Commit c02498b1 authored by Paff's avatar Paff
Browse files

coco: reason for trustlevel is now an analysis

parent 6ec7e16f
/**
* Generated on Wed Oct 08 16:39:38 CEST 2014
* Generated on Wed Oct 08 18:06:57 CEST 2014
*/
config {
Require-Model:
......
......@@ -30,11 +30,6 @@ public enum MontiSecArcErrorCodes implements IErrorCode {
*/
TrustlevelRelativeToEnvironment,
/**
* If a trustlevel differs more then 2 form the trustlevel of the supercomponent a reason is expected
*/
ReasonDifferingTrustlevel,
/**
* The trustlevel for the component with a ciritical port should be higher then the trustlevel of the source
*/
......
......@@ -46,8 +46,6 @@ public final class MontiSecArcContextConditionConstants {
public static final String TRUSTLEVEL_REALTIVE_TO_ENVIRONMENT = "Checks if the trustlevels, which are relative to the envirment, are higher than -1.";
public static final String REASON_DIFFERING_TRUSTLEVEL = "Checks if the trustlevel differs more then 2 from expected level.";
public static final String TRUSTLEVEL_CRITICAL_PORT = "Checks if the trustlevel for component with critical port is higher then the trustlevel of the source.";
public static final String CORRECT_VERSION_STRING = "Checks if the version string consists of integers and points.";
......
......@@ -19,7 +19,6 @@ import secarc.ets.cocos.role.UniqueComponentRole;
import secarc.ets.cocos.role.UniquePortRoleDefinition;
import secarc.ets.cocos.role.UniqueRoleDefinitionForComponent;
import secarc.ets.cocos.role.UniqueRoleDefinitionForPort;
import secarc.ets.cocos.trustlevel.ReasonForDifferingTrustlevel;
import secarc.ets.cocos.trustlevel.TrustlevelRealtiveToEnvironment;
import secarc.ets.cocos.trustlevel.UniqueTrustlevel;
import secarc.ets.cocos.version.UniqueVersion;
......@@ -122,9 +121,6 @@ public final class MontiSecArcContextConditionCreator {
//Checks if the trustlevel of the component which is relative to the enviroment is greater then -1
trustlevelCoCos.addChild(new TrustlevelRealtiveToEnvironment());
//If a turstlevel differs to much, a reason is expected
trustlevelCoCos.addChild(new ReasonForDifferingTrustlevel());
CompositeContextCondition ciritcalPortCoCos = new CompositeContextCondition(MontiSecArcContextConditionConstants.ALL_CRITICALPORT);
ciritcalPortCoCos.setLevel(Type.ERROR);
......
......@@ -44,7 +44,7 @@ public class CorrectVersionString extends ContextCondition implements
*/
@Override
public IErrorCode getErrorCode() {
return MontiSecArcErrorCodes.ReasonDifferingTrustlevel;
return MontiSecArcErrorCodes.CorrectVersionString;
}
}
......@@ -65,12 +65,10 @@ public class MontiSecArcCoCoTest extends TestWithSymtab<MontiSecArcTestTool> {
assertTrue(tool.run());
List<MontiSecArcErrorCodes> errorCodes = new ArrayList<MontiSecArcErrorCodes>();
errorCodes.add(MontiSecArcErrorCodes.ReasonDifferingTrustlevel);
errorCodes.add(MontiSecArcErrorCodes.ReasonDifferingTrustlevel);
errorCodes.add(MontiSecArcErrorCodes.TrustlevelRelativeToEnvironment);
errorCodes.add(MontiSecArcErrorCodes.UniqueTrustlevel);
assertEquals(4, handler.getErrors().size());
assertEquals(2, handler.getErrors().size());
for(ProblemReport error : handler.getErrors()) {
assertTrue(errorCodes.contains(error.getErrorcode()));
}
......
/**
* Generated on Wed Oct 08 16:40:39 CEST 2014
* Generated on Wed Oct 08 18:07:19 CEST 2014
*/
config {
Require-Model:
......
......@@ -100,4 +100,9 @@ public enum MontiSecArcAnalysisErrorCodes implements IErrorCode {
*/
RoleAccess,
/**
* If a trustlevel differs more then 2 form the trustlevel of the supercomponent a reason is expected
*/
ReasonDifferingTrustlevel,
}
package secarc.ets.cocos.trustlevel;
package secarc.ets.analysis.trustlevel;
import java.util.List;
......@@ -8,10 +8,10 @@ import mc.IErrorCode;
import mc.helper.NameHelper;
import mc.umlp.arcd._ast.ASTArcComponent;
import mc.umlp.arcd.ets.entries.ComponentEntry;
import interfaces2.coco.ContextCondition;
import secarc.error.MontiSecArcErrorCodes;
import secarc.ets.check.MontiSecArcContextConditionConstants;
import secarc.ets.cocos.checkers.ISecComponentChecker;
import secarc.error.MontiSecArcAnalysisErrorCodes;
import secarc.ets.analysis.checker.Analysis;
import secarc.ets.analysis.checker.ISecAnalysisComponentChecker;
import secarc.ets.check.MontiSecArcAnalysisConstants;
import secarc.ets.entries.SecComponentEntry;
import secarc.ets.entries.TrustlevelEntry;
......@@ -28,11 +28,11 @@ import secarc.ets.entries.TrustlevelEntry;
* $Revision$
*
*/
public class ReasonForDifferingTrustlevel extends ContextCondition implements
ISecComponentChecker{
public class ReasonForDifferingTrustlevel extends Analysis implements
ISecAnalysisComponentChecker{
public ReasonForDifferingTrustlevel() {
super(MontiSecArcContextConditionConstants.REASON_DIFFERING_TRUSTLEVEL);
super(MontiSecArcAnalysisConstants.REASON_DIFFERING_TRUSTLEVEL);
}
/*
......@@ -43,34 +43,44 @@ ISecComponentChecker{
public void check(ASTArcComponent node, SecComponentEntry entry) {
//Check trustlevel for all innercomponents
List<ComponentEntry> innerComponents = entry.getInnerComponents();
Optional<TrustlevelEntry> trustlevel = entry.getTrustlevel();
Optional<TrustlevelEntry> trustlevelEntry = entry.getTrustlevel();
//if no trustlevel and no innercomponents, nothing to check
if(innerComponents != null && trustlevel.isPresent()) {
if(innerComponents != null && trustlevelEntry.isPresent()) {
int valueTrustlevel = trustlevel.get().getValue();
boolean isPositive = trustlevel.get().isPositive();
int valueTrustlevel = trustlevelEntry.get().getValue();
int innerTrustlevel = -2;
if(trustlevelEntry.get().isNegative()) {
valueTrustlevel *= -1;
}
//Check difference for every innercomponent
for(ComponentEntry innerComponent : innerComponents) {
Optional<TrustlevelEntry> innerTrustlevel = ((SecComponentEntry) innerComponent).getTrustlevel();
Optional<TrustlevelEntry> innerTrustlevelEntry = ((SecComponentEntry) innerComponent).getTrustlevel();
String message = "Komponent " + NameHelper.getSimpleGenericNameFromComplexname(innerComponent.getName()) + ": If a trustlevel differs from the trustlevel of the supercomponent more then 2, a reason is expected.";
String message = "Component " + NameHelper.getSimpleGenericNameFromComplexname(innerComponent.getName()) + ": If a trustlevel differs from the trustlevel of the supercomponent more then 2, a reason is expected.";
//if no trustlevel, nothing to check
//Is checked in TrustlevelForComponents
if(innerTrustlevel.isPresent()) {
if(innerTrustlevelEntry.isPresent()) {
innerTrustlevel = innerTrustlevelEntry.get().getValue();
if(innerTrustlevelEntry.get().isNegative()) {
innerTrustlevel *= -1;
}
//If both are positive or negative
if((isPositive && innerTrustlevel.get().isPositive()) || (!isPositive && innerTrustlevel.get().isNegative())) {
if((valueTrustlevel>0 && innerTrustlevel>0) || (valueTrustlevel<0 && innerTrustlevel<0)) {
if(Math.abs(valueTrustlevel - innerTrustlevel.get().getValue()) > 2 && innerTrustlevel.get().getReason() == null) {
if(Math.abs(valueTrustlevel - innerTrustlevelEntry.get().getValue()) > 2 && innerTrustlevelEntry.get().getReason() == null) {
addReport(message, innerComponent.getNode().get_SourcePositionStart());
}
} else {
if((valueTrustlevel + innerTrustlevel.get().getValue()) > 2 && innerTrustlevel.get().getReason() == null) {
if((valueTrustlevel + innerTrustlevelEntry.get().getValue()) > 2 && innerTrustlevelEntry.get().getReason() == null) {
addReport(message, innerComponent.getNode().get_SourcePositionStart());
}
......@@ -86,7 +96,7 @@ ISecComponentChecker{
*/
@Override
public IErrorCode getErrorCode() {
return MontiSecArcErrorCodes.ReasonDifferingTrustlevel;
return MontiSecArcAnalysisErrorCodes.ReasonDifferingTrustlevel;
}
}
......@@ -66,4 +66,8 @@ public final class MontiSecArcAnalysisConstants {
public static final String IDENTITY_WITH_ENCRYPTION = "Checks if the communication between two components is encrypted when an identity link is used.";
public static final String ALL_TRUSTLEVEL = "Checks all analysis related to trustlevel.";
public static final String REASON_DIFFERING_TRUSTLEVEL = "Checks if the trustlevel differs more then 2 from expected level.";
}
......@@ -23,6 +23,7 @@ import secarc.ets.analysis.role.DerivedRolesComponent;
import secarc.ets.analysis.role.DerivedRolesPort;
import secarc.ets.analysis.role.DerivedRolesThirdParty;
import secarc.ets.analysis.role.RoleAccess;
import secarc.ets.analysis.trustlevel.ReasonForDifferingTrustlevel;
import mc.ProblemReport;
......@@ -169,12 +170,19 @@ public final class MontiSecArcAnalysisCreator {
//identity link needs an encrypted connection
identityAnalysis.addChild(new IdentityWithEncryption());
//Analysis for trustlevel
CompositeContextCondition trustlevelAnalysis = new CompositeContextCondition(MontiSecArcAnalysisConstants.ALL_TRUSTLEVEL);
//Trustlevel differs more than 2 from relative trustevel
trustlevelAnalysis.addChild(new ReasonForDifferingTrustlevel());
analysis.addChild(connectorAnalysis);
analysis.addChild(filterAnalysis);
analysis.addChild(portAnalysis);
analysis.addChild(configurationAnalysis);
analysis.addChild(roleAnalysis);
analysis.addChild(identityAnalysis);
analysis.addChild(trustlevelAnalysis);
}
return analysis;
......
......@@ -168,4 +168,22 @@ public class MontiSecArcAnalysisTest extends TestWithSymtabAnalysis<MontiSecArcA
}
}
/**
* Test for trustlevel
*/
@Test
public void testTrustlevel() {
MontiSecArcAnalysisTestTool tool = createTestToolWithoutJava(new String[] { "src/test/resources/secarc/analysis/trustlevel/" });
tool.init();
assertTrue(tool.run());
List<MontiSecArcAnalysisErrorCodes> errorCodes = new ArrayList<MontiSecArcAnalysisErrorCodes>();
errorCodes.add(MontiSecArcAnalysisErrorCodes.ReasonDifferingTrustlevel);
assertEquals(2, handler.getWarnings().size());
for(ProblemReport error : handler.getErrors()) {
assertTrue(errorCodes.contains(error.getErrorcode()));
}
}
}
package secarc.coco.trustlevel;
package secarc.analysis.trustlevel;
component ReasonForDifferingTrustlevel{
accesscontrol on;
accesscontrol off;
trustlevel +2;
......@@ -10,11 +10,6 @@ component ReasonForDifferingTrustlevel{
trustlevel +1;
identity weak help -> targetHelp;
}
component TargetHelp targetHelp {
access user;
}
component PositiveDifference {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment