Merge pull request #144 from tls-attacker/guidelines-less-generics

Guidelines with less generics + requirement level in GuidelineCheckResult

Author: Conradowatz

src/main/java/de/rub/nds/scanner/core/execution/Scanner.java

@@ -127,7 +127,7 @@ protected SiteReportRater getSiteReportRater() {
      *
      * @return A list of guidelines.
      */
-    protected List<Guideline<ReportT>> getGuidelines() {
+    protected List<Guideline> getGuidelines() {
         return List.of();
     }
 
@@ -191,9 +191,9 @@ public ReportT scan() {
 
         // Guideline Evaluation
         LOGGER.debug("Retrieving guidelines for evaluation");
-        List<Guideline<ReportT>> guidelines = getGuidelines();
+        List<Guideline> guidelines = getGuidelines();
         LOGGER.debug("Got a total of {} guidelines to evaluate", guidelines.size());
-        for (Guideline<ReportT> guideline : guidelines) {
+        for (Guideline guideline : guidelines) {
             LOGGER.debug("Executing evaluation of guideline '{}'", guideline.getName());
             GuidelineChecker<ReportT> checker = new GuidelineChecker<>(guideline);
             checker.fillReport(report);

src/main/java/de/rub/nds/scanner/core/guideline/FailedCheckGuidelineResult.java

@@ -16,11 +16,17 @@ private FailedCheckGuidelineResult() {
         super(null, null);
     }
 
-    public FailedCheckGuidelineResult(String checkName, GuidelineAdherence adherence) {
-        super(checkName, adherence);
+    public FailedCheckGuidelineResult(GuidelineCheck check, GuidelineAdherence adherence) {
+        super(check, adherence);
     }
 
-    public FailedCheckGuidelineResult(String checkName, GuidelineAdherence adherence, String hint) {
-        super(checkName, adherence, hint);
+    public FailedCheckGuidelineResult(
+            GuidelineCheck check, GuidelineAdherence adherence, String hint) {
+        super(check, adherence, hint);
+    }
+
+    @Override
+    public String toString() {
+        return "Failed guideline check: " + getHint();
     }
 }

src/main/java/de/rub/nds/scanner/core/guideline/Guideline.java

@@ -8,7 +8,6 @@
  */
 package de.rub.nds.scanner.core.guideline;
 
-import de.rub.nds.scanner.core.report.ScanReport;
 import jakarta.xml.bind.annotation.*;
 import java.io.Serializable;
 import java.util.ArrayList;
@@ -18,19 +17,19 @@
 @XmlRootElement(name = "guideline")
 @XmlType(propOrder = {"name", "link", "checks"})
 @XmlAccessorType(XmlAccessType.FIELD)
-public class Guideline<ReportT extends ScanReport> implements Serializable {
+public class Guideline implements Serializable {
 
     private String name;
     private String link;
 
     @XmlAnyElement(lax = true)
-    private List<GuidelineCheck<ReportT>> checks;
+    private List<GuidelineCheck> checks;
 
     /** Private no-arg constructor to please JAXB */
     @SuppressWarnings("unused")
     private Guideline() {}
 
-    public Guideline(String name, String link, List<GuidelineCheck<ReportT>> checks) {
+    public Guideline(String name, String link, List<GuidelineCheck> checks) {
         this.name = name;
         this.link = link;
         this.checks = new ArrayList<>(checks);
@@ -77,7 +76,7 @@ public void setLink(String link) {
      *
      * @return an unmodifiable list of guideline checks
      */
-    public List<GuidelineCheck<ReportT>> getChecks() {
+    public List<GuidelineCheck> getChecks() {
         return checks != null ? Collections.unmodifiableList(checks) : Collections.emptyList();
     }
 
@@ -86,7 +85,7 @@ public List<GuidelineCheck<ReportT>> getChecks() {
      *
      * @param check the guideline check to add
      */
-    public void addCheck(GuidelineCheck<ReportT> check) {
+    public void addCheck(GuidelineCheck check) {
         if (checks == null) {
             checks = new ArrayList<>();
         }

src/main/java/de/rub/nds/scanner/core/guideline/GuidelineCheck.java

@@ -15,7 +15,7 @@
 import org.apache.logging.log4j.Logger;
 
 @XmlAccessorType(XmlAccessType.FIELD)
-public abstract class GuidelineCheck<ReportT extends ScanReport> {
+public abstract class GuidelineCheck {
 
     private static final Logger LOGGER = LogManager.getLogger();
 
@@ -46,19 +46,20 @@ public GuidelineCheck(
      * @param report the scan report to evaluate
      * @return the result of the guideline check evaluation
      */
-    public abstract GuidelineCheckResult evaluate(ReportT report);
+    public abstract <ReportT extends ScanReport> GuidelineCheckResult evaluate(ReportT report);
 
     /**
      * Checks if the report satisfies the condition required for this guideline check.
      *
      * @param report the scan report to check against the condition
      * @return true if the condition is satisfied or no condition is set, false otherwise
      */
-    public boolean passesCondition(ReportT report) {
+    public <ReportT extends ScanReport> boolean passesCondition(ReportT report) {
         return this.passesCondition(report, this.condition);
     }
 
-    private boolean passesCondition(ReportT report, GuidelineCheckCondition condition) {
+    private <ReportT extends ScanReport> boolean passesCondition(
+            ReportT report, GuidelineCheckCondition condition) {
         if (condition == null) {
             return true;
         }

src/main/java/de/rub/nds/scanner/core/guideline/GuidelineCheckResult.java

@@ -14,25 +14,30 @@
 public abstract class GuidelineCheckResult {
 
     private String checkName;
+    private RequirementLevel level;
     private GuidelineAdherence adherence;
     private String hint;
 
     @SuppressWarnings("unused")
     // Default constructor for deserialization
     private GuidelineCheckResult() {
         this.checkName = null;
+        this.level = null;
         this.adherence = null;
         this.hint = null;
     }
 
-    protected GuidelineCheckResult(String checkName, GuidelineAdherence adherence) {
-        this.checkName = checkName;
+    protected GuidelineCheckResult(GuidelineCheck check, GuidelineAdherence adherence) {
+        this.checkName = check != null ? check.getName() : null;
+        this.level = check != null ? check.getRequirementLevel() : null;
         this.adherence = adherence;
         this.hint = null;
     }
 
-    protected GuidelineCheckResult(String checkName, GuidelineAdherence adherence, String hint) {
-        this.checkName = checkName;
+    protected GuidelineCheckResult(
+            GuidelineCheck check, GuidelineAdherence adherence, String hint) {
+        this.checkName = check.getName();
+        this.level = check.getRequirementLevel();
         this.adherence = adherence;
         this.hint = hint;
     }
@@ -90,4 +95,22 @@ public String getHint() {
     public void setHint(String hint) {
         this.hint = hint;
     }
+
+    /**
+     * Sets the requirement level of the check.
+     *
+     * @return the requirementLevel to set
+     */
+    public RequirementLevel getLevel() {
+        return level;
+    }
+
+    /**
+     * Sets the requirement level of the check.
+     *
+     * @param level the requirementLevel or null if non is set
+     */
+    public void setLevel(RequirementLevel level) {
+        this.level = level;
+    }
 }

src/main/java/de/rub/nds/scanner/core/guideline/GuidelineChecker.java

@@ -18,9 +18,9 @@ public class GuidelineChecker<ReportT extends ScanReport> {
 
     protected static final Logger LOGGER = LogManager.getLogger();
 
-    private final Guideline<ReportT> guideline;
+    private final Guideline guideline;
 
-    public GuidelineChecker(Guideline<ReportT> guideline) {
+    public GuidelineChecker(Guideline guideline) {
         this.guideline = guideline;
     }
 
@@ -32,12 +32,12 @@ public GuidelineChecker(Guideline<ReportT> guideline) {
      */
     public void fillReport(ReportT report) {
         List<GuidelineCheckResult> results = new ArrayList<>();
-        for (GuidelineCheck<ReportT> check : guideline.getChecks()) {
+        for (GuidelineCheck check : guideline.getChecks()) {
             GuidelineCheckResult result;
             if (!check.passesCondition(report)) {
                 result =
                         new MissingRequirementGuidelineResult(
-                                check.getName(),
+                                check,
                                 GuidelineAdherence.CONDITION_NOT_MET,
                                 "Condition was not met => Check is skipped.");
             } else {
@@ -47,7 +47,7 @@ public void fillReport(ReportT report) {
                     LOGGER.debug("Failed evaluating check: ", throwable);
                     result =
                             new FailedCheckGuidelineResult(
-                                    check.getName(),
+                                    check,
                                     GuidelineAdherence.CHECK_FAILED,
                                     throwable.getLocalizedMessage());
                 }

src/main/java/de/rub/nds/scanner/core/guideline/GuidelineIO.java

@@ -9,7 +9,6 @@
 package de.rub.nds.scanner.core.guideline;
 
 import de.rub.nds.scanner.core.probe.AnalyzedProperty;
-import de.rub.nds.scanner.core.report.ScanReport;
 import de.rub.nds.scanner.core.util.JaxbSerializer;
 import jakarta.xml.bind.JAXBContext;
 import jakarta.xml.bind.JAXBException;
@@ -33,8 +32,7 @@
 import org.reflections.util.ConfigurationBuilder;
 import org.reflections.util.FilterBuilder;
 
-public final class GuidelineIO<ReportT extends ScanReport>
-        extends JaxbSerializer<Guideline<ReportT>> {
+public final class GuidelineIO extends JaxbSerializer<Guideline> {
 
     private Logger LOGGER = LogManager.getLogger();
 
@@ -112,11 +110,11 @@ private static List<String> listXmlFiles(ClassLoader classLoader, String folder)
         return xmlFilePaths;
     }
 
-    public List<Guideline<ReportT>> readGuidelines(ClassLoader classLoader, String subFolder) {
+    public List<Guideline> readGuidelines(ClassLoader classLoader, String subFolder) {
 
         LOGGER.debug("Loading guidelines from files...");
 
-        List<Guideline<ReportT>> guidelines = new ArrayList<>();
+        List<Guideline> guidelines = new ArrayList<>();
 
         try {
             // Get all files in guideline folder

src/main/java/de/rub/nds/scanner/core/guideline/MissingRequirementGuidelineResult.java

@@ -17,12 +17,12 @@ private MissingRequirementGuidelineResult() {
         super(null, null);
     }
 
-    public MissingRequirementGuidelineResult(String checkName, GuidelineAdherence adherence) {
-        super(checkName, adherence);
+    public MissingRequirementGuidelineResult(GuidelineCheck check, GuidelineAdherence adherence) {
+        super(check, adherence);
     }
 
     public MissingRequirementGuidelineResult(
-            String checkName, GuidelineAdherence adherence, String hint) {
-        super(checkName, adherence, hint);
+            GuidelineCheck check, GuidelineAdherence adherence, String hint) {
+        super(check, adherence, hint);
     }
 }

src/test/java/de/rub/nds/scanner/core/execution/ScannerTest.java

@@ -145,7 +145,7 @@ static class TestScanner extends Scanner<TestReport, TestProbe, TestAfterProbe,
         private TestReport reportToReturn;
         private boolean checkPrerequisites = true;
         private SiteReportRater rater;
-        private List<Guideline<TestReport>> guidelines = new ArrayList<>();
+        private List<Guideline> guidelines = new ArrayList<>();
 
         TestScanner(ExecutorConfig config) {
             super(config);
@@ -200,7 +200,7 @@ protected SiteReportRater getSiteReportRater() {
         }
 
         @Override
-        protected List<Guideline<TestReport>> getGuidelines() {
+        protected List<Guideline> getGuidelines() {
             return guidelines;
         }
 
@@ -216,7 +216,7 @@ public void setSiteReportRater(SiteReportRater rater) {
             this.rater = rater;
         }
 
-        public void setGuidelines(List<Guideline<TestReport>> guidelines) {
+        public void setGuidelines(List<Guideline> guidelines) {
             this.guidelines = guidelines;
         }
 
@@ -357,8 +357,8 @@ public void testScanWithGuidelines() {
         TestReport report;
         try (TestScanner scanner = new TestScanner(executorConfig)) {
 
-            Guideline<TestReport> guideline =
-                    new Guideline<>("TestGuideline", "http://example.com", new ArrayList<>());
+            Guideline guideline =
+                    new Guideline("TestGuideline", "http://example.com", new ArrayList<>());
 
             scanner.setGuidelines(List.of(guideline));
             report = scanner.scan();

src/test/java/de/rub/nds/scanner/core/guideline/FailedCheckGuidelineResultTest.java

@@ -12,33 +12,35 @@
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertNull;
 
+import de.rub.nds.scanner.core.guideline.testutil.IOTestGuidelineCheck;
 import java.lang.reflect.Constructor;
 import org.junit.jupiter.api.Test;
 
 class FailedCheckGuidelineResultTest {
 
     @Test
-    void testConstructorWithNameAndAdherence() {
-        String checkName = "TestCheck";
+    void testConstructorWithCheckAndAdherence() {
+        GuidelineCheck check = new IOTestGuidelineCheck("Test name", RequirementLevel.MUST);
         GuidelineAdherence adherence = GuidelineAdherence.CHECK_FAILED;
 
-        FailedCheckGuidelineResult result = new FailedCheckGuidelineResult(checkName, adherence);
+        FailedCheckGuidelineResult result = new FailedCheckGuidelineResult(check, adherence);
 
-        assertEquals(checkName, result.getCheckName());
+        assertEquals(check.getName(), result.getCheckName());
+        assertEquals(check.getRequirementLevel(), result.getLevel());
         assertEquals(adherence, result.getAdherence());
         assertNull(result.getHint());
     }
 
     @Test
-    void testConstructorWithNameAdherenceAndHint() {
-        String checkName = "TestCheck";
+    void testConstructorWithCheckAdherenceAndHint() {
+        GuidelineCheck check = new IOTestGuidelineCheck("Test name", RequirementLevel.MUST);
         GuidelineAdherence adherence = GuidelineAdherence.CHECK_FAILED;
         String hint = "This check failed due to an exception";
 
-        FailedCheckGuidelineResult result =
-                new FailedCheckGuidelineResult(checkName, adherence, hint);
+        FailedCheckGuidelineResult result = new FailedCheckGuidelineResult(check, adherence, hint);
 
-        assertEquals(checkName, result.getCheckName());
+        assertEquals(check.getName(), result.getCheckName());
+        assertEquals(check.getRequirementLevel(), result.getLevel());
         assertEquals(adherence, result.getAdherence());
         assertEquals(hint, result.getHint());
     }
@@ -54,20 +56,24 @@ void testDefaultConstructorUsedInReflection() throws Exception {
         assertNotNull(instance);
         FailedCheckGuidelineResult result = (FailedCheckGuidelineResult) instance;
         assertNull(result.getCheckName());
+        assertNull(result.getLevel());
         assertNull(result.getAdherence());
     }
 
     @Test
     void testInheritanceFromGuidelineCheckResult() {
+        GuidelineCheck check = new IOTestGuidelineCheck("Test name", RequirementLevel.MUST);
         FailedCheckGuidelineResult result =
-                new FailedCheckGuidelineResult("Test", GuidelineAdherence.CHECK_FAILED);
+                new FailedCheckGuidelineResult(check, GuidelineAdherence.CHECK_FAILED);
 
         // Test inherited setters
         result.setCheckName("NewName");
         result.setAdherence(GuidelineAdherence.VIOLATED);
         result.setHint("New hint");
+        result.setLevel(RequirementLevel.MAY);
 
         assertEquals("NewName", result.getCheckName());
+        assertEquals(RequirementLevel.MAY, result.getLevel());
         assertEquals(GuidelineAdherence.VIOLATED, result.getAdherence());
         assertEquals("New hint", result.getHint());
     }