SONAR-7049 check max length of rule/rule param fields

3 files changed, 65 insertions, 13 deletions

diff --git a/sonar-db/src/main/java/org/sonar/db/rule/RuleDto.java b/sonar-db/src/main/java/org/sonar/db/rule/RuleDto.java
index 2c5a17b4f59..9b3a347d908 100644
--- a/sonar-db/src/main/java/org/sonar/db/rule/RuleDto.java
+++ b/sonar-db/src/main/java/org/sonar/db/rule/RuleDto.java
@@ -36,6 +36,8 @@ import org.sonar.api.rule.RuleStatus;
 import org.sonar.core.rule.SeverityUtil;
 import org.sonar.db.Dto;
 
+import static com.google.common.base.Preconditions.checkArgument;
+
 public class RuleDto extends Dto<RuleKey> {
 
   public static final int DISABLED_CHARACTERISTIC_ID = -1;
@@ -95,8 +97,9 @@ public class RuleDto extends Dto<RuleKey> {
     return repositoryKey;
   }
 
-  public RuleDto setRepositoryKey(String repositoryKey) {
-    this.repositoryKey = repositoryKey;
+  public RuleDto setRepositoryKey(String s) {
+    checkArgument(s.length() <= 255, "Rule repository is too long: %s", s);
+    this.repositoryKey = s;
     return this;
   }
 
@@ -104,8 +107,9 @@ public class RuleDto extends Dto<RuleKey> {
     return ruleKey;
   }
 
-  public RuleDto setRuleKey(String ruleKey) {
-    this.ruleKey = ruleKey;
+  public RuleDto setRuleKey(String s) {
+    checkArgument(s.length() <= 200, "Rule key is too long: %s", s);
+    this.ruleKey = s;
     return this;
   }
 
@@ -140,8 +144,9 @@ public class RuleDto extends Dto<RuleKey> {
     return name;
   }
 
-  public RuleDto setName(@Nullable String name) {
-    this.name = name;
+  public RuleDto setName(@Nullable String s) {
+    checkArgument(s== null || s.length() <= 255, "Rule name is too long: %s", s);
+    this.name = s;
     return this;
   }
 
@@ -362,7 +367,9 @@ public class RuleDto extends Dto<RuleKey> {
   }
 
   public RuleDto setTags(Set<String> tags) {
-    this.tags = tags.isEmpty() ? null : StringUtils.join(tags, ',');
+    String raw = tags.isEmpty() ? null : StringUtils.join(tags, ',');
+    checkArgument(raw == null || raw.length() <= 4000, "Rule tags are too long: %s", raw);
+    this.tags = raw;
     return this;
   }
 
diff --git a/sonar-db/src/main/java/org/sonar/db/rule/RuleParamDto.java b/sonar-db/src/main/java/org/sonar/db/rule/RuleParamDto.java
index 2df5c541a93..a84bb037342 100644
--- a/sonar-db/src/main/java/org/sonar/db/rule/RuleParamDto.java
+++ b/sonar-db/src/main/java/org/sonar/db/rule/RuleParamDto.java
@@ -25,6 +25,8 @@ import javax.annotation.Nullable;
 import org.apache.commons.lang.builder.ReflectionToStringBuilder;
 import org.apache.commons.lang.builder.ToStringStyle;
 
+import static com.google.common.base.Preconditions.checkArgument;
+
 public class RuleParamDto {
 
   private Integer id;
@@ -56,8 +58,9 @@ public class RuleParamDto {
     return name;
   }
 
-  public RuleParamDto setName(String name) {
-    this.name = name;
+  public RuleParamDto setName(String s) {
+    checkArgument(s.length() <= 128, "Rule parameter name is too long: %s", s);
+    this.name = s;
     return this;
   }
 
@@ -75,8 +78,9 @@ public class RuleParamDto {
     return defaultValue;
   }
 
-  public RuleParamDto setDefaultValue(@Nullable String defaultValue) {
-    this.defaultValue = defaultValue;
+  public RuleParamDto setDefaultValue(@Nullable String s) {
+    checkArgument(s == null || s.length() <= 4000, "Rule parameter default value is too long: %s", s);
+    this.defaultValue = s;
     return this;
   }
 
@@ -84,8 +88,9 @@ public class RuleParamDto {
     return description;
   }
 
-  public RuleParamDto setDescription(String description) {
-    this.description = description;
+  public RuleParamDto setDescription(@Nullable String s) {
+    checkArgument(s == null || s.length() <= 4000, "Rule parameter description is too long: %s", s);
+    this.description = s;
     return this;
   }
 
diff --git a/sonar-db/src/test/java/org/sonar/db/rule/RuleDtoTest.java b/sonar-db/src/test/java/org/sonar/db/rule/RuleDtoTest.java
index 7c170e7c8df..c6ac840691c 100644
--- a/sonar-db/src/test/java/org/sonar/db/rule/RuleDtoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/rule/RuleDtoTest.java
@@ -19,8 +19,14 @@
  */
 package org.sonar.db.rule;
 
+import com.google.common.collect.ImmutableSet;
+import java.util.Collections;
+import java.util.Set;
+import org.junit.Rule;
 import org.junit.Test;
+import org.junit.rules.ExpectedException;
 
+import static org.apache.commons.lang.StringUtils.repeat;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.sonar.db.rule.RuleDto.DISABLED_CHARACTERISTIC_ID;
 
@@ -29,6 +35,9 @@ public class RuleDtoTest {
   public static final int FAKE_SUB_CHAR_1 = 27;
   public static final int FAKE_SUB_CHAR_2 = 42;
 
+  @Rule
+  public ExpectedException expectedException = ExpectedException.none();
+
   @Test
   public void effective_sub_characteristic_id() {
     RuleDto dto = new RuleDto();
@@ -57,4 +66,35 @@ public class RuleDtoTest {
     dto.setSubCharacteristicId(DISABLED_CHARACTERISTIC_ID).setDefaultSubCharacteristicId(FAKE_SUB_CHAR_2);
     assertThat(dto.getEffectiveSubCharacteristicId()).isNull();
   }
+
+  @Test
+  public void fail_if_key_is_too_long() {
+    expectedException.expect(IllegalArgumentException.class);
+    expectedException.expectMessage("Rule key is too long: ");
+
+    new RuleDto().setRuleKey(repeat("x", 250));
+  }
+
+  @Test
+  public void fail_if_name_is_too_long() {
+    expectedException.expect(IllegalArgumentException.class);
+    expectedException.expectMessage("Rule name is too long: ");
+
+    new RuleDto().setName(repeat("x", 300));
+  }
+
+  @Test
+  public void fail_if_tags_are_too_long() {
+    expectedException.expect(IllegalArgumentException.class);
+    expectedException.expectMessage("Rule tags are too long: ");
+
+    Set<String> tags = ImmutableSet.of(repeat("a", 2000), repeat("b", 1000), repeat("c", 2000));
+    new RuleDto().setTags(tags);
+  }
+
+  @Test
+  public void tags_are_optional() {
+    RuleDto dto = new RuleDto().setTags(Collections.<String>emptySet());
+    assertThat(dto.getTags()).isEmpty();
+  }
 }