mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29346 Commits
59 Branches
Tree: 2983446f9f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2983446f9f'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/test/java/org/sonar/server/hotspot/ws/ShowActionTest.java

ShowActionTest.java 42KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2020 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.hotspot.ws;

  21. 

  22. import com.google.common.collect.ImmutableSet;

  23. import com.google.common.collect.Sets;

  24. import com.tngtech.java.junit.dataprovider.DataProvider;

  25. import com.tngtech.java.junit.dataprovider.DataProviderRunner;

  26. import com.tngtech.java.junit.dataprovider.UseDataProvider;

  27. import java.util.Arrays;

  28. import java.util.Collections;

  29. import java.util.List;

  30. import java.util.Random;

  31. import java.util.Set;

  32. import java.util.function.Consumer;

  33. import java.util.stream.Collectors;

  34. import java.util.stream.IntStream;

  35. import java.util.stream.Stream;

  36. import javax.annotation.Nullable;

  37. import org.assertj.core.groups.Tuple;

  38. import org.junit.Rule;

  39. import org.junit.Test;

  40. import org.junit.runner.RunWith;

  41. import org.mockito.ArgumentMatcher;

  42. import org.mockito.Mockito;

  43. import org.sonar.api.issue.Issue;

  44. import org.sonar.api.rules.RuleType;

  45. import org.sonar.api.utils.System2;

  46. import org.sonar.api.web.UserRole;

  47. import org.sonar.db.DbClient;

  48. import org.sonar.db.DbSession;

  49. import org.sonar.db.DbTester;

  50. import org.sonar.db.component.BranchType;

  51. import org.sonar.db.component.ComponentDto;

  52. import org.sonar.db.issue.IssueDto;

  53. import org.sonar.db.protobuf.DbCommons;

  54. import org.sonar.db.protobuf.DbIssues;

  55. import org.sonar.db.rule.RuleDefinitionDto;

  56. import org.sonar.db.rule.RuleTesting;

  57. import org.sonar.db.user.UserDto;

  58. import org.sonar.db.user.UserTesting;

  59. import org.sonar.server.es.EsTester;

  60. import org.sonar.server.exceptions.ForbiddenException;

  61. import org.sonar.server.exceptions.NotFoundException;

  62. import org.sonar.server.issue.AvatarResolver;

  63. import org.sonar.server.issue.AvatarResolverImpl;

  64. import org.sonar.server.issue.IssueChangeWSSupport;

  65. import org.sonar.server.issue.IssueChangeWSSupport.FormattingContext;

  66. import org.sonar.server.issue.IssueChangeWSSupport.Load;

  67. import org.sonar.server.issue.TextRangeResponseFormatter;

  68. import org.sonar.server.issue.ws.UserResponseFormatter;

  69. import org.sonar.server.organization.TestDefaultOrganizationProvider;

  70. import org.sonar.server.security.SecurityStandards;

  71. import org.sonar.server.security.SecurityStandards.SQCategory;

  72. import org.sonar.server.tester.UserSessionRule;

  73. import org.sonar.server.ws.TestRequest;

  74. import org.sonar.server.ws.WsActionTester;

  75. import org.sonarqube.ws.Common;

  76. import org.sonarqube.ws.Common.Changelog.Diff;

  77. import org.sonarqube.ws.Common.User;

  78. import org.sonarqube.ws.Hotspots;

  79. 

  80. import static org.apache.commons.lang.RandomStringUtils.randomAlphabetic;

  81. import static org.assertj.core.api.Assertions.assertThat;

  82. import static org.assertj.core.api.Assertions.assertThatThrownBy;

  83. import static org.assertj.core.api.Assertions.tuple;

  84. import static org.mockito.ArgumentMatchers.any;

  85. import static org.mockito.ArgumentMatchers.anySet;

  86. import static org.mockito.ArgumentMatchers.argThat;

  87. import static org.mockito.ArgumentMatchers.eq;

  88. import static org.mockito.Mockito.verify;

  89. import static org.mockito.Mockito.when;

  90. import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT;

  91. import static org.sonar.db.component.ComponentTesting.newFileDto;

  92. 

  93. @RunWith(DataProviderRunner.class)

  94. public class ShowActionTest {

  95.   private static final Random RANDOM = new Random();

  96. 

  97.   @Rule

  98.   public DbTester dbTester = DbTester.create(System2.INSTANCE);

  99.   @Rule

  100.   public EsTester es = EsTester.create();

  101.   @Rule

  102.   public UserSessionRule userSessionRule = UserSessionRule.standalone();

  103. 

  104.   private DbClient dbClient = dbTester.getDbClient();

  105.   private TestDefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(dbTester);

  106. 

  107.   private AvatarResolver avatarResolver = new AvatarResolverImpl();

  108.   private HotspotWsResponseFormatter responseFormatter = new HotspotWsResponseFormatter(defaultOrganizationProvider);

  109.   private IssueChangeWSSupport issueChangeSupport = Mockito.mock(IssueChangeWSSupport.class);

  110.   private HotspotWsSupport hotspotWsSupport = new HotspotWsSupport(dbClient, userSessionRule, System2.INSTANCE);

  111.   private UserResponseFormatter userFormatter = new UserResponseFormatter(new AvatarResolverImpl());

  112.   private TextRangeResponseFormatter textRangeFormatter = new TextRangeResponseFormatter();

  113. 

  114.   private ShowAction underTest = new ShowAction(dbClient, hotspotWsSupport, responseFormatter, textRangeFormatter, userFormatter, issueChangeSupport);

  115.   private WsActionTester actionTester = new WsActionTester(underTest);

  116. 

  117.   @Test

  118.   public void ws_is_internal() {

  119.     assertThat(actionTester.getDef().isInternal()).isTrue();

  120.   }

  121. 

  122.   @Test

  123.   public void fails_with_IAE_if_parameter_hotspot_is_missing() {

  124.     TestRequest request = actionTester.newRequest();

  125. 

  126.     assertThatThrownBy(request::execute)

  127.       .isInstanceOf(IllegalArgumentException.class)

  128.       .hasMessage("The 'hotspot' parameter is missing");

  129.   }

  130. 

  131.   @Test

  132.   public void fails_with_NotFoundException_if_hotspot_does_not_exist() {

  133.     String key = randomAlphabetic(12);

  134.     TestRequest request = actionTester.newRequest()

  135.       .setParam("hotspot", key);

  136. 

  137.     assertThatThrownBy(request::execute)

  138.       .isInstanceOf(NotFoundException.class)

  139.       .hasMessage("Hotspot '%s' does not exist", key);

  140.   }

  141. 

  142.   @Test

  143.   @UseDataProvider("ruleTypesButHotspot")

  144.   public void fails_with_NotFoundException_if_issue_is_not_a_hotspot(RuleType ruleType) {

  145.     ComponentDto project = dbTester.components().insertPublicProject();

  146.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  147.     RuleDefinitionDto rule = newRule(ruleType);

  148.     IssueDto notAHotspot = dbTester.issues().insertIssue(rule, project, file, i -> i.setType(ruleType));

  149.     TestRequest request = newRequest(notAHotspot);

  150. 

  151.     assertThatThrownBy(request::execute)

  152.       .isInstanceOf(NotFoundException.class)

  153.       .hasMessage("Hotspot '%s' does not exist", notAHotspot.getKey());

  154.   }

  155. 

  156.   @DataProvider

  157.   public static Object[][] ruleTypesButHotspot() {

  158.     return Arrays.stream(RuleType.values())

  159.       .filter(t -> t != SECURITY_HOTSPOT)

  160.       .map(t -> new Object[] {t})

  161.       .toArray(Object[][]::new);

  162.   }

  163. 

  164.   @Test

  165.   public void fails_with_NotFoundException_if_issue_is_hotspot_is_closed() {

  166.     ComponentDto project = dbTester.components().insertPublicProject();

  167.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  168.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  169.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setStatus(Issue.STATUS_CLOSED));

  170.     TestRequest request = newRequest(hotspot);

  171. 

  172.     assertThatThrownBy(request::execute)

  173.       .isInstanceOf(NotFoundException.class)

  174.       .hasMessage("Hotspot '%s' does not exist", hotspot.getKey());

  175.   }

  176. 

  177.   @Test

  178.   public void fails_with_ForbiddenException_if_project_is_private_and_not_allowed() {

  179.     ComponentDto project = dbTester.components().insertPrivateProject();

  180.     userSessionRule.registerComponents(project);

  181.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  182.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  183.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  184.     TestRequest request = newRequest(hotspot);

  185. 

  186.     assertThatThrownBy(request::execute)

  187.       .isInstanceOf(ForbiddenException.class)

  188.       .hasMessage("Insufficient privileges");

  189.   }

  190. 

  191.   @Test

  192.   public void succeeds_on_public_project() {

  193.     ComponentDto project = dbTester.components().insertPublicProject();

  194.     userSessionRule.registerComponents(project);

  195.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  196.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  197.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  198.     mockChangelogAndCommentsFormattingContext();

  199. 

  200.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  201.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  202. 

  203.     assertThat(response.getKey()).isEqualTo(hotspot.getKey());

  204.   }

  205. 

  206.   @Test

  207.   public void succeeds_on_private_project_with_permission() {

  208.     ComponentDto project = dbTester.components().insertPrivateProject();

  209.     userSessionRule.registerComponents(project);

  210.     userSessionRule.logIn().addProjectPermission(UserRole.USER, project);

  211.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  212.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  213.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  214.     mockChangelogAndCommentsFormattingContext();

  215. 

  216.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  217.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  218. 

  219.     assertThat(response.getKey()).isEqualTo(hotspot.getKey());

  220.   }

  221. 

  222.   @Test

  223.   public void return_canChangeStatus_false_on_public_project_when_anonymous() {

  224.     ComponentDto project = dbTester.components().insertPublicProject();

  225.     userSessionRule.registerComponents(project);

  226.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  227.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  228.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  229.     mockChangelogAndCommentsFormattingContext();

  230. 

  231.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  232.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  233. 

  234.     assertThat(response.getCanChangeStatus()).isFalse();

  235.   }

  236. 

  237.   @Test

  238.   @UseDataProvider("allPublicProjectPermissionsButSECURITYHOTSPOT_ADMIN")

  239.   public void return_canChangeStatus_false_on_public_project_when_authenticated_without_SECURITYHOTSPOT_ADMIN_permission(@Nullable String permission) {

  240.     ComponentDto project = dbTester.components().insertPublicProject();

  241.     userSessionRule.logIn().registerComponents(project);

  242.     if (permission != null) {

  243.       userSessionRule.addProjectPermission(permission, project);

  244.     }

  245.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  246.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  247.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  248.     mockChangelogAndCommentsFormattingContext();

  249. 

  250.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  251.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  252. 

  253.     assertThat(response.getCanChangeStatus()).isFalse();

  254.   }

  255. 

  256.   @Test

  257.   @UseDataProvider("allPublicProjectPermissionsButSECURITYHOTSPOT_ADMIN")

  258.   public void return_canChangeStatus_true_on_public_project_when_authenticated_with_SECURITYHOTSPOT_ADMIN_permission(@Nullable String permission) {

  259.     ComponentDto project = dbTester.components().insertPublicProject();

  260.     userSessionRule.registerComponents(project)

  261.       .addProjectPermission(UserRole.SECURITYHOTSPOT_ADMIN, project);

  262.     if (permission != null) {

  263.       userSessionRule.addProjectPermission(permission, project);

  264.     }

  265.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  266.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  267.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  268.     mockChangelogAndCommentsFormattingContext();

  269. 

  270.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  271.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  272. 

  273.     assertThat(response.getCanChangeStatus()).isTrue();

  274.   }

  275. 

  276.   @DataProvider

  277.   public static Object[][] allPublicProjectPermissionsButSECURITYHOTSPOT_ADMIN() {

  278.     return new Object[][] {

  279.       {null}, // no permission

  280.       {UserRole.ADMIN},

  281.       {UserRole.SCAN},

  282.       {UserRole.ISSUE_ADMIN}

  283.     };

  284.   }

  285. 

  286.   @Test

  287.   @UseDataProvider("allPrivateProjectPermissionsButSECURITYHOTSPOT_ADMIN_and_USER")

  288.   public void return_canChangeStatus_false_on_private_project_without_SECURITYHOTSPOT_ADMIN_permission(@Nullable String permission) {

  289.     ComponentDto project = dbTester.components().insertPrivateProject();

  290.     userSessionRule

  291.       .registerComponents(project)

  292.       .logIn()

  293.       .addProjectPermission(UserRole.USER, project);

  294.     if (permission != null) {

  295.       userSessionRule.addProjectPermission(permission, project);

  296.     }

  297.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  298.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  299.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  300.     mockChangelogAndCommentsFormattingContext();

  301. 

  302.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  303.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  304. 

  305.     assertThat(response.getCanChangeStatus()).isFalse();

  306.   }

  307. 

  308.   @Test

  309.   @UseDataProvider("allPrivateProjectPermissionsButSECURITYHOTSPOT_ADMIN_and_USER")

  310.   public void return_canChangeStatus_false_on_private_project_with_SECURITYHOTSPOT_ADMIN_permission(@Nullable String permission) {

  311.     ComponentDto project = dbTester.components().insertPrivateProject();

  312.     userSessionRule

  313.       .registerComponents(project)

  314.       .logIn()

  315.       .addProjectPermission(UserRole.USER, project)

  316.       .addProjectPermission(UserRole.SECURITYHOTSPOT_ADMIN, project);

  317.     if (permission != null) {

  318.       userSessionRule.addProjectPermission(permission, project);

  319.     }

  320.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  321.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  322.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  323.     mockChangelogAndCommentsFormattingContext();

  324. 

  325.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  326.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  327. 

  328.     assertThat(response.getCanChangeStatus()).isTrue();

  329.   }

  330. 

  331.   @DataProvider

  332.   public static Object[][] allPrivateProjectPermissionsButSECURITYHOTSPOT_ADMIN_and_USER() {

  333.     return new Object[][] {

  334.       {null}, // only USER permission

  335.       {UserRole.CODEVIEWER},

  336.       {UserRole.ADMIN},

  337.       {UserRole.SCAN},

  338.       {UserRole.ISSUE_ADMIN}

  339.     };

  340.   }

  341. 

  342.   @Test

  343.   @UseDataProvider("statusAndResolutionCombinations")

  344.   public void returns_status_and_resolution(String status, @Nullable String resolution) {

  345.     ComponentDto project = dbTester.components().insertPrivateProject();

  346.     userSessionRule.registerComponents(project);

  347.     userSessionRule.logIn().addProjectPermission(UserRole.USER, project);

  348.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  349.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  350.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setStatus(status).setResolution(resolution));

  351.     mockChangelogAndCommentsFormattingContext();

  352. 

  353.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  354.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  355. 

  356.     assertThat(response.getStatus()).isEqualTo(status);

  357.     if (resolution == null) {

  358.       assertThat(response.hasResolution()).isFalse();

  359.     } else {

  360.       assertThat(response.getResolution()).isEqualTo(resolution);

  361.     }

  362.   }

  363. 

  364.   @DataProvider

  365.   public static Object[][] statusAndResolutionCombinations() {

  366.     return new Object[][] {

  367.       {Issue.STATUS_TO_REVIEW, null},

  368.       {Issue.STATUS_REVIEWED, Issue.RESOLUTION_FIXED},

  369.       {Issue.STATUS_REVIEWED, Issue.RESOLUTION_SAFE}

  370.     };

  371.   }

  372. 

  373.   @Test

  374.   public void returns_hotspot_component_and_rule() {

  375.     ComponentDto project = dbTester.components().insertPublicProject();

  376.     userSessionRule.registerComponents(project);

  377.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  378.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  379.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  380.     mockChangelogAndCommentsFormattingContext();

  381. 

  382.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  383.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  384. 

  385.     assertThat(response.getKey()).isEqualTo(hotspot.getKey());

  386.     verifyComponent(response.getComponent(), file, null, null);

  387.     verifyComponent(response.getProject(), project, null, null);

  388.     verifyRule(response.getRule(), rule);

  389.     assertThat(response.hasTextRange()).isFalse();

  390.   }

  391. 

  392.   @Test

  393.   public void returns_no_textRange_when_locations_have_none() {

  394.     ComponentDto project = dbTester.components().insertPublicProject();

  395.     userSessionRule.registerComponents(project);

  396.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  397.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  398.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file,

  399.       t -> t.setLocations(DbIssues.Locations.newBuilder().build()));

  400.     mockChangelogAndCommentsFormattingContext();

  401. 

  402.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  403.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  404. 

  405.     assertThat(response.hasTextRange()).isFalse();

  406.   }

  407. 

  408.   @Test

  409.   @UseDataProvider("randomTextRangeValues")

  410.   public void returns_textRange(int startLine, int endLine, int startOffset, int endOffset) {

  411.     ComponentDto project = dbTester.components().insertPublicProject();

  412.     userSessionRule.registerComponents(project);

  413.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  414.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  415.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file,

  416.       t -> t.setLocations(DbIssues.Locations.newBuilder()

  417.         .setTextRange(DbCommons.TextRange.newBuilder()

  418.           .setStartLine(startLine)

  419.           .setEndLine(endLine)

  420.           .setStartOffset(startOffset)

  421.           .setEndOffset(endOffset)

  422.           .build())

  423.         .build()));

  424.     mockChangelogAndCommentsFormattingContext();

  425. 

  426.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  427.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  428. 

  429.     assertThat(response.hasTextRange()).isTrue();

  430.     Common.TextRange textRange = response.getTextRange();

  431.     assertThat(textRange.getStartLine()).isEqualTo(startLine);

  432.     assertThat(textRange.getEndLine()).isEqualTo(endLine);

  433.     assertThat(textRange.getStartOffset()).isEqualTo(startOffset);

  434.     assertThat(textRange.getEndOffset()).isEqualTo(endOffset);

  435.   }

  436. 

  437.   @Test

  438.   public void returns_no_assignee_when_user_does_not_exist() {

  439.     ComponentDto project = dbTester.components().insertPublicProject();

  440.     userSessionRule.registerComponents(project);

  441.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  442.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  443.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setAssigneeUuid(randomAlphabetic(10)));

  444.     mockChangelogAndCommentsFormattingContext();

  445. 

  446.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  447.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  448. 

  449.     assertThat(response.hasAssignee()).isFalse();

  450.   }

  451. 

  452.   @Test

  453.   public void returns_assignee_details_when_user_exists() {

  454.     ComponentDto project = dbTester.components().insertPublicProject();

  455.     userSessionRule.registerComponents(project);

  456.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  457.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  458.     UserDto assignee = dbTester.users().insertUser();

  459.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setAssigneeUuid(assignee.getUuid()));

  460.     mockChangelogAndCommentsFormattingContext();

  461. 

  462.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  463.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  464. 

  465.     assertThat(response.getAssignee()).isEqualTo(assignee.getLogin());

  466.     assertThat(response.getUsersList()).hasSize(1);

  467.     User wsAssignee = response.getUsersList().iterator().next();

  468.     assertThat(wsAssignee.getLogin()).isEqualTo(assignee.getLogin());

  469.     assertThat(wsAssignee.getName()).isEqualTo(assignee.getName());

  470.     assertThat(wsAssignee.getActive()).isEqualTo(assignee.isActive());

  471.     assertThat(wsAssignee.getAvatar()).isEqualTo(avatarResolver.create(assignee));

  472.   }

  473. 

  474.   @Test

  475.   public void returns_no_avatar_if_assignee_has_no_email() {

  476.     ComponentDto project = dbTester.components().insertPublicProject();

  477.     userSessionRule.registerComponents(project);

  478.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  479.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  480.     UserDto assignee = dbTester.users().insertUser(t -> t.setEmail(null));

  481.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setAssigneeUuid(assignee.getUuid()));

  482.     mockChangelogAndCommentsFormattingContext();

  483. 

  484.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  485.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  486. 

  487.     assertThat(response.getUsersList()).hasSize(1);

  488.     assertThat(response.getUsersList().iterator().next().hasAvatar()).isFalse();

  489.   }

  490. 

  491.   @Test

  492.   public void returns_inactive_when_assignee_is_inactive() {

  493.     ComponentDto project = dbTester.components().insertPublicProject();

  494.     userSessionRule.registerComponents(project);

  495.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  496.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  497.     UserDto assignee = dbTester.users().insertUser(t -> t.setActive(false));

  498.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setAssigneeUuid(assignee.getUuid()));

  499.     mockChangelogAndCommentsFormattingContext();

  500. 

  501.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  502.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  503. 

  504.     assertThat(response.getUsersList()).hasSize(1);

  505.     assertThat(response.getUsersList().iterator().next().getActive()).isFalse();

  506.   }

  507. 

  508.   @Test

  509.   public void returns_author_login_when_user_does_not_exist() {

  510.     ComponentDto project = dbTester.components().insertPublicProject();

  511.     userSessionRule.registerComponents(project);

  512.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  513.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  514.     String authorLogin = randomAlphabetic(10);

  515.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setAuthorLogin(authorLogin));

  516.     mockChangelogAndCommentsFormattingContext();

  517. 

  518.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  519.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  520. 

  521.     assertThat(response.getUsersList()).isEmpty();

  522.     assertThat(response.getAuthor()).isEqualTo(authorLogin);

  523.   }

  524. 

  525.   @Test

  526.   public void returns_author_details_when_user_exists() {

  527.     ComponentDto project = dbTester.components().insertPublicProject();

  528.     userSessionRule.registerComponents(project);

  529.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  530.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  531.     UserDto author = dbTester.users().insertUser();

  532.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setAuthorLogin(author.getLogin()));

  533.     mockChangelogAndCommentsFormattingContext();

  534. 

  535.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  536.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  537. 

  538.     assertThat(response.getAuthor()).isEqualTo(author.getLogin());

  539.     User wsAuthorFromList = response.getUsersList().iterator().next();

  540.     assertThat(wsAuthorFromList.getLogin()).isEqualTo(author.getLogin());

  541.     assertThat(wsAuthorFromList.getName()).isEqualTo(author.getName());

  542.     assertThat(wsAuthorFromList.getActive()).isEqualTo(author.isActive());

  543.     assertThat(wsAuthorFromList.getAvatar()).isEqualTo(avatarResolver.create(author));

  544.   }

  545. 

  546.   @Test

  547.   public void returns_no_avatar_if_author_has_no_email() {

  548.     ComponentDto project = dbTester.components().insertPublicProject();

  549.     userSessionRule.registerComponents(project);

  550.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  551.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  552.     UserDto author = dbTester.users().insertUser(t -> t.setEmail(null));

  553.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setAuthorLogin(author.getLogin()));

  554.     mockChangelogAndCommentsFormattingContext();

  555. 

  556.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  557.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  558. 

  559.     assertThat(response.getUsersList()).hasSize(1);

  560.     assertThat(response.getUsersList().iterator().next().hasAvatar()).isFalse();

  561.   }

  562. 

  563.   @Test

  564.   public void returns_inactive_if_author_is_inactive() {

  565.     ComponentDto project = dbTester.components().insertPublicProject();

  566.     userSessionRule.registerComponents(project);

  567.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  568.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  569.     UserDto author = dbTester.users().insertUser(t -> t.setActive(false));

  570.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, t -> t.setAuthorLogin(author.getLogin()));

  571.     mockChangelogAndCommentsFormattingContext();

  572. 

  573.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  574.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  575. 

  576.     assertThat(response.getUsersList()).hasSize(1);

  577.     assertThat(response.getUsersList().iterator().next().getActive()).isFalse();

  578.   }

  579. 

  580.   @DataProvider

  581.   public static Object[][] randomTextRangeValues() {

  582.     int startLine = RANDOM.nextInt(200);

  583.     int endLine = RANDOM.nextInt(200);

  584.     int startOffset = RANDOM.nextInt(200);

  585.     int endOffset = RANDOM.nextInt(200);

  586.     return new Object[][] {

  587.       {startLine, endLine, startOffset, endOffset}

  588.     };

  589.   }

  590. 

  591.   @Test

  592.   public void returns_textRange_missing_fields() {

  593.     ComponentDto project = dbTester.components().insertPublicProject();

  594.     userSessionRule.registerComponents(project);

  595.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  596.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  597.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file,

  598.       t -> t.setLocations(DbIssues.Locations.newBuilder()

  599.         .setTextRange(DbCommons.TextRange.newBuilder().build())

  600.         .build()));

  601.     mockChangelogAndCommentsFormattingContext();

  602. 

  603.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  604.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  605. 

  606.     assertThat(response.hasTextRange()).isTrue();

  607.     Common.TextRange textRange = response.getTextRange();

  608.     assertThat(textRange.hasStartLine()).isFalse();

  609.     assertThat(textRange.hasEndLine()).isFalse();

  610.     assertThat(textRange.hasStartOffset()).isFalse();

  611.     assertThat(textRange.hasEndOffset()).isFalse();

  612.   }

  613. 

  614.   @Test

  615.   @UseDataProvider("allSQCategoryAndVulnerabilityProbability")

  616.   public void returns_securityCategory_and_vulnerabilityProbability_of_rule(Set<String> standards,

  617.     SQCategory expected) {

  618.     ComponentDto project = dbTester.components().insertPublicProject();

  619.     userSessionRule.registerComponents(project);

  620.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  621.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT, t -> t.setSecurityStandards(standards));

  622.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file,

  623.       t -> t.setLocations(DbIssues.Locations.newBuilder()

  624.         .setTextRange(DbCommons.TextRange.newBuilder().build())

  625.         .build()));

  626.     mockChangelogAndCommentsFormattingContext();

  627. 

  628.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  629.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  630. 

  631.     Hotspots.Rule wsRule = response.getRule();

  632.     assertThat(wsRule.getSecurityCategory()).isEqualTo(expected.getKey());

  633.     assertThat(wsRule.getVulnerabilityProbability()).isEqualTo(expected.getVulnerability().name());

  634.   }

  635. 

  636.   @DataProvider

  637.   public static Object[][] allSQCategoryAndVulnerabilityProbability() {

  638.     Stream<Object[]> allButOthers = SecurityStandards.CWES_BY_SQ_CATEGORY

  639.       .entrySet()

  640.       .stream()

  641.       .map(t -> new Object[] {

  642.         t.getValue().stream().map(s -> "cwe:" + s).collect(Collectors.toSet()),

  643.         t.getKey()

  644.       });

  645.     Stream<Object[]> others = Stream.of(

  646.       new Object[] {Collections.emptySet(), SQCategory.OTHERS},

  647.       new Object[] {ImmutableSet.of("foo", "bar", "acme"), SQCategory.OTHERS});

  648.     return Stream.concat(allButOthers, others)

  649.       .toArray(Object[][]::new);

  650.   }

  651. 

  652.   @Test

  653.   public void returns_project_twice_when_hotspot_on_project() {

  654.     ComponentDto project = dbTester.components().insertPublicProject();

  655.     userSessionRule.registerComponents(project);

  656.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  657.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, project,

  658.       t -> t.setLocations(DbIssues.Locations.newBuilder()

  659.         .setTextRange(DbCommons.TextRange.newBuilder().build())

  660.         .build()));

  661.     mockChangelogAndCommentsFormattingContext();

  662. 

  663.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  664.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  665. 

  666.     verifyComponent(response.getProject(), project, null, null);

  667.     verifyComponent(response.getComponent(), project, null, null);

  668.   }

  669. 

  670.   @Test

  671.   public void returns_branch_but_no_pullRequest_on_component_and_project_on_non_main_branch() {

  672.     ComponentDto project = dbTester.components().insertPublicProject();

  673.     ComponentDto branch = dbTester.components().insertProjectBranch(project);

  674.     ComponentDto file = dbTester.components().insertComponent(newFileDto(branch));

  675.     userSessionRule.registerComponents(project);

  676.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  677.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, branch, file,

  678.       t -> t.setLocations(DbIssues.Locations.newBuilder()

  679.         .setTextRange(DbCommons.TextRange.newBuilder().build())

  680.         .build()));

  681.     mockChangelogAndCommentsFormattingContext();

  682. 

  683.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  684.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  685. 

  686.     verifyComponent(response.getProject(), branch, branch.getBranch(), null);

  687.     verifyComponent(response.getComponent(), file, branch.getBranch(), null);

  688.   }

  689. 

  690.   @Test

  691.   public void returns_pullRequest_but_no_branch_on_component_and_project_on_pullRequest() {

  692.     ComponentDto project = dbTester.components().insertPublicProject();

  693.     ComponentDto pullRequest = dbTester.components().insertProjectBranch(project,

  694.       t -> t.setBranchType(BranchType.PULL_REQUEST));

  695.     ComponentDto file = dbTester.components().insertComponent(newFileDto(pullRequest));

  696.     userSessionRule.registerComponents(project);

  697.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  698.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, pullRequest, file,

  699.       t -> t.setLocations(DbIssues.Locations.newBuilder()

  700.         .setTextRange(DbCommons.TextRange.newBuilder().build())

  701.         .build()));

  702.     mockChangelogAndCommentsFormattingContext();

  703. 

  704.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  705.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  706. 

  707.     verifyComponent(response.getProject(), pullRequest, null, pullRequest.getPullRequest());

  708.     verifyComponent(response.getComponent(), file, null, pullRequest.getPullRequest());

  709.   }

  710. 

  711.   @Test

  712.   public void returns_hotspot_changelog_and_comments() {

  713.     ComponentDto project = dbTester.components().insertPublicProject();

  714.     userSessionRule.registerComponents(project);

  715.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  716.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  717.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file,

  718.       t -> t.setLocations(DbIssues.Locations.newBuilder()

  719.         .setTextRange(DbCommons.TextRange.newBuilder().build())

  720.         .build()));

  721.     List<Common.Changelog> changelog = IntStream.range(0, 1 + new Random().nextInt(12))

  722.       .mapToObj(i -> Common.Changelog.newBuilder().setUser("u" + i).build())

  723.       .collect(Collectors.toList());

  724.     List<Common.Comment> comments = IntStream.range(0, 1 + new Random().nextInt(12))

  725.       .mapToObj(i -> Common.Comment.newBuilder().setKey("u" + i).build())

  726.       .collect(Collectors.toList());

  727.     FormattingContext formattingContext = mockChangelogAndCommentsFormattingContext();

  728.     when(issueChangeSupport.formatChangelog(any(), any())).thenReturn(changelog.stream());

  729.     when(issueChangeSupport.formatComments(any(), any(), any())).thenReturn(comments.stream());

  730. 

  731.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  732.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  733. 

  734.     assertThat(response.getChangelogList())

  735.       .extracting(Common.Changelog::getUser)

  736.       .containsExactly(changelog.stream().map(Common.Changelog::getUser).toArray(String[]::new));

  737.     assertThat(response.getCommentList())

  738.       .extracting(Common.Comment::getKey)

  739.       .containsExactly(comments.stream().map(Common.Comment::getKey).toArray(String[]::new));

  740.     verify(issueChangeSupport).newFormattingContext(any(DbSession.class),

  741.       argThat(new IssueDtoSetArgumentMatcher(hotspot)),

  742.       eq(Load.ALL),

  743.       eq(Collections.emptySet()), eq(ImmutableSet.of(project, file)));

  744.     verify(issueChangeSupport).formatChangelog(argThat(new IssueDtoArgumentMatcher(hotspot)), eq(formattingContext));

  745.     verify(issueChangeSupport).formatComments(argThat(new IssueDtoArgumentMatcher(hotspot)), any(Common.Comment.Builder.class), eq(formattingContext));

  746.   }

  747. 

  748.   @Test

  749.   public void returns_user_details_of_users_from_ChangelogAndComments() {

  750.     ComponentDto project = dbTester.components().insertPublicProject();

  751.     userSessionRule.registerComponents(project);

  752.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  753.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  754.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file);

  755.     FormattingContext formattingContext = mockChangelogAndCommentsFormattingContext();

  756.     Set<UserDto> changeLogAndCommentsUsers = IntStream.range(0, 1 + RANDOM.nextInt(14))

  757.       .mapToObj(i -> UserTesting.newUserDto())

  758.       .collect(Collectors.toSet());

  759.     when(formattingContext.getUsers()).thenReturn(changeLogAndCommentsUsers);

  760. 

  761.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  762.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  763. 

  764.     assertThat(response.getUsersList())

  765.       .extracting(User::getLogin, User::getName, User::getActive)

  766.       .containsExactlyInAnyOrder(

  767.         changeLogAndCommentsUsers.stream()

  768.           .map(t -> tuple(t.getLogin(), t.getName(), t.isActive()))

  769.           .toArray(Tuple[]::new));

  770.   }

  771. 

  772.   @Test

  773.   public void returns_user_of_users_from_ChangelogAndComments_and_assignee_and_author() {

  774.     ComponentDto project = dbTester.components().insertPublicProject();

  775.     userSessionRule.registerComponents(project);

  776.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  777.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  778.     UserDto author = dbTester.users().insertUser();

  779.     UserDto assignee = dbTester.users().insertUser();

  780.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file,

  781.       t -> t.setAuthorLogin(author.getLogin())

  782.         .setAssigneeUuid(assignee.getUuid()));

  783.     FormattingContext formattingContext = mockChangelogAndCommentsFormattingContext();

  784.     Set<UserDto> changeLogAndCommentsUsers = IntStream.range(0, 1 + RANDOM.nextInt(14))

  785.       .mapToObj(i -> UserTesting.newUserDto())

  786.       .collect(Collectors.toSet());

  787.     when(formattingContext.getUsers()).thenReturn(changeLogAndCommentsUsers);

  788. 

  789.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  790.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  791. 

  792.     assertThat(response.getUsersList())

  793.       .extracting(User::getLogin, User::getName, User::getActive)

  794.       .containsExactlyInAnyOrder(

  795.         Stream.concat(

  796.           Stream.of(author, assignee),

  797.           changeLogAndCommentsUsers.stream())

  798.           .map(t -> tuple(t.getLogin(), t.getName(), t.isActive()))

  799.           .toArray(Tuple[]::new));

  800.   }

  801. 

  802.   @Test

  803.   public void do_not_duplicate_user_if_author_assignee_ChangeLogComment_user() {

  804.     ComponentDto project = dbTester.components().insertPublicProject();

  805.     userSessionRule.registerComponents(project);

  806.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT);

  807.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  808.     UserDto author = dbTester.users().insertUser();

  809.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file,

  810.       t -> t.setAuthorLogin(author.getLogin())

  811.         .setAssigneeUuid(author.getUuid()));

  812.     FormattingContext formattingContext = mockChangelogAndCommentsFormattingContext();

  813.     when(formattingContext.getUsers()).thenReturn(ImmutableSet.of(author));

  814. 

  815.     Hotspots.ShowWsResponse response = newRequest(hotspot)

  816.       .executeProtobuf(Hotspots.ShowWsResponse.class);

  817. 

  818.     assertThat(response.getUsersList())

  819.       .extracting(User::getLogin, User::getName, User::getActive)

  820.       .containsOnly(tuple(author.getLogin(), author.getName(), author.isActive()));

  821.   }

  822. 

  823.   @Test

  824.   public void verify_response_example() {

  825.     ComponentDto project = dbTester.components().insertPublicProject(componentDto -> componentDto

  826.       .setName("test-project")

  827.       .setLongName("test-project")

  828.       .setDbKey("com.sonarsource:test-project"));

  829.     userSessionRule.registerComponents(project)

  830.       .addProjectPermission(UserRole.SECURITYHOTSPOT_ADMIN, project);

  831. 

  832.     ComponentDto file = dbTester.components().insertComponent(

  833.       newFileDto(project)

  834.         .setDbKey("com.sonarsource:test-project:src/main/java/com/sonarsource/FourthClass.java")

  835.         .setName("FourthClass.java")

  836.         .setLongName("src/main/java/com/sonarsource/FourthClass.java")

  837.         .setPath("src/main/java/com/sonarsource/FourthClass.java"));

  838.     UserDto author = dbTester.users().insertUser(u -> u.setLogin("joe")

  839.       .setName("Joe"));

  840. 

  841.     long time = 1577976190000L;

  842.     RuleDefinitionDto rule = newRule(SECURITY_HOTSPOT, r -> r.setRuleKey("S4787")

  843.       .setRepositoryKey("java")

  844.       .setName("rule-name")

  845.       .setSecurityStandards(Sets.newHashSet(SQCategory.WEAK_CRYPTOGRAPHY.getKey())));

  846.     IssueDto hotspot = dbTester.issues().insertHotspot(rule, project, file, h -> h

  847.       .setAssigneeUuid("assignee-uuid")

  848.       .setAuthorLogin("joe")

  849.       .setMessage("message")

  850.       .setLine(10)

  851.       .setIssueCreationTime(time)

  852.       .setIssueUpdateTime(time)

  853.       .setAuthorLogin(author.getLogin())

  854.       .setAssigneeUuid(author.getUuid())

  855.       .setKee("AW9mgJw6eFC3pGl94Wrf"));

  856. 

  857.     List<Common.Changelog> changelog = IntStream.range(0, 3)

  858.       .mapToObj(i -> Common.Changelog.newBuilder()

  859.         .setUser("joe")

  860.         .setCreationDate("2020-01-02T14:44:55+0100")

  861.         .addDiffs(Diff.newBuilder().setKey("diff-key-" + i).setNewValue("new-value-" + i).setOldValue("old-value-" + i))

  862.         .setIsUserActive(true)

  863.         .setUserName("Joe")

  864.         .setAvatar("my-avatar")

  865.         .build())

  866.       .collect(Collectors.toList());

  867.     List<Common.Comment> comments = IntStream.range(0, 3)

  868.       .mapToObj(i -> Common.Comment.newBuilder()

  869.         .setKey("comment-" + i)

  870.         .setHtmlText("html text " + i)

  871.         .setLogin("Joe")

  872.         .setMarkdown("markdown " + i)

  873.         .setCreatedAt("2020-01-02T14:47:47+0100")

  874.         .build())

  875.       .collect(Collectors.toList());

  876. 

  877.     mockChangelogAndCommentsFormattingContext();

  878.     when(issueChangeSupport.formatChangelog(any(), any())).thenReturn(changelog.stream());

  879.     when(issueChangeSupport.formatComments(any(), any(), any())).thenReturn(comments.stream());

  880. 

  881.     newRequest(hotspot)

  882.       .execute()

  883.       .assertJson(actionTester.getDef().responseExampleAsString()

  884.         .replaceAll("default-organization", dbTester.getDefaultOrganization().getKey()));

  885.   }

  886. 

  887.   private FormattingContext mockChangelogAndCommentsFormattingContext() {

  888.     FormattingContext formattingContext = Mockito.mock(FormattingContext.class);

  889.     when(issueChangeSupport.newFormattingContext(any(), any(), any(), anySet(), anySet())).thenReturn(formattingContext);

  890.     return formattingContext;

  891.   }

  892. 

  893.   private void verifyRule(Hotspots.Rule wsRule, RuleDefinitionDto dto) {

  894.     assertThat(wsRule.getKey()).isEqualTo(dto.getKey().toString());

  895.     assertThat(wsRule.getName()).isEqualTo(dto.getName());

  896.     assertThat(wsRule.getSecurityCategory()).isEqualTo(SQCategory.OTHERS.getKey());

  897.     assertThat(wsRule.getVulnerabilityProbability()).isEqualTo(SQCategory.OTHERS.getVulnerability().name());

  898.   }

  899. 

  900.   private static void verifyComponent(Hotspots.Component wsComponent, ComponentDto dto, @Nullable String branch, @Nullable String pullRequest) {

  901.     assertThat(wsComponent.getKey()).isEqualTo(dto.getKey());

  902.     if (dto.path() == null) {

  903.       assertThat(wsComponent.hasPath()).isFalse();

  904.     } else {

  905.       assertThat(wsComponent.getPath()).isEqualTo(dto.path());

  906.     }

  907.     assertThat(wsComponent.getQualifier()).isEqualTo(dto.qualifier());

  908.     assertThat(wsComponent.getName()).isEqualTo(dto.name());

  909.     assertThat(wsComponent.getLongName()).isEqualTo(dto.longName());

  910.     if (branch == null) {

  911.       assertThat(wsComponent.hasBranch()).isFalse();

  912.     } else {

  913.       assertThat(wsComponent.getBranch()).isEqualTo(branch);

  914.     }

  915.     if (pullRequest == null) {

  916.       assertThat(wsComponent.hasPullRequest()).isFalse();

  917.     } else {

  918.       assertThat(wsComponent.getPullRequest()).isEqualTo(pullRequest);

  919.     }

  920.   }

  921. 

  922.   private TestRequest newRequest(IssueDto hotspot) {

  923.     return actionTester.newRequest()

  924.       .setParam("hotspot", hotspot.getKey());

  925.   }

  926. 

  927.   private RuleDefinitionDto newRule(RuleType ruleType) {

  928.     return newRule(ruleType, t -> {

  929.     });

  930.   }

  931. 

  932.   private RuleDefinitionDto newRule(RuleType ruleType, Consumer<RuleDefinitionDto> populate) {

  933.     RuleDefinitionDto ruleDefinition = RuleTesting.newRule()

  934.       .setType(ruleType);

  935.     populate.accept(ruleDefinition);

  936.     dbTester.rules().insert(ruleDefinition);

  937.     return ruleDefinition;

  938.   }

  939. 

  940.   private static class IssueDtoSetArgumentMatcher implements ArgumentMatcher<Set<IssueDto>> {

  941.     private final IssueDto expected;

  942. 

  943.     private IssueDtoSetArgumentMatcher(IssueDto expected) {

  944.       this.expected = expected;

  945.     }

  946. 

  947.     @Override

  948.     public boolean matches(Set<IssueDto> argument) {

  949.       return argument != null && argument.size() == 1 && argument.iterator().next().getKey().equals(expected.getKey());

  950.     }

  951. 

  952.     @Override

  953.     public String toString() {

  954.       return "Set<IssueDto>[" + expected.getKey() + "]";

  955.     }

  956.   }

  957. 

  958.   private static class IssueDtoArgumentMatcher implements ArgumentMatcher<IssueDto> {

  959.     private final IssueDto expected;

  960. 

  961.     private IssueDtoArgumentMatcher(IssueDto expected) {

  962.       this.expected = expected;

  963.     }

  964. 

  965.     @Override

  966.     public boolean matches(IssueDto argument) {

  967.       return argument != null && argument.getKey().equals(expected.getKey());

  968.     }

  969. 

  970.     @Override

  971.     public String toString() {

  972.       return "IssueDto[key=" + expected.getKey() + "]";

  973.     }

  974.   }

  975. 

  976. }