From 86460d851f61a0e2f4cfe4cca420e7bd38d41539 Mon Sep 17 00:00:00 2001
From: Gustavo Martin Morcuende <gu.martinm@gmail.com>
Date: Tue, 2 Aug 2016 22:46:19 +0200
Subject: [PATCH] sonarqube 5.6.1: trying to implement custom rule.

Based on SonarQube JavaPlugin.java implementation.

This is too complicated. It is taking me too much time...
---
 Sonar/Plugins/hello-world-plugin/pom.xml           | 126 +++++++++++++++++++
 .../de/example/helloworld/checks/CheckList.java    |  25 ++++
 .../example/helloworld/checks/HelloWorldCheck.java |  37 ++++++
 .../plugins/helloworld/HelloWorldPlugin.java       |  19 +++
 .../helloworld/HelloWorldRulesDefinition.java      | 138 +++++++++++++++++++++
 .../rules/gushelloworld/HELLOWORLDO001_java.html   |  20 +++
 .../rules/gushelloworld/HELLOWORLDO001_java.json   |  12 ++
 .../src/test/files/HelloWorldCheck.java            |  17 +++
 .../helloworld/checks/HelloWorldCheckTest.java     |  12 ++
 9 files changed, 406 insertions(+)
 create mode 100644 Sonar/Plugins/hello-world-plugin/pom.xml
 create mode 100644 Sonar/Plugins/hello-world-plugin/src/main/java/de/example/helloworld/checks/CheckList.java
 create mode 100644 Sonar/Plugins/hello-world-plugin/src/main/java/de/example/helloworld/checks/HelloWorldCheck.java
 create mode 100644 Sonar/Plugins/hello-world-plugin/src/main/java/de/example/plugins/helloworld/HelloWorldPlugin.java
 create mode 100644 Sonar/Plugins/hello-world-plugin/src/main/java/de/example/plugins/helloworld/HelloWorldRulesDefinition.java
 create mode 100644 Sonar/Plugins/hello-world-plugin/src/main/resources/de/example/l10n/helloworld/rules/gushelloworld/HELLOWORLDO001_java.html
 create mode 100644 Sonar/Plugins/hello-world-plugin/src/main/resources/de/example/l10n/helloworld/rules/gushelloworld/HELLOWORLDO001_java.json
 create mode 100644 Sonar/Plugins/hello-world-plugin/src/test/files/HelloWorldCheck.java
 create mode 100644 Sonar/Plugins/hello-world-plugin/src/test/java/de/example/helloworld/checks/HelloWorldCheckTest.java

diff --git a/Sonar/Plugins/hello-world-plugin/pom.xml b/Sonar/Plugins/hello-world-plugin/pom.xml
new file mode 100644
index 0000000..58014b4
--- /dev/null
+++ b/Sonar/Plugins/hello-world-plugin/pom.xml
@@ -0,0 +1,126 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>org.sonarsource.plugins.example</groupId>
+  <artifactId>sonar-example-plugin</artifactId>
+  <packaging>sonar-plugin</packaging>
+  <version>0.1-SNAPSHOT</version>
+
+  <name>HelloWorld Plugin for SonarQube</name>
+  <description>HelloWorld example plugin for SonarQube</description>
+  <url>https://gumartinm.name/</url>
+  <organization>
+      <name>Gustavo Martin Morcuende</name>
+      <url>https://gumartinm.name/</url>
+  </organization>
+
+  <properties>
+    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    <sonar.apiVersion>5.6.1</sonar.apiVersion>
+    <java.plugin.version>4.0</java.plugin.version>
+    <jdk.min.version>1.8</jdk.min.version>
+    <sonar.pluginKey>helloworld</sonar.pluginKey>
+  </properties>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.sonarsource.sonarqube</groupId>
+      <artifactId>sonar-plugin-api</artifactId>
+      <version>${sonar.apiVersion}</version>
+      <scope>provided</scope>
+    </dependency>
+        <dependency>
+      <groupId>org.sonarsource.java</groupId>
+      <artifactId>sonar-java-plugin</artifactId>
+      <type>sonar-plugin</type>
+      <version>${java.plugin.version}</version>
+      <scope>provided</scope>
+    </dependency>
+
+    <!-- unit tests -->
+    <dependency>
+      <groupId>org.sonarsource.sonarqube</groupId>
+      <artifactId>sonar-testing-harness</artifactId>
+      <version>${sonar.apiVersion}</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.sonarsource.java</groupId>
+      <artifactId>java-checks-testkit</artifactId>
+      <version>${java.plugin.version}</version>
+      <scope>test</scope>
+    </dependency>
+    	<dependency>
+		<groupId>org.easytesting</groupId>
+		<artifactId>fest-assert</artifactId>
+		<version>1.4</version>
+		<scope>test</scope>
+	</dependency>
+	<dependency>
+		<groupId>junit</groupId>
+		<artifactId>junit</artifactId>
+		<version>4.11</version>
+		<scope>test</scope>
+	</dependency>
+    <!--
+       1/3 Required dependency for log4j 2 with slf4j: binding between log4j 
+       2 and slf4j
+    -->
+	<dependency>
+		<groupId>org.apache.logging.log4j</groupId>
+		<artifactId>log4j-slf4j-impl</artifactId>
+		<version>2.6.1</version>
+		<scope>test</scope>
+	</dependency>
+    <!--
+        2/3 Required dependency for log4j 2 with slf4j: log4j 2 maven plugin 
+        (it is the log4j 2 implementation)
+    -->
+	<dependency>
+		<groupId>org.apache.logging.log4j</groupId>
+		<artifactId>log4j-core</artifactId>
+		<version>2.6.1</version>
+		<scope>test</scope>
+	</dependency>
+    <!--
+        3/3 Required dependency for getting rid of commons logging. This is 
+        the BRIDGE (no binding) between Jakarta Commons Logging (used by Spring) 
+        and whatever I am using for logging (in this case I am using log4j 2) See: 
+        http://www.slf4j.org/legacy.html We need exclusions in every dependency using 
+        Jakarta Commons Logging (see Spring dependencies below) 
+    -->
+	<dependency>
+		<groupId>org.slf4j</groupId>
+		<artifactId>jcl-over-slf4j</artifactId>
+		<version>1.7.21</version>
+		<scope>test</scope>
+	</dependency>
+
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
+        <artifactId>sonar-packaging-maven-plugin</artifactId>
+        <version>1.17</version>
+        <extensions>true</extensions>
+        <configuration>
+          <pluginClass>de.example.plugins.helloworld.HelloWorldPlugin</pluginClass>
+        </configuration>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <version>3.5.1</version>
+        <configuration>
+          <source>${jdk.min.version}</source>
+          <target>${jdk.min.version}</target>
+          <encoding>${project.build.sourceEncoding}</encoding>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+
+</project>
diff --git a/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/helloworld/checks/CheckList.java b/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/helloworld/checks/CheckList.java
new file mode 100644
index 0000000..d93b33d
--- /dev/null
+++ b/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/helloworld/checks/CheckList.java
@@ -0,0 +1,25 @@
+package de.example.helloworld.checks;
+
+import java.util.List;
+
+import org.sonar.api.internal.google.common.collect.ImmutableList;
+import org.sonar.plugins.java.api.JavaCheck;
+
+public final class CheckList {
+	public static final String REPOSITORY_KEY = "gushelloworld";
+
+	private CheckList() {
+	}
+
+	public static List<Class> getChecks() {
+		return ImmutableList.<Class>builder().addAll(getJavaChecks())
+				.build();
+	}
+
+	  public static List<Class<? extends JavaCheck>> getJavaChecks() {
+		    return ImmutableList.<Class<? extends JavaCheck>>builder()
+		      .add(HelloWorldCheck.class)
+		      .build();
+	  }
+
+}
diff --git a/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/helloworld/checks/HelloWorldCheck.java b/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/helloworld/checks/HelloWorldCheck.java
new file mode 100644
index 0000000..901ce08
--- /dev/null
+++ b/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/helloworld/checks/HelloWorldCheck.java
@@ -0,0 +1,37 @@
+package de.example.helloworld.checks;
+
+import java.util.List;
+
+import org.sonar.check.Rule;
+import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
+import org.sonar.plugins.java.api.semantic.Symbol.MethodSymbol;
+import org.sonar.plugins.java.api.semantic.Type;
+import org.sonar.plugins.java.api.tree.MethodTree;
+import org.sonar.plugins.java.api.tree.Tree;
+import org.sonar.plugins.java.api.tree.Tree.Kind;
+
+import com.google.common.collect.ImmutableList;
+
+@Rule(key = "HELLOWORLDO001")
+public class HelloWorldCheck extends IssuableSubscriptionVisitor {
+
+	@Override
+	public List<Kind> nodesToVisit() {
+		return ImmutableList.of(Kind.METHOD);
+	}
+
+	@Override
+	public void visitNode(Tree tree) {
+		MethodTree method = (MethodTree) tree;
+		
+		if (method.parameters().size() == 1) {
+			MethodSymbol symbol = method.symbol();
+			Type firstParameterType = symbol.parameterTypes().get(0);
+			Type returnType = symbol.returnType().type();
+			if(returnType.is(firstParameterType.fullyQualifiedName())) {
+				reportIssue(method.simpleName(), "Never do that!");
+			}
+		}
+		
+	}
+}
diff --git a/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/plugins/helloworld/HelloWorldPlugin.java b/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/plugins/helloworld/HelloWorldPlugin.java
new file mode 100644
index 0000000..b8edfcd
--- /dev/null
+++ b/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/plugins/helloworld/HelloWorldPlugin.java
@@ -0,0 +1,19 @@
+package de.example.plugins.helloworld;
+
+import org.sonar.api.Plugin;
+
+import com.google.common.collect.ImmutableList;
+
+
+public class HelloWorldPlugin implements Plugin {
+
+  @Override
+  public void define(Context context) {    
+    
+    ImmutableList.Builder<Object> builder = ImmutableList.builder();
+    builder.add(
+      HelloWorldRulesDefinition.class);
+    context.addExtensions(builder.build());
+
+  }
+}
diff --git a/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/plugins/helloworld/HelloWorldRulesDefinition.java b/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/plugins/helloworld/HelloWorldRulesDefinition.java
new file mode 100644
index 0000000..41ec76c
--- /dev/null
+++ b/Sonar/Plugins/hello-world-plugin/src/main/java/de/example/plugins/helloworld/HelloWorldRulesDefinition.java
@@ -0,0 +1,138 @@
+package de.example.plugins.helloworld;
+
+import java.io.IOException;
+import java.net.URL;
+import java.util.List;
+
+import javax.annotation.Nullable;
+
+import org.apache.commons.lang.StringUtils;
+import org.sonar.api.rule.RuleStatus;
+import org.sonar.api.server.debt.DebtRemediationFunction;
+import org.sonar.api.server.rule.RulesDefinition;
+import org.sonar.api.server.rule.RulesDefinitionAnnotationLoader;
+import org.sonar.api.utils.AnnotationUtils;
+import org.sonar.check.Cardinality;
+import org.sonar.plugins.java.Java;
+import org.sonar.squidbridge.annotations.RuleTemplate;
+import org.sonar.squidbridge.rules.ExternalDescriptionLoader;
+
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Charsets;
+import com.google.common.collect.Iterables;
+import com.google.common.io.Resources;
+import com.google.gson.Gson;
+
+import de.example.helloworld.checks.CheckList;
+
+/**
+ * Definition of rules.
+ */
+public class HelloWorldRulesDefinition implements RulesDefinition {
+	private static final String RESOURCE_BASE_PATH = "/de/example/l10n/helloworld/rules/gushelloworld";
+	private final Gson gson = new Gson();
+	
+	@Override
+	public void define(Context context) {
+		NewRepository repository = context.createRepository(CheckList.REPOSITORY_KEY, Java.KEY).setName("Gus HelloWorld Definition");
+		List<Class> checks = CheckList.getChecks();
+		new RulesDefinitionAnnotationLoader().load(repository, Iterables.toArray(checks, Class.class));
+		for (Class ruleClass : checks) {
+			newRule(ruleClass, repository);
+		}
+		repository.done();
+	}
+  
+  @VisibleForTesting
+  protected void newRule(Class<?> ruleClass, NewRepository repository) {
+
+    org.sonar.check.Rule ruleAnnotation = AnnotationUtils.getAnnotation(ruleClass, org.sonar.check.Rule.class);
+    if (ruleAnnotation == null) {
+      throw new IllegalArgumentException("No Rule annotation was found on " + ruleClass);
+    }
+    String ruleKey = ruleAnnotation.key();
+    if (StringUtils.isEmpty(ruleKey)) {
+      throw new IllegalArgumentException("No key is defined in Rule annotation of " + ruleClass);
+    }
+    NewRule rule = repository.rule(ruleKey);
+    if (rule == null) {
+      throw new IllegalStateException("No rule was created for " + ruleClass + " in " + repository.key());
+    }
+    rule.setTemplate(AnnotationUtils.getAnnotation(ruleClass, RuleTemplate.class) != null);
+    if (ruleAnnotation.cardinality() == Cardinality.MULTIPLE) {
+      throw new IllegalArgumentException("Cardinality is not supported, use the RuleTemplate annotation instead for " + ruleClass);
+    }
+    ruleMetadata(ruleClass, rule);
+  }
+
+  private void ruleMetadata(Class<?> ruleClass, NewRule rule) {
+    String metadataKey = rule.key();
+    org.sonar.java.RspecKey rspecKeyAnnotation = AnnotationUtils.getAnnotation(ruleClass, org.sonar.java.RspecKey.class);
+    if (rspecKeyAnnotation != null) {
+      metadataKey = rspecKeyAnnotation.value();
+      rule.setInternalKey(metadataKey);
+    }
+    addHtmlDescription(rule, metadataKey);
+    addMetadata(rule, metadataKey);
+
+  }
+
+  private void addMetadata(NewRule rule, String metadataKey) {
+    URL resource = ExternalDescriptionLoader.class.getResource(RESOURCE_BASE_PATH + "/" + metadataKey + "_java.json");
+    if (resource != null) {
+      RuleMetatada metatada = gson.fromJson(readResource(resource), RuleMetatada.class);
+      rule.setSeverity(metatada.defaultSeverity.toUpperCase());
+      rule.setName(metatada.title);
+      rule.addTags(metatada.tags);
+      rule.setStatus(RuleStatus.valueOf(metatada.status.toUpperCase()));
+      if(metatada.remediation != null) {
+        rule.setDebtRemediationFunction(metatada.remediation.remediationFunction(rule.debtRemediationFunctions()));
+        rule.setGapDescription(metatada.remediation.linearDesc);
+      }
+    }
+  }
+
+  private static void addHtmlDescription(NewRule rule, String metadataKey) {
+    URL resource = HelloWorldRulesDefinition.class.getResource(RESOURCE_BASE_PATH + "/" + metadataKey + "_java.html");
+    if (resource != null) {
+      rule.setHtmlDescription(readResource(resource));
+    }
+  }
+
+  private static String readResource(URL resource) {
+    try {
+      return Resources.toString(resource, Charsets.UTF_8);
+    } catch (IOException e) {
+      throw new IllegalStateException("Failed to read: " + resource, e);
+    }
+  }
+
+  private static class RuleMetatada {
+    String title;
+    String status;
+    @Nullable
+    Remediation remediation;
+
+    String[] tags;
+    String defaultSeverity;
+  }
+
+  private static class Remediation {
+    String func;
+    String constantCost;
+    String linearDesc;
+    String linearOffset;
+    String linearFactor;
+
+    public DebtRemediationFunction remediationFunction(DebtRemediationFunctions drf) {
+      if(func.startsWith("Constant")) {
+        return drf.constantPerIssue(constantCost.replace("mn", "min"));
+      }
+      if("Linear".equals(func)) {
+        return drf.linear(linearFactor.replace("mn", "min"));
+      }
+      return drf.linearWithOffset(linearFactor.replace("mn", "min"), linearOffset.replace("mn", "min"));
+    }
+  }
+
+}
diff --git a/Sonar/Plugins/hello-world-plugin/src/main/resources/de/example/l10n/helloworld/rules/gushelloworld/HELLOWORLDO001_java.html b/Sonar/Plugins/hello-world-plugin/src/main/resources/de/example/l10n/helloworld/rules/gushelloworld/HELLOWORLDO001_java.html
new file mode 100644
index 0000000..73bff1b
--- /dev/null
+++ b/Sonar/Plugins/hello-world-plugin/src/main/resources/de/example/l10n/helloworld/rules/gushelloworld/HELLOWORLDO001_java.html
@@ -0,0 +1,20 @@
+<p>HelloWorld rule description.</p>
+<h2>Noncompliant Code Example</h2>
+<pre>
+public class MyServlet extends HttpServlet {
+  private String userName;  //As this field is shared by all users, it's obvious that this piece of information should be managed differently
+  ...
+}
+</pre>
+<p>or </p>
+<pre>
+public class MyAction extends Action {
+  private String userName;  //Same reason
+  ...
+}
+</pre>
+<h2>See</h2>
+<ul>
+  <li> <a href="https://www.securecoding.cert.org/confluence/x/EYBUC">CERT, MSC11-J.</a> - Do not let session information leak within a servlet </li>
+</ul>
+
diff --git a/Sonar/Plugins/hello-world-plugin/src/main/resources/de/example/l10n/helloworld/rules/gushelloworld/HELLOWORLDO001_java.json b/Sonar/Plugins/hello-world-plugin/src/main/resources/de/example/l10n/helloworld/rules/gushelloworld/HELLOWORLDO001_java.json
new file mode 100644
index 0000000..4421cd9
--- /dev/null
+++ b/Sonar/Plugins/hello-world-plugin/src/main/resources/de/example/l10n/helloworld/rules/gushelloworld/HELLOWORLDO001_java.json
@@ -0,0 +1,12 @@
+{
+  "title": "HelloWorld SonarQube rule",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "5min"
+  },
+  "tags": [
+    "bad-practice"
+  ],
+  "defaultSeverity": "Major"
+}
diff --git a/Sonar/Plugins/hello-world-plugin/src/test/files/HelloWorldCheck.java b/Sonar/Plugins/hello-world-plugin/src/test/files/HelloWorldCheck.java
new file mode 100644
index 0000000..488a749
--- /dev/null
+++ b/Sonar/Plugins/hello-world-plugin/src/test/files/HelloWorldCheck.java
@@ -0,0 +1,17 @@
+class MyClass {
+	
+	MyClass(MyClass mc) { }
+	
+	int foo1() { return 0; }
+	
+	void foo2(int value) { }
+	
+	// Noncompliant@+1 [[startColumn=6;endLine=+0;endColumn=10;effortToFix=4]] {{Never do that!}}
+	int foo3(int value) { return 0; }
+	
+	Object foo4(int value) { return null; }
+	
+	// Noncompliant@+1 [[startColumn=10;endLine=+0;endColumn=14;effortToFix=4]] {{Never do that!}}
+	MyClass foo5(MyClass value) { return null; }
+ 
+}
diff --git a/Sonar/Plugins/hello-world-plugin/src/test/java/de/example/helloworld/checks/HelloWorldCheckTest.java b/Sonar/Plugins/hello-world-plugin/src/test/java/de/example/helloworld/checks/HelloWorldCheckTest.java
new file mode 100644
index 0000000..d941f61
--- /dev/null
+++ b/Sonar/Plugins/hello-world-plugin/src/test/java/de/example/helloworld/checks/HelloWorldCheckTest.java
@@ -0,0 +1,12 @@
+package de.example.helloworld.checks;
+
+import org.junit.Test;
+import org.sonar.java.checks.verifier.JavaCheckVerifier;
+
+public class HelloWorldCheckTest {
+
+	@Test
+	public void test() {
+		JavaCheckVerifier.verify("src/test/files/HelloWorldCheck.java", new HelloWorldCheck());
+	}
+}
-- 
2.1.4