Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TestPR #3

Draft
wants to merge 17 commits into
base: develop
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 3 additions & 8 deletions .github/workflows/analysis-of-endpoint-connections.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ on:
- 'src/main/webapp/**'

jobs:
show-modified-files:
analysis-of-endpoint-connections:
timeout-minutes: 10
runs-on: ubuntu-latest
steps:
Expand All @@ -29,11 +29,6 @@ jobs:
java-version: '21'
distribution: 'adopt'

- name: Build analysis-of-endpoint-connections
- name: Run analysis-of-endpoint-connections
run: |
./gradlew :supporting_scripts:analysis-of-endpoint-connections:build
./gradlew :supporting_scripts:analysis-of-endpoint-connections:shadowJar

- name: run analysis-of-endpoint-connections
run: |
java -jar supporting_scripts/analysis-of-endpoint-connections/build/libs/analysis-of-endpoint-connections-1.0-SNAPSHOT-all.jar $(cat modified_files.txt)
./gradlew :supporting_scripts:analysis-of-endpoint-connections:run --args="$(cat modified_files.txt)"
7 changes: 5 additions & 2 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,9 @@ repositories {
ext["jackson.version"] = fasterxml_version
ext["junit-jupiter.version"] = junit_version

ext { qDox = "com.thoughtworks.qdox:qdox:2.1.0" }
ext { springBootStarterWeb = "org.springframework.boot:spring-boot-starter-web:${spring_boot_version}" }

dependencies {

// Note: jenkins-client is not well maintained and includes dependencies to libraries with critical security issues (e.g. CVE-2020-10683 for [email protected])
Expand Down Expand Up @@ -263,7 +266,7 @@ dependencies {
}
}

implementation "com.thoughtworks.qdox:qdox:2.1.0"
implementation qDox
implementation "io.sentry:sentry-logback:${sentry_version}"
implementation "io.sentry:sentry-spring-boot-starter-jakarta:${sentry_version}"

Expand Down Expand Up @@ -328,7 +331,7 @@ dependencies {
implementation "org.springframework.boot:spring-boot-starter-aop:${spring_boot_version}"
implementation "org.springframework.boot:spring-boot-starter-data-jpa:${spring_boot_version}"
implementation "org.springframework.boot:spring-boot-starter-security:${spring_boot_version}"
implementation("org.springframework.boot:spring-boot-starter-web:${spring_boot_version}") {
implementation(springBootStarterWeb) {
exclude module: "spring-boot-starter-undertow"
}
implementation "org.springframework.boot:spring-boot-starter-tomcat:${spring_boot_version}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
@RestController
@RequestMapping("api/")
public class TutorialGroupFreePeriodResource {
// test change

private static final String ENTITY_NAME = "tutorialGroupFreePeriod";

Expand Down
23 changes: 12 additions & 11 deletions supporting_scripts/analysis-of-endpoint-connections/build.gradle
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
plugins {
id 'java'
id 'com.github.johnrengelman.shadow' version '7.1.0'
id 'application'
}

group 'de.tum.in.www1.artemis'
Expand All @@ -10,22 +10,23 @@ repositories {
mavenCentral()
}

evaluationDependsOn(':')

dependencies {
implementation 'com.thoughtworks.qdox:qdox:2.0-M9'
implementation 'org.springframework.boot:spring-boot-starter-web:2.5.4'
testImplementation 'junit:junit:4.13.2'
implementation rootProject.ext.qDox
implementation rootProject.ext.springBootStarterWeb
}

test {
useJUnitPlatform()
}

jar {
duplicatesStrategy = DuplicatesStrategy.EXCLUDE
manifest {
attributes 'Main-Class': 'analysisOfEndpointConnections.AnalysisOfEndpointConnections'
}
from {
configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) }
application {
mainClassName = 'de.tum.cit.artemis.endpointanalysis.AnalysisOfEndpointConnections'
}

run {
if (project.hasProperty('appArgs')) {
args = project.appArgs.split(' ')
}
}

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
package de.tum.cit.artemis.endpointanalysis;

import java.io.File;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.Optional;

import com.thoughtworks.qdox.JavaProjectBuilder;
import com.thoughtworks.qdox.model.JavaAnnotation;
import com.thoughtworks.qdox.model.JavaClass;
import com.thoughtworks.qdox.model.JavaMethod;

public class AnalysisOfEndpointConnections {

/**
* This is the entry point of the analysis of server sided endpoints.
*
* @param args List of files that should be analyzed regarding endpoints.
*/
public static void main(String[] args) {
if (args.length == 0) {
System.out.println("No files to analyze.");
return;
}
String[] filePaths = args[0].split("\n");
String[] serverFiles = Arrays.stream(filePaths).map(filePath -> "../../" + filePath).filter(filePath -> new File(filePath).exists() && filePath.endsWith(".java"))
.toArray(String[]::new);
analyzeServerEndpoints(serverFiles);
}

private static void analyzeServerEndpoints(String[] filePaths) {
final String requestMappingFullName = "org.springframework.web.bind.annotation.RequestMapping";
final List<String> httpMethodFullNames = List.of("org.springframework.web.bind.annotation.GetMapping", "org.springframework.web.bind.annotation.PostMapping",
"org.springframework.web.bind.annotation.PutMapping", "org.springframework.web.bind.annotation.DeleteMapping",
"org.springframework.web.bind.annotation.PatchMapping", requestMappingFullName);

JavaProjectBuilder builder = new JavaProjectBuilder();
for (String filePath : filePaths) {
builder.addSourceTree(new File(filePath));
}

Collection<JavaClass> classes = builder.getClasses();
for (JavaClass javaClass : classes) {
Optional<JavaAnnotation> requestMappingOptional = javaClass.getAnnotations().stream()
.filter(annotation -> annotation.getType().getFullyQualifiedName().equals(requestMappingFullName)).findFirst();

boolean hasEndpoint = javaClass.getMethods().stream().flatMap(method -> method.getAnnotations().stream())
.anyMatch(annotation -> httpMethodFullNames.contains(annotation.getType().getFullyQualifiedName()));

if (hasEndpoint) {
System.out.println("==================================================");
System.out.println("Class: " + javaClass.getFullyQualifiedName());
requestMappingOptional.ifPresent(annotation -> System.out.println("Class Request Mapping: " + annotation.getProperty("value")));
System.out.println("==================================================");
}

for (JavaMethod method : javaClass.getMethods()) {
for (JavaAnnotation annotation : method.getAnnotations()) {
if (httpMethodFullNames.contains(annotation.getType().getFullyQualifiedName())) {
System.out.println("Endpoint: " + method.getName());
System.out
.println(requestMappingFullName.equals(annotation.getType().getFullyQualifiedName()) ? "RequestMapping·method: " + annotation.getProperty("method")
: "HTTP method annotation: " + annotation.getType().getName());
System.out.println("Path: " + annotation.getProperty("value"));
System.out.println("Line: " + method.getLineNumber());
List<String> annotations = method.getAnnotations().stream().filter(a -> !a.equals(annotation)).map(a -> a.getType().getName()).toList();
System.out.println("Other annotations: " + annotations);
System.out.println("---------------------------------------------------");
}
}
}
}
}
}
Loading