SONAR-12962 Compute Security Review measures on new code

author: Julien Lancelot <julien.lancelot@sonarsource.com> 2020-02-04 09:17:43 +0100
committer: SonarTech <sonartech@sonarsource.com> 2020-02-11 20:46:11 +0100
commit: 5401ba28ca50f805f19a0e33852c5566f53f9175 (patch)
tree: f7c8937061061b0e4e655787c8d4616392802170 /server/sonar-ce-task-projectanalysis/src/main/java
parent: 49c4ddbfef30767bdf9d6c145cdf972a03ac8c5b (diff)
download: sonarqube-5401ba28ca50f805f19a0e33852c5566f53f9175.tar.gz
sonarqube-5401ba28ca50f805f19a0e33852c5566f53f9175.zip
8 files changed, 189 insertions, 51 deletions
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/container/ProjectAnalysisTaskContainerPopulator.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/container/ProjectAnalysisTaskContainerPopulator.java
index c5dc824f950..ed5b4fd315c 100644
--- a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/container/ProjectAnalysisTaskContainerPopulator.java
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/container/ProjectAnalysisTaskContainerPopulator.java
@@ -111,6 +111,7 @@ import org.sonar.ce.task.projectanalysis.qualitygate.QualityGateStatusHolderImpl
 import org.sonar.ce.task.projectanalysis.qualitymodel.MaintainabilityMeasuresVisitor;
 import org.sonar.ce.task.projectanalysis.qualitymodel.NewMaintainabilityMeasuresVisitor;
 import org.sonar.ce.task.projectanalysis.qualitymodel.NewReliabilityAndSecurityRatingMeasuresVisitor;
+import org.sonar.ce.task.projectanalysis.qualitymodel.NewSecurityReviewMeasuresVisitor;
 import org.sonar.ce.task.projectanalysis.qualitymodel.RatingSettings;
 import org.sonar.ce.task.projectanalysis.qualitymodel.ReliabilityAndSecurityRatingMeasuresVisitor;
 import org.sonar.ce.task.projectanalysis.qualitymodel.SecurityReviewMeasuresVisitor;
@@ -269,6 +270,7 @@ public final class ProjectAnalysisTaskContainerPopulator implements ContainerPop
       ReliabilityAndSecurityRatingMeasuresVisitor.class,
       NewReliabilityAndSecurityRatingMeasuresVisitor.class,
       SecurityReviewMeasuresVisitor.class,
+      NewSecurityReviewMeasuresVisitor.class,
       LastCommitVisitor.class,
       MeasureComputersVisitor.class,
 
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java
index 057d5bb00ca..91fadde60ca 100644
--- a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java
@@ -76,7 +76,6 @@ import static org.sonar.api.rules.RuleType.BUG;
 import static org.sonar.api.rules.RuleType.CODE_SMELL;
 import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT;
 import static org.sonar.api.rules.RuleType.VULNERABILITY;
-import static org.sonar.api.utils.DateUtils.truncateToSeconds;
 
 /**
  * For each component, computes the measures related to number of issues:
@@ -153,7 +152,7 @@ public class IssueCounter extends IssueVisitor {
       currentCounters.addOnPeriod(issue);
     } else if (periodHolder.hasPeriod()) {
       Period period = periodHolder.getPeriod();
-      if (issue.creationDate().getTime() > truncateToSeconds(period.getSnapshotDate())) {
+      if (period.isOnPeriod(issue.creationDate())){
         currentCounters.addOnPeriod(issue);
       }
     }
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/NewEffortAggregator.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/NewEffortAggregator.java
index ae7c9c28ac3..1bd97ca7542 100644
--- a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/NewEffortAggregator.java
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/NewEffortAggregator.java
@@ -22,6 +22,7 @@ package org.sonar.ce.task.projectanalysis.issue;
 import com.google.common.base.MoreObjects;
 import java.util.HashMap;
 import java.util.Map;
+import javax.annotation.Nullable;
 import org.sonar.api.measures.CoreMetrics;
 import org.sonar.ce.task.projectanalysis.analysis.AnalysisMetadataHolder;
 import org.sonar.ce.task.projectanalysis.component.Component;
@@ -29,13 +30,13 @@ import org.sonar.ce.task.projectanalysis.measure.Measure;
 import org.sonar.ce.task.projectanalysis.measure.MeasureRepository;
 import org.sonar.ce.task.projectanalysis.metric.Metric;
 import org.sonar.ce.task.projectanalysis.metric.MetricRepository;
+import org.sonar.ce.task.projectanalysis.period.Period;
 import org.sonar.ce.task.projectanalysis.period.PeriodHolder;
 import org.sonar.core.issue.DefaultIssue;
 
 import static org.sonar.api.measures.CoreMetrics.NEW_RELIABILITY_REMEDIATION_EFFORT_KEY;
 import static org.sonar.api.measures.CoreMetrics.NEW_SECURITY_REMEDIATION_EFFORT_KEY;
 import static org.sonar.api.measures.CoreMetrics.NEW_TECHNICAL_DEBT_KEY;
-import static org.sonar.api.utils.DateUtils.truncateToSeconds;
 
 /**
  * Compute new effort related measures :
@@ -82,9 +83,9 @@ public class NewEffortAggregator extends IssueVisitor {
   public void onIssue(Component component, DefaultIssue issue) {
     if (issue.resolution() == null && issue.effortInMinutes() != null) {
       if (analysisMetadataHolder.isPullRequest()) {
-        counter.add(issue, 0L);
+        counter.add(issue, null);
       } else if (periodHolder.hasPeriod()) {
-        counter.add(issue, periodHolder.getPeriod().getSnapshotDate());
+        counter.add(issue, periodHolder.getPeriod());
       }
     }
   }
@@ -115,8 +116,8 @@ public class NewEffortAggregator extends IssueVisitor {
       securitySum.add(otherCounter.securitySum);
     }
 
-    void add(DefaultIssue issue, long startDate) {
-      long newEffort = calculate(issue, startDate);
+    void add(DefaultIssue issue, @Nullable Period period) {
+      long newEffort = calculate(issue, period);
       switch (issue.type()) {
         case CODE_SMELL:
           maintainabilitySum.add(newEffort);
@@ -135,8 +136,8 @@ public class NewEffortAggregator extends IssueVisitor {
       }
     }
 
-    long calculate(DefaultIssue issue, long startDate) {
-      if (issue.creationDate().getTime() > truncateToSeconds(startDate)) {
+    long calculate(DefaultIssue issue, @Nullable Period period) {
+      if (period == null || period.isOnPeriod(issue.creationDate())) {
         return MoreObjects.firstNonNull(issue.effortInMinutes(), 0L);
       }
       return 0L;
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/period/Period.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/period/Period.java
index 3a44185505f..474adf14536 100644
--- a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/period/Period.java
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/period/Period.java
@@ -19,6 +19,7 @@
  */
 package org.sonar.ce.task.projectanalysis.period;
 
+import java.util.Date;
 import java.util.Objects;
 import javax.annotation.CheckForNull;
 import javax.annotation.Nullable;
@@ -27,6 +28,7 @@ import javax.annotation.concurrent.Immutable;
 import static com.google.common.base.MoreObjects.toStringHelper;
 import static java.util.Objects.hash;
 import static java.util.Objects.requireNonNull;
+import static org.sonar.api.utils.DateUtils.truncateToSeconds;
 
 @Immutable
 public class Period {
@@ -68,6 +70,10 @@ public class Period {
       && Objects.equals(modeParameter, period.modeParameter);
   }
 
+  public boolean isOnPeriod(Date date) {
+    return date.getTime() > truncateToSeconds(snapshotDate);
+  }
+
   @Override
   public int hashCode() {
     return hash(mode, modeParameter, snapshotDate);
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/NewReliabilityAndSecurityRatingMeasuresVisitor.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/NewReliabilityAndSecurityRatingMeasuresVisitor.java
index 5fc877f4ee1..c9d70906bbf 100644
--- a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/NewReliabilityAndSecurityRatingMeasuresVisitor.java
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/NewReliabilityAndSecurityRatingMeasuresVisitor.java
@@ -31,7 +31,6 @@ import org.sonar.ce.task.projectanalysis.issue.ComponentIssuesRepository;
 import org.sonar.ce.task.projectanalysis.measure.MeasureRepository;
 import org.sonar.ce.task.projectanalysis.metric.Metric;
 import org.sonar.ce.task.projectanalysis.metric.MetricRepository;
-import org.sonar.ce.task.projectanalysis.period.Period;
 import org.sonar.ce.task.projectanalysis.period.PeriodHolder;
 import org.sonar.core.issue.DefaultIssue;
 import org.sonar.server.measure.Rating;
@@ -45,7 +44,6 @@ import static org.sonar.api.rule.Severity.MAJOR;
 import static org.sonar.api.rule.Severity.MINOR;
 import static org.sonar.api.rules.RuleType.BUG;
 import static org.sonar.api.rules.RuleType.VULNERABILITY;
-import static org.sonar.api.utils.DateUtils.truncateToSeconds;
 import static org.sonar.ce.task.projectanalysis.component.ComponentVisitor.Order.POST_ORDER;
 import static org.sonar.ce.task.projectanalysis.component.CrawlerDepthLimit.LEAVES;
 import static org.sonar.ce.task.projectanalysis.measure.Measure.newMeasureBuilder;
@@ -154,7 +152,7 @@ public class NewReliabilityAndSecurityRatingMeasuresVisitor extends PathAwareVis
     }
 
     void processIssue(Issue issue, boolean isPR, PeriodHolder periodHolder) {
-      if (isPR || isOnPeriod((DefaultIssue) issue, periodHolder.getPeriod())) {
+      if (isPR || periodHolder.getPeriod().isOnPeriod(((DefaultIssue) issue).creationDate())) {
         Rating rating = RATING_BY_SEVERITY.get(issue.severity());
         if (issue.type().equals(BUG)) {
           newRatingValueByMetric.get(NEW_RELIABILITY_RATING_KEY).increment(rating);
@@ -163,11 +161,6 @@ public class NewReliabilityAndSecurityRatingMeasuresVisitor extends PathAwareVis
         }
       }
     }
-
-    private static boolean isOnPeriod(DefaultIssue issue, Period period) {
-      // Add one second to not take into account issues created during current analysis
-      return issue.creationDate().getTime() > truncateToSeconds(period.getSnapshotDate());
-    }
   }
 
   private static final class CounterFactory extends SimpleStackElementFactory<NewReliabilityAndSecurityRatingMeasuresVisitor.Counter> {
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/NewSecurityReviewMeasuresVisitor.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/NewSecurityReviewMeasuresVisitor.java
new file mode 100644
index 00000000000..5c48a164805
--- /dev/null
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/NewSecurityReviewMeasuresVisitor.java
@@ -0,0 +1,107 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.ce.task.projectanalysis.qualitymodel;
+
+import org.sonar.ce.task.projectanalysis.analysis.AnalysisMetadataHolder;
+import org.sonar.ce.task.projectanalysis.component.Component;
+import org.sonar.ce.task.projectanalysis.component.PathAwareVisitorAdapter;
+import org.sonar.ce.task.projectanalysis.issue.ComponentIssuesRepository;
+import org.sonar.ce.task.projectanalysis.measure.Measure;
+import org.sonar.ce.task.projectanalysis.measure.MeasureRepository;
+import org.sonar.ce.task.projectanalysis.metric.Metric;
+import org.sonar.ce.task.projectanalysis.metric.MetricRepository;
+import org.sonar.ce.task.projectanalysis.period.PeriodHolder;
+
+import static org.sonar.api.measures.CoreMetrics.NEW_SECURITY_HOTSPOTS_REVIEWED_KEY;
+import static org.sonar.api.measures.CoreMetrics.NEW_SECURITY_REVIEW_RATING_KEY;
+import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT;
+import static org.sonar.ce.task.projectanalysis.component.ComponentVisitor.Order.POST_ORDER;
+import static org.sonar.ce.task.projectanalysis.component.CrawlerDepthLimit.FILE;
+import static org.sonar.server.security.SecurityReviewRating.computePercent;
+import static org.sonar.server.security.SecurityReviewRating.computeRating;
+
+public class NewSecurityReviewMeasuresVisitor extends PathAwareVisitorAdapter<SecurityReviewCounter> {
+
+  private final ComponentIssuesRepository componentIssuesRepository;
+  private final MeasureRepository measureRepository;
+  private final PeriodHolder periodHolder;
+  private final AnalysisMetadataHolder analysisMetadataHolder;
+  private final Metric newSecurityReviewRatingMetric;
+  private final Metric newSecurityHotspotsReviewedMetric;
+
+  public NewSecurityReviewMeasuresVisitor(ComponentIssuesRepository componentIssuesRepository, MeasureRepository measureRepository, PeriodHolder periodHolder,
+    AnalysisMetadataHolder analysisMetadataHolder, MetricRepository metricRepository) {
+    super(FILE, POST_ORDER, NewSecurityReviewMeasuresVisitor.CounterFactory.INSTANCE);
+    this.componentIssuesRepository = componentIssuesRepository;
+    this.measureRepository = measureRepository;
+    this.periodHolder = periodHolder;
+    this.analysisMetadataHolder = analysisMetadataHolder;
+    this.newSecurityReviewRatingMetric = metricRepository.getByKey(NEW_SECURITY_REVIEW_RATING_KEY);
+    this.newSecurityHotspotsReviewedMetric = metricRepository.getByKey(NEW_SECURITY_HOTSPOTS_REVIEWED_KEY);
+  }
+
+  @Override
+  public void visitProject(Component project, Path<SecurityReviewCounter> path) {
+    computeMeasure(project, path);
+  }
+
+  @Override
+  public void visitDirectory(Component directory, Path<SecurityReviewCounter> path) {
+    computeMeasure(directory, path);
+  }
+
+  @Override
+  public void visitFile(Component file, Path<SecurityReviewCounter> path) {
+    computeMeasure(file, path);
+  }
+
+  private void computeMeasure(Component component, Path<SecurityReviewCounter> path) {
+    if (!periodHolder.hasPeriod() && !analysisMetadataHolder.isPullRequest()) {
+      return;
+    }
+    componentIssuesRepository.getIssues(component)
+      .stream()
+      .filter(issue -> issue.type().equals(SECURITY_HOTSPOT))
+      .filter(issue -> analysisMetadataHolder.isPullRequest() || periodHolder.getPeriod().isOnPeriod(issue.creationDate()) )
+      .forEach(issue -> path.current().processHotspot(issue));
+
+    Double percent = computePercent(path.current().getHotspotsToReview(), path.current().getHotspotsReviewed());
+    measureRepository.add(component, newSecurityHotspotsReviewedMetric, Measure.newMeasureBuilder().setVariation(percent).createNoValue());
+    measureRepository.add(component, newSecurityReviewRatingMetric, Measure.newMeasureBuilder().setVariation(computeRating(percent).getIndex()).createNoValue());
+
+    if (!path.isRoot()) {
+      path.parent().add(path.current());
+    }
+  }
+
+  private static final class CounterFactory extends SimpleStackElementFactory<SecurityReviewCounter> {
+    public static final NewSecurityReviewMeasuresVisitor.CounterFactory INSTANCE = new NewSecurityReviewMeasuresVisitor.CounterFactory();
+
+    private CounterFactory() {
+      // prevents instantiation
+    }
+
+    @Override
+    public SecurityReviewCounter createForAny(Component component) {
+      return new SecurityReviewCounter();
+    }
+  }
+
+}
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/SecurityReviewCounter.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/SecurityReviewCounter.java
new file mode 100644
index 00000000000..07d35e3a98c
--- /dev/null
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/SecurityReviewCounter.java
@@ -0,0 +1,55 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.ce.task.projectanalysis.qualitymodel;
+
+import org.sonar.api.ce.measure.Issue;
+
+import static org.sonar.api.issue.Issue.STATUS_REVIEWED;
+import static org.sonar.api.issue.Issue.STATUS_TO_REVIEW;
+
+final class SecurityReviewCounter {
+  private long hotspotsReviewed;
+  private long hotspotsToReview;
+
+  SecurityReviewCounter() {
+    // prevents instantiation
+  }
+
+  void processHotspot(Issue issue) {
+    if (issue.status().equals(STATUS_REVIEWED)) {
+      hotspotsReviewed++;
+    } else if (issue.status().equals(STATUS_TO_REVIEW)) {
+      hotspotsToReview++;
+    }
+  }
+
+  void add(SecurityReviewCounter otherCounter) {
+    hotspotsReviewed += otherCounter.hotspotsReviewed;
+    hotspotsToReview += otherCounter.hotspotsToReview;
+  }
+
+  public long getHotspotsReviewed() {
+    return hotspotsReviewed;
+  }
+
+  public long getHotspotsToReview() {
+    return hotspotsToReview;
+  }
+}
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/SecurityReviewMeasuresVisitor.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/SecurityReviewMeasuresVisitor.java
index 0f7c84b45bf..2bb1fdc3d3f 100644
--- a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/SecurityReviewMeasuresVisitor.java
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/qualitymodel/SecurityReviewMeasuresVisitor.java
@@ -19,7 +19,6 @@
  */
 package org.sonar.ce.task.projectanalysis.qualitymodel;
 
-import org.sonar.api.ce.measure.Issue;
 import org.sonar.ce.task.projectanalysis.component.Component;
 import org.sonar.ce.task.projectanalysis.component.PathAwareVisitor;
 import org.sonar.ce.task.projectanalysis.component.PathAwareVisitorAdapter;
@@ -30,17 +29,15 @@ import org.sonar.ce.task.projectanalysis.measure.RatingMeasures;
 import org.sonar.ce.task.projectanalysis.metric.Metric;
 import org.sonar.ce.task.projectanalysis.metric.MetricRepository;
 
-import static org.sonar.api.issue.Issue.STATUS_REVIEWED;
 import static org.sonar.api.measures.CoreMetrics.SECURITY_HOTSPOTS_REVIEWED_KEY;
 import static org.sonar.api.measures.CoreMetrics.SECURITY_REVIEW_RATING_KEY;
 import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT;
 import static org.sonar.ce.task.projectanalysis.component.ComponentVisitor.Order.POST_ORDER;
 import static org.sonar.ce.task.projectanalysis.component.CrawlerDepthLimit.FILE;
-import static org.sonar.core.issue.DefaultIssue.STATUS_TO_REVIEW;
 import static org.sonar.server.security.SecurityReviewRating.computePercent;
 import static org.sonar.server.security.SecurityReviewRating.computeRating;
 
-public class SecurityReviewMeasuresVisitor extends PathAwareVisitorAdapter<SecurityReviewMeasuresVisitor.Counter> {
+public class SecurityReviewMeasuresVisitor extends PathAwareVisitorAdapter<SecurityReviewCounter> {
 
   private final ComponentIssuesRepository componentIssuesRepository;
   private final MeasureRepository measureRepository;
@@ -56,27 +53,27 @@ public class SecurityReviewMeasuresVisitor extends PathAwareVisitorAdapter<Secur
   }
 
   @Override
-  public void visitProject(Component project, Path<SecurityReviewMeasuresVisitor.Counter> path) {
+  public void visitProject(Component project, Path<SecurityReviewCounter> path) {
     computeMeasure(project, path);
   }
 
   @Override
-  public void visitDirectory(Component directory, PathAwareVisitor.Path<SecurityReviewMeasuresVisitor.Counter> path) {
+  public void visitDirectory(Component directory, PathAwareVisitor.Path<SecurityReviewCounter> path) {
     computeMeasure(directory, path);
   }
 
   @Override
-  public void visitFile(Component file, PathAwareVisitor.Path<SecurityReviewMeasuresVisitor.Counter> path) {
+  public void visitFile(Component file, PathAwareVisitor.Path<SecurityReviewCounter> path) {
     computeMeasure(file, path);
   }
 
-  private void computeMeasure(Component component, PathAwareVisitor.Path<SecurityReviewMeasuresVisitor.Counter> path) {
+  private void computeMeasure(Component component, PathAwareVisitor.Path<SecurityReviewCounter> path) {
     componentIssuesRepository.getIssues(component)
       .stream()
       .filter(issue -> issue.type().equals(SECURITY_HOTSPOT))
       .forEach(issue -> path.current().processHotspot(issue));
 
-    Double percent = computePercent(path.current().hotspotsToReview, path.current().hotspotsReviewed);
+    Double percent = computePercent(path.current().getHotspotsToReview(), path.current().getHotspotsReviewed());
     measureRepository.add(component, securityHotspotsReviewedMetric, Measure.newMeasureBuilder().create(percent, securityHotspotsReviewedMetric.getDecimalScale()));
     measureRepository.add(component, securityReviewRatingMetric, RatingMeasures.get(computeRating(percent)));
 
@@ -85,29 +82,7 @@ public class SecurityReviewMeasuresVisitor extends PathAwareVisitorAdapter<Secur
     }
   }
 
-  static final class Counter {
-    private long hotspotsReviewed;
-    private long hotspotsToReview;
-
-    private Counter() {
-      // prevents instantiation
-    }
-
-    void processHotspot(Issue issue) {
-      if (issue.status().equals(STATUS_REVIEWED)) {
-        hotspotsReviewed++;
-      } else if (issue.status().equals(STATUS_TO_REVIEW)) {
-        hotspotsToReview++;
-      }
-    }
-
-    void add(Counter otherCounter) {
-      hotspotsReviewed += otherCounter.hotspotsReviewed;
-      hotspotsToReview += otherCounter.hotspotsToReview;
-    }
-  }
-
-  private static final class CounterFactory extends PathAwareVisitorAdapter.SimpleStackElementFactory<SecurityReviewMeasuresVisitor.Counter> {
+  private static final class CounterFactory extends PathAwareVisitorAdapter.SimpleStackElementFactory<SecurityReviewCounter> {
     public static final SecurityReviewMeasuresVisitor.CounterFactory INSTANCE = new SecurityReviewMeasuresVisitor.CounterFactory();
 
     private CounterFactory() {
@@ -115,8 +90,8 @@ public class SecurityReviewMeasuresVisitor extends PathAwareVisitorAdapter<Secur
     }
 
     @Override
-    public SecurityReviewMeasuresVisitor.Counter createForAny(Component component) {
-      return new SecurityReviewMeasuresVisitor.Counter();
+    public SecurityReviewCounter createForAny(Component component) {
+      return new SecurityReviewCounter();
     }
   }
author	Julien Lancelot <julien.lancelot@sonarsource.com>	2020-02-04 09:17:43 +0100
committer	SonarTech <sonartech@sonarsource.com>	2020-02-11 20:46:11 +0100
commit	5401ba28ca50f805f19a0e33852c5566f53f9175 (patch)
tree	f7c8937061061b0e4e655787c8d4616392802170 /server/sonar-ce-task-projectanalysis/src/main/java
parent	49c4ddbfef30767bdf9d6c145cdf972a03ac8c5b (diff)
download	sonarqube-5401ba28ca50f805f19a0e33852c5566f53f9175.tar.gz sonarqube-5401ba28ca50f805f19a0e33852c5566f53f9175.zip