SONARJAVA-4972 S1118 Fix FPs on Lombok annotations in automatic analysis

its/autoscan/src/test/java/org/sonar/java/it/AutoScanTest.java

@@ -195,7 +195,7 @@ public void javaCheckTestSources() throws Exception {
     SoftAssertions softly = new SoftAssertions();
     softly.assertThat(newDiffs).containsExactlyInAnyOrderElementsOf(knownDiffs.values());
     softly.assertThat(newTotal).isEqualTo(knownTotal);
-    softly.assertThat(rulesCausingFPs).hasSize(9);
+    softly.assertThat(rulesCausingFPs).hasSize(8);
     softly.assertThat(rulesNotReporting).hasSize(11);
 
     /**

its/autoscan/src/test/resources/autoscan/diffs/diff_S1118.json

@@ -2,5 +2,5 @@
   "ruleKey": "S1118",
   "hasTruePositives": true,
   "falseNegatives": 0,
-  "falsePositives": 3
+  "falsePositives": 0
 }

java-checks-test-sources/default/src/main/java/checks/UtilityClassWithPublicConstructorCheckSample.java

@@ -18,31 +18,49 @@ public static void foo() {
   }
 
   @NoArgsConstructor(access = AccessLevel.PRIVATE, force = true)
-  class LombokClass1 { // Compliant, a private constructor will be generated
+  class LombokClassNoArgsPrivate { // Compliant, a private constructor will be generated
     public static void foo() {
     }
   }
 
   @NoArgsConstructor(access = AccessLevel.PUBLIC)
-  class LombokClass2 { // Noncompliant
+  class LombokClassNoArgsPublic { // Noncompliant
+    public static void foo() {
+    }
+  }
+
+  @NoArgsConstructor(access = AccessLevel.NONE)
+  class LombokClassNoArgsNone { // Compliant
+    public static void foo() {
+    }
+  }
+
+  @lombok.NoArgsConstructor(access = AccessLevel.PUBLIC)
+  class LombokClassFullyQualifiedNoArgsPublic { // Noncompliant
     public static void foo() {
     }
   }
 
   @NoArgsConstructor(force = true)
-  class LombokClass6 { // Noncompliant
+  class LombokClassNoArgs { // Noncompliant
     public static void foo() {
     }
   }
 
   @AllArgsConstructor(access = PRIVATE)
-  class LombokClass3 { // Compliant, a private constructor will be generated
+  class LombokClassAllArgsPrivate { // Compliant, a private constructor will be generated
+    public static void foo() {
+    }
+  }
+
+  @lombok.AllArgsConstructor(access = PRIVATE)
+  class LombokClassFullyQualifiedAllArgsPrivate { // Compliant, a private constructor will be generated
     public static void foo() {
     }
   }
 
   @RequiredArgsConstructor(access = PRIVATE)
-  class LombokClass4 { // Compliant, a private constructor will be generated
+  class LombokClassRequiresPrivate { // Compliant, a private constructor will be generated
     public static void foo() {
     }
   }
@@ -205,4 +223,24 @@ public static checks.MySingleton getInstance() {
     }
   }
 
+  static class CustomLombokLikeAnnotation {
+    // Custom Lombok-like annotation.
+    @interface NoArgsConstructor {
+      AccessLevel access() default AccessLevel.PUBLIC;
+    }
+
+    // This one is tricky - the annotation is not the real one, so it is noncompliant.
+    @NoArgsConstructor(access = AccessLevel.PRIVATE)
+    class CustomPrivate { // Noncompliant
+      public static void foo() {
+      }
+    }
+
+    @NoArgsConstructor(access = AccessLevel.PUBLIC)
+    class CustomPublic { // Noncompliant
+      public static void foo() {
+      }
+    }
+  }
+
 }

java-checks/src/main/java/org/sonar/java/checks/UtilityClassWithPublicConstructorCheck.java

@@ -19,10 +19,13 @@
 import java.util.Collections;
 import java.util.List;
 import java.util.Set;
+import java.util.stream.Collectors;
 import org.sonar.check.Rule;
+import org.sonar.java.checks.helpers.AnnotationsHelper;
 import org.sonar.java.checks.helpers.ClassPatternsUtils;
 import org.sonar.java.model.ModifiersUtils;
 import org.sonar.plugins.java.api.IssuableSubscriptionVisitor;
+import org.sonar.plugins.java.api.semantic.Type;
 import org.sonar.plugins.java.api.tree.AnnotationTree;
 import org.sonar.plugins.java.api.tree.AssignmentExpressionTree;
 import org.sonar.plugins.java.api.tree.ClassTree;
@@ -36,11 +39,19 @@
 @Rule(key = "S1118")
 public class UtilityClassWithPublicConstructorCheck extends IssuableSubscriptionVisitor {
 
+  /**
+   * See also {@link org.sonar.java.filters.LombokFilter}.
+   */
   private static final Set<String> LOMBOK_CONSTRUCTOR_GENERATORS = Set.of(
     "lombok.NoArgsConstructor",
     "lombok.AllArgsConstructor",
     "lombok.RequiredArgsConstructor");
 
+  private static final Set<String> LOMBOK_CONSTRUCTOR_GENERATOR_NAMES =
+    LOMBOK_CONSTRUCTOR_GENERATORS.stream()
+      .map(AnnotationsHelper::annotationTypeIdentifier)
+      .collect(Collectors.toSet());
+
   @Override
   public List<Tree.Kind> nodesToVisit() {
     return Collections.singletonList(Tree.Kind.CLASS);
@@ -84,11 +95,17 @@ private static boolean hasPublicModifier(MethodTree methodTree) {
   }
 
   private static boolean hasCompliantGeneratedConstructors(ClassTree classTree) {
-    return classTree.modifiers().annotations().stream().anyMatch(it -> isLombokConstructorGenerator(it) && !hasPublicAccess(it));
+    return classTree.modifiers().annotations().stream()
+      .anyMatch(it -> isLombokConstructorGenerator(it.symbolType()) && !hasPublicAccess(it));
   }
 
-  private static boolean isLombokConstructorGenerator(AnnotationTree annotation) {
-    return LOMBOK_CONSTRUCTOR_GENERATORS.contains(annotation.annotationType().symbolType().fullyQualifiedName());
+  private static boolean isLombokConstructorGenerator(Type symbolType) {
+    // This happens in automatic analysis. We match only the last part of the name.
+    if (symbolType.isUnknown()) {
+      return LOMBOK_CONSTRUCTOR_GENERATOR_NAMES.contains(symbolType.name());
+    }
+
+    return LOMBOK_CONSTRUCTOR_GENERATORS.contains(symbolType.fullyQualifiedName());
   }
 
   private static boolean hasPublicAccess(AnnotationTree annotation) {

java-checks/src/test/java/org/sonar/java/checks/UtilityClassWithPublicConstructorCheckTest.java

@@ -30,4 +30,13 @@ void test() {
       .withCheck(new UtilityClassWithPublicConstructorCheck())
       .verifyIssues();
   }
+
+  @Test
+  void test_without_semantic() {
+    CheckVerifier.newVerifier()
+      .onFile(mainCodeSourcesPath("checks/UtilityClassWithPublicConstructorCheckSample.java"))
+      .withCheck(new UtilityClassWithPublicConstructorCheck())
+      .withoutSemantic()
+      .verifyIssues();
+  }
 }