From 4596f06db0bc044dcd1d1b94aef6746dad1d2b3d Mon Sep 17 00:00:00 2001 From: tuan99123 Date: Fri, 8 Apr 2022 14:56:17 +0700 Subject: [PATCH] feat(SPDX): Use new SPDX library (#1496) Signed-off-by: Nguyen Nhu Tuan --- backend/src-common/pom.xml | 3 +- .../db/ComponentDatabaseHandler.java | 79 ++++- .../datahandler/db/DatabaseHandlerUtil.java | 14 +- .../db/ProjectDatabaseHandler.java | 4 +- .../eclipse/sw360/spdx/SpdxBOMImporter.java | 245 +++++++++----- .../sw360/spdx/SpdxBOMImporterTest.java | 2 +- .../sw360/components/ComponentHandler.java | 7 + .../fossology/rest/FossologyRestClient.java | 1 + .../sw360/portal/common/PortalConstants.java | 4 + .../sw360/portal/portlets/Sw360Portlet.java | 21 ++ .../portlets/components/ComponentPortlet.java | 15 + .../resources/html/changelogs/elementView.jsp | 42 ++- .../includes/releases/clearingDetails.jspf | 1 + .../includes/releases/detailOverview.jspf | 1 + .../resources/html/components/view.jsp | 4 +- .../html/utils/includes/importBom.jspf | 2 +- .../utils/includes/importBomForComponent.jspf | 316 ++++++++++++++++++ .../utils/includes/usingProjectsTable.jspf | 4 +- .../resources/content/Language.properties | 2 +- .../resources/content/Language_ja.properties | 2 +- .../resources/content/Language_vi.properties | 2 +- .../datahandler/common/ThriftEnumUtils.java | 2 + .../src/main/thrift/attachments.thrift | 3 +- .../src/main/thrift/components.thrift | 3 + .../src/main/thrift/sw360.thrift | 9 + pom.xml | 5 + 26 files changed, 694 insertions(+), 99 deletions(-) create mode 100644 frontend/sw360-portlet/src/main/resources/META-INF/resources/html/utils/includes/importBomForComponent.jspf diff --git a/backend/src-common/pom.xml b/backend/src-common/pom.xml index fe223ceaf3..4aeba2b78f 100644 --- a/backend/src-common/pom.xml +++ b/backend/src-common/pom.xml @@ -39,8 +39,7 @@ org.spdx - spdx-tools - compile + tools-java diff --git a/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/ComponentDatabaseHandler.java b/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/ComponentDatabaseHandler.java index e71ef9797b..c80a417aed 100644 --- a/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/ComponentDatabaseHandler.java +++ b/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/ComponentDatabaseHandler.java @@ -61,10 +61,11 @@ import org.eclipse.sw360.spdx.SpdxBOMImporter; import org.eclipse.sw360.spdx.SpdxBOMImporterSink; import org.jetbrains.annotations.NotNull; -import org.spdx.rdfparser.InvalidSPDXAnalysisException; - +import java.io.BufferedReader; +import java.io.File; import java.io.IOException; import java.io.InputStream; +import java.io.InputStreamReader; import java.net.MalformedURLException; import java.util.*; import java.util.concurrent.TimeUnit; @@ -513,12 +514,26 @@ public AddDocumentRequestSummary addRelease(Release release, User user) throws S } private boolean isDuplicate(Component component, boolean caseInsenstive){ - Set duplicates = componentRepository.getComponentIdsByName(component.getName(), caseInsenstive); - return duplicates.size()>0; + return isDuplicate(component.getName(), caseInsenstive); } private boolean isDuplicate(Release release){ - List duplicates = releaseRepository.searchByNameAndVersion(release.getName(), release.getVersion()); + return isDuplicate(release.getName(), release.getVersion()); + } + + private boolean isDuplicate(String componentName, boolean caseInsenstive) { + if (isNullEmptyOrWhitespace(componentName)) { + return false; + } + Set duplicates = componentRepository.getComponentIdsByName(componentName, caseInsenstive); + return duplicates.size()>0; + } + + private boolean isDuplicate(String releaseName, String releaseVersion) { + if (isNullEmptyOrWhitespace(releaseName)) { + return false; + } + List duplicates = releaseRepository.searchByNameAndVersion(releaseName, releaseVersion); return duplicates.size()>0; } @@ -2363,6 +2378,43 @@ private void sendMailNotificationsForReleaseUpdate(Release release, String user) release.getName(), release.getVersion()); } + public ImportBomRequestPreparation prepareImportBom(User user, String attachmentContentId) throws SW360Exception { + final AttachmentContent attachmentContent = attachmentConnector.getAttachmentContent(attachmentContentId); + final Duration timeout = Duration.durationOf(30, TimeUnit.SECONDS); + try { + final AttachmentStreamConnector attachmentStreamConnector = new AttachmentStreamConnector(timeout); + try (final InputStream inputStream = attachmentStreamConnector.unsafeGetAttachmentStream(attachmentContent)) { + final SpdxBOMImporterSink spdxBOMImporterSink = new SpdxBOMImporterSink(user, null, this); + final SpdxBOMImporter spdxBOMImporter = new SpdxBOMImporter(spdxBOMImporterSink); + + String fileType = getFileType(attachmentContent.getFilename()); + final String ext = "." + fileType; + final File sourceFile = DatabaseHandlerUtil.saveAsTempFile(inputStream, attachmentContentId, ext); + + ImportBomRequestPreparation importBomRequestPreparation = spdxBOMImporter.prepareImportSpdxBOMAsRelease(sourceFile); + if (RequestStatus.SUCCESS.equals(importBomRequestPreparation.getRequestStatus())) { + String name = importBomRequestPreparation.getName(); + String version = importBomRequestPreparation.getVersion(); + if (!isDuplicate(name, true)) { + importBomRequestPreparation.setIsComponentDuplicate(false); + importBomRequestPreparation.setIsReleaseDuplicate(false); + } else if (!isDuplicate(name, version)) { + importBomRequestPreparation.setIsComponentDuplicate(true); + importBomRequestPreparation.setIsReleaseDuplicate(false); + } else { + importBomRequestPreparation.setIsComponentDuplicate(true); + importBomRequestPreparation.setIsReleaseDuplicate(true); + } + importBomRequestPreparation.setMessage(sourceFile.getAbsolutePath()); + } + + return importBomRequestPreparation; + } + } catch (IOException e) { + throw new SW360Exception(e.getMessage()); + } + } + public RequestSummary importBomFromAttachmentContent(User user, String attachmentContentId) throws SW360Exception { final AttachmentContent attachmentContent = attachmentConnector.getAttachmentContent(attachmentContentId); final Duration timeout = Duration.durationOf(30, TimeUnit.SECONDS); @@ -2373,10 +2425,24 @@ public RequestSummary importBomFromAttachmentContent(User user, String attachmen final SpdxBOMImporter spdxBOMImporter = new SpdxBOMImporter(spdxBOMImporterSink); return spdxBOMImporter.importSpdxBOMAsRelease(inputStream, attachmentContent); } - } catch (InvalidSPDXAnalysisException | IOException e) { + } catch (IOException e) { throw new SW360Exception(e.getMessage()); } } + + private String getFileType(String fileName) { + if (isNullEmptyOrWhitespace(fileName) || !fileName.contains(".")) { + log.error("Can not get file type from file name - no file extension"); + return null; + } + String ext = fileName.substring(fileName.lastIndexOf(".") + 1).toLowerCase(); + if ("xml".equals(ext)) { + if (fileName.endsWith("rdf.xml")) { + ext = "rdf"; + } + } + return ext; + } private void removeLeadingTrailingWhitespace(Release release) { DatabaseHandlerUtil.trimStringFields(release, listOfStringFieldsInReleaseToTrim); @@ -2521,4 +2587,5 @@ public void sendExportSpreadsheetSuccessMail(String url, String recepient) throw MailConstants.TEXT_SPREADSHEET_EXPORT_SUCCESS, SW360Constants.NOTIFICATION_CLASS_COMPONENT, "", false, "component", url); } + } diff --git a/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/DatabaseHandlerUtil.java b/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/DatabaseHandlerUtil.java index 37a24af415..fe5b02d645 100644 --- a/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/DatabaseHandlerUtil.java +++ b/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/DatabaseHandlerUtil.java @@ -10,6 +10,7 @@ package org.eclipse.sw360.datahandler.db; import java.io.File; +import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; @@ -44,6 +45,7 @@ import java.util.stream.Collectors; import org.apache.logging.log4j.Level; +import org.apache.commons.io.IOUtils; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.core.LoggerContext; @@ -690,7 +692,7 @@ private static boolean isTwoCollectionSame(Collection col1, Collection col } private static String getTimeStamp() { - SimpleDateFormat timestampPattern = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); + SimpleDateFormat timestampPattern = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSSSSS"); Date timeNow = new Date(System.currentTimeMillis()); return timestampPattern.format(timeNow); } @@ -979,5 +981,15 @@ private static void configureLog4J(String outputpath, String liferayhome) { .add( builder.newAppenderRef("ChangeLogFile"))); Configurator.reconfigure(builder.build()); } + + public static File saveAsTempFile(InputStream inputStream, String prefix, String suffix) throws IOException { + final File tempFile = File.createTempFile(prefix, suffix); + tempFile.deleteOnExit(); + // Set append to false, overwrite if file existed + try (FileOutputStream outputStream = new FileOutputStream(tempFile, false)) { + IOUtils.copy(inputStream, outputStream); + } + return tempFile; + } } diff --git a/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/ProjectDatabaseHandler.java b/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/ProjectDatabaseHandler.java index e9229a557f..5089cd5933 100644 --- a/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/ProjectDatabaseHandler.java +++ b/backend/src-common/src/main/java/org/eclipse/sw360/datahandler/db/ProjectDatabaseHandler.java @@ -44,13 +44,11 @@ import org.apache.thrift.TException; import org.eclipse.sw360.spdx.SpdxBOMImporter; import org.eclipse.sw360.spdx.SpdxBOMImporterSink; -import org.spdx.rdfparser.InvalidSPDXAnalysisException; import java.io.IOException; import java.io.InputStream; import java.net.MalformedURLException; import java.time.Instant; -import java.time.format.DateTimeFormatter; import java.util.*; import java.util.concurrent.TimeUnit; import java.util.function.Function; @@ -1421,7 +1419,7 @@ public RequestSummary importBomFromAttachmentContent(User user, String attachmen final SpdxBOMImporter spdxBOMImporter = new SpdxBOMImporter(spdxBOMImporterSink); return spdxBOMImporter.importSpdxBOMAsProject(inputStream, attachmentContent); } - } catch (InvalidSPDXAnalysisException | IOException e) { + } catch (IOException e) { throw new SW360Exception(e.getMessage()); } } diff --git a/backend/src-common/src/main/java/org/eclipse/sw360/spdx/SpdxBOMImporter.java b/backend/src-common/src/main/java/org/eclipse/sw360/spdx/SpdxBOMImporter.java index d8695e3450..65b499ed59 100644 --- a/backend/src-common/src/main/java/org/eclipse/sw360/spdx/SpdxBOMImporter.java +++ b/backend/src-common/src/main/java/org/eclipse/sw360/spdx/SpdxBOMImporter.java @@ -1,5 +1,7 @@ /* * Copyright Siemens AG, 2019. Part of the SW360 Portal Project. + * Copyright TOSHIBA CORPORATION, 2021. Part of the SW360 Portal Project. + * Copyright Toshiba Software Development (Vietnam) Co., Ltd., 2021. Part of the SW360 Portal Project. * * This program and the accompanying materials are made * available under the terms of the Eclipse Public License 2.0 @@ -10,24 +12,31 @@ package org.eclipse.sw360.spdx; import org.eclipse.sw360.datahandler.common.SW360Constants; +import org.eclipse.sw360.datahandler.db.DatabaseHandlerUtil; import org.eclipse.sw360.datahandler.thrift.*; import org.eclipse.sw360.datahandler.thrift.attachments.Attachment; import org.eclipse.sw360.datahandler.thrift.attachments.AttachmentContent; import org.eclipse.sw360.datahandler.thrift.attachments.AttachmentType; +import org.eclipse.sw360.datahandler.thrift.attachments.CheckStatus; import org.eclipse.sw360.datahandler.thrift.components.Component; import org.eclipse.sw360.datahandler.thrift.components.Release; import org.eclipse.sw360.datahandler.thrift.projects.Project; -import org.spdx.rdfparser.InvalidSPDXAnalysisException; -import org.spdx.rdfparser.SPDXDocumentFactory; -import org.spdx.rdfparser.model.*; - +import org.spdx.library.model.enumerations.RelationshipType; +import org.spdx.library.model.*; +import org.spdx.library.InvalidSPDXAnalysisException; +import org.spdx.tools.InvalidFileNameException; +import org.spdx.tools.SpdxToolsHelper; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; +import java.io.File; +import java.io.IOException; import java.io.InputStream; import java.util.*; import java.util.stream.Collectors; +import static org.eclipse.sw360.datahandler.common.CommonUtils.isNullEmptyOrWhitespace; + public class SpdxBOMImporter { private static final Logger log = LogManager.getLogger(SpdxBOMImporter.class); private final SpdxBOMImporterSink sink; @@ -36,86 +45,146 @@ public SpdxBOMImporter(SpdxBOMImporterSink sink) { this.sink = sink; } + public ImportBomRequestPreparation prepareImportSpdxBOMAsRelease(File targetFile) { + final ImportBomRequestPreparation requestPreparation = new ImportBomRequestPreparation(); + final SpdxDocument spdxDocument = openAsSpdx(targetFile); + if (spdxDocument == null) { + requestPreparation.setRequestStatus(RequestStatus.FAILURE); + requestPreparation.setMessage("error-read-file"); + return requestPreparation; + } + try { + final List describedPackages = spdxDocument.getDocumentDescribes().stream().collect(Collectors.toList()); + final List packages = describedPackages.stream() + .filter(SpdxPackage.class::isInstance) + .collect(Collectors.toList()); + if (packages.isEmpty()) { + requestPreparation.setMessage("The provided BOM did not contain any top level packages."); + requestPreparation.setRequestStatus(RequestStatus.FAILURE); + return requestPreparation; + } else if (packages.size() > 1) { + requestPreparation.setMessage("The provided BOM file contained multiple described top level packages. This is not allowed here."); + requestPreparation.setRequestStatus(RequestStatus.FAILURE); + return requestPreparation; + } + final SpdxElement spdxElement = packages.get(0); + if (spdxElement instanceof SpdxPackage) { + final SpdxPackage spdxPackage = (SpdxPackage) spdxElement; + requestPreparation.setName(getValue(spdxPackage.getName())); + requestPreparation.setVersion(getValue(spdxPackage.getVersionInfo())); + requestPreparation.setRequestStatus(RequestStatus.SUCCESS); + } else { + requestPreparation.setMessage("Failed to get spdx package from the provided BOM file."); + requestPreparation.setRequestStatus(RequestStatus.FAILURE); + } + } catch (InvalidSPDXAnalysisException e) { + requestPreparation.setRequestStatus(RequestStatus.FAILURE); + e.printStackTrace(); + } + return requestPreparation; + } + public RequestSummary importSpdxBOMAsRelease(InputStream inputStream, AttachmentContent attachmentContent) - throws InvalidSPDXAnalysisException, SW360Exception { + throws SW360Exception, IOException { return importSpdxBOM(inputStream, attachmentContent, SW360Constants.TYPE_RELEASE); } + private SpdxDocument openAsSpdx(File file){ + try { + log.info("Read file: " + file.getName()); + return SpdxToolsHelper.deserializeDocument(file); + } catch (InvalidSPDXAnalysisException | IOException | InvalidFileNameException e) { + log.error("Error read file " + file.getName() + " to SpdxDocument:" + e.getMessage() ); + return null; + } + } + public RequestSummary importSpdxBOMAsProject(InputStream inputStream, AttachmentContent attachmentContent) - throws InvalidSPDXAnalysisException, SW360Exception { - return importSpdxBOM(inputStream, attachmentContent, SW360Constants.TYPE_PROJECT); + throws SW360Exception, IOException { + return importSpdxBOM(attachmentContent, SW360Constants.TYPE_PROJECT , inputStream); + } + + private RequestSummary importSpdxBOM( AttachmentContent attachmentContent, String type, InputStream inputStream) + throws SW360Exception, IOException { + return importSpdxBOM(inputStream, attachmentContent, type); } private RequestSummary importSpdxBOM(InputStream inputStream, AttachmentContent attachmentContent, String type) - throws InvalidSPDXAnalysisException, SW360Exception { + throws SW360Exception, IOException { final RequestSummary requestSummary = new RequestSummary(); - final SpdxDocument spdxDocument = openAsSpdx(inputStream); - final List describedPackages = Arrays.stream(spdxDocument.getDocumentDescribes()) - .filter(item -> item instanceof SpdxPackage) - .collect(Collectors.toList()); - - if (describedPackages.size() == 0) { - requestSummary.setTotalAffectedElements(0); - requestSummary.setTotalElements(0); - requestSummary.setMessage("The provided BOM did not contain any top level packages."); - requestSummary.setRequestStatus(RequestStatus.FAILURE); - return requestSummary; - } else if (describedPackages.size() > 1) { - requestSummary.setTotalAffectedElements(0); - requestSummary.setTotalElements(0); - requestSummary.setMessage("The provided BOM file contained multiple described top level packages. This is not allowed here."); - requestSummary.setRequestStatus(RequestStatus.FAILURE); - return requestSummary; - } + List describedPackages = new ArrayList<>(); + String fileType = getFileType(attachmentContent.getFilename()); + final String ext = "." + fileType; + + final File sourceFile = DatabaseHandlerUtil.saveAsTempFile( inputStream, attachmentContent.getId(), ext); + try { + SpdxDocument spdxDocument = openAsSpdx(sourceFile); + if (spdxDocument == null) { + requestSummary.setRequestStatus(RequestStatus.FAILURE); + return requestSummary; + } + describedPackages = spdxDocument.getDocumentDescribes().stream().collect(Collectors.toList()); + List packages = describedPackages.stream() + .filter(SpdxPackage.class::isInstance) + .collect(Collectors.toList()); + if (packages.isEmpty()) { + requestSummary.setTotalAffectedElements(0); + requestSummary.setTotalElements(0); + requestSummary.setMessage("The provided BOM did not contain any top level packages."); + requestSummary.setRequestStatus(RequestStatus.FAILURE); + return requestSummary; + } else if (packages.size() > 1) { + requestSummary.setTotalAffectedElements(0); + requestSummary.setTotalElements(0); + requestSummary.setMessage("The provided BOM file contained multiple described top level packages. This is not allowed here."); + requestSummary.setRequestStatus(RequestStatus.FAILURE); + return requestSummary; + } - final SpdxItem spdxItem = describedPackages.get(0); - final Optional response; - if (SW360Constants.TYPE_PROJECT.equals(type)) { - response = importAsProject(spdxItem, attachmentContent); - } else if (SW360Constants.TYPE_RELEASE.equals(type)) { - response = importAsRelease(spdxItem, attachmentContent); - } else { - throw new SW360Exception("Unsupported type=[" + type + "], can not import BOM"); - } + final SpdxPackage spdxElement = (SpdxPackage) packages.get(0); + final Optional response; + if (SW360Constants.TYPE_PROJECT.equals(type)) { + response = importAsProject(spdxElement, attachmentContent); + } else if (SW360Constants.TYPE_RELEASE.equals(type)) { + response = importAsRelease(spdxElement, attachmentContent); + } else { + throw new SW360Exception("Unsupported type=[" + type + "], can not import BOM"); + } - if (response.isPresent()) { - requestSummary.setRequestStatus(RequestStatus.SUCCESS); - requestSummary.setTotalAffectedElements(response.get().countAffected()); - requestSummary.setTotalElements(response.get().count()); - requestSummary.setMessage(response.get().getId()); - } else { - requestSummary.setRequestStatus(RequestStatus.FAILURE); - requestSummary.setTotalAffectedElements(-1); - requestSummary.setTotalElements(-1); - requestSummary.setMessage("Failed to import the BOM as type=[" + type + "]."); + if (response.isPresent()) { + requestSummary.setRequestStatus(RequestStatus.SUCCESS); + requestSummary.setTotalAffectedElements(response.get().countAffected()); + requestSummary.setTotalElements(response.get().count()); + requestSummary.setMessage(response.get().getId()); + } else { + requestSummary.setRequestStatus(RequestStatus.FAILURE); + requestSummary.setTotalAffectedElements(-1); + requestSummary.setTotalElements(-1); + requestSummary.setMessage("Failed to import the BOM as type=[" + type + "]."); + } + } catch (InvalidSPDXAnalysisException | NullPointerException e) { + log.error("Can not open file to SpdxDocument " +e); } return requestSummary; } - private SpdxDocument openAsSpdx(InputStream inputStream) throws InvalidSPDXAnalysisException { - String FILETYPE_SPDX_INTERNAL = "RDF/XML"; - return SPDXDocumentFactory - .createSpdxDocument(inputStream, - "http://localhost/", - FILETYPE_SPDX_INTERNAL); - } - - private Component createComponentFromSpdxPackage(SpdxPackage spdxPackage) { + private Component createComponentFromSpdxPackage(SpdxPackage spdxPackage) throws InvalidSPDXAnalysisException { final Component component = new Component(); - final String name = spdxPackage.getName(); + String name = ""; + name = getValue(spdxPackage.getName()); component.setName(name); return component; } - private SpdxBOMImporterSink.Response importAsComponent(SpdxPackage spdxPackage) throws SW360Exception { + private SpdxBOMImporterSink.Response importAsComponent(SpdxPackage spdxPackage) throws SW360Exception, InvalidSPDXAnalysisException { final Component component = createComponentFromSpdxPackage(spdxPackage); return sink.addComponent(component); } - private Release createReleaseFromSpdxPackage(SpdxPackage spdxPackage) { + private Release createReleaseFromSpdxPackage(SpdxPackage spdxPackage) throws InvalidSPDXAnalysisException { final Release release = new Release(); - final String name = spdxPackage.getName(); - final String version = spdxPackage.getVersionInfo(); + final String name = getValue(spdxPackage.getName()); + final String version = getValue(spdxPackage.getVersionInfo()); release.setName(name); release.setVersion(version); return release; @@ -124,28 +193,32 @@ private Release createReleaseFromSpdxPackage(SpdxPackage spdxPackage) { private Attachment makeAttachmentFromContent(AttachmentContent attachmentContent) { Attachment attachment = new Attachment(); attachment.setAttachmentContentId(attachmentContent.getId()); - attachment.setAttachmentType(AttachmentType.OTHER); + attachment.setAttachmentType(AttachmentType.SBOM); attachment.setCreatedComment("Used for SPDX Bom import"); attachment.setFilename(attachmentContent.getFilename()); + attachment.setCheckStatus(CheckStatus.NOTCHECKED); return attachment; } - private Optional importAsRelease(SpdxElement relatedSpdxElement) throws SW360Exception { + private Optional importAsRelease(SpdxElement relatedSpdxElement) throws SW360Exception, InvalidSPDXAnalysisException { return importAsRelease(relatedSpdxElement, null); } - private Optional importAsRelease(SpdxElement relatedSpdxElement, AttachmentContent attachmentContent) throws SW360Exception { + private Optional importAsRelease(SpdxElement relatedSpdxElement, AttachmentContent attachmentContent + ) throws SW360Exception, InvalidSPDXAnalysisException { if (relatedSpdxElement instanceof SpdxPackage) { final SpdxPackage spdxPackage = (SpdxPackage) relatedSpdxElement; + final Release release; + SpdxBOMImporterSink.Response component; - SpdxBOMImporterSink.Response component = importAsComponent(spdxPackage); + component = importAsComponent(spdxPackage); final String componentId = component.getId(); - final Release release = createReleaseFromSpdxPackage(spdxPackage); + release = createReleaseFromSpdxPackage(spdxPackage); release.setComponentId(componentId); - final Relationship[] relationships = spdxPackage.getRelationships(); + final Relationship[] relationships = spdxPackage.getRelationships().toArray(new Relationship[spdxPackage.getRelationships().size()]); List releases = importAsReleases(relationships); Map releaseIdToRelationship = makeReleaseIdToRelationship(releases); release.setReleaseIdToRelationship(releaseIdToRelationship); @@ -170,29 +243,29 @@ private Map makeReleaseIdToRelationship(List importAsReleases(Relationship[] relationships) throws SW360Exception { + private List importAsReleases(Relationship[] relationships) throws SW360Exception, InvalidSPDXAnalysisException { List releases = new ArrayList<>(); - Map typeToSupplierMap = new HashMap<>(); - typeToSupplierMap.put(Relationship.RelationshipType.CONTAINS, ReleaseRelationship.CONTAINED); + Map typeToSupplierMap = new HashMap<>(); + typeToSupplierMap.put(RelationshipType.CONTAINS, ReleaseRelationship.CONTAINED); for (Relationship relationship : relationships) { - final Relationship.RelationshipType relationshipType = relationship.getRelationshipType(); + final RelationshipType relationshipType = relationship.getRelationshipType(); if(! typeToSupplierMap.keySet().contains(relationshipType)) { log.debug("Unsupported RelationshipType: " + relationshipType.toString()); continue; } - final SpdxElement relatedSpdxElement = relationship.getRelatedSpdxElement(); + final SpdxElement relatedSpdxElement = relationship.getRelatedSpdxElement().get(); final Optional releaseId = importAsRelease(relatedSpdxElement); releaseId.map(response -> { response.setReleaseRelationship(typeToSupplierMap.get(relationshipType)); @@ -213,13 +286,13 @@ private Map makeReleaseIdToProjectRelationsh } - private Optional importAsProject(SpdxElement spdxElement, AttachmentContent attachmentContent) throws SW360Exception { + private Optional importAsProject(SpdxElement spdxElement, AttachmentContent attachmentContent) throws SW360Exception, InvalidSPDXAnalysisException { if (spdxElement instanceof SpdxPackage) { final SpdxPackage spdxPackage = (SpdxPackage) spdxElement; final Project project = creatProjectFromSpdxPackage(spdxPackage); - final Relationship[] relationships = spdxPackage.getRelationships(); + final Relationship[] relationships = spdxPackage.getRelationships().toArray(new Relationship[spdxPackage.getRelationships().size()]); List releases = importAsReleases(relationships); Map releaseIdToProjectRelationship = makeReleaseIdToProjectRelationship(releases); project.setReleaseIdToUsage(releaseIdToProjectRelationship); @@ -237,4 +310,26 @@ private Optional importAsProject(SpdxElement spdxE return Optional.empty(); } } + + private String getValue(Optional value) { + if (value.isPresent()) { + return value.get(); + } else { + return ""; + } + } + + private String getFileType(String fileName) { + if (isNullEmptyOrWhitespace(fileName) || !fileName.contains(".")) { + log.error("Can not get file type from file name - no file extension"); + return null; + } + String ext = fileName.substring(fileName.lastIndexOf(".") + 1).toLowerCase(); + if ("xml".equals(ext)) { + if (fileName.endsWith("rdf.xml")) { + ext = "rdf"; + } + } + return ext; + } } diff --git a/backend/src-common/src/test/java/org/eclipse/sw360/spdx/SpdxBOMImporterTest.java b/backend/src-common/src/test/java/org/eclipse/sw360/spdx/SpdxBOMImporterTest.java index 3e4bf350ac..6690c0667d 100644 --- a/backend/src-common/src/test/java/org/eclipse/sw360/spdx/SpdxBOMImporterTest.java +++ b/backend/src-common/src/test/java/org/eclipse/sw360/spdx/SpdxBOMImporterTest.java @@ -59,7 +59,7 @@ public void before() throws Exception { }); attachmentContent = new AttachmentContent(); - attachmentContent.setFilename("attchmentContentFilename"); + attachmentContent.setFilename("attchmentContentFilename.rdf"); attachmentContent.setContentType("contentType"); attachmentContent.setId("attachmentContentId"); } diff --git a/backend/src/src-components/src/main/java/org/eclipse/sw360/components/ComponentHandler.java b/backend/src/src-components/src/main/java/org/eclipse/sw360/components/ComponentHandler.java index 431e3968c6..1927a08e06 100644 --- a/backend/src/src-components/src/main/java/org/eclipse/sw360/components/ComponentHandler.java +++ b/backend/src/src-components/src/main/java/org/eclipse/sw360/components/ComponentHandler.java @@ -618,6 +618,13 @@ public String getCyclicLinkedReleasePath(Release release, User user) throws TExc return handler.getCyclicLinkedReleasePath(release, user); } + @Override + public ImportBomRequestPreparation prepareImportBom(User user, String attachmentContentId) throws TException { + assertNotNull(attachmentContentId); + assertUser(user); + return handler.prepareImportBom(user, attachmentContentId); + } + @Override public RequestSummary importBomFromAttachmentContent(User user, String attachmentContentId) throws TException { assertNotNull(attachmentContentId); diff --git a/backend/src/src-fossology/src/main/java/org/eclipse/sw360/fossology/rest/FossologyRestClient.java b/backend/src/src-fossology/src/main/java/org/eclipse/sw360/fossology/rest/FossologyRestClient.java index cfeafd4b29..050b978720 100644 --- a/backend/src/src-fossology/src/main/java/org/eclipse/sw360/fossology/rest/FossologyRestClient.java +++ b/backend/src/src-fossology/src/main/java/org/eclipse/sw360/fossology/rest/FossologyRestClient.java @@ -219,6 +219,7 @@ public int startScanning(int uploadId) { headers.set("Authorization", "Bearer " + token); headers.set("folderId", folderId); headers.set("uploadId", uploadId + ""); + headers.set("Content-Type", "application/json"); ObjectNode analysis = objectMapper.createObjectNode(); analysis.put("bucket", true); diff --git a/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/common/PortalConstants.java b/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/common/PortalConstants.java index fc8f83e376..e693e04849 100644 --- a/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/common/PortalConstants.java +++ b/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/common/PortalConstants.java @@ -502,7 +502,11 @@ public class PortalConstants { public static final String PARENT_SCOPE_GROUP_ID = "parentScopeGroupId"; // bom import + public static final String PREPARE_IMPORT_BOM = "prepareImportBom"; public static final String IMPORT_BOM = "importBom"; + public static final String IMPORT_BOM_AS_NEW = "importBomAsNew"; + public static final String NEW_RELEASE_VERSION = "newReleaseVersion"; + public static final String RDF_FILE_PATH = "rdfFilePath"; // project actions public static final String VIEW_LINKED_PROJECTS = "view_linked_projects"; diff --git a/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/portlets/Sw360Portlet.java b/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/portlets/Sw360Portlet.java index dcbe519363..c199d8e9d5 100644 --- a/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/portlets/Sw360Portlet.java +++ b/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/portlets/Sw360Portlet.java @@ -152,6 +152,27 @@ protected void renderRequestSummary(PortletRequest request, MimeResponse respons } } + protected void renderRequestPreparation(PortletRequest request, MimeResponse response, ImportBomRequestPreparation requestPreparation) { + JSONObject jsonObject = JSONFactoryUtil.createJSONObject(); + jsonObject.put(PortalConstants.RESULT, requestPreparation.requestStatus.toString()); + if (requestPreparation.isSetIsComponentDuplicate()) + jsonObject.put("isComponentDuplicate", requestPreparation.isComponentDuplicate); + if (requestPreparation.isSetIsReleaseDuplicate()) + jsonObject.put("isReleaseDuplicate", requestPreparation.isReleaseDuplicate); + if (requestPreparation.isSetName()) + jsonObject.put("name", requestPreparation.name); + if (requestPreparation.isSetVersion()) + jsonObject.put("version", requestPreparation.version); + if (requestPreparation.isSetMessage()) + jsonObject.put("message", requestPreparation.message); + + try { + writeJSON(request, response, jsonObject); + } catch (IOException e) { + log.error("Problem rendering RequestStatus", e); + } + } + protected void renderRequestStatus(PortletRequest request, MimeResponse response, RequestStatus requestStatus) { JSONObject jsonObject = JSONFactoryUtil.createJSONObject(); jsonObject.put(PortalConstants.RESULT, requestStatus.toString()); diff --git a/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/portlets/components/ComponentPortlet.java b/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/portlets/components/ComponentPortlet.java index 4d044eb8c0..862dd45110 100644 --- a/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/portlets/components/ComponentPortlet.java +++ b/frontend/sw360-portlet/src/main/java/org/eclipse/sw360/portal/portlets/components/ComponentPortlet.java @@ -240,6 +240,8 @@ public void serveResource(ResourceRequest request, ResourceResponse response) th importBom(request, response); } else if (PortalConstants.LICENSE_TO_SOURCE_FILE.equals(action)) { serveLicenseToSourceFileMapping(request, response); + } else if (PortalConstants.PREPARE_IMPORT_BOM.equals(action)) { + prepareImportBom(request, response); } else if (isGenericAction(action)) { dealWithGenericAction(request, response, action); } else if (PortalConstants.LOAD_CHANGE_LOGS.equals(action) || PortalConstants.VIEW_CHANGE_LOGS.equals(action)) { @@ -422,6 +424,19 @@ private void serveViewDepartment(ResourceRequest request, ResourceResponse respo include("/html/components/ajax/departmentSearch.jsp", request, response, PortletRequest.RESOURCE_PHASE); } + private void prepareImportBom(ResourceRequest request, ResourceResponse response) { + final ComponentService.Iface componentClient = thriftClients.makeComponentClient(); + User user = UserCacheHolder.getUserFromRequest(request); + String attachmentContentId = request.getParameter(ATTACHMENT_CONTENT_ID); + try { + final ImportBomRequestPreparation importBomRequestPreparation = componentClient.prepareImportBom(user, attachmentContentId); + renderRequestPreparation(request, response, importBomRequestPreparation); + } catch (TException e) { + log.error("Failed to import BOM.", e); + response.setProperty(ResourceResponse.HTTP_STATUS_CODE, Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR)); + } + } + private void serveCheckComponentName(ResourceRequest request, ResourceResponse response) throws IOException { List resultComponents = new ArrayList<>(); List errors = new ArrayList<>(); diff --git a/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/changelogs/elementView.jsp b/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/changelogs/elementView.jsp index 284cdf4fbd..313eec77ea 100644 --- a/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/changelogs/elementView.jsp +++ b/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/changelogs/elementView.jsp @@ -251,6 +251,8 @@ if(fieldValueOld === null || fieldValueOld === undefined || fieldValueNew === null || fieldValueNew === undefined ) { + removeIndexFields(fieldValueOld); + removeIndexFields(fieldValueNew); jsonStrOld = JSON.stringify(fieldValueOld, undefined, 5).replace(/\\n/g, '\n').replace(/\\r/g, '\r'); jsonStrNew = JSON.stringify(fieldValueNew, undefined, 5).replace(/\\n/g, '\n').replace(/\\r/g, '\r'); } @@ -310,10 +312,13 @@ for (let primaryValue of primaryField) { if(typeof primaryValue === 'object') { let matched = false; + let indexKey = "index"; for(let secondaryValue of secondaryField) { - if(secondaryValue[selector] === primaryValue[selector]) { + if (isEqualObject(secondaryValue, primaryValue, selector, indexKey)) { matched = true; if(differentiateObject) { + delete primaryValue[indexKey]; + delete secondaryValue[indexKey]; diffObject(primaryValue, secondaryValue, primarySpanHightlighter, secondarySpanHighlighter, indentlevel); primaryFieldTmp.push(primaryValue); secondaryFieldTmp.push(secondaryValue); @@ -322,7 +327,8 @@ } } if(!matched) { - let jsonString = JSON.stringify(primaryValue, undefined, 5*indentlevel); + removeIndexFields(primaryValue); + let jsonString = JSON.stringify(primaryValue, undefined, 10*indentlevel); jsonString = jsonString.substring(0, jsonString.length-1) + spaceForClosingBraces + jsonString.substring(jsonString.length-1); primaryFieldTmp.push($($.parseHTML(primarySpanHightlighter)).text(jsonString)[0].outerHTML); } @@ -336,6 +342,33 @@ } } + function isEqualObject(secondaryValue, primaryValue, selector, indexKey) { + if (primaryValue[selector] === secondaryValue[selector] && typeof primaryValue[indexKey] === 'undefined') { + return true; + } + if (primaryValue[indexKey] === secondaryValue[indexKey] && typeof primaryValue[selector] === 'undefined') { + return true; + } + return false; + } + + function removeIndexFields(object) { + if (Array.isArray(object)) { + for (let objectValue of object) { + removeIndexFields(objectValue); + } + } else if (typeof object === 'object') { + for (key in object) { + if (key === 'index') { + delete object[key]; + } + if (typeof object[key] === 'object') { + removeIndexFields(object[key]); + } + } + } + } + function copyFromSourceToDestinationArray(srcArr, destArr) { destArr.length = 0; for (obj of srcArr) { @@ -354,6 +387,11 @@ function highlightObject(fieldValuePrimary, fieldValueSecondary, primarySpanHightlighter, secondarySpanHighlighter, differentiateCommonObject, spaceForClosingBraces, indentlevel) { for(key in fieldValuePrimary) { + if (key === 'index') { + delete fieldValuePrimary[key]; + delete fieldValueSecondary[key]; + continue; + } if(fieldValueSecondary[key] === null || fieldValueSecondary[key] === undefined) { let highlighted = fieldValuePrimary[key]; if(typeof fieldValuePrimary[key] === 'object') { diff --git a/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/includes/releases/clearingDetails.jspf b/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/includes/releases/clearingDetails.jspf index e4550db107..cf7b5018a6 100644 --- a/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/includes/releases/clearingDetails.jspf +++ b/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/includes/releases/clearingDetails.jspf @@ -503,6 +503,7 @@ dataObj = {}; url.setParameter(tableData.releaseIdParameterName, releaseId); + url.setParameter(tableData.attachmentIdParameterName, attachmentId); dataObj[ '' + tableData.spdxLicenseInfoParameterName ] = JSON.stringify(data); button.wait($btnCell.find('button')); diff --git a/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/includes/releases/detailOverview.jspf b/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/includes/releases/detailOverview.jspf index 400254872e..7492012ae7 100644 --- a/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/includes/releases/detailOverview.jspf +++ b/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/includes/releases/detailOverview.jspf @@ -141,6 +141,7 @@ <%@include file="/html/components/includes/vendors/vendorDetail.jspf" %> + <%@include file="/html/utils/includes/usingProjectsTable.jspf" %> <%@include file="/html/utils/includes/usingComponentsTable.jspf"%> diff --git a/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/view.jsp b/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/view.jsp index 5719a478a5..9369b16b7a 100644 --- a/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/view.jsp +++ b/frontend/sw360-portlet/src/main/resources/META-INF/resources/html/components/view.jsp @@ -175,7 +175,7 @@