View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2017 The OWASP Foundation. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck;
19  
20  import static org.hamcrest.core.Is.is;
21  import static org.junit.Assert.assertFalse;
22  import static org.junit.Assert.assertTrue;
23  
24  import java.io.File;
25  import java.io.FileNotFoundException;
26  import java.net.URISyntaxException;
27  import java.util.HashMap;
28  import java.util.Map;
29  
30  import org.apache.commons.cli.ParseException;
31  import org.apache.commons.cli.UnrecognizedOptionException;
32  import static org.hamcrest.MatcherAssert.assertThat;
33  import org.junit.Assert;
34  import org.junit.Test;
35  import org.owasp.dependencycheck.utils.InvalidSettingException;
36  import org.owasp.dependencycheck.utils.Settings;
37  import org.owasp.dependencycheck.utils.Settings.KEYS;
38  
39  /**
40   * Tests for the {@link AppTest} class.
41   */
42  public class AppTest extends BaseTest {
43  
44      /**
45       * Test of ensureCanonicalPath method, of class App.
46       */
47      @Test
48      public void testEnsureCanonicalPath() {
49          String file = "../*.jar";
50          App instance = new App(getSettings());
51          String result = instance.ensureCanonicalPath(file);
52          assertFalse(result.contains(".."));
53          assertTrue(result.endsWith("*.jar"));
54  
55          file = "../some/skip/../path/file.txt";
56          String expResult = "/some/path/file.txt";
57          result = instance.ensureCanonicalPath(file);
58          assertTrue("result=" + result, result.endsWith(expResult));
59      }
60  
61      /**
62       * Assert that properties can be set on the CLI and parsed into the
63       * {@link Settings}.
64       *
65       * @throws Exception the unexpected {@link Exception}.
66       */
67      @Test
68      public void testPopulateSettings() throws Exception {
69          File prop = new File(this.getClass().getClassLoader().getResource("sample.properties").toURI().getPath());
70          String[] args = {"-P", prop.getAbsolutePath()};
71          Map<String, Boolean> expected = new HashMap<>();
72          expected.put(Settings.KEYS.AUTO_UPDATE, Boolean.FALSE);
73          expected.put(Settings.KEYS.ANALYZER_ARCHIVE_ENABLED, Boolean.TRUE);
74  
75          assertTrue(testBooleanProperties(args, expected));
76  
77          String[] args2 = {"-n"};
78          expected.put(Settings.KEYS.AUTO_UPDATE, Boolean.FALSE);
79          expected.put(Settings.KEYS.ANALYZER_ARCHIVE_ENABLED, Boolean.TRUE);
80          assertTrue(testBooleanProperties(args2, expected));
81  
82          String[] args3 = {"-h"};
83          expected.put(Settings.KEYS.AUTO_UPDATE, Boolean.TRUE);
84          expected.put(Settings.KEYS.ANALYZER_ARCHIVE_ENABLED, Boolean.TRUE);
85          assertTrue(testBooleanProperties(args3, expected));
86  
87          String[] args4 = {"--disableArchive"};
88          expected.put(Settings.KEYS.AUTO_UPDATE, Boolean.TRUE);
89          expected.put(Settings.KEYS.ANALYZER_ARCHIVE_ENABLED, Boolean.FALSE);
90          assertTrue(testBooleanProperties(args4, expected));
91  
92          String[] args5 = {"-P", prop.getAbsolutePath(), "--disableArchive"};
93          expected.put(Settings.KEYS.AUTO_UPDATE, Boolean.FALSE);
94          expected.put(Settings.KEYS.ANALYZER_ARCHIVE_ENABLED, Boolean.FALSE);
95          assertTrue(testBooleanProperties(args5, expected));
96  
97          prop = new File(this.getClass().getClassLoader().getResource("sample2.properties").toURI().getPath());
98          String[] args6 = {"-P", prop.getAbsolutePath(), "--disableArchive"};
99          expected.put(Settings.KEYS.AUTO_UPDATE, Boolean.TRUE);
100         expected.put(Settings.KEYS.ANALYZER_ARCHIVE_ENABLED, Boolean.FALSE);
101         assertTrue(testBooleanProperties(args6, expected));
102 
103         String[] args7 = {"-P", prop.getAbsolutePath(), "--noupdate"};
104         expected.put(Settings.KEYS.AUTO_UPDATE, Boolean.FALSE);
105         expected.put(Settings.KEYS.ANALYZER_ARCHIVE_ENABLED, Boolean.FALSE);
106         assertTrue(testBooleanProperties(args7, expected));
107 
108         String[] args8 = {"-P", prop.getAbsolutePath(), "--noupdate", "--disableArchive"};
109         expected.put(Settings.KEYS.AUTO_UPDATE, Boolean.FALSE);
110         expected.put(Settings.KEYS.ANALYZER_ARCHIVE_ENABLED, Boolean.FALSE);
111         assertTrue(testBooleanProperties(args8, expected));
112     }
113 
114     /**
115      * Assert that an {@link UnrecognizedOptionException} is thrown when a
116      * property that is not supported is specified on the CLI.
117      *
118      * @throws Exception the unexpected {@link Exception}.
119      */
120     @Test
121     public void testPopulateSettingsException() throws Exception {
122         String[] args = {"-invalidPROPERTY"};
123         Exception exception = Assert.assertThrows(UnrecognizedOptionException.class, () -> testBooleanProperties(args, null));
124         Assert.assertTrue(exception.getMessage().contains("Unrecognized option: -invalidPROPERTY"));
125     }
126 
127     /**
128      * Assert that a single suppression file can be set using the CLI.
129      *
130      * @throws Exception the unexpected {@link Exception}.
131      */
132     @Test
133     public void testPopulatingSuppressionSettingsWithASingleFile() throws Exception {
134         // GIVEN CLI properties with the mandatory arguments
135         File prop = new File(this.getClass().getClassLoader().getResource("sample.properties").toURI().getPath());
136 
137         // AND a single suppression file
138         String[] args = {"-P", prop.getAbsolutePath(), "--suppression", "another-file.xml"};
139 
140         // WHEN parsing the CLI arguments
141         final CliParser cli = new CliParser(getSettings());
142         cli.parse(args);
143         final App classUnderTest = new App(getSettings());
144         classUnderTest.populateSettings(cli);
145 
146         // THEN the suppression file is set in the settings for use in the application core
147         String[] suppressionFiles = getSettings().getArray(KEYS.SUPPRESSION_FILE);
148         assertThat("Expected the suppression file to be set in the Settings", suppressionFiles[0], is("another-file.xml"));
149     }
150 
151     /**
152      * Assert that multiple suppression files can be set using the CLI.
153      *
154      * @throws Exception the unexpected {@link Exception}.
155      */
156     @Test
157     public void testPopulatingSuppressionSettingsWithMultipleFiles() throws Exception {
158         // GIVEN CLI properties with the mandatory arguments
159         File prop = new File(this.getClass().getClassLoader().getResource("sample.properties").toURI().getPath());
160 
161         // AND a single suppression file
162         String[] args = {"-P", prop.getAbsolutePath(), "--suppression", "first-file.xml", "--suppression", "another-file.xml"};
163 
164         // WHEN parsing the CLI arguments
165         final CliParser cli = new CliParser(getSettings());
166         cli.parse(args);
167         final App classUnderTest = new App(getSettings());
168         classUnderTest.populateSettings(cli);
169 
170         // THEN the suppression file is set in the settings for use in the application core
171         assertThat("Expected the suppression files to be set in the Settings with a separator", getSettings().getString(KEYS.SUPPRESSION_FILE), is("[\"first-file.xml\",\"another-file.xml\"]"));
172     }
173 
174 
175     private boolean testBooleanProperties(String[] args, Map<String, Boolean> expected) throws URISyntaxException, FileNotFoundException, ParseException, InvalidSettingException {
176         this.reloadSettings();
177         final CliParser cli = new CliParser(getSettings());
178         cli.parse(args);
179         App instance = new App(getSettings());
180         instance.populateSettings(cli);
181         boolean results = true;
182         for (Map.Entry<String, Boolean> entry : expected.entrySet()) {
183             results &= getSettings().getBoolean(entry.getKey()) == entry.getValue();
184         }
185         return results;
186     }
187 }