aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/sonar-xoo-plugin
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/sonar-xoo-plugin')
-rw-r--r--plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java8
-rw-r--r--plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java50
-rw-r--r--plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooSonarWayProfile.java7
-rw-r--r--plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotSensor.java (renamed from plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/HotspotSensor.java)23
-rw-r--r--plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithContextsSensor.java47
-rw-r--r--plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithSingleContextSensor.java47
-rw-r--r--plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithoutContextSensor.java47
-rw-r--r--plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/HotspotWithContextsSensorTest.java91
-rw-r--r--plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java22
9 files changed, 318 insertions, 24 deletions
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java
index e4718cd6909..9f000f49013 100644
--- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java
@@ -43,7 +43,9 @@ import org.sonar.xoo.rule.ChecksSensor;
import org.sonar.xoo.rule.CreateIssueByInternalKeySensor;
import org.sonar.xoo.rule.CustomMessageSensor;
import org.sonar.xoo.rule.HasTagSensor;
-import org.sonar.xoo.rule.HotspotSensor;
+import org.sonar.xoo.rule.hotspot.HotspotWithSingleContextSensor;
+import org.sonar.xoo.rule.hotspot.HotspotWithoutContextSensor;
+import org.sonar.xoo.rule.hotspot.HotspotWithContextsSensor;
import org.sonar.xoo.rule.MultilineIssuesSensor;
import org.sonar.xoo.rule.NoSonarSensor;
import org.sonar.xoo.rule.OneBlockerIssuePerFileSensor;
@@ -168,7 +170,9 @@ public class XooPlugin implements Plugin {
DeprecatedGlobalSensor.class,
GlobalProjectSensor.class,
- HotspotSensor.class,
+ HotspotWithoutContextSensor.class,
+ HotspotWithContextsSensor.class,
+ HotspotWithSingleContextSensor.class,
// Coverage
UtCoverageSensor.class,
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
index 8052b9843c9..38ed2bad0bf 100644
--- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java
@@ -31,6 +31,9 @@ import org.sonar.api.utils.Version;
import org.sonar.xoo.Xoo;
import org.sonar.xoo.Xoo2;
import org.sonar.xoo.checks.Check;
+import org.sonar.xoo.rule.hotspot.HotspotWithContextsSensor;
+import org.sonar.xoo.rule.hotspot.HotspotWithSingleContextSensor;
+import org.sonar.xoo.rule.hotspot.HotspotWithoutContextSensor;
import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.ASSESS_THE_PROBLEM_SECTION_KEY;
import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.HOW_TO_FIX_SECTION_KEY;
@@ -49,6 +52,7 @@ public class XooRulesDefinition implements RulesDefinition {
public static final String XOO2_REPOSITORY = "xoo2";
private static final String TEN_MIN = "10min";
+ private static final String[] AVAILABLE_CONTEXTS = { "JavaScript", "JQuery", "Express.js", "React", "Axios" };
@Nullable
private final Version version;
@@ -89,8 +93,10 @@ public class XooRulesDefinition implements RulesDefinition {
new RulesDefinitionAnnotationLoader().load(repo, Check.ALL);
NewRule hasTag = repo.createRule(HasTagSensor.RULE_KEY).setName("Has Tag")
- .setActivatedByDefault(true);
- addAllDescriptionSections(hasTag, "Search for a given tag in Xoo files");
+ .setActivatedByDefault(true)
+ .addDescriptionSection(howToFixSectionWithContext("singleContext"));
+ addDescriptionSectionsWithoutContexts(hasTag, "Search for a given tag in Xoo files");
+
hasTag
.setDebtRemediationFunction(hasTag.debtRemediationFunctions().constantPerIssue("2min"));
hasTag.createParam("tag")
@@ -108,7 +114,8 @@ public class XooRulesDefinition implements RulesDefinition {
NewRule oneIssuePerLine = repo.createRule(OneIssuePerLineSensor.RULE_KEY).setName("One Issue Per Line")
.setTags("line");
- addAllDescriptionSections(oneIssuePerLine, "Generate an issue on each line of a file. It requires the metric \"lines\".");
+ addDescriptionSectionsWithoutContexts(oneIssuePerLine, "Generate an issue on each line of a file. It requires the metric \"lines\".");
+ addHowToFixSectionsWithContexts(oneIssuePerLine);
oneIssuePerLine
.setDebtRemediationFunction(oneIssuePerLine.debtRemediationFunctions().linear("1min"))
.setGapDescription("It takes about 1 minute to an experienced software craftsman to remove a line of code");
@@ -207,7 +214,7 @@ public class XooRulesDefinition implements RulesDefinition {
.setName("Template of rule");
addAllDescriptionSections(templateofRule, "Template to be overridden by custom rules");
- NewRule hotspot = repo.createRule(HotspotSensor.RULE_KEY)
+ NewRule hotspot = repo.createRule(HotspotWithoutContextSensor.RULE_KEY)
.setName("Find security hotspots")
.setType(RuleType.SECURITY_HOTSPOT)
.setActivatedByDefault(false);
@@ -228,6 +235,20 @@ public class XooRulesDefinition implements RulesDefinition {
.addCwe(250, 564, 546, 943);
}
+ NewRule hotspotWithContexts = repo.createRule(HotspotWithContextsSensor.RULE_KEY)
+ .setName("Find security hotspots with contexts")
+ .setType(RuleType.SECURITY_HOTSPOT)
+ .setActivatedByDefault(false);
+ addDescriptionSectionsWithoutContexts(hotspotWithContexts, "Search for Security Hotspots with contexts in Xoo files");
+ addHowToFixSectionsWithContexts(hotspotWithContexts);
+
+ NewRule hotspotWithSingleContext = repo.createRule(HotspotWithSingleContextSensor.RULE_KEY)
+ .setName("Find security hotspots, how_to_fix with single context")
+ .setType(RuleType.SECURITY_HOTSPOT)
+ .setActivatedByDefault(false)
+ .addDescriptionSection(howToFixSectionWithContext("singleContext"));
+ addDescriptionSectionsWithoutContexts(hotspotWithSingleContext, "Search for Security Hotspots with single context in Xoo files");
+
repo.done();
}
@@ -247,22 +268,41 @@ public class XooRulesDefinition implements RulesDefinition {
}
private static void addAllDescriptionSections(NewRule rule, String description) {
+ addDescriptionSectionsWithoutContexts(rule, description);
+ rule.addDescriptionSection(descriptionSection(HOW_TO_FIX_SECTION_KEY, "How to fix: " + description));
+ }
+
+ private static void addDescriptionSectionsWithoutContexts(NewRule rule, String description) {
rule
.setHtmlDescription(description)
.addDescriptionSection(descriptionSection(INTRODUCTION_SECTION_KEY, "Introduction: " + description))
.addDescriptionSection(descriptionSection(ROOT_CAUSE_SECTION_KEY, "Root cause: " + description))
.addDescriptionSection(descriptionSection(ASSESS_THE_PROBLEM_SECTION_KEY, "Assess the problem: " + description))
- .addDescriptionSection(descriptionSection(HOW_TO_FIX_SECTION_KEY, "How to fix: " + description))
.addDescriptionSection(descriptionSection(RESOURCES_SECTION_KEY,
"<a href=\"www.google.fr\"> Google </a><br><a href=\"https://stackoverflow.com/\"> StackOverflow</a>"))
.addDescriptionSection(descriptionSection("fake_section_to_be_ignored",
"fake_section_to_be_ignored"));
}
+ private static void addHowToFixSectionsWithContexts(NewRule rule) {
+ for (String contextName : AVAILABLE_CONTEXTS) {
+ rule.addDescriptionSection(howToFixSectionWithContext(contextName));
+ }
+ }
+
private static RuleDescriptionSection descriptionSection(String sectionKey, String htmlDescription) {
return RuleDescriptionSection.builder()
.sectionKey(sectionKey)
.htmlContent(htmlDescription)
.build();
}
+
+ private static RuleDescriptionSection howToFixSectionWithContext(String contextName) {
+ return RuleDescriptionSection.builder()
+ .sectionKey(HOW_TO_FIX_SECTION_KEY)
+ .htmlContent(String.format("This is 'How to fix?' description section for the <a href=\"https://stackoverflow.com/\"> %s</a>. " +
+ "This text can be very long.", contextName))
+ .context(new org.sonar.api.server.rule.Context(contextName, contextName))
+ .build();
+ }
}
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooSonarWayProfile.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooSonarWayProfile.java
index 587e6b00370..0b0af42eaec 100644
--- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooSonarWayProfile.java
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooSonarWayProfile.java
@@ -22,6 +22,9 @@ package org.sonar.xoo.rule;
import org.sonar.api.rule.Severity;
import org.sonar.api.server.profile.BuiltInQualityProfilesDefinition;
import org.sonar.xoo.Xoo;
+import org.sonar.xoo.rule.hotspot.HotspotWithContextsSensor;
+import org.sonar.xoo.rule.hotspot.HotspotWithSingleContextSensor;
+import org.sonar.xoo.rule.hotspot.HotspotWithoutContextSensor;
public class XooSonarWayProfile implements BuiltInQualityProfilesDefinition {
@Override
@@ -30,7 +33,9 @@ public class XooSonarWayProfile implements BuiltInQualityProfilesDefinition {
qProfile.activateRule(XooRulesDefinition.XOO_REPOSITORY, HasTagSensor.RULE_KEY).overrideSeverity(Severity.MAJOR);
qProfile.activateRule(XooRulesDefinition.XOO_REPOSITORY, OneIssuePerLineSensor.RULE_KEY).overrideSeverity(Severity.INFO);
qProfile.activateRule(XooRulesDefinition.XOO_REPOSITORY, OneIssuePerFileSensor.RULE_KEY).overrideSeverity(Severity.CRITICAL);
- qProfile.activateRule(XooRulesDefinition.XOO_REPOSITORY, HotspotSensor.RULE_KEY).overrideSeverity(Severity.CRITICAL);
+ qProfile.activateRule(XooRulesDefinition.XOO_REPOSITORY, HotspotWithoutContextSensor.RULE_KEY).overrideSeverity(Severity.CRITICAL);
+ qProfile.activateRule(XooRulesDefinition.XOO_REPOSITORY, HotspotWithContextsSensor.RULE_KEY).overrideSeverity(Severity.CRITICAL);
+ qProfile.activateRule(XooRulesDefinition.XOO_REPOSITORY, HotspotWithSingleContextSensor.RULE_KEY).overrideSeverity(Severity.CRITICAL);
qProfile.done();
}
}
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/HotspotSensor.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotSensor.java
index c55c521a47d..11d353cdd57 100644
--- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/HotspotSensor.java
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotSensor.java
@@ -17,7 +17,7 @@
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
-package org.sonar.xoo.rule;
+package org.sonar.xoo.rule.hotspot;
import java.io.BufferedReader;
import java.io.IOException;
@@ -28,39 +28,34 @@ import org.sonar.api.batch.rule.ActiveRules;
import org.sonar.api.batch.sensor.SensorContext;
import org.sonar.api.batch.sensor.issue.NewIssue;
import org.sonar.api.rule.RuleKey;
+import org.sonar.xoo.rule.AbstractXooRuleSensor;
/**
- * Generate issues on all the occurrences of tag Hotspot in xoo sources.
+ * Raise security hotspots all the occurrences of tag defined by getTag() in xoo sources.
*/
-public class HotspotSensor extends AbstractXooRuleSensor {
+public abstract class HotspotSensor extends AbstractXooRuleSensor {
- public static final String RULE_KEY = "Hotspot";
- public static final String TAG = "HOTSPOT";
-
- public HotspotSensor(FileSystem fs, ActiveRules activeRules) {
+ protected HotspotSensor(FileSystem fs, ActiveRules activeRules) {
super(fs, activeRules);
}
- @Override
- protected String getRuleKey() {
- return RULE_KEY;
- }
+ protected abstract String getTag();
@Override
protected void processFile(InputFile inputFile, SensorContext context, RuleKey ruleKey, String languageKey) {
try {
int[] lineCounter = {1};
try (InputStreamReader isr = new InputStreamReader(inputFile.inputStream(), inputFile.charset());
- BufferedReader reader = new BufferedReader(isr)) {
+ BufferedReader reader = new BufferedReader(isr)) {
reader.lines().forEachOrdered(lineStr -> {
int startIndex = -1;
- while ((startIndex = lineStr.indexOf(TAG, startIndex + 1)) != -1) {
+ while ((startIndex = lineStr.indexOf(getTag(), startIndex + 1)) != -1) {
NewIssue newIssue = context.newIssue();
newIssue
.forRule(ruleKey)
.at(newIssue.newLocation()
.on(inputFile)
- .at(inputFile.newRange(lineCounter[0], startIndex, lineCounter[0], startIndex + TAG.length())))
+ .at(inputFile.newRange(lineCounter[0], startIndex, lineCounter[0], startIndex + getTag().length())))
.save();
}
lineCounter[0]++;
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithContextsSensor.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithContextsSensor.java
new file mode 100644
index 00000000000..3a859e09ae1
--- /dev/null
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithContextsSensor.java
@@ -0,0 +1,47 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.xoo.rule.hotspot;
+
+import org.sonar.api.batch.fs.FileSystem;
+import org.sonar.api.batch.rule.ActiveRules;
+
+/**
+ * Generates security hotspots with contexts on all the occurrences of tag HOTSPOT_WITH_CONTEXTS in xoo sources.
+ */
+public class HotspotWithContextsSensor extends HotspotSensor {
+
+ public static final String RULE_KEY = "HotspotWithContexts";
+ public static final String TAG = "HOTSPOT_WITH_CONTEXTS";
+
+ public HotspotWithContextsSensor(FileSystem fs, ActiveRules activeRules) {
+ super(fs, activeRules);
+ }
+
+ @Override
+ protected String getRuleKey() {
+ return RULE_KEY;
+ }
+
+ @Override
+ public String getTag() {
+ return TAG;
+ }
+
+}
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithSingleContextSensor.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithSingleContextSensor.java
new file mode 100644
index 00000000000..7ecc062dc2e
--- /dev/null
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithSingleContextSensor.java
@@ -0,0 +1,47 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.xoo.rule.hotspot;
+
+import org.sonar.api.batch.fs.FileSystem;
+import org.sonar.api.batch.rule.ActiveRules;
+
+/**
+ * Generates security hotspots with contexts on all the occurrences of tag HOTSPOT_WITH_CONTEXTS in xoo sources.
+ */
+public class HotspotWithSingleContextSensor extends HotspotSensor {
+
+ public static final String RULE_KEY = "HotspotWithSingleContext";
+ public static final String TAG = "HOTSPOT_WITH_SINGLE_CONTEXT";
+
+ public HotspotWithSingleContextSensor(FileSystem fs, ActiveRules activeRules) {
+ super(fs, activeRules);
+ }
+
+ @Override
+ protected String getRuleKey() {
+ return RULE_KEY;
+ }
+
+ @Override
+ public String getTag() {
+ return TAG;
+ }
+
+}
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithoutContextSensor.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithoutContextSensor.java
new file mode 100644
index 00000000000..7a83eafe23a
--- /dev/null
+++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/hotspot/HotspotWithoutContextSensor.java
@@ -0,0 +1,47 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.xoo.rule.hotspot;
+
+import org.sonar.api.batch.fs.FileSystem;
+import org.sonar.api.batch.rule.ActiveRules;
+
+/**
+ * Generates security hotspots on all the occurrences of tag HOTSPOT in xoo sources.
+ */
+public class HotspotWithoutContextSensor extends HotspotSensor {
+
+ public static final String RULE_KEY = "Hotspot";
+ public static final String TAG = "HOTSPOT_WITHOUT_CONTEXT";
+
+ public HotspotWithoutContextSensor(FileSystem fs, ActiveRules activeRules) {
+ super(fs, activeRules);
+ }
+
+ @Override
+ protected String getRuleKey() {
+ return RULE_KEY;
+ }
+
+ @Override
+ public String getTag() {
+ return TAG;
+ }
+
+}
diff --git a/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/HotspotWithContextsSensorTest.java b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/HotspotWithContextsSensorTest.java
new file mode 100644
index 00000000000..d0cf3efb4d6
--- /dev/null
+++ b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/HotspotWithContextsSensorTest.java
@@ -0,0 +1,91 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.xoo.rule;
+
+import java.io.IOException;
+import java.nio.charset.Charset;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+import org.sonar.api.batch.fs.internal.DefaultFileSystem;
+import org.sonar.api.batch.fs.internal.DefaultInputFile;
+import org.sonar.api.batch.fs.internal.TestInputFileBuilder;
+import org.sonar.api.batch.rule.ActiveRule;
+import org.sonar.api.batch.rule.ActiveRules;
+import org.sonar.api.batch.sensor.internal.SensorContextTester;
+import org.sonar.xoo.Xoo;
+import org.sonar.xoo.rule.hotspot.HotspotWithContextsSensor;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public class HotspotWithContextsSensorTest {
+
+ @Rule
+ public TemporaryFolder temp = new TemporaryFolder();
+
+ private final ActiveRules activeRules = mock(ActiveRules.class);
+
+ @Before
+ public void before() {
+ when(activeRules.find(any())).thenReturn(mock(ActiveRule.class));
+ }
+
+ @Test
+ public void processFile_givenCorrectTagPassed_oneSecurityHotspotWithContextsIsRaised() throws IOException {
+ DefaultInputFile inputFile = newTestFile(HotspotWithContextsSensor.TAG + "/n some text /n");
+
+ DefaultFileSystem fs = new DefaultFileSystem(temp.newFolder());
+ fs.add(inputFile);
+
+ SensorContextTester sensorContextTester = SensorContextTester.create(temp.newFolder().toPath());
+ HotspotWithContextsSensor sensor = new HotspotWithContextsSensor(fs, activeRules);
+
+ sensor.execute(sensorContextTester);
+
+ assertThat(sensorContextTester.allIssues()).hasSize(1);
+ }
+
+ @Test
+ public void processFile_givenJustHotspotTagPassed_noSecurityHotspotWithContextAreRaised() throws IOException {
+ DefaultInputFile inputFile = newTestFile("HOTSPOT/n hotspot hotspot some text /n hotspot /n text");
+
+ DefaultFileSystem fs = new DefaultFileSystem(temp.newFolder());
+ fs.add(inputFile);
+
+ SensorContextTester sensorContextTester = SensorContextTester.create(temp.newFolder().toPath());
+ HotspotWithContextsSensor sensor = new HotspotWithContextsSensor(fs, activeRules);
+
+ sensor.execute(sensorContextTester);
+
+ assertThat(sensorContextTester.allIssues()).isEmpty();
+ }
+
+ private DefaultInputFile newTestFile(String content) {
+ return new TestInputFileBuilder("foo", "hotspot.xoo")
+ .setLanguage(Xoo.KEY)
+ .setContents(content)
+ .setCharset(Charset.defaultCharset())
+ .build();
+ }
+}
diff --git a/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java
index 9fa5d93d2db..cb9b5d6cce8 100644
--- a/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java
+++ b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java
@@ -28,8 +28,11 @@ import org.sonar.api.internal.SonarRuntimeImpl;
import org.sonar.api.server.debt.DebtRemediationFunction;
import org.sonar.api.server.rule.RulesDefinition;
import org.sonar.api.utils.Version;
+import org.sonar.xoo.rule.hotspot.HotspotWithContextsSensor;
+import org.sonar.xoo.rule.hotspot.HotspotWithoutContextSensor;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.HOW_TO_FIX_SECTION_KEY;
public class XooRulesDefinitionTest {
@@ -52,13 +55,15 @@ public class XooRulesDefinitionTest {
assertThat(rule.debtRemediationFunction().gapMultiplier()).isEqualTo("1min");
assertThat(rule.debtRemediationFunction().baseEffort()).isNull();
assertThat(rule.gapDescription()).isNotEmpty();
+ assertThat(rule.ruleDescriptionSections()).isNotEmpty();
+ assertThat(rule.ruleDescriptionSections().stream().anyMatch(rds -> rds.getContext().isPresent())).isTrue();
}
@Test
public void define_xoo_hotspot_rule() {
RulesDefinition.Repository repo = getRepository();
- RulesDefinition.Rule rule = repo.rule(HotspotSensor.RULE_KEY);
+ RulesDefinition.Rule rule = repo.rule(HotspotWithoutContextSensor.RULE_KEY);
assertThat(rule.name()).isNotEmpty();
assertThat(rule.securityStandards())
.isNotEmpty()
@@ -67,6 +72,19 @@ public class XooRulesDefinitionTest {
}
@Test
+ public void define_xoo_hotspot_rule_with_contexts() {
+ RulesDefinition.Repository repo = getRepository();
+
+ RulesDefinition.Rule rule = repo.rule(HotspotWithContextsSensor.RULE_KEY);
+ assertThat(rule.name()).isNotEmpty();
+ assertThat(rule.securityStandards()).isEmpty();
+ assertThat(rule.ruleDescriptionSections()).isNotEmpty();
+ assertThat(rule.ruleDescriptionSections().stream()
+ .filter(rds -> rds.getKey().equals(HOW_TO_FIX_SECTION_KEY)))
+ .allMatch(rds -> rds.getContext().isPresent());
+ }
+
+ @Test
public void define_xoo_vulnerability_rule() {
RulesDefinition.Repository repo = getRepository();
@@ -101,7 +119,7 @@ public class XooRulesDefinitionTest {
assertThat(repo).isNotNull();
assertThat(repo.name()).isEqualTo("Xoo");
assertThat(repo.language()).isEqualTo("xoo");
- assertThat(repo.rules()).hasSize(23);
+ assertThat(repo.rules()).hasSize(25);
return repo;
}
}