20

When I am scanning code with sonar lint the following code shows the bug as "Method has 8 parameters, which is greater than 7 authorized"

@PutMapping("/something")
public List<SomeList> updateSomeThing(@PathVariable final SomeCode code,
                                            @PathVariable final SomeId id, 
                                            @PathVariable final String testId,
                                            @PathVariable final String itemId,
                                            @RequestBody final List<Test> someList,
                                            @RequestHeader("test") final String testHeader,
                                            final HttpServletRequest request,
                                            final SomeHeaders someHeaders)

Note: This is a controller method we can not skip any parameters

FYI: Eclipse showing a quick fix as squid:S00107

Anybody have any idea how to resolve this bug?

Baji Shaik
  • 1,022
  • 2
  • 10
  • 14

3 Answers3

19

There are two things to consider here.

  1. You can adjust this rule in Sonar and increase the number of authorized parameters. Say put it 10 instead of default (?) 7.

UPD: the advice below is based on the old question version. It might be not applicable to the new question context any more.

  1. But generally you should reconsider your method interface. Having many arguments means that something can be wrong in your architecture and the Single responsibility principle might be broken.

Say in your particular example, I would expect, that you can have an aggregate class Order:

public class Order {
   private CountryCode countryCode;
   private String orderId;
   private User user;
   private String orderId;
   private String item;
   private List<Person> persons;
   private ShippingAddress address;
   private PaymentMethod payment;
   private Product product;
   // ...
}

Which is much logical to manage instead of dealing with many parameters. Then your issues will be solved automatically:

@GetMapping
public void updateSomething(Order order) { ... }
Andremoniy
  • 34,031
  • 20
  • 135
  • 241
  • Mark Seemann has a nice article discussing this in more detail: https://blog.ploeh.dk/2010/02/02/RefactoringtoAggregateServices – openshac Mar 07 '19 at 09:56
3

This is an enhancement required to the default rules configured in sonar. According to sonar rules the method annotated with @RequestMapping is not bound to above rules of "Methods should not have more than 7 parameters". Please find the screenshot calling the exception.Sonar screenshot stating the exception

According to sonar, "Methods annotated with Spring's @RequestMapping may have a lot of parameters, encapsulation being possible. Such methods are therefore ignored."

But sonar rules were not upgraded to skip the @POSTMapping, @PutMapping etc.. when spring introduced them. Ideally they are child implementations of @RequestMapping. The rules applicable to @RequestMapping should also apply to these.

Am planning to raise a ticket with SONAR on this. Will update the link once created.

For now you can edit your sonar rules or ignore these for now until sonar provides a solution part of their default ruleset.

srinivasan Y
  • 51
  • 4
3

In general this is a good rule. You should refactor to a Parameter Object or a Builder. However, I tend to ignore this rule when it concerns the creation of a domain model object (like an @Entity) or an immutable object where values are only passed in via the constructor.

Coen Damen
  • 2,009
  • 5
  • 29
  • 51