From 62a0b8da90596a486bf5e5c25878b54833be5626 Mon Sep 17 00:00:00 2001
From: ma wei <wma@thoughtworks.com>
Date: Fri, 7 Aug 2015 10:09:40 +0800
Subject: [PATCH] add configuration, let user has ability to control HTTP
 method used during the update process to avoid proxy problem

---
 .../DependencyCheckConfigurationExtension.groovy          | 2 ++
 .../security/plugin/DependencyCheckGradlePlugin.groovy    | 1 +
 .../com/tools/security/tasks/DependencyCheckTask.groovy   | 8 ++++++++
 .../plugin/DependencyCheckGradlePluginSpec.groovy         | 3 +++
 4 files changed, 14 insertions(+)

diff --git a/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy b/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy
index 8e7a29ce3..e86f66e25 100644
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/extension/DependencyCheckConfigurationExtension.groovy
@@ -31,4 +31,6 @@ class DependencyCheckConfigurationExtension {
     String cveUrl20Base = "https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz"
 
     String outputDirectory = "./reports"
+
+    Boolean quickQueryTimestamp = true;
 }
diff --git a/dependency-check-gradle/src/main/groovy/com/tools/security/plugin/DependencyCheckGradlePlugin.groovy b/dependency-check-gradle/src/main/groovy/com/tools/security/plugin/DependencyCheckGradlePlugin.groovy
index 937226401..2274c9af4 100644
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/plugin/DependencyCheckGradlePlugin.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/plugin/DependencyCheckGradlePlugin.groovy
@@ -49,6 +49,7 @@ class DependencyCheckGradlePlugin implements Plugin<Project> {
             conventionMapping.cveUrl12Base = { extension.cveUrl12Base }
             conventionMapping.cveUrl20Base = { extension.cveUrl20Base }
             conventionMapping.outputDirectory = { extension.outputDirectory }
+            conventionMapping.quickQueryTimestamp = { extension.quickQueryTimestamp }
         }
     }
 }
\ No newline at end of file
diff --git a/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy b/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
index c76f1ab92..3e371ec81 100644
--- a/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
+++ b/dependency-check-gradle/src/main/groovy/com/tools/security/tasks/DependencyCheckTask.groovy
@@ -28,6 +28,7 @@ import org.owasp.dependencycheck.dependency.Dependency
 import org.owasp.dependencycheck.reporting.ReportGenerator
 import org.owasp.dependencycheck.utils.Settings
 
+import static org.owasp.dependencycheck.utils.Settings.setBoolean
 import static org.owasp.dependencycheck.utils.Settings.setString
 
 class DependencyCheckTask extends DefaultTask {
@@ -47,6 +48,8 @@ class DependencyCheckTask extends DefaultTask {
 
     String outputDirectory = "./reports"
 
+    Boolean quickQueryTimestamp = true;
+
     DependencyCheckTask() {
         group = 'Dependency Check'
         description = 'Produce dependency security report.'
@@ -73,6 +76,7 @@ class DependencyCheckTask extends DefaultTask {
         Settings.initialize()
         overrideProxySetting()
         overrideCveUrlSetting()
+        overrideDownloaderSetting()
     }
 
     def cleanup(engine) {
@@ -140,4 +144,8 @@ class DependencyCheckTask extends DefaultTask {
         setString(Settings.KEYS.CVE_SCHEMA_2_0, getCveUrl20Base())
         setString(Settings.KEYS.CVE_SCHEMA_1_2, getCveUrl12Base())
     }
+
+    def overrideDownloaderSetting() {
+        setBoolean(Settings.KEYS.DOWNLOADER_QUICK_QUERY_TIMESTAMP, getQuickQueryTimestamp())
+    }
 }
diff --git a/dependency-check-gradle/src/test/groovy/com/tools/security/plugin/DependencyCheckGradlePluginSpec.groovy b/dependency-check-gradle/src/test/groovy/com/tools/security/plugin/DependencyCheckGradlePluginSpec.groovy
index 892285197..6a9666240 100644
--- a/dependency-check-gradle/src/test/groovy/com/tools/security/plugin/DependencyCheckGradlePluginSpec.groovy
+++ b/dependency-check-gradle/src/test/groovy/com/tools/security/plugin/DependencyCheckGradlePluginSpec.groovy
@@ -58,6 +58,7 @@ class DependencyCheckGradlePluginSpec extends PluginProjectSpec {
         task.cveUrl12Base == 'https://nvd.nist.gov/download/nvdcve-%d.xml.gz'
         task.cveUrl20Base == 'https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz'
         task.outputDirectory == './reports'
+        task.quickQueryTimestamp == true
     }
 
     def 'tasks use correct values when extension is used'() {
@@ -73,6 +74,7 @@ class DependencyCheckGradlePluginSpec extends PluginProjectSpec {
             cveUrl12Base = 'cveUrl12Base'
             cveUrl20Base = 'cveUrl20Base'
             outputDirectory = 'outputDirectory'
+            quickQueryTimestamp = false
         }
 
         then:
@@ -87,5 +89,6 @@ class DependencyCheckGradlePluginSpec extends PluginProjectSpec {
         task.cveUrl12Base == 'cveUrl12Base'
         task.cveUrl20Base == 'cveUrl20Base'
         task.outputDirectory == 'outputDirectory'
+        task.quickQueryTimestamp == false
     }
 }