SONARPY-574 Rule S5713: A subclass should not be in the same "except"… (SonarSource#614)

guillaume-dequenne · pynicolas · web-flow · commit 12a57caa3b4c · 2020-03-06T15:31:58.000+01:00
* SONARPY-574 Rule S5713: A subclass should not be in the same "except" clause as a parent class

* SONARPY-574 Refactor S5713 and add ClassSymbol.isOrExtends(ClassSymbol)

Co-authored-by: Pierre-Yves Nicolas &lt;pierre-yves.nicolas@sonarsource.com&gt;
diff --git a/its/ruling/src/test/resources/expected/python-S5713.json b/its/ruling/src/test/resources/expected/python-S5713.json
@@ -0,0 +1,5 @@
+{
+'project:django-2.2.3/django/template/defaultfilters.py':[
+816,
+],
+}
diff --git a/python-checks/src/main/java/org/sonar/python/checks/CheckList.java b/python-checks/src/main/java/org/sonar/python/checks/CheckList.java
@@ -64,6 +64,7 @@ public static Iterable<Class> getChecks() {
       BooleanExpressionInExceptCheck.class,
       BreakContinueOutsideLoopCheck.class,
       CaughtExceptionsCheck.class,
+      ChildAndParentExceptionCaughtCheck.class,
       ClassComplexityCheck.class,
       ClassNameCheck.class,
       ClearTextProtocolsCheck.class,
diff --git a/python-checks/src/main/java/org/sonar/python/checks/ChildAndParentExceptionCaughtCheck.java b/python-checks/src/main/java/org/sonar/python/checks/ChildAndParentExceptionCaughtCheck.java
@@ -0,0 +1,88 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.python.checks;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import org.sonar.check.Rule;
+import org.sonar.plugins.python.api.PythonSubscriptionCheck;
+import org.sonar.plugins.python.api.SubscriptionContext;
+import org.sonar.plugins.python.api.symbols.ClassSymbol;
+import org.sonar.plugins.python.api.symbols.Symbol;
+import org.sonar.plugins.python.api.tree.ExceptClause;
+import org.sonar.plugins.python.api.tree.Expression;
+import org.sonar.plugins.python.api.tree.HasSymbol;
+import org.sonar.plugins.python.api.tree.Tree;
+import org.sonar.python.tree.TreeUtils;
+
+@Rule(key = "S5713")
+public class ChildAndParentExceptionCaughtCheck extends PythonSubscriptionCheck {
+  @Override
+  public void initialize(Context context) {
+    context.registerSyntaxNodeConsumer(Tree.Kind.EXCEPT_CLAUSE, ctx -> {
+      ExceptClause exceptClause = (ExceptClause) ctx.syntaxNode();
+      Map<ClassSymbol, List<Expression>> caughtExceptionsBySymbol = new HashMap<>();
+      Expression exceptionExpression = exceptClause.exception();
+      if (exceptionExpression == null) {
+        return;
+      }
+      TreeUtils.flattenTuples(exceptionExpression).forEach(e -> addExceptionExpression(e, caughtExceptionsBySymbol));
+      checkCaughtExceptions(ctx, caughtExceptionsBySymbol);
+    });
+  }
+
+  private static void checkCaughtExceptions(SubscriptionContext ctx, Map<ClassSymbol, List<Expression>> caughtExceptionsBySymbol) {
+    caughtExceptionsBySymbol.forEach((currentSymbol, caughtExceptionsWithSameSymbol) -> {
+      Expression currentException = caughtExceptionsWithSameSymbol.get(0);
+      if (caughtExceptionsWithSameSymbol.size() > 1) {
+        PreciseIssue issue = ctx.addIssue(currentException, "Remove this duplicate Exception class.");
+        caughtExceptionsWithSameSymbol.stream().skip(1).forEach(e -> issue.secondary(e, null));
+      }
+      PreciseIssue issue = null;
+      for (Map.Entry<ClassSymbol, List<Expression>> otherEntry : caughtExceptionsBySymbol.entrySet()) {
+        ClassSymbol comparedSymbol = otherEntry.getKey();
+        if (currentSymbol != comparedSymbol && currentSymbol.isOrExtends(comparedSymbol)) {
+          if (issue == null) {
+            issue = ctx.addIssue(currentException, "Remove this redundant Exception class; it derives from another which is already caught.");
+          }
+          addSecondaryLocations(issue, otherEntry.getValue());
+        }
+      }
+    });
+  }
+
+  private static void addExceptionExpression(Expression exceptionExpression, Map<ClassSymbol, List<Expression>> caughtExceptionsByFQN) {
+    if (exceptionExpression instanceof HasSymbol) {
+      Symbol symbol = ((HasSymbol) exceptionExpression).symbol();
+      if (symbol != null && symbol.kind().equals(Symbol.Kind.CLASS)) {
+        ClassSymbol classSymbol = (ClassSymbol) symbol;
+        caughtExceptionsByFQN.computeIfAbsent(classSymbol, k -> new ArrayList<>()).add(exceptionExpression);
+      }
+    }
+  }
+
+  private static void addSecondaryLocations(PreciseIssue issue, List<Expression> others) {
+    for (Expression other : others) {
+      issue.secondary(other, null);
+    }
+  }
+}
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S5713.html b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S5713.html
@@ -0,0 +1,29 @@
+<p>Repeating an exception class in a single <code>except</code> statement will not fail but it is not what the developer intended. Either the class is
+not the one which should be caught, or this is dead code.</p>
+<p>Having a subclass and a parent class in the same <code>except</code> statement is also useless. It is enough to keep only the parent class.</p>
+<p>This rule raises an issue when an exception class is duplicated in an <code>except</code> statement, or when an exception class has a parent class
+in the same <code>except</code> statement.</p>
+<h2>Noncompliant Code Example</h2>
+<pre>
+try:
+    raise NotImplementedError()
+except (NotImplementedError, RuntimeError):  # Noncompliant. NotImplementedError inherits from RuntimeError
+    print("Foo")
+
+try:
+    raise NotImplementedError()
+except (RuntimeError, RuntimeError):  # Noncompliant.
+    print("Foo")
+</pre>
+<h2>Compliant Solution</h2>
+<pre>
+try:
+    raise NotImplementedError()
+except RuntimeError:
+    print("Foo")
+</pre>
+<h2>See</h2>
+<ul>
+  <li> Python Documentation - <a href="https://docs.python.org/3/tutorial/errors.html#handling-exceptions">Handling Exceptions</a> </li>
+</ul>
+
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S5713.json b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S5713.json
@@ -0,0 +1,12 @@
+{
+  "title": "A subclass should not be in the same \"except\" statement as a parent class",
+  "type": "CODE_SMELL",
+  "status": "ready",
+  "tags": [
+    "unused"
+  ],
+  "defaultSeverity": "Major",
+  "ruleSpecification": "RSPEC-5713",
+  "sqKey": "S5713",
+  "scope": "All"
+}
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/Sonar_way_profile.json b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/Sonar_way_profile.json
@@ -86,6 +86,7 @@
     "S5707",
     "S5708",
     "S5712",
+    "S5713",
     "S5714",
     "S5727",
     "S5747"
diff --git a/python-checks/src/test/java/org/sonar/python/checks/ChildAndParentExceptionCaughtCheckTest.java b/python-checks/src/test/java/org/sonar/python/checks/ChildAndParentExceptionCaughtCheckTest.java
@@ -0,0 +1,32 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2020 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.python.checks;
+
+import org.junit.Test;
+import org.sonar.python.checks.utils.PythonCheckVerifier;
+
+public class ChildAndParentExceptionCaughtCheckTest {
+
+  @Test
+  public void test() {
+    PythonCheckVerifier.verify("src/test/resources/checks/childAndParentExceptionCaughtCheck.py", new ChildAndParentExceptionCaughtCheck());
+  }
+
+}
diff --git a/python-checks/src/test/resources/checks/childAndParentExceptionCaughtCheck.py b/python-checks/src/test/resources/checks/childAndParentExceptionCaughtCheck.py
@@ -0,0 +1,56 @@
+def child_with_parent():
+  try:
+      raise NotImplementedError()
+  except (NotImplementedError, RuntimeError):  # Noncompliant {{Remove this redundant Exception class; it derives from another which is already caught.}}
+  #       ^^^^^^^^^^^^^^^^^^^  ^^^^^^^^^^^^<
+      print("Foo")
+
+def parent_with_child():
+    try:
+        raise NotImplementedError()
+    except (RuntimeError, NotImplementedError):  # Noncompliant {{Remove this redundant Exception class; it derives from another which is already caught.}}
+        #   ^^^^^^^^^^^^> ^^^^^^^^^^^^^^^^^^^
+        print("Foo")
+
+
+def duplicate_exception_caught():
+  try:
+      raise NotImplementedError()
+  except (RuntimeError, RuntimeError):  # Noncompliant {{Remove this duplicate Exception class.}}
+#         ^^^^^^^^^^^^  ^^^^^^^^^^^^<
+      print("Foo")
+
+def multiple_parents():
+  try:
+      raise NotImplementedError()
+  except (UnicodeDecodeError, UnicodeError, ValueError):  # Noncompliant 2
+      print("Foo")
+
+def duplicate_and_parent_with_child():
+  try:
+      raise NotImplementedError()
+  except (RuntimeError, NotImplementedError, RuntimeError):  # Noncompliant 2
+      print("Foo")
+
+def python2_supports_nested_tuples():
+    try:
+        ...
+    except (ValueError, (RuntimeError, NotImplementedError)): # Noncompliant
+        ...
+
+def compliant():
+  try:
+    raise NotImplementedError()
+  except RuntimeError:
+    print("Foo")
+def unknown():
+  def method():
+    pass
+  try:
+    raise ValueError()
+  except ((A | B), C):
+    pass
+  except (method, Exception):
+    pass
+  except:
+    pass
diff --git a/python-frontend/src/main/java/org/sonar/plugins/python/api/symbols/ClassSymbol.java b/python-frontend/src/main/java/org/sonar/plugins/python/api/symbols/ClassSymbol.java
@@ -36,4 +36,7 @@ public interface ClassSymbol extends Symbol {
 
   @Beta
   boolean isOrExtends(String fullyQualifiedClassName);
+
+  @Beta
+  boolean isOrExtends(ClassSymbol other);
 }
diff --git a/python-frontend/src/main/java/org/sonar/python/semantic/ClassSymbolImpl.java b/python-frontend/src/main/java/org/sonar/python/semantic/ClassSymbolImpl.java
@@ -27,6 +27,7 @@
 import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Objects;
 import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
@@ -111,6 +112,12 @@ public boolean isOrExtends(String fullyQualifiedClassName) {
     return allSuperClasses().stream().anyMatch(c -> fullyQualifiedClassName.equals(c.fullyQualifiedName()));
   }
 
+  @Override
+  public boolean isOrExtends(ClassSymbol other) {
+    // TODO there should be only 1 class with a given fullyQualifiedName when analyzing a python file
+    return allSuperClasses().stream().anyMatch(c -> Objects.equals(c.fullyQualifiedName(), other.fullyQualifiedName()));
+  }
+
   private Map<String, Symbol> membersByName() {
     if (membersByName == null) {
       membersByName = declaredMembers().stream().collect(Collectors.toMap(Symbol::name, m -> m, (s1, s2) -> s1));
diff --git a/python-frontend/src/test/java/org/sonar/python/semantic/ClassSymbolImplTest.java b/python-frontend/src/test/java/org/sonar/python/semantic/ClassSymbolImplTest.java
@@ -132,5 +132,11 @@ public void isOrExtends() {
     assertThat(a.isOrExtends("mod1.a")).isTrue();
     assertThat(a.isOrExtends("mod2.b")).isTrue();
     assertThat(a.isOrExtends("mod2.x")).isFalse();
+
+    assertThat(a.isOrExtends(a)).isTrue();
+    assertThat(a.isOrExtends(b)).isTrue();
+    assertThat(b.isOrExtends(a)).isFalse();
+    ClassSymbolImpl c = new ClassSymbolImpl("c", "mod2.c");
+    assertThat(a.isOrExtends(c)).isFalse();
   }
 }

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +{
 +'project:django-2.2.3/django/template/defaultfilters.py':[
 +816,
 +],
 +}
Original file line number	Diff line number	Diff line change
`@@ -36,4 +36,7 @@ public interface ClassSymbol extends Symbol {`
`36`	`36`
`37`	`37`	`@Beta`
`38`	`38`	`boolean isOrExtends(String fullyQualifiedClassName);`
	`39`	`+`
	`40`	`+ @Beta`
	`41`	`+ boolean isOrExtends(ClassSymbol other);`
`39`	`42`	`}`