From ca68dabbefbad5122b57d57174130b33b2e93d22 Mon Sep 17 00:00:00 2001 From: Jacek Date: Tue, 5 Apr 2022 13:52:59 +0200 Subject: SONAR-16230 Add PCI DSS standard support in Plugin API --- .../org/sonar/api/server/rule/RulesDefinition.java | 25 +++++++++++++++++++ .../api/server/rule/internal/DefaultNewRule.java | 17 +++++++++++-- .../server/rule/internal/DefaultNewRuleTest.java | 28 +++++++++++++++++++--- 3 files changed, 65 insertions(+), 5 deletions(-) diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/server/rule/RulesDefinition.java b/sonar-plugin-api/src/main/java/org/sonar/api/server/rule/RulesDefinition.java index 6d33f2dc0ee..e3a88118fbb 100644 --- a/sonar-plugin-api/src/main/java/org/sonar/api/server/rule/RulesDefinition.java +++ b/sonar-plugin-api/src/main/java/org/sonar/api/server/rule/RulesDefinition.java @@ -273,6 +273,26 @@ public interface RulesDefinition { A1, A2, A3, A4, A5, A6, A7, A8, A9, A10 } + enum PciDssVersion { + V3_2("3.2", "pciDss-3.2"), V4_0("4.0", "pciDss-4.0"); + + private final String label; + private final String prefix; + + PciDssVersion(String label, String prefix) { + this.label = label; + this.prefix = prefix; + } + + public String label() { + return label; + } + + public String prefix() { + return prefix; + } + } + interface ExtendedRepository { String key(); @@ -464,6 +484,11 @@ public interface RulesDefinition { */ public abstract NewRule addOwaspTop10(OwaspTop10Version version, OwaspTop10... standards); + /** + * @since 9.5 + */ + public abstract NewRule addPciDss(PciDssVersion version, String... requirements); + /** * @since 7.3 */ diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/server/rule/internal/DefaultNewRule.java b/sonar-plugin-api/src/main/java/org/sonar/api/server/rule/internal/DefaultNewRule.java index 9077055fe4c..0bae29224f4 100644 --- a/sonar-plugin-api/src/main/java/org/sonar/api/server/rule/internal/DefaultNewRule.java +++ b/sonar-plugin-api/src/main/java/org/sonar/api/server/rule/internal/DefaultNewRule.java @@ -25,7 +25,6 @@ import java.util.Collection; import java.util.HashMap; import java.util.Locale; import java.util.Map; -import java.util.Objects; import java.util.Set; import java.util.TreeSet; import javax.annotation.CheckForNull; @@ -41,9 +40,11 @@ import org.sonar.api.server.rule.RuleTagFormat; import org.sonar.api.server.rule.RulesDefinition; import org.sonar.api.server.rule.RulesDefinition.OwaspTop10; import org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version; +import org.sonar.api.server.rule.RulesDefinition.PciDssVersion; import static java.lang.String.format; import static java.nio.charset.StandardCharsets.UTF_8; +import static java.util.Objects.requireNonNull; import static org.apache.commons.lang.StringUtils.isEmpty; import static org.apache.commons.lang.StringUtils.trimToNull; import static org.sonar.api.utils.Preconditions.checkArgument; @@ -234,7 +235,7 @@ class DefaultNewRule extends RulesDefinition.NewRule { @Override public DefaultNewRule addOwaspTop10(OwaspTop10Version owaspTop10Version, OwaspTop10... standards) { - Objects.requireNonNull(owaspTop10Version, "Owasp version must not be null"); + requireNonNull(owaspTop10Version, "Owasp version must not be null"); for (OwaspTop10 owaspTop10 : standards) { String standard = owaspTop10Version.prefix() + ":" + owaspTop10.name().toLowerCase(Locale.ENGLISH); @@ -243,6 +244,18 @@ class DefaultNewRule extends RulesDefinition.NewRule { return this; } + @Override + public DefaultNewRule addPciDss(PciDssVersion pciDssVersion, String... requirements) { + requireNonNull(pciDssVersion, "PCI DSS version must not be null"); + requireNonNull(requirements, "Requirements for PCI DSS standard must not be null"); + + for (String requirement : requirements) { + String standard = pciDssVersion.prefix() + ":" + requirement; + securityStandards.add(standard); + } + return this; + } + @Override public DefaultNewRule addCwe(int... nums) { for (int num : nums) { diff --git a/sonar-plugin-api/src/test/java/org/sonar/api/server/rule/internal/DefaultNewRuleTest.java b/sonar-plugin-api/src/test/java/org/sonar/api/server/rule/internal/DefaultNewRuleTest.java index 730558805ee..d4e82b5b7ce 100644 --- a/sonar-plugin-api/src/test/java/org/sonar/api/server/rule/internal/DefaultNewRuleTest.java +++ b/sonar-plugin-api/src/test/java/org/sonar/api/server/rule/internal/DefaultNewRuleTest.java @@ -28,6 +28,7 @@ import org.sonar.api.server.debt.DebtRemediationFunction; import org.sonar.api.server.rule.RulesDefinition; import org.sonar.api.server.rule.RulesDefinition.OwaspTop10; import org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version; +import org.sonar.api.server.rule.RulesDefinition.PciDssVersion; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; @@ -88,6 +89,13 @@ public class DefaultNewRuleTest { assertThat(rule.securityStandards()) .contains("owaspTop10:a1", "owaspTop10:a2", "owaspTop10:a4", "owaspTop10-2021:a3", "owaspTop10-2021:a5"); + rule.addPciDss(PciDssVersion.V3_2, "6.5.1"); + rule.addPciDss(PciDssVersion.V3_2, "6.5"); + rule.addPciDss(PciDssVersion.V4_0, "6.5.2", "6.5.10"); + + assertThat(rule.securityStandards()) + .contains("pciDss-3.2:6.5.1", "pciDss-3.2:6.5", "pciDss-4.0:6.5.2", "pciDss-4.0:6.5.10"); + rule.setType(RuleType.SECURITY_HOTSPOT); assertThat(rule.type()).isEqualTo(RuleType.SECURITY_HOTSPOT); @@ -142,8 +150,22 @@ public class DefaultNewRuleTest { @Test public void fail_if_null_owasp_version() { - assertThatThrownBy(() -> rule.addOwaspTop10((OwaspTop10Version) null , OwaspTop10.A1)) - .isInstanceOf(NullPointerException.class) - .hasMessage("Owasp version must not be null"); + assertThatThrownBy(() -> rule.addOwaspTop10((OwaspTop10Version) null, OwaspTop10.A1)) + .isInstanceOf(NullPointerException.class) + .hasMessage("Owasp version must not be null"); + } + + @Test + public void fail_if_null_pci_dss_version() { + assertThatThrownBy(() -> rule.addPciDss(null, "6.5.1")) + .isInstanceOf(NullPointerException.class) + .hasMessage("PCI DSS version must not be null"); + } + + @Test + public void fail_if_null_pci_dss_array() { + assertThatThrownBy(() -> rule.addPciDss(PciDssVersion.V3_2, null)) + .isInstanceOf(NullPointerException.class) + .hasMessage("Requirements for PCI DSS standard must not be null"); } } -- cgit v1.2.3