public string invokeStrutsRules_Variation_2_loadAllFiles()
{
string webAppRoot = @"...\_OunceApplication\O2Data\xml config files";
string baseO2FindingsFile = @"...\_OunceApplication\O2Data\OSA - ... 11-3-09 807PM.ozasmt";
string webXml = Path.Combine(webAppRoot, @"web.xml");
string strutsConfigXml = Path.Combine(webAppRoot, @"struts-config.xml");
string tilesDefinitionXml = Path.Combine(webAppRoot, @"tiles-definitions.xml");
string validationXml = Path.Combine(webAppRoot, @"validation.xml");
// make sure webAppRoot directory exists
Assert.That(Directory.Exists(webAppRoot), "Could not find webAppRoot directory:\r\n " + webAppRoot);
// make sure files exist
Assert.That(File.Exists(baseO2FindingsFile), "Could not find file with baseO2FindingsFile:\r\n " + baseO2FindingsFile);
Assert.That(File.Exists(webXml), "Could not find file with webXml:\r\n " + webXml);
Assert.That(File.Exists(strutsConfigXml), "Could not find file with strutsConfig:\r\n " + strutsConfigXml);
Assert.That(File.Exists(tilesDefinitionXml), "Could not find file with tilesDefinitionXml:\r\n " + tilesDefinitionXml);
//Assert.That(File.Exists(validationXml), "Could not find file with validationXml:\r\n " + validationXml); // Dinis note: in my local examples I don't have this file
// load assessment file
var baseO2Findings = XUtils_Findings_v0_1.loadFindingsFile(baseO2FindingsFile);
// make sure there were findings loaded
Assert.That(baseO2Findings != null, "baseO2Findings == null");
Assert.That(baseO2Findings.Count > 0, "there were no findings loaded in baseO2Findings");
// create struts mapping object
var strutsMappings = StrutsMappingsHelpers.calculateStrutsMapping(webXml, strutsConfigXml, tilesDefinitionXml, validationXml);
// make sure struts mapping was loaded ok
Assert.That(strutsMappings != null, "strutsMappings was null");
Assert.That(strutsMappings.actionServlets.Count > 0, "in strutsMappings, actionServlets.Count ==0");
// TaintSources and FinalSinks RegEx
var taintSources_SourceRegEx = @"getParameter\(java.lang.String\)";
var taintSources_SinkRegEx = @"setAttribute\(java.lang.String";
var finalSinks_SourceRegEx = @"getAttribute\(java.lang.String\)";
var finalSinks_SinkRegEx = @"print";
// calcuate struts findings
var xRuleStuts = new XUtils_Struts_Joins_V0_1()
{
findingsWith_BaseO2Findings = baseO2Findings,
StrutsMappings = strutsMappings,
TaintSources_SourceRegEx = taintSources_SourceRegEx,
TaintSources_SinkRegEx = taintSources_SinkRegEx,
FinalSinks_SourceRegEx = finalSinks_SourceRegEx,
FinalSinks_SinkRegEx = finalSinks_SinkRegEx,
JoinPointFilter = XRule_Struts.joinPointFilter
};
xRuleStuts.calculateFindings();
// get list of findings calculated
var results = xRuleStuts.getResults();
// make sure there are findings in the results list
Assert.That(results.Count > 0, " there were no findings in the results list");
return("All OK, number of results calculated: " + results.Count);
}
public string invokeStrutsRules_Variation_2_loadAllFiles()
{
string webAppRoot = @"...\_OunceApplication\O2Data\xml config files";
string baseO2FindingsFile = @"...\_OunceApplication\O2Data\OSA - ... 11-3-09 807PM.ozasmt";
string webXml = Path.Combine(webAppRoot,@"web.xml");
string strutsConfigXml = Path.Combine(webAppRoot,@"struts-config.xml");
string tilesDefinitionXml = Path.Combine(webAppRoot,@"tiles-definitions.xml");
string validationXml = Path.Combine(webAppRoot,@"validation.xml");
// make sure webAppRoot directory exists
Assert.That(Directory.Exists(webAppRoot), "Could not find webAppRoot directory:\r\n " + webAppRoot);
// make sure files exist
Assert.That(File.Exists(baseO2FindingsFile), "Could not find file with baseO2FindingsFile:\r\n " + baseO2FindingsFile);
Assert.That(File.Exists(webXml), "Could not find file with webXml:\r\n " + webXml);
Assert.That(File.Exists(strutsConfigXml), "Could not find file with strutsConfig:\r\n " + strutsConfigXml);
Assert.That(File.Exists(tilesDefinitionXml), "Could not find file with tilesDefinitionXml:\r\n " + tilesDefinitionXml);
//Assert.That(File.Exists(validationXml), "Could not find file with validationXml:\r\n " + validationXml); // Dinis note: in my local examples I don't have this file
// load assessment file
var baseO2Findings = XUtils_Findings_v0_1.loadFindingsFile(baseO2FindingsFile);
// make sure there were findings loaded
Assert.That(baseO2Findings != null, "baseO2Findings == null");
Assert.That(baseO2Findings.Count >0, "there were no findings loaded in baseO2Findings");
// create struts mapping object
var strutsMappings = StrutsMappingsHelpers.calculateStrutsMapping(webXml, strutsConfigXml, tilesDefinitionXml,validationXml);
// make sure struts mapping was loaded ok
Assert.That(strutsMappings != null, "strutsMappings was null");
Assert.That(strutsMappings.actionServlets.Count >0 , "in strutsMappings, actionServlets.Count ==0");
// TaintSources and FinalSinks RegEx
var taintSources_SourceRegEx = @"getParameter\(java.lang.String\)";
var taintSources_SinkRegEx = @"setAttribute\(java.lang.String";
var finalSinks_SourceRegEx = @"getAttribute\(java.lang.String\)";
var finalSinks_SinkRegEx = @"print";
// calcuate struts findings
var xRuleStuts = new XUtils_Struts_Joins_V0_1()
{
findingsWith_BaseO2Findings = baseO2Findings,
StrutsMappings = strutsMappings,
TaintSources_SourceRegEx = taintSources_SourceRegEx,
TaintSources_SinkRegEx = taintSources_SinkRegEx,
FinalSinks_SourceRegEx = finalSinks_SourceRegEx,
FinalSinks_SinkRegEx = finalSinks_SinkRegEx,
JoinPointFilter = XRule_Struts.joinPointFilter
};
xRuleStuts.calculateFindings();
// get list of findings calculated
var results = xRuleStuts.getResults();
// make sure there are findings in the results list
Assert.That(results.Count > 0 , " there were no findings in the results list");
return "All OK, number of results calculated: " + results.Count;
}
