mirrors
/
sonarqube
spogulis no https://github.com/SonarSource/sonarqube.git
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Kods Problēmas 0 Laidieni 237 Vikivietne Aktivitāte
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
34656 Revīzijas
59 Atzari
Koks: 7c322c39eb
Atzari Tagi
${ item.name }
Izveidot atzaru ${ searchTerm }
no '7c322c39eb'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/hotspot/ws/ListAction.java

ListAction.java 13KB
Neapstrādāts Vainot Vēsture

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2023 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.hotspot.ws;

  21. 

  22. import com.google.common.base.Preconditions;

  23. import java.util.Collection;

  24. import java.util.HashSet;

  25. import java.util.List;

  26. import java.util.Set;

  27. import java.util.stream.Collectors;

  28. import java.util.stream.Stream;

  29. import javax.annotation.Nullable;

  30. import org.sonar.api.rules.RuleType;

  31. import org.sonar.api.server.ws.Request;

  32. import org.sonar.api.server.ws.Response;

  33. import org.sonar.api.server.ws.WebService;

  34. import org.sonar.api.utils.Paging;

  35. import org.sonar.db.DbClient;

  36. import org.sonar.db.DbSession;

  37. import org.sonar.db.Pagination;

  38. import org.sonar.db.component.BranchDto;

  39. import org.sonar.db.component.ComponentDto;

  40. import org.sonar.db.issue.IssueDto;

  41. import org.sonar.db.issue.IssueListQuery;

  42. import org.sonar.db.newcodeperiod.NewCodePeriodType;

  43. import org.sonar.db.protobuf.DbIssues;

  44. import org.sonar.server.component.ComponentFinder;

  45. import org.sonar.server.component.ComponentFinder.ProjectAndBranch;

  46. import org.sonar.server.hotspot.ws.HotspotWsResponseFormatter.SearchResponseData;

  47. import org.sonar.server.issue.NewCodePeriodResolver;

  48. import org.sonar.server.user.UserSession;

  49. import org.sonarqube.ws.Common;

  50. import org.sonarqube.ws.Hotspots;

  51. 

  52. import static com.google.common.base.Strings.isNullOrEmpty;

  53. import static java.lang.String.format;

  54. import static java.util.Collections.emptyList;

  55. import static java.util.Collections.singletonList;

  56. import static org.sonar.api.issue.Issue.RESOLUTION_ACKNOWLEDGED;

  57. import static org.sonar.api.issue.Issue.RESOLUTION_FIXED;

  58. import static org.sonar.api.issue.Issue.RESOLUTION_SAFE;

  59. import static org.sonar.api.issue.Issue.STATUS_REVIEWED;

  60. import static org.sonar.api.issue.Issue.STATUS_TO_REVIEW;

  61. import static org.sonar.api.server.ws.WebService.Param.PAGE;

  62. import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;

  63. import static org.sonar.api.utils.Paging.forPageIndex;

  64. import static org.sonar.api.web.UserRole.USER;

  65. import static org.sonar.server.es.SearchOptions.MAX_PAGE_SIZE;

  66. import static org.sonar.server.ws.KeyExamples.KEY_BRANCH_EXAMPLE_001;

  67. import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;

  68. import static org.sonar.server.ws.KeyExamples.KEY_PULL_REQUEST_EXAMPLE_001;

  69. import static org.sonar.server.ws.WsUtils.writeProtobuf;

  70. 

  71. public class ListAction implements HotspotsWsAction {

  72.   private static final String PARAM_PROJECT = "project";

  73.   private static final String PARAM_BRANCH = "branch";

  74.   private static final String PARAM_PULL_REQUEST = "pullRequest";

  75.   private static final String PARAM_STATUS = "status";

  76.   private static final String PARAM_RESOLUTION = "resolution";

  77.   private static final String PARAM_IN_NEW_CODE_PERIOD = "inNewCodePeriod";

  78.   private static final List<String> STATUSES = List.of(STATUS_TO_REVIEW, STATUS_REVIEWED);

  79.   private final DbClient dbClient;

  80.   private final UserSession userSession;

  81.   private final HotspotWsResponseFormatter responseFormatter;

  82.   private final NewCodePeriodResolver newCodePeriodResolver;

  83.   private final ComponentFinder componentFinder;

  84. 

  85.   public ListAction(DbClient dbClient, UserSession userSession, HotspotWsResponseFormatter responseFormatter,

  86.     NewCodePeriodResolver newCodePeriodResolver, ComponentFinder componentFinder) {

  87.     this.dbClient = dbClient;

  88.     this.userSession = userSession;

  89.     this.responseFormatter = responseFormatter;

  90.     this.newCodePeriodResolver = newCodePeriodResolver;

  91.     this.componentFinder = componentFinder;

  92.   }

  93. 

  94.   @Override

  95.   public void define(WebService.NewController controller) {

  96.     WebService.NewAction action = controller

  97.       .createAction("list")

  98.       .setHandler(this)

  99.       .setInternal(true)

  100.       .setDescription("List Security Hotpots. This endpoint is used in degraded mode, when issue indexation is running." +

  101.         "<br>Total number of Security Hotspots will be always equal to a page size, as counting all issues is not supported. " +

  102.         "<br>Requires the 'Browse' permission on the specified project. ")

  103.       .setSince("10.2");

  104. 

  105.     action.addPagingParams(100, MAX_PAGE_SIZE);

  106.     action.createParam(PARAM_PROJECT)

  107.       .setDescription("Key of the project")

  108.       .setRequired(true)

  109.       .setExampleValue(KEY_PROJECT_EXAMPLE_001);

  110.     action.createParam(PARAM_BRANCH)

  111.       .setDescription("Branch key. Not available in the community edition.")

  112.       .setExampleValue(KEY_BRANCH_EXAMPLE_001);

  113.     action.createParam(PARAM_PULL_REQUEST)

  114.       .setDescription("Pull request id. Not available in the community edition.")

  115.       .setExampleValue(KEY_PULL_REQUEST_EXAMPLE_001);

  116.     action.createParam(PARAM_STATUS)

  117.       .setDescription("If '%s' is provided, only Security Hotspots with the specified status are returned.", PARAM_PROJECT)

  118.       .setPossibleValues(STATUSES)

  119.       .setRequired(false);

  120.     action.createParam(PARAM_RESOLUTION)

  121.       .setDescription(format(

  122.         "If '%s' is provided and if status is '%s', only Security Hotspots with the specified resolution are returned.",

  123.         PARAM_PROJECT, STATUS_REVIEWED))

  124.       .setPossibleValues(RESOLUTION_FIXED, RESOLUTION_SAFE, RESOLUTION_ACKNOWLEDGED)

  125.       .setRequired(false);

  126.     action.createParam(PARAM_IN_NEW_CODE_PERIOD)

  127.       .setDescription("If '%s' is provided, only Security Hotspots created in the new code period are returned.", PARAM_IN_NEW_CODE_PERIOD)

  128.       .setBooleanPossibleValues()

  129.       .setDefaultValue("false");

  130. 

  131.     action.setResponseExample(getClass().getResource("search-example.json"));

  132.   }

  133. 

  134.   @Override

  135.   public void handle(Request request, Response response) throws Exception {

  136.     WsRequest wsRequest = toWsRequest(request);

  137.     try (DbSession dbSession = dbClient.openSession(false)) {

  138.       ProjectAndBranch projectAndBranch = validate(dbSession, wsRequest);

  139.       SearchResponseData searchResponseData = searchHotspots(dbSession, wsRequest, projectAndBranch);

  140.       loadComponents(dbSession, searchResponseData);

  141.       writeProtobuf(formatResponse(searchResponseData), request, response);

  142.     }

  143.   }

  144. 

  145.   private static WsRequest toWsRequest(Request request) {

  146.     return new WsRequest(

  147.       request.mandatoryParamAsInt(PAGE), request.mandatoryParamAsInt(PAGE_SIZE))

  148.       .project(request.param(PARAM_PROJECT))

  149.       .branch(request.param(PARAM_BRANCH))

  150.       .pullRequest(request.param(PARAM_PULL_REQUEST))

  151.       .status(request.param(PARAM_STATUS))

  152.       .resolution(request.param(PARAM_RESOLUTION))

  153.       .inNewCodePeriod(request.paramAsBoolean(PARAM_IN_NEW_CODE_PERIOD));

  154.   }

  155. 

  156.   private ProjectAndBranch validate(DbSession dbSession, WsRequest wsRequest) {

  157.     Preconditions.checkArgument(isNullOrEmpty(wsRequest.branch) || isNullOrEmpty(wsRequest.pullRequest),

  158.       "Only one of parameters '%s' and '%s' can be provided", PARAM_BRANCH, PARAM_PULL_REQUEST);

  159. 

  160.     ProjectAndBranch projectAndBranch = componentFinder.getProjectAndBranch(dbSession, wsRequest.project,

  161.       wsRequest.branch, wsRequest.pullRequest);

  162. 

  163.     userSession.checkEntityPermission(USER, projectAndBranch.getProject());

  164.     return projectAndBranch;

  165.   }

  166. 

  167.   private SearchResponseData searchHotspots(DbSession dbSession, WsRequest wsRequest, ProjectAndBranch projectAndBranch) {

  168.     List<IssueDto> hotspots = getHotspotKeys(dbSession, wsRequest, projectAndBranch);

  169. 

  170.     Paging paging = forPageIndex(wsRequest.page).withPageSize(wsRequest.pageSize).andTotal(hotspots.size());

  171.     return new SearchResponseData(paging, hotspots);

  172.   }

  173. 

  174.   private List<IssueDto> getHotspotKeys(DbSession dbSession, WsRequest wsRequest, ProjectAndBranch projectAndBranch) {

  175.     BranchDto branch = projectAndBranch.getBranch();

  176.     IssueListQuery.IssueListQueryBuilder queryBuilder = IssueListQuery.IssueListQueryBuilder.newIssueListQueryBuilder()

  177.       .project(wsRequest.project)

  178.       .branch(branch.getBranchKey())

  179.       .pullRequest(branch.getPullRequestKey())

  180.       .statuses(wsRequest.status != null ? singletonList(wsRequest.status) : emptyList())

  181.       .resolutions(wsRequest.resolution != null ? singletonList(wsRequest.resolution) : emptyList())

  182.       .types(singletonList(RuleType.SECURITY_HOTSPOT.getDbConstant()));

  183. 

  184.     String branchKey = branch.getBranchKey();

  185.     if (wsRequest.inNewCodePeriod && wsRequest.pullRequest == null && branchKey != null) {

  186.       NewCodePeriodResolver.ResolvedNewCodePeriod newCodePeriod = newCodePeriodResolver.resolveForProjectAndBranch(dbSession, wsRequest.project, branchKey);

  187.       if (NewCodePeriodType.REFERENCE_BRANCH == newCodePeriod.type()) {

  188.         queryBuilder.newCodeOnReference(true);

  189.       } else {

  190.         queryBuilder.createdAfter(newCodePeriod.periodDate());

  191.       }

  192.     }

  193. 

  194.     Pagination pagination = Pagination.forPage(wsRequest.page).andSize(wsRequest.pageSize);

  195.     return dbClient.issueDao().selectByQuery(dbSession, queryBuilder.build(), pagination);

  196.   }

  197. 

  198.   private void loadComponents(DbSession dbSession, SearchResponseData searchResponseData) {

  199.     Set<String> componentUuids = searchResponseData.getHotspots().stream()

  200.       .flatMap(hotspot -> Stream.of(hotspot.getComponentUuid(), hotspot.getProjectUuid()))

  201.       .collect(Collectors.toSet());

  202. 

  203.     Set<String> locationComponentUuids = searchResponseData.getHotspots()

  204.       .stream()

  205.       .flatMap(hotspot -> getHotspotLocationComponentUuids(hotspot).stream())

  206.       .collect(Collectors.toSet());

  207. 

  208.     Set<String> aggregatedComponentUuids = Stream.of(componentUuids, locationComponentUuids)

  209.       .flatMap(Collection::stream)

  210.       .collect(Collectors.toSet());

  211. 

  212.     if (!aggregatedComponentUuids.isEmpty()) {

  213.       List<ComponentDto> componentDtos = dbClient.componentDao().selectByUuids(dbSession, aggregatedComponentUuids);

  214.       searchResponseData.addComponents(componentDtos);

  215.     }

  216.   }

  217. 

  218.   private static Set<String> getHotspotLocationComponentUuids(IssueDto hotspot) {

  219.     Set<String> locationComponentUuids = new HashSet<>();

  220.     DbIssues.Locations locations = hotspot.parseLocations();

  221. 

  222.     if (locations == null) {

  223.       return locationComponentUuids;

  224.     }

  225. 

  226.     List<DbIssues.Flow> flows = locations.getFlowList();

  227. 

  228.     for (DbIssues.Flow flow : flows) {

  229.       List<DbIssues.Location> flowLocations = flow.getLocationList();

  230.       for (DbIssues.Location location : flowLocations) {

  231.         if (location.hasComponentId()) {

  232.           locationComponentUuids.add(location.getComponentId());

  233.         }

  234.       }

  235.     }

  236. 

  237.     return locationComponentUuids;

  238.   }

  239. 

  240.   private Hotspots.ListWsResponse formatResponse(SearchResponseData searchResponseData) {

  241.     Hotspots.ListWsResponse.Builder responseBuilder = Hotspots.ListWsResponse.newBuilder();

  242.     formatPaging(searchResponseData, responseBuilder);

  243.     if (searchResponseData.isPresent()) {

  244.       responseFormatter.formatHotspots(searchResponseData, responseBuilder);

  245.     }

  246.     return responseBuilder.build();

  247.   }

  248. 

  249.   private static void formatPaging(SearchResponseData searchResponseData, Hotspots.ListWsResponse.Builder responseBuilder) {

  250.     Paging paging = searchResponseData.getPaging();

  251.     Common.Paging.Builder pagingBuilder = Common.Paging.newBuilder()

  252.       .setPageIndex(paging.pageIndex())

  253.       .setPageSize(searchResponseData.getHotspots().size());

  254. 

  255.     responseBuilder.setPaging(pagingBuilder.build());

  256.   }

  257. 

  258.   private static final class WsRequest {

  259.     private final int page;

  260.     private final int pageSize;

  261.     private String project;

  262.     private String branch;

  263.     private String pullRequest;

  264.     private String status;

  265.     private String resolution;

  266.     private boolean inNewCodePeriod;

  267. 

  268.     private WsRequest(int page, int pageSize) {

  269.       this.page = page;

  270.       this.pageSize = pageSize;

  271.     }

  272. 

  273.     public WsRequest project(@Nullable String project) {

  274.       this.project = project;

  275.       return this;

  276.     }

  277. 

  278.     public WsRequest branch(@Nullable String branch) {

  279.       this.branch = branch;

  280.       return this;

  281.     }

  282. 

  283.     public WsRequest pullRequest(@Nullable String pullRequest) {

  284.       this.pullRequest = pullRequest;

  285.       return this;

  286.     }

  287. 

  288.     public WsRequest status(@Nullable String status) {

  289.       this.status = status;

  290.       return this;

  291.     }

  292. 

  293.     public WsRequest resolution(@Nullable String resolution) {

  294.       this.resolution = resolution;

  295.       return this;

  296.     }

  297. 

  298.     public WsRequest inNewCodePeriod(@Nullable Boolean inNewCodePeriod) {

  299.       this.inNewCodePeriod = inNewCodePeriod != null && inNewCodePeriod;

  300.       return this;

  301.     }

  302.   }

  303. }