View Javadoc
1   /*
2    * This file is part of dependency-check-core.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * Copyright (c) 2013 Jeremy Long. All Rights Reserved.
17   */
18  package org.owasp.dependencycheck.analyzer;
19  
20  import org.junit.Before;
21  import org.junit.Test;
22  import org.owasp.dependencycheck.BaseTest;
23  import org.owasp.dependencycheck.Engine;
24  import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
25  import org.owasp.dependencycheck.dependency.Dependency;
26  import org.owasp.dependencycheck.xml.suppression.SuppressionRule;
27  import org.owasp.dependencycheck.utils.Settings;
28  import org.slf4j.LoggerFactory;
29  
30  import java.net.MalformedURLException;
31  import java.net.URISyntaxException;
32  import java.util.List;
33  import java.util.Set;
34  
35  import static org.junit.Assert.assertNull;
36  import static org.junit.Assert.assertTrue;
37  import org.owasp.dependencycheck.exception.InitializationException;
38  
39  /**
40   * @author Jeremy Long
41   */
42  public class AbstractSuppressionAnalyzerTest extends BaseTest {
43  
44      private AbstractSuppressionAnalyzer instance;
45  
46      @Before
47      public void createObjectUnderTest() throws Exception {
48          instance = new AbstractSuppressionAnalyzerImpl();
49      }
50  
51      /**
52       * Test of getSupportedExtensions method, of class
53       * AbstractSuppressionAnalyzer.
54       */
55      @Test
56      public void testGetSupportedExtensions() {
57          Set<String> result = instance.getSupportedExtensions();
58          assertNull(result);
59      }
60  
61      /**
62       * Test of getRules method, of class AbstractSuppressionAnalyzer for
63       * suppression file declared as URL.
64       */
65      @Test
66      public void testGetRulesFromSuppressionFileFromURL() throws Exception {
67          setSupressionFileFromURL();
68          instance.initialize();
69          int expCount = 5;
70          List<SuppressionRule> result = instance.getRules();
71          assertTrue(expCount <= result.size());
72      }
73  
74      /**
75       * Test of getRules method, of class AbstractSuppressionAnalyzer for
76       * suppression file declared as URL.
77       */
78      @Test
79      public void testGetRulesFromSuppressionFileInClasspath() throws Exception {
80          Settings.setString(Settings.KEYS.SUPPRESSION_FILE, "suppressions.xml");
81          instance.initialize();
82          int expCount = 5;
83          int currentSize = instance.getRules().size();
84          assertTrue(expCount <= currentSize);
85      }
86  
87      @Test(expected = InitializationException.class)
88      public void testFailureToLocateSuppressionFileAnywhere() throws Exception {
89          Settings.setString(Settings.KEYS.SUPPRESSION_FILE, "doesnotexist.xml");
90          instance.initialize();
91      }
92  
93      private void setSupressionFileFromURL() throws Exception {
94          try {
95              final String uri = this.getClass().getClassLoader().getResource("suppressions.xml").toURI().toURL().toString();
96              Settings.setString(Settings.KEYS.SUPPRESSION_FILE, uri);
97          } catch (URISyntaxException ex) {
98              LoggerFactory.getLogger(AbstractSuppressionAnalyzerTest.class).error("", ex);
99          } catch (MalformedURLException ex) {
100             LoggerFactory.getLogger(AbstractSuppressionAnalyzerTest.class).error("", ex);
101         }
102     }
103 
104     public class AbstractSuppressionAnalyzerImpl extends AbstractSuppressionAnalyzer {
105 
106         @Override
107         public void analyzeDependency(Dependency dependency, Engine engine) throws AnalysisException {
108             throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
109         }
110 
111         @Override
112         public String getName() {
113             throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
114         }
115 
116         @Override
117         public AnalysisPhase getAnalysisPhase() {
118             throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
119         }
120 
121         @Override
122         protected String getAnalyzerEnabledSettingKey() {
123             return "unknown";
124         }
125     }
126 
127 }