mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 236 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31090 Commits
58 Branches
Tree: ae5711e2ee
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ae5711e2ee'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/issue/ws/SearchAction.java

SearchAction.java 32KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2021 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.issue.ws;

  21. 

  22. import com.google.common.collect.ImmutableList;

  23. import com.google.common.collect.Lists;

  24. import java.util.ArrayList;

  25. import java.util.Arrays;

  26. import java.util.EnumSet;

  27. import java.util.List;

  28. import java.util.Map;

  29. import java.util.Optional;

  30. import java.util.Set;

  31. import java.util.stream.Collectors;

  32. import javax.annotation.Nullable;

  33. import org.elasticsearch.action.search.SearchResponse;

  34. import org.elasticsearch.search.SearchHit;

  35. import org.sonar.api.rule.Severity;

  36. import org.sonar.api.rules.RuleType;

  37. import org.sonar.api.server.ws.Change;

  38. import org.sonar.api.server.ws.Request;

  39. import org.sonar.api.server.ws.Response;

  40. import org.sonar.api.server.ws.WebService;

  41. import org.sonar.api.server.ws.WebService.Param;

  42. import org.sonar.api.utils.Paging;

  43. import org.sonar.api.utils.System2;

  44. import org.sonar.core.util.stream.MoreCollectors;

  45. import org.sonar.db.DbClient;

  46. import org.sonar.db.DbSession;

  47. import org.sonar.db.user.UserDto;

  48. import org.sonar.server.es.Facets;

  49. import org.sonar.server.es.SearchOptions;

  50. import org.sonar.server.issue.SearchRequest;

  51. import org.sonar.server.issue.index.IssueIndex;

  52. import org.sonar.server.issue.index.IssueIndexSyncProgressChecker;

  53. import org.sonar.server.issue.index.IssueQuery;

  54. import org.sonar.server.issue.index.IssueQueryFactory;

  55. import org.sonar.server.issue.index.IssueScope;

  56. import org.sonar.server.security.SecurityStandards.SQCategory;

  57. import org.sonar.server.user.UserSession;

  58. import org.sonarqube.ws.Issues.SearchWsResponse;

  59. 

  60. import static com.google.common.base.MoreObjects.firstNonNull;

  61. import static com.google.common.base.Preconditions.checkArgument;

  62. import static com.google.common.collect.Iterables.concat;

  63. import static com.google.common.collect.Sets.newHashSet;

  64. import static java.lang.String.format;

  65. import static java.util.Collections.emptyList;

  66. import static java.util.Collections.singletonList;

  67. import static java.util.Optional.ofNullable;

  68. import static java.util.stream.Collectors.toList;

  69. import static org.sonar.api.issue.Issue.RESOLUTIONS;

  70. import static org.sonar.api.issue.Issue.RESOLUTION_FIXED;

  71. import static org.sonar.api.issue.Issue.RESOLUTION_REMOVED;

  72. import static org.sonar.api.issue.Issue.STATUS_IN_REVIEW;

  73. import static org.sonar.api.issue.Issue.STATUS_OPEN;

  74. import static org.sonar.api.issue.Issue.STATUS_REOPENED;

  75. import static org.sonar.api.issue.Issue.STATUS_REVIEWED;

  76. import static org.sonar.api.issue.Issue.STATUS_TO_REVIEW;

  77. import static org.sonar.api.server.ws.WebService.Param.FACETS;

  78. import static org.sonar.api.utils.Paging.forPageIndex;

  79. import static org.sonar.core.util.stream.MoreCollectors.toSet;

  80. import static org.sonar.server.es.SearchOptions.MAX_PAGE_SIZE;

  81. import static org.sonar.server.issue.index.IssueIndex.FACET_ASSIGNED_TO_ME;

  82. import static org.sonar.server.issue.index.IssueIndex.FACET_PROJECTS;

  83. import static org.sonar.server.issue.index.IssueQuery.SORT_BY_ASSIGNEE;

  84. import static org.sonar.server.issue.index.IssueQueryFactory.ISSUE_STATUSES;

  85. import static org.sonar.server.issue.index.IssueQueryFactory.UNKNOWN;

  86. import static org.sonar.server.security.SecurityStandards.SANS_TOP_25_INSECURE_INTERACTION;

  87. import static org.sonar.server.security.SecurityStandards.SANS_TOP_25_POROUS_DEFENSES;

  88. import static org.sonar.server.security.SecurityStandards.SANS_TOP_25_RISKY_RESOURCE;

  89. import static org.sonar.server.security.SecurityStandards.UNKNOWN_STANDARD;

  90. import static org.sonar.server.ws.KeyExamples.KEY_BRANCH_EXAMPLE_001;

  91. import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;

  92. import static org.sonar.server.ws.KeyExamples.KEY_PULL_REQUEST_EXAMPLE_001;

  93. import static org.sonar.server.ws.WsUtils.writeProtobuf;

  94. import static org.sonarqube.ws.client.issue.IssuesWsParameters.ACTION_SEARCH;

  95. import static org.sonarqube.ws.client.issue.IssuesWsParameters.DEPRECATED_PARAM_AUTHORS;

  96. import static org.sonarqube.ws.client.issue.IssuesWsParameters.FACET_MODE;

  97. import static org.sonarqube.ws.client.issue.IssuesWsParameters.FACET_MODE_COUNT;

  98. import static org.sonarqube.ws.client.issue.IssuesWsParameters.FACET_MODE_EFFORT;

  99. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_ADDITIONAL_FIELDS;

  100. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_ASC;

  101. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_ASSIGNED;

  102. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_ASSIGNEES;

  103. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_AUTHOR;

  104. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_BRANCH;

  105. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_COMPONENT_KEYS;

  106. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_CREATED_AFTER;

  107. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_CREATED_AT;

  108. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_CREATED_BEFORE;

  109. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_CREATED_IN_LAST;

  110. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_CWE;

  111. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_DIRECTORIES;

  112. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_FILES;

  113. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_ISSUES;

  114. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_LANGUAGES;

  115. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_MODULE_UUIDS;

  116. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_ON_COMPONENT_ONLY;

  117. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_OWASP_TOP_10;

  118. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_PROJECTS;

  119. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_PULL_REQUEST;

  120. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_RESOLUTIONS;

  121. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_RESOLVED;

  122. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_RULES;

  123. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SANS_TOP_25;

  124. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SCOPES;

  125. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SEVERITIES;

  126. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SINCE_LEAK_PERIOD;

  127. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SONARSOURCE_SECURITY;

  128. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_STATUSES;

  129. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_TAGS;

  130. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_TIMEZONE;

  131. import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_TYPES;

  132. 

  133. public class SearchAction implements IssuesWsAction {

  134. 

  135.   private static final String LOGIN_MYSELF = "__me__";

  136.   private static final Set<String> ISSUE_SCOPES = Arrays.stream(IssueScope.values()).map(Enum::name).collect(Collectors.toSet());

  137.   private static final EnumSet<RuleType> ALL_RULE_TYPES_EXCEPT_SECURITY_HOTSPOTS = EnumSet.complementOf(EnumSet.of(RuleType.SECURITY_HOTSPOT));

  138. 

  139.   static final List<String> SUPPORTED_FACETS = ImmutableList.of(

  140.     FACET_PROJECTS,

  141.     PARAM_MODULE_UUIDS,

  142.     PARAM_FILES,

  143.     FACET_ASSIGNED_TO_ME,

  144.     PARAM_SEVERITIES,

  145.     PARAM_STATUSES,

  146.     PARAM_RESOLUTIONS,

  147.     PARAM_RULES,

  148.     PARAM_ASSIGNEES,

  149.     DEPRECATED_PARAM_AUTHORS,

  150.     PARAM_AUTHOR,

  151.     PARAM_DIRECTORIES,

  152.     PARAM_SCOPES,

  153.     PARAM_LANGUAGES,

  154.     PARAM_TAGS,

  155.     PARAM_TYPES,

  156.     PARAM_OWASP_TOP_10,

  157.     PARAM_SANS_TOP_25,

  158.     PARAM_CWE,

  159.     PARAM_CREATED_AT,

  160.     PARAM_SONARSOURCE_SECURITY);

  161. 

  162.   private static final String INTERNAL_PARAMETER_DISCLAIMER = "This parameter is mostly used by the Issues page, please prefer usage of the componentKeys parameter. ";

  163.   private static final Set<String> FACETS_REQUIRING_PROJECT = newHashSet(PARAM_MODULE_UUIDS, PARAM_FILES, PARAM_DIRECTORIES);

  164. 

  165.   private final UserSession userSession;

  166.   private final IssueIndex issueIndex;

  167.   private final IssueQueryFactory issueQueryFactory;

  168.   private final IssueIndexSyncProgressChecker issueIndexSyncProgressChecker;

  169.   private final SearchResponseLoader searchResponseLoader;

  170.   private final SearchResponseFormat searchResponseFormat;

  171.   private final System2 system2;

  172.   private final DbClient dbClient;

  173. 

  174.   public SearchAction(UserSession userSession, IssueIndex issueIndex, IssueQueryFactory issueQueryFactory, IssueIndexSyncProgressChecker issueIndexSyncProgressChecker,

  175.     SearchResponseLoader searchResponseLoader, SearchResponseFormat searchResponseFormat, System2 system2, DbClient dbClient) {

  176.     this.userSession = userSession;

  177.     this.issueIndex = issueIndex;

  178.     this.issueQueryFactory = issueQueryFactory;

  179.     this.issueIndexSyncProgressChecker = issueIndexSyncProgressChecker;

  180.     this.searchResponseLoader = searchResponseLoader;

  181.     this.searchResponseFormat = searchResponseFormat;

  182.     this.system2 = system2;

  183.     this.dbClient = dbClient;

  184.   }

  185. 

  186.   @Override

  187.   public void define(WebService.NewController controller) {

  188.     WebService.NewAction action = controller

  189.       .createAction(ACTION_SEARCH)

  190.       .setHandler(this)

  191.       .setDescription("Search for issues.<br>Requires the 'Browse' permission on the specified project(s)."

  192.         + "<br/>When issue indexation is in progress returns 503 service unavailable HTTP code.")

  193.       .setSince("3.6")

  194.       .setChangelog(

  195.         new Change("8.6", "Parameter 'timeZone' added"),

  196.         new Change("8.5", "Facet 'fileUuids' is dropped in favour of the new facet 'files'" +

  197.           "Note that they are not strictly identical, the latter returns the file paths."),

  198.         new Change("8.5", "Internal parameter 'fileUuids' has been dropped"),

  199.         new Change("8.4", "parameters 'componentUuids', 'projectKeys' has been dropped."),

  200.         new Change("8.2", "'REVIEWED', 'TO_REVIEW' status param values are no longer supported"),

  201.         new Change("8.2", "Security hotspots are no longer returned as type 'SECURITY_HOTSPOT' is not supported anymore, use dedicated api/hotspots"),

  202.         new Change("8.2", "response field 'fromHotspot' has been deprecated and is no more populated"),

  203.         new Change("8.2", "Status 'IN_REVIEW' for Security Hotspots has been deprecated"),

  204.         new Change("7.8", format("added new Security Hotspots statuses : %s, %s and %s", STATUS_TO_REVIEW, STATUS_IN_REVIEW, STATUS_REVIEWED)),

  205.         new Change("7.8", "Security hotspots are returned by default"),

  206.         new Change("7.7", format("Value '%s' in parameter '%s' is deprecated, please use '%s' instead", DEPRECATED_PARAM_AUTHORS, FACETS, PARAM_AUTHOR)),

  207.         new Change("7.6", format("The use of module keys in parameter '%s' is deprecated", PARAM_COMPONENT_KEYS)),

  208.         new Change("7.4", "The facet 'projectUuids' is dropped in favour of the new facet 'projects'. " +

  209.           "Note that they are not strictly identical, the latter returns the project keys."),

  210.         new Change("7.4", format("Parameter '%s' does not accept anymore deprecated value 'debt'", FACET_MODE)),

  211.         new Change("7.3", "response field 'fromHotspot' added to issues that are security hotspots"),

  212.         new Change("7.3", "added facets 'sansTop25', 'owaspTop10' and 'cwe'"),

  213.         new Change("7.2", "response field 'externalRuleEngine' added to issues that have been imported from an external rule engine"),

  214.         new Change("7.2", format("value '%s' in parameter '%s' is deprecated, it won't have any effect", SORT_BY_ASSIGNEE, Param.SORT)),

  215.         new Change("6.5", "parameters 'projects', 'projectUuids', 'moduleUuids', 'directories', 'fileUuids' are marked as internal"),

  216.         new Change("6.3", "response field 'email' is renamed 'avatar'"),

  217.         new Change("5.5", "response fields 'reporter' and 'actionPlan' are removed (drop of action plan and manual issue features)"),

  218.         new Change("5.5", "parameters 'reporters', 'actionPlans' and 'planned' are dropped and therefore ignored (drop of action plan and manual issue features)"),

  219.         new Change("5.5", "response field 'debt' is renamed 'effort'"))

  220.       .setResponseExample(getClass().getResource("search-example.json"));

  221. 

  222.     action.addPagingParams(100, MAX_PAGE_SIZE);

  223.     action.createParam(FACETS)

  224.       .setDescription("Comma-separated list of the facets to be computed. No facet is computed by default.")

  225.       .setPossibleValues(SUPPORTED_FACETS);

  226.     action.createParam(FACET_MODE)

  227.       .setDefaultValue(FACET_MODE_COUNT)

  228.       .setDeprecatedSince("7.9")

  229.       .setDescription("Choose the returned value for facet items, either count of issues or sum of remediation effort.")

  230.       .setPossibleValues(FACET_MODE_COUNT, FACET_MODE_EFFORT);

  231.     action.addSortParams(IssueQuery.SORTS, null, true);

  232.     action.createParam(PARAM_ADDITIONAL_FIELDS)

  233.       .setSince("5.2")

  234.       .setDescription("Comma-separated list of the optional fields to be returned in response. Action plans are dropped in 5.5, it is not returned in the response.")

  235.       .setPossibleValues(SearchAdditionalField.possibleValues());

  236.     addComponentRelatedParams(action);

  237.     action.createParam(PARAM_ISSUES)

  238.       .setDescription("Comma-separated list of issue keys")

  239.       .setExampleValue("5bccd6e8-f525-43a2-8d76-fcb13dde79ef");

  240.     action.createParam(PARAM_SEVERITIES)

  241.       .setDescription("Comma-separated list of severities")

  242.       .setExampleValue(Severity.BLOCKER + "," + Severity.CRITICAL)

  243.       .setPossibleValues(Severity.ALL);

  244.     action.createParam(PARAM_STATUSES)

  245.       .setDescription("Comma-separated list of statuses")

  246.       .setExampleValue(STATUS_OPEN + "," + STATUS_REOPENED)

  247.       .setPossibleValues(ISSUE_STATUSES);

  248.     action.createParam(PARAM_RESOLUTIONS)

  249.       .setDescription("Comma-separated list of resolutions")

  250.       .setExampleValue(RESOLUTION_FIXED + "," + RESOLUTION_REMOVED)

  251.       .setPossibleValues(RESOLUTIONS);

  252.     action.createParam(PARAM_RESOLVED)

  253.       .setDescription("To match resolved or unresolved issues")

  254.       .setBooleanPossibleValues();

  255.     action.createParam(PARAM_RULES)

  256.       .setDescription("Comma-separated list of coding rule keys. Format is &lt;repository&gt;:&lt;rule&gt;")

  257.       .setExampleValue("squid:AvoidCycles");

  258.     action.createParam(PARAM_TAGS)

  259.       .setDescription("Comma-separated list of tags.")

  260.       .setExampleValue("security,convention");

  261.     action.createParam(PARAM_TYPES)

  262.       .setDescription("Comma-separated list of types.")

  263.       .setSince("5.5")

  264.       .setPossibleValues(ALL_RULE_TYPES_EXCEPT_SECURITY_HOTSPOTS)

  265.       .setExampleValue(format("%s,%s", RuleType.CODE_SMELL, RuleType.BUG));

  266.     action.createParam(PARAM_OWASP_TOP_10)

  267.       .setDescription("Comma-separated list of OWASP Top 10 lowercase categories.")

  268.       .setSince("7.3")

  269.       .setPossibleValues("a1", "a2", "a3", "a4", "a5", "a6", "a7", "a8", "a9", "a10");

  270.     action.createParam(PARAM_SANS_TOP_25)

  271.       .setDescription("Comma-separated list of SANS Top 25 categories.")

  272.       .setSince("7.3")

  273.       .setPossibleValues(SANS_TOP_25_INSECURE_INTERACTION, SANS_TOP_25_RISKY_RESOURCE, SANS_TOP_25_POROUS_DEFENSES);

  274.     action.createParam(PARAM_CWE)

  275.       .setDescription("Comma-separated list of CWE identifiers. Use '" + UNKNOWN_STANDARD + "' to select issues not associated to any CWE.")

  276.       .setExampleValue("12,125," + UNKNOWN_STANDARD);

  277.     action.createParam(PARAM_SONARSOURCE_SECURITY)

  278.       .setDescription("Comma-separated list of SonarSource security categories. Use '" + SQCategory.OTHERS.getKey() + "' to select issues not associated" +

  279.         " with any category")

  280.       .setSince("7.8")

  281.       .setPossibleValues(Arrays.stream(SQCategory.values()).map(SQCategory::getKey).collect(Collectors.toList()));

  282.     action.createParam(DEPRECATED_PARAM_AUTHORS)

  283.       .setDeprecatedSince("7.7")

  284.       .setDescription("This parameter is deprecated, please use '%s' instead", PARAM_AUTHOR)

  285.       .setExampleValue("torvalds@linux-foundation.org");

  286.     action.createParam(PARAM_AUTHOR)

  287.       .setDescription("SCM accounts. To set several values, the parameter must be called once for each value.")

  288.       .setExampleValue("author=torvalds@linux-foundation.org&author=linux@fondation.org");

  289.     action.createParam(PARAM_ASSIGNEES)

  290.       .setDescription("Comma-separated list of assignee logins. The value '__me__' can be used as a placeholder for user who performs the request")

  291.       .setExampleValue("admin,usera,__me__");

  292.     action.createParam(PARAM_ASSIGNED)

  293.       .setDescription("To retrieve assigned or unassigned issues")

  294.       .setBooleanPossibleValues();

  295.     action.createParam(PARAM_SCOPES)

  296.       .setDescription("Comma-separated list of scopes. Available since 8.5")

  297.       .setPossibleValues(IssueScope.MAIN.name(), IssueScope.TEST.name())

  298.       .setExampleValue(format("%s,%s", IssueScope.MAIN.name(), IssueScope.TEST.name()));

  299.     action.createParam(PARAM_LANGUAGES)

  300.       .setDescription("Comma-separated list of languages. Available since 4.4")

  301.       .setExampleValue("java,js");

  302.     action.createParam(PARAM_CREATED_AT)

  303.       .setDescription("Datetime to retrieve issues created during a specific analysis")

  304.       .setExampleValue("2017-10-19T13:00:00+0200");

  305.     action.createParam(PARAM_CREATED_AFTER)

  306.       .setDescription("To retrieve issues created after the given date (inclusive). <br>" +

  307.         "Either a date (use '" + PARAM_TIMEZONE + "' attribute or it will default to server timezone) or datetime can be provided. <br>" +

  308.         "If this parameter is set, createdInLast must not be set")

  309.       .setExampleValue("2017-10-19 or 2017-10-19T13:00:00+0200");

  310.     action.createParam(PARAM_CREATED_BEFORE)

  311.       .setDescription("To retrieve issues created before the given date (exclusive). <br>" +

  312.         "Either a date (use '" + PARAM_TIMEZONE + "' attribute or it will default to server timezone) or datetime can be provided.")

  313.       .setExampleValue("2017-10-19 or 2017-10-19T13:00:00+0200");

  314.     action.createParam(PARAM_CREATED_IN_LAST)

  315.       .setDescription("To retrieve issues created during a time span before the current time (exclusive). " +

  316.         "Accepted units are 'y' for year, 'm' for month, 'w' for week and 'd' for day. " +

  317.         "If this parameter is set, createdAfter must not be set")

  318.       .setExampleValue("1m2w (1 month 2 weeks)");

  319.     action.createParam(PARAM_SINCE_LEAK_PERIOD)

  320.       .setDescription("To retrieve issues created since the leak period.<br>" +

  321.         "If this parameter is set to a truthy value, createdAfter must not be set and one component uuid or key must be provided.")

  322.       .setBooleanPossibleValues()

  323.       .setDefaultValue("false");

  324.     action.createParam(PARAM_TIMEZONE)

  325.       .setDescription(

  326.         "To resolve dates passed to '" + PARAM_CREATED_AFTER + "' or '" + PARAM_CREATED_BEFORE + "' (does not apply to datetime) and to compute creation date histogram")

  327.       .setRequired(false)

  328.       .setExampleValue("'Europe/Paris', 'Z' or '+02:00'")

  329.       .setSince("8.6");

  330.   }

  331. 

  332.   private static void addComponentRelatedParams(WebService.NewAction action) {

  333.     action.createParam(PARAM_ON_COMPONENT_ONLY)

  334.       .setDescription("Return only issues at a component's level, not on its descendants (modules, directories, files, etc). " +

  335.         "This parameter is only considered when componentKeys is set.")

  336.       .setBooleanPossibleValues()

  337.       .setDefaultValue("false");

  338. 

  339.     action.createParam(PARAM_COMPONENT_KEYS)

  340.       .setDescription("Comma-separated list of component keys. Retrieve issues associated to a specific list of components (and all its descendants). " +

  341.         "A component can be a portfolio, project, module, directory or file.")

  342.       .setExampleValue(KEY_PROJECT_EXAMPLE_001);

  343. 

  344.     action.createParam(PARAM_PROJECTS)

  345.       .setDescription("To retrieve issues associated to a specific list of projects (comma-separated list of project keys). " +

  346.         INTERNAL_PARAMETER_DISCLAIMER +

  347.         "If this parameter is set, projectUuids must not be set.")

  348.       .setInternal(true)

  349.       .setExampleValue(KEY_PROJECT_EXAMPLE_001);

  350. 

  351.     action.createParam(PARAM_MODULE_UUIDS)

  352.       .setDescription("To retrieve issues associated to a specific list of modules (comma-separated list of module IDs). " +

  353.         INTERNAL_PARAMETER_DISCLAIMER)

  354.       .setInternal(true)

  355.       .setDeprecatedSince("7.6")

  356.       .setExampleValue("7d8749e8-3070-4903-9188-bdd82933bb92");

  357. 

  358.     action.createParam(PARAM_DIRECTORIES)

  359.       .setDescription("To retrieve issues associated to a specific list of directories (comma-separated list of directory paths). " +

  360.         "This parameter is only meaningful when a module is selected. " +

  361.         INTERNAL_PARAMETER_DISCLAIMER)

  362.       .setInternal(true)

  363.       .setSince("5.1")

  364.       .setExampleValue("src/main/java/org/sonar/server/");

  365. 

  366.     action.createParam(PARAM_FILES)

  367.       .setDescription("To retrieve issues associated to a specific list of files (comma-separated list of file paths). " +

  368.         INTERNAL_PARAMETER_DISCLAIMER)

  369.       .setInternal(true)

  370.       .setExampleValue("src/main/java/org/sonar/server/Test.java");

  371. 

  372.     action.createParam(PARAM_BRANCH)

  373.       .setDescription("Branch key. Not available in the community edition.")

  374.       .setExampleValue(KEY_BRANCH_EXAMPLE_001)

  375.       .setSince("6.6");

  376. 

  377.     action.createParam(PARAM_PULL_REQUEST)

  378.       .setDescription("Pull request id. Not available in the community edition.")

  379.       .setExampleValue(KEY_PULL_REQUEST_EXAMPLE_001)

  380.       .setSince("7.1");

  381.   }

  382. 

  383.   @Override

  384.   public final void handle(Request request, Response response) {

  385.     try (DbSession dbSession = dbClient.openSession(false)) {

  386.       SearchRequest searchRequest = toSearchWsRequest(dbSession, request);

  387.       checkIfNeedIssueSync(dbSession, searchRequest);

  388.       SearchWsResponse searchWsResponse = doHandle(searchRequest);

  389.       writeProtobuf(searchWsResponse, request, response);

  390.     }

  391.   }

  392. 

  393.   private SearchWsResponse doHandle(SearchRequest request) {

  394.     // prepare the Elasticsearch request

  395.     SearchOptions options = createSearchOptionsFromRequest(request);

  396.     EnumSet<SearchAdditionalField> additionalFields = SearchAdditionalField.getFromRequest(request);

  397.     IssueQuery query = issueQueryFactory.create(request);

  398. 

  399.     Set<String> facetsRequiringProjectParameter = options.getFacets().stream()

  400.       .filter(FACETS_REQUIRING_PROJECT::contains)

  401.       .collect(toSet());

  402.     checkArgument(facetsRequiringProjectParameter.isEmpty() ||

  403.       (!query.projectUuids().isEmpty()), "Facet(s) '%s' require to also filter by project",

  404.       String.join(",", facetsRequiringProjectParameter));

  405. 

  406.     // execute request

  407.     SearchResponse result = issueIndex.search(query, options);

  408.     List<String> issueKeys = Arrays.stream(result.getHits().getHits())

  409.       .map(SearchHit::getId)

  410.       .collect(MoreCollectors.toList(result.getHits().getHits().length));

  411. 

  412.     // load the additional information to be returned in response

  413.     SearchResponseLoader.Collector collector = new SearchResponseLoader.Collector(issueKeys);

  414.     collectLoggedInUser(collector);

  415.     collectRequestParams(collector, request);

  416.     Facets facets = new Facets(result, Optional.ofNullable(query.timeZone()).orElse(system2.getDefaultTimeZone().toZoneId()));

  417.     if (!options.getFacets().isEmpty()) {

  418.       // add missing values to facets. For example if assignee "john" and facet on "assignees" are requested, then

  419.       // "john" should always be listed in the facet. If it is not present, then it is added with value zero.

  420.       // This is a constraint from webapp UX.

  421.       completeFacets(facets, request, query);

  422.       collectFacets(collector, facets);

  423.     }

  424.     SearchResponseData preloadedData = new SearchResponseData(emptyList());

  425.     preloadedData.addRules(ImmutableList.copyOf(query.rules()));

  426.     SearchResponseData data = searchResponseLoader.load(preloadedData, collector, additionalFields, facets);

  427. 

  428.     // FIXME allow long in Paging

  429.     Paging paging = forPageIndex(options.getPage()).withPageSize(options.getLimit()).andTotal((int) result.getHits().getTotalHits().value);

  430.     return searchResponseFormat.formatSearch(additionalFields, data, paging, facets);

  431.   }

  432. 

  433.   private static SearchOptions createSearchOptionsFromRequest(SearchRequest request) {

  434.     SearchOptions options = new SearchOptions();

  435.     options.setPage(request.getPage(), request.getPageSize());

  436. 

  437.     List<String> facets = request.getFacets();

  438. 

  439.     if (facets == null || facets.isEmpty()) {

  440.       return options;

  441.     }

  442. 

  443.     options.addFacets(facets);

  444.     return options;

  445.   }

  446. 

  447.   private void completeFacets(Facets facets, SearchRequest request, IssueQuery query) {

  448.     addMandatoryValuesToFacet(facets, PARAM_SEVERITIES, Severity.ALL);

  449.     addMandatoryValuesToFacet(facets, PARAM_STATUSES, ISSUE_STATUSES);

  450.     addMandatoryValuesToFacet(facets, PARAM_RESOLUTIONS, concat(singletonList(""), RESOLUTIONS));

  451.     addMandatoryValuesToFacet(facets, FACET_PROJECTS, query.projectUuids());

  452.     addMandatoryValuesToFacet(facets, PARAM_MODULE_UUIDS, query.moduleUuids());

  453.     addMandatoryValuesToFacet(facets, PARAM_FILES, query.files());

  454. 

  455.     List<String> assignees = Lists.newArrayList("");

  456.     List<String> assigneesFromRequest = request.getAssigneeUuids();

  457.     if (assigneesFromRequest != null) {

  458.       assignees.addAll(assigneesFromRequest);

  459.       assignees.remove(LOGIN_MYSELF);

  460.     }

  461.     addMandatoryValuesToFacet(facets, PARAM_ASSIGNEES, assignees);

  462.     addMandatoryValuesToFacet(facets, FACET_ASSIGNED_TO_ME, singletonList(userSession.getUuid()));

  463.     addMandatoryValuesToFacet(facets, PARAM_RULES, query.ruleUuids());

  464.     addMandatoryValuesToFacet(facets, PARAM_SCOPES, ISSUE_SCOPES);

  465.     addMandatoryValuesToFacet(facets, PARAM_LANGUAGES, request.getLanguages());

  466.     addMandatoryValuesToFacet(facets, PARAM_TAGS, request.getTags());

  467. 

  468.     setTypesFacet(facets);

  469. 

  470.     addMandatoryValuesToFacet(facets, PARAM_OWASP_TOP_10, request.getOwaspTop10());

  471.     addMandatoryValuesToFacet(facets, PARAM_SANS_TOP_25, request.getSansTop25());

  472.     addMandatoryValuesToFacet(facets, PARAM_CWE, request.getCwe());

  473.     addMandatoryValuesToFacet(facets, PARAM_SONARSOURCE_SECURITY, request.getSonarsourceSecurity());

  474.   }

  475. 

  476.   private static void setTypesFacet(Facets facets) {

  477.     Map<String, Long> typeFacet = facets.get(PARAM_TYPES);

  478.     if (typeFacet != null) {

  479.       typeFacet.remove(RuleType.SECURITY_HOTSPOT.name());

  480.     }

  481.     addMandatoryValuesToFacet(facets, PARAM_TYPES, ALL_RULE_TYPES_EXCEPT_SECURITY_HOTSPOTS.stream().map(Enum::name).collect(Collectors.toList()));

  482.   }

  483. 

  484.   private static void addMandatoryValuesToFacet(Facets facets, String facetName, @Nullable Iterable<String> mandatoryValues) {

  485.     Map<String, Long> buckets = facets.get(facetName);

  486.     if (buckets != null && mandatoryValues != null) {

  487.       for (String mandatoryValue : mandatoryValues) {

  488.         if (!buckets.containsKey(mandatoryValue)) {

  489.           buckets.put(mandatoryValue, 0L);

  490.         }

  491.       }

  492.     }

  493.   }

  494. 

  495.   private void collectLoggedInUser(SearchResponseLoader.Collector collector) {

  496.     if (userSession.isLoggedIn()) {

  497.       collector.addUserUuids(singletonList(userSession.getUuid()));

  498.     }

  499.   }

  500. 

  501.   private static void collectFacets(SearchResponseLoader.Collector collector, Facets facets) {

  502.     collector.addProjectUuids(facets.getBucketKeys(FACET_PROJECTS));

  503.     collector.addComponentUuids(facets.getBucketKeys(PARAM_MODULE_UUIDS));

  504.     collector.addRuleIds(facets.getBucketKeys(PARAM_RULES));

  505.     collector.addUserUuids(facets.getBucketKeys(PARAM_ASSIGNEES));

  506.   }

  507. 

  508.   private static void collectRequestParams(SearchResponseLoader.Collector collector, SearchRequest request) {

  509.     collector.addComponentUuids(request.getModuleUuids());

  510.     collector.addUserUuids(request.getAssigneeUuids());

  511.   }

  512. 

  513.   private SearchRequest toSearchWsRequest(DbSession dbSession, Request request) {

  514.     return new SearchRequest()

  515.       .setAdditionalFields(request.paramAsStrings(PARAM_ADDITIONAL_FIELDS))

  516.       .setAsc(request.mandatoryParamAsBoolean(PARAM_ASC))

  517.       .setAssigned(request.paramAsBoolean(PARAM_ASSIGNED))

  518.       .setAssigneesUuid(getLogins(dbSession, request.paramAsStrings(PARAM_ASSIGNEES)))

  519.       .setAuthors(request.hasParam(PARAM_AUTHOR) ? request.multiParam(PARAM_AUTHOR) : request.paramAsStrings(DEPRECATED_PARAM_AUTHORS))

  520.       .setComponents(request.paramAsStrings(PARAM_COMPONENT_KEYS))

  521.       .setCreatedAfter(request.param(PARAM_CREATED_AFTER))

  522.       .setCreatedAt(request.param(PARAM_CREATED_AT))

  523.       .setCreatedBefore(request.param(PARAM_CREATED_BEFORE))

  524.       .setCreatedInLast(request.param(PARAM_CREATED_IN_LAST))

  525.       .setDirectories(request.paramAsStrings(PARAM_DIRECTORIES))

  526.       .setFacetMode(request.mandatoryParam(FACET_MODE))

  527.       .setFacets(request.paramAsStrings(FACETS))

  528.       .setFiles(request.paramAsStrings(PARAM_FILES))

  529.       .setIssues(request.paramAsStrings(PARAM_ISSUES))

  530.       .setScopes(request.paramAsStrings(PARAM_SCOPES))

  531.       .setLanguages(request.paramAsStrings(PARAM_LANGUAGES))

  532.       .setModuleUuids(request.paramAsStrings(PARAM_MODULE_UUIDS))

  533.       .setOnComponentOnly(request.paramAsBoolean(PARAM_ON_COMPONENT_ONLY))

  534.       .setBranch(request.param(PARAM_BRANCH))

  535.       .setPullRequest(request.param(PARAM_PULL_REQUEST))

  536.       .setPage(request.mandatoryParamAsInt(Param.PAGE))

  537.       .setPageSize(request.mandatoryParamAsInt(Param.PAGE_SIZE))

  538.       .setProjects(request.paramAsStrings(PARAM_PROJECTS))

  539.       .setResolutions(request.paramAsStrings(PARAM_RESOLUTIONS))

  540.       .setResolved(request.paramAsBoolean(PARAM_RESOLVED))

  541.       .setRules(request.paramAsStrings(PARAM_RULES))

  542.       .setSinceLeakPeriod(request.mandatoryParamAsBoolean(PARAM_SINCE_LEAK_PERIOD))

  543.       .setSort(request.param(Param.SORT))

  544.       .setSeverities(request.paramAsStrings(PARAM_SEVERITIES))

  545.       .setStatuses(request.paramAsStrings(PARAM_STATUSES))

  546.       .setTags(request.paramAsStrings(PARAM_TAGS))

  547.       .setTypes(allRuleTypesExceptHotspotsIfEmpty(request.paramAsStrings(PARAM_TYPES)))

  548.       .setOwaspTop10(request.paramAsStrings(PARAM_OWASP_TOP_10))

  549.       .setSansTop25(request.paramAsStrings(PARAM_SANS_TOP_25))

  550.       .setCwe(request.paramAsStrings(PARAM_CWE))

  551.       .setSonarsourceSecurity(request.paramAsStrings(PARAM_SONARSOURCE_SECURITY))

  552.       .setTimeZone(request.param(PARAM_TIMEZONE));

  553.   }

  554. 

  555.   private void checkIfNeedIssueSync(DbSession dbSession, SearchRequest searchRequest) {

  556.     List<String> components = searchRequest.getComponents();

  557.     if (components != null && !components.isEmpty()) {

  558.       issueIndexSyncProgressChecker.checkIfAnyComponentsNeedIssueSync(dbSession, components);

  559.     } else {

  560.       // component keys not provided - asking for global

  561.       issueIndexSyncProgressChecker.checkIfIssueSyncInProgress(dbSession);

  562.     }

  563.   }

  564. 

  565.   private static List<String> allRuleTypesExceptHotspotsIfEmpty(@Nullable List<String> types) {

  566.     if (types == null || types.isEmpty()) {

  567.       return ALL_RULE_TYPES_EXCEPT_SECURITY_HOTSPOTS.stream().map(Enum::name).collect(toList());

  568.     }

  569.     return types;

  570.   }

  571. 

  572.   private List<String> getLogins(DbSession dbSession, @Nullable List<String> assigneeLogins) {

  573.     List<String> userLogins = new ArrayList<>();

  574. 

  575.     for (String login : ofNullable(assigneeLogins).orElse(emptyList())) {

  576.       if (LOGIN_MYSELF.equals(login)) {

  577.         if (userSession.getLogin() == null) {

  578.           userLogins.add(UNKNOWN);

  579.         } else {

  580.           userLogins.add(userSession.getLogin());

  581.         }

  582.       } else {

  583.         userLogins.add(login);

  584.       }

  585.     }

  586. 

  587.     List<UserDto> userDtos = dbClient.userDao().selectByLogins(dbSession, userLogins);

  588.     List<String> assigneeUuid = userDtos.stream().map(UserDto::getUuid).collect(toList());

  589. 

  590.     if ((assigneeLogins != null) && firstNonNull(assigneeUuid, emptyList()).isEmpty()) {

  591.       assigneeUuid = ImmutableList.of("non-existent-uuid");

  592.     }

  593.     return assigneeUuid;

  594.   }

  595. }