More common 2.0/2.1 validation code

oxisto · oxisto · commit 5546f18ed224 · 2024-12-08T12:33:47.000+01:00
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/csaf b/csaf
@@ -1 +1 @@
-Subproject commit b01a0a7a176f257e47bf6e4e3ac42d0def9620b1
+Subproject commit 3375e92f9aa4b5f0b51a441134dad11eddc65b74
diff --git a/csaf-lib/Cargo.toml b/csaf-lib/Cargo.toml
@@ -8,7 +8,6 @@ regress = "0.10.1"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 chrono = { version = "0.4.38", features = ["serde"] }
-lazy_static = "1.5.0"
 
 [build-dependencies]
 schemars = "0.8.21"
diff --git a/csaf-lib/src/csaf/csaf2_0/loader.rs b/csaf-lib/src/csaf/csaf2_0/loader.rs
@@ -1,6 +1,6 @@
-use std::{fs::File, io::BufReader};
-
 use super::schema::CommonSecurityAdvisoryFramework;
+use crate::csaf::validation::Validatable;
+use std::{fs::File, io::BufReader};
 
 pub fn load_document(path: &str) -> std::io::Result<CommonSecurityAdvisoryFramework> {
     println!("Trying to load document {}", path);
diff --git a/csaf-lib/src/csaf/csaf2_0/validation.rs b/csaf-lib/src/csaf/csaf2_0/validation.rs
@@ -1,29 +1,28 @@
 use super::product_helper::*;
 use super::schema::CommonSecurityAdvisoryFramework;
-use crate::csaf::validation::{Validate, ValidationProfile};
+use crate::csaf::validation::{Test, Validatable, Validate, ValidationProfile};
 use std::collections::{HashMap, HashSet};
+use crate::csaf::helpers::find_duplicates;
+
+impl Validatable<CommonSecurityAdvisoryFramework> for CommonSecurityAdvisoryFramework {
+    fn profiles(&self) -> HashMap<ValidationProfile, Vec<&str>> {
+        HashMap::from([
+            (ValidationProfile::Basic, Vec::from(["6.1.1", "6.1.2"])),
+            (ValidationProfile::Extended, Vec::from(["6.1.1", "6.1.2"])),
+            (ValidationProfile::Full, Vec::from(["6.1.1", "6.1.2"])),
+        ])
+    }
 
-impl Validate for CommonSecurityAdvisoryFramework {
-    fn validate_profile(&self, profile: ValidationProfile) {
-        println!("Validating document... \n");
-
-        println!("Executing Test 6.1.1... ");
-
-        let _ = match test_6_01_01_missing_definition_of_product_id(self) {
-            Ok(()) => println!("> Test Success"),
-            Err(e) => println!("> Error: {}", e),
-        };
-
-        println!("Executing Test 6.1.2... ");
-
-        let _ = match test_6_01_02_multiple_definition_of_product_id(self) {
-            Ok(()) => println!("> Test Success"),
-            Err(e) => println!("> Error: {}", e),
-        };
+    fn tests(&self) -> HashMap<&str, Test<CommonSecurityAdvisoryFramework>> {
+        HashMap::<&str, Test<CommonSecurityAdvisoryFramework>>::from([
+            ("6.1.1", test_6_01_01_missing_definition_of_product_id),
+            ("6.1.2", test_6_01_02_multiple_definition_of_product_id),
+        ]
+            as [(&str, Test<CommonSecurityAdvisoryFramework>); 2])
     }
 
-    fn validate_by_test(&self, version: &str) {
-        todo!()
+    fn doc(&self) -> &CommonSecurityAdvisoryFramework {
+        self
     }
 }
 
@@ -56,24 +55,6 @@ pub fn test_6_01_02_multiple_definition_of_product_id(
     }
 }
 
-fn find_duplicates<T: std::hash::Hash + Eq + Clone>(vec: Vec<T>) -> Vec<T> {
-    let mut occurrences = HashMap::new();
-    let mut duplicates = Vec::new();
-
-    for item in vec.iter() {
-        let count = occurrences.entry(item.clone()).or_insert(0);
-        *count += 1;
-    }
-
-    for (item, count) in occurrences {
-        if count > 1 {
-            duplicates.push(item);
-        }
-    }
-
-    duplicates
-}
-
 #[cfg(test)]
 mod tests {
     use crate::csaf::csaf2_0::validation::test_6_01_02_multiple_definition_of_product_id;
diff --git a/csaf-lib/src/csaf/csaf2_1/loader.rs b/csaf-lib/src/csaf/csaf2_1/loader.rs
@@ -1,5 +1,5 @@
 use std::{fs::File, io::BufReader};
-
+use crate::csaf::validation::Validatable;
 use super::schema::CommonSecurityAdvisoryFramework;
 
 pub fn load_document(path: &str) -> std::io::Result<CommonSecurityAdvisoryFramework> {
diff --git a/csaf-lib/src/csaf/csaf2_1/product_helper.rs b/csaf-lib/src/csaf/csaf2_1/product_helper.rs
@@ -1,4 +1,4 @@
-use super::schema::{Branch, BranchesT, CommonSecurityAdvisoryFramework, ProductIdT, ProductTree};
+use super::schema::{Branch, CommonSecurityAdvisoryFramework, ProductIdT, ProductTree};
 use std::collections::HashSet;
 
 pub fn gather_product_references(doc: &CommonSecurityAdvisoryFramework) -> HashSet<&ProductIdT> {
@@ -93,7 +93,7 @@ pub fn gather_product_definitions_from_branch(branch: &Branch) -> Vec<&ProductId
 }
 
 pub fn count_branch_depth(branch: &Branch) -> u32 {
-    let mut i = 0;
+    let mut i = 1;
 
     // Go into the branch, calculate the depth and take the maximum value
     if let Some(x) = branch.branches.as_ref() {
diff --git a/csaf-lib/src/csaf/csaf2_1/validation.rs b/csaf-lib/src/csaf/csaf2_1/validation.rs
@@ -1,48 +1,32 @@
 use super::product_helper::*;
 use super::schema::CommonSecurityAdvisoryFramework;
-use crate::csaf::validation::{Validate, ValidationProfile};
-use lazy_static::lazy_static;
+use crate::csaf::helpers::find_duplicates;
+use crate::csaf::validation::{Test, Validatable, Validate, ValidationProfile};
 use std::collections::{HashMap, HashSet};
 
-type Test = fn(&CommonSecurityAdvisoryFramework) -> Result<(), String>;
-
-// TODO: convert this to code using std::sync::OnceLock
-lazy_static! {
-    static ref PROFILES: HashMap<ValidationProfile, Vec<&'static str>> = HashMap::from([
-        (
-            ValidationProfile::Basic,
-            Vec::from(["6.1.1", "6.1.2", "6.1.34"])
-        ),
-        (ValidationProfile::Extended, Vec::from(["6.1.1", "6.1.2"])),
-        (ValidationProfile::Full, Vec::from(["6.1.1", "6.1.2"])),
-    ]);
-    static ref TESTS: HashMap<&'static str, Test> = HashMap::<&str, Test>::from([
-        ("6.1.1", test_6_01_01_missing_definition_of_product_id),
-        ("6.1.2", test_6_01_02_multiple_definition_of_product_id),
-    ] as [(&str, Test); 2]);
-}
-
-impl Validate for CommonSecurityAdvisoryFramework {
-    fn validate_profile(&self, profile: ValidationProfile) {
-        println!("Validating document... \n");
-
-        println!("Executing Test 6.1.1... ");
-
-        let _ = match test_6_01_01_missing_definition_of_product_id(self) {
-            Ok(()) => println!("> Test Success"),
-            Err(e) => println!("> Error: {}", e),
-        };
-
-        println!("Executing Test 6.1.2... ");
+impl Validatable<CommonSecurityAdvisoryFramework> for CommonSecurityAdvisoryFramework {
+    fn profiles(&self) -> HashMap<ValidationProfile, Vec<&str>> {
+        HashMap::from([
+            (
+                ValidationProfile::Basic,
+                Vec::from(["6.1.1", "6.1.2", "6.1.34"]),
+            ),
+            (ValidationProfile::Extended, Vec::from(["6.1.1", "6.1.2"])),
+            (ValidationProfile::Full, Vec::from(["6.1.1", "6.1.2"])),
+        ])
+    }
 
-        let _ = match test_6_01_02_multiple_definition_of_product_id(self) {
-            Ok(()) => println!("> Test Success"),
-            Err(e) => println!("> Error: {}", e),
-        };
+    fn tests(&self) -> HashMap<&str, Test<CommonSecurityAdvisoryFramework>> {
+        HashMap::<&str, Test<CommonSecurityAdvisoryFramework>>::from([
+            ("6.1.1", test_6_01_01_missing_definition_of_product_id),
+            ("6.1.2", test_6_01_02_multiple_definition_of_product_id),
+            ("6.1.34", test_6_01_34_branches_recursion_depth),
+        ]
+            as [(&str, Test<CommonSecurityAdvisoryFramework>); 3])
     }
 
-    fn validate_by_test(&self, version: &str) {
-        todo!()
+    fn doc(&self) -> &CommonSecurityAdvisoryFramework {
+        self
     }
 }
 
@@ -62,10 +46,6 @@ pub fn test_6_01_01_missing_definition_of_product_id(
     }
 }
 
-pub fn testbla(doc: &CommonSecurityAdvisoryFramework) -> Result<(), String> {
-    Ok(())
-}
-
 pub fn test_6_01_02_multiple_definition_of_product_id(
     doc: &CommonSecurityAdvisoryFramework,
 ) -> Result<(), String> {
@@ -95,34 +75,17 @@ pub fn test_6_01_34_branches_recursion_depth(
     }
 }
 
-fn find_duplicates<T: std::hash::Hash + Eq + Clone>(vec: Vec<T>) -> Vec<T> {
-    let mut occurrences = HashMap::new();
-    let mut duplicates = Vec::new();
-
-    for item in vec.iter() {
-        let count = occurrences.entry(item.clone()).or_insert(0);
-        *count += 1;
-    }
-
-    for (item, count) in occurrences {
-        if count > 1 {
-            duplicates.push(item);
-        }
-    }
-
-    duplicates
-}
-
 #[cfg(test)]
 mod tests {
-    use crate::csaf::csaf2_0::validation::test_6_01_02_multiple_definition_of_product_id;
-    use crate::csaf::csaf2_0::{
+    use crate::csaf::csaf2_1::{
         loader::load_document, validation::test_6_01_01_missing_definition_of_product_id,
+        validation::test_6_01_02_multiple_definition_of_product_id,
+        validation::test_6_01_34_branches_recursion_depth,
     };
 
     #[test]
     fn test_test_6_01_01() {
-        let doc = load_document("../csaf/csaf_2.0/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_0-2021-6-1-01-01.json").unwrap();
+        let doc = load_document("../csaf/csaf_2.1/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-01-01.json").unwrap();
         assert_eq!(
             test_6_01_01_missing_definition_of_product_id(&doc),
             Err(String::from("Missing definitions: [ProductIdT(\"CSAFPID-9080700\"), ProductIdT(\"CSAFPID-9080701\")]"))
@@ -131,12 +94,21 @@ mod tests {
 
     #[test]
     fn test_test_6_01_02() {
-        let doc = load_document("../csaf/csaf_2.0/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_0-2021-6-1-02-01.json").unwrap();
+        let doc = load_document("../csaf/csaf_2.1/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-02-01.json").unwrap();
         assert_eq!(
             test_6_01_02_multiple_definition_of_product_id(&doc),
             Err(String::from(
                 "Duplicate definitions: [ProductIdT(\"CSAFPID-9080700\")]"
             ))
         )
     }
+
+    #[test]
+    fn test_test_6_01_34() {
+        let doc = load_document("../csaf/csaf_2.1/test/validator/data/mandatory/oasis_csaf_tc-csaf_2_1-2024-6-1-34-01.json").unwrap();
+        assert_eq!(
+            test_6_01_34_branches_recursion_depth(&doc),
+            Err(String::from("Recursion depth too big: 31"))
+        )
+    }
 }
diff --git a/csaf-lib/src/csaf/helpers.rs b/csaf-lib/src/csaf/helpers.rs
@@ -0,0 +1,19 @@
+use std::collections::HashMap;
+
+pub fn find_duplicates<T: std::hash::Hash + Eq + Clone>(vec: Vec<T>) -> Vec<T> {
+    let mut occurrences = HashMap::new();
+    let mut duplicates = Vec::new();
+
+    for item in vec.iter() {
+        let count = occurrences.entry(item.clone()).or_insert(0);
+        *count += 1;
+    }
+
+    for (item, count) in occurrences {
+        if count > 1 {
+            duplicates.push(item);
+        }
+    }
+
+    duplicates
+}
diff --git a/csaf-lib/src/csaf/mod.rs b/csaf-lib/src/csaf/mod.rs
@@ -1,3 +1,4 @@
 pub mod csaf2_0;
 pub mod csaf2_1;
+mod helpers;
 pub mod validation;
diff --git a/csaf-lib/src/csaf/validation.rs b/csaf-lib/src/csaf/validation.rs
@@ -1,3 +1,4 @@
+use std::collections::HashMap;
 use std::str::FromStr;
 
 pub enum ValidationError {}
@@ -24,8 +25,62 @@ impl FromStr for ValidationProfile {
 
 pub trait Validate {
     /// Validates this object according to a validation profile
-    fn validate_profile(&self, profile: ValidationProfile);
+    fn validate_profile(&'static self, profile: ValidationProfile);
 
     /// Validates this object according to a specific test ID.
     fn validate_by_test(&self, version: &str);
 }
+
+pub type Test<VersionedDocument: Validatable<VersionedDocument>> =
+    fn(&VersionedDocument) -> Result<(), String>;
+
+/// Represents something which is validatable according to the CSAF standard.
+/// This trait MUST be implemented by the struct that represents a CSAF document
+/// in the respective version.
+///
+/// It can then be used to validate documents with either [validate_by_profile] or [validate_by_test].
+pub trait Validatable<VersionedDocument> {
+    /// Returns a hashmap containing the test ID per profile
+    fn profiles(&self) -> HashMap<ValidationProfile, Vec<&str>>;
+
+    /// Returns a hashmap containing the test function per test ID
+    fn tests(&self) -> HashMap<&str, Test<VersionedDocument>>;
+
+    fn doc(&self) -> &VersionedDocument;
+}
+
+/// Executes all tests of the specified [profile] against the [target]
+/// (which is of type [VersionedDocument], e.g. a CSAF 2.0 document).
+pub fn validate_by_profile<VersionedDocument>(
+    target: impl Validatable<VersionedDocument>,
+    profile: ValidationProfile,
+) {
+    println!("Validating document with {:?} profile... \n", profile);
+
+    // Loop through tests
+    if let Some(tests) = target.profiles().get(&profile) {
+        for test_id in tests {
+            println!("Executing Test {}... ", test_id);
+
+            if let Some(test_fn) = target.tests().get(test_id) {
+                let _ = match test_fn(target.doc()) {
+                    Ok(()) => println!("> Test Success"),
+                    Err(e) => println!("> Error: {}", e),
+                };
+            } else {
+                println!("Test with ID {} is missing implementation", test_id);
+            }
+
+            println!()
+        }
+    } else {
+        println!("No tests found for profile")
+    }
+}
+
+fn validate_by_test<VersionedDocument>(
+    target: Box<dyn Validatable<VersionedDocument>>,
+    test_id: &str,
+) {
+    todo!()
+}
diff --git a/csaf-validator/src/main.rs b/csaf-validator/src/main.rs
