Merge branch '9-perform-cleaning-code' into 'master'
Resolve "Perform cleaning code" Closes #9 See merge request bartlomiej.pluta/esa-tool!9
This commit is contained in:
Bartłomiej Pluta
@@ -4,7 +4,6 @@ import com.bartek.esa.analyser.apk.ApkAnalyser;
|
||||
import com.bartek.esa.analyser.source.SourceAnalyser;
|
||||
import com.bartek.esa.cli.model.CliArgsOptions;
|
||||
import com.bartek.esa.cli.parser.CliArgsParser;
|
||||
import com.bartek.esa.core.model.enumeration.Severity;
|
||||
import com.bartek.esa.core.model.object.Issue;
|
||||
import com.bartek.esa.di.DaggerDependencyInjector;
|
||||
import com.bartek.esa.dispatcher.dispatcher.MethodDispatcher;
|
||||
@@ -12,7 +11,7 @@ import com.bartek.esa.dispatcher.model.DispatcherActions;
|
||||
import com.bartek.esa.formatter.provider.FormatterProvider;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
public class EsaMain {
|
||||
private final CliArgsParser cliArgsParser;
|
||||
@@ -37,14 +36,14 @@ public class EsaMain {
|
||||
.build();
|
||||
|
||||
CliArgsOptions options = cliArgsParser.parse(args);
|
||||
List<Issue> issues = methodDispatcher.dispatchMethod(options, dispatcherActions);
|
||||
Set<Issue> issues = methodDispatcher.dispatchMethod(options, dispatcherActions);
|
||||
formatterProvider.provide(options).format(issues);
|
||||
|
||||
exitWithErrorIfAnyIssueIsAnError(issues);
|
||||
}
|
||||
|
||||
private void exitWithErrorIfAnyIssueIsAnError(List<Issue> issues) {
|
||||
if(issues.stream().anyMatch(i -> i.getSeverity() == Severity.ERROR)) {
|
||||
private void exitWithErrorIfAnyIssueIsAnError(Set<Issue> issues) {
|
||||
if(issues.stream().anyMatch(i -> i.getSeverity().isExitWithError())) {
|
||||
System.exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,6 +4,9 @@ import com.bartek.esa.analyser.core.Analyser;
|
||||
import com.bartek.esa.core.archetype.Plugin;
|
||||
import com.bartek.esa.core.executor.PluginExecutor;
|
||||
import com.bartek.esa.decompiler.decompiler.Decompiler;
|
||||
import com.bartek.esa.error.EsaException;
|
||||
import com.bartek.esa.file.cleaner.FileCleaner;
|
||||
import com.bartek.esa.file.matcher.GlobMatcher;
|
||||
import com.bartek.esa.file.provider.FileProvider;
|
||||
|
||||
import java.io.File;
|
||||
@@ -15,17 +18,29 @@ public class ApkAnalyser extends Analyser {
|
||||
private static final String LAYOUT_GLOB = "**/" + Decompiler.XML_FILES_DIR + "/**/layout*/*.xml";
|
||||
|
||||
private final Decompiler decompiler;
|
||||
private final FileCleaner fileCleaner;
|
||||
private final GlobMatcher globMatcher;
|
||||
|
||||
public ApkAnalyser(PluginExecutor pluginExecutor, Set<Plugin> plugins, FileProvider fileProvider, Decompiler decompiler) {
|
||||
public ApkAnalyser(PluginExecutor pluginExecutor, Set<Plugin> plugins, FileProvider fileProvider, Decompiler decompiler, FileCleaner fileCleaner, GlobMatcher globMatcher) {
|
||||
super(pluginExecutor, plugins, fileProvider);
|
||||
this.decompiler = decompiler;
|
||||
this.fileCleaner = fileCleaner;
|
||||
this.globMatcher = globMatcher;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String prepareSources(String source) {
|
||||
checkIfSourceIsApkFile(source);
|
||||
System.out.println("Decompiling APK...");
|
||||
return decompiler.decompile(new File(source)).getAbsolutePath();
|
||||
}
|
||||
|
||||
private void checkIfSourceIsApkFile(String source) {
|
||||
if (!globMatcher.fileMatchesGlobPattern(new File(source), "**/*.apk")) {
|
||||
throw new EsaException("Provided source is not *.apk file. Interrupting...");
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String getAndroidManifestGlob() {
|
||||
return ANDROID_MANIFEST_GLOB;
|
||||
@@ -40,4 +55,9 @@ public class ApkAnalyser extends Analyser {
|
||||
protected String getLayoutGlob() {
|
||||
return LAYOUT_GLOB;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void performCleaning(String source) {
|
||||
fileCleaner.deleteRecursively(new File(source));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,7 +8,6 @@ import com.bartek.esa.file.provider.FileProvider;
|
||||
|
||||
import java.io.File;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
@@ -25,13 +24,15 @@ public abstract class Analyser {
|
||||
this.fileProvider = fileProvider;
|
||||
}
|
||||
|
||||
public List<Issue> analyse(String source, Set<String> pluginCodes, Set<String> excludeCodes) {
|
||||
public Set<Issue> analyse(String source, Set<String> pluginCodes, Set<String> excludeCodes) {
|
||||
String newSource = prepareSources(source);
|
||||
File manifest = getManifest(newSource);
|
||||
Set<File> files = getFiles(newSource);
|
||||
Set<Plugin> selectedPlugins = getPlugins(pluginCodes, excludeCodes);
|
||||
|
||||
return pluginExecutor.executeForFiles(manifest, files, selectedPlugins);
|
||||
Set<Issue> issues = pluginExecutor.executeForFiles(manifest, files, selectedPlugins);
|
||||
performCleaning(newSource);
|
||||
return issues;
|
||||
}
|
||||
|
||||
protected abstract String prepareSources(String source);
|
||||
@@ -42,6 +43,8 @@ public abstract class Analyser {
|
||||
|
||||
protected abstract String getLayoutGlob();
|
||||
|
||||
protected abstract void performCleaning(String source);
|
||||
|
||||
|
||||
private File getManifest(String source) {
|
||||
Set<File> manifests = fileProvider.getGlobMatchedFiles(source, getAndroidManifestGlob());
|
||||
|
||||
@@ -5,6 +5,8 @@ import com.bartek.esa.analyser.source.SourceAnalyser;
|
||||
import com.bartek.esa.core.archetype.Plugin;
|
||||
import com.bartek.esa.core.executor.PluginExecutor;
|
||||
import com.bartek.esa.decompiler.decompiler.Decompiler;
|
||||
import com.bartek.esa.file.cleaner.FileCleaner;
|
||||
import com.bartek.esa.file.matcher.GlobMatcher;
|
||||
import com.bartek.esa.file.provider.FileProvider;
|
||||
import dagger.Module;
|
||||
import dagger.Provides;
|
||||
@@ -20,7 +22,7 @@ public class AnalyserModule {
|
||||
}
|
||||
|
||||
@Provides
|
||||
public ApkAnalyser apkAnalyser(PluginExecutor pluginExecutor, Set<Plugin> plugins, FileProvider fileProvider, Decompiler decompiler) {
|
||||
return new ApkAnalyser(pluginExecutor, plugins, fileProvider, decompiler);
|
||||
public ApkAnalyser apkAnalyser(PluginExecutor pluginExecutor, Set<Plugin> plugins, FileProvider fileProvider, Decompiler decompiler, FileCleaner fileCleaner, GlobMatcher globMatcher) {
|
||||
return new ApkAnalyser(pluginExecutor, plugins, fileProvider, decompiler, fileCleaner, globMatcher);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,8 +3,10 @@ package com.bartek.esa.analyser.source;
|
||||
import com.bartek.esa.analyser.core.Analyser;
|
||||
import com.bartek.esa.core.archetype.Plugin;
|
||||
import com.bartek.esa.core.executor.PluginExecutor;
|
||||
import com.bartek.esa.error.EsaException;
|
||||
import com.bartek.esa.file.provider.FileProvider;
|
||||
|
||||
import java.io.File;
|
||||
import java.util.Set;
|
||||
|
||||
public class SourceAnalyser extends Analyser {
|
||||
@@ -18,9 +20,16 @@ public class SourceAnalyser extends Analyser {
|
||||
|
||||
@Override
|
||||
protected String prepareSources(String source) {
|
||||
checkIfSourceIsDirectory(source);
|
||||
return source;
|
||||
}
|
||||
|
||||
private void checkIfSourceIsDirectory(String source) {
|
||||
if (!new File(source).isDirectory()) {
|
||||
throw new EsaException("Provided source is not a directory. Interrupting...");
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String getAndroidManifestGlob() {
|
||||
return ANDROID_MANIFEST_GLOB;
|
||||
@@ -35,4 +44,9 @@ public class SourceAnalyser extends Analyser {
|
||||
protected String getLayoutGlob() {
|
||||
return LAYOUT_GLOB;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void performCleaning(String source) {
|
||||
// do nothing
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,11 +5,11 @@ import com.bartek.esa.core.model.object.Issue;
|
||||
import org.w3c.dom.Document;
|
||||
|
||||
import java.io.File;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
public abstract class BasePlugin implements Plugin {
|
||||
private List<Issue> issues = new ArrayList<>();
|
||||
private Set<Issue> issues = new HashSet<>();
|
||||
private Document manifest;
|
||||
private File file;
|
||||
|
||||
@@ -21,7 +21,7 @@ public abstract class BasePlugin implements Plugin {
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<Issue> runForIssues() {
|
||||
public Set<Issue> runForIssues() {
|
||||
run(file);
|
||||
return issues;
|
||||
}
|
||||
@@ -45,6 +45,10 @@ public abstract class BasePlugin implements Plugin {
|
||||
issues.add(issue);
|
||||
}
|
||||
|
||||
protected void addIssue(Issue issue) {
|
||||
issues.add(issue);
|
||||
}
|
||||
|
||||
protected File getOriginalFile() {
|
||||
return file;
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package com.bartek.esa.core.archetype;
|
||||
|
||||
import com.bartek.esa.core.model.enumeration.Severity;
|
||||
import com.bartek.esa.core.model.object.Issue;
|
||||
import com.bartek.esa.core.xml.XmlHelper;
|
||||
import com.bartek.esa.error.EsaException;
|
||||
import com.bartek.esa.file.matcher.GlobMatcher;
|
||||
@@ -43,7 +44,14 @@ public abstract class JavaPlugin extends BasePlugin {
|
||||
Node packageValue = root.getAttributes().getNamedItem("package");
|
||||
|
||||
if(packageValue == null) {
|
||||
addIssue(Severity.ERROR, ".PACKAGE_LACK", null, null);
|
||||
Issue issue = Issue.builder()
|
||||
.issuer(JavaPlugin.class)
|
||||
.descriptionCode(".NO_PACKAGE")
|
||||
.severity(Severity.ERROR)
|
||||
.build();
|
||||
|
||||
addIssue(issue);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@@ -4,10 +4,10 @@ import com.bartek.esa.core.model.object.Issue;
|
||||
import org.w3c.dom.Document;
|
||||
|
||||
import java.io.File;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
public interface Plugin {
|
||||
boolean supports(File file);
|
||||
void update(File file, Document manifest);
|
||||
List<Issue> runForIssues();
|
||||
Set<Issue> runForIssues();
|
||||
}
|
||||
|
||||
@@ -7,10 +7,9 @@ import org.w3c.dom.Document;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import java.io.File;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import static java.util.stream.Collectors.toList;
|
||||
import static java.util.stream.Collectors.toSet;
|
||||
|
||||
public class PluginExecutor {
|
||||
private final XmlHelper xmlHelper;
|
||||
@@ -20,20 +19,20 @@ public class PluginExecutor {
|
||||
this.xmlHelper = xmlHelper;
|
||||
}
|
||||
|
||||
public List<Issue> executeForFiles(File manifest, Set<File> files, Set<Plugin> plugins) {
|
||||
public Set<Issue> executeForFiles(File manifest, Set<File> files, Set<Plugin> plugins) {
|
||||
return files.stream()
|
||||
.map(file -> executeForFile(manifest, file, plugins))
|
||||
.flatMap(List::stream)
|
||||
.collect(toList());
|
||||
.flatMap(Set::stream)
|
||||
.collect(toSet());
|
||||
}
|
||||
|
||||
private List<Issue> executeForFile(File manifest, File file, Set<Plugin> plugins) {
|
||||
private Set<Issue> executeForFile(File manifest, File file, Set<Plugin> plugins) {
|
||||
Document xmlManifest = xmlHelper.parseXml(manifest);
|
||||
return plugins.stream()
|
||||
.peek(plugin -> plugin.update(file, xmlManifest))
|
||||
.filter(plugin -> plugin.supports(file))
|
||||
.map(Plugin::runForIssues)
|
||||
.flatMap(List::stream)
|
||||
.collect(toList());
|
||||
.flatMap(Set::stream)
|
||||
.collect(toSet());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,17 @@
|
||||
package com.bartek.esa.core.model.enumeration;
|
||||
|
||||
import lombok.Getter;
|
||||
|
||||
@Getter
|
||||
public enum Severity {
|
||||
WARNING,
|
||||
ERROR
|
||||
INFO(false),
|
||||
WARNING(false),
|
||||
ERROR(true),
|
||||
VULNERABILITY(true);
|
||||
|
||||
private final boolean exitWithError;
|
||||
|
||||
Severity(boolean exitWithError) {
|
||||
this.exitWithError = exitWithError;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,7 +6,7 @@ import com.bartek.esa.dispatcher.model.DispatcherActions;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
public class MethodDispatcher {
|
||||
|
||||
@@ -15,7 +15,7 @@ public class MethodDispatcher {
|
||||
|
||||
}
|
||||
|
||||
public List<Issue> dispatchMethod(CliArgsOptions options, DispatcherActions actions) {
|
||||
public Set<Issue> dispatchMethod(CliArgsOptions options, DispatcherActions actions) {
|
||||
if(options.isSourceAnalysis()) {
|
||||
return actions.getSourceAnalysis().perform(
|
||||
options.getSourceAnalysisDirectory(),
|
||||
@@ -32,6 +32,6 @@ public class MethodDispatcher {
|
||||
);
|
||||
}
|
||||
|
||||
return Collections.emptyList();
|
||||
return Collections.emptySet();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,11 +2,10 @@ package com.bartek.esa.dispatcher.model;
|
||||
|
||||
import com.bartek.esa.core.model.object.Issue;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
@FunctionalInterface
|
||||
public interface Action {
|
||||
|
||||
List<Issue> perform(String source, Set<String> plugins, Set<String> excludes);
|
||||
Set<Issue> perform(String source, Set<String> plugins, Set<String> excludes);
|
||||
}
|
||||
|
||||
@@ -2,8 +2,8 @@ package com.bartek.esa.formatter.archetype;
|
||||
|
||||
import com.bartek.esa.core.model.object.Issue;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
public interface Formatter {
|
||||
void format(List<Issue> issues);
|
||||
void format(Set<Issue> issues);
|
||||
}
|
||||
|
||||
@@ -7,8 +7,9 @@ import org.fusesource.jansi.Ansi;
|
||||
import org.fusesource.jansi.AnsiConsole;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import java.util.List;
|
||||
import java.util.Arrays;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import static org.fusesource.jansi.Ansi.Color.*;
|
||||
@@ -24,9 +25,9 @@ public class ColorFormatter implements Formatter {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void format(List<Issue> issues) {
|
||||
public void format(Set<Issue> issues) {
|
||||
AnsiConsole.systemInstall();
|
||||
if(issues.isEmpty()) {
|
||||
if (issues.isEmpty()) {
|
||||
Ansi noIssuesFound = ansi().fg(GREEN).a("No issues found.").reset();
|
||||
System.out.println(noIssuesFound);
|
||||
return;
|
||||
@@ -52,29 +53,36 @@ public class ColorFormatter implements Formatter {
|
||||
|
||||
private Ansi appendDescription(Issue issue, Ansi ansi) {
|
||||
String description = descriptionProvider.getDescriptionForIssue(issue);
|
||||
String[] lines = description.split("\n");
|
||||
String firstLine = lines[0];
|
||||
String theRestOfLines = lines.length > 1 ? "\n" + String.join("\n", Arrays.copyOfRange(lines, 1, lines.length)) : "";
|
||||
|
||||
return ansi
|
||||
.fg(getColorForSeverity(issue))
|
||||
.a(issue.getSeverity().name())
|
||||
.reset()
|
||||
.a(": ").a(description)
|
||||
.a(": ").a(firstLine)
|
||||
.fgBrightBlack().a(theRestOfLines)
|
||||
.reset()
|
||||
.a("\n");
|
||||
}
|
||||
|
||||
private Ansi appendFile(Issue issue, Ansi ansi) {
|
||||
return ansi
|
||||
.fg(GREEN)
|
||||
return Optional.ofNullable(issue.getFile())
|
||||
.map(file -> ansi
|
||||
.fg(BLUE)
|
||||
.a("File: ")
|
||||
.reset()
|
||||
.a(issue.getFile().getAbsolutePath())
|
||||
.a("\n");
|
||||
.a(file.getAbsolutePath())
|
||||
.a("\n"))
|
||||
.orElse(ansi);
|
||||
}
|
||||
|
||||
private Ansi appendLine(Issue issue, Ansi ansi) {
|
||||
Optional.ofNullable(issue.getLine())
|
||||
.ifPresent(line -> {
|
||||
ansi
|
||||
.fg(BLUE)
|
||||
.fg(CYAN)
|
||||
.a("Line");
|
||||
Optional.ofNullable(issue.getLineNumber()).ifPresentOrElse(
|
||||
number -> ansi.a(" ").a(number).a(": "),
|
||||
@@ -86,9 +94,15 @@ public class ColorFormatter implements Formatter {
|
||||
}
|
||||
|
||||
private Ansi.Color getColorForSeverity(Issue issue) {
|
||||
switch(issue.getSeverity()) {
|
||||
case WARNING: return YELLOW;
|
||||
case ERROR: return RED;
|
||||
switch (issue.getSeverity()) {
|
||||
case INFO:
|
||||
return GREEN;
|
||||
case WARNING:
|
||||
return YELLOW;
|
||||
case ERROR:
|
||||
return MAGENTA;
|
||||
case VULNERABILITY:
|
||||
return RED;
|
||||
}
|
||||
|
||||
return RED;
|
||||
|
||||
@@ -5,8 +5,8 @@ import com.bartek.esa.core.model.object.Issue;
|
||||
import com.bartek.esa.formatter.archetype.Formatter;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
public class SimpleFormatter implements Formatter {
|
||||
@@ -18,8 +18,8 @@ public class SimpleFormatter implements Formatter {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void format(List<Issue> issues) {
|
||||
if(issues.isEmpty()) {
|
||||
public void format(Set<Issue> issues) {
|
||||
if (issues.isEmpty()) {
|
||||
System.out.println("No issues found.");
|
||||
return;
|
||||
}
|
||||
@@ -50,10 +50,13 @@ public class SimpleFormatter implements Formatter {
|
||||
}
|
||||
|
||||
private void appendFile(Issue issue, StringBuilder format) {
|
||||
Optional.ofNullable(issue.getFile())
|
||||
.ifPresent(file ->
|
||||
format
|
||||
.append("File: ")
|
||||
.append(issue.getFile().getAbsolutePath())
|
||||
.append("\n");
|
||||
.append(file.getAbsolutePath())
|
||||
.append("\n")
|
||||
);
|
||||
}
|
||||
|
||||
private void appendLine(Issue issue, StringBuilder format) {
|
||||
|
||||
@@ -1 +1,4 @@
|
||||
com.bartek.esa.core.plugin.JavaPlugin.PACKAGE_LACK=There is no package defined in AndroidManifest.xml file. Please check fix to use this tool.
|
||||
com.bartek.esa.core.archetype.JavaPlugin.NO_PACKAGE=There is no package defined in AndroidManifest.xml file. \n\
|
||||
Package should be defined as attribute of <manifest> tag.\n\
|
||||
For example: <manifest package="com.bartek.esa.test">\n\
|
||||
Please fix it to use this tool.
|
||||
Reference in New Issue
Block a user