resolved merge conflicts

Former-commit-id: d0ce45a374336184101179b73b6019fb1240b9b3

dependency-check-core/src/test/java/org/owasp/dependencycheck/EngineIntegrationTest.java

@@ -44,7 +44,6 @@ public class EngineIntegrationTest {
     @Before
     public void setUp() throws Exception {
         org.owasp.dependencycheck.data.nvdcve.BaseDBTestCase.ensureDBExists();
-        org.owasp.dependencycheck.data.cpe.BaseIndexTestCase.ensureIndexExists();
     }
 
     @After

dependency-check-core/src/test/java/org/owasp/dependencycheck/analyzer/CPEAnalyzerTest.java

@@ -16,10 +16,10 @@
  *
  * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
  */
-package org.owasp.dependencycheck.data.cpe;
+package org.owasp.dependencycheck.analyzer;
 
 import org.owasp.dependencycheck.data.cpe.IndexEntry;
-import org.owasp.dependencycheck.data.cpe.CPEAnalyzer;
+import org.owasp.dependencycheck.analyzer.CPEAnalyzer;
 import java.io.File;
 import java.io.IOException;
 import java.util.HashSet;
@@ -30,15 +30,12 @@ import org.apache.lucene.queryparser.classic.ParseException;
 import org.junit.After;
 import org.junit.AfterClass;
 import org.owasp.dependencycheck.dependency.Dependency;
-import org.owasp.dependencycheck.analyzer.JarAnalyzer;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Test;
-import org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer;
-import org.owasp.dependencycheck.analyzer.FileNameAnalyzer;
-import org.owasp.dependencycheck.analyzer.HintAnalyzer;
-import static org.owasp.dependencycheck.data.cpe.BaseIndexTestCase.ensureIndexExists;
+import org.owasp.dependencycheck.data.cpe.BaseIndexTestCase;
+import org.owasp.dependencycheck.data.cpe.IndexEntry;
 import org.owasp.dependencycheck.dependency.Identifier;
 
 /**
@@ -56,11 +53,13 @@ public class CPEAnalyzerTest extends BaseIndexTestCase {
     }
 
     @Before
+    @Override
     public void setUp() throws Exception {
         super.setUp();
     }
 
     @After
+    @Override
     public void tearDown() throws Exception {
         super.tearDown();
     }

dependency-check-core/src/test/java/org/owasp/dependencycheck/concurrency/DirectorySpinLockTest.java

@@ -0,0 +1,116 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Dependency-check-core is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, either version 3 of the License, or (at your option) any
+ * later version.
+ *
+ * Dependency-check-core is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * dependency-check-core. If not, see http://www.gnu.org/licenses/.
+ *
+ * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.concurrency;
+
+import java.io.File;
+import java.net.URL;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+/**
+ *
+ * @author Jeremy Long (jeremy.long@owasp.org)
+ */
+public class DirectorySpinLockTest {
+
+    public DirectorySpinLockTest() {
+    }
+
+    @BeforeClass
+    public static void setUpClass() {
+    }
+
+    @AfterClass
+    public static void tearDownClass() {
+    }
+
+    @Before
+    public void setUp() {
+    }
+
+    @After
+    public void tearDown() {
+    }
+
+    /**
+     * Test of obtainSharedLock method, of class DirectorySpinLock.
+     * Specifically, this test uses the SpinLockTask to obtain an exclusive lock
+     * that is held for 5 seconds. We then try to obtain a shared lock while
+     * that task is running. It should take longer then 5 seconds to obtain the
+     * shared lock.
+     */
+    @Test
+    public void testObtainSharedLock_withContention() throws Exception {
+        URL location = this.getClass().getProtectionDomain().getCodeSource().getLocation();
+        File directory = new File(location.getFile());
+        DirectorySpinLock instance = new DirectorySpinLock(directory);
+        SpinLockTask task = new SpinLockTask(directory, 5000, false, 2);
+        long start = System.currentTimeMillis();
+        task.run();
+        instance.obtainSharedLock();
+        long end = System.currentTimeMillis();
+        instance.close();
+        if (task.getException() != null) {
+            throw task.getException();
+        }
+        long timeElapsed = end - start;
+        assertTrue("no lock contention occured?", timeElapsed >= 5000);
+        //no exceptions means everything worked.
+    }
+
+    /**
+     * Test of obtainSharedLock method, of class DirectorySpinLock. This method
+     * obtains two shared locks by using the SpinLockTask to obtain a lock in
+     * another thread.
+     */
+    @Test
+    public void testObtainSharedLock() throws Exception {
+        URL location = this.getClass().getProtectionDomain().getCodeSource().getLocation();
+        File directory = new File(location.getFile());
+        DirectorySpinLock instance = new DirectorySpinLock(directory);
+        SpinLockTask task = new SpinLockTask(directory, 1000, true, 2);
+        task.run();
+        instance.obtainSharedLock();
+        instance.close();
+        if (task.getException() != null) {
+            throw task.getException();
+        }
+        //no exceptions means everything worked.
+    }
+
+    /**
+     * Test of obtainExclusiveLock method, of class DirectorySpinLock.
+     */
+    @Test
+    public void testObtainExclusiveLock() throws Exception {
+        URL location = this.getClass().getProtectionDomain().getCodeSource().getLocation();
+        File directory = new File(location.getFile());
+        DirectorySpinLock instance = new DirectorySpinLock(directory);
+        SpinLockTask task = new SpinLockTask(directory, 1000, true, 1);
+        instance.obtainExclusiveLock();
+        task.run();
+        instance.close();
+        assertNotNull("No exception thrown due to exclusive lock failure?", task.getException());
+        assertEquals("Incorrect exception when obtaining exclusive lock", "Unable to obtain lock", task.getException().getMessage());
+    }
+}

dependency-check-core/src/test/java/org/owasp/dependencycheck/concurrency/SpinLockTask.java

@@ -0,0 +1,84 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Dependency-check-core is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, either version 3 of the License, or (at your option) any
+ * later version.
+ *
+ * Dependency-check-core is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * dependency-check-core. If not, see http://www.gnu.org/licenses/.
+ *
+ * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.concurrency;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+/**
+ * A simple task that obtains a lock on a directory. This is used in testing of
+ * the shared and exclusive locks.
+ *
+ * @author Jeremy Long (jeremy.long@owasp.org)
+ */
+public class SpinLockTask implements Runnable {
+
+    DirectorySpinLock lock = null;
+    int holdLockFor;
+    long maxWait;
+    boolean shared;
+    private Exception exception = null;
+
+    /**
+     * Get the value of exception
+     *
+     * @return the value of exception
+     */
+    public Exception getException() {
+        return exception;
+    }
+
+    /**
+     * Set the value of exception
+     *
+     * @param exception new value of exception
+     */
+    public void setException(Exception exception) {
+        this.exception = exception;
+    }
+
+    public SpinLockTask(File directory, int holdLockFor, boolean shared, long maxWait) throws InvalidDirectoryException, DirectoryLockException {
+        this.holdLockFor = holdLockFor;
+        this.shared = shared;
+        this.maxWait = maxWait;
+        lock = new DirectorySpinLock(directory);
+    }
+
+    @Override
+    public void run() {
+        try {
+            lock.obtainLock(shared, maxWait);
+            Thread.sleep(holdLockFor);
+        } catch (DirectoryLockException ex) {
+            exception = ex;
+        } catch (InterruptedException ex) {
+            exception = ex;
+        } finally {
+            if (lock != null) {
+                try {
+                    lock.close();
+                } catch (IOException ex) {
+                    exception = ex;
+                }
+            }
+        }
+    }
+}

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/cpe/BaseIndexTest.java

@@ -0,0 +1,63 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Dependency-check-core is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, either version 3 of the License, or (at your option) any
+ * later version.
+ *
+ * Dependency-check-core is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * dependency-check-core. If not, see http://www.gnu.org/licenses/.
+ *
+ * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.data.cpe;
+
+import org.owasp.dependencycheck.data.cpe.BaseIndex;
+import java.io.File;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+/**
+ *
+ * @author Jeremy Long (jeremy.long@owasp.org)
+ */
+public class BaseIndexTest {
+
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+    }
+
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+    }
+
+    @Before
+    public void setUp() {
+    }
+
+    @After
+    public void tearDown() {
+    }
+
+    /**
+     * Test of getDataDirectory method, of class BaseIndex.
+     *
+     * @throws Exception
+     */
+    @Test
+    public void testGetDataDirectory() throws Exception {
+        String file = BaseIndex.getDataDirectory().getPath();
+        String exp = File.separatorChar + "target" + File.separatorChar + "data" + File.separatorChar + "cpe";
+        assertTrue(file.contains(exp));
+    }
+}

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/cpe/BaseIndexTestCase.java

@@ -18,30 +18,18 @@
  */
 package org.owasp.dependencycheck.data.cpe;
 
-import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-import java.util.zip.ZipEntry;
-import java.util.zip.ZipInputStream;
+import junit.framework.TestCase;
 import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.owasp.dependencycheck.data.nvdcve.BaseDBTestCase;
-import org.owasp.dependencycheck.utils.Settings;
 
 /**
  *
  * @author Jeremy Long (jeremy.long@owasp.org)
  */
-public abstract class BaseIndexTestCase {
-
-    protected static final int BUFFER_SIZE = 2048;
+public abstract class BaseIndexTestCase extends TestCase {
 
     @BeforeClass
     public static void setUpClass() throws Exception {
@@ -52,90 +40,15 @@ public abstract class BaseIndexTestCase {
     }
 
     @Before
+    @Override
     public void setUp() throws Exception {
-        ensureIndexExists();
         BaseDBTestCase.ensureDBExists();
+        super.setUp();
     }
 
     @After
+    @Override
     public void tearDown() throws Exception {
-    }
-
-    protected static File getDataDirectory(Class clazz) throws IOException {
-        final File dataDirectory = Settings.getFile(Settings.KEYS.CPE_DATA_DIRECTORY, clazz);
-        return dataDirectory;
-    }
-
-    public static void ensureIndexExists() throws Exception {
-        ensureIndexExists(BaseIndexTestCase.class);
-    }
-
-    public static void ensureIndexExists(Class clazz) throws Exception {
-        //String indexPath = Settings.getString(Settings.KEYS.CPE_DATA_DIRECTORY);
-        String indexPath = getDataDirectory(clazz).getAbsolutePath();
-        java.io.File f = new File(indexPath);
-
-        if (!f.exists() || (f.isDirectory() && f.listFiles().length == 0)) {
-            f.mkdirs();
-            FileInputStream fis = null;
-            ZipInputStream zin = null;
-            try {
-                File path = new File(BaseIndexTestCase.class.getClassLoader().getResource("index.cpe.zip").getPath());
-                fis = new FileInputStream(path);
-                zin = new ZipInputStream(new BufferedInputStream(fis));
-                ZipEntry entry;
-                while ((entry = zin.getNextEntry()) != null) {
-                    if (entry.isDirectory()) {
-                        continue;
-                    }
-                    FileOutputStream fos = null;
-                    BufferedOutputStream dest = null;
-                    try {
-                        File o = new File(indexPath, entry.getName());
-                        o.createNewFile();
-                        fos = new FileOutputStream(o, false);
-                        dest = new BufferedOutputStream(fos, BUFFER_SIZE);
-                        byte data[] = new byte[BUFFER_SIZE];
-                        int count;
-                        while ((count = zin.read(data, 0, BUFFER_SIZE)) != -1) {
-                            dest.write(data, 0, count);
-                        }
-                    } catch (Exception ex) {
-                        Logger.getLogger(BaseIndexTestCase.class.getName()).log(Level.FINEST, null, ex);
-                    } finally {
-                        if (dest != null) {
-                            try {
-                                dest.flush();
-                                dest.close();
-                            } catch (Throwable ex) {
-                                Logger.getLogger(BaseIndexTestCase.class.getName()).log(Level.FINEST, null, ex);
-                            }
-                        }
-                        if (fos != null) {
-                            try {
-                                fos.close();
-                            } catch (Throwable ex) {
-                                Logger.getLogger(BaseIndexTestCase.class.getName()).log(Level.FINEST, null, ex);
-                            }
-                        }
-                    }
-                }
-            } finally {
-                try {
-                    if (zin != null) {
-                        zin.close();
-                    }
-                } catch (Throwable ex) {
-                    Logger.getLogger(BaseIndexTestCase.class.getName()).log(Level.FINEST, null, ex);
-                }
-                try {
-                    if (fis != null) {
-                        fis.close();
-                    }
-                } catch (Throwable ex) {
-                    Logger.getLogger(BaseIndexTestCase.class.getName()).log(Level.FINEST, null, ex);
-                }
-            }
-        }
+        super.tearDown();
     }
 }

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/cpe/IndexEntryTest.java

@@ -19,6 +19,7 @@
 package org.owasp.dependencycheck.data.cpe;
 
 import org.owasp.dependencycheck.data.cpe.IndexEntry;
+import junit.framework.TestCase;
 import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Before;
@@ -30,7 +31,7 @@ import org.junit.Assert;
  *
  * @author Jeremy Long (jeremy.long@owasp.org)
  */
-public class IndexEntryTest {
+public class IndexEntryTest extends TestCase {
 
     @BeforeClass
     public static void setUpClass() throws Exception {
@@ -41,11 +42,15 @@ public class IndexEntryTest {
     }
 
     @Before
-    public void setUp() {
+    @Override
+    public void setUp() throws Exception {
+        super.setUp();
     }
 
     @After
-    public void tearDown() {
+    @Override
+    public void tearDown() throws Exception {
+        super.tearDown();
     }
 
     /**

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/cpe/IndexTest.java

@@ -1,103 +0,0 @@
-/*
- * This file is part of dependency-check-core.
- *
- * Dependency-check-core is free software: you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the Free
- * Software Foundation, either version 3 of the License, or (at your option) any
- * later version.
- *
- * Dependency-check-core is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
- * details.
- *
- * You should have received a copy of the GNU General Public License along with
- * dependency-check-core. If not, see http://www.gnu.org/licenses/.
- *
- * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
- */
-package org.owasp.dependencycheck.data.cpe;
-
-import org.owasp.dependencycheck.data.cpe.Index;
-import java.io.File;
-import java.io.IOException;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-import org.apache.lucene.document.Document;
-import org.apache.lucene.queryparser.classic.ParseException;
-import org.apache.lucene.search.ScoreDoc;
-import org.apache.lucene.search.TopDocs;
-import org.apache.lucene.store.Directory;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import static org.junit.Assert.*;
-
-/**
- *
- * @author Jeremy Long (jeremy.long@owasp.org)
- */
-public class IndexTest {
-
-    @BeforeClass
-    public static void setUpClass() throws Exception {
-    }
-
-    @AfterClass
-    public static void tearDownClass() throws Exception {
-    }
-
-    @Before
-    public void setUp() {
-    }
-
-    @After
-    public void tearDown() {
-    }
-
-    /**
-     * Test of open method, of class Index.
-     */
-    @Test
-    public void testOpen() {
-        Index instance = new Index();
-        try {
-            instance.open();
-            //TODO research why are we getting multiple documents for the same documentId. is the update method not working?
-//            try {
-//                instance.createSearchingAnalyzer();
-//                TopDocs docs = instance.search("product:( project\\-open )", 20);
-//                for (ScoreDoc d : docs.scoreDocs) {
-//                    final Document doc = instance.getDocument(d.doc);
-//                    String vendor = doc.getField(Fields.VENDOR).stringValue();
-//                    String product = doc.getField(Fields.PRODUCT).stringValue();
-//                    System.out.print(d.doc);
-//                    System.out.print(" : ");
-//                    System.out.print(vendor + ":");
-//                    System.out.println(product);
-//                }
-//            } catch (ParseException ex) {
-//                Logger.getLogger(IndexTest.class.getName()).log(Level.SEVERE, null, ex);
-//            }
-        } catch (IOException ex) {
-            assertNull(ex.getMessage(), ex);
-        }
-        instance.close();
-    }
-
-    /**
-     * Test of getDirectory method, of class Index.
-     *
-     * @throws Exception
-     */
-    @Test
-    public void testGetDirectory() throws Exception {
-        Index index = new Index();
-        Directory result = index.getDirectory();
-
-        String exp = File.separatorChar + "target" + File.separatorChar + "data" + File.separatorChar + "cpe";
-        assertTrue(result.toString().contains(exp));
-    }
-}

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/BaseDBTestCase.java

@@ -30,6 +30,7 @@ import java.util.logging.Logger;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipInputStream;
 import junit.framework.TestCase;
+import org.owasp.dependencycheck.data.update.DataStoreMetaInfo;
 import org.owasp.dependencycheck.utils.Settings;
 
 /**
@@ -46,35 +47,28 @@ public abstract class BaseDBTestCase extends TestCase {
         ensureDBExists();
     }
 
-    protected static File getDataDirectory(Class clazz) throws IOException {
-        final File dataDirectory = Settings.getFile(Settings.KEYS.CVE_DATA_DIRECTORY, clazz);
-        return dataDirectory;
-    }
-
     public static void ensureDBExists() throws Exception {
-        ensureDBExists(BaseDBTestCase.class);
-    }
 
-    public static void ensureDBExists(Class clazz) throws Exception {
-        String indexPath = getDataDirectory(clazz).getAbsolutePath();
-        java.io.File f = new File(indexPath);
-        if (!f.exists() || (f.isDirectory() && f.listFiles().length == 0)) {
-            f.mkdirs();
+        java.io.File dataPath = Settings.getFile(Settings.KEYS.DATA_DIRECTORY);
+        if (!dataPath.exists() || (dataPath.isDirectory() && dataPath.listFiles().length < 3)) {
+            dataPath.mkdirs();
             FileInputStream fis = null;
             ZipInputStream zin = null;
             try {
-                File path = new File(clazz.getClassLoader().getResource("db.cve.zip").getPath());
+                File path = new File(BaseDBTestCase.class.getClassLoader().getResource("data.zip").getPath());
                 fis = new FileInputStream(path);
                 zin = new ZipInputStream(new BufferedInputStream(fis));
                 ZipEntry entry;
                 while ((entry = zin.getNextEntry()) != null) {
                     if (entry.isDirectory()) {
+                        final File d = new File(dataPath, entry.getName());
+                        d.mkdir();
                         continue;
                     }
                     FileOutputStream fos = null;
                     BufferedOutputStream dest = null;
                     try {
-                        File o = new File(indexPath, entry.getName());
+                        File o = new File(dataPath, entry.getName());
                         o.createNewFile();
                         fos = new FileOutputStream(o, false);
                         dest = new BufferedOutputStream(fos, BUFFER_SIZE);
@@ -84,7 +78,7 @@ public abstract class BaseDBTestCase extends TestCase {
                             dest.write(data, 0, count);
                         }
                     } catch (Exception ex) {
-                        Logger.getLogger(BaseDBTestCase.class.getName()).log(Level.FINEST, null, ex);
+                        Logger.getLogger(BaseDBTestCase.class.getName()).log(Level.SEVERE, null, ex);
                     } finally {
                         try {
                             if (dest != null) {

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/NvdCve_1_2_HandlerTest.java

@@ -16,9 +16,9 @@
  *
  * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
  */
-package org.owasp.dependencycheck.data.nvdcve.xml;
+package org.owasp.dependencycheck.data.nvdcve;
 
-import org.owasp.dependencycheck.data.nvdcve.xml.NvdCve12Handler;
+import org.owasp.dependencycheck.data.nvdcve.NvdCve12Handler;
 import java.io.File;
 import java.util.List;
 import java.util.Map;

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/nvdcve/NvdCve_2_0_HandlerTest.java

@@ -16,9 +16,9 @@
  *
  * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
  */
-package org.owasp.dependencycheck.data.nvdcve.xml;
+package org.owasp.dependencycheck.data.nvdcve;
 
-import org.owasp.dependencycheck.data.nvdcve.xml.NvdCve20Handler;
+import org.owasp.dependencycheck.data.nvdcve.NvdCve20Handler;
 import java.io.File;
 import javax.xml.parsers.SAXParser;
 import javax.xml.parsers.SAXParserFactory;

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/DatabaseUpdaterIntegrationTest.java

@@ -16,14 +16,17 @@
  *
  * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
  */
-package org.owasp.dependencycheck.data.nvdcve.xml;
+package org.owasp.dependencycheck.data.update;
 
-import org.owasp.dependencycheck.data.nvdcve.xml.DatabaseUpdater;
+import java.io.File;
+import java.net.URL;
+import org.owasp.dependencycheck.data.update.DatabaseUpdater;
 import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Test;
+import org.owasp.dependencycheck.utils.Settings;
 
 /**
  *

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/DatabaseUpdater_1_Test.java

@@ -0,0 +1,97 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Dependency-check-core is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, either version 3 of the License, or (at your option) any
+ * later version.
+ *
+ * Dependency-check-core is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * dependency-check-core. If not, see http://www.gnu.org/licenses/.
+ *
+ * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.data.update;
+
+import org.owasp.dependencycheck.data.update.DatabaseUpdater;
+import java.io.File;
+import org.apache.commons.io.FileUtils;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.owasp.dependencycheck.utils.Settings;
+
+/**
+ *
+ * @author Jeremy Long (jeremy.long@owasp.org)
+ */
+public class DatabaseUpdater_1_Test {
+
+    public DatabaseUpdater_1_Test() {
+    }
+
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+    }
+
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+    }
+    private String old12;
+    private String old20;
+
+    @Before
+    public void setUp() throws Exception {
+        old12 = Settings.getString(Settings.KEYS.CVE_MODIFIED_12_URL);
+        old20 = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
+
+        File tmp = Settings.getTempDirectory();
+        if (!tmp.exists()) {
+            tmp.mkdirs();
+        }
+
+        File dest = new File(tmp, "data.zip");
+        File file = new File(this.getClass().getClassLoader().getResource("data.zip").toURI());
+        FileUtils.copyFile(file, dest);
+        String path = "file:///" + dest.getCanonicalPath();
+        Settings.setString(Settings.KEYS.BATCH_UPDATE_URL, path);
+
+        dest = new File(tmp, "nvdcve-2012.xml");
+        file = new File(this.getClass().getClassLoader().getResource("nvdcve-2012.xml").toURI());
+        FileUtils.copyFile(file, dest);
+        path = "file:///" + dest.getCanonicalPath();
+        Settings.setString(Settings.KEYS.CVE_MODIFIED_12_URL, path);
+
+        dest = new File(tmp, "nvdcve-2.0-2012.xml");
+        file = new File(this.getClass().getClassLoader().getResource("nvdcve-2.0-2012.xml").toURI());
+        FileUtils.copyFile(file, dest);
+        path = "file:///" + dest.getCanonicalPath();
+        Settings.setString(Settings.KEYS.CVE_MODIFIED_20_URL, path);
+    }
+
+    @After
+    public void tearDown() {
+        Settings.setString(Settings.KEYS.CVE_MODIFIED_12_URL, old12);
+        Settings.setString(Settings.KEYS.CVE_MODIFIED_20_URL, old20);
+        Settings.setString(Settings.KEYS.BATCH_UPDATE_URL, "");
+    }
+
+    /**
+     * Test of update method (when in batch mode), of class DatabaseUpdater.
+     *
+     * @throws Exception
+     */
+    @Test
+    public void testBatchUpdate() throws Exception {
+        DatabaseUpdater instance = new DatabaseUpdater();
+        instance.deleteExistingData();
+        instance.update();
+    }
+}

dependency-check-core/src/test/java/org/owasp/dependencycheck/data/update/DatabaseUpdater_2_Test.java

@@ -0,0 +1,87 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Dependency-check-core is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, either version 3 of the License, or (at your option) any
+ * later version.
+ *
+ * Dependency-check-core is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * dependency-check-core. If not, see http://www.gnu.org/licenses/.
+ *
+ * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.data.update;
+
+import org.owasp.dependencycheck.data.update.DatabaseUpdater;
+import java.io.File;
+import org.apache.commons.io.FileUtils;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.owasp.dependencycheck.utils.Settings;
+
+/**
+ *
+ * @author Jeremy Long (jeremy.long@owasp.org)
+ */
+public class DatabaseUpdater_2_Test {
+
+    public DatabaseUpdater_2_Test() {
+    }
+
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+    }
+
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+    }
+    private String old12;
+    private String old20;
+
+    @Before
+    public void setUp() throws Exception {
+        old12 = Settings.getString(Settings.KEYS.CVE_MODIFIED_12_URL);
+        old20 = Settings.getString(Settings.KEYS.CVE_MODIFIED_20_URL);
+        Settings.removeProperty(Settings.KEYS.CVE_MODIFIED_12_URL);
+        Settings.removeProperty(Settings.KEYS.CVE_MODIFIED_20_URL);
+
+        File tmp = Settings.getTempDirectory();
+        if (!tmp.exists()) {
+            tmp.mkdirs();
+        }
+
+        File dest = new File(tmp, "data.zip");
+        File file = new File(this.getClass().getClassLoader().getResource("data.zip").toURI());
+        FileUtils.copyFile(file, dest);
+        String path = "file:///" + dest.getCanonicalPath();
+        Settings.setString(Settings.KEYS.BATCH_UPDATE_URL, path);
+    }
+
+    @After
+    public void tearDown() {
+        Settings.setString(Settings.KEYS.CVE_MODIFIED_12_URL, old12);
+        Settings.setString(Settings.KEYS.CVE_MODIFIED_20_URL, old20);
+        Settings.removeProperty(Settings.KEYS.BATCH_UPDATE_URL);
+    }
+
+    /**
+     * Test of update method (when in batch mode), of class DatabaseUpdater.
+     *
+     * @throws Exception
+     */
+    @Test
+    public void testBatchUpdateWithoutModified() throws Exception {
+        DatabaseUpdater instance = new DatabaseUpdater();
+        instance.deleteExistingData();
+        instance.update();
+    }
+}

dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/DownloaderTest.java

@@ -0,0 +1,60 @@
+/*
+ * This file is part of dependency-check-core.
+ *
+ * Dependency-check-core is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, either version 3 of the License, or (at your option) any
+ * later version.
+ *
+ * Dependency-check-core is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * dependency-check-core. If not, see http://www.gnu.org/licenses/.
+ *
+ * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
+ */
+package org.owasp.dependencycheck.utils;
+
+import java.io.File;
+import org.owasp.dependencycheck.utils.Downloader;
+import java.net.URL;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+/**
+ *
+ * @author Jeremy Long (jeremy.long@owasp.org)
+ */
+public class DownloaderTest {
+
+    @BeforeClass
+    public static void setUpClass() throws Exception {
+    }
+
+    @AfterClass
+    public static void tearDownClass() throws Exception {
+    }
+
+    @Before
+    public void setUp() {
+    }
+
+    @After
+    public void tearDown() {
+    }
+
+    @Test
+    public void testGetLastModified_file() throws Exception {
+        File f = new File("target/test-classes/nvdcve-2.0-2012.xml");
+        URL url = new URL("file:///" + f.getCanonicalPath());
+        long timestamp = Downloader.getLastModified(url);
+        assertTrue("timestamp equal to zero?", timestamp > 0);
+    }
+}

dependency-check-core/src/test/java/org/owasp/dependencycheck/utils/SettingsTest.java

@@ -73,9 +73,9 @@ public class SettingsTest {
         File result = Settings.getFile(key);
         Assert.assertTrue(result.getAbsolutePath().endsWith(expResult));
 
-        key = "an invalid key!!!";
-        result = Settings.getFile(key, expResult);
-        Assert.assertTrue(result.getAbsolutePath().endsWith(expResult));
+        result = Settings.getFile(Settings.KEYS.DATA_DIRECTORY);
+        String path = result.getPath();
+        Assert.assertTrue(path.endsWith("data") || path.endsWith("data" + File.separator));
     }
 
     /**
@@ -163,4 +163,20 @@ public class SettingsTest {
         boolean result = Settings.getBoolean(key);
         Assert.assertEquals(expResult, result);
     }
+
+    /**
+     * Test of removeProperty method, of class Settings.
+     */
+    @Test
+    public void testRemoveProperty() {
+        String key = "SomeKey";
+        String value = "value";
+        String dfault = "default";
+        Settings.setString(key, value);
+        String ret = Settings.getString(key);
+        Assert.assertEquals(value, ret);
+        Settings.removeProperty(key);
+        ret = Settings.getString(key, dfault);
+        Assert.assertEquals(dfault, ret);
+    }
 }