github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-14 15:53:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Improved update process, including initial lock support

Browse Source 
Former-commit-id: d6fc00406765f4680d900eb0474fed9ade727a0a
This commit is contained in:
Jeremy Long
2013-10-08 10:58:29 -04:00
parent 89e99219d7
commit 79c31b5f54
12 changed files with 657 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/AbstractUpdate.java
View File

@@ -77,6 +77,15 @@ public abstract class AbstractUpdate {
return updateable.isUpdateNeeded();
}
/**
* Gets the updateable NVD CVE Entries.
*
* @return an Updateable object containing the NVD CVE entries
*/
public Updateable getUpdateable() {
return updateable;
}
/**
* Determines if the index needs to be updated.
*
@@ -102,7 +111,6 @@ public abstract class AbstractUpdate {
* deleted.
*/
private boolean deleteAndRecreate = false;
protected Updateable updatesNeeded = null;
/**
* Get the value of deleteAndRecreate

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/BatchUpdate.java
View File

@@ -20,14 +20,10 @@ package org.owasp.dependencycheck.data.update;
import org.owasp.dependencycheck.data.nvdcve.InvalidDataException;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import javax.xml.parsers.ParserConfigurationException;
import org.xml.sax.SAXException;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.net.URL;
import java.sql.SQLException;
import java.util.Calendar;
import java.util.Date;
import java.util.logging.Level;
@@ -38,7 +34,6 @@ import org.owasp.dependencycheck.utils.DownloadFailedException;
import org.owasp.dependencycheck.utils.Downloader;
import org.owasp.dependencycheck.utils.FileUtils;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
import org.owasp.dependencycheck.utils.InvalidSettingException;
import static org.owasp.dependencycheck.data.update.DataStoreMetaInfo.BATCH;
import static org.owasp.dependencycheck.data.update.DataStoreMetaInfo.MODIFIED;

29
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/StandardUpdate.java
View File

@@ -55,17 +55,14 @@ public class StandardUpdate extends AbstractUpdate {
* <p>Downloads the latest NVD CVE XML file from the web and imports it into
* the current CVE Database.</p>
*
* @param updatesNeeded a collection of NvdCveInfo containing information
* about needed updates.
* @throws UpdateException is thrown if there is an error updating the
* database
*/
@Override
public void update() throws UpdateException {
try {
properties = new DataStoreMetaInfo();
int maxUpdates = 0;
for (NvdCveInfo cve : updatesNeeded) {
for (NvdCveInfo cve : getUpdateable()) {
if (cve.getNeedsUpdate()) {
maxUpdates += 1;
}
@@ -79,7 +76,7 @@ public class StandardUpdate extends AbstractUpdate {
}
int count = 0;
for (NvdCveInfo cve : updatesNeeded) {
for (NvdCveInfo cve : getUpdateable()) {
if (cve.getNeedsUpdate()) {
count += 1;
Logger.getLogger(StandardUpdate.class.getName()).log(Level.INFO,
@@ -148,7 +145,7 @@ public class StandardUpdate extends AbstractUpdate {
}
}
if (maxUpdates >= 1) { //ensure the modified file date gets written
properties.save(updatesNeeded.get(MODIFIED));
properties.save(getUpdateable().get(MODIFIED));
cveDB.cleanupDatabase();
}
} catch (MalformedURLException ex) {
@@ -275,18 +272,16 @@ public class StandardUpdate extends AbstractUpdate {
Settings.getString(Settings.KEYS.CVE_MODIFIED_12_URL),
false);
//only add these urls if we are not in batch mode
if (!properties.isBatchUpdateMode()) {
final int start = Settings.getInt(Settings.KEYS.CVE_START_YEAR);
final int end = Calendar.getInstance().get(Calendar.YEAR);
final String baseUrl20 = Settings.getString(Settings.KEYS.CVE_SCHEMA_2_0);
final String baseUrl12 = Settings.getString(Settings.KEYS.CVE_SCHEMA_1_2);
for (int i = start; i <= end; i++) {
updates.add(Integer.toString(i), String.format(baseUrl20, i),
String.format(baseUrl12, i),
true);
}
final int start = Settings.getInt(Settings.KEYS.CVE_START_YEAR);
final int end = Calendar.getInstance().get(Calendar.YEAR);
final String baseUrl20 = Settings.getString(Settings.KEYS.CVE_SCHEMA_2_0);
final String baseUrl12 = Settings.getString(Settings.KEYS.CVE_SCHEMA_1_2);
for (int i = start; i <= end; i++) {
updates.add(Integer.toString(i), String.format(baseUrl20, i),
String.format(baseUrl12, i),
true);
}
return updates;
}
}

5
dependency-check-core/src/main/java/org/owasp/dependencycheck/data/update/Updateable.java
View File

@@ -149,4 +149,9 @@ public class Updateable implements java.lang.Iterable<NvdCveInfo>, Iterator<NvdC
NvdCveInfo get(String key) {
return collection.get(key);
}
@Override
public String toString() {
return "Updateable{" + "size=" + collection.size() + '}';
}
}

134
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/AbstractUpdateTest.java Normal file
View File

@@ -0,0 +1,134 @@
/*
* This file is part of dependency-check-core.
*
* Dependency-check-core is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* Dependency-check-core is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* dependency-check-core. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.update;
import java.io.File;
import java.io.IOException;
import java.net.MalformedURLException;
import java.text.DateFormat;
import java.util.Calendar;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
import org.owasp.dependencycheck.data.UpdateException;
import org.owasp.dependencycheck.utils.DownloadFailedException;
/**
*
* @author Jeremy Long (jeremy.long@owasp.org)
*/
public class AbstractUpdateTest {
public AbstractUpdateTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of setDeleteAndRecreate method, of class AbstractUpdate.
*/
@Test
public void testSetDeleteAndRecreate() throws Exception {
boolean deleteAndRecreate = false;
boolean expResult = false;
AbstractUpdate instance = new AbstractUpdateImpl();
instance.setDeleteAndRecreate(deleteAndRecreate);
boolean result = instance.shouldDeleteAndRecreate();
assertEquals(expResult, result);
}
/**
* Test of deleteExistingData method, of class AbstractUpdate.
*/
@Test
public void testDeleteExistingData() throws Exception {
AbstractUpdate instance = new AbstractUpdateImpl();
Exception result = null;
try {
instance.deleteExistingData();
} catch (IOException ex) {
result = ex;
}
assertNull(result);
}
/**
* Test of openDataStores method, of class AbstractUpdate.
*/
@Test
public void testOpenDataStores() throws Exception {
AbstractUpdate instance = new AbstractUpdateImpl();
instance.openDataStores();
instance.closeDataStores();
}
/**
* Test of withinRange method, of class AbstractUpdate.
*/
@Test
public void testWithinRange() throws Exception {
Calendar c = Calendar.getInstance();
long current = c.getTimeInMillis();
long lastRun = c.getTimeInMillis() - (3 * (1000 * 60 * 60 * 24));
int range = 7; // 7 days
AbstractUpdate instance = new AbstractUpdateImpl();
boolean expResult = true;
boolean result = instance.withinRange(lastRun, current, range);
assertEquals(expResult, result);
lastRun = c.getTimeInMillis() - (8 * (1000 * 60 * 60 * 24));
expResult = false;
result = instance.withinRange(lastRun, current, range);
assertEquals(expResult, result);
}
public class AbstractUpdateImpl extends AbstractUpdate {
public AbstractUpdateImpl() throws Exception {
super();
}
public Updateable updatesNeeded() throws MalformedURLException, DownloadFailedException, UpdateException {
return null;
}
public void update() throws UpdateException {
}
}
}

42
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/DatabaseUpdater_1_Test.java → dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/BatchUpdateTest.java
View File

@@ -14,35 +14,38 @@
* You should have received a copy of the GNU General Public License along with
* dependency-check-core. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.update;
import org.owasp.dependencycheck.data.update.DatabaseUpdater;
import java.io.File;
import java.net.MalformedURLException;
import org.apache.commons.io.FileUtils;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
import org.owasp.dependencycheck.data.UpdateException;
import org.owasp.dependencycheck.utils.DownloadFailedException;
import org.owasp.dependencycheck.utils.Settings;
/**
*
* @author Jeremy Long (jeremy.long@owasp.org)
*/
public class DatabaseUpdater_1_Test {
public class BatchUpdateTest {
public DatabaseUpdater_1_Test() {
public BatchUpdateTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() throws Exception {
public static void tearDownClass() {
}
private String old12;
private String old20;
@@ -84,14 +87,29 @@ public class DatabaseUpdater_1_Test {
}
/**
* Test of update method (when in batch mode), of class DatabaseUpdater.
*
* @throws Exception
* Test of setDoBatchUpdate method, of class BatchUpdate.
*/
@Test
public void testBatchUpdate() throws Exception {
DatabaseUpdater instance = new DatabaseUpdater();
public void testSetDoBatchUpdate() throws DownloadFailedException, MalformedURLException, UpdateException {
boolean expected = false;
BatchUpdate instance = new BatchUpdate();
instance.setDoBatchUpdate(expected);
boolean results = instance.isDoBatchUpdate();
assertEquals(results, expected);
}
/**
* Test of update method, of class BatchUpdate.
*/
@Test
public void testUpdate() throws Exception {
BatchUpdate instance = new BatchUpdate();
//do some setup
instance.setDoBatchUpdate(true);
instance.deleteExistingData();
instance.update();
instance.update(); //no exceptions it worked?
//todo add some actual asserts to check things.
}
}

118
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/DataStoreMetaInfoTest.java Normal file
View File

@@ -0,0 +1,118 @@
/*
* This file is part of dependency-check-core.
*
* Dependency-check-core is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* Dependency-check-core is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* dependency-check-core. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.update;
import java.io.File;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@owasp.org)
*/
public class DataStoreMetaInfoTest {
public DataStoreMetaInfoTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of isBatchUpdateMode method, of class DataStoreMetaInfo.
*/
@Test
public void testIsBatchUpdateMode() {
DataStoreMetaInfo instance = new DataStoreMetaInfo();
boolean expResult = false;
instance.setBatchUpdateMode(expResult);
boolean result = instance.isBatchUpdateMode();
assertEquals(expResult, result);
}
/**
* Test of isEmpty method, of class DataStoreMetaInfo.
*/
@Test
public void testIsEmpty() {
DataStoreMetaInfo instance = new DataStoreMetaInfo();
boolean expResult = false;
boolean result = instance.isEmpty();
assertEquals(expResult, result);
}
/**
* Test of save method, of class DataStoreMetaInfo.
*/
@Test
public void testSave() throws Exception {
NvdCveInfo updatedValue = new NvdCveInfo();
String key = "test";
long expected = 1337;
updatedValue.setId(key);
updatedValue.setTimestamp(expected);
DataStoreMetaInfo instance = new DataStoreMetaInfo();
instance.save(updatedValue);
//reload the properties
instance = new DataStoreMetaInfo();
long results = Long.parseLong(instance.getProperty("lastupdated." + key));
assertEquals(expected, results);
}
/**
* Test of getProperty method, of class DataStoreMetaInfo.
*/
@Test
public void testGetProperty_String_String() {
String key = "doesn't exist";
String defaultValue = "default";
DataStoreMetaInfo instance = new DataStoreMetaInfo();
String expResult = "default";
String result = instance.getProperty(key, defaultValue);
assertEquals(expResult, result);
}
/**
* Test of getPropertiesFile method, of class DataStoreMetaInfo.
*/
@Test
public void testGetPropertiesFile() {
File result = DataStoreMetaInfo.getPropertiesFile();
//wow... rigorous!
assertNotNull(result);
}
}

13
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/DatabaseUpdaterIntegrationTest.java
View File

@@ -14,19 +14,16 @@
* You should have received a copy of the GNU General Public License along with
* dependency-check-core. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.update;
import java.io.File;
import java.net.URL;
import org.owasp.dependencycheck.data.update.DatabaseUpdater;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.utils.Settings;
import static org.junit.Assert.*;
/**
*
@@ -38,11 +35,11 @@ public class DatabaseUpdaterIntegrationTest {
}
@BeforeClass
public static void setUpClass() throws Exception {
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() throws Exception {
public static void tearDownClass() {
}
@Before
@@ -55,8 +52,6 @@ public class DatabaseUpdaterIntegrationTest {
/**
* Test of update method, of class DatabaseUpdater.
*
* @throws Exception
*/
@Test
public void testUpdate() throws Exception {

87
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/DatabaseUpdater_2_Test.java
View File

@@ -1,87 +0,0 @@
/*
* This file is part of dependency-check-core.
*
* Dependency-check-core is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* Dependency-check-core is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* dependency-check-core. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2012 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.update;
import org.owasp.dependencycheck.data.update.DatabaseUpdater;
import java.io.File;
import org.apache.commons.io.FileUtils;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.owasp.dependencycheck.utils.Settings;
/**
*
* @author Jeremy Long (jeremy.long@owasp.org)
*/
public class DatabaseUpdater_2_Test {
public DatabaseUpdater_2_Test() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
private String old12;
private String old20;
@Before
public void setUp() throws Exception {
old12 = Settings.getString(Settings.KEYS.CVE_MODIFIED_12_URL);
old20 = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
Settings.removeProperty(Settings.KEYS.CVE_MODIFIED_12_URL);
Settings.removeProperty(Settings.KEYS.CVE_MODIFIED_20_URL);
File tmp = Settings.getTempDirectory();
if (!tmp.exists()) {
tmp.mkdirs();
}
File dest = new File(tmp, "data.zip");
File file = new File(this.getClass().getClassLoader().getResource("data.zip").toURI());
FileUtils.copyFile(file, dest);
String path = "file:///" + dest.getCanonicalPath();
Settings.setString(Settings.KEYS.BATCH_UPDATE_URL, path);
}
@After
public void tearDown() {
Settings.setString(Settings.KEYS.CVE_MODIFIED_12_URL, old12);
Settings.setString(Settings.KEYS.CVE_MODIFIED_20_URL, old20);
Settings.removeProperty(Settings.KEYS.BATCH_UPDATE_URL);
}
/**
* Test of update method (when in batch mode), of class DatabaseUpdater.
*
* @throws Exception
*/
@Test
public void testBatchUpdateWithoutModified() throws Exception {
DatabaseUpdater instance = new DatabaseUpdater();
instance.deleteExistingData();
instance.update();
}
}

113
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/NvdCveInfoTest.java Normal file
View File

@@ -0,0 +1,113 @@
/*
* This file is part of dependency-check-core.
*
* Dependency-check-core is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* Dependency-check-core is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* dependency-check-core. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.update;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
* Rigorous test of setters/getters.
*
* @author Jeremy Long (jeremy.long@owasp.org)
*/
public class NvdCveInfoTest {
public NvdCveInfoTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of setId and getId method, of class NvdCveInfo.
*/
@Test
public void testSetGetId() {
NvdCveInfo instance = new NvdCveInfo();
String expResult = "id";
instance.setId(expResult);
String result = instance.getId();
assertEquals(expResult, result);
}
/**
* Test of getUrl method, of class NvdCveInfo.
*/
@Test
public void testSetGetUrl() {
NvdCveInfo instance = new NvdCveInfo();
String expResult = "http://www.someurl.com/something";
instance.setUrl(expResult);
String result = instance.getUrl();
assertEquals(expResult, result);
}
/**
* Test of getOldSchemaVersionUrl method, of class NvdCveInfo.
*/
@Test
public void testSetGetOldSchemaVersionUrl() {
NvdCveInfo instance = new NvdCveInfo();
String expResult = "http://www.someurl.com/something";
instance.setOldSchemaVersionUrl(expResult);
String result = instance.getOldSchemaVersionUrl();
assertEquals(expResult, result);
}
/**
* Test of getTimestamp method, of class NvdCveInfo.
*/
@Test
public void testSetGetTimestamp() {
NvdCveInfo instance = new NvdCveInfo();
long expResult = 1337L;
instance.setTimestamp(expResult);
long result = instance.getTimestamp();
assertEquals(expResult, result);
}
/**
* Test of getNeedsUpdate method, of class NvdCveInfo.
*/
@Test
public void testSetGetNeedsUpdate() {
NvdCveInfo instance = new NvdCveInfo();
boolean expResult = true;
instance.setNeedsUpdate(expResult);
boolean result = instance.getNeedsUpdate();
assertEquals(expResult, result);
}
}

72
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/StandardUpdateIntegrationTest.java Normal file
View File

@@ -0,0 +1,72 @@
/*
* This file is part of dependency-check-core.
*
* Dependency-check-core is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* Dependency-check-core is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* dependency-check-core. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.update;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
/**
*
* @author Jeremy Long (jeremy.long@owasp.org)
*/
public class StandardUpdateIntegrationTest {
public StandardUpdateIntegrationTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of update method, of class StandardUpdate.
*/
@Test
public void testUpdate() throws Exception {
StandardUpdate instance = new StandardUpdate();
instance.update();
//TODO make this an actual test
}
/**
* Test of updatesNeeded method, of class StandardUpdate.
*/
@Test
public void testUpdatesNeeded() throws Exception {
StandardUpdate instance = new StandardUpdate();
Updateable result = instance.updatesNeeded();
assertNotNull(result);
}
}

160
dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/UpdateableTest.java Normal file
View File

@@ -0,0 +1,160 @@
/*
* This file is part of dependency-check-core.
*
* Dependency-check-core is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation, either version 3 of the License, or (at your option) any
* later version.
*
* Dependency-check-core is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details.
*
* You should have received a copy of the GNU General Public License along with
* dependency-check-core. If not, see http://www.gnu.org/licenses/.
*
* Copyright (c) 2013 Jeremy Long. All Rights Reserved.
*/
package org.owasp.dependencycheck.data.update;
import java.io.File;
import java.io.IOException;
import java.net.MalformedURLException;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.*;
import org.owasp.dependencycheck.utils.DownloadFailedException;
/**
*
* @author Jeremy Long (jeremy.long@owasp.org)
*/
public class UpdateableTest {
public UpdateableTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of isUpdateNeeded method, of class Updateable.
*/
@Test
public void testIsUpdateNeeded() throws MalformedURLException, DownloadFailedException, IOException {
String id = "key";
//use a local file as this test will load the result and check the timestamp
File f = new File("target/test-classes/nvdcve-2.0-2012.xml");
String url = "file:///" + f.getCanonicalPath();
Updateable instance = new Updateable();
instance.add(id, url, url, false);
boolean expResult = false;
boolean result = instance.isUpdateNeeded();
assertEquals(expResult, result);
instance.add("nextId", url, url, true);
expResult = true;
result = instance.isUpdateNeeded();
assertEquals(expResult, result);
}
/**
* Test of add method, of class Updateable.
*/
@Test
public void testAdd_3args() throws Exception {
String id = "key";
File f = new File("target/test-classes/nvdcve-2.0-2012.xml");
//use a local file as this test will load the result and check the timestamp
String url = "file:///" + f.getCanonicalPath();
Updateable instance = new Updateable();
instance.add(id, url, url);
NvdCveInfo results = instance.get(id);
assertEquals(id, results.getId());
assertEquals(url, results.getUrl());
assertEquals(url, results.getOldSchemaVersionUrl());
}
/**
* Test of add method, of class Updateable.
*/
@Test
public void testAdd_4args() throws Exception {
String id = "key";
//use a local file as this test will load the result and check the timestamp
File f = new File("target/test-classes/nvdcve-2.0-2012.xml");
String url = "file:///" + f.getCanonicalPath();
Updateable instance = new Updateable();
instance.add(id, url, url, false);
boolean expResult = false;
boolean result = instance.isUpdateNeeded();
assertEquals(expResult, result);
instance.add("nextId", url, url, false);
NvdCveInfo results = instance.get(id);
assertEquals(id, results.getId());
assertEquals(url, results.getUrl());
assertEquals(url, results.getOldSchemaVersionUrl());
}
/**
* Test of clear method, of class Updateable.
*/
@Test
public void testClear() throws MalformedURLException, DownloadFailedException, IOException {
String id = "key";
//use a local file as this test will load the result and check the timestamp
File f = new File("target/test-classes/nvdcve-2.0-2012.xml");
String url = "file:///" + f.getCanonicalPath();
Updateable instance = new Updateable();
instance.add(id, url, url, false);
assertFalse(instance.collection.isEmpty());
instance.clear();
assertTrue(instance.collection.isEmpty());
}
/**
* Test of iterator method, of class Updateable.
*/
@Test
public void testIterator() throws IOException {
//use a local file as this test will load the result and check the timestamp
File f = new File("target/test-classes/nvdcve-2.0-2012.xml");
String url = "file:///" + f.getCanonicalPath();
Updateable instance = new Updateable();
instance.add("one", url, url, false);
instance.add("two", url, url, false);
instance.add("three", url, url, false);
int itemsProcessed = 0;
for (NvdCveInfo item : instance) {
if ("one".equals(item.getId())) {
instance.remove();
}
itemsProcessed += 1;
}
assertEquals(3, itemsProcessed);
assertEquals(2, instance.collection.size());
}
}