity.LOW)))); indexPermissionsAndIssues(); SearchWsResponse response = ws.newRequest() - .setParam(PARAM_IMPACT_SOFTWARE_QUALITIES, SoftwareQuality.SECURITY.name()) + .setParam(PARAM_IMPACT_SOFTWARE_QUALITIES, SECURITY.name()) .setParam(FACETS, PARAM_IMPACT_SEVERITIES) .executeProtobuf(SearchWsResponse.class); @@ -860,7 +870,7 @@ public class SearchActionIT { } @Test - public void search_whenFilteredByCleanCodeAttributeCategory_shouldReturnFacet() { + void search_whenFilteredByCleanCodeAttributeCategory_shouldReturnFacet() { // INTENTIONAL RuleDto rule1 = newIssueRule("clear-rule", ruleDto -> ruleDto.setCleanCodeAttribute(CleanCodeAttribute.CLEAR)); RuleDto rule2 = newIssueRule("complete-rule", ruleDto -> ruleDto.setCleanCodeAttribute(CleanCodeAttribute.COMPLETE)); @@ -900,7 +910,7 @@ public class SearchActionIT { } @Test - public void issue_on_removed_file() { + void issue_on_removed_file() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setKey("PROJECT_KEY")).getMainBranchComponent(); @@ -926,7 +936,7 @@ public class SearchActionIT { } @Test - public void apply_paging_with_one_component() { + void apply_paging_with_one_component() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setKey("PROJECT_KEY")).getMainBranchComponent(); @@ -944,7 +954,7 @@ public class SearchActionIT { } @Test - public void filter_by_assigned_to_me() { + void filter_by_assigned_to_me() { UserDto alice = db.users().insertUser(u -> u.setLogin("alice").setName("Alice").setEmail("alice@email.com")); UserDto john = db.users().insertUser(u -> u.setLogin("john").setName("John").setEmail("john@email.com")); ComponentDto project = db.components().insertPublicProject(c -> c.setUuid("PROJECT_ID").setKey("PROJECT_KEY").setBranchUuid( @@ -991,7 +1001,7 @@ public class SearchActionIT { } @Test - public void filter_by_new_code_period() { + void filter_by_new_code_period() { UserDto john = db.users().insertUser(u -> u.setLogin("john").setName("John").setEmail("john@email.com")); UserDto alice = db.users().insertUser(u -> u.setLogin("alice").setName("Alice").setEmail("alice@email.com")); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", @@ -1038,7 +1048,7 @@ public class SearchActionIT { } @Test - public void explicit_false_value_for_new_code_period_parameters_has_no_effect() { + void explicit_false_value_for_new_code_period_parameters_has_no_effect() { ws.newRequest() .setParam(PARAM_IN_NEW_CODE_PERIOD, "false") .execute() @@ -1046,7 +1056,7 @@ public class SearchActionIT { } @Test - public void filter_by_leak_period_without_a_period() { + void filter_by_leak_period_without_a_period() { UserDto john = db.users().insertUser(u -> u.setLogin("john").setName("John").setEmail("john@email.com")); UserDto alice = db.users().insertUser(u -> u.setLogin("alice").setName("Alice").setEmail("alice@email.com")); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY")).getMainBranchComponent(); @@ -1086,7 +1096,7 @@ public class SearchActionIT { } @Test - public void filter_by_leak_period_has_no_effect_on_prs() { + void filter_by_leak_period_has_no_effect_on_prs() { UserDto john = db.users().insertUser(u -> u.setLogin("john").setName("John").setEmail("john@email.com")); UserDto alice = db.users().insertUser(u -> u.setLogin("alice").setName("Alice").setEmail("alice@email.com")); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY")).getMainBranchComponent(); @@ -1132,7 +1142,7 @@ public class SearchActionIT { } @Test - public void return_empty_when_login_is_unknown() { + void return_empty_when_login_is_unknown() { UserDto john = db.users().insertUser(u -> u.setLogin("john").setName("John").setEmail("john@email.com")); UserDto alice = db.users().insertUser(u -> u.setLogin("alice").setName("Alice").setEmail("alice@email.com")); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY")).getMainBranchComponent(); @@ -1179,7 +1189,7 @@ public class SearchActionIT { } @Test - public void filter_by_assigned_to_me_when_not_authenticate() { + void filter_by_assigned_to_me_when_not_authenticate() { UserDto alice = db.users().insertUser(u -> u.setLogin("alice").setName("Alice").setEmail("alice@email.com")); UserDto john = db.users().insertUser(u -> u.setLogin("john").setName("John").setEmail("john@email.com")); UserDto poy = db.users().insertUser(u -> u.setLogin("poy").setName("poypoy").setEmail("poypoy@email.com")); @@ -1212,7 +1222,7 @@ public class SearchActionIT { } @Test - public void search_by_author() { + void search_by_author() { userSession.logIn(); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); @@ -1245,7 +1255,7 @@ public class SearchActionIT { } @Test - public void hide_author_if_not_logged_in() { + void hide_author_if_not_logged_in() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto rule = db.rules().insertIssueRule(); @@ -1266,7 +1276,7 @@ public class SearchActionIT { } @Test - public void filter_by_test_scope() { + void filter_by_test_scope() { ProjectData projectData = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID")); ComponentDto project = projectData.getMainBranchComponent(); @@ -1309,7 +1319,7 @@ public class SearchActionIT { } @Test - public void filter_by_main_scope() { + void filter_by_main_scope() { ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID")).getMainBranchComponent(); indexPermissions(); @@ -1351,7 +1361,7 @@ public class SearchActionIT { } @Test - public void filter_by_scope_always_returns_all_scope_facet_values() { + void filter_by_scope_always_returns_all_scope_facet_values() { ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID")).getMainBranchComponent(); indexPermissions(); @@ -1384,7 +1394,7 @@ public class SearchActionIT { } @Test - public void sort_by_updated_at() { + void sort_by_updated_at() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY").setName("NAME_PROJECT_ID").setLongName("LONG_NAME_PROJECT_ID")).getMainBranchComponent(); @@ -1415,8 +1425,10 @@ public class SearchActionIT { "-7b112bd4eac2"); } - @Test - public void only_vulnerabilities_are_returned_by_owaspAsvs40() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_owaspAsvs40(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1428,9 +1440,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1451,8 +1463,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto2.getKey()); } - @Test - public void only_vulnerabilities_are_returned_by_owaspAsvs40_with_level() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_owaspAsvs40_with_level(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer issueConsumer = issueDto -> issueDto.setTags(Sets.newHashSet("bad-practice", "cwe", "owasp-a1", "sans-top25" + @@ -1461,9 +1475,9 @@ public class SearchActionIT { RuleDto issueRule2 = db.rules().insertIssueRule(r -> r.setSecurityStandards(Set.of("owaspAsvs-4.0:2.2.5"))); RuleDto issueRule3 = db.rules().insertIssueRule(r -> r.setSecurityStandards(Set.of("owaspAsvs-4.0:2.2.5", "owaspAsvs-4.0:12.1.3"))); IssueDto issueDto1 = db.issues().insertIssue(issueRule1, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto3 = db.issues().insertIssue(issueRule3, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); indexPermissionsAndIssues(); SearchWsResponse result = ws.newRequest() @@ -1501,8 +1515,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto3.getKey()); } - @Test - public void only_vulnerabilities_are_returned_by_pciDss32() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_pciDss32(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1514,9 +1530,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1537,8 +1553,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto2.getKey()); } - @Test - public void multiple_categories_pciDss32() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void multiple_categories_pciDss32(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); @@ -1552,9 +1570,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); // Rule 2 ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1565,9 +1583,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto4 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); // Rule 3 ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1578,9 +1596,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto5 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto6 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); indexPermissionsAndIssues(); @@ -1631,8 +1649,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto2.getKey()); } - @Test - public void only_vulnerabilities_are_returned_by_pciDss40() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_pciDss40(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1644,9 +1664,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1667,8 +1687,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto2.getKey()); } - @Test - public void multiple_categories_pciDss40() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void multiple_categories_pciDss40(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); @@ -1682,9 +1704,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); // Rule 2 ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1695,9 +1717,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto4 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); // Rule 3 ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1707,8 +1729,10 @@ public class SearchActionIT { hotspotRule = db.rules().insertHotspotRule(ruleConsumer); db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); issueRule = db.rules().insertIssueRule(ruleConsumer); - db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(RuleType.VULNERABILITY)); - db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + db.issues().insertIssue(issueRule, project, file, issueConsumer, + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); + db.issues().insertIssue(issueRule, project, file, issueConsumer, + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); indexPermissionsAndIssues(); @@ -1749,8 +1773,10 @@ public class SearchActionIT { assertThat(result.getIssuesList()).isEmpty(); } - @Test - public void only_vulnerabilities_are_returned_by_cwe() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_cwe(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1762,9 +1788,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1777,8 +1803,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto2.getKey()); } - @Test - public void only_vulnerabilities_are_returned_by_owasp() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_owasp(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1790,9 +1818,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1805,8 +1833,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto2.getKey()); } - @Test - public void only_vulnerabilities_are_returned_by_owasp_2021() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_owasp_2021(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1818,9 +1848,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1833,8 +1863,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto2.getKey()); } - @Test - public void only_vulnerabilities_are_returned_by_stig_R5V3() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_stig_R5V3(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1847,9 +1879,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1867,8 +1899,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(tuple("V-222402", 2L), tuple("V-222403", 2L), tuple("V-222404", 2L)); } - @Test - public void only_vulnerabilities_are_returned_by_casa() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_casa(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1879,9 +1913,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1909,8 +1943,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto2.getKey()); } - @Test - public void only_vulnerabilities_are_returned_by_sansTop25() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_sansTop25(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1921,9 +1957,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1936,8 +1972,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(issueDto1.getKey(), issueDto2.getKey()); } - @Test - public void only_vulnerabilities_are_returned_by_sonarsource_security() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void only_vulnerabilities_are_returned_by_sonarsource_security(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -1948,9 +1986,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto3 = db.issues().insertIssue(issueRule, project, file, issueConsumer, issueDto -> issueDto.setType(CODE_SMELL)); indexPermissionsAndIssues(); @@ -1964,7 +2002,7 @@ public class SearchActionIT { } @Test - public void security_hotspots_are_not_returned_by_default() { + void security_hotspots_are_not_returned_by_default() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto rule = db.rules().insertIssueRule(); @@ -1982,7 +2020,7 @@ public class SearchActionIT { } @Test - public void security_hotspots_are_not_returned_by_issues_param() { + void security_hotspots_are_not_returned_by_issues_param() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto issueRule = db.rules().insertIssueRule(); @@ -2003,8 +2041,10 @@ public class SearchActionIT { .containsExactlyInAnyOrder(BUG, VULNERABILITY, Common.RuleType.CODE_SMELL); } - @Test - public void security_hotspots_are_not_returned_by_cwe() { + @ParameterizedTest + @ValueSource(booleans = {true, false}) + void security_hotspots_are_not_returned_by_cwe(boolean mqrMode) { + doReturn(Optional.of(mqrMode)).when(config).getBoolean(MULTI_QUALITY_MODE_ENABLED); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); Consumer ruleConsumer = ruleDefinitionDto -> ruleDefinitionDto @@ -2016,9 +2056,9 @@ public class SearchActionIT { db.issues().insertHotspot(hotspotRule, project, file, issueConsumer); RuleDto issueRule = db.rules().insertIssueRule(ruleConsumer); IssueDto issueDto1 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); IssueDto issueDto2 = db.issues().insertIssue(issueRule, project, file, issueConsumer, - issueDto -> issueDto.setType(RuleType.VULNERABILITY)); + issueDto -> issueDto.setType(RuleType.VULNERABILITY).replaceAllImpacts(List.of(new ImpactDto(SECURITY, HIGH)))); indexPermissions(); indexIssues(); @@ -2032,7 +2072,7 @@ public class SearchActionIT { } @Test - public void security_hotspots_are_not_returned_by_assignees() { + void security_hotspots_are_not_returned_by_assignees() { UserDto user = db.users().insertUser(); ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); @@ -2056,7 +2096,7 @@ public class SearchActionIT { } @Test - public void security_hotspots_are_not_returned_by_rule() { + void security_hotspots_are_not_returned_by_rule() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto hotspotRule = db.rules().insertHotspotRule(); @@ -2071,7 +2111,7 @@ public class SearchActionIT { } @Test - public void security_hotspots_are_not_returned_by_issues_param_only() { + void security_hotspots_are_not_returned_by_issues_param_only() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto rule = db.rules().insertHotspotRule(); @@ -2090,7 +2130,7 @@ public class SearchActionIT { } @Test - public void fail_if_trying_to_filter_issues_by_hotspots() { + void fail_if_trying_to_filter_issues_by_hotspots() { ComponentDto mainBranch = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(mainBranch)); RuleDto hotspotRule = newHotspotRule(); @@ -2107,7 +2147,7 @@ public class SearchActionIT { } @Test - public void security_hotspot_are_ignored_when_filtering_by_severities() { + void security_hotspot_are_ignored_when_filtering_by_severities() { ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDto issueRule = db.rules().insertIssueRule(); @@ -2138,7 +2178,7 @@ public class SearchActionIT { } @Test - public void return_total_effort() { + void return_total_effort() { insertIssues(i -> i.setEffort(10L), i -> i.setEffort(15L)); indexPermissionsAndIssues(); @@ -2148,7 +2188,7 @@ public class SearchActionIT { } @Test - public void givenNotQuickFixableIssue_returnIssueIsNotQuickFixable() { + void givenNotQuickFixableIssue_returnIssueIsNotQuickFixable() { insertIssues(i -> i.setQuickFixAvailable(false)); indexPermissionsAndIssues(); @@ -2159,7 +2199,7 @@ public class SearchActionIT { } @Test - public void givenQuickFixableIssue_returnIssueIsQuickFixable() { + void givenQuickFixableIssue_returnIssueIsQuickFixable() { insertIssues(i -> i.setQuickFixAvailable(true)); indexPermissionsAndIssues(); @@ -2170,7 +2210,7 @@ public class SearchActionIT { } @Test - public void paging() { + void paging() { RuleDto rule = newIssueRule(); ComponentDto project = db.components().insertPublicProject("PROJECT_ID", c -> c.setKey("PROJECT_KEY")).getMainBranchComponent(); indexPermissions(); @@ -2190,7 +2230,7 @@ public class SearchActionIT { } @Test - public void paging_with_page_size_to_minus_one() { + void paging_with_page_size_to_minus_one() { TestRequest requestWithNegativePageSize = ws.newRequest() .setParam(WebService.Param.PAGE, "1") .setParam(WebService.Param.PAGE_SIZE, "-1"); @@ -2201,7 +2241,7 @@ public class SearchActionIT { } @Test - public void default_page_size_is_100() { + void default_page_size_is_100() { ws.newRequest() .execute() .assertJson(this.getClass(), "default_page_size_is_100.json"); @@ -2209,7 +2249,7 @@ public class SearchActionIT { // SONAR-10217 @Test - public void empty_search_with_unknown_branch() { + void empty_search_with_unknown_branch() { SearchWsResponse response = ws.newRequest() .setParam("onComponentOnly", "true") .setParam("components", "foo") @@ -2222,7 +2262,7 @@ public class SearchActionIT { } @Test - public void empty_search() { + void empty_search() { SearchWsResponse response = ws.newRequest().executeProtobuf(SearchWsResponse.class); assertThat(response) @@ -2231,7 +2271,7 @@ public class SearchActionIT { } @Test - public void fail_when_invalid_format() { + void fail_when_invalid_format() { TestRequest invalidFormatRequest = ws.newRequest() .setParam(PARAM_CREATED_AFTER, "wrong-date-input"); @@ -2241,7 +2281,7 @@ public class SearchActionIT { } @Test - public void test_definition() { + void test_definition() { WebService.Action def = ws.getDef(); assertThat(def.key()).isEqualTo("search"); assertThat(def.isInternal()).isFalse(); @@ -2272,7 +2312,7 @@ public class SearchActionIT { } @Test - public void search_when_additional_field_set_return_context_key() { + void search_when_additional_field_set_return_context_key() { insertIssues(issue -> issue.setRuleDescriptionContextKey("spring")); indexPermissionsAndIssues(); @@ -2285,7 +2325,7 @@ public class SearchActionIT { } @Test - public void search_when_no_additional_field_return_empty_context_key() { + void search_when_no_additional_field_return_empty_context_key() { insertIssues(issue -> issue.setRuleDescriptionContextKey("spring")); indexPermissionsAndIssues(); @@ -2297,7 +2337,7 @@ public class SearchActionIT { } @Test - public void search_when_additional_field_but_no_context_key_return_empty_context_key() { + void search_when_additional_field_but_no_context_key_return_empty_context_key() { insertIssues(issue -> issue.setRuleDescriptionContextKey(null)); indexPermissionsAndIssues(); @@ -2310,7 +2350,7 @@ public class SearchActionIT { } @Test - public void search_when_additional_field_set_to_all_return_context_key() { + void search_when_additional_field_set_to_all_return_context_key() { insertIssues(issue -> issue.setRuleDescriptionContextKey("spring")); indexPermissionsAndIssues(); @@ -2323,7 +2363,7 @@ public class SearchActionIT { } @Test - public void search_whenFixedInPullRequestSetAndNoComponentsSet_throwException() { + void search_whenFixedInPullRequestSetAndNoComponentsSet_throwException() { TestRequest request = ws.newRequest() .setParam("fixedInPullRequest", "1000"); @@ -2333,7 +2373,7 @@ public class SearchActionIT { } @Test - public void search_whenFixedInPullRequestSetAndWrongBranchIsSet_throwException() { + void search_whenFixedInPullRequestSetAndWrongBranchIsSet_throwException() { String pullRequestId = "1000"; String pullRequestUuid = "pullRequestUuid"; userSession.logIn(db.users().insertUser()); @@ -2363,7 +2403,7 @@ public class SearchActionIT { } @Test - public void search_whenFixedInPullRequestSetAndProjectDoesNotExist_throwException() { + void search_whenFixedInPullRequestSetAndProjectDoesNotExist_throwException() { String pullRequestId = "1000"; String pullRequestUuid = "pullRequestUuid"; userSession.logIn(db.users().insertUser()); @@ -2385,7 +2425,7 @@ public class SearchActionIT { } @Test - public void search_whenWrongFixedInPullRequestSet_throwException() { + void search_whenWrongFixedInPullRequestSet_throwException() { String pullRequestId = "wrongPullRequest"; String pullRequestUuid = "pullRequestUuid"; userSession.logIn(db.users().insertUser()); @@ -2407,7 +2447,7 @@ public class SearchActionIT { } @Test - public void search_whenFixedInPullRequestSetAndNonExistingBranchIsSet_throwException() { + void search_whenFixedInPullRequestSetAndNonExistingBranchIsSet_throwException() { String pullRequestId = "1000"; String pullRequestUuid = "pullRequestUuid"; userSession.logIn(db.users().insertUser()); @@ -2430,7 +2470,7 @@ public class SearchActionIT { } @Test - public void search_whenFixedInPullRequestSetAndComponentsIsSetButNoIssueFixedInPR_returnZeroIssues() { + void search_whenFixedInPullRequestSetAndComponentsIsSetButNoIssueFixedInPR_returnZeroIssues() { String pullRequestId = "1000"; String pullRequestUuid = "pullRequestUuid"; String issueKey = "issueKey"; @@ -2456,7 +2496,7 @@ public class SearchActionIT { } @Test - public void search_whenFixedInPullRequestSetAndComponentsIsSet_returnOneIssueFixedInPR() { + void search_whenFixedInPullRequestSetAndComponentsIsSet_returnOneIssueFixedInPR() { String pullRequestId = "1000"; String pullRequestUuid = "pullRequestUuid"; String issueKey = "issueKey"; diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/TagsActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/TagsActionIT.java index 154bf219aea..f1d2b037b2c 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/TagsActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/issue/ws/TagsActionIT.java @@ -21,8 +21,9 @@ package org.sonar.server.issue.ws; import com.google.protobuf.ProtocolStringList; import java.util.function.Consumer; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.server.ws.WebService.Action; import org.sonar.api.server.ws.WebService.Param; import org.sonar.api.utils.System2; @@ -62,16 +63,18 @@ import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.component.ComponentTesting.newProjectCopy; import static org.sonar.test.JsonAssert.assertJson; -public class TagsActionIT { +class TagsActionIT { - @Rule - public UserSessionRule userSession = UserSessionRule.standalone(); - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = UserSessionRule.standalone(); + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + + private final Configuration config = mock(Configuration.class); - private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, new WebAuthorizationTypeSupport(userSession)); + private final IssueIndex issueIndex = new IssueIndex(es.client(), System2.INSTANCE, userSession, new WebAuthorizationTypeSupport(userSession), config); private final IssueIndexSyncProgressChecker issueIndexSyncProgressChecker = mock(IssueIndexSyncProgressChecker.class); private final IssueIndexer issueIndexer = new IssueIndexer(es.client(), db.getDbClient(), new IssueIteratorFactory(db.getDbClient()), null); private final ViewIndexer viewIndexer = new ViewIndexer(db.getDbClient(), es.client()); @@ -81,7 +84,7 @@ public class TagsActionIT { private final WsActionTester ws = new WsActionTester(new TagsAction(issueIndex, issueIndexSyncProgressChecker, db.getDbClient(), new ComponentFinder(db.getDbClient(), resourceTypes))); @Test - public void search_tags() { + void search_tags() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -97,7 +100,7 @@ public class TagsActionIT { } @Test - public void search_tags_ignores_hotspots() { + void search_tags_ignores_hotspots() { ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); RuleDto issueRule = db.rules().insertIssueRule(); @@ -113,7 +116,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_query() { + void search_tags_by_query() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -126,7 +129,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_query_ignores_hotspots() { + void search_tags_by_query_ignores_hotspots() { RuleDto issueRule = db.rules().insertIssueRule(); RuleDto hotspotRule = db.rules().insertHotspotRule(); ProjectData projectData = db.components().insertPrivateProject(); @@ -146,7 +149,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_project() { + void search_tags_by_project() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData1 = db.components().insertPrivateProject(); ComponentDto mainBranch1 = projectData1.getMainBranchComponent(); @@ -163,7 +166,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_branch_equals_main_branch() { + void search_tags_by_branch_equals_main_branch() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -179,7 +182,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_branch() { + void search_tags_by_branch() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -195,7 +198,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_branch_not_exist_fall_back_to_main_branch() { + void search_tags_by_branch_not_exist_fall_back_to_main_branch() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -211,7 +214,7 @@ public class TagsActionIT { } @Test - public void search_all_tags_by_query() { + void search_all_tags_by_query() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -227,7 +230,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_project_ignores_hotspots() { + void search_tags_by_project_ignores_hotspots() { RuleDto issueRule = db.rules().insertIssueRule(); RuleDto hotspotRule = db.rules().insertHotspotRule(); ProjectData projectData1 = db.components().insertPrivateProject(); @@ -246,7 +249,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_portfolio() { + void search_tags_by_portfolio() { ComponentDto portfolio = db.components().insertPrivatePortfolio(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -261,7 +264,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_portfolio_ignores_hotspots() { + void search_tags_by_portfolio_ignores_hotspots() { ComponentDto portfolio = db.components().insertPrivatePortfolio(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -278,7 +281,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_application() { + void search_tags_by_application() { ProjectData applicationData = db.components().insertPrivateApplication(); ComponentDto application = applicationData.getMainBranchComponent(); ProjectData projectData = db.components().insertPrivateProject(); @@ -295,7 +298,7 @@ public class TagsActionIT { } @Test - public void search_tags_by_application_ignores_hotspots() { + void search_tags_by_application_ignores_hotspots() { ComponentDto application = db.components().insertPrivateApplication().getMainBranchComponent(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto project = projectData.getMainBranchComponent(); @@ -312,7 +315,7 @@ public class TagsActionIT { } @Test - public void return_limited_size() { + void return_limited_size() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -329,7 +332,7 @@ public class TagsActionIT { } @Test - public void do_not_return_issues_without_permission() { + void do_not_return_issues_without_permission() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch1 = projectData.getMainBranchComponent(); @@ -346,7 +349,7 @@ public class TagsActionIT { } @Test - public void empty_list() { + void empty_list() { TagsResponse result = ws.newRequest().executeProtobuf(TagsResponse.class); assertThat(result.getTagsList()).isEmpty(); @@ -357,7 +360,7 @@ public class TagsActionIT { } @Test - public void fail_when_project_parameter_does_not_match_a_project() { + void fail_when_project_parameter_does_not_match_a_project() { ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); ComponentDto file = db.components().insertComponent(newFileDto(mainBranch)); @@ -374,7 +377,7 @@ public class TagsActionIT { } @Test - public void json_example() { + void json_example() { RuleDto rule = db.rules().insertIssueRule(); ProjectData projectData = db.components().insertPrivateProject(); ComponentDto mainBranch = projectData.getMainBranchComponent(); @@ -390,7 +393,7 @@ public class TagsActionIT { } @Test - public void definition() { + void definition() { userSession.logIn(); Action action = ws.getDef(); assertThat(action.description()).isNotEmpty(); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileComparisonIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileComparisonIT.java index c43f242f8c2..be023cf9b27 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileComparisonIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileComparisonIT.java @@ -74,6 +74,8 @@ class QProfileComparisonIT { @RegisterExtension private final EsTester es = EsTester.create(); + private final Configuration config = mock(Configuration.class); + private DbSession dbSession; private QProfileRules qProfileRules; private QProfileComparison comparison; @@ -87,7 +89,7 @@ class QProfileComparisonIT { void before() { DbClient db = dbTester.getDbClient(); dbSession = db.openSession(false); - RuleIndex ruleIndex = new RuleIndex(es.client(), System2.INSTANCE); + RuleIndex ruleIndex = new RuleIndex(es.client(), System2.INSTANCE, config); ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(db, es.client()); QualityProfileChangeEventService qualityProfileChangeEventService = mock(QualityProfileChangeEventService.class); SonarQubeVersion sonarQubeVersion = new SonarQubeVersion(Version.create(10, 3)); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileRuleImplIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileRuleImplIT.java index cb69acb5b83..a584c562fbd 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileRuleImplIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileRuleImplIT.java @@ -90,22 +90,23 @@ class QProfileRuleImplIT { private System2 system2 = new AlwaysIncreasingSystem2(); @RegisterExtension - public DbTester db = DbTester.create(system2); + private final DbTester db = DbTester.create(system2); @RegisterExtension - public EsTester es = EsTester.create(); + private final EsTester es = EsTester.create(); @RegisterExtension - public UserSessionRule userSession = UserSessionRule.standalone(); - private RuleIndex ruleIndex = new RuleIndex(es.client(), system2); - private ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(db.getDbClient(), es.client()); - private RuleIndexer ruleIndexer = new RuleIndexer(es.client(), db.getDbClient()); - private TypeValidations typeValidations = new TypeValidations(asList(new StringTypeValidation(), new IntegerTypeValidation())); - private QualityProfileChangeEventService qualityProfileChangeEventService = mock(QualityProfileChangeEventService.class); - private Configuration configuration = mock(Configuration.class); + private final UserSessionRule userSession = UserSessionRule.standalone(); + private final Configuration config = mock(Configuration.class); + private final RuleIndex ruleIndex = new RuleIndex(es.client(), system2, config); + private final ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(db.getDbClient(), es.client()); + private final RuleIndexer ruleIndexer = new RuleIndexer(es.client(), db.getDbClient()); + private final TypeValidations typeValidations = new TypeValidations(asList(new StringTypeValidation(), new IntegerTypeValidation())); + private final QualityProfileChangeEventService qualityProfileChangeEventService = mock(QualityProfileChangeEventService.class); + private final Configuration configuration = mock(Configuration.class); private final SonarQubeVersion sonarQubeVersion = new SonarQubeVersion(Version.create(10, 3)); - private RuleActivator ruleActivator = new RuleActivator(system2, db.getDbClient(), UuidFactoryImpl.INSTANCE, typeValidations, userSession, configuration, - sonarQubeVersion); - private QProfileRules underTest = new QProfileRulesImpl(db.getDbClient(), ruleActivator, ruleIndex, activeRuleIndexer, + private final RuleActivator ruleActivator = new RuleActivator(system2, db.getDbClient(), UuidFactoryImpl.INSTANCE, typeValidations, + userSession, configuration, sonarQubeVersion); + private final QProfileRules underTest = new QProfileRulesImpl(db.getDbClient(), ruleActivator, ruleIndex, activeRuleIndexer, qualityProfileChangeEventService); @Test diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileRulesImplIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileRulesImplIT.java index 5d2ca42bafd..40713bf6804 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileRulesImplIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/QProfileRulesImplIT.java @@ -57,21 +57,23 @@ import static org.mockito.Mockito.verify; class QProfileRulesImplIT { @RegisterExtension - public UserSessionRule userSession = UserSessionRule.standalone(); + private final UserSessionRule userSession = UserSessionRule.standalone(); @RegisterExtension - public DbTester db = DbTester.create(); + private final DbTester db = DbTester.create(); @RegisterExtension - public EsTester es = EsTester.create(); + private final EsTester es = EsTester.create(); - private RuleIndex ruleIndex = new RuleIndex(es.client(), System2.INSTANCE); - private ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(db.getDbClient(), es.client()); + private final Configuration config = mock(Configuration.class); + + private final RuleIndex ruleIndex = new RuleIndex(es.client(), System2.INSTANCE, config); + private final ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(db.getDbClient(), es.client()); private final SonarQubeVersion sonarQubeVersion = new SonarQubeVersion(Version.create(10, 3)); - private RuleActivator ruleActivator = new RuleActivator(System2.INSTANCE, db.getDbClient(), UuidFactoryImpl.INSTANCE, + private final RuleActivator ruleActivator = new RuleActivator(System2.INSTANCE, db.getDbClient(), UuidFactoryImpl.INSTANCE, new TypeValidations(singletonList(new IntegerTypeValidation())), userSession, mock(Configuration.class), sonarQubeVersion); - private QualityProfileChangeEventService qualityProfileChangeEventService = mock(QualityProfileChangeEventService.class); + private final QualityProfileChangeEventService qualityProfileChangeEventService = mock(QualityProfileChangeEventService.class); - private QProfileRules qProfileRules = new QProfileRulesImpl(db.getDbClient(), ruleActivator, ruleIndex, activeRuleIndexer, + private final QProfileRules qProfileRules = new QProfileRulesImpl(db.getDbClient(), ruleActivator, ruleIndex, activeRuleIndexer, qualityProfileChangeEventService); @Test diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/ChangeParentActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/ChangeParentActionIT.java index 09918db2335..af009bc29b2 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/ChangeParentActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/ChangeParentActionIT.java @@ -21,9 +21,9 @@ package org.sonar.server.qualityprofile.ws; import java.util.Collections; import java.util.List; -import org.junit.Before; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; import org.sonar.api.config.Configuration; import org.sonar.api.resources.Language; import org.sonar.api.resources.Languages; @@ -77,12 +77,12 @@ import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters. public class ChangeParentActionIT { - @Rule - public DbTester db = DbTester.create(System2.INSTANCE); - @Rule - public EsTester es = EsTester.create(); - @Rule - public UserSessionRule userSession = UserSessionRule.standalone(); + @RegisterExtension + private final DbTester db = DbTester.create(System2.INSTANCE); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = UserSessionRule.standalone(); private DbClient dbClient; private DbSession dbSession; @@ -90,17 +90,18 @@ public class ChangeParentActionIT { private RuleIndexer ruleIndexer; private ActiveRuleIndexer activeRuleIndexer; private WsActionTester ws; - private Language language = LanguageTesting.newLanguage(secure().nextAlphanumeric(20)); - private String ruleRepository = secure().nextAlphanumeric(5); + private final Language language = LanguageTesting.newLanguage(secure().nextAlphanumeric(20)); + private final String ruleRepository = secure().nextAlphanumeric(5); private QProfileTreeImpl qProfileTree; private SonarQubeVersion sonarQubeVersion; + private final Configuration config = mock(Configuration.class); - @Before - public void setUp() { + @BeforeEach + void setUp() { dbClient = db.getDbClient(); dbSession = db.getSession(); EsClient esClient = es.client(); - ruleIndex = new RuleIndex(esClient, System2.INSTANCE); + ruleIndex = new RuleIndex(esClient, System2.INSTANCE, config); ruleIndexer = new RuleIndexer(esClient, dbClient); activeRuleIndexer = new ActiveRuleIndexer(dbClient, esClient); TypeValidations typeValidations = new TypeValidations(Collections.emptyList()); @@ -122,7 +123,7 @@ public class ChangeParentActionIT { } @Test - public void definition() { + void definition() { WebService.Action definition = ws.getDef(); assertThat(definition.isPost()).isTrue(); assertThat(definition.params()).extracting(Param::key).containsExactlyInAnyOrder( @@ -130,7 +131,7 @@ public class ChangeParentActionIT { } @Test - public void change_parent_with_no_parent_before() { + void change_parent_with_no_parent_before() { QProfileDto parent1 = createProfile(); QProfileDto child = createProfile(); @@ -158,7 +159,7 @@ public class ChangeParentActionIT { } @Test - public void replace_existing_parent() { + void replace_existing_parent() { QProfileDto parent1 = createProfile(); QProfileDto parent2 = createProfile(); QProfileDto child = createProfile(); @@ -190,7 +191,7 @@ public class ChangeParentActionIT { } @Test - public void remove_parent() { + void remove_parent() { QProfileDto parent = createProfile(); QProfileDto child = createProfile(); @@ -216,7 +217,7 @@ public class ChangeParentActionIT { } @Test - public void change_parent_with_names() { + void change_parent_with_names() { QProfileDto parent1 = createProfile(); QProfileDto parent2 = createProfile(); QProfileDto child = createProfile(); @@ -272,7 +273,7 @@ public class ChangeParentActionIT { } @Test - public void remove_parent_with_empty_key() { + void remove_parent_with_empty_key() { QProfileDto parent = createProfile(); QProfileDto child = createProfile(); @@ -300,7 +301,7 @@ public class ChangeParentActionIT { } @Test - public void as_qprofile_editor() { + void as_qprofile_editor() { QProfileDto parent1 = createProfile(); QProfileDto parent2 = createProfile(); QProfileDto child = createProfile(); @@ -332,7 +333,7 @@ public class ChangeParentActionIT { } @Test - public void fail_if_built_in_profile() { + void fail_if_built_in_profile() { QProfileDto child = db.qualityProfiles().insert(p -> p .setLanguage(language.getKey()) .setIsBuiltIn(true)); @@ -351,7 +352,7 @@ public class ChangeParentActionIT { } @Test - public void fail_if_missing_permission() { + void fail_if_missing_permission() { userSession.logIn(db.users().insertUser()); QProfileDto child = createProfile(); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/CreateActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/CreateActionIT.java index 5791cfb7d5d..d5679db9da0 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/CreateActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/CreateActionIT.java @@ -23,8 +23,8 @@ import com.google.common.collect.ImmutableMap; import java.io.Reader; import java.util.Collections; import java.util.Map; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; import org.sonar.api.config.Configuration; import org.sonar.api.profiles.ProfileImporter; import org.sonar.api.profiles.RulesProfile; @@ -72,39 +72,40 @@ import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFIL import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.server.language.LanguageTesting.newLanguages; -public class CreateActionIT { +class CreateActionIT { private static final String XOO_LANGUAGE = "xoo"; private static final RuleDto RULE = RuleTesting.newXooX1() .setSeverity("MINOR") .setLanguage(XOO_LANGUAGE); - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); - @Rule - public UserSessionRule userSession = UserSessionRule.standalone(); - - private DbClient dbClient = db.getDbClient(); - private DbSession dbSession = db.getSession(); - private RuleIndex ruleIndex = new RuleIndex(es.client(), System2.INSTANCE); - private RuleIndexer ruleIndexer = new RuleIndexer(es.client(), dbClient); - private ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(dbClient, es.client()); - private ProfileImporter[] profileImporters = createImporters(); - private QualityProfileChangeEventService qualityProfileChangeEventService = mock(QualityProfileChangeEventService.class); + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = UserSessionRule.standalone(); + + private final Configuration config = mock(Configuration.class); + private final DbClient dbClient = db.getDbClient(); + private final DbSession dbSession = db.getSession(); + private final RuleIndex ruleIndex = new RuleIndex(es.client(), System2.INSTANCE, config); + private final RuleIndexer ruleIndexer = new RuleIndexer(es.client(), dbClient); + private final ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(dbClient, es.client()); + private final ProfileImporter[] profileImporters = createImporters(); + private final QualityProfileChangeEventService qualityProfileChangeEventService = mock(QualityProfileChangeEventService.class); private final SonarQubeVersion sonarQubeVersion = new SonarQubeVersion(Version.create(10, 3)); - private RuleActivator ruleActivator = new RuleActivator(System2.INSTANCE, dbClient, UuidFactoryImpl.INSTANCE, null, userSession, mock(Configuration.class), sonarQubeVersion); - private QProfileRules qProfileRules = new QProfileRulesImpl(dbClient, ruleActivator, ruleIndex, activeRuleIndexer, qualityProfileChangeEventService); - private QProfileExporters qProfileExporters = new QProfileExporters(dbClient, null, qProfileRules, profileImporters); + private final RuleActivator ruleActivator = new RuleActivator(System2.INSTANCE, dbClient, UuidFactoryImpl.INSTANCE, null, userSession, mock(Configuration.class), sonarQubeVersion); + private final QProfileRules qProfileRules = new QProfileRulesImpl(dbClient, ruleActivator, ruleIndex, activeRuleIndexer, qualityProfileChangeEventService); + private final QProfileExporters qProfileExporters = new QProfileExporters(dbClient, null, qProfileRules, profileImporters); - private CreateAction underTest = new CreateAction(dbClient, new QProfileFactoryImpl(dbClient, UuidFactoryFast.getInstance(), System2.INSTANCE, activeRuleIndexer), + private final CreateAction underTest = new CreateAction(dbClient, new QProfileFactoryImpl(dbClient, UuidFactoryFast.getInstance(), System2.INSTANCE, activeRuleIndexer), qProfileExporters, newLanguages(XOO_LANGUAGE), userSession, activeRuleIndexer, profileImporters); private WsActionTester ws = new WsActionTester(underTest); @Test - public void definition() { + void definition() { WebService.Action definition = ws.getDef(); assertThat(definition.responseExampleAsString()).isNotEmpty(); @@ -114,7 +115,7 @@ public class CreateActionIT { } @Test - public void create_profile() { + void create_profile() { logInAsQProfileAdministrator(); CreateWsResponse response = executeRequest("New Profile", XOO_LANGUAGE); @@ -135,7 +136,7 @@ public class CreateActionIT { } @Test - public void create_profile_from_backup_xml() { + void create_profile_from_backup_xml() { logInAsQProfileAdministrator(); insertRule(RULE); @@ -148,7 +149,7 @@ public class CreateActionIT { } @Test - public void create_profile_with_messages() { + void create_profile_with_messages() { logInAsQProfileAdministrator(); CreateWsResponse response = executeRequest("Profile with messages", XOO_LANGUAGE, ImmutableMap.of("with_messages", "")); @@ -159,7 +160,7 @@ public class CreateActionIT { } @Test - public void fail_if_unsufficient_privileges() { + void fail_if_unsufficient_privileges() { userSession .logIn() .addPermission(SCAN); @@ -174,7 +175,7 @@ public class CreateActionIT { } @Test - public void fail_if_import_generate_error() { + void fail_if_import_generate_error() { logInAsQProfileAdministrator(); assertThatThrownBy(() -> { @@ -184,7 +185,7 @@ public class CreateActionIT { } @Test - public void test_json() { + void test_json() { logInAsQProfileAdministrator(); TestResponse response = ws.newRequest() diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/InheritanceActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/InheritanceActionIT.java index 0beec33b7b6..8e2631dc5d1 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/InheritanceActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/InheritanceActionIT.java @@ -23,8 +23,8 @@ import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; import java.util.Date; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; import org.sonar.api.config.Configuration; import org.sonar.api.resources.Languages; import org.sonar.api.rule.RuleKey; @@ -71,36 +71,37 @@ import static org.sonarqube.ws.MediaTypes.PROTOBUF; import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_LANGUAGE; import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_QUALITY_PROFILE; -public class InheritanceActionIT { +class InheritanceActionIT { - @Rule - public DbTester db = DbTester.create(); - @Rule - public EsTester es = EsTester.create(); - @Rule - public UserSessionRule userSession = UserSessionRule.standalone(); + @RegisterExtension + private final DbTester db = DbTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final UserSessionRule userSession = UserSessionRule.standalone(); - private DbClient dbClient = db.getDbClient(); - private DbSession dbSession = db.getSession(); - private EsClient esClient = es.client(); - private RuleIndexer ruleIndexer = new RuleIndexer(esClient, dbClient); - private ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(dbClient, esClient); + private final DbClient dbClient = db.getDbClient(); + private final DbSession dbSession = db.getSession(); + private final EsClient esClient = es.client(); + private final RuleIndexer ruleIndexer = new RuleIndexer(esClient, dbClient); + private final ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(dbClient, esClient); + private final Configuration config = mock(Configuration.class); - private RuleIndex ruleIndex = new RuleIndex(esClient, System2.INSTANCE); - private QualityProfileChangeEventService qualityProfileChangeEventService = mock(QualityProfileChangeEventService.class); + private final RuleIndex ruleIndex = new RuleIndex(esClient, System2.INSTANCE, config); + private final QualityProfileChangeEventService qualityProfileChangeEventService = mock(QualityProfileChangeEventService.class); private final SonarQubeVersion sonarQubeVersion = new SonarQubeVersion(Version.create(10, 3)); - private RuleActivator ruleActivator = new RuleActivator(System2.INSTANCE, dbClient, UuidFactoryImpl.INSTANCE, new TypeValidations(new ArrayList<>()), userSession, + private final RuleActivator ruleActivator = new RuleActivator(System2.INSTANCE, dbClient, UuidFactoryImpl.INSTANCE, new TypeValidations(new ArrayList<>()), userSession, mock(Configuration.class), sonarQubeVersion); - private QProfileRules qProfileRules = new QProfileRulesImpl(dbClient, ruleActivator, ruleIndex, activeRuleIndexer, qualityProfileChangeEventService); - private QProfileTree qProfileTree = new QProfileTreeImpl(dbClient, ruleActivator, System2.INSTANCE, activeRuleIndexer, mock(QualityProfileChangeEventService.class)); + private final QProfileRules qProfileRules = new QProfileRulesImpl(dbClient, ruleActivator, ruleIndex, activeRuleIndexer, qualityProfileChangeEventService); + private final QProfileTree qProfileTree = new QProfileTreeImpl(dbClient, ruleActivator, System2.INSTANCE, activeRuleIndexer, mock(QualityProfileChangeEventService.class)); - private WsActionTester ws = new WsActionTester(new InheritanceAction( + private final WsActionTester ws = new WsActionTester(new InheritanceAction( dbClient, new QProfileWsSupport(dbClient, userSession), new Languages())); @Test - public void inheritance_nominal() { + void inheritance_nominal() { RuleDto rule1 = createRule("xoo", "rule1"); RuleDto rule2 = createRule("xoo", "rule2"); RuleDto rule3 = createRule("xoo", "rule3"); @@ -142,7 +143,7 @@ public class InheritanceActionIT { } @Test - public void inheritance_parent_child() throws Exception { + void inheritance_parent_child() throws Exception { String language = "java"; RuleDto rule1 = db.rules().insert(r -> r.setLanguage(language)); RuleDto rule2 = db.rules().insert(r -> r.setLanguage(language)); @@ -176,7 +177,7 @@ public class InheritanceActionIT { } @Test - public void handle_whenNoRulesActivated_shouldReturnExpectedInactivateRulesForLanguage() throws IOException { + void handle_whenNoRulesActivated_shouldReturnExpectedInactivateRulesForLanguage() throws IOException { String language = "java"; QProfileDto qualityProfile = db.qualityProfiles().insert(p -> p.setLanguage(language)); RuleDto rule = db.rules().insert(r -> r.setLanguage(language)); @@ -196,7 +197,7 @@ public class InheritanceActionIT { } @Test - public void inheritance_ignores_removed_rules() throws Exception { + void inheritance_ignores_removed_rules() throws Exception { RuleDto rule = db.rules().insert(r -> r.setStatus(RuleStatus.REMOVED)); ruleIndexer.commitAndIndex(db.getSession(), rule.getUuid()); @@ -219,7 +220,7 @@ public class InheritanceActionIT { } @Test - public void inheritance_no_family() { + void inheritance_no_family() { // Simple profile, no parent, no child QProfileDto remi = createProfile("xoo", "Nobodys Boy", "xoo-nobody-s-boy-01234"); @@ -233,7 +234,7 @@ public class InheritanceActionIT { } @Test - public void fail_if_not_found() { + void fail_if_not_found() { assertThatThrownBy(() -> { ws.newRequest() .setParam(PARAM_LANGUAGE, "xoo") @@ -244,7 +245,7 @@ public class InheritanceActionIT { } @Test - public void definition() { + void definition() { WebService.Action definition = ws.getDef(); assertThat(definition.key()).isEqualTo("inheritance"); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/QProfilesWsMediumIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/QProfilesWsMediumIT.java index eda3f7012da..a627f8aba3d 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/QProfilesWsMediumIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/qualityprofile/ws/QProfilesWsMediumIT.java @@ -22,9 +22,9 @@ package org.sonar.server.qualityprofile.ws; import com.google.common.collect.ImmutableSet; import java.util.Collections; import java.util.Optional; -import org.junit.Before; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; import org.sonar.api.config.Configuration; import org.sonar.api.rule.RuleKey; import org.sonar.api.rule.RuleStatus; @@ -73,18 +73,19 @@ import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters. import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_TARGET_KEY; import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_TARGET_SEVERITY; -public class QProfilesWsMediumIT { +class QProfilesWsMediumIT { - @Rule - public UserSessionRule userSessionRule = UserSessionRule.standalone().logIn(); - @Rule - public EsTester es = EsTester.create(); - @Rule - public DbTester dbTester = DbTester.create(); + @RegisterExtension + private final UserSessionRule userSessionRule = UserSessionRule.standalone().logIn(); + @RegisterExtension + private final EsTester es = EsTester.create(); + @RegisterExtension + private final DbTester dbTester = DbTester.create(); + private final Configuration config = mock(Configuration.class); private final DbClient dbClient = dbTester.getDbClient(); private final DbSession dbSession = dbTester.getSession(); - private final RuleIndex ruleIndex = new RuleIndex(es.client(), System2.INSTANCE); + private final RuleIndex ruleIndex = new RuleIndex(es.client(), System2.INSTANCE, config); private final RuleIndexer ruleIndexer = new RuleIndexer(es.client(), dbClient); private final ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(dbClient, es.client()); private final TypeValidations typeValidations = new TypeValidations(emptyList()); @@ -101,15 +102,15 @@ public class QProfilesWsMediumIT { private final WsActionTester wsActivateRule = new WsActionTester(new ActivateRuleAction(dbClient, qProfileRules, userSessionRule, qProfileWsSupport)); private final WsActionTester wsActivateRules = new WsActionTester(new ActivateRulesAction(ruleQueryFactory, userSessionRule, qProfileRules, qProfileWsSupport, dbClient)); - @Before - public void before() { + @BeforeEach + void before() { userSessionRule.logIn().setSystemAdministrator(); userSessionRule.addPermission(GlobalPermission.ADMINISTER); userSessionRule.addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES); } @Test - public void deactivate_rule() { + void deactivate_rule() { QProfileDto profile = createProfile("java"); RuleDto rule = createRule(profile.getLanguage(), "toto"); createActiveRule(rule, profile); @@ -131,7 +132,7 @@ public class QProfilesWsMediumIT { } @Test - public void bulk_deactivate_rule() { + void bulk_deactivate_rule() { QProfileDto profile = createProfile("java"); RuleDto rule0 = createRule(profile.getLanguage(), "toto1"); RuleDto rule1 = createRule(profile.getLanguage(), "toto2"); @@ -158,7 +159,7 @@ public class QProfilesWsMediumIT { } @Test - public void bulk_deactivate_rule_not_all() { + void bulk_deactivate_rule_not_all() { QProfileDto profile = createProfile("java"); QProfileDto php = createProfile("php"); RuleDto rule0 = createRule(profile.getLanguage(), "toto1"); @@ -185,7 +186,7 @@ public class QProfilesWsMediumIT { } @Test - public void bulk_deactivate_rule_by_profile() { + void bulk_deactivate_rule_by_profile() { QProfileDto profile = createProfile("java"); RuleDto rule0 = createRule(profile.getLanguage(), "hello"); RuleDto rule1 = createRule(profile.getLanguage(), "world"); @@ -209,7 +210,7 @@ public class QProfilesWsMediumIT { } @Test - public void activate_rule() { + void activate_rule() { QProfileDto profile = createProfile("java"); RuleDto rule = createRule(profile.getLanguage(), "toto"); ruleIndexer.commitAndIndex(dbSession, rule.getUuid()); @@ -229,7 +230,7 @@ public class QProfilesWsMediumIT { } @Test - public void activate_rule_diff_languages() { + void activate_rule_diff_languages() { QProfileDto profile = createProfile("java"); RuleDto rule = createRule("php", "toto"); ruleIndexer.commitAndIndex(dbSession, rule.getUuid()); @@ -251,7 +252,7 @@ public class QProfilesWsMediumIT { } @Test - public void activate_rule_override_severity() { + void activate_rule_override_severity() { QProfileDto profile = createProfile("java"); RuleDto rule = createRule(profile.getLanguage(), "toto"); ruleIndexer.commitAndIndex(dbSession, rule.getUuid()); @@ -276,7 +277,7 @@ public class QProfilesWsMediumIT { } @Test - public void bulk_activate_rule() { + void bulk_activate_rule() { QProfileDto profile = createProfile("java"); createRule(profile.getLanguage(), "toto"); createRule(profile.getLanguage(), "tata"); @@ -300,7 +301,7 @@ public class QProfilesWsMediumIT { } @Test - public void bulk_activate_rule_not_all() { + void bulk_activate_rule_not_all() { QProfileDto java = createProfile("java"); QProfileDto php = createProfile("php"); createRule(java.getLanguage(), "toto"); @@ -325,7 +326,7 @@ public class QProfilesWsMediumIT { } @Test - public void bulk_activate_rule_by_query() { + void bulk_activate_rule_by_query() { QProfileDto profile = createProfile("java"); createRule(profile.getLanguage(), "toto"); createRule(profile.getLanguage(), "tata"); @@ -358,7 +359,7 @@ public class QProfilesWsMediumIT { } @Test - public void bulk_activate_rule_by_query_with_severity() { + void bulk_activate_rule_by_query_with_severity() { QProfileDto profile = createProfile("java"); RuleDto rule0 = createRule(profile.getLanguage(), "toto"); RuleDto rule1 = createRule(profile.getLanguage(), "tata"); @@ -389,7 +390,7 @@ public class QProfilesWsMediumIT { } @Test - public void does_not_return_warnings_when_bulk_activate_on_profile_and_rules_exist_on_another_language_than_profile() { + void does_not_return_warnings_when_bulk_activate_on_profile_and_rules_exist_on_another_language_than_profile() { QProfileDto javaProfile = createProfile("java"); createRule(javaProfile.getLanguage(), "toto"); createRule(javaProfile.getLanguage(), "tata"); @@ -412,7 +413,7 @@ public class QProfilesWsMediumIT { } @Test - public void reset() { + void reset() { QProfileDto profile = QualityProfileTesting.newQualityProfileDto().setLanguage("java"); QProfileDto childProfile = QualityProfileTesting.newQualityProfileDto().setParentKee(profile.getKee()).setLanguage("java"); dbClient.qualityProfileDao().insert(dbSession, profile, childProfile); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/RuleUpdaterIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/RuleUpdaterIT.java index 8d25bc05a23..89a0a37345e 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/RuleUpdaterIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/RuleUpdaterIT.java @@ -26,8 +26,9 @@ import java.time.Instant; import java.util.List; import java.util.Map; import java.util.stream.Collectors; -import org.junit.Rule; -import org.junit.Test; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.api.extension.RegisterExtension; +import org.sonar.api.config.Configuration; import org.sonar.api.impl.utils.TestSystem2; import org.sonar.api.issue.impact.SoftwareQuality; import org.sonar.api.rule.RuleKey; @@ -61,6 +62,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatNoException; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.Assertions.tuple; +import static org.mockito.Mockito.mock; import static org.sonar.api.rule.Severity.CRITICAL; import static org.sonar.db.rule.RuleTesting.newCustomRule; import static org.sonar.db.rule.RuleTesting.newRule; @@ -68,22 +70,24 @@ import static org.sonar.db.rule.RuleTesting.newTemplateRule; import static org.sonar.server.rule.RuleUpdate.createForCustomRule; import static org.sonar.server.rule.RuleUpdate.createForPluginRule; -public class RuleUpdaterIT { +class RuleUpdaterIT { - static final RuleKey RULE_KEY = RuleKey.of("java", "S001"); + private static final RuleKey RULE_KEY = RuleKey.of("java", "S001"); private final System2 system2 = new TestSystem2().setNow(Instant.now().toEpochMilli()); - @Rule - public UserSessionRule userSessionRule = UserSessionRule.standalone(); + @RegisterExtension + private final UserSessionRule userSessionRule = UserSessionRule.standalone(); - @Rule - public DbTester db = DbTester.create(system2); + @RegisterExtension + private final DbTester db = DbTester.create(system2); - @Rule - public EsTester es = EsTester.create(); + @RegisterExtension + private final EsTester es = EsTester.create(); - private final RuleIndex ruleIndex = new RuleIndex(es.client(), system2); + private final Configuration config = mock(Configuration.class); + + private final RuleIndex ruleIndex = new RuleIndex(es.client(), system2, config); private final RuleIndexer ruleIndexer = new RuleIndexer(es.client(), db.getDbClient()); private final DbSession dbSession = db.getSession(); @@ -91,7 +95,7 @@ public class RuleUpdaterIT { private final RuleUpdater underTest = new RuleUpdater(db.getDbClient(), ruleIndexer, uuidFactory, system2); @Test - public void do_update_rule_with_removed_status() { + void do_update_rule_with_removed_status() { db.rules().insert(newRule(RULE_KEY).setStatus(RuleStatus.REMOVED)); dbSession.commit(); @@ -107,7 +111,7 @@ public class RuleUpdaterIT { } @Test - public void no_changes() { + void no_changes() { RuleDto ruleDto = RuleTesting.newRule(RULE_KEY) // the following fields are not supposed to be updated .setNoteData("my *note*") @@ -134,7 +138,7 @@ public class RuleUpdaterIT { } @Test - public void set_markdown_note() { + void set_markdown_note() { UserDto user = db.users().insertUser(); userSessionRule.logIn(user); @@ -168,7 +172,7 @@ public class RuleUpdaterIT { } @Test - public void remove_markdown_note() { + void remove_markdown_note() { RuleDto ruleDto = RuleTesting.newRule(RULE_KEY) .setNoteData("my *note*") .setNoteUserUuid("me"); @@ -188,7 +192,7 @@ public class RuleUpdaterIT { } @Test - public void set_tags() { + void set_tags() { // insert db db.rules().insert(RuleTesting.newRule(RULE_KEY) .setTags(Sets.newHashSet("security")) @@ -210,7 +214,7 @@ public class RuleUpdaterIT { } @Test - public void remove_tags() { + void remove_tags() { RuleDto ruleDto = RuleTesting.newRule(RULE_KEY) .setUuid("57a3af91-32f8-48b0-9e11-0eac14ffa915") .setTags(Sets.newHashSet("security")) @@ -233,7 +237,7 @@ public class RuleUpdaterIT { } @Test - public void override_debt() { + void override_debt() { db.rules().insert(newRule(RULE_KEY) .setDefRemediationFunction(DebtRemediationFunction.Type.LINEAR_OFFSET.name()) .setDefRemediationGapMultiplier("1d") @@ -258,7 +262,7 @@ public class RuleUpdaterIT { } @Test - public void override_debt_only_offset() { + void override_debt_only_offset() { db.rules().insert(newRule(RULE_KEY) .setDefRemediationFunction(DebtRemediationFunction.Type.LINEAR.name()) .setDefRemediationGapMultiplier("1d") @@ -282,7 +286,7 @@ public class RuleUpdaterIT { } @Test - public void override_debt_from_linear_with_offset_to_constant() { + void override_debt_from_linear_with_offset_to_constant() { db.rules().insert(newRule(RULE_KEY) .setDefRemediationFunction(DebtRemediationFunction.Type.LINEAR_OFFSET.name()) .setDefRemediationGapMultiplier("1d") @@ -306,7 +310,7 @@ public class RuleUpdaterIT { } @Test - public void reset_remediation_function() { + void reset_remediation_function() { RuleDto ruleDto = RuleTesting.newRule(RULE_KEY) .setDefRemediationFunction(DebtRemediationFunction.Type.LINEAR.name()) .setDefRemediationGapMultiplier("1d") @@ -334,7 +338,7 @@ public class RuleUpdaterIT { } @Test - public void update_custom_rule() { + void update_custom_rule() { RuleDto templateRule = newTemplateRule(RuleKey.of("java", "S001")); db.rules().insert(templateRule); db.rules().insertRuleParam(templateRule, param -> param.setName("regex").setType("STRING").setDescription("Reg ex").setDefaultValue(".*")); @@ -385,7 +389,7 @@ public class RuleUpdaterIT { } @Test - public void update_custom_rule_with_empty_parameter() { + void update_custom_rule_with_empty_parameter() { RuleDto templateRule = newTemplateRule(RuleKey.of("java", "S001")); db.rules().insert(templateRule); db.rules().insertRuleParam(templateRule, param -> param.setName("regex").setType("STRING").setDescription("Reg ex").setDefaultValue(null)); @@ -415,7 +419,7 @@ public class RuleUpdaterIT { } @Test - public void update_active_rule_parameters_when_updating_custom_rule() { + void update_active_rule_parameters_when_updating_custom_rule() { // Create template rule with 3 parameters RuleDto templateRule = newTemplateRule(RuleKey.of("java", "S001")).setLanguage("xoo"); RuleDto templateRuleDefinition = templateRule; @@ -483,7 +487,7 @@ public class RuleUpdaterIT { } @Test - public void fail_to_update_custom_rule_when_empty_name() { + void fail_to_update_custom_rule_when_empty_name() { // Create template rule RuleDto templateRule = newTemplateRule(RuleKey.of("java", "S001")); db.rules().insert(templateRule); @@ -507,7 +511,7 @@ public class RuleUpdaterIT { } @Test - public void fail_to_update_custom_rule_when_empty_description() { + void fail_to_update_custom_rule_when_empty_description() { // Create template rule RuleDto templateRule = newTemplateRule(RuleKey.of("java", "S001")); db.rules().insert(templateRule); @@ -528,7 +532,7 @@ public class RuleUpdaterIT { } @Test - public void fail_to_update_plugin_rule_if_name_is_set() { + void fail_to_update_plugin_rule_if_name_is_set() { RuleDto ruleDto = db.rules().insert(newRule(RuleKey.of("java", "S01"))); dbSession.commit(); @@ -540,7 +544,7 @@ public class RuleUpdaterIT { } @Test - public void fail_to_update_plugin_rule_if_description_is_set() { + void fail_to_update_plugin_rule_if_description_is_set() { RuleDto ruleDto = db.rules().insert(newRule(RuleKey.of("java", "S01"))); dbSession.commit(); @@ -552,7 +556,7 @@ public class RuleUpdaterIT { } @Test - public void fail_to_update_plugin_rule_if_severity_is_set() { + void fail_to_update_plugin_rule_if_severity_is_set() { RuleDto ruleDto = db.rules().insert(newRule(RuleKey.of("java", "S01"))); dbSession.commit(); diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/ws/SearchActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/ws/SearchActionIT.java index ae0c5d36c9c..b62ea7e17b7 100644 --- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/ws/SearchActionIT.java +++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/rule/ws/SearchActionIT.java @@ -50,7 +50,6 @@ import org.sonar.api.utils.System2; import org.sonar.api.utils.Version; import org.sonar.core.platform.SonarQubeVersion; import org.sonar.core.util.UuidFactory; -import org.sonar.core.util.UuidFactoryFast; import org.sonar.core.util.UuidFactoryImpl; import org.sonar.db.DbTester; import org.sonar.db.issue.ImpactDto; @@ -119,15 +118,16 @@ class SearchActionIT { private static final String JAVA = "java"; @RegisterExtension - public UserSessionRule userSession = UserSessionRule.standalone(); + private final UserSessionRule userSession = UserSessionRule.standalone(); private final System2 system2 = new AlwaysIncreasingSystem2(); @RegisterExtension - public DbTester db = DbTester.create(system2); + private final DbTester db = DbTester.create(system2); @RegisterExtension - public EsTester es = EsTester.create(); + private final EsTester es = EsTester.create(); + private final Configuration config = mock(Configuration.class); - private final RuleIndex ruleIndex = new RuleIndex(es.client(), system2); + private final RuleIndex ruleIndex = new RuleIndex(es.client(), system2, config); private final RuleIndexer ruleIndexer = new RuleIndexer(es.client(), db.getDbClient()); private final ActiveRuleIndexer activeRuleIndexer = new ActiveRuleIndexer(db.getDbClient(), es.client()); private final Languages languages = LanguageTesting.newLanguages(JAVA, "js"); @@ -144,10 +144,10 @@ class SearchActionIT { private final QProfileRules qProfileRules = new QProfileRulesImpl(db.getDbClient(), ruleActivator, ruleIndex, activeRuleIndexer, qualityProfileChangeEventService); private final WsActionTester ws = new WsActionTester(underTest); - private final UuidFactory uuidFactory = UuidFactoryFast.getInstance(); + private final UuidFactory uuidFactory = UuidFactoryImpl.INSTANCE; @BeforeAll - public static void before() { + static void before() { doReturn("interpreted").when(macroInterpreter).interpret(anyString()); } -- 2.39.5