aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-db-dao/src/test/java
diff options
context:
space:
mode:
Diffstat (limited to 'server/sonar-db-dao/src/test/java')
-rw-r--r--server/sonar-db-dao/src/test/java/org/sonar/db/sca/DefaultScaIssueIdentityTest.java47
-rw-r--r--server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaIssueDtoTest.java69
-rw-r--r--server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaIssueTypeTest.java34
-rw-r--r--server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaSeverityTest.java57
-rw-r--r--server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaVulnerabilityIssueDtoTest.java45
5 files changed, 252 insertions, 0 deletions
diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/sca/DefaultScaIssueIdentityTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/DefaultScaIssueIdentityTest.java
new file mode 100644
index 00000000000..122e328a16b
--- /dev/null
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/DefaultScaIssueIdentityTest.java
@@ -0,0 +1,47 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.db.sca;
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+class DefaultScaIssueIdentityTest {
+
+ @Test
+ void test_constructWithValidValues() {
+ var issueIdentity = new DefaultScaIssueIdentity(ScaIssueType.VULNERABILITY, "packageUrl", "vulnerabilityId", "spdxLicenseId");
+ assertEquals(ScaIssueType.VULNERABILITY, issueIdentity.scaIssueType());
+ assertEquals("packageUrl", issueIdentity.packageUrl());
+ assertEquals("vulnerabilityId", issueIdentity.vulnerabilityId());
+ assertEquals("spdxLicenseId", issueIdentity.spdxLicenseId());
+ }
+
+ @Test
+ void test_throwsOnInvalidValues() {
+ assertThrows(IllegalArgumentException.class, () -> new DefaultScaIssueIdentity(ScaIssueType.VULNERABILITY, "", "vulnerabilityId", "spdxLicenseId"));
+ assertThrows(IllegalArgumentException.class, () -> new DefaultScaIssueIdentity(ScaIssueType.VULNERABILITY, null, "vulnerabilityId", "spdxLicenseId"));
+ assertThrows(IllegalArgumentException.class, () -> new DefaultScaIssueIdentity(ScaIssueType.VULNERABILITY, "packageUrl", "", "spdxLicenseId"));
+ assertThrows(IllegalArgumentException.class, () -> new DefaultScaIssueIdentity(ScaIssueType.VULNERABILITY, "packageUrl", null, "spdxLicenseId"));
+ assertThrows(IllegalArgumentException.class, () -> new DefaultScaIssueIdentity(ScaIssueType.VULNERABILITY, "packageUrl", "vulnerabilityId", ""));
+ assertThrows(IllegalArgumentException.class, () -> new DefaultScaIssueIdentity(ScaIssueType.VULNERABILITY, "packageUrl", "vulnerabilityId", null));
+ }
+}
diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaIssueDtoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaIssueDtoTest.java
new file mode 100644
index 00000000000..da9eb91dddf
--- /dev/null
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaIssueDtoTest.java
@@ -0,0 +1,69 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.db.sca;
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+class ScaIssueDtoTest {
+
+ @Test
+ void test_constructWithValidValues() {
+ var dto = new ScaIssueDto("uuid", ScaIssueType.VULNERABILITY, "packageUrl", "vulnerabilityId", "spdxLicenseId", 1L, 2L);
+ assertEquals("uuid", dto.uuid());
+ assertEquals(ScaIssueType.VULNERABILITY, dto.scaIssueType());
+ assertEquals("packageUrl", dto.packageUrl());
+ assertEquals("vulnerabilityId", dto.vulnerabilityId());
+ assertEquals("spdxLicenseId", dto.spdxLicenseId());
+ assertEquals(1L, dto.createdAt());
+ assertEquals(2L, dto.updatedAt());
+ }
+
+ @Test
+ void test_throwsOnInvalidValues() {
+ assertThrows(IllegalArgumentException.class, () -> new ScaIssueDto("uuid", ScaIssueType.VULNERABILITY, "", "vulnerabilityId", "spdxLicenseId", 1L, 2L));
+ assertThrows(IllegalArgumentException.class, () -> new ScaIssueDto("uuid", ScaIssueType.VULNERABILITY, null, "vulnerabilityId", "spdxLicenseId", 1L, 2L));
+ assertThrows(IllegalArgumentException.class, () -> new ScaIssueDto("uuid", ScaIssueType.VULNERABILITY, "packageUrl", "", "spdxLicenseId", 1L, 2L));
+ assertThrows(IllegalArgumentException.class, () -> new ScaIssueDto("uuid", ScaIssueType.VULNERABILITY, "packageUrl", null, "spdxLicenseId", 1L, 2L));
+ assertThrows(IllegalArgumentException.class, () -> new ScaIssueDto("uuid", ScaIssueType.VULNERABILITY, "packageUrl", "vulnerabilityId", "", 1L, 2L));
+ assertThrows(IllegalArgumentException.class, () -> new ScaIssueDto("uuid", ScaIssueType.VULNERABILITY, "packageUrl", "vulnerabilityId", null, 1L, 2L));
+ }
+
+ @Test
+ void test_constructFromIdentity() {
+ var identity = new DefaultScaIssueIdentity(ScaIssueType.VULNERABILITY, "packageUrl", "vulnerabilityId", "spdxLicenseId");
+ var dto = new ScaIssueDto("uuid", identity, 1L, 2L);
+ assertEquals("uuid", dto.uuid());
+ assertEquals(ScaIssueType.VULNERABILITY, dto.scaIssueType());
+ assertEquals("packageUrl", dto.packageUrl());
+ assertEquals("vulnerabilityId", dto.vulnerabilityId());
+ assertEquals("spdxLicenseId", dto.spdxLicenseId());
+ assertEquals(1L, dto.createdAt());
+ assertEquals(2L, dto.updatedAt());
+ }
+
+ @Test
+ void test_toBuilder_build_shouldRoundTrip() {
+ var dto = new ScaIssueDto("uuid", ScaIssueType.VULNERABILITY, "packageUrl", "vulnerabilityId", "spdxLicenseId", 1L, 2L);
+ assertEquals(dto.toBuilder().build(), dto);
+ }
+}
diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaIssueTypeTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaIssueTypeTest.java
new file mode 100644
index 00000000000..3027f5e96bd
--- /dev/null
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaIssueTypeTest.java
@@ -0,0 +1,34 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.db.sca;
+
+import org.junit.jupiter.api.Test;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class ScaIssueTypeTest {
+
+ @Test
+ void test_namesAreShortEnough() {
+ for (ScaIssueType issueType : ScaIssueType.values()) {
+ assertThat(issueType.name().length()).isLessThanOrEqualTo(ScaIssueDto.SCA_ISSUE_TYPE_MAX_LENGTH);
+ }
+ }
+}
diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaSeverityTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaSeverityTest.java
new file mode 100644
index 00000000000..023f2bd9b20
--- /dev/null
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaSeverityTest.java
@@ -0,0 +1,57 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.db.sca;
+
+import java.util.stream.Stream;
+import org.junit.jupiter.api.Test;
+import org.sonar.api.issue.impact.Severity;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class ScaSeverityTest {
+ private static void assertSortOrder(ScaSeverity lower, ScaSeverity higher) {
+ assertThat(lower.databaseSortKey())
+ .as(lower + " sorts below " + higher)
+ .isLessThan(higher.databaseSortKey());
+ }
+
+ @Test
+ void test_maxLength() {
+ for (ScaSeverity severity : ScaSeverity.values()) {
+ assertThat(severity.name().length()).as(severity.name() + " is short enough")
+ .isLessThanOrEqualTo(ScaSeverity.MAX_NAME_LENGTH);
+ }
+ }
+
+ @Test
+ void test_sortKeysInOrder() {
+ assertSortOrder(ScaSeverity.INFO, ScaSeverity.LOW);
+ assertSortOrder(ScaSeverity.LOW, ScaSeverity.MEDIUM);
+ assertSortOrder(ScaSeverity.MEDIUM, ScaSeverity.HIGH);
+ assertSortOrder(ScaSeverity.HIGH, ScaSeverity.BLOCKER);
+ }
+
+ @Test
+ void test_matchesImpactSeverity() {
+ assertThat(Stream.of(ScaSeverity.values()).map(Enum::name).toList())
+ .as("ScaSeverity has the same values in the same order as impact.Severity")
+ .isEqualTo(Stream.of(Severity.values()).map(Enum::name).toList());
+ }
+}
diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaVulnerabilityIssueDtoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaVulnerabilityIssueDtoTest.java
new file mode 100644
index 00000000000..1019f1e3e5d
--- /dev/null
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/sca/ScaVulnerabilityIssueDtoTest.java
@@ -0,0 +1,45 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.db.sca;
+
+import java.math.BigDecimal;
+import java.util.List;
+import org.junit.jupiter.api.Test;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class ScaVulnerabilityIssueDtoTest {
+ @Test
+ void test_cweIdsLength_handledByTypeHandler() {
+ // this test is here to prevent accidentally messing it up
+ assertThat(ScaVulnerabilityIssueDto.CWE_IDS_MAX_LENGTH).isLessThanOrEqualTo(ListOfStringsTypeHandler.MAXIMUM_LENGTH);
+ }
+
+ @Test
+ void test_toBuilder_build_shouldRoundTrip() {
+ var scaVulnerabilityIssueDto = new ScaVulnerabilityIssueDto("sca-issue-uuid",
+ ScaSeverity.INFO,
+ List.of("cwe"),
+ new BigDecimal("7.1"),
+ 1L,
+ 2L);
+ assertThat(scaVulnerabilityIssueDto.toBuilder().build()).isEqualTo(scaVulnerabilityIssueDto);
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-27 09:06:54 +0000