Skip to content

Commit

Permalink
SONARJAVA-3071 Update security rule activation due to repository chan…
Browse files Browse the repository at this point in the history 
…ge (SonarSource#2469)
  • Loading branch information
@christophe-zurn-sonarsource @vilchik-elena
christophe-zurn-sonarsource authored and vilchik-elena committed Mar 28, 2019
1 parent 0cfd73f commit 816002c
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 6 deletions.
13 changes: 9 additions & 4 deletions sonar-java-plugin/src/main/java/org/sonar/plugins/java/JavaSonarWayProfile.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,9 @@
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.sonar.api.SonarRuntime;
import org.sonar.api.rule.RuleKey;
import org.sonar.api.server.profile.BuiltInQualityProfilesDefinition;
import org.sonar.api.utils.AnnotationUtils;
import org.sonar.api.utils.log.Logger;
Expand Down Expand Up @@ -66,7 +68,7 @@ public void define(Context context) {
}
}

getSecurityRuleKeys().forEach(key -> sonarWay.activateRule(CheckList.REPOSITORY_KEY, key));
getSecurityRuleKeys().forEach(key -> sonarWay.activateRule(key.repository(), key.rule()));

sonarWay.done();
}
Expand Down Expand Up @@ -112,11 +114,14 @@ private static String readResource(URL resource) {
}

@VisibleForTesting
static Set<String> getSecurityRuleKeys() {
static Set<RuleKey> getSecurityRuleKeys() {
try {
Class<?> javaRulesClass = Class.forName("com.sonar.plugins.security.api.JavaRules");
Method getRuleKeysMethod = javaRulesClass.getMethod("getRuleKeys");
return (Set<String>) getRuleKeysMethod.invoke(null);
Method getRuleKeysMethod = javaRulesClass.getMethod("getSecurityRuleKeys");
Set<String> ruleKeys = (Set<String>) getRuleKeysMethod.invoke(null);
Method getRepositoryKeyMethod = javaRulesClass.getMethod("getRepositoryKey");
String repositoryKey = (String) getRepositoryKeyMethod.invoke(null);
return ruleKeys.stream().map(k -> RuleKey.of(repositoryKey, k)).collect(Collectors.toSet());
} catch (ClassNotFoundException e) {
LOG.debug("com.sonar.plugins.security.api.JavaRules is not found, no security rules added to Sonar way java profile: " + e.getMessage());
} catch (NoSuchMethodException e) {
Expand Down
8 changes: 7 additions & 1 deletion sonar-java-plugin/src/test/java/com/sonar/plugins/security/api/JavaRules.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,14 @@
public class JavaRules {

public static Set<String> ruleKeys = new HashSet<>();
private static final String REPO_KEY = "javasecurity";

public static Set<String> getRuleKeys() {
public static Set<String> getSecurityRuleKeys() {
return ruleKeys;
}

public static String getRepositoryKey() {
return REPO_KEY;
}

}
2 changes: 1 addition & 1 deletion sonar-java-plugin/src/test/java/org/sonar/plugins/java/JavaSonarWayProfileTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ public void should_contains_security_rules_if_present() {

// one security rule available
JavaRules.ruleKeys = new HashSet<>(Arrays.asList("S3649"));
assertThat(JavaSonarWayProfile.getSecurityRuleKeys()).containsOnly("S3649");
assertThat(JavaSonarWayProfile.getSecurityRuleKeys()).containsOnly(RuleKey.of("javasecurity", "S3649"));
}

}

0 comments on commit 816002c

Please sign in to comment.