View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2014 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.analyzer;
19  
20  import org.slf4j.Logger;
21  import org.slf4j.LoggerFactory;
22  
23  import java.io.File;
24  import java.io.FileFilter;
25  import java.util.Collections;
26  import java.util.HashSet;
27  import java.util.Set;
28  import javax.annotation.concurrent.ThreadSafe;
29  import org.owasp.dependencycheck.Engine;
30  import org.owasp.dependencycheck.exception.InitializationException;
31  
32  /**
33   * The base FileTypeAnalyzer that all analyzers that have specific file types
34   * they analyze should extend.
35   *
36   * @author Jeremy Long
37   */
38  @ThreadSafe
39  public abstract class AbstractFileTypeAnalyzer extends AbstractAnalyzer implements FileTypeAnalyzer {
40  
41      //<editor-fold defaultstate="collapsed" desc="Field definitions, getters, and setters ">
42      /**
43       * The logger.
44       */
45      private static final Logger LOGGER = LoggerFactory.getLogger(AbstractFileTypeAnalyzer.class);
46      /**
47       * Whether the file type analyzer detected any files it needs to analyze.
48       */
49      private boolean filesMatched = false;
50  
51      /**
52       * Set the value of filesMatched. A flag indicating whether the scan
53       * included any file types this analyzer supports.
54       *
55       * @param filesMatched new value of filesMatched
56       */
57      protected void setFilesMatched(boolean filesMatched) {
58          this.filesMatched = filesMatched;
59      }
60  
61      /**
62       * Gets the value of filesMatched. A flag indicating whether the scan
63       * included any file types this analyzer supports.
64       *
65       * @return the value of filesMatched
66       */
67      protected boolean getFilesMatched() {
68          return this.filesMatched;
69      }
70  
71      //</editor-fold>
72      //<editor-fold defaultstate="collapsed" desc="Final implementations for the Analyzer interface">
73      /**
74       * Initializes the analyzer.
75       *
76       * @param engine a reference to the dependency-check engine
77       * @throws InitializationException thrown if there is an exception during
78       * initialization
79       */
80      @Override
81      protected final void prepareAnalyzer(Engine engine) throws InitializationException {
82          if (filesMatched && this.isEnabled()) {
83              prepareFileTypeAnalyzer(engine);
84          } else {
85              this.setEnabled(false);
86          }
87      }
88  
89      //</editor-fold>
90      //<editor-fold defaultstate="collapsed" desc="Abstract methods children must implement">
91      /**
92       * <p>
93       * Returns the {@link java.io.FileFilter} used to determine which files are
94       * to be analyzed. An example would be an analyzer that inspected Java jar
95       * files. Implementors may use
96       * {@link org.owasp.dependencycheck.utils.FileFilterBuilder}.</p>
97       * <p>
98       * If the analyzer returns null it will not cause additional files to be
99       * analyzed, but will be executed against every file loaded.</p>
100      *
101      * @return the file filter used to determine which files are to be analyzed
102      */
103     protected abstract FileFilter getFileFilter();
104 
105     /**
106      * Prepares the file type analyzer for dependency analysis.
107      *
108      * @param engine a reference to the dependency-check engine
109      * @throws InitializationException thrown if there is an exception during
110      * initialization
111      */
112     protected abstract void prepareFileTypeAnalyzer(Engine engine) throws InitializationException;
113 
114     //</editor-fold>
115     /**
116      * Determines if the file can be analyzed by the analyzer.
117      *
118      * @param pathname the path to the file
119      * @return true if the file can be analyzed by the given analyzer; otherwise
120      * false
121      */
122     @Override
123     public boolean accept(File pathname) {
124         final FileFilter filter = getFileFilter();
125         boolean accepted = false;
126         if (null == filter) {
127             LOGGER.error("The '{}' analyzer is misconfigured and does not have a file filter; it will be disabled", getName());
128         } else if (this.isEnabled()) {
129             accepted = filter.accept(pathname);
130             if (accepted) {
131                 filesMatched = true;
132             }
133         }
134         return accepted;
135     }
136 
137     /**
138      * <p>
139      * Utility method to help in the creation of the extensions set. This
140      * constructs a new Set that can be used in a final static declaration.</p>
141      * <p>
142      * This implementation was copied from
143      * http://stackoverflow.com/questions/2041778/prepare-java-hashset-values-by-construction</p>;
144      *
145      * @param strings a list of strings to add to the set.
146      * @return a Set of strings.
147      */
148     protected static Set<String> newHashSet(String... strings) {
149         final Set<String> set = new HashSet<>(strings.length);
150         Collections.addAll(set, strings);
151         return set;
152     }
153 }