SLVS-2525 Show taints in the report view

Author: gabriela-trutan-sonarsource

src/IssueViz.Security.UnitTests/ReportView/ReportViewModelTest.cs

@@ -28,6 +28,7 @@
 using SonarLint.VisualStudio.IssueVisualization.Security.DependencyRisks;
 using SonarLint.VisualStudio.IssueVisualization.Security.ReportView;
 using SonarLint.VisualStudio.IssueVisualization.Security.ReportView.Hotspots;
+using SonarLint.VisualStudio.IssueVisualization.Security.ReportView.Taint;
 using SonarLint.VisualStudio.TestInfrastructure;
 
 namespace SonarLint.VisualStudio.IssueVisualization.Security.UnitTests.ReportView;
@@ -39,6 +40,7 @@ public class ReportViewModelTest
     private IActiveSolutionBoundTracker activeSolutionBoundTracker;
     private IDependencyRisksStore dependencyRisksStore;
     private IHotspotsReportViewModel hotspotsReportViewModel;
+    private ITaintsReportViewModel taintsReportViewModel;
     private IShowDependencyRiskInBrowserHandler showDependencyRiskInBrowserHandler;
     private IChangeDependencyRiskStatusHandler changeDependencyRiskStatusHandler;
     private INavigateToRuleDescriptionCommand navigateToRuleDescriptionCommand;
@@ -54,6 +56,7 @@ public void Initialize()
         activeSolutionBoundTracker = Substitute.For<IActiveSolutionBoundTracker>();
         dependencyRisksStore = Substitute.For<IDependencyRisksStore>();
         hotspotsReportViewModel = Substitute.For<IHotspotsReportViewModel>();
+        taintsReportViewModel = Substitute.For<ITaintsReportViewModel>();
         showDependencyRiskInBrowserHandler = Substitute.For<IShowDependencyRiskInBrowserHandler>();
         changeDependencyRiskStatusHandler = Substitute.For<IChangeDependencyRiskStatusHandler>();
         navigateToRuleDescriptionCommand = Substitute.For<INavigateToRuleDescriptionCommand>();
@@ -63,6 +66,7 @@ public void Initialize()
         threadHandling = Substitute.ForPartsOf<NoOpThreadHandler>();
         eventHandler = Substitute.For<PropertyChangedEventHandler>();
         hotspotsReportViewModel.GetHotspotsGroupViewModels().Returns([]);
+        taintsReportViewModel.GetTaintsGroupViewModels().Returns([]);
 
         testSubject = CreateTestSubject();
     }
@@ -75,6 +79,7 @@ public void Class_SubscribesToEvents()
     {
         hotspotsReportViewModel.Received(1).HotspotsChanged += Arg.Any<EventHandler>();
         dependencyRisksStore.Received(1).DependencyRisksChanged += Arg.Any<EventHandler>();
+        taintsReportViewModel.Received(1).TaintsChanged += Arg.Any<EventHandler>();
     }
 
     [TestMethod]
@@ -96,19 +101,50 @@ public void Ctor_InitializesDependencyRisks()
         VerifyExpectedDependencyRiskGroupViewModel(testSubject.GroupViewModels[0] as GroupDependencyRiskViewModel, dependencyRisk);
     }
 
+    [TestMethod]
+    public void Ctor_InitializesHotspots()
+    {
+        var hotspotGroupViewModel = CreateMockedGroupViewModel(filePath: "myFile.cs");
+        var hotspotGroupViewModel2 = CreateMockedGroupViewModel(filePath: "myFile2.cs");
+        hotspotsReportViewModel.GetHotspotsGroupViewModels().Returns([hotspotGroupViewModel, hotspotGroupViewModel2]);
+
+        testSubject = CreateTestSubject();
+
+        testSubject.GroupViewModels.Should().HaveCount(2);
+        testSubject.GroupViewModels.Should().Contain(hotspotGroupViewModel);
+        testSubject.GroupViewModels.Should().Contain(hotspotGroupViewModel2);
+    }
+
+    [TestMethod]
+    public void Ctor_InitializesTaints()
+    {
+        var taintGroupViewModel = CreateMockedGroupViewModel(filePath: "myFile.cs");
+        var taintGroupViewModel2 = CreateMockedGroupViewModel(filePath: "myFile2.cs");
+        taintsReportViewModel.GetTaintsGroupViewModels().Returns([taintGroupViewModel, taintGroupViewModel2]);
+
+        testSubject = CreateTestSubject();
+
+        testSubject.GroupViewModels.Should().HaveCount(2);
+        testSubject.GroupViewModels.Should().Contain(taintGroupViewModel);
+        testSubject.GroupViewModels.Should().Contain(taintGroupViewModel2);
+    }
+
     [TestMethod]
     public void Ctor_MixedIssuesTypes_CreatesGroupViewModelsCorrectly()
     {
         var dependencyRisk = CreateDependencyRisk();
         MockRisksInStore(dependencyRisk);
         var hotspotGroupViewModel = CreateMockedGroupViewModel(filePath: "myFile.cs");
         hotspotsReportViewModel.GetHotspotsGroupViewModels().Returns([hotspotGroupViewModel]);
+        var taintGroupViewModel = CreateMockedGroupViewModel(filePath: "myFile2.cs");
+        taintsReportViewModel.GetTaintsGroupViewModels().Returns([taintGroupViewModel]);
 
         testSubject = CreateTestSubject();
 
-        testSubject.GroupViewModels.Should().HaveCount(2);
+        testSubject.GroupViewModels.Should().HaveCount(3);
         VerifyExpectedDependencyRiskGroupViewModel(testSubject.GroupViewModels[0] as GroupDependencyRiskViewModel, dependencyRisk);
-        testSubject.GroupViewModels[1].Should().Be(hotspotGroupViewModel);
+        testSubject.GroupViewModels.Should().Contain(hotspotGroupViewModel);
+        testSubject.GroupViewModels.Should().Contain(taintGroupViewModel);
     }
 
     [TestMethod]
@@ -130,6 +166,8 @@ public void Dispose_UnsubscribesFromEvents()
         dependencyRisksStore.Received(1).DependencyRisksChanged -= Arg.Any<EventHandler>();
         hotspotsReportViewModel.Received(1).HotspotsChanged -= Arg.Any<EventHandler>();
         hotspotsReportViewModel.Received(1).Dispose();
+        taintsReportViewModel.Received(1).TaintsChanged -= Arg.Any<EventHandler>();
+        taintsReportViewModel.Received(1).Dispose();
     }
 
     [TestMethod]
@@ -203,7 +241,7 @@ public void HotspotsChanged_TwoGroups_UpdatesOnlyHotspotGroupViewModels()
         var group1 = CreateMockedGroupViewModel(filePath: "myFile.cs");
         var group2 = CreateMockedGroupViewModel(filePath: "myFile.cs");
         hotspotsReportViewModel.GetHotspotsGroupViewModels().Returns([group1, group2]);
-        dependencyRisksStore.ClearReceivedCalls();
+        ClearCallsForReportsViewModels();
 
         hotspotsReportViewModel.HotspotsChanged += Raise.EventWith(testSubject, EventArgs.Empty);
 
@@ -212,19 +250,53 @@ public void HotspotsChanged_TwoGroups_UpdatesOnlyHotspotGroupViewModels()
         testSubject.GroupViewModels.Should().Contain(group2);
         VerifyHasGroupsUpdated();
         dependencyRisksStore.DidNotReceive().GetAll();
+        taintsReportViewModel.DidNotReceive().GetTaintsGroupViewModels();
     }
 
     [TestMethod]
     public void HotspotsChanged_NoGroups_RaisesProperty()
     {
         hotspotsReportViewModel.GetHotspotsGroupViewModels().Returns([]);
-        dependencyRisksStore.ClearReceivedCalls();
+        ClearCallsForReportsViewModels();
 
         hotspotsReportViewModel.HotspotsChanged += Raise.EventWith(testSubject, EventArgs.Empty);
 
         testSubject.GroupViewModels.Should().BeEmpty();
         VerifyHasGroupsUpdated();
         dependencyRisksStore.DidNotReceive().GetAll();
+        taintsReportViewModel.DidNotReceive().GetTaintsGroupViewModels();
+    }
+
+    [TestMethod]
+    public void TaintsChanged_TwoGroups_UpdatesOnlyTaintsGroupViewModels()
+    {
+        var group1 = CreateMockedGroupViewModel(filePath: "myFile.cs");
+        var group2 = CreateMockedGroupViewModel(filePath: "myFile.cs");
+        taintsReportViewModel.GetTaintsGroupViewModels().Returns([group1, group2]);
+        ClearCallsForReportsViewModels();
+
+        taintsReportViewModel.TaintsChanged += Raise.EventWith(testSubject, EventArgs.Empty);
+
+        testSubject.GroupViewModels.Should().HaveCount(2);
+        testSubject.GroupViewModels.Should().Contain(group1);
+        testSubject.GroupViewModels.Should().Contain(group2);
+        VerifyHasGroupsUpdated();
+        dependencyRisksStore.DidNotReceive().GetAll();
+        hotspotsReportViewModel.DidNotReceive().GetHotspotsGroupViewModels();
+    }
+
+    [TestMethod]
+    public void TaintsChanged_NoGroups_RaisesProperty()
+    {
+        taintsReportViewModel.GetTaintsGroupViewModels().Returns([]);
+        ClearCallsForReportsViewModels();
+
+        taintsReportViewModel.TaintsChanged += Raise.EventWith(testSubject, EventArgs.Empty);
+
+        testSubject.GroupViewModels.Should().BeEmpty();
+        VerifyHasGroupsUpdated();
+        dependencyRisksStore.DidNotReceive().GetAll();
+        hotspotsReportViewModel.DidNotReceive().GetHotspotsGroupViewModels();
     }
 
     [TestMethod]
@@ -260,11 +332,12 @@ public void DependencyRisksAddedInStore_DoesNotUpdateHotspots()
         var addedRisk = CreateDependencyRisk();
         dependencyRisksStore.GetAll().Returns([], [addedRisk]);
         testSubject = CreateTestSubject();
-        hotspotsReportViewModel.ClearReceivedCalls();
+        ClearCallsForReportsViewModels();
 
         dependencyRisksStore.DependencyRisksChanged += Raise.Event<EventHandler>();
 
         hotspotsReportViewModel.DidNotReceive().GetHotspotsGroupViewModels();
+        taintsReportViewModel.DidNotReceive().GetTaintsGroupViewModels();
         VerifyHasGroupsUpdated();
     }
 
@@ -300,16 +373,17 @@ public void DependencyRisksRemovedFromStore_DoesNotUpdateHotspots()
         var initialRisk = CreateDependencyRisk();
         dependencyRisksStore.GetAll().Returns([initialRisk], new IDependencyRisk[] { });
         testSubject = CreateTestSubject();
-        hotspotsReportViewModel.ClearReceivedCalls();
+        ClearCallsForReportsViewModels();
 
         dependencyRisksStore.DependencyRisksChanged += Raise.Event<EventHandler>();
 
         hotspotsReportViewModel.DidNotReceive().GetHotspotsGroupViewModels();
+        taintsReportViewModel.DidNotReceive().GetTaintsGroupViewModels();
         VerifyHasGroupsUpdated();
     }
 
     [TestMethod]
-    public void HasRisks_ReturnsTrue_WhenThereAreRisks()
+    public void HasGroups_ReturnsTrue_WhenThereAreRisks()
     {
         MockRisksInStore(CreateDependencyRisk());
         testSubject = CreateTestSubject();
@@ -318,7 +392,7 @@ public void HasRisks_ReturnsTrue_WhenThereAreRisks()
     }
 
     [TestMethod]
-    public void HasRisks_ReturnsFalse_WhenThereAreNoRisks() => testSubject.HasGroups.Should().BeFalse();
+    public void HasGroups_ReturnsFalse_WhenThereAreNoRisks() => testSubject.HasGroups.Should().BeFalse();
 
     [TestMethod]
     public void NavigateToLocationCommand_NullParameter_CanExecuteReturnsFalse() => testSubject.NavigateToLocationCommand.CanExecute(null).Should().BeFalse();
@@ -356,6 +430,7 @@ private ReportViewModel CreateTestSubject()
             locationNavigator,
             hotspotsReportViewModel,
             new DependencyRisksReportViewModel(dependencyRisksStore, showDependencyRiskInBrowserHandler, changeDependencyRiskStatusHandler, messageBox),
+            taintsReportViewModel,
             telemetryManager,
             threadHandling);
         reportViewModel.PropertyChanged += eventHandler;
@@ -391,4 +466,11 @@ private static void VerifyExpectedDependencyRiskGroupViewModel(GroupDependencyRi
     }
 
     private void VerifyHasGroupsUpdated() => eventHandler.Received().Invoke(Arg.Any<object>(), Arg.Is<PropertyChangedEventArgs>(p => p.PropertyName == nameof(testSubject.HasGroups)));
+
+    private void ClearCallsForReportsViewModels()
+    {
+        dependencyRisksStore.ClearReceivedCalls();
+        taintsReportViewModel.ClearReceivedCalls();
+        hotspotsReportViewModel.ClearReceivedCalls();
+    }
 }

src/IssueViz.Security/ReportView/IIssueViewModel.cs

@@ -22,6 +22,7 @@
 
 namespace SonarLint.VisualStudio.IssueVisualization.Security.ReportView;
 
+// TODO by SLVS-2525 introduce type to show in the UI so that user can distinguish between different issue types (e.g., hotspot, taint, normal issues)
 public interface IIssueViewModel
 {
     int? Line { get; }

src/IssueViz.Security/ReportView/ReportViewControl.xaml

@@ -410,6 +410,60 @@
                         </TextBlock>
                     </Grid>
                 </DataTemplate>
+
+                <!--Issue styling-->
+                <DataTemplate DataType="{x:Type reportView:IssueViewModel}">
+                    <Grid Margin="5,2" 
+                          MouseRightButtonDown="TreeViewItem_OnMouseRightButtonDown">
+                        <Grid.ColumnDefinitions>
+                            <ColumnDefinition Width="Auto" />
+                            <ColumnDefinition Width="Auto" />
+                            <ColumnDefinition Width="Auto" />
+                            <ColumnDefinition Width="Auto" />
+                        </Grid.ColumnDefinitions>
+                        <Image Grid.Column="0" Height="17" VerticalAlignment="Center">
+                            <Image.Source>
+                                <MultiBinding 
+                                    Converter="{StaticResource EnumToImageSourceConverter}" ConverterParameter="Severity">
+                                    <Binding Path="Issue.Issue.Severity" />
+                                    <Binding RelativeSource="{RelativeSource Self}" />
+                                    <Binding Path="ResourceFinder"
+                              RelativeSource="{RelativeSource FindAncestor, AncestorType=UserControl}" />
+                                </MultiBinding>
+                            </Image.Source>
+                            <Image.ToolTip>
+                                <StackPanel>
+                                    <TextBlock>
+                         <Run Text="{x:Static res:Resources.DependencyRiskImpactSeverityTooltip}" />
+                         <Run Text="{Binding Issue.Issue.Severity, Mode=OneWay}" />
+                                    </TextBlock>
+                                </StackPanel>
+                            </Image.ToolTip>
+                        </Image>
+                        <TextBlock Grid.Column="1"
+                                   Margin="2,0,0,2"
+                                   Style="{StaticResource LocationTextBlockStyle}">
+                            <Run Text="{Binding Line, Mode=OneWay, StringFormat={}({0}\,}" />
+                            <Run Text="{Binding Path=Column, Mode=OneWay, StringFormat={}{0})}" />
+                        </TextBlock>
+                        <TextBlock Grid.Column="2" Text="{Binding Title}" Margin="5,0,0,0"
+                                   Style="{StaticResource IssueTextBlockStyle}" />
+                        <TextBlock Grid.Column="3" Margin="5,0,0,0"
+                                   Style="{StaticResource IssueTextBlockStyle}">
+                            <Hyperlink Style="{StaticResource RuleKeyLinkStyle}"
+                                       Command="{Binding DataContext.NavigateToRuleDescriptionCommand, RelativeSource={RelativeSource Mode=FindAncestor, AncestorType=TreeView}}">
+                                <Hyperlink.CommandParameter>
+                                    <MultiBinding Converter="{StaticResource NavigateToRuleDescriptionCommandConverter}">
+                                        <Binding Path=".RuleInfo.RuleKey" />
+                                        <Binding Path=".RuleInfo.IssueId" />
+                                    </MultiBinding>
+                                </Hyperlink.CommandParameter>
+                                <TextBlock Text="{Binding RuleInfo.RuleKey}"
+                                           Style="{StaticResource CellTextBlockStyle}" />
+                            </Hyperlink>
+                        </TextBlock>
+                    </Grid>
+                </DataTemplate>
             </TreeView.Resources>
         </TreeView>
 

src/IssueViz.Security/ReportView/ReportViewControl.xaml.cs

@@ -32,6 +32,7 @@
 using SonarLint.VisualStudio.IssueVisualization.IssueVisualizationControl.ViewModels.Commands;
 using SonarLint.VisualStudio.IssueVisualization.Security.DependencyRisks;
 using SonarLint.VisualStudio.IssueVisualization.Security.ReportView.Hotspots;
+using SonarLint.VisualStudio.IssueVisualization.Security.ReportView.Taint;
 using SonarLint.VisualStudio.IssueVisualization.Security.ReviewStatus;
 
 namespace SonarLint.VisualStudio.IssueVisualization.Security.ReportView;
@@ -45,13 +46,15 @@ internal sealed partial class ReportViewControl : UserControl
     public ReportViewModel ReportViewModel { get; }
     public IHotspotsReportViewModel HotspotsReportViewModel { get; }
     public IDependencyRisksReportViewModel DependencyRisksReportViewModel { get; }
+    public ITaintsReportViewModel TaintsReportViewModel { get; }
     public IResourceFinder ResourceFinder { get; } = new ResourceFinder();
 
     public ReportViewControl(
         IActiveSolutionBoundTracker activeSolutionBoundTracker,
         IBrowserService browserService,
         IHotspotsReportViewModel hotspotsReportViewModel,
         IDependencyRisksReportViewModel dependencyRisksReportViewModel,
+        ITaintsReportViewModel taintsReportViewModel,
         INavigateToRuleDescriptionCommand navigateToRuleDescriptionCommand,
         ILocationNavigator locationNavigator,
         ITelemetryManager telemetryManager,
@@ -61,11 +64,13 @@ public ReportViewControl(
         this.browserService = browserService;
         HotspotsReportViewModel = hotspotsReportViewModel;
         DependencyRisksReportViewModel = dependencyRisksReportViewModel;
+        TaintsReportViewModel = taintsReportViewModel;
         ReportViewModel = new ReportViewModel(activeSolutionBoundTracker,
             navigateToRuleDescriptionCommand,
             locationNavigator,
             HotspotsReportViewModel,
             DependencyRisksReportViewModel,
+            TaintsReportViewModel,
             telemetryManager,
             threadHandling);
         InitializeComponent();