@Test public void do_not_return_module_key_on_single_module_projects() { ComponentDto project = db.components().insertPublicProject(p -> p.setDbKey("PK1")); ComponentDto module = db.components().insertComponent(newModuleDto("M1", project).setDbKey("MK1")); ComponentDto file = db.components().insertComponent(newFileDto(module, null, "F1").setDbKey("FK1")); RuleDefinitionDto rule = db.rules().insert(r -> r.setRuleKey(RuleKey.of("xoo", "x1"))); db.issues().insert(rule, project, file, i -> i.setKee("ISSUE_IN_MODULE")); db.issues().insert(rule, project, project, i -> i.setKee("ISSUE_IN_ROOT_MODULE")); allowAnyoneOnProjects(project); indexIssues(); SearchWsResponse searchResponse = ws.newRequest().executeProtobuf(SearchWsResponse.class); assertThat(searchResponse.getIssuesCount()).isEqualTo(2); for (Issue issue : searchResponse.getIssuesList()) { assertThat(issue.getProject()).isEqualTo("PK1"); if (issue.getKey().equals("ISSUE_IN_MODULE")) { assertThat(issue.getSubProject()).isEqualTo("MK1"); } else if (issue.getKey().equals("ISSUE_IN_ROOT_MODULE")) { assertThat(issue.hasSubProject()).isFalse(); } } }
@Test public void search_application_without_projects() { ComponentDto project = db.components().insertPublicProject(); ComponentDto application = db.components().insertApplication(db.getDefaultOrganization()); RuleDefinitionDto rule = db.rules().insert(); db.issues().insert(rule, project, project); allowAnyoneOnProjects(project, application); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, application.getDbKey()) .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).isEmpty(); }
@Test public void ignore_application_without_browse_permission() { ComponentDto project = db.components().insertPublicProject(); ComponentDto application = db.components().insertApplication(db.getDefaultOrganization()); db.components().insertComponents(newProjectCopy("PC1", project, application)); RuleDefinitionDto rule = db.rules().insert(); db.issues().insert(rule, project, project); allowAnyoneOnProjects(project); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, application.getDbKey()) .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).isEmpty(); }
.setParam(PARAM_COMPONENT_KEYS, project.getKey()) .setParam(PARAM_BRANCH, branch.getBranch()) .executeProtobuf(SearchWsResponse.class).getIssuesList()) .extracting(Issue::getKey, Issue::getComponent, Issue::getBranch) .containsExactlyInAnyOrder(tuple(branchIssue.getKey(), branchFile.getKey(), branchFile.getBranch())); .setParam(PARAM_PROJECT_KEYS, project.getKey()) .setParam(PARAM_BRANCH, branch.getBranch()) .executeProtobuf(SearchWsResponse.class).getIssuesList()) .extracting(Issue::getKey, Issue::getComponent, Issue::getBranch) .containsExactlyInAnyOrder(tuple(branchIssue.getKey(), branchFile.getKey(), branchFile.getBranch())); .setParam(PARAM_COMPONENT_KEYS, branchFile.getKey()) .setParam(PARAM_BRANCH, branch.getBranch()) .executeProtobuf(SearchWsResponse.class).getIssuesList()) .extracting(Issue::getKey, Issue::getComponent, Issue::getBranch) .containsExactlyInAnyOrder(tuple(branchIssue.getKey(), branchFile.getKey(), branchFile.getBranch()));
@Test public void search_by_application_and_project_and_leak() { Date now = new Date(); RuleDefinitionDto rule = db.rules().insert(); ComponentDto application = db.components().insertApplication(db.getDefaultOrganization()); // Project 1 ComponentDto project1 = db.components().insertPublicProject(); db.components().insertSnapshot(project1, s -> s.setPeriodDate(addDays(now, -14).getTime())); db.components().insertComponents(newProjectCopy("PC1", project1, application)); IssueDto project1Issue1 = db.issues().insert(rule, project1, project1, i -> i.setIssueCreationDate(addDays(now, -10))); IssueDto project1Issue2 = db.issues().insert(rule, project1, project1, i -> i.setIssueCreationDate(addDays(now, -20))); // Project 2 ComponentDto project2 = db.components().insertPublicProject(); db.components().insertSnapshot(project2, s -> s.setPeriodDate(addDays(now, -25).getTime())); db.components().insertComponents(newProjectCopy("PC2", project2, application)); IssueDto project2Issue1 = db.issues().insert(rule, project2, project2, i -> i.setIssueCreationDate(addDays(now, -15))); IssueDto project2Issue2 = db.issues().insert(rule, project2, project2, i -> i.setIssueCreationDate(addDays(now, -30))); // Permissions and index allowAnyoneOnProjects(project1, project2, application); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, application.getDbKey()) .setParam(PARAM_PROJECT_KEYS, project1.getDbKey()) .setParam(PARAM_SINCE_LEAK_PERIOD, "true") .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).extracting(Issue::getKey) .containsExactlyInAnyOrder(project1Issue1.getKey()) .doesNotContain(project1Issue2.getKey(), project2Issue1.getKey(), project2Issue2.getKey()); }
@Test public void search_by_application_and_by_leak() { Date now = new Date(); RuleDefinitionDto rule = db.rules().insert(); ComponentDto application = db.components().insertApplication(db.getDefaultOrganization()); // Project 1 ComponentDto project1 = db.components().insertPublicProject(); db.components().insertSnapshot(project1, s -> s.setPeriodDate(addDays(now, -14).getTime())); db.components().insertComponents(newProjectCopy("PC1", project1, application)); IssueDto project1Issue1 = db.issues().insert(rule, project1, project1, i -> i.setIssueCreationDate(addDays(now, -10))); IssueDto project1Issue2 = db.issues().insert(rule, project1, project1, i -> i.setIssueCreationDate(addDays(now, -20))); // Project 2 ComponentDto project2 = db.components().insertPublicProject(); db.components().insertSnapshot(project2, s -> s.setPeriodDate(addDays(now, -25).getTime())); db.components().insertComponents(newProjectCopy("PC2", project2, application)); IssueDto project2Issue1 = db.issues().insert(rule, project2, project2, i -> i.setIssueCreationDate(addDays(now, -15))); IssueDto project2Issue2 = db.issues().insert(rule, project2, project2, i -> i.setIssueCreationDate(addDays(now, -30))); // Permissions and index allowAnyoneOnProjects(project1, project2, application); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, application.getDbKey()) .setParam(PARAM_SINCE_LEAK_PERIOD, "true") .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).extracting(Issue::getKey) .containsExactlyInAnyOrder(project1Issue1.getKey(), project2Issue1.getKey()) .doesNotContain(project1Issue2.getKey(), project2Issue2.getKey()); }
@Test public void search_by_application_and_by_leak_when_one_project_has_no_leak() { Date now = new Date(); RuleDefinitionDto rule = db.rules().insert(); ComponentDto application = db.components().insertApplication(db.getDefaultOrganization()); // Project 1 ComponentDto project1 = db.components().insertPublicProject(); db.components().insertSnapshot(project1, s -> s.setPeriodDate(addDays(now, -14).getTime())); db.components().insertComponents(newProjectCopy("PC1", project1, application)); IssueDto project1Issue1 = db.issues().insert(rule, project1, project1, i -> i.setIssueCreationDate(addDays(now, -10))); IssueDto project1Issue2 = db.issues().insert(rule, project1, project1, i -> i.setIssueCreationDate(addDays(now, -20))); // Project 2, without leak => no issue form it should be returned ComponentDto project2 = db.components().insertPublicProject(); db.components().insertSnapshot(project2, s -> s.setPeriodDate(null)); db.components().insertComponents(newProjectCopy("PC2", project2, application)); IssueDto project2Issue1 = db.issues().insert(rule, project2, project2, i -> i.setIssueCreationDate(addDays(now, -15))); IssueDto project2Issue2 = db.issues().insert(rule, project2, project2, i -> i.setIssueCreationDate(addDays(now, -30))); // Permissions and index allowAnyoneOnProjects(project1, project2, application); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, application.getDbKey()) .setParam(PARAM_SINCE_LEAK_PERIOD, "true") .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).extracting(Issue::getKey) .containsExactlyInAnyOrder(project1Issue1.getKey()) .doesNotContain(project1Issue2.getKey(), project2Issue1.getKey(), project2Issue2.getKey()); }
@Test public void search_by_pull_request() { RuleDefinitionDto rule = db.rules().insert(); ComponentDto project = db.components().insertPrivateProject(); ComponentDto projectFile = db.components().insertComponent(newFileDto(project)); IssueDto projectIssue = db.issues().insertIssue(newIssue(rule, project, projectFile)); ComponentDto pullRequest = db.components().insertProjectBranch(project, b -> b.setBranchType(PULL_REQUEST)); ComponentDto pullRequestFile = db.components().insertComponent(newFileDto(pullRequest)); IssueDto pullRequestIssue = db.issues().insertIssue(newIssue(rule, pullRequest, pullRequestFile)); allowAnyoneOnProjects(project); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, pullRequest.getKey()) .setParam(PARAM_PULL_REQUEST, pullRequest.getPullRequest()) .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()) .extracting(Issue::getKey, Issue::getComponent, Issue::getPullRequest) .containsExactlyInAnyOrder(tuple(pullRequestIssue.getKey(), pullRequestFile.getKey(), pullRequestFile.getPullRequest())); assertThat(result.getComponentsList()) .extracting(Issues.Component::getKey, Issues.Component::getPullRequest) .containsExactlyInAnyOrder( tuple(pullRequestFile.getKey(), pullRequestFile.getPullRequest()), tuple(pullRequest.getKey(), pullRequest.getPullRequest())); }
@Test public void issues_on_different_projects() { RuleDefinitionDto rule = db.rules().insert(r -> r.setRuleKey(RuleKey.of("xoo", "x1"))); OrganizationDto organization1 = db.organizations().insert(); ComponentDto project = db.components().insertPublicProject(organization1); ComponentDto file = db.components().insertComponent(newFileDto(project)); IssueDto issue1 = db.issues().insert(rule, project, file); OrganizationDto organization2 = db.organizations().insert(); ComponentDto project2 = db.components().insertPublicProject(organization2); ComponentDto file2 = db.components().insertComponent(newFileDto(project2)); IssueDto issue2 = db.issues().insert(rule, project2, file2); allowAnyoneOnProjects(project, project2); indexIssues(); SearchWsResponse response = ws.newRequest().executeProtobuf(SearchWsResponse.class); assertThat(response.getIssuesList()) .extracting(Issue::getKey, Issue::getComponent, Issue::getProject) .containsExactlyInAnyOrder( tuple(issue1.getKey(), file.getKey(), project.getKey()), tuple(issue2.getKey(), file2.getKey(), project2.getKey())); assertThat(response.getComponentsList()) .extracting(Component::getKey, Component::getEnabled) .containsExactlyInAnyOrder(tuple(project.getKey(), true), tuple(file.getKey(), true), tuple(project2.getKey(), true), tuple(file2.getKey(), true)); }
@Test public void security_hotspot_type_included_when_explicitly_selected() { ComponentDto project = db.components().insertPublicProject(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDefinitionDto rule = newRule().getDefinition(); db.issues().insert(rule, project, file, i -> i.setType(RuleType.BUG)); db.issues().insert(rule, project, file, i -> i.setType(RuleType.VULNERABILITY)); db.issues().insert(rule, project, file, i -> i.setType(RuleType.CODE_SMELL)); db.issues().insert(rule, project, file, i -> i.setType(RuleType.SECURITY_HOTSPOT)); indexPermissions(); indexIssues(); assertThat(ws.newRequest() .setParam("types", RuleType.SECURITY_HOTSPOT.toString()) .executeProtobuf(SearchWsResponse.class).getIssuesList()) .extracting(Issue::getType) .containsExactlyInAnyOrder(Common.RuleType.SECURITY_HOTSPOT); assertThat(ws.newRequest() .setParam("types", String.format("%s,%s", RuleType.BUG, RuleType.SECURITY_HOTSPOT)) .executeProtobuf(SearchWsResponse.class).getIssuesList()) .extracting(Issue::getType) .containsExactlyInAnyOrder(Common.RuleType.BUG, Common.RuleType.SECURITY_HOTSPOT); }
@Test public void search_by_module() { ComponentDto project = db.components().insertPublicProject(); ComponentDto module1 = db.components().insertComponent(newModuleDto(project)); ComponentDto file1 = db.components().insertComponent(newFileDto(module1)); ComponentDto module2 = db.components().insertComponent(newModuleDto(project)); ComponentDto file2 = db.components().insertComponent(newFileDto(module2)); RuleDefinitionDto rule = db.rules().insert(); IssueDto issue1 = db.issues().insert(rule, project, file1); IssueDto issue2 = db.issues().insert(rule, project, file2); allowAnyoneOnProjects(project); indexIssues(); assertThat(ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, module1.getKey()) .executeProtobuf(SearchWsResponse.class).getIssuesList()).extracting(Issue::getKey) .containsExactlyInAnyOrder(issue1.getKey()); assertThat(ws.newRequest() .setParam(PARAM_MODULE_UUIDS, module1.uuid()) .executeProtobuf(SearchWsResponse.class).getIssuesList()).extracting(Issue::getKey) .containsExactlyInAnyOrder(issue1.getKey()); }
@Test public void search_by_application_and_project() { ComponentDto project1 = db.components().insertPublicProject(); ComponentDto project2 = db.components().insertPublicProject(); ComponentDto application = db.components().insertApplication(db.getDefaultOrganization()); db.components().insertComponents(newProjectCopy("PC1", project1, application)); db.components().insertComponents(newProjectCopy("PC2", project2, application)); RuleDefinitionDto rule = db.rules().insert(); IssueDto issue1 = db.issues().insert(rule, project1, project1); IssueDto issue2 = db.issues().insert(rule, project2, project2); allowAnyoneOnProjects(project1, project2, application); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, application.getDbKey()) .setParam(PARAM_PROJECT_KEYS, project1.getDbKey()) .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).extracting(Issue::getKey) .containsExactlyInAnyOrder(issue1.getKey()) .doesNotContain(issue2.getKey()); }
@Test public void search_using_main_branch_name() { RuleDefinitionDto rule = db.rules().insert(); ComponentDto project = db.components().insertMainBranch(); ComponentDto projectFile = db.components().insertComponent(newFileDto(project)); IssueDto projectIssue = db.issues().insertIssue(newIssue(rule, project, projectFile)); allowAnyoneOnProjects(project); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, project.getKey()) .setParam(PARAM_BRANCH, "master") .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()) .extracting(Issue::getKey, Issue::getComponent, Issue::hasBranch) .containsExactlyInAnyOrder(tuple(projectIssue.getKey(), projectFile.getKey(), false)); assertThat(result.getComponentsList()) .extracting(Issues.Component::getKey, Issues.Component::hasBranch) .containsExactlyInAnyOrder( tuple(projectFile.getKey(), false), tuple(project.getKey(), false)); }
@Test public void hide_author_if_not_member_of_organization() { UserDto user = db.users().insertUser(); userSession.logIn(user); OrganizationDto organization = db.organizations().insert(); ComponentDto project = db.components().insertPublicProject(organization); indexPermissions(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDefinitionDto rule = newRule().getDefinition(); IssueDto issue = db.issues().insert(rule, project, file, i -> i.setAuthorLogin("John")); indexIssues(); SearchWsResponse response = ws.newRequest() .executeProtobuf(SearchWsResponse.class); assertThat(response.getIssuesList()) .extracting(Issue::getKey, Issue::hasAuthor) .containsExactlyInAnyOrder(tuple(issue.getKey(), false)); }
@Test public void search_by_application_key() { ComponentDto application = db.components().insertPrivateApplication(db.getDefaultOrganization()); ComponentDto project1 = db.components().insertPrivateProject(); ComponentDto project2 = db.components().insertPrivateProject(); db.components().insertComponents(newProjectCopy(project1, application)); db.components().insertComponents(newProjectCopy(project2, application)); RuleDefinitionDto rule = db.rules().insert(); IssueDto issue1 = db.issues().insert(rule, project1, project1); IssueDto issue2 = db.issues().insert(rule, project2, project2); allowAnyoneOnProjects(project1, project2, application); userSession.addProjectPermission(USER, application); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, application.getDbKey()) .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).extracting(Issue::getKey) .containsExactlyInAnyOrder(issue1.getKey(), issue2.getKey()); }
@Test public void security_hotspot_type_excluded_by_default() { ComponentDto project = db.components().insertPublicProject(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDefinitionDto rule = db.rules().insert(); db.issues().insert(rule, project, file, i -> i.setType(RuleType.BUG)); db.issues().insert(rule, project, file, i -> i.setType(RuleType.VULNERABILITY)); db.issues().insert(rule, project, file, i -> i.setType(RuleType.CODE_SMELL)); db.issues().insert(rule, project, file, i -> i.setType(RuleType.SECURITY_HOTSPOT)); indexPermissions(); indexIssues(); SearchWsResponse result = ws.newRequest().executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()) .extracting(Issue::getType) .containsExactlyInAnyOrder(Common.RuleType.BUG, Common.RuleType.VULNERABILITY, Common.RuleType.CODE_SMELL); }
@Test public void does_not_return_branch_issues_on_not_contextualized_search() { RuleDefinitionDto rule = db.rules().insert(); ComponentDto project = db.components().insertPrivateProject(); ComponentDto projectFile = db.components().insertComponent(newFileDto(project)); IssueDto projectIssue = db.issues().insertIssue(newIssue(rule, project, projectFile)); ComponentDto branch = db.components().insertProjectBranch(project); ComponentDto branchFile = db.components().insertComponent(newFileDto(branch)); IssueDto branchIssue = db.issues().insertIssue(newIssue(rule, branch, branchFile)); allowAnyoneOnProjects(project); indexIssuesAndViews(); SearchWsResponse result = ws.newRequest().executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).extracting(Issue::getKey) .containsExactlyInAnyOrder(projectIssue.getKey()) .doesNotContain(branchIssue.getKey()); }
@Test public void does_not_return_branch_issues_when_using_db_key() { RuleDefinitionDto rule = db.rules().insert(); ComponentDto project = db.components().insertPrivateProject(); ComponentDto projectFile = db.components().insertComponent(newFileDto(project)); IssueDto projectIssue = db.issues().insertIssue(newIssue(rule, project, projectFile)); ComponentDto branch = db.components().insertProjectBranch(project); ComponentDto branchFile = db.components().insertComponent(newFileDto(branch)); IssueDto branchIssue = db.issues().insertIssue(newIssue(rule, branch, branchFile)); allowAnyoneOnProjects(project); indexIssues(); SearchWsResponse result = ws.newRequest() .setParam(PARAM_COMPONENT_KEYS, branch.getDbKey()) .executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).isEmpty(); }
@Test public void issue_on_external_rule() { OrganizationDto organization = db.organizations().insert(); ComponentDto project = db.components().insertPublicProject(organization); indexPermissions(); ComponentDto file = db.components().insertComponent(newFileDto(project)); RuleDefinitionDto rule = db.rules().insert(RuleTesting.EXTERNAL_XOO, r -> r.setIsExternal(true).setLanguage("xoo")); IssueDto issue = db.issues().insert(rule, project, file); indexIssues(); SearchWsResponse response = ws.newRequest() .executeProtobuf(SearchWsResponse.class); assertThat(response.getIssuesList()) .extracting(Issue::getKey, Issue::getRule, Issue::getExternalRuleEngine) .containsExactlyInAnyOrder(tuple(issue.getKey(), rule.getKey().toString(), "xoo")); }
@Test public void search_all_issues_when_no_parameter() { RuleDefinitionDto rule = db.rules().insert(); ComponentDto project = db.components().insertPublicProject(); ComponentDto projectFile = db.components().insertComponent(newFileDto(project)); IssueDto issue = db.issues().insertIssue(newIssue(rule, project, projectFile)); allowAnyoneOnProjects(project); indexIssues(); SearchWsResponse result = ws.newRequest().executeProtobuf(SearchWsResponse.class); assertThat(result.getIssuesList()).extracting(Issues.Issue::getKey) .containsExactlyInAnyOrder(issue.getKey()); }