View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.eclipse.aether.internal.impl.checksum;
20  
21  import java.io.IOException;
22  import java.nio.file.Files;
23  import java.nio.file.Path;
24  
25  import org.eclipse.aether.DefaultRepositorySystemSession;
26  import org.eclipse.aether.artifact.DefaultArtifact;
27  import org.eclipse.aether.impl.RepositorySystemLifecycle;
28  import org.eclipse.aether.internal.impl.DefaultLocalPathComposer;
29  import org.eclipse.aether.internal.impl.DefaultRepositorySystemLifecycle;
30  import org.eclipse.aether.internal.impl.SimpleLocalRepositoryManagerFactory;
31  import org.eclipse.aether.repository.LocalRepository;
32  import org.eclipse.aether.repository.NoLocalRepositoryManagerException;
33  import org.eclipse.aether.spi.checksums.TrustedChecksumsSource;
34  import org.junit.jupiter.api.Test;
35  import org.junit.jupiter.api.io.TempDir;
36  
37  import static java.util.Arrays.asList;
38  import static java.util.Collections.singletonList;
39  import static java.util.Collections.singletonMap;
40  import static org.junit.jupiter.api.Assertions.assertLinesMatch;
41  
42  public class SummaryFileTrustedChecksumsSourceTest extends FileTrustedChecksumsSourceTestSupport {
43      @Override
44      protected FileTrustedChecksumsSourceSupport prepareSubject(RepositorySystemLifecycle lifecycle) {
45          return new SummaryFileTrustedChecksumsSource(new DefaultLocalPathComposer(), lifecycle);
46      }
47  
48      @Override
49      protected void enableSource(DefaultRepositorySystemSession session) {
50          session.setConfigProperty("aether.trustedChecksumsSource.summaryFile", Boolean.TRUE.toString());
51      }
52  
53      @Test
54      void ensureOrderIsHumanFriendly(@TempDir final Path work) throws NoLocalRepositoryManagerException, IOException {
55          final RepositorySystemLifecycle lifecycle = new DefaultRepositorySystemLifecycle();
56          final FileTrustedChecksumsSourceSupport src = prepareSubject(lifecycle);
57          final DefaultRepositorySystemSession session = new DefaultRepositorySystemSession(h -> false);
58          final LocalRepository repository = new LocalRepository(work.toFile(), "simple");
59          session.setLocalRepositoryManager(new SimpleLocalRepositoryManagerFactory().newInstance(session, repository));
60  
61          final Sha1ChecksumAlgorithmFactory algorithmFactory = new Sha1ChecksumAlgorithmFactory();
62          final TrustedChecksumsSource.Writer appender = src.doGetTrustedArtifactChecksumsWriter(session);
63  
64          // we ensure if we sort by checksum we keep the "add" order
65          // to avoid false positives but we'll sort by paths so not keep it
66          appender.addTrustedArtifactChecksums(
67                  new DefaultArtifact("org.foo", "bar", "jar", "1.2.3"),
68                  repository,
69                  singletonList(algorithmFactory),
70                  singletonMap("SHA-1", "000"));
71          appender.addTrustedArtifactChecksums(
72                  new DefaultArtifact("com.dummy", "something", "jar", "0.0.1"),
73                  repository,
74                  singletonList(algorithmFactory),
75                  singletonMap("SHA-1", "111"));
76          appender.addTrustedArtifactChecksums(
77                  new DefaultArtifact("org.zzzz", "art", "jar", "5.6.7"),
78                  repository,
79                  singletonList(algorithmFactory),
80                  singletonMap("SHA-1", "222"));
81  
82          // generate the dump
83          lifecycle.systemEnded();
84  
85          // ensure it is sorted by artifact "path"
86          assertLinesMatch(
87                  asList(
88                          "111  com/dummy/something/0.0.1/something-0.0.1.jar",
89                          "000  org/foo/bar/1.2.3/bar-1.2.3.jar",
90                          "222  org/zzzz/art/5.6.7/art-5.6.7.jar"),
91                  Files.readAllLines(work.resolve(".checksums/checksums-local.sha1")));
92      }
93  }