1// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 2 3package parser2v2 4 5import ( 6 "reflect" 7 "testing" 8 9 gordfParser "github.com/spdx/gordf/rdfloader/parser" 10 "github.com/spdx/tools-golang/spdx/common" 11 "github.com/spdx/tools-golang/spdx/v2_2" 12) 13 14func Test_setPackageSupplier(t *testing.T) { 15 var err error 16 17 // TestCase 1: no assertion must set PackageSupplierNOASSERTION field to true 18 pkg := &v2_2.Package{} 19 err = setPackageSupplier(pkg, "NOASSERTION") 20 if err != nil { 21 t.Fatalf("unexpected error: %v", err) 22 } 23 if pkg.PackageSupplier.Supplier != "NOASSERTION" { 24 t.Errorf("PackageSupplier must've been set to NOASSERTION") 25 } 26 27 // TestCase 2: lower-case noassertion must also set the 28 // PackageSupplierNOASSERTION to true. 29 pkg = &v2_2.Package{} 30 err = setPackageSupplier(pkg, "noassertion") 31 if err != nil { 32 t.Fatalf("unexpected error: %v", err) 33 } 34 if pkg.PackageSupplier.Supplier != "NOASSERTION" { 35 t.Errorf("PackageSupplier must've been set to NOASSERTION") 36 } 37 38 // TestCase 3: invalid input without colon separator. must raise an error 39 pkg = &v2_2.Package{} 40 input := "string without colon separator" 41 err = setPackageSupplier(pkg, input) 42 if err == nil { 43 t.Errorf("invalid input \"%s\" didn't raise an error", input) 44 } 45 46 // TestCase 4: Valid Person 47 pkg = &v2_2.Package{} 48 personName := "Rishabh Bhatnagar" 49 input = "Person: " + personName 50 err = setPackageSupplier(pkg, input) 51 if err != nil { 52 t.Errorf("unexpected error: %v", err) 53 } 54 if pkg.PackageSupplier.Supplier != personName { 55 t.Errorf("PackageSupplierPerson should be %s. found %s", personName, pkg.PackageSupplier.Supplier) 56 } 57 58 // TestCase 5: Valid Organization 59 pkg = &v2_2.Package{} 60 orgName := "SPDX" 61 input = "Organization: " + orgName 62 err = setPackageSupplier(pkg, input) 63 if err != nil { 64 t.Errorf("unexpected error: %v", err) 65 } 66 if pkg.PackageSupplier.Supplier != orgName { 67 t.Errorf("PackageSupplierPerson should be %s. found %s", orgName, pkg.PackageSupplier.Supplier) 68 } 69 70 // TestCase 6: Invalid EntityType 71 pkg = &v2_2.Package{} 72 input = "InvalidEntity: entity" 73 err = setPackageSupplier(pkg, input) 74 if err == nil { 75 t.Errorf("invalid entity should've raised an error") 76 } 77} 78 79func Test_setPackageOriginator(t *testing.T) { 80 var err error 81 82 // TestCase 1: no assertion must set PackageSupplierNOASSERTION field to true 83 pkg := &v2_2.Package{} 84 err = setPackageOriginator(pkg, "NOASSERTION") 85 if err != nil { 86 t.Fatalf("unexpected error: %v", err) 87 } 88 if pkg.PackageOriginator.Originator != "NOASSERTION" { 89 t.Errorf("PackageOriginator must've been set to NOASSERTION") 90 } 91 92 // TestCase 2: lower-case noassertion must also set the 93 // PackageOriginatorNOASSERTION to true. 94 pkg = &v2_2.Package{} 95 err = setPackageOriginator(pkg, "noassertion") 96 if err != nil { 97 t.Fatalf("unexpected error: %v", err) 98 } 99 if pkg.PackageOriginator.Originator != "NOASSERTION" { 100 t.Errorf("PackageOriginator must've been set to NOASSERTION") 101 } 102 103 // TestCase 3: invalid input without colon separator. must raise an error 104 pkg = &v2_2.Package{} 105 input := "string without colon separator" 106 err = setPackageOriginator(pkg, input) 107 if err == nil { 108 t.Errorf("invalid input \"%s\" didn't raise an error", input) 109 } 110 111 // TestCase 4: Valid Person 112 pkg = &v2_2.Package{} 113 personName := "Rishabh Bhatnagar" 114 input = "Person: " + personName 115 err = setPackageOriginator(pkg, input) 116 if err != nil { 117 t.Errorf("unexpected error: %v", err) 118 } 119 if pkg.PackageOriginator.Originator != personName { 120 t.Errorf("PackageOriginatorPerson should be %s. found %s", personName, pkg.PackageOriginator.Originator) 121 } 122 123 // TestCase 5: Valid Organization 124 pkg = &v2_2.Package{} 125 orgName := "SPDX" 126 input = "Organization: " + orgName 127 err = setPackageOriginator(pkg, input) 128 if err != nil { 129 t.Errorf("unexpected error: %v", err) 130 } 131 if pkg.PackageOriginator.Originator != orgName { 132 t.Errorf("PackageOriginatorOrganization should be %s. found %s", orgName, pkg.PackageOriginator.Originator) 133 } 134 135 // TestCase 6: Invalid EntityType 136 pkg = &v2_2.Package{} 137 input = "InvalidEntity: entity" 138 err = setPackageOriginator(pkg, input) 139 if err == nil { 140 t.Errorf("invalid entity should've raised an error") 141 } 142} 143 144func Test_rdfParser2_2_setPackageVerificationCode(t *testing.T) { 145 var parser *rdfParser2_2 146 var node *gordfParser.Node 147 var pkg *v2_2.Package 148 var err error 149 150 // TestCase 1: invalid predicate must raise an error 151 parser, _ = parserFromBodyContent(` 152 <spdx.PackageVerificationCode> 153 <spdx:invalidPredicate /> 154 <spdx:packageVerificationCodeValue>cbceb8b5689b75a584efe35587b5d41bd48820ce</spdx:packageVerificationCodeValue> 155 <spdx:packageVerificationCodeExcludedFile>./package.spdx</spdx:packageVerificationCodeExcludedFile> 156 </spdx.PackageVerificationCode> 157 `) 158 node = parser.gordfParserObj.Triples[0].Subject 159 pkg = &v2_2.Package{} 160 err = parser.setPackageVerificationCode(pkg, node) 161 if err == nil { 162 t.Errorf("expected an error due to invalid predicate, got <nil>") 163 } 164 165 // TestCase 2: valid input 166 parser, _ = parserFromBodyContent(` 167 <spdx.PackageVerificationCode> 168 <spdx:packageVerificationCodeValue>cbceb8b5689b75a584efe35587b5d41bd48820ce</spdx:packageVerificationCodeValue> 169 <spdx:packageVerificationCodeExcludedFile>./package.spdx</spdx:packageVerificationCodeExcludedFile> 170 </spdx.PackageVerificationCode> 171 `) 172 node = parser.gordfParserObj.Triples[0].Subject 173 pkg = &v2_2.Package{} 174 err = parser.setPackageVerificationCode(pkg, node) 175 if err != nil { 176 t.Errorf("unexpected error: %v", err) 177 } 178 expectedValue := "cbceb8b5689b75a584efe35587b5d41bd48820ce" 179 if pkg.PackageVerificationCode.Value != expectedValue { 180 t.Errorf("expected %v, got %v", expectedValue, pkg.PackageVerificationCode) 181 } 182 expectedExcludedFile := "./package.spdx" 183 if pkg.PackageVerificationCode.ExcludedFiles[0] != expectedExcludedFile { 184 t.Errorf("expected %v, got %v", expectedExcludedFile, pkg.PackageVerificationCode.ExcludedFiles) 185 } 186} 187 188func Test_rdfParser2_2_getPackageExternalRef(t *testing.T) { 189 var extRef *v2_2.PackageExternalReference 190 var err error 191 var parser *rdfParser2_2 192 var node *gordfParser.Node 193 194 // TestCase 1: invalid reference category 195 parser, _ = parserFromBodyContent(` 196 <spdx:ExternalRef> 197 <spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator> 198 <spdx:referenceType> 199 <spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/> 200 </spdx:referenceType> 201 <spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_invalid"/> 202 </spdx:ExternalRef> 203 `) 204 node = parser.gordfParserObj.Triples[0].Subject 205 extRef, err = parser.getPackageExternalRef(node) 206 if err == nil { 207 t.Errorf("expected an error due to invalid referenceCategory, got <nil>") 208 } 209 210 // TestCase 2: invalid predicate 211 parser, _ = parserFromBodyContent(` 212 <spdx:ExternalRef> 213 <spdx:unknownPredicate /> 214 <spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator> 215 <spdx:referenceType> 216 <spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/> 217 </spdx:referenceType> 218 <spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_security"/> 219 </spdx:ExternalRef> 220 `) 221 node = parser.gordfParserObj.Triples[0].Subject 222 extRef, err = parser.getPackageExternalRef(node) 223 if err == nil { 224 t.Errorf("expected an error due to invalid referenceCategory, got <nil>") 225 } 226 227 // TestCase 3: valid example (referenceCategory_security) 228 parser, _ = parserFromBodyContent(` 229 <spdx:ExternalRef> 230 <spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator> 231 <spdx:referenceType> 232 <spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/> 233 </spdx:referenceType> 234 <spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_security"/> 235 <rdfs:comment>comment</rdfs:comment> 236 </spdx:ExternalRef> 237 `) 238 node = parser.gordfParserObj.Triples[0].Subject 239 extRef, err = parser.getPackageExternalRef(node) 240 if err != nil { 241 t.Fatalf("unexpected error parsing a valid example: %v", err) 242 } 243 expectedExtRef := &v2_2.PackageExternalReference{ 244 Locator: "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", 245 RefType: "http://spdx.org/rdf/references/cpe23Type", 246 Category: "SECURITY", 247 ExternalRefComment: "comment", 248 } 249 if !reflect.DeepEqual(extRef, expectedExtRef) { 250 t.Errorf("expected: \n%+v\ngot: \n%+v", expectedExtRef, extRef) 251 } 252 253 // TestCase 4: valid example (referenceCategory_packageManager) 254 parser, _ = parserFromBodyContent(` 255 <spdx:ExternalRef> 256 <spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator> 257 <spdx:referenceType> 258 <spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/> 259 </spdx:referenceType> 260 <spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_packageManager"/> 261 <rdfs:comment>comment</rdfs:comment> 262 </spdx:ExternalRef> 263 `) 264 node = parser.gordfParserObj.Triples[0].Subject 265 extRef, err = parser.getPackageExternalRef(node) 266 if err != nil { 267 t.Fatalf("unexpected error parsing a valid example: %v", err) 268 } 269 expectedExtRef = &v2_2.PackageExternalReference{ 270 Locator: "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", 271 RefType: "http://spdx.org/rdf/references/cpe23Type", 272 Category: "PACKAGE-MANAGER", 273 ExternalRefComment: "comment", 274 } 275 if !reflect.DeepEqual(extRef, expectedExtRef) { 276 t.Errorf("expected: \n%+v\ngot: \n%+v", expectedExtRef, extRef) 277 } 278 279 // TestCase 5: valid example (referenceCategory_other) 280 parser, _ = parserFromBodyContent(` 281 <spdx:ExternalRef> 282 <spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator> 283 <spdx:referenceType> 284 <spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/> 285 </spdx:referenceType> 286 <spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_other"/> 287 <rdfs:comment>comment</rdfs:comment> 288 </spdx:ExternalRef> 289 `) 290 node = parser.gordfParserObj.Triples[0].Subject 291 extRef, err = parser.getPackageExternalRef(node) 292 if err != nil { 293 t.Fatalf("unexpected error parsing a valid example: %v", err) 294 } 295 expectedExtRef = &v2_2.PackageExternalReference{ 296 Locator: "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", 297 RefType: "http://spdx.org/rdf/references/cpe23Type", 298 Category: "OTHER", 299 ExternalRefComment: "comment", 300 } 301 if !reflect.DeepEqual(extRef, expectedExtRef) { 302 t.Errorf("expected: \n%+v\ngot: \n%+v", expectedExtRef, extRef) 303 } 304} 305 306func Test_rdfParser2_2_getPackageFromNode(t *testing.T) { 307 var parser *rdfParser2_2 308 var node *gordfParser.Node 309 var err error 310 311 // TestCase 1: invalid elementId 312 parser, _ = parserFromBodyContent(` 313 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#upload2"> 314 <spdx:name>time-1.9.tar.gz</spdx:name> 315 </spdx:Package> 316 `) 317 node = parser.gordfParserObj.Triples[0].Subject 318 _, err = parser.getPackageFromNode(node) 319 if err == nil { 320 t.Errorf("expected an error(missing SPDXRef- prefix), found %v", err) 321 } 322 323 // TestCase 2: Invalid License Concluded must raise an error: 324 parser, _ = parserFromBodyContent(` 325 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 326 <spdx:licenseConcluded rdf:resource="http://spdx.org/licenses/IPL-3.0"/> 327 </spdx:Package> 328 `) 329 node = parser.gordfParserObj.Triples[0].Subject 330 _, err = parser.getPackageFromNode(node) 331 if err == nil { 332 t.Errorf("expected an error(invalid license), found %v", err) 333 } 334 335 // TestCase 2: Invalid License Declared must raise an error: 336 parser, _ = parserFromBodyContent(` 337 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 338 <spdx:licenseDeclared rdf:resource="http://spdx.org/licenses/IPL-3.0"/> 339 </spdx:Package> 340 `) 341 node = parser.gordfParserObj.Triples[0].Subject 342 _, err = parser.getPackageFromNode(node) 343 if err == nil { 344 t.Errorf("expected an error(invalid license), found %v", err) 345 } 346 347 // TestCase 3: Invalid ExternalRef 348 parser, _ = parserFromBodyContent(` 349 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 350 <spdx:externalRef> 351 <spdx:ExternalRef> 352 <spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator> 353 <spdx:referenceType> 354 <spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/> 355 </spdx:referenceType> 356 <spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_invalid"/> 357 </spdx:ExternalRef> 358 </spdx:externalRef> 359 </spdx:Package> 360 `) 361 node = parser.gordfParserObj.Triples[0].Subject 362 _, err = parser.getPackageFromNode(node) 363 if err == nil { 364 t.Errorf("expected an error(invalid externalRef), found %v", err) 365 } 366 367 // TestCase 4: invalid file must raise an error 368 parser, _ = parserFromBodyContent(` 369 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 370 <spdx:hasFile> 371 <spdx:File rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9.tar.gz_1535120734-spdx.rdf#item8"/> 372 </spdx:hasFile> 373 </spdx:Package> 374 `) 375 node = parser.gordfParserObj.Triples[0].Subject 376 _, err = parser.getPackageFromNode(node) 377 if err == nil { 378 t.Errorf("expected an error(invalid file), found %v", err) 379 } 380 381 // TestCase 5: invalid predicate must raise an error 382 parser, _ = parserFromBodyContent(` 383 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 384 <spdx:hasFiles> 385 <spdx:File rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9.tar.gz_1535120734-spdx.rdf#item8"/> 386 </spdx:hasFiles> 387 </spdx:Package> 388 `) 389 node = parser.gordfParserObj.Triples[0].Subject 390 _, err = parser.getPackageFromNode(node) 391 if err == nil { 392 t.Errorf("expected an error(invalid predicate), found %v", err) 393 } 394 395 // TestCase 6: invalid annotation must raise an error 396 parser, _ = parserFromBodyContent(` 397 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 398 <spdx:annotation> 399 <spdx:Annotation> 400 <spdx:unknownAttribute /> 401 </spdx:Annotation> 402 </spdx:annotation> 403 </spdx:Package> 404 `) 405 node = parser.gordfParserObj.Triples[0].Subject 406 _, err = parser.getPackageFromNode(node) 407 if err == nil { 408 t.Errorf("expected an error(invalid annotation), found %v", err) 409 } 410 411 // TestCase 6: invalid homepage must raise an error 412 parser, _ = parserFromBodyContent(` 413 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 414 <doap:homepage>u r i</doap:homepage> 415 </spdx:Package> 416 `) 417 node = parser.gordfParserObj.Triples[0].Subject 418 _, err = parser.getPackageFromNode(node) 419 if err == nil { 420 t.Errorf("expected an error(invalid homepage uri), found %v", err) 421 } 422 423 // TestCase 7: Package tag declared more than once should be parsed into a single object's definition 424 parser, _ = parserFromBodyContent(` 425 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 426 <spdx:name>Test Package</spdx:name> 427 </spdx:Package> 428 `) 429 node = parser.gordfParserObj.Triples[0].Subject 430 _, err = parser.getPackageFromNode(node) 431 if err != nil { 432 t.Errorf("error parsing a valid package: %v", err) 433 } 434 yetAnotherPkgTriple := gordfParser.Triple{ 435 Subject: node, 436 Predicate: &gordfParser.Node{ 437 NodeType: gordfParser.IRI, 438 ID: SPDX_PACKAGE_FILE_NAME, 439 }, 440 Object: &gordfParser.Node{ 441 NodeType: gordfParser.LITERAL, 442 ID: "packageFileName", 443 }, 444 } 445 parser.nodeStringToTriples[node.String()] = append(parser.nodeStringToTriples[node.String()], &yetAnotherPkgTriple) 446 pkg, err := parser.getPackageFromNode(node) 447 if err != nil { 448 t.Errorf("error parsing a valid package: %v", err) 449 } 450 // validating if all the attributes that spanned over two tags are included in the parsed package. 451 expectedID := "upload2" 452 if string(pkg.PackageSPDXIdentifier) != expectedID { 453 t.Errorf("expected package id: %s, got %s", expectedID, pkg.PackageSPDXIdentifier) 454 } 455 expectedPkgFileName := "packageFileName" 456 if expectedPkgFileName != pkg.PackageFileName { 457 t.Errorf("expected package file name: %s, got %s", expectedPkgFileName, pkg.PackageFileName) 458 } 459 expectedName := "Test Package" 460 if pkg.PackageName != expectedName { 461 t.Errorf("expected package name: %s, got %s", expectedPkgFileName, pkg.PackageName) 462 } 463 464 // TestCase 8: Checking if packages can handle cyclic dependencies: 465 // Simulating a smallest possible cycle: package related to itself. 466 parser, _ = parserFromBodyContent(` 467 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 468 <spdx:name>Test Package</spdx:name> 469 <spdx:relationship> 470 <spdx:Relationship> 471 <spdx:relationshipType rdf:resource="http://spdx.org/rdf/terms#relationshipType_describes" /> 472 <spdx:relatedSpdxElement> 473 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 474 <spdx:versionInfo>1.1.1</spdx:versionInfo> 475 </spdx:Package> 476 </spdx:relatedSpdxElement> 477 </spdx:Relationship> 478 </spdx:relationship> 479 </spdx:Package> 480 `) 481 node = parser.gordfParserObj.Triples[0].Subject 482 pkg, err = parser.getPackageFromNode(node) 483 if err != nil { 484 t.Errorf("error parsing a valid package: %v", err) 485 } 486 // checking if both the attributes of the packages are set. 487 expectedVersionInfo := "1.1.1" 488 expectedPackageName := "Test Package" 489 if pkg.PackageVersion != expectedVersionInfo { 490 t.Errorf("Expected %s, found %s", expectedVersionInfo, pkg.PackageVersion) 491 } 492 if pkg.PackageName != expectedPackageName { 493 t.Errorf("Expected %s, found %s", expectedPackageName, pkg.PackageName) 494 } 495 496 // TestCase 9: everything valid 497 parser, _ = parserFromBodyContent(` 498 <spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2"> 499 <spdx:name>Test Package</spdx:name> 500 <spdx:versionInfo>1.1.1</spdx:versionInfo> 501 <spdx:packageFileName>time-1.9.tar.gz</spdx:packageFileName> 502 <spdx:supplier>Person: Jane Doe (jane.doe@example.com)</spdx:supplier> 503 <spdx:originator>Organization: SPDX</spdx:originator> 504 <spdx:downloadLocation rdf:resource="http://spdx.org/rdf/terms#noassertion" /> 505 <spdx:filesAnalyzed>true</spdx:filesAnalyzed> 506 <spdx:packageVerificationCode> 507 <spdx.PackageVerificationCode> 508 <spdx:packageVerificationCodeValue>cbceb8b5689b75a584efe35587b5d41bd48820ce</spdx:packageVerificationCodeValue> 509 <spdx:packageVerificationCodeExcludedFile>./package.spdx</spdx:packageVerificationCodeExcludedFile> 510 </spdx.PackageVerificationCode> 511 </spdx:packageVerificationCode> 512 <spdx:checksum> 513 <spdx:Checksum> 514 <spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha1" /> 515 <spdx:checksumValue>75068c26abbed3ad3980685bae21d7202d288317</spdx:checksumValue> 516 </spdx:Checksum> 517 </spdx:checksum> 518 <doap:homepage>http://www.openjena.org/</doap:homepage> 519 <spdx:sourceInfo>uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.</spdx:sourceInfo> 520 <spdx:licenseConcluded> 521 <spdx:DisjunctiveLicenseSet> 522 <spdx:member rdf:resource="http://spdx.org/licenses/Nokia"/> 523 <spdx:member rdf:resource="http://spdx.org/licenses/LGPL-2.0"/> 524 </spdx:DisjunctiveLicenseSet> 525 </spdx:licenseConcluded> 526 <spdx:licenseInfoFromFiles rdf:resource="http://spdx.org/rdf/terms#noassertion" /> 527 <spdx:licenseDeclared rdf:resource="http://spdx.org/rdf/terms#noassertion" /> 528 <spdx:licenseComments>Other versions available for a commercial license</spdx:licenseComments> 529 <spdx:copyrightText rdf:resource="http://spdx.org/rdf/terms#noassertion" /> 530 <spdx:summary> Package for Testing </spdx:summary> 531 <spdx:description> Some tags are taken from other spdx autogenerated files </spdx:description> 532 <rdfs:comment>no comments</rdfs:comment> 533 <spdx:externalRef> 534 <spdx:ExternalRef> 535 <spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator> 536 <spdx:referenceType> 537 <spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/> 538 </spdx:referenceType> 539 <spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_security"/> 540 </spdx:ExternalRef> 541 </spdx:externalRef> 542 <spdx:hasFile rdf:resource="http://spdx.org/documents/spdx-toolsv2.1.7-SNAPSHOT#SPDXRef-129" /> 543 <spdx:relationship> 544 <spdx:Relationship> 545 <spdx:relationshipType rdf:resource="http://spdx.org/rdf/terms#relationshipType_describes" /> 546 <spdx:relatedSpdxElement rdf:resource="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2" /> 547 </spdx:Relationship> 548 </spdx:relationship> 549 <spdx:attributionText>attribution text</spdx:attributionText> 550 <spdx:annotation> 551 <spdx:Annotation> 552 <spdx:annotationDate>2011-01-29T18:30:22Z</spdx:annotationDate> 553 <rdfs:comment>Package level annotation</rdfs:comment> 554 <spdx:annotator>Person: Package Commenter</spdx:annotator> 555 <spdx:annotationType rdf:resource="http://spdx.org/rdf/terms#annotationType_other"/> 556 </spdx:Annotation> 557 </spdx:annotation> 558 </spdx:Package> 559 `) 560 node = parser.gordfParserObj.Triples[0].Subject 561 _, err = parser.getPackageFromNode(node) 562 if err != nil { 563 t.Errorf("error parsing a valid package: %v", err) 564 } 565} 566 567func Test_rdfParser2_2_setFileToPackage(t *testing.T) { 568 var pkg *v2_2.Package 569 var file *v2_2.File 570 var parser *rdfParser2_2 571 572 // TestCase 1: setting to a nil files attribute shouldn't panic. 573 parser, _ = parserFromBodyContent(``) 574 pkg = &v2_2.Package{} 575 file = &v2_2.File{} 576 parser.setFileToPackage(pkg, file) 577 if len(pkg.Files) != 1 { 578 t.Errorf("expected given package to have one file after setting, got %d", len(pkg.Files)) 579 } 580 if parser.assocWithPackage[file.FileSPDXIdentifier] != true { 581 t.Errorf("given file should've been associated with a package, assocWithPackage is false") 582 } 583} 584 585func Test_rdfParser2_2_setPackageChecksum(t *testing.T) { 586 var parser *rdfParser2_2 587 var node *gordfParser.Node 588 var pkg *v2_2.Package 589 var expectedChecksumValue string 590 var err error 591 592 // TestCase 1: invalid checksum algorithm 593 parser, _ = parserFromBodyContent(` 594 <spdx:Checksum> 595 <spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue> 596 <spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha999"/> 597 </spdx:Checksum> 598 `) 599 pkg = &v2_2.Package{} 600 node = parser.gordfParserObj.Triples[0].Subject 601 err = parser.setPackageChecksum(pkg, node) 602 if err == nil { 603 t.Error("expected an error due to invalid checksum node, got <nil>") 604 } 605 606 // TestCase 1: valid checksum algorithm which is invalid for package 607 parser, _ = parserFromBodyContent(` 608 <spdx:Checksum> 609 <spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue> 610 <spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha2000"/> 611 </spdx:Checksum> 612 `) 613 pkg = &v2_2.Package{} 614 node = parser.gordfParserObj.Triples[0].Subject 615 err = parser.setPackageChecksum(pkg, node) 616 if err == nil { 617 t.Error("expected an error due to invalid checksum for package, got <nil>") 618 } 619 620 // TestCase 2: valid checksum (sha1) 621 parser, _ = parserFromBodyContent(` 622 <spdx:Checksum> 623 <spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue> 624 <spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha1"/> 625 </spdx:Checksum> 626 `) 627 pkg = &v2_2.Package{} 628 node = parser.gordfParserObj.Triples[0].Subject 629 err = parser.setPackageChecksum(pkg, node) 630 if err != nil { 631 t.Errorf("unexpected error: %v", err) 632 } 633 expectedChecksumValue = "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12" 634 635 for _, checksum := range pkg.PackageChecksums { 636 switch checksum.Algorithm { 637 case common.SHA1: 638 if checksum.Value != expectedChecksumValue { 639 t.Errorf("expected %v, got: %v", expectedChecksumValue, checksum.Value) 640 } 641 } 642 } 643 644 // TestCase 3: valid checksum (sha256) 645 parser, _ = parserFromBodyContent(` 646 <spdx:Checksum> 647 <spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue> 648 <spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha256"/> 649 </spdx:Checksum> 650 `) 651 pkg = &v2_2.Package{} 652 node = parser.gordfParserObj.Triples[0].Subject 653 err = parser.setPackageChecksum(pkg, node) 654 if err != nil { 655 t.Errorf("unexpected error: %v", err) 656 } 657 expectedChecksumValue = "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12" 658 for _, checksum := range pkg.PackageChecksums { 659 switch checksum.Algorithm { 660 case common.SHA256: 661 if checksum.Value != expectedChecksumValue { 662 t.Errorf("expected %v, got: %v", expectedChecksumValue, checksum.Value) 663 } 664 } 665 } 666 667 // TestCase 4: valid checksum (md5) 668 parser, _ = parserFromBodyContent(` 669 <spdx:Checksum> 670 <spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue> 671 <spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_md5"/> 672 </spdx:Checksum> 673 `) 674 pkg = &v2_2.Package{} 675 node = parser.gordfParserObj.Triples[0].Subject 676 err = parser.setPackageChecksum(pkg, node) 677 if err != nil { 678 t.Errorf("unexpected error: %v", err) 679 } 680 expectedChecksumValue = "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12" 681 for _, checksum := range pkg.PackageChecksums { 682 switch checksum.Algorithm { 683 case common.MD5: 684 if checksum.Value != expectedChecksumValue { 685 t.Errorf("expected %v, got: %v", expectedChecksumValue, checksum.Value) 686 } 687 } 688 } 689} 690 691func Test_setDocumentLocationFromURI(t *testing.T) { 692 var pkg *v2_2.Package 693 var expectedDocumentLocation, gotDocumentLocation string 694 var inputURI string 695 var err error 696 697 // TestCase 1: NOASSERTION 698 inputURI = SPDX_NOASSERTION_SMALL 699 pkg = &v2_2.Package{} 700 err = setDocumentLocationFromURI(pkg, inputURI) 701 if err != nil { 702 t.Fatalf("unexpected error: %v", err) 703 } 704 expectedDocumentLocation = "NOASSERTION" 705 gotDocumentLocation = pkg.PackageDownloadLocation 706 if expectedDocumentLocation != gotDocumentLocation { 707 t.Errorf("expected: %v, got: %v", expectedDocumentLocation, gotDocumentLocation) 708 } 709 710 // TestCase 2: NONE 711 inputURI = SPDX_NONE_CAPS 712 pkg = &v2_2.Package{} 713 err = setDocumentLocationFromURI(pkg, inputURI) 714 if err != nil { 715 t.Fatalf("unexpected error: %v", err) 716 } 717 expectedDocumentLocation = "NONE" 718 gotDocumentLocation = pkg.PackageDownloadLocation 719 if expectedDocumentLocation != gotDocumentLocation { 720 t.Errorf("expected: %v, got: %v", expectedDocumentLocation, gotDocumentLocation) 721 } 722 723 // TestCase 3: valid uri 724 inputURI = "https://www.gnu.org/software/texinfo/" 725 pkg = &v2_2.Package{} 726 err = setDocumentLocationFromURI(pkg, inputURI) 727 if err != nil { 728 t.Fatalf("unexpected error: %v", err) 729 } 730 expectedDocumentLocation = "https://www.gnu.org/software/texinfo/" 731 gotDocumentLocation = pkg.PackageDownloadLocation 732 if expectedDocumentLocation != gotDocumentLocation { 733 t.Errorf("expected: %v, got: %v", expectedDocumentLocation, gotDocumentLocation) 734 } 735 736 // TestCase 3: invalid uri 737 inputURI = " " 738 pkg = &v2_2.Package{} 739 err = setDocumentLocationFromURI(pkg, inputURI) 740 if err == nil { 741 t.Fatalf("expected an error due to invalid uri, got %v", err) 742 } 743} 744 745func Test_setFilesAnalyzed(t *testing.T) { 746 var pkg *v2_2.Package 747 var err error 748 749 // TestCase 1: not a valid bool value: 750 pkg = &v2_2.Package{} 751 err = setFilesAnalyzed(pkg, "no") 752 if err == nil { 753 t.Errorf("expected an error due to invalid bool input, got %v", err) 754 } 755 756 // TestCase 2: valid input 757 pkg = &v2_2.Package{} 758 err = setFilesAnalyzed(pkg, "true") 759 if err != nil { 760 t.Fatalf("unexpected error: %v", err) 761 } 762 if !pkg.IsFilesAnalyzedTagPresent { 763 t.Errorf("should've set IsFilesAnalyzedTagPresent, got: %t", pkg.IsFilesAnalyzedTagPresent) 764 } 765 if !pkg.FilesAnalyzed { 766 t.Errorf("expected: %t, got: %t", true, pkg.FilesAnalyzed) 767 } 768} 769