Skip to content

Commit

Permalink
SLCORE-999 Store custom impacts when synchronizing rules
Browse files Browse the repository at this point in the history
  • Loading branch information
eray-felek-sonarsource authored and nquinquenel committed Nov 5, 2024
1 parent 1b0afd0 commit 7c7b4da
Show file tree
Hide file tree
Showing 7 changed files with 78 additions and 25 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -400,18 +400,16 @@ private ServerActiveRule tryConvertDeprecatedKeys(String connectionId, ServerAct
var ruleKeyPossiblyWithDeprecatedRepo = RuleKey.parse(possiblyDeprecatedActiveRuleFromStorage.getRuleKey());
var templateRuleKeyWithCorrectRepo = RuleKey.parse(ruleOrTemplateDefinition.getKey());
var ruleKey = new RuleKey(templateRuleKeyWithCorrectRepo.repository(), ruleKeyPossiblyWithDeprecatedRepo.rule()).toString();
//TODO Replace empty list with proper one.
return new ServerActiveRule(ruleKey, possiblyDeprecatedActiveRuleFromStorage.getSeverity(), possiblyDeprecatedActiveRuleFromStorage.getParams(),
ruleOrTemplateDefinition.getKey(), Collections.emptyList());
ruleOrTemplateDefinition.getKey(), possiblyDeprecatedActiveRuleFromStorage.getOverriddenImpacts());
} else {
ruleOrTemplateDefinition = rulesRepository.getRule(connectionId, possiblyDeprecatedActiveRuleFromStorage.getRuleKey()).orElse(null);
if (ruleOrTemplateDefinition == null) {
// The rule is not known among our loaded analyzers, so return it untouched, to let calling code take appropriate decision
return possiblyDeprecatedActiveRuleFromStorage;
}
//TODO Replace empty list with proper one.
return new ServerActiveRule(ruleOrTemplateDefinition.getKey(), possiblyDeprecatedActiveRuleFromStorage.getSeverity(), possiblyDeprecatedActiveRuleFromStorage.getParams(),
null, Collections.emptyList());
null, possiblyDeprecatedActiveRuleFromStorage.getOverriddenImpacts());
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@

import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.EnumMap;
import java.util.List;
import java.util.Map;
Expand All @@ -38,10 +39,14 @@
import org.sonarsource.sonarlint.core.commons.VulnerabilityProbability;
import org.sonarsource.sonarlint.core.commons.api.SonarLanguage;
import org.sonarsource.sonarlint.core.rpc.protocol.backend.rules.StandaloneRuleConfigDto;
import org.sonarsource.sonarlint.core.commons.VulnerabilityProbability;
import org.sonarsource.sonarlint.core.commons.api.SonarLanguage;
import org.sonarsource.sonarlint.core.rpc.protocol.backend.rules.StandaloneRuleConfigDto;
import org.sonarsource.sonarlint.core.rpc.protocol.backend.tracking.TaintVulnerabilityDto;
import org.sonarsource.sonarlint.core.rpc.protocol.client.issue.RaisedFindingDto;
import org.sonarsource.sonarlint.core.rule.extractor.SonarLintRuleDefinition;
import org.sonarsource.sonarlint.core.rule.extractor.SonarLintRuleParamDefinition;
import org.sonarsource.sonarlint.core.serverapi.push.parsing.common.ImpactPayload;
import org.sonarsource.sonarlint.core.serverapi.rules.ServerActiveRule;
import org.sonarsource.sonarlint.core.serverapi.rules.ServerRule;

Expand All @@ -57,15 +62,14 @@ public class RuleDetails {
private final IssueSeverity defaultSeverity;
private final RuleType type;
private final CleanCodeAttribute cleanCodeAttribute;
private final Map<SoftwareQuality, ImpactSeverity> defaultImpacts;
private final Map<SoftwareQuality, ImpactSeverity> impacts;
private final Collection<EffectiveRuleParam> params;
private final String extendedDescription;
private final Set<String> educationPrincipleKeys;
private final VulnerabilityProbability vulnerabilityProbability;

public RuleDetails(String key, SonarLanguage language, String name, String htmlDescription, Map<String, List<DescriptionSection>> descriptionSectionsByKey,
@Nullable IssueSeverity defaultSeverity, @Nullable RuleType type, @Nullable CleanCodeAttribute cleanCodeAttribute,
Map<SoftwareQuality, ImpactSeverity> defaultImpacts,
Map<SoftwareQuality, ImpactSeverity> impacts, @Nullable IssueSeverity defaultSeverity, @Nullable RuleType type, @Nullable CleanCodeAttribute cleanCodeAttribute,
@Nullable String extendedDescription, Collection<EffectiveRuleParam> params, Set<String> educationPrincipleKeys,
@Nullable VulnerabilityProbability vulnerabilityProbability) {
this.key = key;
Expand All @@ -76,7 +80,7 @@ public RuleDetails(String key, SonarLanguage language, String name, String htmlD
this.defaultSeverity = defaultSeverity;
this.type = type;
this.cleanCodeAttribute = cleanCodeAttribute;
this.defaultImpacts = defaultImpacts;
this.impacts = impacts;
this.params = params;
this.extendedDescription = extendedDescription;
this.educationPrincipleKeys = educationPrincipleKeys;
Expand All @@ -92,10 +96,10 @@ public static RuleDetails from(SonarLintRuleDefinition ruleDefinition, @Nullable
ruleDefinition.getDescriptionSections().stream()
.map(s -> new DescriptionSection(s.getKey(), s.getHtmlContent(), s.getContext().map(c -> new DescriptionSection.Context(c.getKey(), c.getDisplayName()))))
.collect(Collectors.groupingBy(DescriptionSection::getKey)),
ruleDefinition.getDefaultImpacts(),
ruleDefinition.getDefaultSeverity(),
ruleDefinition.getType(),
ruleDefinition.getCleanCodeAttribute().orElse(CleanCodeAttribute.defaultCleanCodeAttribute()),
ruleDefinition.getDefaultImpacts(),
null,
transformParams(ruleDefinition.getParams(), ruleConfig != null ? ruleConfig.getParamValueByKey() : Map.of()),
ruleDefinition.getEducationPrincipleKeys(), ruleDefinition.getVulnerabilityProbability().orElse(null));
Expand All @@ -114,10 +118,10 @@ public static RuleDetails merging(ServerActiveRule activeRuleFromStorage, Server
serverRule.getDescriptionSections().stream()
.map(s -> new DescriptionSection(s.getKey(), s.getHtmlContent(), s.getContext().map(c -> new DescriptionSection.Context(c.getKey(), c.getDisplayName()))))
.collect(Collectors.groupingBy(DescriptionSection::getKey)),
serverRule.getImpacts(),
Optional.ofNullable(activeRuleFromStorage.getSeverity()).orElse(serverRule.getSeverity()),
serverRule.getType(),
serverRule.getCleanCodeAttribute(),
serverRule.getImpacts(),
serverRule.getHtmlNote(), Collections.emptyList(),
serverRule.getEducationPrincipleKeys(),
null); // TODO get vulnerability probability from storage?
Expand All @@ -130,9 +134,9 @@ public static RuleDetails merging(ServerRule activeRuleFromServer, SonarLintRule
ruleDefFromPlugin.getDescriptionSections().stream()
.map(s -> new DescriptionSection(s.getKey(), s.getHtmlContent(), s.getContext().map(c -> new DescriptionSection.Context(c.getKey(), c.getDisplayName()))))
.collect(Collectors.groupingBy(DescriptionSection::getKey)),
defaultImpacts,
Optional.ofNullable(activeRuleFromServer.getSeverity()).orElse(ruleDefFromPlugin.getDefaultSeverity()), ruleDefFromPlugin.getType(),
cleanCodeAttribute,
defaultImpacts,
activeRuleFromServer.getHtmlNote(), Collections.emptyList(), ruleDefFromPlugin.getEducationPrincipleKeys(), ruleDefFromPlugin.getVulnerabilityProbability().orElse(null));
}

Expand All @@ -148,14 +152,27 @@ public static RuleDetails merging(ServerActiveRule activeRuleFromStorage, Server
serverRule.getDescriptionSections().stream()
.map(s -> new DescriptionSection(s.getKey(), s.getHtmlContent(), s.getContext().map(c -> new DescriptionSection.Context(c.getKey(), c.getDisplayName()))))
.collect(Collectors.groupingBy(DescriptionSection::getKey)),
mergeImpacts(defaultImpacts, activeRuleFromStorage.getOverriddenImpacts()),
serverRule.getSeverity(),
templateRuleDefFromPlugin.getType(),
cleanCodeAttribute,
defaultImpacts,
serverRule.getHtmlNote(),
Collections.emptyList(), templateRuleDefFromPlugin.getEducationPrincipleKeys(), templateRuleDefFromPlugin.getVulnerabilityProbability().orElse(null));
}

public static Map<SoftwareQuality, ImpactSeverity> mergeImpacts(Map<SoftwareQuality, ImpactSeverity> defaultImpacts,
List<ImpactPayload> overriddenImpacts) {
Map<SoftwareQuality, ImpactSeverity> mergedImpacts = new HashMap<>(defaultImpacts);

for (ImpactPayload impact : overriddenImpacts) {
var quality = SoftwareQuality.valueOf(impact.getSoftwareQuality());
var severity = ImpactSeverity.valueOf(impact.getSeverity());
mergedImpacts.computeIfPresent(quality, (k, v) -> severity);
}

return Collections.unmodifiableMap(mergedImpacts);
}

public static RuleDetails merging(RuleDetails serverActiveRuleDetails, RaisedFindingDto raisedFindingDto) {
var isMQRMode = raisedFindingDto.getSeverityMode().isRight();
var softwareImpacts = new EnumMap<SoftwareQuality, ImpactSeverity>(SoftwareQuality.class);
Expand All @@ -170,10 +187,10 @@ public static RuleDetails merging(RuleDetails serverActiveRuleDetails, RaisedFin
serverActiveRuleDetails.getName(),
serverActiveRuleDetails.getHtmlDescription(),
serverActiveRuleDetails.getDescriptionSectionsByKey(),
softwareImpacts,
isMQRMode ? null : IssueSeverity.valueOf(raisedFindingDto.getSeverityMode().getLeft().getSeverity().toString()),
isMQRMode ? null : RuleType.valueOf(raisedFindingDto.getSeverityMode().getLeft().getType().toString()),
isMQRMode ? CleanCodeAttribute.valueOf(raisedFindingDto.getSeverityMode().getRight().getCleanCodeAttribute().name()) : null,
softwareImpacts,
serverActiveRuleDetails.getExtendedDescription(),
serverActiveRuleDetails.getParams(),
serverActiveRuleDetails.educationPrincipleKeys,
Expand All @@ -194,10 +211,10 @@ public static RuleDetails merging(RuleDetails serverActiveRuleDetails, TaintVuln
serverActiveRuleDetails.getName(),
serverActiveRuleDetails.getHtmlDescription(),
serverActiveRuleDetails.getDescriptionSectionsByKey(),
softwareImpacts,
isMQRMode ? null : IssueSeverity.valueOf(taintVulnerabilityDto.getSeverityMode().getLeft().getSeverity().toString()),
isMQRMode ? null : RuleType.valueOf(taintVulnerabilityDto.getSeverityMode().getLeft().getType().toString()),
isMQRMode ? CleanCodeAttribute.valueOf(taintVulnerabilityDto.getSeverityMode().getRight().getCleanCodeAttribute().name()) : null,
softwareImpacts,
serverActiveRuleDetails.getExtendedDescription(),
serverActiveRuleDetails.getParams(),
serverActiveRuleDetails.educationPrincipleKeys,
Expand Down Expand Up @@ -246,8 +263,8 @@ public Optional<CleanCodeAttribute> getCleanCodeAttribute() {
return Optional.ofNullable(cleanCodeAttribute);
}

public Map<SoftwareQuality, ImpactSeverity> getDefaultImpacts() {
return defaultImpacts;
public Map<SoftwareQuality, ImpactSeverity> getImpacts() {
return impacts;
}

public Collection<EffectiveRuleParam> getParams() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -81,8 +81,8 @@ private RuleDetailsAdapter() {

public static EffectiveRuleDetailsDto transform(RuleDetails ruleDetails, @Nullable String contextKey) {
var cleanCodeAttribute = ruleDetails.getCleanCodeAttribute().map(RuleDetailsAdapter::adapt).orElse(null);
Either<StandardModeDetails, MQRModeDetails> severityDetails = cleanCodeAttribute != null && !ruleDetails.getDefaultImpacts().isEmpty() ?
Either.forRight(new MQRModeDetails(cleanCodeAttribute, toDto(ruleDetails.getDefaultImpacts()))) :
Either<StandardModeDetails, MQRModeDetails> severityDetails = cleanCodeAttribute != null && !ruleDetails.getImpacts().isEmpty() ?
Either.forRight(new MQRModeDetails(cleanCodeAttribute, toDto(ruleDetails.getImpacts()))) :
Either.forLeft(new StandardModeDetails(adapt(Objects.requireNonNull(ruleDetails.getDefaultSeverity())),
adapt(Objects.requireNonNull(ruleDetails.getType()))));
return new EffectiveRuleDetailsDto(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -227,19 +227,17 @@ private ServerActiveRule tryConvertDeprecatedKeys(ServerActiveRule possiblyDepre
var ruleKeyPossiblyWithDeprecatedRepo = RuleKey.parse(possiblyDeprecatedActiveRuleFromStorage.getRuleKey());
var templateRuleKeyWithCorrectRepo = RuleKey.parse(ruleOrTemplateDefinition.get().getKey());
var ruleKey = new RuleKey(templateRuleKeyWithCorrectRepo.repository(), ruleKeyPossiblyWithDeprecatedRepo.rule()).toString();
//TODO Replace empty list with proper one.
return new ServerActiveRule(ruleKey, possiblyDeprecatedActiveRuleFromStorage.getSeverity(), possiblyDeprecatedActiveRuleFromStorage.getParams(),
ruleOrTemplateDefinition.get().getKey(), Collections.emptyList());
ruleOrTemplateDefinition.get().getKey(), possiblyDeprecatedActiveRuleFromStorage.getOverriddenImpacts());
} else {
ruleOrTemplateDefinition = rulesRepository.getRule(connectionId, possiblyDeprecatedActiveRuleFromStorage.getRuleKey());
if (ruleOrTemplateDefinition.isEmpty()) {
// The rule is not known among our loaded analyzers, so return it untouched, to let calling code take appropriate decision
return possiblyDeprecatedActiveRuleFromStorage;
}
//TODO Replace empty list with proper one.
return new ServerActiveRule(ruleOrTemplateDefinition.get().getKey(), possiblyDeprecatedActiveRuleFromStorage.getSeverity(),
possiblyDeprecatedActiveRuleFromStorage.getParams(),
null, Collections.emptyList());
null, possiblyDeprecatedActiveRuleFromStorage.getOverriddenImpacts());
}
}

Expand Down Expand Up @@ -420,7 +418,8 @@ private RuleDetailsForAnalysis getRuleDetailsForConnectedAnalysis(Binding bindin
}
var ruleDefinition = ruleDefinitionOpt.get();
return new RuleDetailsForAnalysis(activeRule.getSeverity(), ruleDefinition.getType(),
ruleDefinition.getCleanCodeAttribute().orElse(CONVENTIONAL), ruleDefinition.getDefaultImpacts(),
ruleDefinition.getCleanCodeAttribute().orElse(CONVENTIONAL),
RuleDetails.mergeImpacts(ruleDefinition.getDefaultImpacts(), activeRule.getOverriddenImpacts()),
ruleDefinition.getVulnerabilityProbability().orElse(null));
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,12 @@
import java.util.Map;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.sonarsource.sonarlint.core.commons.ImpactSeverity;
import org.sonarsource.sonarlint.core.commons.SoftwareQuality;
import org.sonarsource.sonarlint.core.repository.config.ConfigurationRepository;
import org.sonarsource.sonarlint.core.repository.rules.RulesRepository;
import org.sonarsource.sonarlint.core.rpc.protocol.backend.rules.RuleDefinitionDto;
import org.sonarsource.sonarlint.core.serverapi.push.parsing.common.ImpactPayload;

import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.tuple;
Expand Down Expand Up @@ -58,4 +61,32 @@ void it_should_return_all_embedded_rules_from_the_repository() {
.containsExactly(tuple("repo:ruleKey", "ruleName"));
}

@Test
void it_should_only_override_overridden_impact_quality() {
Map<SoftwareQuality, ImpactSeverity> defaultImpacts = Map.of(
SoftwareQuality.MAINTAINABILITY, ImpactSeverity.LOW,
SoftwareQuality.RELIABILITY, ImpactSeverity.MEDIUM
);

List<ImpactPayload> overriddenImpacts = List.of(
new ImpactPayload("MAINTAINABILITY", "HIGH")
);

Map<SoftwareQuality, ImpactSeverity> result = RuleDetails.mergeImpacts(defaultImpacts, overriddenImpacts);
assertThat(result).containsEntry(SoftwareQuality.MAINTAINABILITY, ImpactSeverity.HIGH);
assertThat(result).containsEntry(SoftwareQuality.RELIABILITY, ImpactSeverity.MEDIUM);
}

@Test
void it_should_work_when_no_overridden_impacts() {
Map<SoftwareQuality, ImpactSeverity> defaultImpacts = Map.of(
SoftwareQuality.MAINTAINABILITY, ImpactSeverity.LOW,
SoftwareQuality.RELIABILITY, ImpactSeverity.MEDIUM
);

Map<SoftwareQuality, ImpactSeverity> result = RuleDetails.mergeImpacts(defaultImpacts, List.of());

assertThat(result).isEqualTo(defaultImpacts);
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.sonarsource.sonarlint.core.commons.CleanCodeAttribute;
import org.sonarsource.sonarlint.core.commons.ImpactSeverity;
import org.sonarsource.sonarlint.core.commons.IssueSeverity;
Expand All @@ -40,6 +41,7 @@
import org.sonarsource.sonarlint.core.serverapi.ServerApiHelper;
import org.sonarsource.sonarlint.core.serverapi.UrlUtils;
import org.sonarsource.sonarlint.core.serverapi.proto.sonarqube.ws.Rules;
import org.sonarsource.sonarlint.core.serverapi.push.parsing.common.ImpactPayload;

import static java.util.stream.Collectors.joining;
import static java.util.stream.Collectors.toList;
Expand Down Expand Up @@ -120,8 +122,9 @@ public Collection<ServerActiveRule> getAllActiveRules(String qualityProfileKey,
IssueSeverity.valueOf(ar.getSeverity()),
ar.getParamsList().stream().collect(toMap(Rules.Active.Param::getKey, Rules.Active.Param::getValue)),
ruleTemplatesByRuleKey.get(ruleKey),
//TODO Pass the right value
Collections.emptyList()));
ar.getImpacts().getImpactsList().stream()
.map(impact -> new ImpactPayload(impact.getSoftwareQuality().toString(), impact.getSeverity().name()))
.collect(Collectors.toList())));

},
false,
Expand Down
5 changes: 5 additions & 0 deletions backend/server-api/src/main/proto/sonarqube/ws-rules.proto
Original file line number Diff line number Diff line change
Expand Up @@ -95,9 +95,14 @@ message Active {
optional string qProfile = 1;
optional string severity = 3;
repeated Param params = 5;
optional Impacts impacts = 9;

message Param {
optional string key = 1;
optional string value = 2;
}

message Impacts {
repeated sonarqube.ws.commons.Impact impacts = 1;
}
}

0 comments on commit 7c7b4da

Please sign in to comment.