Commit 9effa649 authored by Paff's avatar Paff
Browse files

analysis: derived roles for "normal" components

parent e4c33ae7
/**
* Generated on Mon Oct 06 12:26:32 CEST 2014
* Generated on Mon Oct 06 13:26:55 CEST 2014
*/
config {
Require-Model:
......
/**
* Generated on Mon Oct 06 12:26:53 CEST 2014
* Generated on Mon Oct 06 13:27:14 CEST 2014
*/
config {
Require-Model:
......
......@@ -69,4 +69,10 @@ public enum MontiSecArcAnalysisErrorCodes implements IErrorCode {
* Lists all critical ports
*/
ListAllCriticalPorts,
/**
* List all roles for a component
*/
DerivedRolesComponent,
}
package secarc.ets.analysis.role;
import java.util.ArrayList;
import java.util.List;
import interfaces2.resolvers.AmbigousException;
import mc.IErrorCode;
import mc.helper.NameHelper;
import mc.umlp.arcd._ast.ASTArcComponent;
import mc.umlp.arcd.ets.entries.SubComponentEntry;
import secarc.error.MontiSecArcAnalysisErrorCodes;
import secarc.ets.analysis.checker.Analysis;
import secarc.ets.analysis.checker.ISecAnalysisComponentChecker;
import secarc.ets.check.MontiSecArcAnalysisConstants;
import secarc.ets.entries.RoleEntry;
import secarc.ets.entries.SecComponentEntry;
/**
* Lists all roles for a component
* - Testing for privilege escalation
*
* <br>
* <br>
* Copyright (c) 2011 RWTH Aachen. All rights reserved
*
* @author (last commit) $Author$
* @version $Date$<br>
* $Revision$
*
*/
public class DerivedRolesComponent extends Analysis implements
ISecAnalysisComponentChecker {
/**
* Roles of component
*/
List<RoleEntry> roleEntries;
public DerivedRolesComponent() {
super(MontiSecArcAnalysisConstants.DERIVED_ROLES_COMPONENT);
}
@Override
public void check(ASTArcComponent node, SecComponentEntry entry)
throws AmbigousException {
//Check if component is not a 3rd party component
if(entry.getConfiguration() != null || entry.getVersion() != null) {
return;
}
roleEntries = new ArrayList<RoleEntry>();
addSubcomponentRoles(entry);
if(roleEntries.size() > 0) {
StringBuilder sBuilder = new StringBuilder("The component " + NameHelper.getSimplenameFromComplexname(entry.getName()) + " has the following roles: " + roleEntries.get(0).getName());
roleEntries.remove(0);
for(RoleEntry role : roleEntries) {
sBuilder.append(", ");
sBuilder.append(role.getName());
}
addReport(sBuilder.toString(), node.get_SourcePositionStart());
}
}
public void addSubcomponentRoles(SecComponentEntry entry) {
if(entry.getRoles() != null) {
roleEntries.addAll(entry.getRoles());
}
for(SubComponentEntry subComponentEntry : entry.getSubComponents()) {
addSubcomponentRoles((SecComponentEntry) subComponentEntry.getComponentType().getBestKnownVersion());
}
}
@Override
public IErrorCode getErrorCode() {
return MontiSecArcAnalysisErrorCodes.DerivedRolesComponent;
}
}
......@@ -52,4 +52,6 @@ public final class MontiSecArcAnalysisConstants {
public static final String DERIVED_ROLES_THIRD_PARTY = "Derives all roles for a 3rd party component from the ports.";
public static final String DERIVED_ROLES_COMPONENT = "Derives all roles for components.";
}
......@@ -16,6 +16,7 @@ import secarc.ets.analysis.filter.TaintTracking;
import secarc.ets.analysis.port.ListCriticalPorts;
import secarc.ets.analysis.port.ListSystemIncomingPorts;
import secarc.ets.analysis.port.ListSystemOutgoingPorts;
import secarc.ets.analysis.role.DerivedRolesComponent;
import secarc.ets.analysis.role.DerivedRolesThirdParty;
......@@ -142,6 +143,9 @@ public final class MontiSecArcAnalysisCreator {
//Derives roles for thrid party components
roleAnalysis.addChild(new DerivedRolesThirdParty());
//Derives roles for "normal " components
roleAnalysis.addChild(new DerivedRolesComponent());
analysis.addChild(connectorAnalysis);
analysis.addChild(filterAnalysis);
analysis.addChild(portAnalysis);
......
......@@ -49,9 +49,10 @@ public class MontiSecArcAnalysisTest extends TestWithSymtabAnalysis<MontiSecArcA
errorCodes.add(MontiSecArcAnalysisErrorCodes.EncryptedPathEndInLowTrustlevel);
errorCodes.add(MontiSecArcAnalysisErrorCodes.UnencryptedConnectorThroughLowTrustlevel);
errorCodes.add(MontiSecArcAnalysisErrorCodes.DerivedRolesThirdParty);
errorCodes.add(MontiSecArcAnalysisErrorCodes.DerivedRolesComponent);
errorCodes.add(MontiSecArcAnalysisErrorCodes.ListIncomingtPorts);
assertEquals(11, handler.getWarnings().size());
assertEquals(16, handler.getWarnings().size());
for(ProblemReport error : handler.getErrors()) {
assertTrue(errorCodes.contains(error.getErrorcode()));
}
......@@ -73,8 +74,9 @@ public class MontiSecArcAnalysisTest extends TestWithSymtabAnalysis<MontiSecArcA
errorCodes.add(MontiSecArcAnalysisErrorCodes.ListIncomingtPorts);
errorCodes.add(MontiSecArcAnalysisErrorCodes.TaintTracking);
errorCodes.add(MontiSecArcAnalysisErrorCodes.EncryptedPathEndInLowTrustlevel);
errorCodes.add(MontiSecArcAnalysisErrorCodes.DerivedRolesComponent);
assertEquals(5, handler.getWarnings().size());
assertEquals(9, handler.getWarnings().size());
for(ProblemReport error : handler.getErrors()) {
assertTrue(errorCodes.contains(error.getErrorcode()));
}
......@@ -93,8 +95,9 @@ public class MontiSecArcAnalysisTest extends TestWithSymtabAnalysis<MontiSecArcA
List<MontiSecArcAnalysisErrorCodes> errorCodes = new ArrayList<MontiSecArcAnalysisErrorCodes>();
errorCodes.add(MontiSecArcAnalysisErrorCodes.ReviewedConfiguration);
errorCodes.add(MontiSecArcAnalysisErrorCodes.DerivedRolesThirdParty);
errorCodes.add(MontiSecArcAnalysisErrorCodes.DerivedRolesComponent);
assertEquals(3, handler.getWarnings().size());
assertEquals(5, handler.getWarnings().size());
for(ProblemReport error : handler.getErrors()) {
assertTrue(errorCodes.contains(error.getErrorcode()));
}
......@@ -111,8 +114,9 @@ public class MontiSecArcAnalysisTest extends TestWithSymtabAnalysis<MontiSecArcA
List<MontiSecArcAnalysisErrorCodes> errorCodes = new ArrayList<MontiSecArcAnalysisErrorCodes>();
errorCodes.add(MontiSecArcAnalysisErrorCodes.DerivedRolesThirdParty);
errorCodes.add(MontiSecArcAnalysisErrorCodes.DerivedRolesComponent);
assertEquals(1, handler.getWarnings().size());
assertEquals(2, handler.getWarnings().size());
for(ProblemReport error : handler.getErrors()) {
assertTrue(errorCodes.contains(error.getErrorcode()));
}
......@@ -131,8 +135,9 @@ public class MontiSecArcAnalysisTest extends TestWithSymtabAnalysis<MontiSecArcA
errorCodes.add(MontiSecArcAnalysisErrorCodes.ListIncomingtPorts);
errorCodes.add(MontiSecArcAnalysisErrorCodes.ListOutgoingPorts);
errorCodes.add(MontiSecArcAnalysisErrorCodes.ListAllCriticalPorts);
errorCodes.add(MontiSecArcAnalysisErrorCodes.DerivedRolesComponent);
assertEquals(3, handler.getWarnings().size());
assertEquals(9, handler.getWarnings().size());
for(ProblemReport error : handler.getErrors()) {
assertTrue(errorCodes.contains(error.getErrorcode()));
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment