mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31539 Commits
59 Branches
Tree: 3f9445c259
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3f9445c259'
${ noResults }
sonarqube/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/qualitymodel/ReliabilityAndSecurityRatin...

ReliabilityAndSecurityRatingMeasuresVisitorTest.java 11KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2021 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.ce.task.projectanalysis.qualitymodel;

  21. 

  22. import java.util.Arrays;

  23. import java.util.Date;

  24. import org.junit.Rule;

  25. import org.junit.Test;

  26. import org.sonar.api.rules.RuleType;

  27. import org.sonar.api.utils.Duration;

  28. import org.sonar.ce.task.projectanalysis.component.Component;

  29. import org.sonar.ce.task.projectanalysis.component.FileAttributes;

  30. import org.sonar.ce.task.projectanalysis.component.ReportComponent;

  31. import org.sonar.ce.task.projectanalysis.component.TreeRootHolderRule;

  32. import org.sonar.ce.task.projectanalysis.component.VisitorsCrawler;

  33. import org.sonar.ce.task.projectanalysis.issue.ComponentIssuesRepositoryRule;

  34. import org.sonar.ce.task.projectanalysis.issue.FillComponentIssuesVisitorRule;

  35. import org.sonar.ce.task.projectanalysis.measure.Measure;

  36. import org.sonar.ce.task.projectanalysis.measure.MeasureRepositoryRule;

  37. import org.sonar.ce.task.projectanalysis.metric.MetricRepositoryRule;

  38. import org.sonar.core.issue.DefaultIssue;

  39. import org.sonar.core.util.Uuids;

  40. import org.sonar.server.measure.Rating;

  41. 

  42. import static org.assertj.core.api.Assertions.assertThat;

  43. import static org.sonar.api.issue.Issue.RESOLUTION_FIXED;

  44. import static org.sonar.api.measures.CoreMetrics.RELIABILITY_RATING;

  45. import static org.sonar.api.measures.CoreMetrics.RELIABILITY_RATING_KEY;

  46. import static org.sonar.api.measures.CoreMetrics.SECURITY_RATING;

  47. import static org.sonar.api.measures.CoreMetrics.SECURITY_RATING_KEY;

  48. import static org.sonar.api.rule.Severity.BLOCKER;

  49. import static org.sonar.api.rule.Severity.CRITICAL;

  50. import static org.sonar.api.rule.Severity.INFO;

  51. import static org.sonar.api.rule.Severity.MAJOR;

  52. import static org.sonar.api.rule.Severity.MINOR;

  53. import static org.sonar.api.rules.RuleType.BUG;

  54. import static org.sonar.api.rules.RuleType.CODE_SMELL;

  55. import static org.sonar.api.rules.RuleType.VULNERABILITY;

  56. import static org.sonar.ce.task.projectanalysis.component.Component.Type.DIRECTORY;

  57. import static org.sonar.ce.task.projectanalysis.component.Component.Type.FILE;

  58. import static org.sonar.ce.task.projectanalysis.component.Component.Type.PROJECT;

  59. import static org.sonar.ce.task.projectanalysis.component.ReportComponent.builder;

  60. import static org.sonar.ce.task.projectanalysis.measure.Measure.newMeasureBuilder;

  61. import static org.sonar.ce.task.projectanalysis.measure.MeasureRepoEntry.entryOf;

  62. import static org.sonar.ce.task.projectanalysis.measure.MeasureRepoEntry.toEntries;

  63. import static org.sonar.server.measure.Rating.A;

  64. import static org.sonar.server.measure.Rating.B;

  65. import static org.sonar.server.measure.Rating.C;

  66. import static org.sonar.server.measure.Rating.D;

  67. import static org.sonar.server.measure.Rating.E;

  68. 

  69. public class ReliabilityAndSecurityRatingMeasuresVisitorTest {

  70. 

  71.   static final String LANGUAGE_KEY_1 = "lKey1";

  72. 

  73.   static final int PROJECT_REF = 1;

  74.   static final int DIRECTORY_REF = 123;

  75.   static final int FILE_1_REF = 1231;

  76.   static final int FILE_2_REF = 1232;

  77. 

  78.   static final Component ROOT_PROJECT = builder(Component.Type.PROJECT, PROJECT_REF).setKey("project")

  79.     .addChildren(

  80.       builder(DIRECTORY, DIRECTORY_REF).setKey("directory")

  81.         .addChildren(

  82.           builder(FILE, FILE_1_REF).setFileAttributes(new FileAttributes(false, LANGUAGE_KEY_1, 1)).setKey("file1").build(),

  83.           builder(FILE, FILE_2_REF).setFileAttributes(new FileAttributes(false, LANGUAGE_KEY_1, 1)).setKey("file2").build())

  84.         .build())

  85.     .build();

  86. 

  87.   @Rule

  88.   public TreeRootHolderRule treeRootHolder = new TreeRootHolderRule();

  89. 

  90.   @Rule

  91.   public MetricRepositoryRule metricRepository = new MetricRepositoryRule()

  92.     .add(RELIABILITY_RATING)

  93.     .add(SECURITY_RATING);

  94. 

  95.   @Rule

  96.   public MeasureRepositoryRule measureRepository = MeasureRepositoryRule.create(treeRootHolder, metricRepository);

  97. 

  98.   @Rule

  99.   public ComponentIssuesRepositoryRule componentIssuesRepositoryRule = new ComponentIssuesRepositoryRule(treeRootHolder);

  100. 

  101.   @Rule

  102.   public FillComponentIssuesVisitorRule fillComponentIssuesVisitorRule = new FillComponentIssuesVisitorRule(componentIssuesRepositoryRule, treeRootHolder);

  103. 

  104.   VisitorsCrawler underTest = new VisitorsCrawler(

  105.     Arrays.asList(fillComponentIssuesVisitorRule, new ReliabilityAndSecurityRatingMeasuresVisitor(metricRepository, measureRepository, componentIssuesRepositoryRule)));

  106. 

  107.   @Test

  108.   public void measures_created_for_project_are_all_A_when_they_have_no_FILE_child() {

  109.     ReportComponent root = builder(PROJECT, 1).build();

  110.     treeRootHolder.setRoot(root);

  111. 

  112.     underTest.visit(root);

  113. 

  114.     assertThat(measureRepository.getRawMeasures(root)

  115.       .entrySet().stream().map(e -> entryOf(e.getKey(), e.getValue())))

  116.       .containsOnly(

  117.         entryOf(RELIABILITY_RATING_KEY, createRatingMeasure(A)),

  118.         entryOf(SECURITY_RATING_KEY, createRatingMeasure(A)));

  119.   }

  120. 

  121.   @Test

  122.   public void compute_reliability_rating() {

  123.     treeRootHolder.setRoot(ROOT_PROJECT);

  124.     fillComponentIssuesVisitorRule.setIssues(FILE_1_REF, newBugIssue(10L, MAJOR), newBugIssue(1L, MAJOR),

  125.       // Should not be taken into account

  126.       newVulnerabilityIssue(5L, MINOR));

  127.     fillComponentIssuesVisitorRule.setIssues(FILE_2_REF, newBugIssue(2L, CRITICAL), newBugIssue(3L, MINOR),

  128.       // Should not be taken into account

  129.       newBugIssue(10L, BLOCKER).setResolution(RESOLUTION_FIXED));

  130.     fillComponentIssuesVisitorRule.setIssues(PROJECT_REF, newBugIssue(7L, BLOCKER));

  131. 

  132.     underTest.visit(ROOT_PROJECT);

  133. 

  134.     verifyAddedRawMeasure(FILE_1_REF, RELIABILITY_RATING_KEY, C);

  135.     verifyAddedRawMeasure(FILE_2_REF, RELIABILITY_RATING_KEY, D);

  136.     verifyAddedRawMeasure(DIRECTORY_REF, RELIABILITY_RATING_KEY, D);

  137.     verifyAddedRawMeasure(PROJECT_REF, RELIABILITY_RATING_KEY, E);

  138.   }

  139. 

  140.   @Test

  141.   public void compute_security_rating() {

  142.     treeRootHolder.setRoot(ROOT_PROJECT);

  143.     fillComponentIssuesVisitorRule.setIssues(FILE_1_REF, newVulnerabilityIssue(10L, MAJOR), newVulnerabilityIssue(1L, MAJOR),

  144.       // Should not be taken into account

  145.       newBugIssue(1L, MAJOR));

  146.     fillComponentIssuesVisitorRule.setIssues(FILE_2_REF, newVulnerabilityIssue(2L, CRITICAL), newVulnerabilityIssue(3L, MINOR),

  147.       // Should not be taken into account

  148.       newVulnerabilityIssue(10L, BLOCKER).setResolution(RESOLUTION_FIXED));

  149.     fillComponentIssuesVisitorRule.setIssues(PROJECT_REF, newVulnerabilityIssue(7L, BLOCKER));

  150. 

  151.     underTest.visit(ROOT_PROJECT);

  152. 

  153.     verifyAddedRawMeasure(FILE_1_REF, SECURITY_RATING_KEY, C);

  154.     verifyAddedRawMeasure(FILE_2_REF, SECURITY_RATING_KEY, D);

  155.     verifyAddedRawMeasure(DIRECTORY_REF, SECURITY_RATING_KEY, D);

  156.     verifyAddedRawMeasure(PROJECT_REF, SECURITY_RATING_KEY, E);

  157.   }

  158. 

  159.   @Test

  160.   public void compute_E_reliability_and_security_rating_on_blocker_issue() {

  161.     treeRootHolder.setRoot(ROOT_PROJECT);

  162.     fillComponentIssuesVisitorRule.setIssues(FILE_1_REF, newBugIssue(10L, BLOCKER), newVulnerabilityIssue(1L, BLOCKER),

  163.       // Should not be taken into account

  164.       newBugIssue(1L, MAJOR));

  165. 

  166.     underTest.visit(ROOT_PROJECT);

  167. 

  168.     verifyAddedRawMeasure(PROJECT_REF, RELIABILITY_RATING_KEY, E);

  169.     verifyAddedRawMeasure(PROJECT_REF, SECURITY_RATING_KEY, E);

  170.   }

  171. 

  172.   @Test

  173.   public void compute_D_reliability_and_security_rating_on_critical_issue() {

  174.     treeRootHolder.setRoot(ROOT_PROJECT);

  175.     fillComponentIssuesVisitorRule.setIssues(FILE_1_REF, newBugIssue(10L, CRITICAL), newVulnerabilityIssue(15L, CRITICAL),

  176.       // Should not be taken into account

  177.       newCodeSmellIssue(1L, MAJOR));

  178. 

  179.     underTest.visit(ROOT_PROJECT);

  180. 

  181.     verifyAddedRawMeasure(PROJECT_REF, RELIABILITY_RATING_KEY, D);

  182.     verifyAddedRawMeasure(PROJECT_REF, SECURITY_RATING_KEY, D);

  183.   }

  184. 

  185.   @Test

  186.   public void compute_C_reliability_and_security_rating_on_major_issue() {

  187.     treeRootHolder.setRoot(ROOT_PROJECT);

  188.     fillComponentIssuesVisitorRule.setIssues(FILE_1_REF, newBugIssue(10L, MAJOR), newVulnerabilityIssue(15L, MAJOR),

  189.       // Should not be taken into account

  190.       newCodeSmellIssue(1L, MAJOR));

  191. 

  192.     underTest.visit(ROOT_PROJECT);

  193. 

  194.     verifyAddedRawMeasure(PROJECT_REF, RELIABILITY_RATING_KEY, C);

  195.     verifyAddedRawMeasure(PROJECT_REF, SECURITY_RATING_KEY, C);

  196.   }

  197. 

  198.   @Test

  199.   public void compute_B_reliability_and_security_rating_on_minor_issue() {

  200.     treeRootHolder.setRoot(ROOT_PROJECT);

  201.     fillComponentIssuesVisitorRule.setIssues(FILE_1_REF, newBugIssue(10L, MINOR), newVulnerabilityIssue(15L, MINOR),

  202.       // Should not be taken into account

  203.       newCodeSmellIssue(1L, MAJOR));

  204. 

  205.     underTest.visit(ROOT_PROJECT);

  206. 

  207.     verifyAddedRawMeasure(PROJECT_REF, RELIABILITY_RATING_KEY, B);

  208.     verifyAddedRawMeasure(PROJECT_REF, SECURITY_RATING_KEY, B);

  209.   }

  210. 

  211.   @Test

  212.   public void compute_A_reliability_and_security_rating_on_info_issue() {

  213.     treeRootHolder.setRoot(ROOT_PROJECT);

  214.     fillComponentIssuesVisitorRule.setIssues(FILE_1_REF, newBugIssue(10L, INFO), newVulnerabilityIssue(15L, INFO),

  215.       // Should not be taken into account

  216.       newCodeSmellIssue(1L, MAJOR));

  217. 

  218.     underTest.visit(ROOT_PROJECT);

  219. 

  220.     verifyAddedRawMeasure(PROJECT_REF, RELIABILITY_RATING_KEY, A);

  221.     verifyAddedRawMeasure(PROJECT_REF, SECURITY_RATING_KEY, A);

  222.   }

  223. 

  224.   private void verifyAddedRawMeasure(int componentRef, String metricKey, Rating rating) {

  225.     assertThat(toEntries(measureRepository.getAddedRawMeasures(componentRef))).contains(entryOf(metricKey, newMeasureBuilder().create(rating.getIndex(), rating.name())));

  226.   }

  227. 

  228.   private static Measure createRatingMeasure(Rating rating) {

  229.     return newMeasureBuilder().create(rating.getIndex(), rating.name());

  230.   }

  231. 

  232.   private static DefaultIssue newBugIssue(long effort, String severity) {

  233.     return newIssue(effort, severity, BUG);

  234.   }

  235. 

  236.   private static DefaultIssue newVulnerabilityIssue(long effort, String severity) {

  237.     return newIssue(effort, severity, VULNERABILITY);

  238.   }

  239. 

  240.   private static DefaultIssue newCodeSmellIssue(long effort, String severity) {

  241.     return newIssue(effort, severity, CODE_SMELL);

  242.   }

  243. 

  244.   private static DefaultIssue newIssue(long effort, String severity, RuleType type) {

  245.     return newIssue(severity, type)

  246.       .setEffort(Duration.create(effort));

  247.   }

  248. 

  249.   private static DefaultIssue newIssue(String severity, RuleType type) {

  250.     return new DefaultIssue()

  251.       .setKey(Uuids.create())

  252.       .setSeverity(severity)

  253.       .setType(type)

  254.       .setCreationDate(new Date(1000L));

  255.   }

  256. 

  257. }