aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlukasz-jarocki-sonarsource <lukasz.jarocki@sonarsource.com>2023-12-06 09:59:43 +0100
committersonartech <sonartech@sonarsource.com>2023-12-06 20:02:46 +0000
commit76ef310b3344995f45f156410fa90ea1c490ee0a (patch)
tree812626a4b1cf815e27ce399badd20a25a7dba903
parent9bcaeae8290b4031bdb8554b96f64738455958ee (diff)
downloadsonarqube-76ef310b3344995f45f156410fa90ea1c490ee0a.tar.gz
sonarqube-76ef310b3344995f45f156410fa90ea1c490ee0a.zip
SONAR-21139 setting nulls for clean_code_attribute of security hotspots rules
-rw-r--r--server/sonar-db-migration/src/it/java/org/sonar/server/platform/db/migration/version/v104/RemoveCleanCodeAttributeFromCustomHotspotRulesIT.java96
-rw-r--r--server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v104/DbVersion104.java4
-rw-r--r--server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v104/RemoveCleanCodeAttributeFromCustomHotspotRules.java56
-rw-r--r--server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/RuleCreator.java1
4 files changed, 155 insertions, 2 deletions
diff --git a/server/sonar-db-migration/src/it/java/org/sonar/server/platform/db/migration/version/v104/RemoveCleanCodeAttributeFromCustomHotspotRulesIT.java b/server/sonar-db-migration/src/it/java/org/sonar/server/platform/db/migration/version/v104/RemoveCleanCodeAttributeFromCustomHotspotRulesIT.java
new file mode 100644
index 00000000000..d4ebc2fb203
--- /dev/null
+++ b/server/sonar-db-migration/src/it/java/org/sonar/server/platform/db/migration/version/v104/RemoveCleanCodeAttributeFromCustomHotspotRulesIT.java
@@ -0,0 +1,96 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2023 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v104;
+
+import java.sql.SQLException;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonar.db.MigrationDbTester;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.tuple;
+
+public class RemoveCleanCodeAttributeFromCustomHotspotRulesIT {
+
+ @Rule
+ public final MigrationDbTester db = MigrationDbTester.createForMigrationStep(RemoveCleanCodeAttributeFromCustomHotspotRules.class);
+ private final RemoveCleanCodeAttributeFromCustomHotspotRules underTest = new RemoveCleanCodeAttributeFromCustomHotspotRules(db.database());
+
+ @Test
+ public void execute_whenRulesTableIsEmpty_shouldDoNothing() throws SQLException {
+ underTest.execute();
+
+ assertThat(db.select("select clean_code_attribute from rules")).isEmpty();
+ }
+
+ @Test
+ public void execute_whenCustomHotspotRuleExist_shouldRemoveCleanCodeAttributeOnlyFromHotspot() throws SQLException {
+ insertRule("custom_hotspot_rule", "4", "CONVENTIONAL");
+ insertRule("other_rule", "1", "ETHICAL");
+
+ underTest.execute();
+
+ List<Map<String, Object>> selectResult = db.select("select NAME, CLEAN_CODE_ATTRIBUTE, UPDATED_AT from RULES");
+
+ assertThat(selectResult)
+ .extracting(stringObjectMap -> stringObjectMap.get("NAME"), stringObjectMap -> stringObjectMap.get("CLEAN_CODE_ATTRIBUTE"))
+ .containsExactlyInAnyOrder(tuple("custom_hotspot_rule", null), tuple("other_rule", "ETHICAL"));
+
+ Optional<Object> updatedAtForHotspotRule = selectResult.stream().filter(map -> map.containsValue("custom_hotspot_rule"))
+ .map(map -> map.get("UPDATED_AT")).findFirst();
+ assertThat(updatedAtForHotspotRule.get()).isNotEqualTo(0L);
+
+ Optional<Object> updatedAtForOtherRule = selectResult.stream().filter(map -> map.containsValue("other_rule"))
+ .map(map -> map.get("UPDATED_AT")).findFirst();
+ assertThat(updatedAtForOtherRule).contains(0L);
+ }
+
+ @Test
+ public void execute_whenCustomHotspotRuleExist_isReentrant() throws SQLException {
+ insertRule("custom_hotspot_rule", "4", "CONVENTIONAL");
+ insertRule("other_rule", "1", "ETHICAL");
+
+ underTest.execute();
+ underTest.execute();
+
+ List<Map<String, Object>> selectResult = db.select("select NAME, CLEAN_CODE_ATTRIBUTE from RULES");
+
+ assertThat(selectResult)
+ .extracting(stringObjectMap -> stringObjectMap.get("NAME"), stringObjectMap -> stringObjectMap.get("CLEAN_CODE_ATTRIBUTE"))
+ .containsExactlyInAnyOrder(tuple("custom_hotspot_rule", null), tuple("other_rule", "ETHICAL"));
+ }
+
+ private void insertRule(String name, String ruleType, String cleanCodeAttribute) {
+ db.executeInsert("rules",
+ "PLUGIN_RULE_KEY", name,
+ "PLUGIN_NAME", name,
+ "SCOPE", name,
+ "NAME", name,
+ "IS_EXTERNAL", true,
+ "IS_AD_HOC", false,
+ "UUID", name,
+ "RULE_TYPE", ruleType,
+ "UPDATED_AT", 0L,
+ "CLEAN_CODE_ATTRIBUTE", cleanCodeAttribute);
+ }
+}
diff --git a/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v104/DbVersion104.java b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v104/DbVersion104.java
index 73f7742f355..2db623a7e49 100644
--- a/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v104/DbVersion104.java
+++ b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v104/DbVersion104.java
@@ -50,6 +50,8 @@ public class DbVersion104 implements DbVersion {
.add(10_4_006, "Add 'uuid' column to 'groups_users'", AddUuidColumnToGroupsUsers.class)
.add(10_4_007, "Populate 'uuid' column in 'groups_users'", PopulateGroupsUsersUuid.class)
.add(10_4_008, "Make 'uuid' column in 'groups_users' table non-nullable", MakeUuidInGroupsUsersNotNullable.class)
- .add(10_4_009, "Create primary key on 'groups_users.uuid'", CreatePrimaryKeyOnGroupsUsersTable.class);
+ .add(10_4_009, "Create primary key on 'groups_users.uuid'", CreatePrimaryKeyOnGroupsUsersTable.class)
+ .add(10_4_010, "Set nulls in 'clean_code_attribute' column of 'rules' table for security hotspots",
+ RemoveCleanCodeAttributeFromCustomHotspotRules.class);
}
}
diff --git a/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v104/RemoveCleanCodeAttributeFromCustomHotspotRules.java b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v104/RemoveCleanCodeAttributeFromCustomHotspotRules.java
new file mode 100644
index 00000000000..e31d479455f
--- /dev/null
+++ b/server/sonar-db-migration/src/main/java/org/sonar/server/platform/db/migration/version/v104/RemoveCleanCodeAttributeFromCustomHotspotRules.java
@@ -0,0 +1,56 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2023 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.platform.db.migration.version.v104;
+
+import java.sql.SQLException;
+import org.sonar.db.Database;
+import org.sonar.server.platform.db.migration.step.DataChange;
+import org.sonar.server.platform.db.migration.step.MassUpdate;
+
+public class RemoveCleanCodeAttributeFromCustomHotspotRules extends DataChange {
+
+ private static final String SELECT = """
+ SELECT uuid
+ FROM rules
+ WHERE rule_type = 4
+ AND clean_code_attribute IS NOT NULL
+ """;
+ private static final String UPDATE = """
+ UPDATE rules SET clean_code_attribute = NULL, updated_at = ? WHERE uuid = ?
+ """;
+
+ public RemoveCleanCodeAttributeFromCustomHotspotRules(Database db) {
+ super(db);
+ }
+
+ @Override
+ protected void execute(Context context) throws SQLException {
+ MassUpdate massUpdate = context.prepareMassUpdate();
+ Long updatedAt = System.currentTimeMillis();
+ massUpdate.select(SELECT);
+ massUpdate.update(UPDATE);
+ massUpdate.execute((row, update) -> {
+ String uuid = row.getString(1);
+ update.setLong(1, updatedAt);
+ update.setString(2, uuid);
+ return true;
+ });
+ }
+}
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/RuleCreator.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/RuleCreator.java
index c17f60d341b..4619e83411a 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/RuleCreator.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/rule/RuleCreator.java
@@ -50,7 +50,6 @@ import org.sonar.db.rule.RuleParamDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.rule.index.RuleIndexer;
import org.sonar.server.util.TypeValidations;
-import org.sonarqube.ws.Common;
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.collect.Lists.newArrayList;