1 /*
2 * This file is part of dependency-check-core.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 *
16 * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
17 */
18 package org.owasp.dependencycheck.analyzer;
19
20 import org.owasp.dependencycheck.Engine;
21 import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
22 import org.owasp.dependencycheck.dependency.Dependency;
23 import org.owasp.dependencycheck.exception.InitializationException;
24 import org.owasp.dependencycheck.utils.Settings;
25
26 import javax.annotation.concurrent.ThreadSafe;
27
28 import org.slf4j.Logger;
29 import org.slf4j.LoggerFactory;
30
31 /**
32 * Base class for analyzers to avoid code duplication of prepare and close as
33 * most analyzers do not need these methods.
34 *
35 * @author Jeremy Long
36 */
37 @ThreadSafe
38 public abstract class AbstractAnalyzer implements Analyzer {
39
40 /**
41 * The logger.
42 */
43 private static final Logger LOGGER = LoggerFactory.getLogger(AbstractAnalyzer.class);
44 /**
45 * A flag indicating whether or not the analyzer is enabled.
46 */
47 private volatile boolean enabled = true;
48 /**
49 * The configured settings.
50 */
51 private Settings settings;
52
53 /**
54 * Get the value of enabled.
55 *
56 * @return the value of enabled
57 */
58 @Override
59 public boolean isEnabled() {
60 return enabled;
61 }
62
63 /**
64 * Set the value of enabled.
65 *
66 * @param enabled new value of enabled
67 */
68 public void setEnabled(boolean enabled) {
69 this.enabled = enabled;
70 }
71
72 /**
73 * Returns the configured settings.
74 *
75 * @return the configured settings
76 */
77 protected Settings getSettings() {
78 return settings;
79 }
80
81 /**
82 * Initializes the analyzer with the configured settings.
83 *
84 * @param settings the configured settings to use
85 */
86 @Override
87 public void initialize(Settings settings) {
88 this.settings = settings;
89 final String key = getAnalyzerEnabledSettingKey();
90 this.setEnabled(settings.getBoolean(key, true));
91 }
92
93 /**
94 * Initialize the abstract analyzer.
95 *
96 * @param engine a reference to the dependency-check engine
97 * @throws InitializationException thrown if there is an exception
98 */
99 @Override
100 public final void prepare(Engine engine) throws InitializationException {
101 if (isEnabled()) {
102 prepareAnalyzer(engine);
103 } else {
104 LOGGER.debug("{} has been disabled", getName());
105 }
106 }
107
108 /**
109 * Prepares a given Analyzer. This will be skipped if the analyzer is
110 * disabled.
111 *
112 * @param engine a reference to the dependency-check engine
113 * @throws InitializationException thrown if there is an exception
114 */
115 protected void prepareAnalyzer(Engine engine) throws InitializationException {
116 // Intentionally empty, analyzer will override this if they must prepare anything.
117 }
118
119 /**
120 * Analyzes a given dependency. If the dependency is an archive, such as a
121 * WAR or EAR, the contents are extracted, scanned, and added to the list of
122 * dependencies within the engine.
123 *
124 * @param dependency the dependency to analyze
125 * @param engine the engine scanning
126 * @throws AnalysisException thrown if there is an analysis exception
127 */
128 @Override
129 public final void analyze(Dependency dependency, Engine engine) throws AnalysisException {
130 if (this.isEnabled()) {
131 analyzeDependency(dependency, engine);
132 }
133 }
134
135 /**
136 * Analyzes a given dependency. If the dependency is an archive, such as a
137 * WAR or EAR, the contents are extracted, scanned, and added to the list of
138 * dependencies within the engine.
139 *
140 * @param dependency the dependency to analyze
141 * @param engine the engine scanning
142 * @throws AnalysisException thrown if there is an analysis exception
143 */
144 protected abstract void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException;
145
146 /**
147 * The close method does nothing for this Analyzer.
148 *
149 * @throws Exception thrown if there is an exception
150 */
151 @Override
152 public final void close() throws Exception {
153 if (isEnabled()) {
154 closeAnalyzer();
155 }
156 }
157
158 /**
159 * Closes a given Analyzer. This will be skipped if the analyzer is
160 * disabled.
161 *
162 * @throws Exception thrown if there is an exception
163 */
164 protected void closeAnalyzer() throws Exception {
165 // Intentionally empty, analyzer will override this if they must close a resource.
166 }
167
168 /**
169 * The default is to support parallel processing.
170 *
171 * @return true
172 */
173 @Override
174 public boolean supportsParallelProcessing() {
175 return true;
176 }
177
178 /**
179 * <p>
180 * Returns the setting key to determine if the analyzer is enabled.</p>
181 *
182 * @return the key for the analyzer's enabled property
183 */
184 protected abstract String getAnalyzerEnabledSettingKey();
185
186 }