mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32116 Commits
59 Branches
Tree: bf0c2e6432
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'bf0c2e6432'
${ noResults }
sonarqube/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java

XooRulesDefinition.java 14KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2022 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.xoo.rule;

  21. 

  22. import javax.annotation.Nullable;

  23. import org.sonar.api.SonarRuntime;

  24. import org.sonar.api.rule.RuleScope;

  25. import org.sonar.api.rules.RuleType;

  26. import org.sonar.api.server.rule.RuleDescriptionSection;

  27. import org.sonar.api.server.rule.RuleParamType;

  28. import org.sonar.api.server.rule.RulesDefinition;

  29. import org.sonar.api.server.rule.RulesDefinitionAnnotationLoader;

  30. import org.sonar.api.utils.Version;

  31. import org.sonar.xoo.Xoo;

  32. import org.sonar.xoo.Xoo2;

  33. import org.sonar.xoo.checks.Check;

  34. 

  35. import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.ASSESS_THE_PROBLEM_SECTION_KEY;

  36. import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.HOW_TO_FIX_SECTION_KEY;

  37. import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.INTRODUCTION_SECTION_KEY;

  38. import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.RESOURCES_SECTION_KEY;

  39. import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.ROOT_CAUSE_SECTION_KEY;

  40. import static org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version.Y2017;

  41. import static org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version.Y2021;

  42. 

  43. /**

  44.  * Define all the coding rules that are supported on the repositories named "xoo" and "xoo2"

  45.  */

  46. public class XooRulesDefinition implements RulesDefinition {

  47. 

  48.   public static final String XOO_REPOSITORY = "xoo";

  49.   public static final String XOO2_REPOSITORY = "xoo2";

  50. 

  51.   private static final String TEN_MIN = "10min";

  52. 

  53.   @Nullable

  54.   private final Version version;

  55. 

  56.   public XooRulesDefinition() {

  57.     this(null);

  58.   }

  59. 

  60.   public XooRulesDefinition(@Nullable SonarRuntime sonarRuntime) {

  61.     this.version = sonarRuntime != null ? sonarRuntime.getApiVersion() : null;

  62.   }

  63. 

  64.   @Override

  65.   public void define(Context context) {

  66.     defineRulesXoo(context);

  67.     defineRulesXoo2(context);

  68.     defineRulesXooExternal(context);

  69.   }

  70. 

  71.   private static void defineRulesXoo2(Context context) {

  72.     NewRepository repo = context.createRepository(XOO2_REPOSITORY, Xoo2.KEY).setName("Xoo2");

  73. 

  74.     NewRule hasTag = repo.createRule(HasTagSensor.RULE_KEY).setName("Has Tag");

  75.     addAllDescriptionSections(hasTag, "Search for a given tag in Xoo files");

  76. 

  77.     NewRule oneIssuePerLine = repo.createRule(OneIssuePerLineSensor.RULE_KEY).setName("One Issue Per Line");

  78.     addAllDescriptionSections(oneIssuePerLine, "Generate an issue on each line of a file. It requires the metric \"lines\".");

  79.     oneIssuePerLine

  80.       .setDebtRemediationFunction(hasTag.debtRemediationFunctions().linear("1min"))

  81.       .setGapDescription("It takes about 1 minute to an experienced software craftsman to remove a line of code");

  82. 

  83.     repo.done();

  84.   }

  85. 

  86.   private void defineRulesXoo(Context context) {

  87.     NewRepository repo = context.createRepository(XOO_REPOSITORY, Xoo.KEY).setName("Xoo");

  88. 

  89.     new RulesDefinitionAnnotationLoader().load(repo, Check.ALL);

  90. 

  91.     NewRule hasTag = repo.createRule(HasTagSensor.RULE_KEY).setName("Has Tag")

  92.       .setActivatedByDefault(true);

  93.     addAllDescriptionSections(hasTag, "Search for a given tag in Xoo files");

  94.     hasTag

  95.       .setDebtRemediationFunction(hasTag.debtRemediationFunctions().constantPerIssue("2min"));

  96.     hasTag.createParam("tag")

  97.       .setDefaultValue("xoo")

  98.       .setDescription("The tag to search for");

  99. 

  100.     NewRule ruleWithParameters = repo.createRule("RuleWithParameters").setName("Rule with parameters");

  101.     addAllDescriptionSections(ruleWithParameters,

  102.       "Rule containing parameter of different types : boolean, integer, etc. For information, no issue will be linked to this rule.");

  103.     ruleWithParameters.createParam("string").setType(RuleParamType.STRING);

  104.     ruleWithParameters.createParam("text").setType(RuleParamType.TEXT);

  105.     ruleWithParameters.createParam("boolean").setType(RuleParamType.BOOLEAN);

  106.     ruleWithParameters.createParam("integer").setType(RuleParamType.INTEGER);

  107.     ruleWithParameters.createParam("float").setType(RuleParamType.FLOAT);

  108. 

  109.     NewRule oneIssuePerLine = repo.createRule(OneIssuePerLineSensor.RULE_KEY).setName("One Issue Per Line")

  110.       .setTags("line");

  111.     addAllDescriptionSections(oneIssuePerLine, "Generate an issue on each line of a file. It requires the metric \"lines\".");

  112.     oneIssuePerLine

  113.       .setDebtRemediationFunction(oneIssuePerLine.debtRemediationFunctions().linear("1min"))

  114.       .setGapDescription("It takes about 1 minute to an experienced software craftsman to remove a line of code");

  115. 

  116.     NewRule oneQuickFixPerLine = repo.createRule(OneQuickFixPerLineSensor.RULE_KEY).setName("One Quick Fix Per Line")

  117.       .setTags("line");

  118.     addAllDescriptionSections(oneQuickFixPerLine,

  119.       "Generate an issue with quick fix available on each line of a file. It requires the metric \"lines\".");

  120. 

  121.     oneQuickFixPerLine

  122.       .setDebtRemediationFunction(oneQuickFixPerLine.debtRemediationFunctions().linear("1min"))

  123.       .setGapDescription("It takes about 1 minute to an experienced software craftsman to remove a line of code");

  124. 

  125.     NewRule oneIssueOnDirPerFile = repo.createRule(OneIssueOnDirPerFileSensor.RULE_KEY).setName("One Issue On Dir Per File");

  126.     addAllDescriptionSections(oneIssueOnDirPerFile,

  127.       "Generate issues on directories");

  128.     NewRule oneIssuePerFile = repo.createRule(OneIssuePerFileSensor.RULE_KEY).setName("One Issue Per File");

  129.     oneIssuePerFile.setDebtRemediationFunction(oneIssuePerFile.debtRemediationFunctions().linear(TEN_MIN));

  130.     addAllDescriptionSections(oneIssuePerFile, "Generate an issue on each file");

  131. 

  132.     NewRule oneIssuePerTestFile = repo.createRule(OneIssuePerTestFileSensor.RULE_KEY).setName("One Issue Per Test File")

  133.       .setScope(RuleScope.TEST);

  134.     oneIssuePerTestFile.setDebtRemediationFunction(oneIssuePerTestFile.debtRemediationFunctions().linear("8min"));

  135.     addAllDescriptionSections(oneIssuePerTestFile, "Generate an issue on each test file");

  136. 

  137.     NewRule oneBugIssuePerTestLine = repo.createRule(OneBugIssuePerTestLineSensor.RULE_KEY).setName("One Bug Issue Per Test Line")

  138.       .setScope(RuleScope.TEST)

  139.       .setType(RuleType.BUG);

  140.     addAllDescriptionSections(oneBugIssuePerTestLine, "Generate a bug issue on each line of a test file. It requires the metric \"lines\".");

  141. 

  142.     oneBugIssuePerTestLine

  143.       .setDebtRemediationFunction(oneBugIssuePerTestLine.debtRemediationFunctions().linear("4min"));

  144. 

  145.     NewRule oneCodeSmellIssuePerTestLine = repo.createRule(OneCodeSmellIssuePerTestLineSensor.RULE_KEY).setName("One Code Smell Issue Per Test Line")

  146.       .setScope(RuleScope.TEST)

  147.       .setType(RuleType.CODE_SMELL);

  148.     addAllDescriptionSections(oneCodeSmellIssuePerTestLine, "Generate a code smell issue on each line of a test file. It requires the metric \"lines\".");

  149. 

  150.     oneCodeSmellIssuePerTestLine

  151.       .setDebtRemediationFunction(oneCodeSmellIssuePerTestLine.debtRemediationFunctions().linear("3min"));

  152. 

  153.     NewRule oneIssuePerDirectory = repo.createRule(OneIssuePerDirectorySensor.RULE_KEY).setName("One Issue Per Directory");

  154.     oneIssuePerDirectory.setDebtRemediationFunction(oneIssuePerDirectory.debtRemediationFunctions().linear(TEN_MIN));

  155.     addAllDescriptionSections(oneIssuePerDirectory, "Generate an issue on each non-empty directory");

  156. 

  157.     NewRule oneDayDebtPerFile = repo.createRule(OneDayDebtPerFileSensor.RULE_KEY).setName("One Day Debt Per File");

  158.     oneDayDebtPerFile.setDebtRemediationFunction(oneDayDebtPerFile.debtRemediationFunctions().linear("1d"));

  159.     addAllDescriptionSections(oneDayDebtPerFile, "Generate an issue on each file with a debt of one day");

  160. 

  161.     NewRule oneIssuePerModule = repo.createRule(OneIssuePerModuleSensor.RULE_KEY).setName("One Issue Per Module");

  162.     oneIssuePerModule

  163.       .setDebtRemediationFunction(oneIssuePerModule.debtRemediationFunctions().linearWithOffset("25min", "1h"))

  164.       .setGapDescription("A certified architect will need roughly half an hour to start working on removal of modules, " +

  165.         "then it's about one hour per module.");

  166.     addAllDescriptionSections(oneIssuePerModule, "Generate an issue on each module");

  167. 

  168.     NewRule oneBlockerIssuePerFile = repo.createRule(OneBlockerIssuePerFileSensor.RULE_KEY).setName("One Blocker Issue Per File");

  169.     addAllDescriptionSections(oneBlockerIssuePerFile, "Generate a blocker issue on each file, whatever the severity declared in the Quality profile");

  170. 

  171.     NewRule issueWithCustomMessage = repo.createRule(CustomMessageSensor.RULE_KEY).setName("Issue With Custom Message");

  172.     addAllDescriptionSections(issueWithCustomMessage, "Generate an issue on each file with a custom message");

  173. 

  174.     NewRule oneIssuePerFileWithRandomAccess = repo.createRule(RandomAccessSensor.RULE_KEY).setName("One Issue Per File with Random Access");

  175.     addAllDescriptionSections(oneIssuePerFileWithRandomAccess, "This issue is generated on each file");

  176. 

  177.     NewRule issueWithRangeAndMultipleLocations = repo.createRule(MultilineIssuesSensor.RULE_KEY).setName("Creates issues with ranges/multiple locations");

  178.     addAllDescriptionSections(issueWithRangeAndMultipleLocations, "Issue with range and multiple locations");

  179. 

  180.     NewRule issueOnEachFileWithExtUnknown = repo.createRule(OneIssuePerUnknownFileSensor.RULE_KEY).setName("Creates issues on each file with extension 'unknown'");

  181.     addAllDescriptionSections(issueOnEachFileWithExtUnknown, "This issue is generated on each file with extenstion 'unknown'");

  182. 

  183.     NewRule oneBugIssuePerLine = repo.createRule(OneBugIssuePerLineSensor.RULE_KEY).setName("One Bug Issue Per Line")

  184.       .setType(RuleType.BUG);

  185.     oneBugIssuePerLine

  186.       .setDebtRemediationFunction(oneBugIssuePerLine.debtRemediationFunctions().linear("5min"));

  187.     addAllDescriptionSections(oneBugIssuePerLine, "Generate a bug issue on each line of a file. It requires the metric \"lines\".");

  188. 

  189.     NewRule oneCodeSmellIssuePerLine = repo.createRule(OneCodeSmellIssuePerLineSensor.RULE_KEY).setName("One Code Smell Issue Per Line")

  190.       .setType(RuleType.CODE_SMELL);

  191.     oneCodeSmellIssuePerLine

  192.       .setDebtRemediationFunction(oneCodeSmellIssuePerLine.debtRemediationFunctions().linear("9min"));

  193.     addAllDescriptionSections(oneCodeSmellIssuePerLine, "Generate a code smell issue on each line of a file. It requires the metric \"lines\".");

  194. 

  195.     NewRule oneVulnerabilityIssuePerModule = repo.createRule(OneVulnerabilityIssuePerModuleSensor.RULE_KEY).setName("One Vulnerability Issue Per Module")

  196.       .setType(RuleType.VULNERABILITY);

  197.     addAllDescriptionSections(oneVulnerabilityIssuePerModule, "Generate an issue on each module");

  198. 

  199.     oneVulnerabilityIssuePerModule

  200.       .setDebtRemediationFunction(oneVulnerabilityIssuePerModule.debtRemediationFunctions().linearWithOffset("25min", "1h"))

  201.       .setGapDescription("A certified architect will need roughly half an hour to start working on removal of modules, " +

  202.         "then it's about one hour per module.");

  203. 

  204.     NewRule templateofRule = repo

  205.       .createRule("xoo-template")

  206.       .setTemplate(true)

  207.       .setName("Template of rule");

  208.     addAllDescriptionSections(templateofRule, "Template to be overridden by custom rules");

  209. 

  210.     NewRule hotspot = repo.createRule(HotspotSensor.RULE_KEY)

  211.       .setName("Find security hotspots")

  212.       .setType(RuleType.SECURITY_HOTSPOT)

  213.       .setActivatedByDefault(false);

  214.     addAllDescriptionSections(hotspot, "Search for Security Hotspots in Xoo files");

  215. 

  216.     hotspot

  217.       .setDebtRemediationFunction(hotspot.debtRemediationFunctions().constantPerIssue("2min"));

  218. 

  219.     if (version != null && version.isGreaterThanOrEqual(Version.create(9, 3))) {

  220.       hotspot

  221.         .addOwaspTop10(OwaspTop10.A1, OwaspTop10.A3)

  222.         .addOwaspTop10(Y2021, OwaspTop10.A3, OwaspTop10.A2)

  223.         .addCwe(1, 89, 123, 863);

  224. 

  225.       oneVulnerabilityIssuePerModule

  226.         .addOwaspTop10(Y2017, OwaspTop10.A9, OwaspTop10.A10)

  227.         .addOwaspTop10(Y2021, OwaspTop10.A6, OwaspTop10.A9)

  228.         .addCwe(250, 564, 546, 943);

  229.     }

  230. 

  231.     repo.done();

  232.   }

  233. 

  234.   private static void defineRulesXooExternal(Context context) {

  235.     NewRepository repo = context.createExternalRepository(OneExternalIssuePerLineSensor.ENGINE_ID, Xoo.KEY).setName(OneExternalIssuePerLineSensor.ENGINE_ID);

  236. 

  237.     repo.createRule(OnePredefinedRuleExternalIssuePerLineSensor.RULE_ID)

  238.       .setSeverity(OnePredefinedRuleExternalIssuePerLineSensor.SEVERITY)

  239.       .setType(OnePredefinedRuleExternalIssuePerLineSensor.TYPE)

  240.       .setScope(RuleScope.ALL)

  241.       .setHtmlDescription("Generates one external issue in each line")

  242.       .addDescriptionSection(descriptionSection(INTRODUCTION_SECTION_KEY, "Generates one external issue in each line"))

  243.       .setName("One external issue per line")

  244.       .setTags("riri", "fifi", "loulou");

  245. 

  246.     repo.done();

  247.   }

  248. 

  249.   private static void addAllDescriptionSections(NewRule rule, String description) {

  250.     rule

  251.       .setHtmlDescription(description)

  252.       .addDescriptionSection(descriptionSection(INTRODUCTION_SECTION_KEY, "Introduction: " + description))

  253.       .addDescriptionSection(descriptionSection(ROOT_CAUSE_SECTION_KEY, "Root cause: " + description))

  254.       .addDescriptionSection(descriptionSection(ASSESS_THE_PROBLEM_SECTION_KEY, "Assess the problem: " + description))

  255.       .addDescriptionSection(descriptionSection(HOW_TO_FIX_SECTION_KEY, "How to fix: " + description))

  256.       .addDescriptionSection(descriptionSection(RESOURCES_SECTION_KEY,

  257.         "<a href=\"www.google.fr\"> Google </a><br><a href=\"https://stackoverflow.com/\"> StackOverflow</a>"))

  258.       .addDescriptionSection(descriptionSection("fake_section_to_be_ignored",

  259.         "fake_section_to_be_ignored"));

  260.   }

  261. 

  262.   private static RuleDescriptionSection descriptionSection(String sectionKey, String htmlDescription) {

  263.     return RuleDescriptionSection.builder()

  264.       .sectionKey(sectionKey)

  265.       .htmlContent(htmlDescription)

  266.       .build();

  267.   }

  268. }