| Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
| DatabaseProperties |
|
| 1.7777777777777777;1.778 |
| 1 | /* | |
| 2 | * This file is part of dependency-check-core. | |
| 3 | * | |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
| 5 | * you may not use this file except in compliance with the License. | |
| 6 | * You may obtain a copy of the License at | |
| 7 | * | |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 | |
| 9 | * | |
| 10 | * Unless required by applicable law or agreed to in writing, software | |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, | |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| 13 | * See the License for the specific language governing permissions and | |
| 14 | * limitations under the License. | |
| 15 | * | |
| 16 | * Copyright (c) 2013 Jeremy Long. All Rights Reserved. | |
| 17 | */ | |
| 18 | package org.owasp.dependencycheck.data.nvdcve; | |
| 19 | ||
| 20 | import java.text.DateFormat; | |
| 21 | import java.text.SimpleDateFormat; | |
| 22 | import java.util.Date; | |
| 23 | import java.util.Map; | |
| 24 | import java.util.Map.Entry; | |
| 25 | import java.util.Properties; | |
| 26 | import java.util.TreeMap; | |
| 27 | import org.owasp.dependencycheck.data.update.nvd.NvdCveInfo; | |
| 28 | import org.owasp.dependencycheck.data.update.exception.UpdateException; | |
| 29 | import org.slf4j.Logger; | |
| 30 | import org.slf4j.LoggerFactory; | |
| 31 | ||
| 32 | /** | |
| 33 | * This is a wrapper around a set of properties that are stored in the database. | |
| 34 | * | |
| 35 | * @author Jeremy Long | |
| 36 | */ | |
| 37 | public class DatabaseProperties { | |
| 38 | ||
| 39 | /** | |
| 40 | * The Logger. | |
| 41 | */ | |
| 42 | 1 | private static final Logger LOGGER = LoggerFactory.getLogger(DatabaseProperties.class); |
| 43 | /** | |
| 44 | * Modified key word, used as a key to store information about the modified file (i.e. the containing the last 8 days of | |
| 45 | * updates).. | |
| 46 | */ | |
| 47 | public static final String MODIFIED = "Modified"; | |
| 48 | /** | |
| 49 | * The properties file key for the last checked field - used to store the last check time of the Modified NVD CVE xml file. | |
| 50 | */ | |
| 51 | public static final String LAST_CHECKED = "NVD CVE Checked"; | |
| 52 | /** | |
| 53 | * The properties file key for the last updated field - used to store the last updated time of the Modified NVD CVE xml file. | |
| 54 | */ | |
| 55 | public static final String LAST_UPDATED = "NVD CVE Modified"; | |
| 56 | /** | |
| 57 | * Stores the last updated time for each of the NVD CVE files. These timestamps should be updated if we process the modified | |
| 58 | * file within 7 days of the last update. | |
| 59 | */ | |
| 60 | public static final String LAST_UPDATED_BASE = "NVD CVE "; | |
| 61 | /** | |
| 62 | * The key for the last time the CPE data was updated. | |
| 63 | */ | |
| 64 | public static final String LAST_CPE_UPDATE = "LAST_CPE_UPDATE"; | |
| 65 | /** | |
| 66 | * The key for the database schema version. | |
| 67 | */ | |
| 68 | public static final String VERSION = "version"; | |
| 69 | ||
| 70 | /** | |
| 71 | * A collection of properties about the data. | |
| 72 | */ | |
| 73 | private Properties properties; | |
| 74 | /** | |
| 75 | * A reference to the database. | |
| 76 | */ | |
| 77 | private CveDB cveDB; | |
| 78 | ||
| 79 | /** | |
| 80 | * Constructs a new data properties object. | |
| 81 | * | |
| 82 | * @param cveDB the database object holding the properties | |
| 83 | */ | |
| 84 | 6 | DatabaseProperties(CveDB cveDB) { |
| 85 | 6 | this.cveDB = cveDB; |
| 86 | 6 | loadProperties(); |
| 87 | 6 | } |
| 88 | ||
| 89 | /** | |
| 90 | * Loads the properties from the database. | |
| 91 | */ | |
| 92 | private void loadProperties() { | |
| 93 | 6 | this.properties = cveDB.getProperties(); |
| 94 | 6 | } |
| 95 | ||
| 96 | /** | |
| 97 | * Returns whether or not any properties are set. | |
| 98 | * | |
| 99 | * @return whether or not any properties are set | |
| 100 | */ | |
| 101 | public boolean isEmpty() { | |
| 102 | 0 | return properties == null || properties.isEmpty(); |
| 103 | } | |
| 104 | ||
| 105 | /** | |
| 106 | * Saves the last updated information to the properties file. | |
| 107 | * | |
| 108 | * @param updatedValue the updated NVD CVE entry | |
| 109 | * @throws UpdateException is thrown if there is an update exception | |
| 110 | */ | |
| 111 | public void save(NvdCveInfo updatedValue) throws UpdateException { | |
| 112 | 0 | if (updatedValue == null) { |
| 113 | 0 | return; |
| 114 | } | |
| 115 | 0 | save(LAST_UPDATED_BASE + updatedValue.getId(), String.valueOf(updatedValue.getTimestamp())); |
| 116 | 0 | } |
| 117 | ||
| 118 | /** | |
| 119 | * Saves the key value pair to the properties store. | |
| 120 | * | |
| 121 | * @param key the property key | |
| 122 | * @param value the property value | |
| 123 | * @throws UpdateException is thrown if there is an update exception | |
| 124 | */ | |
| 125 | public void save(String key, String value) throws UpdateException { | |
| 126 | 0 | properties.put(key, value); |
| 127 | 0 | cveDB.saveProperty(key, value); |
| 128 | 0 | } |
| 129 | ||
| 130 | /** | |
| 131 | * Returns the property value for the given key. If the key is not contained in the underlying properties null is returned. | |
| 132 | * | |
| 133 | * @param key the property key | |
| 134 | * @return the value of the property | |
| 135 | */ | |
| 136 | public String getProperty(String key) { | |
| 137 | 0 | return properties.getProperty(key); |
| 138 | } | |
| 139 | ||
| 140 | /** | |
| 141 | * Returns the property value for the given key. If the key is not contained in the underlying properties the default value is | |
| 142 | * returned. | |
| 143 | * | |
| 144 | * @param key the property key | |
| 145 | * @param defaultValue the default value | |
| 146 | * @return the value of the property | |
| 147 | */ | |
| 148 | public String getProperty(String key, String defaultValue) { | |
| 149 | 0 | return properties.getProperty(key, defaultValue); |
| 150 | } | |
| 151 | ||
| 152 | /** | |
| 153 | * Returns the collection of Database Properties as a properties collection. | |
| 154 | * | |
| 155 | * @return the collection of Database Properties | |
| 156 | */ | |
| 157 | public Properties getProperties() { | |
| 158 | 1 | return properties; |
| 159 | } | |
| 160 | ||
| 161 | /** | |
| 162 | * Returns a map of the meta data from the database properties. This primarily contains timestamps of when the NVD CVE | |
| 163 | * information was last updated. | |
| 164 | * | |
| 165 | * @return a map of the database meta data | |
| 166 | */ | |
| 167 | public Map<String, String> getMetaData() { | |
| 168 | 0 | final Map<String, String> map = new TreeMap<String, String>(); |
| 169 | 0 | for (Entry<Object, Object> entry : properties.entrySet()) { |
| 170 | 0 | final String key = (String) entry.getKey(); |
| 171 | 0 | if (!"version".equals(key)) { |
| 172 | 0 | if (key.startsWith("NVD CVE ")) { |
| 173 | try { | |
| 174 | 0 | final long epoch = Long.parseLong((String) entry.getValue()); |
| 175 | 0 | final Date date = new Date(epoch); |
| 176 | 0 | final DateFormat format = new SimpleDateFormat("dd/MM/yyyy HH:mm:ss"); |
| 177 | 0 | final String formatted = format.format(date); |
| 178 | 0 | map.put(key, formatted); |
| 179 | 0 | } catch (Throwable ex) { //deliberately being broad in this catch clause |
| 180 | 0 | LOGGER.debug("Unable to parse timestamp from DB", ex); |
| 181 | 0 | map.put(key, (String) entry.getValue()); |
| 182 | 0 | } |
| 183 | } else { | |
| 184 | 0 | map.put(key, (String) entry.getValue()); |
| 185 | } | |
| 186 | } | |
| 187 | 0 | } |
| 188 | 0 | return map; |
| 189 | } | |
| 190 | } |