View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2012 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck;
19  
20  import java.io.IOException;
21  import java.util.logging.Level;
22  import java.util.logging.Logger;
23  import static org.junit.Assert.assertTrue;
24  
25  import org.junit.Test;
26  import org.owasp.dependencycheck.data.nvdcve.CveDB;
27  import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
28  import org.owasp.dependencycheck.data.nvdcve.DatabaseProperties;
29  import org.owasp.dependencycheck.exception.ExceptionCollection;
30  import org.owasp.dependencycheck.exception.ReportException;
31  import org.owasp.dependencycheck.reporting.ReportGenerator;
32  import org.owasp.dependencycheck.utils.InvalidSettingException;
33  import org.owasp.dependencycheck.utils.Settings;
34  
35  /**
36   *
37   * @author Jeremy Long
38   */
39  public class EngineIntegrationTest extends BaseDBTestCase {
40  
41      /**
42       * Test running the entire engine.
43       *
44       * @throws java.io.IOException
45       * @throws org.owasp.dependencycheck.utils.InvalidSettingException
46       * @throws org.owasp.dependencycheck.data.nvdcve.DatabaseException
47       * @throws org.owasp.dependencycheck.exception.ReportException
48       * @throws org.owasp.dependencycheck.exception.ExceptionCollection
49       */
50      @Test
51      public void testEngine() throws IOException, InvalidSettingException, DatabaseException, ReportException, ExceptionCollection {
52          String testClasses = "target/test-classes";
53          boolean autoUpdate = Settings.getBoolean(Settings.KEYS.AUTO_UPDATE);
54          Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, false);
55          Engine instance = new Engine();
56          Settings.setBoolean(Settings.KEYS.AUTO_UPDATE, autoUpdate);
57          instance.scan(testClasses);
58          assertTrue(instance.getDependencies().size() > 0);
59          try {
60              instance.analyzeDependencies();
61          } catch (ExceptionCollection ex) {
62              if (ex.getExceptions().size()==1 &&
63                      (ex.getExceptions().get(0).getMessage().contains("bundle-audit") ||
64                      ex.getExceptions().get(0).getMessage().contains("AssemblyAnalyzer"))) {
65                  //this is fine to ignore
66              } else if (ex.getExceptions().size()==2 &&
67                      ((ex.getExceptions().get(0).getMessage().contains("bundle-audit") &&
68                      ex.getExceptions().get(1).getMessage().contains("AssemblyAnalyzer")) ||
69                      (ex.getExceptions().get(1).getMessage().contains("bundle-audit") &&
70                      ex.getExceptions().get(0).getMessage().contains("AssemblyAnalyzer")))) {
71                  //this is fine to ignore
72              } else {
73                  throw ex;
74              }
75          }
76          CveDB cveDB = new CveDB();
77          cveDB.open();
78          DatabaseProperties dbProp = cveDB.getDatabaseProperties();
79          cveDB.close();
80          ReportGenerator rg = new ReportGenerator("DependencyCheck", instance.getDependencies(), instance.getAnalyzers(), dbProp);
81          rg.generateReports("./target/", "ALL");
82          instance.cleanup();
83      }
84  }