SONARJAVA-4748 S6833 don't raise an issue if a method has a mapping annotation and no responseBody annotation (#5118)

Author: erwan-serandour

its/autoscan/src/test/resources/autoscan/diffs/diff_S3752.json

@@ -1,6 +1,6 @@
 {
   "ruleKey": "S3752",
   "hasTruePositives": true,
-  "falseNegatives": 25,
+  "falseNegatives": 26,
   "falsePositives": 0
 }

java-checks-test-sources/default/src/main/java/checks/spring/ControllerWithRestControllerReplacementCheck.java

@@ -0,0 +1,157 @@
+package checks.spring;
+
+import javax.annotation.Nullable;
+import org.springframework.stereotype.Controller;
+import org.springframework.stereotype.Service;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PatchMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+public class ControllerWithRestControllerReplacementCheckSample {
+
+  @Controller // Noncompliant [[quickfixes=qf1,qf2]]
+//^^^^^^^^^^^
+              // "@ResponseBody" annotations.}}
+  // fix@qf2 {{Replace "@Controller" by "@RestController".}}
+  // edit@qf2 [[sl=16;el=16;sc=3;ec=14]] {{@RestController}}
+  class ClassOne {
+
+    @ResponseBody
+//  ^^^^^^^^^^^^^<
+    // fix@qf1 {{Remove "@ResponseBody" annotations.}}
+    // edit@qf1 [[sl=23;el=23;sc=5;ec=18]] {{}}
+    public void m() {
+    }
+  }
+
+  @Controller // Noncompliant
+  @ResponseBody
+  class ClassTwo {
+
+    public void m() {
+    }
+  }
+
+  @Controller // Noncompliant
+  class ClassThree {
+
+    @ResponseBody
+    public void m() {
+    }
+
+    public void m2() {
+    }
+  }
+
+  @Controller // Compliant
+  class ClassFour {
+
+    public void m() {
+    }
+  }
+
+  @Controller // Compliant
+  class ClassFive {
+
+    @Nullable
+    public void m() {
+    }
+  }
+
+  @Service // Compliant
+  class ClassSix {
+
+    @ResponseBody
+    public void m() {
+    }
+  }
+
+  @Controller // Noncompliant [[quickfixes=qf3,qf4]]
+//^^^^^^^^^^^
+              // "@ResponseBody" annotations.}}
+  // fix@qf4 {{Replace "@Controller" by "@RestController".}}
+  // edit@qf4 [[sl=73;el=73;sc=3;ec=14]] {{@RestController}}
+  class ClassSeven {
+
+    @ResponseBody
+//  ^^^^^^^^^^^^^<
+    // fix@qf3 {{Remove "@ResponseBody" annotations.}}
+    // edit@qf3 [[sl=80;el=80;sc=5;ec=18]] {{}}
+    public void m() {
+    }
+
+    @ResponseBody
+//  ^^^^^^^^^^^^^<
+    // fix@qf3 {{Remove "@ResponseBody" annotations.}}
+    // edit@qf3 [[sl=87;el=87;sc=5;ec=18]] {{}}
+    public void m2() {
+    }
+  }
+
+  @Controller // Noncompliant
+  class GetAndResponseBody {
+    String foo = "hello";
+
+    @ResponseBody
+    @GetMapping
+    public void m() {}
+
+    public void n() {}
+  }
+
+  @Controller // compliant
+  class MixedResponseBodyAndGet {
+    @GetMapping
+    public void m() {}
+    @ResponseBody
+    public void n() {}
+  }
+
+  @Controller // compliant
+  class MixedResponseBodyAndPost {
+    @PostMapping
+    public void m() {}
+    @PostMapping
+    @ResponseBody
+    public void n() {}
+  }
+
+  @Controller // compliant
+  class MixedResponseBodyAndRequest {
+    @RequestMapping
+    public void m() {}
+    @ResponseBody
+    public void n() {}
+  }
+
+  @Controller // compliant
+  class MixedResponseBodyAndPatch {
+    @PatchMapping
+    public void m() {}
+    @ResponseBody
+    public void n() {}
+    @ResponseBody
+    public void k() {}
+  }
+
+  @Controller // compliant
+  class MixedResponseBodyAndDelete {
+    @DeleteMapping
+    public void m() {}
+    @ResponseBody
+    public void n() {}
+  }
+
+  @Controller // compliant
+  class MixedResponseBodyAndPut {
+    @PutMapping
+    public void m() {}
+    @ResponseBody
+    public void n() {}
+  }
+
+}

java-checks-test-sources/default/src/main/java/checks/spring/ControllerWithRestControllerReplacementCheckSample.java

@@ -18,18 +18,28 @@
 
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Optional;
 import org.sonar.check.Rule;
 import org.sonar.java.checks.helpers.QuickFixHelper;
 import org.sonar.java.reporting.JavaQuickFix;
 import org.sonar.java.reporting.JavaTextEdit;
 import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
 import org.sonar.plugins.java.api.JavaFileScannerContext;
+import org.sonar.plugins.java.api.tree.AnnotationTree;
 import org.sonar.plugins.java.api.tree.ClassTree;
 import org.sonar.plugins.java.api.tree.MethodTree;
 import org.sonar.plugins.java.api.tree.Tree;
 
 @Rule(key = "S6833")
 public class ControllerWithRestControllerReplacementCheck extends IssuableSubscriptionVisitor {
+  private static final String RESPONSE_BODY = "org.springframework.web.bind.annotation.ResponseBody";
+  private static final List<String> MAPPING_ANNOTATIONS = List.of(
+    "org.springframework.web.bind.annotation.RequestMapping",
+    "org.springframework.web.bind.annotation.GetMapping",
+    "org.springframework.web.bind.annotation.PostMapping",
+    "org.springframework.web.bind.annotation.PutMapping",
+    "org.springframework.web.bind.annotation.PatchMapping",
+    "org.springframework.web.bind.annotation.DeleteMapping");
 
   @Override
   public List<Tree.Kind> nodesToVisit() {
@@ -48,22 +58,31 @@ public void visitNode(Tree tree) {
       return;
     }
 
+    List<AnnotationTree> responseBodyOnMethods = new ArrayList<>();
+
+    for (Tree member : classTree.members()) {
+      if (member instanceof MethodTree method) {
+
+        var response = firstAnnotation(method, List.of(RESPONSE_BODY));
+        if (response.isPresent()) {
+          responseBodyOnMethods.add(response.get());
+        } else if (firstAnnotation(method, MAPPING_ANNOTATIONS).isPresent()) {
+          return;
+        }
+      }
+    }
+
     var secondaryLocations = new ArrayList<JavaFileScannerContext.Location>();
     List<JavaTextEdit> edits = new ArrayList<>();
 
-    classTree.members().stream()
-      .filter(member -> member.is(Tree.Kind.METHOD))
-      .map(MethodTree.class::cast)
-      .forEach(method -> {
-        var methodAnnotation = method.modifiers().annotations().stream()
-          .filter(a -> "org.springframework.web.bind.annotation.ResponseBody".equals(a.annotationType().symbolType().fullyQualifiedName()))
-          .findFirst();
-        methodAnnotation.ifPresent(annotationTree -> secondaryLocations.add(new JavaFileScannerContext.Location("Remove this \"@ResponseBody\" annotation.", annotationTree)));
-        methodAnnotation.ifPresent(annotationTree -> edits.add(JavaTextEdit.removeTree(annotationTree)));
+    responseBodyOnMethods
+      .forEach(ann -> {
+        secondaryLocations.add(new JavaFileScannerContext.Location("Remove this \"@ResponseBody\" annotation.", ann));
+        edits.add(JavaTextEdit.removeTree(ann));
       });
 
     classTree.modifiers().annotations().stream()
-      .filter(a -> "org.springframework.web.bind.annotation.ResponseBody".equals(a.annotationType().symbolType().fullyQualifiedName()))
+      .filter(ControllerWithRestControllerReplacementCheck::isResponseBody)
       .forEach(annotationTree -> secondaryLocations.add(new JavaFileScannerContext.Location("Remove this \"@ResponseBody\" annotation.", annotationTree)));
 
     if (secondaryLocations.isEmpty()) {
@@ -81,4 +100,18 @@ public void visitNode(Tree tree) {
 
   }
 
+  private static boolean isResponseBody(AnnotationTree a) {
+    return RESPONSE_BODY.equals(a.symbolType().fullyQualifiedName());
+  }
+
+  private static Optional<AnnotationTree> firstAnnotation(MethodTree method, List<String> annFullyQualifiedNames) {
+    for (AnnotationTree annotation : method.modifiers().annotations()) {
+      String fqn = annotation.symbolType().fullyQualifiedName();
+      if (annFullyQualifiedNames.contains(fqn)) {
+        return Optional.of(annotation);
+      }
+    }
+    return Optional.empty();
+  }
+
 }

java-checks/src/main/java/org/sonar/java/checks/spring/ControllerWithRestControllerReplacementCheck.java

@@ -26,7 +26,7 @@ class ControllerWithRestControllerReplacementCheckTest {
   @Test
   void test() {
     CheckVerifier.newVerifier()
-      .onFile(mainCodeSourcesPath("checks/spring/ControllerWithRestControllerReplacementCheck.java"))
+      .onFile(mainCodeSourcesPath("checks/spring/ControllerWithRestControllerReplacementCheckSample.java"))
       .withCheck(new ControllerWithRestControllerReplacementCheck())
       .verifyIssues();
   }