diff --git a/sonar-java-plugin/src/main/java/org/sonar/plugins/java/JavaSonarWayProfile.java b/sonar-java-plugin/src/main/java/org/sonar/plugins/java/JavaSonarWayProfile.java index a76bda01af9..71b7686b088 100644 --- a/sonar-java-plugin/src/main/java/org/sonar/plugins/java/JavaSonarWayProfile.java +++ b/sonar-java-plugin/src/main/java/org/sonar/plugins/java/JavaSonarWayProfile.java @@ -32,7 +32,9 @@ import java.util.List; import java.util.Map; import java.util.Set; +import java.util.stream.Collectors; import org.sonar.api.SonarRuntime; +import org.sonar.api.rule.RuleKey; import org.sonar.api.server.profile.BuiltInQualityProfilesDefinition; import org.sonar.api.utils.AnnotationUtils; import org.sonar.api.utils.log.Logger; @@ -66,7 +68,7 @@ public void define(Context context) { } } - getSecurityRuleKeys().forEach(key -> sonarWay.activateRule(CheckList.REPOSITORY_KEY, key)); + getSecurityRuleKeys().forEach(key -> sonarWay.activateRule(key.repository(), key.rule())); sonarWay.done(); } @@ -112,11 +114,14 @@ private static String readResource(URL resource) { } @VisibleForTesting - static Set getSecurityRuleKeys() { + static Set getSecurityRuleKeys() { try { Class javaRulesClass = Class.forName("com.sonar.plugins.security.api.JavaRules"); - Method getRuleKeysMethod = javaRulesClass.getMethod("getRuleKeys"); - return (Set) getRuleKeysMethod.invoke(null); + Method getRuleKeysMethod = javaRulesClass.getMethod("getSecurityRuleKeys"); + Set ruleKeys = (Set) getRuleKeysMethod.invoke(null); + Method getRepositoryKeyMethod = javaRulesClass.getMethod("getRepositoryKey"); + String repositoryKey = (String) getRepositoryKeyMethod.invoke(null); + return ruleKeys.stream().map(k -> RuleKey.of(repositoryKey, k)).collect(Collectors.toSet()); } catch (ClassNotFoundException e) { LOG.debug("com.sonar.plugins.security.api.JavaRules is not found, no security rules added to Sonar way java profile: " + e.getMessage()); } catch (NoSuchMethodException e) { diff --git a/sonar-java-plugin/src/test/java/com/sonar/plugins/security/api/JavaRules.java b/sonar-java-plugin/src/test/java/com/sonar/plugins/security/api/JavaRules.java index 730250b9800..ff806bf33c2 100644 --- a/sonar-java-plugin/src/test/java/com/sonar/plugins/security/api/JavaRules.java +++ b/sonar-java-plugin/src/test/java/com/sonar/plugins/security/api/JavaRules.java @@ -28,8 +28,14 @@ public class JavaRules { public static Set ruleKeys = new HashSet<>(); + private static final String REPO_KEY = "javasecurity"; - public static Set getRuleKeys() { + public static Set getSecurityRuleKeys() { return ruleKeys; } + + public static String getRepositoryKey() { + return REPO_KEY; + } + } diff --git a/sonar-java-plugin/src/test/java/org/sonar/plugins/java/JavaSonarWayProfileTest.java b/sonar-java-plugin/src/test/java/org/sonar/plugins/java/JavaSonarWayProfileTest.java index b3b7304ee6f..3b8ea96b876 100644 --- a/sonar-java-plugin/src/test/java/org/sonar/plugins/java/JavaSonarWayProfileTest.java +++ b/sonar-java-plugin/src/test/java/org/sonar/plugins/java/JavaSonarWayProfileTest.java @@ -87,7 +87,7 @@ public void should_contains_security_rules_if_present() { // one security rule available JavaRules.ruleKeys = new HashSet<>(Arrays.asList("S3649")); - assertThat(JavaSonarWayProfile.getSecurityRuleKeys()).containsOnly("S3649"); + assertThat(JavaSonarWayProfile.getSecurityRuleKeys()).containsOnly(RuleKey.of("javasecurity", "S3649")); } }