Merge branch 'feature-345-temp' into feature-345-summary-in-reports

mercedes-benz · Oct 28, 2023 · 9a933f9 · 9a933f9
2 parents ee84a7c + 3efa782
commit 9a933f9
Show file tree

Hide file tree

Showing 7 changed files with 235 additions and 107 deletions.
diff --git a/sechub-api-java/src/main/resources/reduced-openapi3.json b/sechub-api-java/src/main/resources/reduced-openapi3.json
@@ -3387,16 +3387,6 @@
                 "title": "ServerVersion",
                 "type": "object"
             },
-            "JobId": {
-                "title": "JobId",
-                "type": "object",
-                "properties": {
-                    "jobId": {
-                        "type": "string",
-                        "description": "A unique job id"
-                    }
-                }
-            },
             "ExecutionProfileCreate": {
                 "title": "ExecutionProfileCreate",
                 "type": "object",
@@ -3447,6 +3437,16 @@
                     }
                 }
             },
+            "JobId": {
+                "title": "JobId",
+                "type": "object",
+                "properties": {
+                    "jobId": {
+                        "type": "string",
+                        "description": "A unique job id"
+                    }
+                }
+            },
             "JobStatus": {
                 "title": "JobStatus",
                 "type": "object",

diff --git a/...mmons-model/src/main/java/com/mercedesbenz/sechub/commons/model/SecHubReportMetaData.java b/...mmons-model/src/main/java/com/mercedesbenz/sechub/commons/model/SecHubReportMetaData.java
@@ -9,19 +9,19 @@
 @JsonIgnoreProperties(ignoreUnknown = true)
 public class SecHubReportMetaData {
 
-    private Map<String, String> labels = new LinkedHashMap<>();
+	private Map<String, String> labels = new LinkedHashMap<>();
 
-    private SecHubReportSummary summary = new SecHubReportSummary();
+	private SecHubReportSummary summary = new SecHubReportSummary();
 
-    public Map<String, String> getLabels() {
-        return labels;
-    }
+	public Map<String, String> getLabels() {
+		return labels;
+	}
 
-    public SecHubReportSummary getSummary() {
-        return summary;
-    }
+	public SecHubReportSummary getSummary() {
+		return summary;
+	}
 
-    public void setSummary(SecHubReportSummary summary) {
-        this.summary = summary;
-    }
+	public void setSummary(SecHubReportSummary summary) {
+		this.summary = summary;
+	}
 }
diff --git a/...c/main/java/com/mercedesbenz/sechub/commons/model/SecHubReportMetaDataSummaryDetails.java b/...c/main/java/com/mercedesbenz/sechub/commons/model/SecHubReportMetaDataSummaryDetails.java
@@ -1,76 +1,122 @@
 // SPDX-License-Identifier: MIT
 package com.mercedesbenz.sechub.commons.model;
 
+import java.io.IOException;
 import java.util.*;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.deser.std.StdDeserializer;
+import com.fasterxml.jackson.databind.DeserializationContext;
 
 @JsonInclude(JsonInclude.Include.NON_EMPTY)
 @JsonIgnoreProperties(ignoreUnknown = true)
 public class SecHubReportMetaDataSummaryDetails {
+
+	private static final Logger LOG = LoggerFactory.getLogger(SecHubReportMetaDataSummaryDetails.class);
+
+	@JsonDeserialize(using = TreeMapDeserializer.class)
+	Map<String, SeverityDetails> high = new TreeMap<>();
+
+	@JsonDeserialize(using = TreeMapDeserializer.class)
+	Map<String, SeverityDetails> medium = new TreeMap<>();
+
+	@JsonDeserialize(using = TreeMapDeserializer.class)
+	Map<String, SeverityDetails> low = new TreeMap<>();
+
+	public void detailsHelper(SecHubFinding finding) {
+		switch (finding.getSeverity()) {
+		case HIGH -> detailsFiller(high, finding);
+		case MEDIUM -> detailsFiller(medium, finding);
+		case LOW, INFO -> detailsFiller(low, finding);
+		}
+	}
+
+	protected void detailsFiller(Map<String, SeverityDetails> helperMap, SecHubFinding finding) {
+		Integer cweId = finding.getCweId();
+		String name = finding.getName();
+		SeverityDetails severityDetails = helperMap.get(name);
+		if (severityDetails != null) {
+			severityDetails.incrementCount();
+		} else {
+			helperMap.put(name, new SeverityDetails(cweId, name));
+		}
+	}
+
+	public List<SeverityDetails> getHigh() {
+		return new ArrayList<>(high.values());
+	}
+
+	public List<SeverityDetails> getMedium() {
+		return new ArrayList<>(medium.values());
+	}
+
+	public List<SeverityDetails> getLow() {
+		return new ArrayList<>(low.values());
+	}
+
+	@JsonIgnoreProperties(ignoreUnknown = true)
+	public class SeverityDetails {
+		private Integer cweId;
+		private String name;
+		private long count;
+
+		SeverityDetails(Integer cweId, String name) {
+			this.cweId = cweId;
+			this.name = name;
+			this.count = 1;
+		}
+
+		public void incrementCount() {
+			this.count++;
+		}
+
+		public Integer getCweId() {
+			return cweId;
+		}
+
+		public String getName() {
+			return name;
+		}
+
+		public long getCount() {
+			return count;
+		}
+	}
+
+	private static class TreeMapDeserializer extends StdDeserializer<Map<String, SeverityDetails>> {
+
+		public TreeMapDeserializer() {
+			this(null);
+		}
+
+		protected TreeMapDeserializer(Class<?> vc) {
+			super(vc);
+		}
 
-    Map<String, SeverityDetails> high = new TreeMap<>();
-    Map<String, SeverityDetails> medium = new TreeMap<>();
-    Map<String, SeverityDetails> low = new TreeMap<>();
-
-    public void detailsHelper(SecHubFinding finding) {
-        switch (finding.getSeverity()) {
-        case HIGH -> detailsFiller(high, finding);
-        case MEDIUM -> detailsFiller(medium, finding);
-        case LOW, INFO -> detailsFiller(low, finding);
-        }
-    }
-
-    protected void detailsFiller(Map<String, SeverityDetails> helperMap, SecHubFinding finding) {
-        Integer cweId = finding.getCweId();
-        String name = finding.getName();
-        SeverityDetails severityDetails = helperMap.get(name);
-        if (severityDetails != null) {
-            severityDetails.incrementCount();
-        } else {
-            helperMap.put(name, new SeverityDetails(cweId, name));
-        }
-    }
-
-    public List<SeverityDetails> getHigh() {
-        return new ArrayList<>(high.values());
-    }
-
-    public List<SeverityDetails> getMedium() {
-        return new ArrayList<>(medium.values());
-    }
-
-    public List<SeverityDetails> getLow() {
-        return new ArrayList<>(low.values());
-    }
-
-    @JsonIgnoreProperties(ignoreUnknown = true)
-    protected class SeverityDetails {
-        private Integer cweId;
-        private String name;
-        private long count;
-
-        SeverityDetails(Integer cweId, String name) {
-            this.cweId = cweId;
-            this.name = name;
-            this.count = 1;
-        }
-
-        public void incrementCount() {
-            this.count++;
-        }
-
-        public Integer getCweId() {
-            return cweId;
-        }
-
-        public String getName() {
-            return name;
-        }
-
-        public long getCount() {
-            return count;
-        }
-    }
+		@Override
+		public TreeMap<String, SeverityDetails> deserialize(JsonParser jsonParser,
+				DeserializationContext deserializationContext) throws IOException, JsonProcessingException {
+			TreeMap<String, SeverityDetails> treeMap = new TreeMap<>();
+			JsonNode node = jsonParser.getCodec().readTree(jsonParser);
+			node.fields().forEachRemaining(entry -> {
+				try {
+					String key = entry.getKey();
+					SeverityDetails value = entry.getValue().traverse(jsonParser.getCodec())
+							.readValueAs(SeverityDetails.class);
+					treeMap.put(key, value);
+				} catch (IOException e) {
+					LOG.debug("JSON deserialization failed \n" + e);
+				}
+			});
+			return treeMap;
+		}
+	}
 }
diff --git a/...ationtest/src/main/java/com/mercedesbenz/sechub/integrationtest/api/AssertHTMLReport.java b/...ationtest/src/main/java/com/mercedesbenz/sechub/integrationtest/api/AssertHTMLReport.java
@@ -52,4 +52,10 @@ public AssertHTMLReport hasMetaDataLabel(String key, String value) {
         return this;
     }
 
+    public AssertHTMLReport hasHTMLString(String value) {
+    	if (!html.contains(value)) {
+            failWithDump("The report does not contain expected HTML string ':" + value + "'");
+        }    	
+    	return this;
+    }
 }
diff --git a/...tegrationtest/src/main/java/com/mercedesbenz/sechub/integrationtest/api/AssertReport.java b/...tegrationtest/src/main/java/com/mercedesbenz/sechub/integrationtest/api/AssertReport.java
@@ -12,19 +12,8 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.mercedesbenz.sechub.commons.model.ScanType;
-import com.mercedesbenz.sechub.commons.model.SecHubCodeCallStack;
-import com.mercedesbenz.sechub.commons.model.SecHubFinding;
-import com.mercedesbenz.sechub.commons.model.SecHubMessage;
-import com.mercedesbenz.sechub.commons.model.SecHubMessageType;
-import com.mercedesbenz.sechub.commons.model.SecHubReportData;
-import com.mercedesbenz.sechub.commons.model.SecHubReportMetaData;
-import com.mercedesbenz.sechub.commons.model.SecHubReportModel;
-import com.mercedesbenz.sechub.commons.model.SecHubReportVersion;
-import com.mercedesbenz.sechub.commons.model.SecHubResult;
-import com.mercedesbenz.sechub.commons.model.SecHubStatus;
-import com.mercedesbenz.sechub.commons.model.Severity;
-import com.mercedesbenz.sechub.commons.model.TrafficLight;
+import com.mercedesbenz.sechub.commons.model.*;
+import com.mercedesbenz.sechub.commons.model.SecHubReportMetaDataSummaryDetails.SeverityDetails;
 import com.mercedesbenz.sechub.integrationtest.internal.SecHubJobAutoDumper;
 
 public class AssertReport {
@@ -327,6 +316,48 @@ public AssertReport hasMetaDataLabel(String key, String value) {
 
         return this;
     }
+
+    public SecHubReportMetaDataSummary getMetaDataSummaryCodeScan() {
+    	Optional<SecHubReportMetaData> metaDataOpt = report.getMetaData();
+    	if (metaDataOpt.isEmpty()) {
+    		fail("Meta data not found inside report!");
+    	}
+    	SecHubReportMetaData metaData = metaDataOpt.get();
+
+    	return  metaData.getSummary().getCodeScan();
+    }
+
+    public AssertReport hasMetaDataSummaryCodeScanTotal(long value) {
+    	SecHubReportMetaDataSummary metaDataSummary = getMetaDataSummaryCodeScan();
+
+    	assertEquals(value, metaDataSummary.getTotal());
+
+    	return this;
+    }
+
+    public AssertReport hasMetaDataSummaryCodeScanRed(long value) {
+    	SecHubReportMetaDataSummary metaDataSummary = getMetaDataSummaryCodeScan();
+
+    	assertEquals(value, metaDataSummary.getRed());
+
+    	return this;
+    }
+
+    public AssertReport hasMetaDataSummaryCodeScanYellow(long value) {
+    	SecHubReportMetaDataSummary metaDataSummary = getMetaDataSummaryCodeScan();
+
+    	assertEquals(value, metaDataSummary.getYellow());
+
+    	return this;
+    }
+
+    public AssertReport hasMetaDataSummaryCodeScanGreen(long value) {
+    	SecHubReportMetaDataSummary metaDataSummary = getMetaDataSummaryCodeScan();
+
+    	assertEquals(value, metaDataSummary.getGreen());
+
+    	return this;
+    }
 
     public AssertReport dump() {
         LOG.info("-----------------------------------------------------------");

diff --git a/.../mercedesbenz/sechub/integrationtest/scenario10/PDSCodeScanSarifJobScenario10IntTest.java b/.../mercedesbenz/sechub/integrationtest/scenario10/PDSCodeScanSarifJobScenario10IntTest.java
@@ -72,11 +72,10 @@ public void a_user_can_start_a_pds_sarif_scan_and_get_the_sarif_results_transfor
             hasStatus(SecHubStatus.SUCCESS).
             hasMessages(0).
             hasJobUUID(jobUUID).
-            hasMetaDataLabel("quality-level", "high").
-            hasMetaDataLabel("test-label1", "Something special").
-            hasMetaDataLabel("test-label2", "").
-            hasMetaDataLabel("test-label3_with_html", "<html>HTML is allowed, but must always be escaped in reports!</html>").
-            hasMetaDataLabel("test-label4_with_special_chars", "Line1\nLine2\tLine3").
+            hasMetaDataSummaryCodeScanTotal(32).
+            hasMetaDataSummaryCodeScanRed(28).
+            hasMetaDataSummaryCodeScanYellow(2).
+            hasMetaDataSummaryCodeScanGreen(2).
             hasTrafficLight(RED).
                finding(0).
                    hasSeverity(Severity.HIGH).
@@ -98,11 +97,17 @@ public void a_user_can_start_a_pds_sarif_scan_and_get_the_sarif_results_transfor
 
         assertHTMLReport(htmlReport).
             containsAtLeastOneOpenDetailsBlock().
-            hasMetaDataLabel("quality-level", "high").
-            hasMetaDataLabel("test-label1", "Something special").
-            hasMetaDataLabel("test-label2", "").
-            hasMetaDataLabel("test-label3_with_html", "&lt;html&gt;HTML is allowed, but must always be escaped in reports!&lt;/html&gt;").
-            hasMetaDataLabel("test-label4_with_special_chars", "Line1\nLine2\tLine3");
+            hasHTMLString("<td><a href=\"#redCodeScanTable\">28</a></td>").
+            hasHTMLString("<td><a href=\"#yellowCodeScanTable\">2</a></td>").
+            hasHTMLString("<td><a href=\"#greenCodeScanTable\">2</a></td>").            
+            hasHTMLString(" <tr>\n"
+            		+ "            <td>CWE-null</td>\n"
+            		+ "            <td>BRAKE0000</td>\n"
+            		+ "            <td>2</td>\n"
+            		+ "        </tr>").
+            hasHTMLString("Red findings (Count: 28)").
+            hasHTMLString("Yellow findings (Count: 2)").
+            hasHTMLString("Green findings (Count: 2)");
 
         // try to restart SecHub (will reuse existing PDS job because already done )
         assertSecHubRestartWillNotStartNewJobButReusesExistingBecausePDSJobWasAlreadyDone(project,jobUUID);