1 package org.apache.maven.plugins.enforcer;
2
3 /*
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
19 * under the License.
20 */
21
22 import java.util.HashSet;
23 import java.util.List;
24 import java.util.Set;
25
26 import org.apache.maven.artifact.Artifact;
27 import org.apache.maven.artifact.versioning.DefaultArtifactVersion;
28 import org.apache.maven.artifact.versioning.InvalidVersionSpecificationException;
29 import org.apache.maven.artifact.versioning.VersionRange;
30 import org.apache.maven.enforcer.rule.api.EnforcerRuleException;
31 import org.apache.maven.plugin.logging.Log;
32 import org.codehaus.plexus.util.StringUtils;
33
34 /**
35 * This rule checks that lists of dependencies are not included.
36 *
37 * @author <a href="mailto:brianf@apache.org">Brian Fox</a>
38 * @version $Id: BannedDependencies.java 1345332 2012-06-01 20:14:13Z rfscholte $
39 */
40 public class BannedDependencies
41 extends AbstractBanDependencies
42 {
43
44 /**
45 * Specify the banned dependencies. This can be a list of artifacts in the format <code>groupId[:artifactId][:version]</code>.
46 * Any of the sections can be a wildcard by using '*' (ie group:*:1.0) <br>
47 * The rule will fail if any dependency matches any exclude, unless it also matches an include rule.
48 */
49 public List<String> excludes = null;
50
51 /**
52 * Specify the allowed dependencies. This can be a list of artifacts in the format <code>groupId[:artifactId][:version]</code>.
53 * Any of the sections can be a wildcard by using '*' (ie group:*:1.0) <br>
54 * Includes override the exclude rules. It is meant to allow wide exclusion rules with wildcards and still allow a
55 * smaller set of includes. <br>
56 * For example, to ban all xerces except xerces-api -> exclude "xerces", include "xerces:xerces-api"
57 */
58 public List<String> includes = null;
59
60
61 /**
62 * {@inheritDoc}
63 */
64 protected Set<Artifact> checkDependencies( Set<Artifact> theDependencies, Log log )
65 throws EnforcerRuleException
66 {
67 Set<Artifact> excluded = checkDependencies( theDependencies, excludes );
68
69 // anything specifically included should be removed
70 // from the ban list.
71 if ( excluded != null )
72 {
73 Set<Artifact> included = checkDependencies( theDependencies, includes );
74 if ( included != null )
75 {
76 excluded.removeAll( included );
77 }
78 }
79 return excluded;
80
81 }
82
83 /**
84 * Checks the set of dependencies against the list of patterns.
85 *
86 * @param thePatterns the patterns
87 * @param dependencies the dependencies
88 * @return a set containing artifacts matching one of the patterns or <code>null</code>
89 * @throws EnforcerRuleException the enforcer rule exception
90 */
91 private Set<Artifact> checkDependencies( Set<Artifact> dependencies, List<String> thePatterns )
92 throws EnforcerRuleException
93 {
94 Set<Artifact> foundMatches = null;
95
96 if ( thePatterns != null && thePatterns.size() > 0 )
97 {
98
99 for ( String pattern : thePatterns )
100 {
101
102 String[] subStrings = pattern.split( ":" );
103 subStrings = StringUtils.stripAll( subStrings );
104
105 for ( Artifact artifact : dependencies )
106 {
107 if ( compareDependency( subStrings, artifact ) )
108 {
109 // only create if needed
110 if ( foundMatches == null )
111 {
112 foundMatches = new HashSet<Artifact>();
113 }
114 foundMatches.add( artifact );
115 }
116 }
117 }
118 }
119 return foundMatches;
120 }
121
122 /**
123 * Compares the parsed array of substrings against the artifact.
124 * The pattern should follow the format "groupId:artifactId:version:type:scope"
125 *
126 * @param pattern the array of patterns
127 * @param artifact the artifact
128 * @return <code>true</code> if the artifact matches one of the patterns
129 * @throws EnforcerRuleException the enforcer rule exception
130 */
131 protected boolean compareDependency( String[] pattern, Artifact artifact )
132 throws EnforcerRuleException
133 {
134
135 boolean result = false;
136 if ( pattern.length > 0 )
137 {
138 result = pattern[0].equals( "*" ) || artifact.getGroupId().equals( pattern[0] );
139 }
140
141 if ( result && pattern.length > 1 )
142 {
143 result = pattern[1].equals( "*" ) || artifact.getArtifactId().equals( pattern[1] );
144 }
145
146 if ( result && pattern.length > 2 )
147 {
148 // short circuit if the versions are exactly the same
149 if ( pattern[2].equals( "*" ) || artifact.getVersion().equals( pattern[2] ) )
150 {
151 result = true;
152 }
153 else
154 {
155 try
156 {
157 result =
158 AbstractVersionEnforcer.containsVersion( VersionRange.createFromVersionSpec( pattern[2] ),
159 new DefaultArtifactVersion( artifact.getBaseVersion() ) );
160 }
161 catch ( InvalidVersionSpecificationException e )
162 {
163 throw new EnforcerRuleException( "Invalid Version Range: ", e );
164 }
165 }
166 }
167
168 if ( result && pattern.length > 3 )
169 {
170 String type = artifact.getType();
171 if ( type == null || type.equals( "" ) )
172 {
173 type = "jar";
174 }
175 result = pattern[3].equals( "*" ) || type.equals( pattern[3] );
176 }
177
178 if ( result && pattern.length > 4 )
179 {
180 String scope = artifact.getScope();
181 if ( scope == null || scope.equals( "" ) )
182 {
183 scope = "compile";
184 }
185 result = pattern[4].equals( "*" ) || scope.equals( pattern[4] );
186 }
187
188 return result;
189 }
190
191 /**
192 * Gets the excludes.
193 *
194 * @return the excludes
195 */
196 public List<String> getExcludes()
197 {
198 return this.excludes;
199 }
200
201 /**
202 * Sets the excludes.
203 *
204 * @param theExcludes the excludes to set
205 */
206 public void setExcludes( List<String> theExcludes )
207 {
208 this.excludes = theExcludes;
209 }
210
211 /**
212 * Gets the includes.
213 *
214 * @return the includes
215 */
216 public List<String> getIncludes()
217 {
218 return this.includes;
219 }
220
221 /**
222 * Sets the includes.
223 *
224 * @param theIncludes the includes to set
225 */
226 public void setIncludes( List<String> theIncludes )
227 {
228 this.includes = theIncludes;
229 }
230
231 }