AST-6024 - Eclipse - Add option to filter - Severity - Status - State

checkmarx-ast-eclipse-plugin-tests/src/test/java/checkmarx/ast/eclipse/plugin/tests/ui/TestUI.java

@@ -3,26 +3,44 @@
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
 import java.util.concurrent.TimeoutException;
+import java.util.stream.Collectors;
 
 import org.eclipse.swtbot.eclipse.finder.waits.Conditions;
 import org.eclipse.swtbot.swt.finder.junit.SWTBotJunit4ClassRunner;
 import org.eclipse.swtbot.swt.finder.keyboard.Keystrokes;
+import org.eclipse.swtbot.swt.finder.widgets.SWTBotToolbarButton;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
+import com.checkmarx.eclipse.views.actions.ActionName;
+import com.checkmarx.eclipse.views.actions.ToolBarActions;
+import com.checkmarx.eclipse.views.filters.Severity;
+
 import checkmarx.ast.eclipse.plugin.tests.common.Environment;
 
 @RunWith(SWTBotJunit4ClassRunner.class)
 public class TestUI extends BaseUITest {
-
+	
 	private static final String ERROR_INCORRECT_SCAN_ID_FORMAT = "Incorrect scanId format.";
 	private static final String ERROR_SERVER_URL_NOT_SET = "Error: Checkmarx server URL is not set";
 
 	private static final String INFO_SCAN_RETRIVING_RESULTS = "Retrieving the results for the scan id: " + Environment.SCAN_ID + " .";
-	private static final String INFO_TYPE_SCAN_TO_GET_RESULTS = "Paste a scanId and hit play to fetch the results.";
 
 	private static final String INFO_SUCCESSFUL_CONNECTION = "Connection successfull !";
+
+	private static final String ASSERT_FILTER_ACTIONS_IN_TOOLBAR = "All filter actions must be in the tool bar";
+	private static final String ASSERT_GROUP_BY_ACTIONS_IN_TOOLBAR = "All group by actions must be in the tool bar";
+	private static final String ASSERT_TREE_CONSTAIN_HIGH_MEDIUM = "Results must contain results grouped by High and Medium";
+	private static final String ASSERT_TREE_CONSTAIN_HIGH_MEDIUM_LOW = "Results must contain results grouped by High, Medium and Low";
+	private static final String ASSERT_TREE_CONSTAIN_HIGH_MEDIUM_LOW_INFO = "Results must contain results grouped by High, Medium, Low and Info";
+	private static final String ASSERT_TREE_WITH_NO_ISSUES = "The tree mustn't have results once we are grouping by severity and no severity is selected";
+	private static final String ASSERT_GROUP_BY_QUERY_NAME = "Parent name must be equals to child name once it is grouped by query name";
+	private static final String ASSERT_NO_CHINDREN = "One group by severity and group by query name are not selected, this node shouldn't have children";
+	private static final String ASSERT_GROUP_BY_SEVERITY_NOT_SELECTED = "Engine child should not be HIGH, MEDIUM, LOW or INFO once the group by severity is not enabled";
 
 	private static boolean _cxSettingsDefined = false;
 
@@ -87,6 +105,146 @@ public void testMissingSetCheckmarxServerUrl() {
 	@Test
 	public void testEnd2End() throws TimeoutException {
 
+		// Set credentials, test connection and add checkmarx plugin
+		setUpCheckmarxPlugin();
+
+		String firstNodeName = _bot.tree().cell(0, COLUMN_TITLE);
+		String secondNodeName = _bot.tree().getTreeItem(firstNodeName).expand().getNode(0).getText();
+		String thirdNodeName = _bot.tree().getTreeItem(firstNodeName).expand().getNode(0).expand().getNode(0).getText();
+
+		// Expand nodes until the first vulnerability
+		_bot.tree().expandNode(firstNodeName).expandNode(secondNodeName).expandNode(thirdNodeName).getNode(0).select();
+
+		sleep(1000);
+
+		// Close Checkmarx AST Scan view
+		_bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).close();
+	}
+
+	@Test
+	public void testFilterButtonsAndGroupByActionsInToolBar() throws TimeoutException {
+
+		// Add Checkmarx AST Plugin
+		addCheckmarxPlugin();
+
+		List<SWTBotToolbarButton> toolbarButtons = _bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).getToolbarButtons();
+		List<String> toolBarButtonsNames = toolbarButtons.stream().map(btn -> btn.getToolTipText().toUpperCase()).collect(Collectors.toList());
+		List<String> filterActions = Arrays.asList(ActionName.HIGH.name(), ActionName.MEDIUM.name(), ActionName.LOW.name(), ActionName.INFO.name());
+
+		// Assert all filter actions are present in the tool bar
+		assertTrue(ASSERT_FILTER_ACTIONS_IN_TOOLBAR, toolBarButtonsNames.containsAll(filterActions));	
+
+		List<String> groupByActions = Arrays.asList(ToolBarActions.GROUP_BY_SEVERITY, ToolBarActions.GROUP_BY_QUERY_NAME);
+		List<String> toolBarGroupByActions = _bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).viewMenu().menu(ToolBarActions.MENU_GROUP_BY).menuItems();
+
+		// Assert all group by actions are present in the tool bar
+		assertTrue(ASSERT_GROUP_BY_ACTIONS_IN_TOOLBAR, toolBarGroupByActions.containsAll(groupByActions));	
+
+		// Close Checkmarx AST Scan view
+		_bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).close();
+	}
+
+	@Test
+	public void testFilteringAndGroupingResults() throws TimeoutException {
+
+		// Set credentials, test connection and add checkmarx plugin
+		setUpCheckmarxPlugin();
+
+		ArrayList<String> currentActiveFilters = new ArrayList<>(Arrays.asList(Severity.HIGH.name(), Severity.MEDIUM.name()));	
+
+		// Checks that tree contains High and Medium results
+		assertTrue(ASSERT_TREE_CONSTAIN_HIGH_MEDIUM, expandTreeUntilFirstEngineAndGetCurrentSeverities().containsAll(currentActiveFilters));			
+
+		// Click to include Low severity
+		clickSeverityFilter(ActionName.LOW.name());
+		currentActiveFilters.add(Severity.LOW.name());
+
+		// Checks that tree contains High, Medium and Low results
+		assertTrue(ASSERT_TREE_CONSTAIN_HIGH_MEDIUM_LOW, expandTreeUntilFirstEngineAndGetCurrentSeverities().containsAll(currentActiveFilters));	
+
+		// Click to include Info severity
+		clickSeverityFilter(ActionName.INFO.name());
+		currentActiveFilters.add(Severity.INFO.name());
+
+		// Checks that tree contains High, Medium, Low and Info results
+		assertTrue(ASSERT_TREE_CONSTAIN_HIGH_MEDIUM_LOW_INFO, expandTreeUntilFirstEngineAndGetCurrentSeverities().containsAll(currentActiveFilters));	
+
+		// Get all filter buttons individually
+		SWTBotToolbarButton filterHighBtn = _bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).getToolbarButtons().stream().filter(btn -> btn.getToolTipText().toUpperCase().equals(ActionName.HIGH.name())).findFirst().get();
+		SWTBotToolbarButton filterMediumBtn = _bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).getToolbarButtons().stream().filter(btn -> btn.getToolTipText().toUpperCase().equals(ActionName.MEDIUM.name())).findFirst().get();
+		SWTBotToolbarButton filterLowBtn = _bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).getToolbarButtons().stream().filter(btn -> btn.getToolTipText().toUpperCase().equals(ActionName.LOW.name())).findFirst().get();
+		SWTBotToolbarButton filterInfoBtn = _bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).getToolbarButtons().stream().filter(btn -> btn.getToolTipText().toUpperCase().equals(ActionName.INFO.name())).findFirst().get();
+
+		// Click to remove all filters
+		filterHighBtn.click();
+		filterMediumBtn.click();
+		filterLowBtn.click();
+		filterInfoBtn.click();
+
+		// Asserts that no issues are visible in the tree once we are grouping by Severity and no severity is selected
+		assertEquals(ASSERT_TREE_WITH_NO_ISSUES, _bot.tree().cell(0, COLUMN_TITLE), Environment.SCAN_ID + " (0 Issues)");
+
+		// Click to include High severity
+		clickSeverityFilter(ActionName.HIGH.name());
+		currentActiveFilters.add(Severity.HIGH.name());
+
+		_bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).viewMenu().menu(ToolBarActions.MENU_GROUP_BY).menu(ToolBarActions.GROUP_BY_QUERY_NAME).click();
+
+		sleep(1000);		
+
+		String firstNodeName = _bot.tree().cell(0, COLUMN_TITLE);
+		String secondNodeName = _bot.tree().getTreeItem(firstNodeName).expand().getNode(0).getText();
+		String thirdNodeName = _bot.tree().getTreeItem(firstNodeName).expand().getNode(0).expand().getNode(0).getText();
+
+		// Expand nodes until the first vulnerability
+		String groupByQueryNameParent = _bot.tree().expandNode(firstNodeName).expandNode(secondNodeName).expandNode(thirdNodeName).getNode(0).getText();
+		String groupByQueryNameChild = _bot.tree().expandNode(firstNodeName).expandNode(secondNodeName).expandNode(thirdNodeName).getNode(0).expand().getNode(0).getText();
+
+		// Select the first vulnerability
+		_bot.tree().expandNode(firstNodeName).expandNode(secondNodeName).expandNode(thirdNodeName).getNode(0).expand().getNode(0).select();
+
+		// Asserts that the vulnerability has the same name as the parent node which means it is grouped by query name
+		assertTrue(ASSERT_GROUP_BY_QUERY_NAME, groupByQueryNameParent.split("\\(")[0].trim().equals(groupByQueryNameChild));
+
+		// Remove either group by severity and query name
+		_bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).viewMenu().menu(ToolBarActions.MENU_GROUP_BY).menu(ToolBarActions.GROUP_BY_QUERY_NAME).click();
+		_bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).viewMenu().menu(ToolBarActions.MENU_GROUP_BY).menu(ToolBarActions.GROUP_BY_SEVERITY).click();
+
+		sleep(1000);
+
+		firstNodeName = _bot.tree().cell(0, COLUMN_TITLE);
+		secondNodeName = _bot.tree().getTreeItem(firstNodeName).expand().getNode(0).getText();
+		_bot.tree().expandNode(firstNodeName).expandNode(secondNodeName);
+
+		sleep(1000);
+
+		// Get's the first engine child
+		String firstEngineChild = _bot.tree().expandNode(firstNodeName).expandNode(secondNodeName).getNode(0).getText();
+
+		// Checks if it starts by HIGH, MEDIUM, LOW or INFO
+		boolean engineChildDontStartWithHIGH = !firstEngineChild.startsWith(ActionName.HIGH.name());
+		boolean engineChildDontStartWithMEDIUM = !firstEngineChild.startsWith(ActionName.MEDIUM.name());
+		boolean engineChildDontStartWithLOW = !firstEngineChild.startsWith(ActionName.LOW.name());
+		boolean engineChildDontStartWithINFO = !firstEngineChild.startsWith(ActionName.INFO.name());
+
+		// Asserts group by options are not enabled
+		assertTrue(ASSERT_NO_CHINDREN, _bot.tree().expandNode(firstNodeName).expandNode(secondNodeName).getNode(0).getNodes().isEmpty());
+		assertTrue(ASSERT_GROUP_BY_SEVERITY_NOT_SELECTED, engineChildDontStartWithHIGH && engineChildDontStartWithMEDIUM && engineChildDontStartWithLOW && engineChildDontStartWithINFO);
+
+		// Close Checkmarx AST Scan view
+		_bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).close();
+	}
+
+	/**
+	 * Set up checkmarx plugin
+	 * 
+	 * 		-> Set credentials
+	 * 		-> Test connection
+	 * 		-> Add checkmarx plugin
+	 * 
+	 * @throws TimeoutException
+	 */
+	private void setUpCheckmarxPlugin() throws TimeoutException{
 		// Test Connection
 		testSuccessfulConnection();
 
@@ -95,9 +253,8 @@ public void testEnd2End() throws TimeoutException {
 
 		preventWidgetWasNullInCIEnvironment();
 
-		assertEquals("The tree must contain one row with an info message", _bot.tree().rowCount(), 1);
-		assertEquals("", INFO_TYPE_SCAN_TO_GET_RESULTS, _bot.tree().cell(0, COLUMN_TITLE));
-
+		sleep(1000);
+
 		// Test incorrect Scan ID format
 		_bot.textWithLabel(LABEL_SCAN_ID).setText("invalid-scan-id");
 		_bot.textWithLabel(LABEL_SCAN_ID).pressShortcut(Keystrokes.LF);
@@ -107,8 +264,6 @@ public void testEnd2End() throws TimeoutException {
 		assertEquals("The tree must contain one row with an error message", _bot.tree().rowCount(), 1);
 		assertEquals("An incorrect scanId format message must be displayed", ERROR_INCORRECT_SCAN_ID_FORMAT, _bot.tree().cell(0, COLUMN_TITLE));
 
-		sleep(1000);
-
 		// type a valid and existing Scan ID
 		typeValidScanID();
 
@@ -118,21 +273,33 @@ public void testEnd2End() throws TimeoutException {
 		waitWhileTreeNodeEqualsTo(INFO_SCAN_RETRIVING_RESULTS);
 
 		assertTrue("The plugin should retrieve results", _bot.tree().cell(0, COLUMN_TITLE).startsWith(Environment.SCAN_ID));
-
+	}
+
+	/**
+	 * Click on a severity filter
+	 * 
+	 * @param actionName
+	 */
+	private void clickSeverityFilter(String actionName) {
+		SWTBotToolbarButton filterLowBtn = _bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).getToolbarButtons().stream().filter(btn -> btn.getToolTipText().toUpperCase().equals(actionName)).findFirst().get();
+		filterLowBtn.click();
+	}
+
+	/**
+	 * Expands the tree until the first engine and picks the list of available severities
+	 * 
+	 * @return
+	 */
+	private List<String> expandTreeUntilFirstEngineAndGetCurrentSeverities() {
 		String firstNodeName = _bot.tree().cell(0, COLUMN_TITLE);
 		String secondNodeName = _bot.tree().getTreeItem(firstNodeName).expand().getNode(0).getText();
-		String thirdNodeName = _bot.tree().getTreeItem(firstNodeName).expand().getNode(0).expand().getNode(0).getText();
-
-		// Expand nodes until the first vulnerability
-		_bot.tree().expandNode(firstNodeName).expandNode(secondNodeName).expandNode(thirdNodeName).getNode(0).select();
 
+		_bot.tree().expandNode(firstNodeName).expandNode(secondNodeName);
 		sleep(1000);
 
-		// Close Checkmarx AST Scan view
-		_bot.viewByTitle(VIEW_CHECKMARX_AST_SCAN).close();
+		return _bot.tree().getTreeItem(_bot.tree().cell(0, COLUMN_TITLE)).expand().getNode(0).getNodes().stream().map(node -> node.split("\\(")[0].trim()).collect(Collectors.toList());
 	}
 
-
 	/**
 	 * Test successful connection
 	 */
@@ -253,6 +420,5 @@ private static void waitWhileTreeNodeEqualsTo(String nodeText) throws TimeoutExc
 		if (retryIdx == 10) {
 			throw new TimeoutException("Timeout after 5000ms. Scan results should be retrieved");
 		}
-
 	}
 }

checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF

@@ -7,7 +7,8 @@ Bundle-Vendor: Checkmarx
 Require-Bundle: org.eclipse.ui,
  org.eclipse.core.runtime;bundle-version="3.22.0",
  org.eclipse.jdt.core;bundle-version="3.26.0",
- org.eclipse.ui.ide;bundle-version="3.18.300"
+ org.eclipse.ui.ide;bundle-version="3.18.300",
+ com.google.guava
 Automatic-Module-Name: com.checkmarx.eclipse
 Bundle-RequiredExecutionEnvironment: JavaSE-11
 Import-Package: org.eclipse.core.resources

checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/utils/PluginUtils.java

@@ -0,0 +1,92 @@
+package com.checkmarx.eclipse.utils;
+
+import java.time.Instant;
+import java.time.ZoneId;
+import java.time.format.DateTimeFormatter;
+import java.util.List;
+
+import org.eclipse.jface.action.Action;
+import org.eclipse.jface.viewers.ComboViewer;
+
+import com.checkmarx.eclipse.views.DataProvider;
+import com.checkmarx.eclipse.views.actions.ActionName;
+import com.checkmarx.eclipse.views.filters.FilterState;
+
+public class PluginUtils {
+
+	private static final String PARAM_TIMESTAMP_PATTERN = "yyyy-MM-dd | HH:mm:ss";
+	private static final String PARAM_SCAN_ID_VALID_FORMAT = "[a-f0-9]{8}-[a-f0-9]{4}-[1-5][a-f0-9]{3}-[89ab][a-f0-9]{3}-[0-9a-f]{12}";
+
+
+	/**
+	 * Converts a String timestamp to a specific format
+	 * 
+	 * @param timestamp
+	 * @return
+	 */
+	public static String convertStringTimeStamp(String timestamp) {
+
+		String parsedDate = null;
+
+		try {
+
+			Instant instant = Instant.parse(timestamp);
+
+			DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ofPattern(PARAM_TIMESTAMP_PATTERN).withZone(ZoneId.systemDefault());
+			parsedDate = dateTimeFormatter.format(instant);
+		} catch (Exception e) {
+			System.out.println(e);
+			return timestamp;
+		}
+
+		return parsedDate;
+	}
+
+	/**
+	 * Validate scan id format
+	 * 
+	 * @param scanId
+	 * @return
+	 */
+	public static boolean validateScanIdFormat(String scanId) {
+		return scanId.matches(PARAM_SCAN_ID_VALID_FORMAT);                           
+	}
+
+	/**
+	 * Enables a combo viewer
+	 * 
+	 * @param comboviewer
+	 * @param enable
+	 */
+	public static void enableComboViewer(ComboViewer comboviewer, boolean enable){
+		comboviewer.getCombo().setEnabled(enable);
+	}
+
+	/**
+	 * Set combo viewer placeholder
+	 * 
+	 * @param comboViewer
+	 * @param text
+	 */
+	public static void setTextForComboViewer(ComboViewer comboViewer , String text) {
+		comboViewer.getCombo().setText(text);
+	}
+
+	/**
+	 * Enable/Disable filter actions
+	 * 
+	 * @param filterActions
+	 */
+	public static void updateFiltersEnabledAndCheckedState(List<Action> filterActions) {
+
+		for(Action action : filterActions) {
+
+			// avoid to disable group by severity and group by query name actions
+			if(!action.getId().equals(ActionName.GROUP_BY_SEVERITY.name()) && !action.getId().equals(ActionName.GROUP_BY_QUERY_NAME.name())) {
+				action.setEnabled(DataProvider.getInstance().getCurrentScanId() != null);
+			}
+
+			action.setChecked(FilterState.isSeverityEnabled(action.getId()));
+		}
+	}	
+}