diff options
| author | Simon Brandhof <simon.brandhof@sonarsource.com> | 2014-10-21 20:01:22 +0200 |
|---|---|---|
| committer | Simon Brandhof <simon.brandhof@sonarsource.com> | 2014-10-21 20:01:22 +0200 |
| commit | 25debfae898192808b76e1617e0b7d27e029deb2 (patch) | |
| tree | 0028d5f0c2edb6d0d870d126793095dcd0b18b71 /server | |
| parent | d4ff74523ea43590b398f4b8d75c21d2f0c7651f (diff) | |
| parent | 23f009e251de91721c37dbfbfb67502839d9b9a3 (diff) | |
| download | sonarqube-25debfae898192808b76e1617e0b7d27e029deb2.tar.gz sonarqube-25debfae898192808b76e1617e0b7d27e029deb2.zip | |
Merge remote-tracking branch 'remotes/origin/branch-4.5'
Conflicts:
server/sonar-server/src/main/java/org/sonar/server/db/migrations/DatabaseMigrations.java
sonar-core/src/main/java/org/sonar/core/persistence/DatabaseVersion.java
sonar-core/src/main/resources/org/sonar/core/persistence/rows-h2.sql
Diffstat (limited to 'server')
19 files changed, 223 insertions, 8 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/db/migrations/DatabaseMigrations.java b/server/sonar-server/src/main/java/org/sonar/server/db/migrations/DatabaseMigrations.java index f81424d5c6b..e064bf5298a 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/db/migrations/DatabaseMigrations.java +++ b/server/sonar-server/src/main/java/org/sonar/server/db/migrations/DatabaseMigrations.java @@ -25,11 +25,12 @@ import org.sonar.server.db.migrations.v42.CompleteIssueMessageMigration; import org.sonar.server.db.migrations.v42.PackageKeysMigration; import org.sonar.server.db.migrations.v43.*; import org.sonar.server.db.migrations.v44.*; -import org.sonar.server.db.migrations.v45.AddMissingCustomRuleParametersMigration; +import org.sonar.server.db.migrations.v451.AddMissingCustomRuleParametersMigration; import org.sonar.server.db.migrations.v45.AddMissingRuleParameterDefaultValuesMigration; import org.sonar.server.db.migrations.v45.DeleteMeasuresOnDeletedProfilesMigration; import org.sonar.server.db.migrations.v50.InsertProjectsAuthorizationUpdatedAtMigration; import org.sonar.server.db.migrations.v50.PopulateProjectsUuidColumnsMigration; +import org.sonar.server.db.migrations.v451.DeleteUnescapedActivities; import java.util.List; @@ -61,7 +62,10 @@ public interface DatabaseMigrations { // 4.5 AddMissingRuleParameterDefaultValuesMigration.class, DeleteMeasuresOnDeletedProfilesMigration.class, + + // 4.5.1 AddMissingCustomRuleParametersMigration.class, + DeleteUnescapedActivities.class, // 5.0 InsertProjectsAuthorizationUpdatedAtMigration.class, diff --git a/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigration.java b/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigration.java index 8d59d4d4d9f..a35754bd74f 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigration.java +++ b/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigration.java @@ -17,7 +17,7 @@ * along with this program; if not, write to the Free Software Foundation, * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ -package org.sonar.server.db.migrations.v45; +package org.sonar.server.db.migrations.v451; import com.google.common.base.Predicate; import com.google.common.collect.ArrayListMultimap; @@ -33,7 +33,6 @@ import org.sonar.server.db.DbClient; import org.sonar.server.db.migrations.DatabaseMigration; import javax.annotation.Nullable; - import java.util.Collection; import java.util.Date; import java.util.List; @@ -43,7 +42,7 @@ import java.util.List; * * Add missing parameters (with no value) on each custom rules * - * @since 4.5 + * @since 4.5.1 */ public class AddMissingCustomRuleParametersMigration implements DatabaseMigration { diff --git a/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v451/DeleteUnescapedActivities.java b/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v451/DeleteUnescapedActivities.java new file mode 100644 index 00000000000..5f9866de881 --- /dev/null +++ b/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v451/DeleteUnescapedActivities.java @@ -0,0 +1,69 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.server.db.migrations.v451; + +import org.apache.commons.lang.StringUtils; +import org.sonar.core.persistence.Database; +import org.sonar.server.db.migrations.BaseDataChange; +import org.sonar.server.db.migrations.MassUpdate; +import org.sonar.server.db.migrations.Select; +import org.sonar.server.db.migrations.SqlStatement; + +import java.sql.SQLException; + +/** + * See http://jira.codehaus.org/browse/SONAR-5758 + * + * @since 4.5.1 + */ +public class DeleteUnescapedActivities extends BaseDataChange { + + public DeleteUnescapedActivities(Database db) { + super(db); + } + + @Override + public void execute(Context context) throws SQLException { + MassUpdate massUpdate = context.prepareMassUpdate(); + massUpdate.select("select id,data_field from activities where log_type='QPROFILE'"); + massUpdate.update("delete activities where id=?"); + massUpdate.execute(new MassUpdate.Handler() { + @Override + public boolean handle(Select.Row row, SqlStatement update) throws SQLException { + String csv = row.getString(2); + if (isUnescaped(csv)) { + update.setLong(1, row.getLong(1)); + return true; + } + return false; + } + }); + } + + static boolean isUnescaped(String csv) { + String[] splits = csv.split(";"); + for (String split : splits) { + if (StringUtils.countMatches(split, "=") != 1) { + return true; + } + } + return false; + } +} diff --git a/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v451/package-info.java b/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v451/package-info.java new file mode 100644 index 00000000000..30ddbeb60f7 --- /dev/null +++ b/server/sonar-server/src/main/java/org/sonar/server/db/migrations/v451/package-info.java @@ -0,0 +1,24 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +@ParametersAreNonnullByDefault +package org.sonar.server.db.migrations.v451; + +import javax.annotation.ParametersAreNonnullByDefault; diff --git a/server/sonar-server/src/test/java/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest.java b/server/sonar-server/src/test/java/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest.java index f1db25496b6..e33bff9d73e 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest.java @@ -17,7 +17,7 @@ * along with this program; if not, write to the Free Software Foundation, * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ -package org.sonar.server.db.migrations.v45; +package org.sonar.server.db.migrations.v451; import org.junit.Before; import org.junit.ClassRule; diff --git a/server/sonar-server/src/test/java/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest.java b/server/sonar-server/src/test/java/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest.java new file mode 100644 index 00000000000..4f342cfe5a8 --- /dev/null +++ b/server/sonar-server/src/test/java/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest.java @@ -0,0 +1,55 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.server.db.migrations.v451; + +import org.junit.ClassRule; +import org.junit.Test; +import org.sonar.core.persistence.TestDatabase; +import org.sonar.server.db.migrations.DatabaseMigration; + +import static org.fest.assertions.Assertions.assertThat; + +public class DeleteUnescapedActivitiesTest { + + @ClassRule + public static TestDatabase db = new TestDatabase().schema(DeleteUnescapedActivitiesTest.class, "schema.sql"); + + DatabaseMigration migration; + + @Test + public void execute() throws Exception { + migration = new DeleteUnescapedActivities(db.database()); + db.prepareDbUnit(getClass(), "execute.xml"); + migration.execute(); + db.assertDbUnit(getClass(), "execute-result.xml", "activities"); + } + + @Test + public void is_unescaped() throws Exception { + assertThat(DeleteUnescapedActivities.isUnescaped( + "ruleKey=findbugs:PT_RELATIVE_PATH_TRAVERSAL;profileKey=java-findbugs-74105;severity=MAJOR;" + + "key=java-findbugs-74105:findbugs:PT_RELATIVE_PATH_TRAVERSAL")) + .isFalse(); + assertThat(DeleteUnescapedActivities.isUnescaped("param_xpath=/foo/bar")).isFalse(); + assertThat(DeleteUnescapedActivities.isUnescaped("param_xpath=/foo/bar;foo;ruleKey=S001")).isTrue(); + assertThat(DeleteUnescapedActivities.isUnescaped("param_xpath=/foo=foo;ruleKey=S001")).isTrue(); + + } +} diff --git a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/execute-result.xml b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/execute-result.xml index a4b4ab4411b..a4b4ab4411b 100644 --- a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/execute-result.xml +++ b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/execute-result.xml diff --git a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/execute.xml b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/execute.xml index 58b9732cf61..58b9732cf61 100644 --- a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/execute.xml +++ b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/execute.xml diff --git a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/execute_when_custom_rule_have_no_parameter-result.xml b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/execute_when_custom_rule_have_no_parameter-result.xml index 76c7c186008..76c7c186008 100644 --- a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/execute_when_custom_rule_have_no_parameter-result.xml +++ b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/execute_when_custom_rule_have_no_parameter-result.xml diff --git a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/execute_when_custom_rule_have_no_parameter.xml b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/execute_when_custom_rule_have_no_parameter.xml index dd676e5d869..dd676e5d869 100644 --- a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/execute_when_custom_rule_have_no_parameter.xml +++ b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/execute_when_custom_rule_have_no_parameter.xml diff --git a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/no_changes.xml b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/no_changes.xml index ed072ad9461..ed072ad9461 100644 --- a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/no_changes.xml +++ b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/no_changes.xml diff --git a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/schema.sql b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/schema.sql index 0bf38617681..0bf38617681 100644 --- a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v45/AddMissingCustomRuleParametersMigrationTest/schema.sql +++ b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/AddMissingCustomRuleParametersMigrationTest/schema.sql diff --git a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest/execute-result.xml b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest/execute-result.xml new file mode 100644 index 00000000000..49462b9bbcd --- /dev/null +++ b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest/execute-result.xml @@ -0,0 +1,12 @@ +<dataset> + + <!-- ok --> + <activities id="1" log_key="abcde" created_at="2014-01-10" user_login="[null]" log_type="QPROFILE" + log_action="ACTIVATED" log_message="[null]" + data_field="ruleKey=findbugs:PT_RELATIVE_PATH_TRAVERSAL;profileKey=java-findbugs-74105;severity=MAJOR"/> + + <!-- ko - deleted --> + <!--<activities id="2" log_key="fghij" created_at="2014-01-10" user_login="[null]" log_type="QPROFILE" + log_action="ACTIVATED" log_message="[null]" + data_field="ruleKey=findbugs:PT_RELATIVE_PATH_TRAVERSAL;param_xpath=foo;bar;baz"/>--> +</dataset> diff --git a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest/execute.xml b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest/execute.xml new file mode 100644 index 00000000000..415484745fb --- /dev/null +++ b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest/execute.xml @@ -0,0 +1,12 @@ +<dataset> + + <!-- ok --> + <activities id="1" log_key="abcde" created_at="2014-01-10" user_login="[null]" log_type="QPROFILE" + log_action="ACTIVATED" log_message="[null]" + data_field="ruleKey=findbugs:PT_RELATIVE_PATH_TRAVERSAL;profileKey=java-findbugs-74105;severity=MAJOR"/> + + <!-- ko --> + <activities id="2" log_key="fghij" created_at="2014-01-10" user_login="[null]" log_type="QPROFILE" + log_action="ACTIVATED" log_message="[null]" + data_field="ruleKey=findbugs:PT_RELATIVE_PATH_TRAVERSAL;param_xpath=foo;bar;baz"/> +</dataset> diff --git a/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest/schema.sql b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest/schema.sql new file mode 100644 index 00000000000..336e2fd7f01 --- /dev/null +++ b/server/sonar-server/src/test/resources/org/sonar/server/db/migrations/v451/DeleteUnescapedActivitiesTest/schema.sql @@ -0,0 +1,10 @@ +CREATE TABLE "ACTIVITIES" ( + "ID" INTEGER NOT NULL GENERATED BY DEFAULT AS IDENTITY (START WITH 1, INCREMENT BY 1), + "LOG_KEY" VARCHAR(250), + "CREATED_AT" TIMESTAMP, + "USER_LOGIN" VARCHAR(30), + "LOG_TYPE" VARCHAR(250), + "LOG_ACTION" VARCHAR(250), + "LOG_MESSAGE" VARCHAR(250), + "DATA_FIELD" CLOB(2147483647) +); diff --git a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/601_add_missing_custom_rule_parameters.rb b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/601_add_missing_custom_rule_parameters.rb index 55d04675c93..68fc21af055 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/601_add_missing_custom_rule_parameters.rb +++ b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/601_add_missing_custom_rule_parameters.rb @@ -25,6 +25,6 @@ class AddMissingCustomRuleParameters < ActiveRecord::Migration def self.up - execute_java_migration 'org.sonar.server.db.migrations.v45.AddMissingCustomRuleParametersMigration' + execute_java_migration 'org.sonar.server.db.migrations.v451.AddMissingCustomRuleParametersMigration' end end diff --git a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/602_remove_duplication_in_group_roles.rb b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/602_remove_duplication_in_group_roles.rb index 168fa378ebb..069b9a3aff4 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/602_remove_duplication_in_group_roles.rb +++ b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/602_remove_duplication_in_group_roles.rb @@ -19,7 +19,7 @@ # # -# SonarQube 4.5 +# SonarQube 4.5.1 # SONAR-4950 Unique constraint cannot be created because it would be on resource_id that is nullable # class RemoveDuplicationInGroupRoles < ActiveRecord::Migration diff --git a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/603_add_enabled_to_projects_kee_index.rb b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/603_add_enabled_to_projects_kee_index.rb index 6615bc274d2..6e80a8f8ee3 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/603_add_enabled_to_projects_kee_index.rb +++ b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/603_add_enabled_to_projects_kee_index.rb @@ -19,7 +19,7 @@ # # -# SonarQube 4.5 +# SonarQube 4.5.1 # SONAR-5625 # class AddEnabledToProjectsKeeIndex < ActiveRecord::Migration diff --git a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/604_delete_unescaped_activities.rb b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/604_delete_unescaped_activities.rb new file mode 100644 index 00000000000..6fe1d07472c --- /dev/null +++ b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/604_delete_unescaped_activities.rb @@ -0,0 +1,30 @@ +# +# SonarQube, open source software quality management tool. +# Copyright (C) 2008-2014 SonarSource +# mailto:contact AT sonarsource DOT com +# +# SonarQube is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 3 of the License, or (at your option) any later version. +# +# SonarQube is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# + +# +# SonarQube 4.5.1 +# SONAR-5758 +# +class DeleteUnescapedActivities < ActiveRecord::Migration + + def self.up + execute_java_migration 'org.sonar.server.db.migrations.v451.DeleteUnescapedActivities' + end +end |