sonar-java/java-checks/src/main/java/org/sonar/java/checks/TooManyParametersCheck.java at 7e9f7aff17fc48e983648e633fb5380c547b6bfa · SonarSource/sonar-java · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
/*
 * SonarQube Java
 * Copyright (C) SonarSource Sàrl
 * mailto:info AT sonarsource DOT com
 *
 * You can redistribute and/or modify this program under the terms of
 * the Sonar Source-Available License Version 1, as published by SonarSource Sàrl.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the Sonar Source-Available License for more details.
 *
 * You should have received a copy of the Sonar Source-Available License
 * along with this program; if not, see https://sonarsource.com/license/ssal/
 */
package org.sonar.java.checks;

import java.util.Arrays;
import java.util.List;
import org.sonar.check.Rule;
import org.sonar.check.RuleProperty;
import org.sonar.java.utils.SpringUtils;
import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
import org.sonar.plugins.java.api.semantic.SymbolMetadata;
import org.sonar.plugins.java.api.tree.ClassTree;
import org.sonar.plugins.java.api.tree.MethodTree;
import org.sonar.plugins.java.api.tree.Tree;
import org.sonarsource.analyzer.commons.annotations.DeprecatedRuleKey;

import static org.sonar.java.checks.helpers.AnnotationsHelper.hasUnknownAnnotation;

@DeprecatedRuleKey(ruleKey = "S00107", repositoryKey = "squid")
@Rule(key = "S107")
public class TooManyParametersCheck extends IssuableSubscriptionVisitor {

  private static final Tree.Kind[] METHOD_AND_CONSTRUCTOR = {Tree.Kind.METHOD, Tree.Kind.CONSTRUCTOR};
  private static final Tree.Kind[] METHOD_ONLY = {Tree.Kind.METHOD};

  private static final int DEFAULT_MAXIMUM = 7;

  @RuleProperty(
    key = "max",
    description = "Maximum authorized number of parameters",
    defaultValue = "" + DEFAULT_MAXIMUM)
  public int maximum = DEFAULT_MAXIMUM;

  @RuleProperty(
    key = "constructorMax",
    description = "Maximum authorized number of parameters for a constructor",
    defaultValue = "" + DEFAULT_MAXIMUM)
  public int constructorMax = DEFAULT_MAXIMUM;

  private static final List<String> METHOD_ANNOTATION_EXCEPTIONS = Arrays.asList(
    "com.fasterxml.jackson.annotation.JsonCreator",
    "javax.ws.rs.GET",
    "javax.ws.rs.POST",
    "javax.ws.rs.PUT",
    "javax.ws.rs.PATCH",
    "javax.inject.Inject",
    "jakarta.ws.rs.GET",
    "jakarta.ws.rs.POST",
    "jakarta.ws.rs.PUT",
    "jakarta.ws.rs.PATCH",
    "jakarta.inject.Inject",
    "lombok.Builder",
    "io.micronaut.http.annotation.Get",
    "io.micronaut.http.annotation.Post",
    "io.micronaut.http.annotation.Put",
    "io.micronaut.http.annotation.Delete",
    "io.micronaut.http.annotation.Options",
    "io.micronaut.http.annotation.Patch",
    "io.micronaut.http.annotation.Head",
    "io.micronaut.http.annotation.Trace",
    SpringUtils.AUTOWIRED_ANNOTATION);

  @Override
  public List<Tree.Kind> nodesToVisit() {
    // This rule has the following exceptions: RECORD, ANNOTATION_TYPE
    return Arrays.asList(Tree.Kind.CLASS, Tree.Kind.INTERFACE, Tree.Kind.ENUM);
  }

  @Override
  public void visitNode(Tree tree) {
    ClassTree classTree = (ClassTree) tree;

    // this is true only if the class has unknown annotations or a single constructor
    // if TRUE, we can skip the analysis of constructors in the forEach below
    Tree.Kind[] membersToVisit = membersToVisit(classTree);

    classTree.members().stream()
      .filter(member -> member.is(membersToVisit))
      .forEach(member -> visitMethod((MethodTree) member));
  }

  private void visitMethod(MethodTree method) {
    if (isOverriding(method) || usesAuthorizedAnnotation(method)) {
      return;
    }
    int max;
    String partialMessage;
    if (method.is(Tree.Kind.CONSTRUCTOR)) {
      max = constructorMax;
      partialMessage = "Constructor";
    } else {
      max = maximum;
      partialMessage = "Method";
    }
    int size = method.parameters().size();
    if (size > max) {
      reportIssue(method.simpleName(), partialMessage + " has " + size + " parameters, which is greater than " + max + " authorized.");
    }
  }

  private static boolean isOverriding(MethodTree tree) {
    // In case of unknown hierarchy, isOverriding() returns null, we return true to avoid FPs.
    return !Boolean.FALSE.equals(tree.isOverriding());
  }

  private static boolean usesAuthorizedAnnotation(MethodTree method) {
    SymbolMetadata metadata = method.symbol().metadata();
    return hasUnknownAnnotation(metadata) || METHOD_ANNOTATION_EXCEPTIONS.stream().anyMatch(metadata::isAnnotatedWith);
  }

  private static Tree.Kind[] membersToVisit(ClassTree methodParentClass) {
    SymbolMetadata parentClassMetadata = methodParentClass.symbol().metadata();
    if (hasUnknownAnnotation(parentClassMetadata)) {
      long numberOfConstructors = methodParentClass.members().stream().filter(member -> member.is(Tree.Kind.CONSTRUCTOR)).count();
      if (numberOfConstructors == 1) {
        // skip constructors
        return METHOD_ONLY;
      }
    }
    return METHOD_AND_CONSTRUCTOR;
  }
}