SONARPY-141 Rule: Identical expressions should not be used on both sides of a binary operator (SonarSource#62)

mpaladin · ivandalbosco · commit 7471867b5d6f · 2016-12-30T13:06:23.000+01:00
* SONARPY-141 Rule: Identical expressions should not be used on both sides of a binary operator

* correct message, add test
diff --git a/its/ruling/src/test/resources/expected/python-S1764.json b/its/ruling/src/test/resources/expected/python-S1764.json
@@ -0,0 +1,95 @@
+{
+'project:buildbot-slave-0.8.6p1/buildslave/commands/svn.py':[
+184,
+],
+'project:django-1.4/django/contrib/gis/gdal/tests/test_geom.py':[
+36,
+],
+'project:django-1.4/django/contrib/gis/tests/test_measure.py':[
+155,
+313,
+],
+'project:django-1.4/django/forms/fields.py':[
+304,
+],
+'project:django-1.4/django/template/defaultfilters.py':[
+103,
+],
+'project:django-1.4/django/utils/simplejson/encoder.py':[
+224,
+],
+'project:django-1.4/tests/modeltests/many_to_one/tests.py':[
+412,
+],
+'project:django-1.4/tests/regressiontests/defaultfilters/tests.py':[
+55,
+],
+'project:django-1.4/tests/regressiontests/m2m_regress/tests.py':[
+86,
+87,
+],
+'project:django-1.4/tests/regressiontests/queries/tests.py':[
+187,
+],
+'project:tornado-2.3/demos/appengine/markdown.py':[
+375,
+],
+'project:tornado-2.3/demos/blog/markdown.py':[
+375,
+],
+'project:tornado-2.3/tornado/test/simple_httpclient_test.py':[
+120,
+],
+'project:twisted-12.1.0/twisted/internet/test/test_address.py':[
+27,
+28,
+],
+'project:twisted-12.1.0/twisted/internet/test/test_base.py':[
+211,
+212,
+224,
+225,
+236,
+237,
+249,
+250,
+260,
+261,
+271,
+272,
+],
+'project:twisted-12.1.0/twisted/manhole/explorer.py':[
+26,
+],
+'project:twisted-12.1.0/twisted/names/test/test_dns.py':[
+940,
+943,
+],
+'project:twisted-12.1.0/twisted/python/test/test_constants.py':[
+54,
+55,
+],
+'project:twisted-12.1.0/twisted/python/test/test_util.py':[
+572,
+573,
+575,
+576,
+585,
+596,
+],
+'project:twisted-12.1.0/twisted/python/test/test_versions.py':[
+75,
+84,
+],
+'project:twisted-12.1.0/twisted/test/test_internet.py':[
+670,
+],
+'project:twisted-12.1.0/twisted/test/test_paths.py':[
+974,
+976,
+987,
+],
+'project:twisted-12.1.0/twisted/trial/test/test_testcase.py':[
+37,
+],
+}
diff --git a/its/ruling/src/test/resources/profile.xml b/its/ruling/src/test/resources/profile.xml
@@ -265,5 +265,10 @@
       <key>S2772</key>
       <priority>INFO</priority>
     </rule>
+    <rule>
+      <repositoryKey>python</repositoryKey>
+      <key>S1764</key>
+      <priority>INFO</priority>
+    </rule>
   </rules>
 </profile>
diff --git a/python-checks/src/main/java/org/sonar/python/checks/CheckList.java b/python-checks/src/main/java/org/sonar/python/checks/CheckList.java
@@ -81,6 +81,7 @@ public static Iterable<Class> getChecks() {
         TooManyReturnsCheck.class,
         NeedlessPassCheck.class,
         AfterJumpStatementCheck.class,
+        IdenticalExpressionOnBinaryOperatorCheck.class,
         MethodShouldBeStaticCheck.class
     );
   }
diff --git a/python-checks/src/main/java/org/sonar/python/checks/IdenticalExpressionOnBinaryOperatorCheck.java b/python-checks/src/main/java/org/sonar/python/checks/IdenticalExpressionOnBinaryOperatorCheck.java
@@ -0,0 +1,77 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.python.checks;
+
+import com.google.common.collect.ImmutableList;
+import com.sonar.sslr.api.AstNode;
+import org.sonar.check.Priority;
+import org.sonar.check.Rule;
+import org.sonar.python.PythonCheck;
+import org.sonar.python.api.PythonGrammar;
+import org.sonar.squidbridge.annotations.ActivatedByDefault;
+import org.sonar.squidbridge.annotations.SqaleConstantRemediation;
+
+import java.util.List;
+
+@Rule(
+  key = "S1764",
+  name = "Identical expressions should not be used on both sides of a binary operator",
+  priority = Priority.MAJOR,
+  tags = {Tags.BUG, Tags.CERT})
+@SqaleConstantRemediation("2min")
+@ActivatedByDefault
+public class IdenticalExpressionOnBinaryOperatorCheck extends PythonCheck {
+
+  private static final List<String> EXCLUDED_OPERATOR_TYPES = ImmutableList.of(
+    "*",
+    "+"
+  );
+
+  @Override
+  public void init() {
+    subscribeTo(
+      PythonGrammar.M_EXPR,
+      PythonGrammar.A_EXPR,
+      PythonGrammar.SHIFT_EXPR,
+      PythonGrammar.AND_EXPR,
+      PythonGrammar.XOR_EXPR,
+      PythonGrammar.OR_EXPR,
+      PythonGrammar.COMPARISON,
+      PythonGrammar.OR_TEST,
+      PythonGrammar.AND_TEST
+    );
+  }
+
+  @Override
+  public void visitNode(AstNode expression) {
+    List<AstNode> children = expression.getChildren();
+    AstNode leftOperand = children.get(0);
+    String operator = children.get(1).getTokenValue();
+    AstNode rightOperand = children.get(2);
+    if (!EXCLUDED_OPERATOR_TYPES.contains(operator) && CheckUtils.equalNodes(leftOperand, rightOperand) && !isLeftShiftBy1(leftOperand, operator)) {
+      addIssue(rightOperand, "Correct one of the identical sub-expressions on both sides of operator \"" + operator + "\".")
+        .secondary(leftOperand, "");
+    }
+  }
+
+  private static boolean isLeftShiftBy1(AstNode leftOperand, String operator) {
+    return "<<".equals(operator) && "1".equals(leftOperand.getTokenValue());
+  }
+}
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1764.html b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S1764.html
@@ -0,0 +1,51 @@
+<p>
+  Using the same value on either side of a binary operator is almost always a mistake. In the case of logical operators, it is either a copy/paste
+  error and therefore a bug, or it is simply wasted code, and should be simplified. In the case of bitwise operators and most binary mathematical
+  operators, having the same value on both sides of an operator yields predictable results, and should be simplified.
+</p>
+
+<p>This rule ignores <code>*</code>, <code>+</code>, and <code>=</code>.</p>
+
+<h2>Noncompliant Code Example</h2>
+<pre>
+if a == a: # Noncompliant
+    work()
+
+if  a != a: # Noncompliant
+    work()
+
+if  a == b and a == b: # Noncompliant
+    work()
+
+if a == b or a == b: # Noncompliant
+    work()
+
+j = 5 / 5 # Noncompliant
+k = 5 - 5 # Noncompliant
+</pre>
+
+<h2>Compliant Solution</h2>
+<pre>
+work()
+
+if  a == b:
+    work()
+
+if a == b:
+    work()
+
+j = 1
+k = 0
+</pre>
+
+<h2>Exceptions</h2>
+<p>The following are ignored:</p>
+<ul>
+  <li> The expression <code>1 &lt;&lt; 1</code> </li>
+</ul>
+<h2>See</h2>
+<ul>
+  <li> <a href="https://www.securecoding.cert.org/confluence/x/NYA5">CERT, MSC12-C.</a> - Detect and remove code that has no effect or is never
+    executed </li>
+  <li> <a href="https://www.securecoding.cert.org/confluence/x/SIIyAQ">CERT, MSC12-CPP.</a> - Detect and remove code that has no effect </li>
+</ul>
diff --git a/python-checks/src/test/java/org/sonar/python/checks/IdenticalExpressionOnBinaryOperatorCheckTest.java b/python-checks/src/test/java/org/sonar/python/checks/IdenticalExpressionOnBinaryOperatorCheckTest.java
@@ -0,0 +1,32 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.python.checks;
+
+import org.junit.Test;
+import org.sonar.python.checks.utils.PythonCheckVerifier;
+
+public class IdenticalExpressionOnBinaryOperatorCheckTest {
+
+  @Test
+  public void test() {
+    PythonCheckVerifier.verify("src/test/resources/checks/identicalExpressionOnBinaryOperator.py", new IdenticalExpressionOnBinaryOperatorCheck());
+  }
+
+}
diff --git a/python-checks/src/test/resources/checks/identicalExpressionOnBinaryOperator.py b/python-checks/src/test/resources/checks/identicalExpressionOnBinaryOperator.py
@@ -0,0 +1,42 @@
+a = 1
+b = 1
+
+def work():
+    pass
+
+if a == a: # Noncompliant [[secondary=+0;sc=9;ec=10]] {{Correct one of the identical sub-expressions on both sides of operator "==".}}
+#       ^
+    work()
+
+if  a != \
+        a: # Noncompliant [[secondary=-1;sc=9;ec=10]]
+    work()
+
+if  a == b and a == b: # Noncompliant
+    work()
+
+if a == b or a == b: # Noncompliant
+#            ^^^^^^
+    work()
+
+j = 5 / 5 # Noncompliant
+k = 5 - 5 # Noncompliant
+l = 5 + 5
+m = 5 * 5
+n = 3 << 3 # Noncompliant
+o = 3 & 3 # Noncompliant
+p = 3 ^ 3 # Noncompliant
+q = 3 | 3 # Noncompliant
+r = 3 and 3 # Noncompliant
+s = 3 or 3 # Noncompliant
+c1 = 3 < 3 # Noncompliant
+c2 = 3 <= 3 # Noncompliant
+c3 = 3 > 3 # Noncompliant
+c4 = 3 >= 3 # Noncompliant
+c5 = 3 <> 3 # Noncompliant
+c6 = 3 is 3 # Noncompliant
+c7 = 3 is not 3 # Noncompliant
+c8 = 3 not in 3 # Noncompliant
+c9 = 3 in 3 # Noncompliant
+exclusion = 1 << 1
+exclusion2 = (a * b) << 1
diff --git a/sonar-python-plugin/src/test/java/org/sonar/plugins/python/PythonRuleRepositoryTest.java b/sonar-python-plugin/src/test/java/org/sonar/plugins/python/PythonRuleRepositoryTest.java
@@ -42,7 +42,7 @@ public void createRulesTest() {
 
     List<RulesDefinition.Rule> rules = repository.rules();
     assertThat(rules).isNotNull();
-    assertThat(rules).hasSize(50);
+    assertThat(rules).hasSize(51);
   }
 
 }

Original file line number	Diff line number	Diff line change
`@@ -81,6 +81,7 @@ public static Iterable<Class> getChecks() {`
`81`	`81`	`TooManyReturnsCheck.class,`
`82`	`82`	`NeedlessPassCheck.class,`
`83`	`83`	`AfterJumpStatementCheck.class,`
	`84`	`+ IdenticalExpressionOnBinaryOperatorCheck.class,`
`84`	`85`	`MethodShouldBeStaticCheck.class`
`85`	`86`	`);`
`86`	`87`	`}`
Original file line number	Diff line number	Diff line change
`@@ -42,7 +42,7 @@ public void createRulesTest() {`
`42`	`42`
`43`	`43`	`List<RulesDefinition.Rule> rules = repository.rules();`
`44`	`44`	`assertThat(rules).isNotNull();`
`45`		`- assertThat(rules).hasSize(50);`
	`45`	`+ assertThat(rules).hasSize(51);`
`46`	`46`	`}`
`47`	`47`
`48`	`48`	`}`