new analysis

montiSecArcAnalysis/src/main/java/secarc/ets/analysis/filter/AvoidInputString.java

+package secarc.ets.analysis.filter;
+
+import interfaces2.resolvers.AmbigousException;
+import mc.IErrorCode;
+import mc.umlp.arcd._ast.ASTArcPort;
+import secarc.error.MontiSecArcAnalysisErrorCodes;
+import secarc.ets.analysis.checker.Analysis;
+import secarc.ets.analysis.checker.AnalysisHelper;
+import secarc.ets.analysis.checker.ISecAnalysisPortChecker;
+import secarc.ets.check.MontiSecArcAnalysisConstants;
+import secarc.ets.entries.SecPortEntry;
+import secarc.ets.graph.ArchitectureGraph;
+
+public class AvoidInputString extends Analysis implements
+		ISecAnalysisPortChecker {
+
+	public AvoidInputString() {
+		super(MontiSecArcAnalysisConstants.AVOID_INPUT_STRING);
+	}
+
+	@Override
+	public void check(ASTArcPort node, SecPortEntry entry,
+			ArchitectureGraph graph) throws AmbigousException {
+		if(AnalysisHelper.isPortBenningOfPath(node, resolver, getNameSpaceFor(node), getNameSpaceFor(node.getMainParent())) 
+				&& entry.getTypeReference().getExtendedName().equals("java.lang.String")) {
+			addReport("The input port " + entry.getName() + " has the type " + entry.getTypeReference() + ". This type is not specific enough.", node.get_SourcePositionStart());
+		}
+
+	}
+
+	@Override
+	public IErrorCode getErrorCode() { 
+		return MontiSecArcAnalysisErrorCodes.AvoidInputString;
+	}
+
+}

montiSecArcAnalysis/src/main/java/secarc/ets/analysis/identity/TrustlevelClientServer.java

+package secarc.ets.analysis.identity;
+
+import mc.IErrorCode;
+import interfaces2.coco.ContextCondition;
+import interfaces2.namespaces.NameSpace;
+import interfaces2.resolvers.AmbigousException;
+import secarc._ast.ASTSecArcIdentity;
+import secarc.error.MontiSecArcAnalysisErrorCodes;
+import secarc.ets.check.CoCoHelper;
+import secarc.ets.check.MontiSecArcAnalysisConstants;
+import secarc.ets.cocos.checkers.ISecIdentityChecker;
+import secarc.ets.entries.IdentityEntry;
+import secarc.ets.entries.SecComponentEntry;
+
+/**
+ * Check if the trustlevel for the client is lower then the trustlevel for the server
+ * 
+ * <br>
+ * <br>
+ * Copyright (c) 2011 RWTH Aachen. All rights reserved
+ * 
+ * @author (last commit) $Author$
+ * @version $Date$<br>
+ * $Revision$
+ * 
+ */
+public class TrustlevelClientServer extends ContextCondition implements ISecIdentityChecker {
+
+	public TrustlevelClientServer() {
+		super(MontiSecArcAnalysisConstants.TRUSTLEVEL_CLIENT_SERVER_IDENTITY);
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * @see secarc.ets.cocos.checkers.ISecIdentityChecker#check(secarc._ast.ASTSecArcIdentity, secarc.ets.entries.IdentityEntry)
+	 */
+	@Override
+	public void check(ASTSecArcIdentity node, IdentityEntry entry) throws AmbigousException {
+		String refSource = entry.getSource();
+		String refTarget = entry.getTarget();
+		SecComponentEntry sourceComp = null;
+		SecComponentEntry targetComp = null;
+
+		sourceComp = CoCoHelper.getSecComponentEntry(refSource, node, getNameSpaceFor(node), this);
+		NameSpace np = getNameSpaceFor(node).getParent();
+		// Searching for right namespace of target
+		while (np != null) {
+			targetComp = CoCoHelper.getSecComponentEntry(refTarget, node, np, this);
+			if (targetComp != null) {
+				break;
+			}
+			np = np.getParent();
+		}
+
+		//Existence is checked in other coco
+		if(sourceComp != null && targetComp != null &&
+			//Trustlevel existence is checked in other coco
+			sourceComp.getTrustlevel().isPresent() && targetComp.getTrustlevel().isPresent()) {
+			//Is the Trustelevel of the target higher then the trustlevel of the source
+			if(sourceComp.getTrustlevel().get().getValue() >= targetComp.getTrustlevel().get().getValue()) {
+				addReport("The trustlevel of the server " + refTarget + " should be higher than the trustlevel of the client " + refSource + ".", node.get_SourcePositionStart());
+			}
+		}
+		
+		
+		
+	}
+
+	/*
+	 * (non-Javadoc)
+	 * @see interfaces2.coco.ContextCondition#getErrorCode()
+	 */
+	@Override
+	public IErrorCode getErrorCode() {
+		return MontiSecArcAnalysisErrorCodes.TrustlevelClientServerIdentity;
+	}
+
+}