1 /*
2 * This file is part of dependency-check-core.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 *
16 * Copyright (c) 2015 Jeremy Long. All Rights Reserved.
17 */
18 package org.owasp.dependencycheck.xml.pom;
19
20 import java.io.Serializable;
21 import java.util.ArrayList;
22 import java.util.List;
23 import java.util.Properties;
24 import javax.annotation.concurrent.ThreadSafe;
25
26 import org.owasp.dependencycheck.utils.InterpolationUtil;
27
28 /**
29 * A simple pojo to hold data related to a Maven POM file.
30 *
31 * @author jeremy long
32 */
33 @ThreadSafe
34 public class Model implements Serializable {
35
36 /**
37 * Generated UUID.
38 */
39 private static final long serialVersionUID = -7648711671774349441L;
40
41 /**
42 * The name of the project.
43 */
44 private String name;
45 /**
46 * The organization name.
47 */
48 private String organization;
49 /**
50 * The organization URL.
51 */
52 private String organizationUrl;
53 /**
54 * The description.
55 */
56 private String description;
57 /**
58 * The group id.
59 */
60 private String groupId;
61 /**
62 * The artifact id.
63 */
64 private String artifactId;
65 /**
66 * The version number.
67 */
68 private String version;
69 /**
70 * The parent group id.
71 */
72 private String parentGroupId;
73 /**
74 * The parent artifact id.
75 */
76 private String parentArtifactId;
77 /**
78 * The parent version number.
79 */
80 private String parentVersion;
81 /**
82 * The list of licenses.
83 */
84 private final List<License> licenses = new ArrayList<>();
85 /**
86 * The list of developers.
87 */
88 private final List<Developer> developers = new ArrayList<>();
89 /**
90 * The project URL.
91 */
92 private String projectURL;
93
94 /**
95 * Get the value of name.
96 *
97 * @return the value of name
98 */
99 public String getName() {
100 return name;
101 }
102
103 /**
104 * Set the value of name.
105 *
106 * @param name new value of name
107 */
108 public void setName(String name) {
109 this.name = name;
110 }
111
112 /**
113 * Get the value of organization.
114 *
115 * @return the value of organization
116 */
117 public String getOrganization() {
118 return organization;
119 }
120
121 /**
122 * Set the value of organization.
123 *
124 * @param organization new value of organization
125 */
126 public void setOrganization(String organization) {
127 this.organization = organization;
128 }
129
130 /**
131 * Get the value of organizationUrl.
132 *
133 * @return the value of organizationUrl
134 */
135 public String getOrganizationUrl() {
136 return organizationUrl;
137 }
138
139 /**
140 * Set the value of organizationUrl.
141 *
142 * @param organizationUrl new value of organizationUrl
143 */
144 public void setOrganizationUrl(String organizationUrl) {
145 this.organizationUrl = organizationUrl;
146 }
147
148 /**
149 * Get the value of description.
150 *
151 * @return the value of description
152 */
153 public String getDescription() {
154 return description;
155 }
156
157 /**
158 * Set the value of description.
159 *
160 * @param description new value of description
161 */
162 public void setDescription(String description) {
163 this.description = description;
164 }
165
166 /**
167 * Get the value of groupId.
168 *
169 * @return the value of groupId
170 */
171 public String getGroupId() {
172 return groupId;
173 }
174
175 /**
176 * Set the value of groupId.
177 *
178 * @param groupId new value of groupId
179 */
180 public void setGroupId(String groupId) {
181 this.groupId = groupId;
182 }
183
184 /**
185 * Get the value of artifactId.
186 *
187 * @return the value of artifactId
188 */
189 public String getArtifactId() {
190 return artifactId;
191 }
192
193 /**
194 * Set the value of artifactId.
195 *
196 * @param artifactId new value of artifactId
197 */
198 public void setArtifactId(String artifactId) {
199 this.artifactId = artifactId;
200 }
201
202 /**
203 * Get the value of version.
204 *
205 * @return the value of version
206 */
207 public String getVersion() {
208 return version;
209 }
210
211 /**
212 * Set the value of version.
213 *
214 * @param version new value of version
215 */
216 public void setVersion(String version) {
217 this.version = version;
218 }
219
220 /**
221 * Get the value of parentGroupId.
222 *
223 * @return the value of parentGroupId
224 */
225 public String getParentGroupId() {
226 return parentGroupId;
227 }
228
229 /**
230 * Set the value of parentGroupId.
231 *
232 * @param parentGroupId new value of parentGroupId
233 */
234 public void setParentGroupId(String parentGroupId) {
235 this.parentGroupId = parentGroupId;
236 }
237
238 /**
239 * Get the value of parentArtifactId.
240 *
241 * @return the value of parentArtifactId
242 */
243 public String getParentArtifactId() {
244 return parentArtifactId;
245 }
246
247 /**
248 * Set the value of parentArtifactId.
249 *
250 * @param parentArtifactId new value of parentArtifactId
251 */
252 public void setParentArtifactId(String parentArtifactId) {
253 this.parentArtifactId = parentArtifactId;
254 }
255
256 /**
257 * Get the value of parentVersion.
258 *
259 * @return the value of parentVersion
260 */
261 public String getParentVersion() {
262 return parentVersion;
263 }
264
265 /**
266 * Set the value of parentVersion.
267 *
268 * @param parentVersion new value of parentVersion
269 */
270 public void setParentVersion(String parentVersion) {
271 this.parentVersion = parentVersion;
272 }
273
274 /**
275 * Returns the list of licenses.
276 *
277 * @return the list of licenses
278 */
279 public List<License> getLicenses() {
280 return licenses;
281 }
282
283 /**
284 * Adds a new license to the list of licenses.
285 *
286 * @param license the license to add
287 */
288 public void addLicense(License license) {
289 licenses.add(license);
290 }
291
292 /**
293 * Returns the list of developers.
294 *
295 * @return the list of developers
296 */
297 public List<Developer> getDevelopers() {
298 return developers;
299 }
300
301 /**
302 * Adds a new developer to the list of developers.
303 *
304 * @param developer the developer to add
305 */
306 public void addDeveloper(Developer developer) {
307 developers.add(developer);
308 }
309
310 /**
311 * Get the value of projectURL.
312 *
313 * @return the value of projectURL
314 */
315 public String getProjectURL() {
316 return projectURL;
317 }
318
319 /**
320 * Set the value of projectURL.
321 *
322 * @param projectURL new value of projectURL
323 */
324 public void setProjectURL(String projectURL) {
325 this.projectURL = projectURL;
326 }
327
328 /**
329 * Process the Maven properties file and interpolate all properties.
330 *
331 * @param properties new value of properties
332 */
333 public void processProperties(Properties properties) {
334 if (properties == null) {
335 return;
336 }
337 this.description = InterpolationUtil.interpolate(this.description, properties);
338 for (License l : this.getLicenses()) {
339 l.setName(InterpolationUtil.interpolate(l.getName(), properties));
340 l.setUrl(InterpolationUtil.interpolate(l.getUrl(), properties));
341 }
342 this.name = InterpolationUtil.interpolate(this.name, properties);
343 this.projectURL = InterpolationUtil.interpolate(this.projectURL, properties);
344 this.organization = InterpolationUtil.interpolate(this.organization, properties);
345 this.parentGroupId = InterpolationUtil.interpolate(this.parentGroupId, properties);
346 this.parentArtifactId = InterpolationUtil.interpolate(this.parentArtifactId, properties);
347 this.parentVersion = InterpolationUtil.interpolate(this.parentVersion, properties);
348 }
349
350 /**
351 * Replaces the group/artifact/version obtained from the `pom.xml` which may
352 * contain variable references with the interpolated values of the
353 * <a href="https://maven.apache.org/shared/maven-archiver/#pom-properties-content">pom.properties</a>
354 * content (when present). Validates that at least the documented properties
355 * for the G/A/V coordinates are all present. If not it will leave the model
356 * unmodified as the property-source was apparently not a valid
357 * pom.properties file for the `pom.xml`.
358 *
359 * @param pomProperties A properties object that holds the properties from a
360 * pom.properties file.
361 */
362 public void setGAVFromPomDotProperties(Properties pomProperties) {
363 if (!pomProperties.containsKey("groupId") || !pomProperties.containsKey("artifactId") || !pomProperties.containsKey("version")) {
364 return;
365 }
366 this.groupId = pomProperties.getProperty("groupId");
367 this.artifactId = pomProperties.getProperty("artifactId");
368 this.version = pomProperties.getProperty("version");
369 }
370 }