xref: /aosp_15_r20/external/spdx-tools/rdfloader/parser2v2/parse_package_test.go (revision ba677afa8f67bb56cbc794f4d0e378e0da058e16) 
1// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
2
3package parser2v2
4
5import (
6	"reflect"
7	"testing"
8
9	gordfParser "github.com/spdx/gordf/rdfloader/parser"
10	"github.com/spdx/tools-golang/spdx/common"
11	"github.com/spdx/tools-golang/spdx/v2_2"
12)
13
14func Test_setPackageSupplier(t *testing.T) {
15	var err error
16
17	// TestCase 1: no assertion must set PackageSupplierNOASSERTION field to true
18	pkg := &v2_2.Package{}
19	err = setPackageSupplier(pkg, "NOASSERTION")
20	if err != nil {
21		t.Fatalf("unexpected error: %v", err)
22	}
23	if pkg.PackageSupplier.Supplier != "NOASSERTION" {
24		t.Errorf("PackageSupplier must've been set to NOASSERTION")
25	}
26
27	// TestCase 2: lower-case noassertion must also set the
28	// PackageSupplierNOASSERTION to true.
29	pkg = &v2_2.Package{}
30	err = setPackageSupplier(pkg, "noassertion")
31	if err != nil {
32		t.Fatalf("unexpected error: %v", err)
33	}
34	if pkg.PackageSupplier.Supplier != "NOASSERTION" {
35		t.Errorf("PackageSupplier must've been set to NOASSERTION")
36	}
37
38	// TestCase 3: invalid input without colon separator. must raise an error
39	pkg = &v2_2.Package{}
40	input := "string without colon separator"
41	err = setPackageSupplier(pkg, input)
42	if err == nil {
43		t.Errorf("invalid input \"%s\" didn't raise an error", input)
44	}
45
46	// TestCase 4: Valid Person
47	pkg = &v2_2.Package{}
48	personName := "Rishabh Bhatnagar"
49	input = "Person: " + personName
50	err = setPackageSupplier(pkg, input)
51	if err != nil {
52		t.Errorf("unexpected error: %v", err)
53	}
54	if pkg.PackageSupplier.Supplier != personName {
55		t.Errorf("PackageSupplierPerson should be %s. found %s", personName, pkg.PackageSupplier.Supplier)
56	}
57
58	// TestCase 5: Valid Organization
59	pkg = &v2_2.Package{}
60	orgName := "SPDX"
61	input = "Organization: " + orgName
62	err = setPackageSupplier(pkg, input)
63	if err != nil {
64		t.Errorf("unexpected error: %v", err)
65	}
66	if pkg.PackageSupplier.Supplier != orgName {
67		t.Errorf("PackageSupplierPerson should be %s. found %s", orgName, pkg.PackageSupplier.Supplier)
68	}
69
70	// TestCase 6: Invalid EntityType
71	pkg = &v2_2.Package{}
72	input = "InvalidEntity: entity"
73	err = setPackageSupplier(pkg, input)
74	if err == nil {
75		t.Errorf("invalid entity should've raised an error")
76	}
77}
78
79func Test_setPackageOriginator(t *testing.T) {
80	var err error
81
82	// TestCase 1: no assertion must set PackageSupplierNOASSERTION field to true
83	pkg := &v2_2.Package{}
84	err = setPackageOriginator(pkg, "NOASSERTION")
85	if err != nil {
86		t.Fatalf("unexpected error: %v", err)
87	}
88	if pkg.PackageOriginator.Originator != "NOASSERTION" {
89		t.Errorf("PackageOriginator must've been set to NOASSERTION")
90	}
91
92	// TestCase 2: lower-case noassertion must also set the
93	// PackageOriginatorNOASSERTION to true.
94	pkg = &v2_2.Package{}
95	err = setPackageOriginator(pkg, "noassertion")
96	if err != nil {
97		t.Fatalf("unexpected error: %v", err)
98	}
99	if pkg.PackageOriginator.Originator != "NOASSERTION" {
100		t.Errorf("PackageOriginator must've been set to NOASSERTION")
101	}
102
103	// TestCase 3: invalid input without colon separator. must raise an error
104	pkg = &v2_2.Package{}
105	input := "string without colon separator"
106	err = setPackageOriginator(pkg, input)
107	if err == nil {
108		t.Errorf("invalid input \"%s\" didn't raise an error", input)
109	}
110
111	// TestCase 4: Valid Person
112	pkg = &v2_2.Package{}
113	personName := "Rishabh Bhatnagar"
114	input = "Person: " + personName
115	err = setPackageOriginator(pkg, input)
116	if err != nil {
117		t.Errorf("unexpected error: %v", err)
118	}
119	if pkg.PackageOriginator.Originator != personName {
120		t.Errorf("PackageOriginatorPerson should be %s. found %s", personName, pkg.PackageOriginator.Originator)
121	}
122
123	// TestCase 5: Valid Organization
124	pkg = &v2_2.Package{}
125	orgName := "SPDX"
126	input = "Organization: " + orgName
127	err = setPackageOriginator(pkg, input)
128	if err != nil {
129		t.Errorf("unexpected error: %v", err)
130	}
131	if pkg.PackageOriginator.Originator != orgName {
132		t.Errorf("PackageOriginatorOrganization should be %s. found %s", orgName, pkg.PackageOriginator.Originator)
133	}
134
135	// TestCase 6: Invalid EntityType
136	pkg = &v2_2.Package{}
137	input = "InvalidEntity: entity"
138	err = setPackageOriginator(pkg, input)
139	if err == nil {
140		t.Errorf("invalid entity should've raised an error")
141	}
142}
143
144func Test_rdfParser2_2_setPackageVerificationCode(t *testing.T) {
145	var parser *rdfParser2_2
146	var node *gordfParser.Node
147	var pkg *v2_2.Package
148	var err error
149
150	// TestCase 1: invalid predicate must raise an error
151	parser, _ = parserFromBodyContent(`
152		<spdx.PackageVerificationCode>
153			<spdx:invalidPredicate />
154			<spdx:packageVerificationCodeValue>cbceb8b5689b75a584efe35587b5d41bd48820ce</spdx:packageVerificationCodeValue>
155			<spdx:packageVerificationCodeExcludedFile>./package.spdx</spdx:packageVerificationCodeExcludedFile>
156		</spdx.PackageVerificationCode>
157	`)
158	node = parser.gordfParserObj.Triples[0].Subject
159	pkg = &v2_2.Package{}
160	err = parser.setPackageVerificationCode(pkg, node)
161	if err == nil {
162		t.Errorf("expected an error due to invalid predicate, got <nil>")
163	}
164
165	// TestCase 2: valid input
166	parser, _ = parserFromBodyContent(`
167		<spdx.PackageVerificationCode>
168			<spdx:packageVerificationCodeValue>cbceb8b5689b75a584efe35587b5d41bd48820ce</spdx:packageVerificationCodeValue>
169			<spdx:packageVerificationCodeExcludedFile>./package.spdx</spdx:packageVerificationCodeExcludedFile>
170		</spdx.PackageVerificationCode>
171	`)
172	node = parser.gordfParserObj.Triples[0].Subject
173	pkg = &v2_2.Package{}
174	err = parser.setPackageVerificationCode(pkg, node)
175	if err != nil {
176		t.Errorf("unexpected error: %v", err)
177	}
178	expectedValue := "cbceb8b5689b75a584efe35587b5d41bd48820ce"
179	if pkg.PackageVerificationCode.Value != expectedValue {
180		t.Errorf("expected %v, got %v", expectedValue, pkg.PackageVerificationCode)
181	}
182	expectedExcludedFile := "./package.spdx"
183	if pkg.PackageVerificationCode.ExcludedFiles[0] != expectedExcludedFile {
184		t.Errorf("expected %v, got %v", expectedExcludedFile, pkg.PackageVerificationCode.ExcludedFiles)
185	}
186}
187
188func Test_rdfParser2_2_getPackageExternalRef(t *testing.T) {
189	var extRef *v2_2.PackageExternalReference
190	var err error
191	var parser *rdfParser2_2
192	var node *gordfParser.Node
193
194	// TestCase 1: invalid reference category
195	parser, _ = parserFromBodyContent(`
196		<spdx:ExternalRef>
197			<spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator>
198			<spdx:referenceType>
199				<spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/>
200			</spdx:referenceType>
201			<spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_invalid"/>
202		</spdx:ExternalRef>
203	`)
204	node = parser.gordfParserObj.Triples[0].Subject
205	extRef, err = parser.getPackageExternalRef(node)
206	if err == nil {
207		t.Errorf("expected an error due to invalid referenceCategory, got <nil>")
208	}
209
210	// TestCase 2: invalid predicate
211	parser, _ = parserFromBodyContent(`
212		<spdx:ExternalRef>
213			<spdx:unknownPredicate />
214			<spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator>
215			<spdx:referenceType>
216				<spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/>
217			</spdx:referenceType>
218			<spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_security"/>
219		</spdx:ExternalRef>
220	`)
221	node = parser.gordfParserObj.Triples[0].Subject
222	extRef, err = parser.getPackageExternalRef(node)
223	if err == nil {
224		t.Errorf("expected an error due to invalid referenceCategory, got <nil>")
225	}
226
227	// TestCase 3: valid example (referenceCategory_security)
228	parser, _ = parserFromBodyContent(`
229		<spdx:ExternalRef>
230			<spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator>
231			<spdx:referenceType>
232				<spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/>
233			</spdx:referenceType>
234			<spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_security"/>
235			<rdfs:comment>comment</rdfs:comment>
236		</spdx:ExternalRef>
237	`)
238	node = parser.gordfParserObj.Triples[0].Subject
239	extRef, err = parser.getPackageExternalRef(node)
240	if err != nil {
241		t.Fatalf("unexpected error parsing a valid example: %v", err)
242	}
243	expectedExtRef := &v2_2.PackageExternalReference{
244		Locator:            "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*",
245		RefType:            "http://spdx.org/rdf/references/cpe23Type",
246		Category:           "SECURITY",
247		ExternalRefComment: "comment",
248	}
249	if !reflect.DeepEqual(extRef, expectedExtRef) {
250		t.Errorf("expected: \n%+v\ngot: \n%+v", expectedExtRef, extRef)
251	}
252
253	// TestCase 4: valid example (referenceCategory_packageManager)
254	parser, _ = parserFromBodyContent(`
255		<spdx:ExternalRef>
256			<spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator>
257			<spdx:referenceType>
258				<spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/>
259			</spdx:referenceType>
260			<spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_packageManager"/>
261			<rdfs:comment>comment</rdfs:comment>
262		</spdx:ExternalRef>
263	`)
264	node = parser.gordfParserObj.Triples[0].Subject
265	extRef, err = parser.getPackageExternalRef(node)
266	if err != nil {
267		t.Fatalf("unexpected error parsing a valid example: %v", err)
268	}
269	expectedExtRef = &v2_2.PackageExternalReference{
270		Locator:            "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*",
271		RefType:            "http://spdx.org/rdf/references/cpe23Type",
272		Category:           "PACKAGE-MANAGER",
273		ExternalRefComment: "comment",
274	}
275	if !reflect.DeepEqual(extRef, expectedExtRef) {
276		t.Errorf("expected: \n%+v\ngot: \n%+v", expectedExtRef, extRef)
277	}
278
279	// TestCase 5: valid example (referenceCategory_other)
280	parser, _ = parserFromBodyContent(`
281		<spdx:ExternalRef>
282			<spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator>
283			<spdx:referenceType>
284				<spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/>
285			</spdx:referenceType>
286			<spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_other"/>
287			<rdfs:comment>comment</rdfs:comment>
288		</spdx:ExternalRef>
289	`)
290	node = parser.gordfParserObj.Triples[0].Subject
291	extRef, err = parser.getPackageExternalRef(node)
292	if err != nil {
293		t.Fatalf("unexpected error parsing a valid example: %v", err)
294	}
295	expectedExtRef = &v2_2.PackageExternalReference{
296		Locator:            "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*",
297		RefType:            "http://spdx.org/rdf/references/cpe23Type",
298		Category:           "OTHER",
299		ExternalRefComment: "comment",
300	}
301	if !reflect.DeepEqual(extRef, expectedExtRef) {
302		t.Errorf("expected: \n%+v\ngot: \n%+v", expectedExtRef, extRef)
303	}
304}
305
306func Test_rdfParser2_2_getPackageFromNode(t *testing.T) {
307	var parser *rdfParser2_2
308	var node *gordfParser.Node
309	var err error
310
311	// TestCase 1: invalid elementId
312	parser, _ = parserFromBodyContent(`
313		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#upload2">
314            <spdx:name>time-1.9.tar.gz</spdx:name>
315		</spdx:Package>
316	`)
317	node = parser.gordfParserObj.Triples[0].Subject
318	_, err = parser.getPackageFromNode(node)
319	if err == nil {
320		t.Errorf("expected an error(missing SPDXRef- prefix), found %v", err)
321	}
322
323	// TestCase 2: Invalid License Concluded must raise an error:
324	parser, _ = parserFromBodyContent(`
325		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
326            <spdx:licenseConcluded rdf:resource="http://spdx.org/licenses/IPL-3.0"/>
327		</spdx:Package>
328	`)
329	node = parser.gordfParserObj.Triples[0].Subject
330	_, err = parser.getPackageFromNode(node)
331	if err == nil {
332		t.Errorf("expected an error(invalid license), found %v", err)
333	}
334
335	// TestCase 2: Invalid License Declared must raise an error:
336	parser, _ = parserFromBodyContent(`
337		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
338            <spdx:licenseDeclared rdf:resource="http://spdx.org/licenses/IPL-3.0"/>
339		</spdx:Package>
340	`)
341	node = parser.gordfParserObj.Triples[0].Subject
342	_, err = parser.getPackageFromNode(node)
343	if err == nil {
344		t.Errorf("expected an error(invalid license), found %v", err)
345	}
346
347	// TestCase 3: Invalid ExternalRef
348	parser, _ = parserFromBodyContent(`
349		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
350			<spdx:externalRef>
351				<spdx:ExternalRef>
352					<spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator>
353					<spdx:referenceType>
354						<spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/>
355					</spdx:referenceType>
356					<spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_invalid"/>
357				</spdx:ExternalRef>
358			</spdx:externalRef>
359		</spdx:Package>
360	`)
361	node = parser.gordfParserObj.Triples[0].Subject
362	_, err = parser.getPackageFromNode(node)
363	if err == nil {
364		t.Errorf("expected an error(invalid externalRef), found %v", err)
365	}
366
367	// TestCase 4: invalid file must raise an error
368	parser, _ = parserFromBodyContent(`
369		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
370			<spdx:hasFile>
371              <spdx:File rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9.tar.gz_1535120734-spdx.rdf#item8"/>
372            </spdx:hasFile>
373		</spdx:Package>
374	`)
375	node = parser.gordfParserObj.Triples[0].Subject
376	_, err = parser.getPackageFromNode(node)
377	if err == nil {
378		t.Errorf("expected an error(invalid file), found %v", err)
379	}
380
381	// TestCase 5: invalid predicate must raise an error
382	parser, _ = parserFromBodyContent(`
383		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
384			<spdx:hasFiles>
385              <spdx:File rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9.tar.gz_1535120734-spdx.rdf#item8"/>
386            </spdx:hasFiles>
387		</spdx:Package>
388	`)
389	node = parser.gordfParserObj.Triples[0].Subject
390	_, err = parser.getPackageFromNode(node)
391	if err == nil {
392		t.Errorf("expected an error(invalid predicate), found %v", err)
393	}
394
395	// TestCase 6: invalid annotation must raise an error
396	parser, _ = parserFromBodyContent(`
397		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
398			<spdx:annotation>
399				<spdx:Annotation>
400					<spdx:unknownAttribute />
401				</spdx:Annotation>
402			</spdx:annotation>
403		</spdx:Package>
404	`)
405	node = parser.gordfParserObj.Triples[0].Subject
406	_, err = parser.getPackageFromNode(node)
407	if err == nil {
408		t.Errorf("expected an error(invalid annotation), found %v", err)
409	}
410
411	// TestCase 6: invalid homepage must raise an error
412	parser, _ = parserFromBodyContent(`
413		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
414			<doap:homepage>u r i</doap:homepage>
415		</spdx:Package>
416	`)
417	node = parser.gordfParserObj.Triples[0].Subject
418	_, err = parser.getPackageFromNode(node)
419	if err == nil {
420		t.Errorf("expected an error(invalid homepage uri), found %v", err)
421	}
422
423	// TestCase 7: Package tag declared more than once should be parsed into a single object's definition
424	parser, _ = parserFromBodyContent(`
425		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
426			<spdx:name>Test Package</spdx:name>
427		</spdx:Package>
428	`)
429	node = parser.gordfParserObj.Triples[0].Subject
430	_, err = parser.getPackageFromNode(node)
431	if err != nil {
432		t.Errorf("error parsing a valid package: %v", err)
433	}
434	yetAnotherPkgTriple := gordfParser.Triple{
435		Subject: node,
436		Predicate: &gordfParser.Node{
437			NodeType: gordfParser.IRI,
438			ID:       SPDX_PACKAGE_FILE_NAME,
439		},
440		Object: &gordfParser.Node{
441			NodeType: gordfParser.LITERAL,
442			ID:       "packageFileName",
443		},
444	}
445	parser.nodeStringToTriples[node.String()] = append(parser.nodeStringToTriples[node.String()], &yetAnotherPkgTriple)
446	pkg, err := parser.getPackageFromNode(node)
447	if err != nil {
448		t.Errorf("error parsing a valid package: %v", err)
449	}
450	// validating if all the attributes that spanned over two tags are included in the parsed package.
451	expectedID := "upload2"
452	if string(pkg.PackageSPDXIdentifier) != expectedID {
453		t.Errorf("expected package id: %s, got %s", expectedID, pkg.PackageSPDXIdentifier)
454	}
455	expectedPkgFileName := "packageFileName"
456	if expectedPkgFileName != pkg.PackageFileName {
457		t.Errorf("expected package file name: %s, got %s", expectedPkgFileName, pkg.PackageFileName)
458	}
459	expectedName := "Test Package"
460	if pkg.PackageName != expectedName {
461		t.Errorf("expected package name: %s, got %s", expectedPkgFileName, pkg.PackageName)
462	}
463
464	// TestCase 8: Checking if packages can handle cyclic dependencies:
465	// Simulating a smallest possible cycle: package related to itself.
466	parser, _ = parserFromBodyContent(`
467		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
468			<spdx:name>Test Package</spdx:name>
469			<spdx:relationship>
470			    <spdx:Relationship>
471					<spdx:relationshipType rdf:resource="http://spdx.org/rdf/terms#relationshipType_describes" />
472					<spdx:relatedSpdxElement>
473						<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
474							<spdx:versionInfo>1.1.1</spdx:versionInfo>
475						</spdx:Package>
476					</spdx:relatedSpdxElement>
477				</spdx:Relationship>
478			</spdx:relationship>
479		</spdx:Package>
480	`)
481	node = parser.gordfParserObj.Triples[0].Subject
482	pkg, err = parser.getPackageFromNode(node)
483	if err != nil {
484		t.Errorf("error parsing a valid package: %v", err)
485	}
486	// checking if both the attributes of the packages are set.
487	expectedVersionInfo := "1.1.1"
488	expectedPackageName := "Test Package"
489	if pkg.PackageVersion != expectedVersionInfo {
490		t.Errorf("Expected %s, found %s", expectedVersionInfo, pkg.PackageVersion)
491	}
492	if pkg.PackageName != expectedPackageName {
493		t.Errorf("Expected %s, found %s", expectedPackageName, pkg.PackageName)
494	}
495
496	// TestCase 9: everything valid
497	parser, _ = parserFromBodyContent(`
498		<spdx:Package rdf:about="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2">
499			<spdx:name>Test Package</spdx:name>
500			<spdx:versionInfo>1.1.1</spdx:versionInfo>
501			<spdx:packageFileName>time-1.9.tar.gz</spdx:packageFileName>
502			<spdx:supplier>Person: Jane Doe (jane.doe@example.com)</spdx:supplier>
503			<spdx:originator>Organization: SPDX</spdx:originator>
504			<spdx:downloadLocation rdf:resource="http://spdx.org/rdf/terms#noassertion" />
505			<spdx:filesAnalyzed>true</spdx:filesAnalyzed>
506			<spdx:packageVerificationCode>
507                <spdx.PackageVerificationCode>
508                    <spdx:packageVerificationCodeValue>cbceb8b5689b75a584efe35587b5d41bd48820ce</spdx:packageVerificationCodeValue>
509					<spdx:packageVerificationCodeExcludedFile>./package.spdx</spdx:packageVerificationCodeExcludedFile>
510                </spdx.PackageVerificationCode>
511            </spdx:packageVerificationCode>
512			<spdx:checksum>
513                <spdx:Checksum>
514					<spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha1" />
515					<spdx:checksumValue>75068c26abbed3ad3980685bae21d7202d288317</spdx:checksumValue>
516                </spdx:Checksum>
517            </spdx:checksum>
518			<doap:homepage>http://www.openjena.org/</doap:homepage>
519			<spdx:sourceInfo>uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.</spdx:sourceInfo>
520			<spdx:licenseConcluded>
521                <spdx:DisjunctiveLicenseSet>
522					<spdx:member rdf:resource="http://spdx.org/licenses/Nokia"/>
523					<spdx:member rdf:resource="http://spdx.org/licenses/LGPL-2.0"/>
524                </spdx:DisjunctiveLicenseSet>
525            </spdx:licenseConcluded>
526			<spdx:licenseInfoFromFiles rdf:resource="http://spdx.org/rdf/terms#noassertion" />
527			<spdx:licenseDeclared rdf:resource="http://spdx.org/rdf/terms#noassertion" />
528			<spdx:licenseComments>Other versions available for a commercial license</spdx:licenseComments>
529			<spdx:copyrightText rdf:resource="http://spdx.org/rdf/terms#noassertion" />
530			<spdx:summary> Package for Testing </spdx:summary>
531			<spdx:description> Some tags are taken from other spdx autogenerated files </spdx:description>
532			<rdfs:comment>no comments</rdfs:comment>
533			<spdx:externalRef>
534				<spdx:ExternalRef>
535					<spdx:referenceLocator>cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*</spdx:referenceLocator>
536					<spdx:referenceType>
537						<spdx:ReferenceType rdf:about="http://spdx.org/rdf/references/cpe23Type"/>
538					</spdx:referenceType>
539					<spdx:referenceCategory rdf:resource="http://spdx.org/rdf/terms#referenceCategory_security"/>
540				</spdx:ExternalRef>
541			</spdx:externalRef>
542			<spdx:hasFile rdf:resource="http://spdx.org/documents/spdx-toolsv2.1.7-SNAPSHOT#SPDXRef-129" />
543			<spdx:relationship>
544			    <spdx:Relationship>
545					<spdx:relationshipType rdf:resource="http://spdx.org/rdf/terms#relationshipType_describes" />
546					<spdx:relatedSpdxElement rdf:resource="http://anupam-VirtualBox/repo/SPDX2_time-1.9#SPDXRef-upload2" />
547				</spdx:Relationship>
548			</spdx:relationship>
549			<spdx:attributionText>attribution text</spdx:attributionText>
550			<spdx:annotation>
551				<spdx:Annotation>
552					<spdx:annotationDate>2011-01-29T18:30:22Z</spdx:annotationDate>
553					<rdfs:comment>Package level annotation</rdfs:comment>
554					<spdx:annotator>Person: Package Commenter</spdx:annotator>
555					<spdx:annotationType rdf:resource="http://spdx.org/rdf/terms#annotationType_other"/>
556				</spdx:Annotation>
557			</spdx:annotation>
558		</spdx:Package>
559	`)
560	node = parser.gordfParserObj.Triples[0].Subject
561	_, err = parser.getPackageFromNode(node)
562	if err != nil {
563		t.Errorf("error parsing a valid package: %v", err)
564	}
565}
566
567func Test_rdfParser2_2_setFileToPackage(t *testing.T) {
568	var pkg *v2_2.Package
569	var file *v2_2.File
570	var parser *rdfParser2_2
571
572	// TestCase 1: setting to a nil files attribute shouldn't panic.
573	parser, _ = parserFromBodyContent(``)
574	pkg = &v2_2.Package{}
575	file = &v2_2.File{}
576	parser.setFileToPackage(pkg, file)
577	if len(pkg.Files) != 1 {
578		t.Errorf("expected given package to have one file after setting, got %d", len(pkg.Files))
579	}
580	if parser.assocWithPackage[file.FileSPDXIdentifier] != true {
581		t.Errorf("given file should've been associated with a package, assocWithPackage is false")
582	}
583}
584
585func Test_rdfParser2_2_setPackageChecksum(t *testing.T) {
586	var parser *rdfParser2_2
587	var node *gordfParser.Node
588	var pkg *v2_2.Package
589	var expectedChecksumValue string
590	var err error
591
592	// TestCase 1: invalid checksum algorithm
593	parser, _ = parserFromBodyContent(`
594		<spdx:Checksum>
595			<spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue>
596			<spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha999"/>
597		</spdx:Checksum>
598	`)
599	pkg = &v2_2.Package{}
600	node = parser.gordfParserObj.Triples[0].Subject
601	err = parser.setPackageChecksum(pkg, node)
602	if err == nil {
603		t.Error("expected an error due to invalid checksum node, got <nil>")
604	}
605
606	// TestCase 1: valid checksum algorithm which is invalid for package
607	parser, _ = parserFromBodyContent(`
608		<spdx:Checksum>
609			<spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue>
610			<spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha2000"/>
611		</spdx:Checksum>
612	`)
613	pkg = &v2_2.Package{}
614	node = parser.gordfParserObj.Triples[0].Subject
615	err = parser.setPackageChecksum(pkg, node)
616	if err == nil {
617		t.Error("expected an error due to invalid checksum for package, got <nil>")
618	}
619
620	// TestCase 2: valid checksum (sha1)
621	parser, _ = parserFromBodyContent(`
622		<spdx:Checksum>
623			<spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue>
624			<spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha1"/>
625		</spdx:Checksum>
626	`)
627	pkg = &v2_2.Package{}
628	node = parser.gordfParserObj.Triples[0].Subject
629	err = parser.setPackageChecksum(pkg, node)
630	if err != nil {
631		t.Errorf("unexpected error: %v", err)
632	}
633	expectedChecksumValue = "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12"
634
635	for _, checksum := range pkg.PackageChecksums {
636		switch checksum.Algorithm {
637		case common.SHA1:
638			if checksum.Value != expectedChecksumValue {
639				t.Errorf("expected %v, got: %v", expectedChecksumValue, checksum.Value)
640			}
641		}
642	}
643
644	// TestCase 3: valid checksum (sha256)
645	parser, _ = parserFromBodyContent(`
646		<spdx:Checksum>
647			<spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue>
648			<spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_sha256"/>
649		</spdx:Checksum>
650	`)
651	pkg = &v2_2.Package{}
652	node = parser.gordfParserObj.Triples[0].Subject
653	err = parser.setPackageChecksum(pkg, node)
654	if err != nil {
655		t.Errorf("unexpected error: %v", err)
656	}
657	expectedChecksumValue = "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12"
658	for _, checksum := range pkg.PackageChecksums {
659		switch checksum.Algorithm {
660		case common.SHA256:
661			if checksum.Value != expectedChecksumValue {
662				t.Errorf("expected %v, got: %v", expectedChecksumValue, checksum.Value)
663			}
664		}
665	}
666
667	// TestCase 4: valid checksum (md5)
668	parser, _ = parserFromBodyContent(`
669		<spdx:Checksum>
670			<spdx:checksumValue>2fd4e1c67a2d28fced849ee1bb76e7391b93eb12</spdx:checksumValue>
671			<spdx:algorithm rdf:resource="http://spdx.org/rdf/terms#checksumAlgorithm_md5"/>
672		</spdx:Checksum>
673	`)
674	pkg = &v2_2.Package{}
675	node = parser.gordfParserObj.Triples[0].Subject
676	err = parser.setPackageChecksum(pkg, node)
677	if err != nil {
678		t.Errorf("unexpected error: %v", err)
679	}
680	expectedChecksumValue = "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12"
681	for _, checksum := range pkg.PackageChecksums {
682		switch checksum.Algorithm {
683		case common.MD5:
684			if checksum.Value != expectedChecksumValue {
685				t.Errorf("expected %v, got: %v", expectedChecksumValue, checksum.Value)
686			}
687		}
688	}
689}
690
691func Test_setDocumentLocationFromURI(t *testing.T) {
692	var pkg *v2_2.Package
693	var expectedDocumentLocation, gotDocumentLocation string
694	var inputURI string
695	var err error
696
697	// TestCase 1: NOASSERTION
698	inputURI = SPDX_NOASSERTION_SMALL
699	pkg = &v2_2.Package{}
700	err = setDocumentLocationFromURI(pkg, inputURI)
701	if err != nil {
702		t.Fatalf("unexpected error: %v", err)
703	}
704	expectedDocumentLocation = "NOASSERTION"
705	gotDocumentLocation = pkg.PackageDownloadLocation
706	if expectedDocumentLocation != gotDocumentLocation {
707		t.Errorf("expected: %v, got: %v", expectedDocumentLocation, gotDocumentLocation)
708	}
709
710	// TestCase 2: NONE
711	inputURI = SPDX_NONE_CAPS
712	pkg = &v2_2.Package{}
713	err = setDocumentLocationFromURI(pkg, inputURI)
714	if err != nil {
715		t.Fatalf("unexpected error: %v", err)
716	}
717	expectedDocumentLocation = "NONE"
718	gotDocumentLocation = pkg.PackageDownloadLocation
719	if expectedDocumentLocation != gotDocumentLocation {
720		t.Errorf("expected: %v, got: %v", expectedDocumentLocation, gotDocumentLocation)
721	}
722
723	// TestCase 3: valid uri
724	inputURI = "https://www.gnu.org/software/texinfo/"
725	pkg = &v2_2.Package{}
726	err = setDocumentLocationFromURI(pkg, inputURI)
727	if err != nil {
728		t.Fatalf("unexpected error: %v", err)
729	}
730	expectedDocumentLocation = "https://www.gnu.org/software/texinfo/"
731	gotDocumentLocation = pkg.PackageDownloadLocation
732	if expectedDocumentLocation != gotDocumentLocation {
733		t.Errorf("expected: %v, got: %v", expectedDocumentLocation, gotDocumentLocation)
734	}
735
736	// TestCase 3: invalid uri
737	inputURI = " "
738	pkg = &v2_2.Package{}
739	err = setDocumentLocationFromURI(pkg, inputURI)
740	if err == nil {
741		t.Fatalf("expected an error due to invalid uri, got %v", err)
742	}
743}
744
745func Test_setFilesAnalyzed(t *testing.T) {
746	var pkg *v2_2.Package
747	var err error
748
749	// TestCase 1: not a valid bool value:
750	pkg = &v2_2.Package{}
751	err = setFilesAnalyzed(pkg, "no")
752	if err == nil {
753		t.Errorf("expected an error due to invalid bool input, got %v", err)
754	}
755
756	// TestCase 2: valid input
757	pkg = &v2_2.Package{}
758	err = setFilesAnalyzed(pkg, "true")
759	if err != nil {
760		t.Fatalf("unexpected error: %v", err)
761	}
762	if !pkg.IsFilesAnalyzedTagPresent {
763		t.Errorf("should've set IsFilesAnalyzedTagPresent, got: %t", pkg.IsFilesAnalyzedTagPresent)
764	}
765	if !pkg.FilesAnalyzed {
766		t.Errorf("expected: %t, got: %t", true, pkg.FilesAnalyzed)
767	}
768}
769