1 /* 2 * This file is part of dependency-check-core. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 * 16 * Copyright (c) 2013 Jeremy Long. All Rights Reserved. 17 */ 18 package org.owasp.dependencycheck.dependency; 19 20 import java.io.File; 21 import java.util.HashSet; 22 import java.util.Set; 23 24 import static org.junit.Assert.assertEquals; 25 import static org.junit.Assert.assertFalse; 26 import static org.junit.Assert.assertNotNull; 27 import static org.junit.Assert.assertTrue; 28 29 import org.junit.Test; 30 import org.owasp.dependencycheck.BaseTest; 31 import org.owasp.dependencycheck.data.nexus.MavenArtifact; 32 33 /** 34 * 35 * @author Jeremy Long 36 */ 37 public class DependencyTest extends BaseTest { 38 39 /** 40 * Test of getFileName method, of class Dependency. 41 */ 42 @Test testGetFileName()43 public void testGetFileName() { 44 Dependency instance = new Dependency(); 45 String expResult = "filename"; 46 instance.setFileName(expResult); 47 String result = instance.getFileName(); 48 assertEquals(expResult, result); 49 } 50 51 /** 52 * Test of setFileName method, of class Dependency. 53 */ 54 @Test testSetFileName()55 public void testSetFileName() { 56 String fileName = "file.tar"; 57 Dependency instance = new Dependency(); 58 instance.setFileName(fileName); 59 assertEquals(fileName, instance.getFileName()); 60 } 61 62 /** 63 * Test of setActualFilePath method, of class Dependency. 64 */ 65 @Test testSetActualFilePath()66 public void testSetActualFilePath() { 67 String actualFilePath = "file.tar"; 68 Dependency instance = new Dependency(); 69 instance.setSha1sum("non-null value"); 70 instance.setActualFilePath(actualFilePath); 71 assertEquals(actualFilePath, instance.getActualFilePath()); 72 } 73 74 /** 75 * Test of getActualFilePath method, of class Dependency. 76 */ 77 @Test testGetActualFilePath()78 public void testGetActualFilePath() { 79 Dependency instance = new Dependency(); 80 String expResult = "file.tar"; 81 instance.setSha1sum("non-null value"); 82 instance.setActualFilePath(expResult); 83 String result = instance.getActualFilePath(); 84 assertEquals(expResult, result); 85 } 86 87 /** 88 * Test of setFilePath method, of class Dependency. 89 */ 90 @Test testSetFilePath()91 public void testSetFilePath() { 92 String filePath = "file.tar"; 93 Dependency instance = new Dependency(); 94 instance.setFilePath(filePath); 95 assertEquals(filePath, instance.getFilePath()); 96 } 97 98 /** 99 * Test of getFilePath method, of class Dependency. 100 */ 101 @Test testGetFilePath()102 public void testGetFilePath() { 103 Dependency instance = new Dependency(); 104 String expResult = "file.tar"; 105 instance.setFilePath(expResult); 106 String result = instance.getFilePath(); 107 assertEquals(expResult, result); 108 } 109 110 /** 111 * Test of getMd5sum method, of class Dependency. 112 */ 113 @Test testGetMd5sum()114 public void testGetMd5sum() { 115 //File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath()); 116 File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar"); 117 118 Dependency instance = new Dependency(file); 119 //assertEquals("89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B", result.getSha1sum()); 120 //String expResult = "C30B57142E1CCBC1EFD5CD15F307358F"; 121 String expResult = "c30b57142e1ccbc1efd5cd15f307358f"; 122 String result = instance.getMd5sum(); 123 assertEquals(expResult, result); 124 } 125 126 /** 127 * Test of setMd5sum method, of class Dependency. 128 */ 129 @Test testSetMd5sum()130 public void testSetMd5sum() { 131 String md5sum = "test"; 132 Dependency instance = new Dependency(); 133 instance.setMd5sum(md5sum); 134 assertEquals(md5sum, instance.getMd5sum()); 135 } 136 137 /** 138 * Test of getSha1sum method, of class Dependency. 139 */ 140 @Test testGetSha1sum()141 public void testGetSha1sum() { 142 //File file = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath()); 143 File file = BaseTest.getResourceAsFile(this, "struts2-core-2.1.2.jar"); 144 Dependency instance = new Dependency(file); 145 //String expResult = "89CE9E36AA9A9E03F1450936D2F4F8DD0F961F8B"; 146 String expResult = "89ce9e36aa9a9e03f1450936d2f4f8dd0f961f8b"; 147 String result = instance.getSha1sum(); 148 assertEquals(expResult, result); 149 } 150 151 /** 152 * Test of setSha1sum method, of class Dependency. 153 */ 154 @Test testSetSha1sum()155 public void testSetSha1sum() { 156 String sha1sum = "test"; 157 Dependency instance = new Dependency(); 158 instance.setSha1sum(sha1sum); 159 assertEquals(sha1sum, instance.getSha1sum()); 160 } 161 162 /** 163 * Test of getIdentifiers method, of class Dependency. 164 */ 165 @Test testGetIdentifiers()166 public void testGetIdentifiers() { 167 Dependency instance = new Dependency(); 168 Set<Identifier> result = instance.getIdentifiers(); 169 170 assertNotNull(result); 171 } 172 173 /** 174 * Test of setIdentifiers method, of class Dependency. 175 */ 176 @Test testSetIdentifiers()177 public void testSetIdentifiers() { 178 Set<Identifier> identifiers = new HashSet<>(); 179 Dependency instance = new Dependency(); 180 instance.addIdentifiers(identifiers); 181 assertNotNull(instance.getIdentifiers()); 182 } 183 184 /** 185 * Test of addIdentifier method, of class Dependency. 186 */ 187 @Test testAddIdentifier()188 public void testAddIdentifier() { 189 String type = "cpe"; 190 String value = "cpe:/a:apache:struts:2.1.2"; 191 String url = "http://somewhere"; 192 Identifier expResult = new Identifier(type, value, url); 193 194 Dependency instance = new Dependency(); 195 instance.addIdentifier(type, value, url); 196 assertEquals(1, instance.getIdentifiers().size()); 197 assertTrue("Identifier doesn't contain expected result.", instance.getIdentifiers().contains(expResult)); 198 } 199 200 /** 201 * Test of getEvidence method, of class Dependency. 202 */ 203 @Test testGetEvidence()204 public void testGetEvidence() { 205 Dependency instance = new Dependency(); 206 Set<Evidence> result = instance.getEvidence(EvidenceType.VENDOR); 207 assertNotNull(result); 208 result = instance.getEvidence(EvidenceType.PRODUCT); 209 assertNotNull(result); 210 result = instance.getEvidence(EvidenceType.VERSION); 211 assertNotNull(result); 212 } 213 214 /** 215 * Test of addAsEvidence method, of class Dependency. 216 */ 217 @Test testAddAsEvidence()218 public void testAddAsEvidence() { 219 Dependency instance = new Dependency(); 220 MavenArtifact mavenArtifact = new MavenArtifact("group", "artifact", "version", "url"); 221 instance.addAsEvidence("pom", mavenArtifact, Confidence.HIGH); 222 assertTrue(instance.contains(EvidenceType.VENDOR, Confidence.HIGH)); 223 assertTrue(instance.size() > 1); 224 assertFalse(instance.getIdentifiers().isEmpty()); 225 } 226 227 /** 228 * Test of addAsEvidence method, of class Dependency. 229 */ 230 @Test testAddAsEvidenceWithEmptyArtefact()231 public void testAddAsEvidenceWithEmptyArtefact() { 232 Dependency instance = new Dependency(); 233 MavenArtifact mavenArtifact = new MavenArtifact(null, null, null, null); 234 instance.addAsEvidence("pom", mavenArtifact, Confidence.HIGH); 235 assertFalse(instance.getEvidence(EvidenceType.VENDOR).contains(Confidence.HIGH)); 236 assertTrue(instance.size() == 0); 237 assertTrue(instance.getIdentifiers().isEmpty()); 238 } 239 } 240