mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36235 Commits
59 Branches
Tree: 1a4f0d568f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1a4f0d568f'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/it/java/org/sonar/server/hotspot/ws/PullActionIT.java

PullActionIT.java 16KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.hotspot.ws;

  21. 

  22. import java.io.IOException;

  23. import java.io.InputStream;

  24. import java.util.ArrayList;

  25. import java.util.Date;

  26. import java.util.List;

  27. import java.util.function.Consumer;

  28. import java.util.stream.Stream;

  29. import org.junit.Before;

  30. import org.junit.Rule;

  31. import org.junit.Test;

  32. import org.sonar.api.issue.Issue;

  33. import org.sonar.api.resources.Qualifiers;

  34. import org.sonar.api.utils.System2;

  35. import org.sonar.db.DbTester;

  36. import org.sonar.db.component.BranchDto;

  37. import org.sonar.db.component.ComponentDto;

  38. import org.sonar.db.component.ProjectData;

  39. import org.sonar.db.component.ResourceTypesRule;

  40. import org.sonar.db.issue.IssueDbTester;

  41. import org.sonar.db.issue.IssueDto;

  42. import org.sonar.db.project.ProjectDto;

  43. import org.sonar.db.protobuf.DbCommons;

  44. import org.sonar.db.protobuf.DbIssues;

  45. import org.sonar.db.rule.RuleDto;

  46. import org.sonar.db.user.UserDto;

  47. import org.sonar.server.component.ComponentFinder;

  48. import org.sonar.server.exceptions.ForbiddenException;

  49. import org.sonar.server.exceptions.NotFoundException;

  50. import org.sonar.server.tester.UserSessionRule;

  51. import org.sonar.server.ws.TestRequest;

  52. import org.sonar.server.ws.TestResponse;

  53. import org.sonar.server.ws.WsActionTester;

  54. import org.sonarqube.ws.Common;

  55. import org.sonarqube.ws.Hotspots;

  56. import org.sonarqube.ws.Issues;

  57. 

  58. import static java.lang.String.format;

  59. import static org.assertj.core.api.Assertions.assertThat;

  60. import static org.assertj.core.api.Assertions.assertThatThrownBy;

  61. import static org.mockito.Mockito.mock;

  62. import static org.mockito.Mockito.when;

  63. import static org.sonar.api.web.UserRole.USER;

  64. import static org.sonar.db.component.BranchDto.DEFAULT_MAIN_BRANCH_NAME;

  65. import static org.sonar.db.component.ComponentTesting.newFileDto;

  66. 

  67. public class PullActionIT {

  68. 

  69.   private static final long NOW = 10_000_000_000L;

  70.   private static final long PAST = 1_000_000_000L;

  71. 

  72.   private static final String DEFAULT_BRANCH = DEFAULT_MAIN_BRANCH_NAME;

  73. 

  74.   @Rule

  75.   public UserSessionRule userSession = UserSessionRule.standalone();

  76. 

  77.   @Rule

  78.   public DbTester db = DbTester.create(System2.INSTANCE);

  79. 

  80.   private final System2 system2 = mock(System2.class);

  81.   private final PullHotspotsActionProtobufObjectGenerator pullActionProtobufObjectGenerator = new PullHotspotsActionProtobufObjectGenerator();

  82. 

  83.   private final ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);

  84.   private final ComponentFinder componentFinder = new ComponentFinder(db.getDbClient(), resourceTypes);

  85. 

  86.   private final IssueDbTester issueDbTester = new IssueDbTester(db);

  87. 

  88.   private final PullAction underTest = new PullAction(system2, componentFinder, db.getDbClient(), userSession,

  89.     pullActionProtobufObjectGenerator);

  90.   private final WsActionTester tester = new WsActionTester(underTest);

  91. 

  92.   private ProjectDto project;

  93.   private ComponentDto correctMainBranch, incorrectMainBranch;

  94.   private ComponentDto correctFile, incorrectFile;

  95. 

  96.   @Before

  97.   public void before() {

  98.     when(system2.now()).thenReturn(NOW);

  99.     ProjectData projectData = db.components().insertPrivateProject();

  100.     correctMainBranch = projectData.getMainBranchComponent();

  101.     project = projectData.getProjectDto();

  102. 

  103.     correctFile = db.components().insertComponent(newFileDto(correctMainBranch));

  104. 

  105.     ProjectData incorrectProjectData = db.components().insertPrivateProject();

  106.     incorrectMainBranch = incorrectProjectData.getMainBranchComponent();

  107.     incorrectFile = db.components().insertComponent(newFileDto(incorrectMainBranch));

  108.   }

  109. 

  110.   @Test

  111.   public void wsExecution_whenMissingParams_shouldThrowIllegalArgumentException() {

  112.     TestRequest request = tester.newRequest();

  113. 

  114.     assertThatThrownBy(() -> request.executeProtobuf(Issues.IssuesPullQueryTimestamp.class))

  115.       .isInstanceOf(IllegalArgumentException.class);

  116.   }

  117. 

  118.   @Test

  119.   public void wsExecution_whenNotExistingProjectKey_shouldThrowException() {

  120.     TestRequest request = tester.newRequest()

  121.       .setParam("projectKey", "projectKey")

  122.       .setParam("branchName", DEFAULT_BRANCH);

  123. 

  124.     assertThatThrownBy(request::execute)

  125.       .isInstanceOf(NotFoundException.class)

  126.       .hasMessage("Project 'projectKey' not found");

  127.   }

  128. 

  129.   @Test

  130.   public void wsExecution_whenValidProjectKeyWithoutPermissionsTo_shouldThrowException() {

  131.     userSession.logIn();

  132. 

  133.     TestRequest request = tester.newRequest()

  134.       .setParam("projectKey", correctMainBranch.getKey())

  135.       .setParam("branchName", DEFAULT_BRANCH);

  136. 

  137.     assertThatThrownBy(request::execute)

  138.       .isInstanceOf(ForbiddenException.class)

  139.       .hasMessage("Insufficient privileges");

  140.   }

  141. 

  142.   @Test

  143.   public void wsExecution_whenNotExistingBranchKey_shouldThrowException() {

  144.     DbCommons.TextRange textRange = DbCommons.TextRange.newBuilder()

  145.       .setStartLine(1)

  146.       .setEndLine(2)

  147.       .setStartOffset(3)

  148.       .setEndOffset(4)

  149.       .build();

  150.     DbIssues.Locations.Builder mainLocation = DbIssues.Locations.newBuilder()

  151.       .setChecksum("hash")

  152.       .setTextRange(textRange);

  153. 

  154.     RuleDto rule = db.rules().insertIssueRule(r -> r.setRepositoryKey("java").setRuleKey("S1000"));

  155.     IssueDto issueDto = issueDbTester.insertIssue(rule, p -> p.setSeverity("MINOR")

  156.       .setManualSeverity(true)

  157.       .setMessage("message")

  158.       .setCreatedAt(NOW)

  159.       .setStatus(Issue.STATUS_RESOLVED)

  160.       .setLocations(mainLocation.build())

  161.       .setType(Common.RuleType.BUG.getNumber()));

  162.     loginWithBrowsePermission(issueDto);

  163. 

  164.     TestRequest request = tester.newRequest()

  165.       .setParam("projectKey", issueDto.getProjectKey())

  166.       .setParam("branchName", "non-existent-branch");

  167. 

  168.     assertThatThrownBy(request::execute)

  169.       .isInstanceOf(NotFoundException.class)

  170.       .hasMessage(format("Branch 'non-existent-branch' in project '%s' not found", issueDto.getProjectKey()));

  171.   }

  172. 

  173.   @Test

  174.   public void wsExecution_whenValidProjectKeyAndOneHotspotOnBranch_shouldReturnOneHotspot() throws IOException {

  175.     DbCommons.TextRange textRange = DbCommons.TextRange.newBuilder()

  176.       .setStartLine(1)

  177.       .setEndLine(2)

  178.       .setStartOffset(3)

  179.       .setEndOffset(4)

  180.       .build();

  181.     DbIssues.Locations.Builder mainLocation = DbIssues.Locations.newBuilder()

  182.       .setChecksum("hash")

  183.       .setTextRange(textRange);

  184. 

  185.     UserDto assignee = db.users().insertUser();

  186.     IssueDto issueDto = issueDbTester.insertHotspot(p -> p.setSeverity("MINOR")

  187.       .setMessage("message")

  188.       .setAssigneeUuid(assignee.getUuid())

  189.       .setIssueCreationTime(NOW)

  190.       .setStatus(Issue.STATUS_TO_REVIEW)

  191.       .setLocations(mainLocation.build()));

  192. 

  193.     loginWithBrowsePermission(issueDto);

  194. 

  195.     TestResponse response = tester.newRequest()

  196.       .setParam("projectKey", issueDto.getProjectKey())

  197.       .setParam("branchName", DEFAULT_BRANCH)

  198.       .execute();

  199. 

  200.     List<Hotspots.HotspotLite> issues = readAllIssues(response);

  201. 

  202.     assertThat(issues).hasSize(1);

  203. 

  204.     Hotspots.TextRange expectedTextRange = Hotspots.TextRange.newBuilder()

  205.       .setStartLine(1)

  206.       .setEndLine(2)

  207.       .setStartLineOffset(3)

  208.       .setEndLineOffset(4)

  209.       .setHash("hash")

  210.       .build();

  211.     Hotspots.HotspotLite expectedHotspotLite = Hotspots.HotspotLite.newBuilder()

  212.       .setKey(issueDto.getKey())

  213.       .setFilePath(issueDto.getFilePath())

  214.       .setVulnerabilityProbability("LOW")

  215.       .setStatus(Issue.STATUS_TO_REVIEW)

  216.       .setMessage("message")

  217.       .setCreationDate(NOW)

  218.       .setTextRange(expectedTextRange)

  219.       .setRuleKey(issueDto.getRuleKey().toString())

  220.       .setAssignee(assignee.getLogin())

  221.       .build();

  222.     Hotspots.HotspotLite issueLite = issues.get(0);

  223.     assertThat(issueLite).isEqualTo(expectedHotspotLite);

  224.   }

  225. 

  226.   @Test

  227.   public void wsExecution_whenHotspotOnAnotherBranchThanMain_shouldReturnOneIssue() throws IOException {

  228.     ProjectData projectData = db.components().insertPrivateProjectWithCustomBranch("develop");

  229.     ProjectDto project = projectData.getProjectDto();

  230.     ComponentDto developBranch = projectData.getMainBranchComponent();

  231.     ComponentDto developFile = db.components().insertComponent(newFileDto(developBranch));

  232.     List<String> hotspotKeys = generateHotspots(developBranch, developFile, 1);

  233.     loginWithBrowsePermission(project);

  234. 

  235.     TestRequest request = tester.newRequest()

  236.       .setParam("projectKey", developBranch.getKey())

  237.       .setParam("branchName", "develop");

  238. 

  239.     TestResponse response = request.execute();

  240.     List<Hotspots.HotspotLite> issues = readAllIssues(response);

  241. 

  242.     assertThat(issues).hasSize(1)

  243.       .extracting(Hotspots.HotspotLite::getKey)

  244.       .containsExactlyInAnyOrderElementsOf(hotspotKeys);

  245.   }

  246. 

  247.   @Test

  248.   public void wsExecution_whenIncrementalModeThen_shouldReturnClosedIssues() throws IOException {

  249.     IssueDto toReviewHotspot = issueDbTester.insertHotspot(p -> p.setSeverity("MINOR")

  250.       .setMessage("toReviewHotspot")

  251.       .setCreatedAt(NOW)

  252.       .setStatus(Issue.STATUS_TO_REVIEW));

  253. 

  254.     issueDbTester.insertHotspot(p -> p.setSeverity("MINOR")

  255.       .setMessage("closedIssue")

  256.       .setCreatedAt(NOW)

  257.       .setStatus(Issue.STATUS_CLOSED)

  258.       .setComponentUuid(toReviewHotspot.getComponentUuid())

  259.       .setProjectUuid(toReviewHotspot.getProjectUuid())

  260.       .setIssueUpdateTime(PAST)

  261.       .setIssueCreationTime(PAST));

  262. 

  263.     loginWithBrowsePermission(toReviewHotspot);

  264. 

  265.     TestRequest request = tester.newRequest()

  266.       .setParam("projectKey", toReviewHotspot.getProjectKey())

  267.       .setParam("branchName", DEFAULT_BRANCH)

  268.       .setParam("changedSince", PAST + "");

  269. 

  270.     TestResponse response = request.execute();

  271.     List<Hotspots.HotspotLite> issues = readAllIssues(response);

  272. 

  273.     assertThat(issues).hasSize(2);

  274.   }

  275. 

  276.   @Test

  277.   public void wsExecution_whenDifferentHotspotsInTheTable_shouldReturnOnlyThatBelongToSelectedProject() throws IOException {

  278.     loginWithBrowsePermission(project);

  279.     List<String> correctIssueKeys = generateHotspots(correctMainBranch, correctFile, 10);

  280.     List<String> incorrectIssueKeys = generateHotspots(incorrectMainBranch, incorrectFile, 5);

  281. 

  282.     TestRequest request = tester.newRequest()

  283.       .setParam("projectKey", correctMainBranch.getKey())

  284.       .setParam("branchName", DEFAULT_BRANCH);

  285. 

  286.     TestResponse response = request.execute();

  287.     List<Hotspots.HotspotLite> issues = readAllIssues(response);

  288. 

  289.     assertThat(issues)

  290.       .hasSize(10)

  291.       .extracting(Hotspots.HotspotLite::getKey)

  292.       .containsExactlyInAnyOrderElementsOf(correctIssueKeys)

  293.       .doesNotContainAnyElementsOf(incorrectIssueKeys);

  294.   }

  295. 

  296.   @Test

  297.   public void wsExecution_whenNoIssuesBelongToTheProject_shouldReturnZeroIssues() throws IOException {

  298.     loginWithBrowsePermission(project);

  299.     generateHotspots(incorrectMainBranch, incorrectFile, 5);

  300. 

  301.     TestRequest request = tester.newRequest()

  302.       .setParam("projectKey", correctMainBranch.getKey())

  303.       .setParam("branchName", DEFAULT_BRANCH);

  304. 

  305.     TestResponse response = request.execute();

  306.     List<Hotspots.HotspotLite> issues = readAllIssues(response);

  307. 

  308.     assertThat(issues).isEmpty();

  309.   }

  310. 

  311.   @Test

  312.   public void wsExecution_whenLanguagesParam_shouldReturnOneIssue() throws IOException {

  313.     loginWithBrowsePermission(project);

  314.     RuleDto javaRule = db.rules().insert(r -> r.setLanguage("java"));

  315. 

  316.     IssueDto javaIssue = issueDbTester.insertHotspot(p -> p.setSeverity("MINOR")

  317.       .setMessage("openIssue")

  318.       .setCreatedAt(NOW)

  319.       .setRule(javaRule)

  320.       .setRuleUuid(javaRule.getUuid())

  321.       .setStatus(Issue.STATUS_TO_REVIEW)

  322.       .setLanguage("java")

  323.       .setProject(correctMainBranch)

  324.       .setComponent(correctFile));

  325. 

  326.     TestRequest request = tester.newRequest()

  327.       .setParam("projectKey", correctMainBranch.getKey())

  328.       .setParam("branchName", DEFAULT_BRANCH)

  329.       .setParam("languages", "java");

  330. 

  331.     TestResponse response = request.execute();

  332.     List<Hotspots.HotspotLite> issues = readAllIssues(response);

  333. 

  334.     assertThat(issues).hasSize(1)

  335.       .extracting(Hotspots.HotspotLite::getKey)

  336.       .containsExactly(javaIssue.getKey());

  337.   }

  338. 

  339.   @Test

  340.   public void wsExecution_whenChangedSinceParam_shouldReturnMatchingIssue() throws IOException {

  341.     loginWithBrowsePermission(project);

  342.     RuleDto javaRule = db.rules().insert(r -> r.setLanguage("java"));

  343. 

  344.     IssueDto issueBefore = issueDbTester.insertHotspot(p -> p.setSeverity("MINOR")

  345.       .setMessage("openIssue")

  346.       .setCreatedAt(NOW)

  347.       .setIssueUpdateDate(new Date(NOW))

  348.       .setRule(javaRule)

  349.       .setRuleUuid(javaRule.getUuid())

  350.       .setStatus(Issue.STATUS_TO_REVIEW)

  351.       .setLanguage("java")

  352.       .setProject(correctMainBranch)

  353.       .setComponent(correctFile));

  354. 

  355.     IssueDto issueAfter = issueDbTester.insertHotspot(p -> p.setSeverity("MINOR")

  356.       .setMessage("openIssue")

  357.       .setCreatedAt(NOW)

  358.       .setIssueUpdateDate(new Date(NOW + 1L))

  359.       .setRule(javaRule)

  360.       .setRuleUuid(javaRule.getUuid())

  361.       .setStatus(Issue.STATUS_TO_REVIEW)

  362.       .setLanguage("java")

  363.       .setProject(correctMainBranch)

  364.       .setComponent(correctFile));

  365. 

  366.     TestRequest request = tester.newRequest()

  367.       .setParam("projectKey", correctMainBranch.getKey())

  368.       .setParam("branchName", DEFAULT_BRANCH)

  369.       .setParam("languages", "java")

  370.       .setParam("changedSince", String.valueOf(issueBefore.getIssueUpdateTime() + 1L));

  371. 

  372.     TestResponse response = request.execute();

  373.     List<Hotspots.HotspotLite> issues = readAllIssues(response);

  374. 

  375.     assertThat(issues).extracting(Hotspots.HotspotLite::getKey)

  376.       .doesNotContain(issueBefore.getKey())

  377.       .containsExactly(issueAfter.getKey());

  378.   }

  379. 

  380.   @Test

  381.   public void wsExecution_whenWrongLanguageSet_shouldReturnZeroIssues() throws IOException {

  382.     loginWithBrowsePermission(project);

  383.     RuleDto javascriptRule = db.rules().insert(r -> r.setLanguage("javascript"));

  384. 

  385.     issueDbTester.insertHotspot(p -> p.setSeverity("MINOR")

  386.       .setMessage("openIssue")

  387.       .setCreatedAt(NOW)

  388.       .setRule(javascriptRule)

  389.       .setRuleUuid(javascriptRule.getUuid())

  390.       .setStatus(Issue.STATUS_TO_REVIEW)

  391.       .setProject(correctMainBranch)

  392.       .setComponent(correctFile));

  393. 

  394.     TestRequest request = tester.newRequest()

  395.       .setParam("projectKey", correctMainBranch.getKey())

  396.       .setParam("branchName", DEFAULT_BRANCH)

  397.       .setParam("languages", "java");

  398. 

  399.     TestResponse response = request.execute();

  400.     List<Hotspots.HotspotLite> issues = readAllIssues(response);

  401. 

  402.     assertThat(issues).isEmpty();

  403.   }

  404. 

  405.   private List<String> generateHotspots(ComponentDto project, ComponentDto file, int numberOfIssues) {

  406.     Consumer<IssueDto> consumer = i -> i.setProject(project)

  407.       .setComponentUuid(file.uuid())

  408.       .setStatus(Issue.STATUS_TO_REVIEW);

  409.     return Stream.generate(() -> issueDbTester.insertHotspot(consumer))

  410.       .limit(numberOfIssues)

  411.       .map(IssueDto::getKey)

  412.       .toList();

  413.   }

  414. 

  415.   private List<Hotspots.HotspotLite> readAllIssues(TestResponse response) throws IOException {

  416.     List<Hotspots.HotspotLite> issues = new ArrayList<>();

  417.     InputStream inputStream = response.getInputStream();

  418.     Hotspots.HotspotPullQueryTimestamp hotspotPullQueryTimestamp = Hotspots.HotspotPullQueryTimestamp.parseDelimitedFrom(inputStream);

  419.     assertThat(hotspotPullQueryTimestamp).isNotNull();

  420.     assertThat(hotspotPullQueryTimestamp.getQueryTimestamp()).isEqualTo(NOW);

  421.     while (inputStream.available() > 0) {

  422.       issues.add(Hotspots.HotspotLite.parseDelimitedFrom(inputStream));

  423.     }

  424. 

  425.     return issues;

  426.   }

  427. 

  428.   private void loginWithBrowsePermission(IssueDto issueDto) {

  429.     BranchDto branchDto = db.getDbClient().branchDao().selectByUuid(db.getSession(), issueDto.getProjectUuid()).get();

  430.     ProjectDto projectDto = db.getDbClient().projectDao().selectByUuid(db.getSession(), branchDto.getProjectUuid()).get();

  431.     loginWithBrowsePermission(projectDto);

  432.   }

  433. 

  434.   private void loginWithBrowsePermission(ProjectDto project) {

  435.     UserDto user = db.users().insertUser("john");

  436.     userSession.logIn(user).addProjectPermission(USER, project);

  437.   }

  438. }