View Javadoc
1   package org.apache.maven.plugins.enforcer;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *  http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.commons.lang.StringUtils;
23  import org.apache.maven.artifact.Artifact;
24  import org.apache.maven.artifact.versioning.InvalidVersionSpecificationException;
25  import org.apache.maven.enforcer.rule.api.EnforcerRuleException;
26  import org.apache.maven.plugin.logging.Log;
27  import org.apache.maven.plugins.enforcer.utils.ArtifactMatcher;
28  import org.apache.maven.plugins.enforcer.utils.ArtifactMatcher.Pattern;
29  import java.util.HashSet;
30  import java.util.List;
31  import java.util.Set;
32  
33  /**
34   * This rule checks that lists of dependencies are not included.
35   * 
36   * @author <a href="mailto:brianf@apache.org">Brian Fox</a>
37   * @version $Id: BannedDependencies.java 1634140 2014-10-24 21:23:01Z khmarbaise $
38   */
39  public class BannedDependencies
40      extends AbstractBanDependencies
41  {
42  
43      /**
44       * Specify the banned dependencies. This can be a list of artifacts in the format
45       * <code>groupId[:artifactId][:version]</code>. Any of the sections can be a wildcard 
46       * by using '*' (ie group:*:1.0) <br>
47       * The rule will fail if any dependency matches any exclude, unless it also matches 
48       * an include rule.
49       * 
50       * @see {@link #setExcludes(List)}
51       * @see {@link #getExcludes()}
52       */
53      private List<String> excludes = null;
54  
55      /**
56       * Specify the allowed dependencies. This can be a list of artifacts in the format
57       * <code>groupId[:artifactId][:version]</code>. Any of the sections can be a wildcard 
58       * by using '*' (ie group:*:1.0) <br>
59       * Includes override the exclude rules. It is meant to allow wide exclusion rules 
60       * with wildcards and still allow a
61       * smaller set of includes. <br>
62       * For example, to ban all xerces except xerces-api -> exclude "xerces", include "xerces:xerces-api"
63       * 
64       * @see {@link #setIncludes(List)}
65       * @see {@link #getIncludes()}
66       */
67      private List<String> includes = null;
68  
69      /**
70       * {@inheritDoc}
71       */
72      protected Set<Artifact> checkDependencies( Set<Artifact> theDependencies, Log log )
73          throws EnforcerRuleException
74      {
75  
76          Set<Artifact> excluded = checkDependencies( theDependencies, excludes );
77  
78          // anything specifically included should be removed
79          // from the ban list.
80          if ( excluded != null )
81          {
82              Set<Artifact> included = checkDependencies( theDependencies, includes );
83  
84              if ( included != null )
85              {
86                  excluded.removeAll( included );
87              }
88          }
89          return excluded;
90  
91      }
92  
93      /**
94       * Checks the set of dependencies against the list of patterns.
95       * 
96       * @param thePatterns the patterns
97       * @param dependencies the dependencies
98       * @return a set containing artifacts matching one of the patterns or <code>null</code>
99       * @throws EnforcerRuleException the enforcer rule exception
100      */
101     private Set<Artifact> checkDependencies( Set<Artifact> dependencies, List<String> thePatterns )
102         throws EnforcerRuleException
103     {
104         Set<Artifact> foundMatches = null;
105 
106         if ( thePatterns != null && thePatterns.size() > 0 )
107         {
108 
109             for ( String pattern : thePatterns )
110             {
111                 String[] subStrings = pattern.split( ":" );
112                 subStrings = StringUtils.stripAll( subStrings );
113                 String resultPattern = StringUtils.join( subStrings, ":" );
114 
115                 for ( Artifact artifact : dependencies )
116                 {
117                     if ( compareDependency( resultPattern, artifact ) )
118                     {
119                         // only create if needed
120                         if ( foundMatches == null )
121                         {
122                             foundMatches = new HashSet<Artifact>();
123                         }
124                         foundMatches.add( artifact );
125                     }
126                 }
127             }
128         }
129         return foundMatches;
130     }
131 
132     /**
133      * Compares the given pattern against the given artifact. The pattern should follow the format
134      * <code>groupId:artifactId:version:type:scope:classifier</code>.
135      * 
136      * @param pattern The pattern to compare the artifact with.
137      * @param artifact the artifact
138      * @return <code>true</code> if the artifact matches one of the patterns
139      * @throws EnforcerRuleException the enforcer rule exception
140      */
141     protected boolean compareDependency( String pattern, Artifact artifact )
142         throws EnforcerRuleException
143     {
144 
145         ArtifactMatcher.Pattern am = new Pattern( pattern );
146         boolean result;
147         try
148         {
149             result = am.match( artifact );
150         }
151         catch ( InvalidVersionSpecificationException e )
152         {
153             throw new EnforcerRuleException( "Invalid Version Range: ", e );
154         }
155 
156         return result;
157     }
158 
159     /**
160      * Gets the excludes.
161      * 
162      * @return the excludes
163      */
164     public List<String> getExcludes()
165     {
166         return this.excludes;
167     }
168 
169     /**
170      * Specify the banned dependencies. This can be a list of artifacts in the format
171      * <code>groupId[:artifactId][:version]</code>. Any of the sections can be a wildcard 
172      * by using '*' (ie group:*:1.0) <br>
173      * The rule will fail if any dependency matches any exclude, unless it also matches an 
174      * include rule.
175      * 
176      * @see {@link #getExcludes()}
177      * @param theExcludes the excludes to set
178      */
179     public void setExcludes( List<String> theExcludes )
180     {
181         this.excludes = theExcludes;
182     }
183 
184     /**
185      * Gets the includes.
186      * 
187      * @return the includes
188      */
189     public List<String> getIncludes()
190     {
191         return this.includes;
192     }
193 
194     /**
195      * Specify the allowed dependencies. This can be a list of artifacts in the format
196      * <code>groupId[:artifactId][:version]</code>. Any of the sections can be a wildcard 
197      * by using '*' (ie group:*:1.0) <br>
198      * Includes override the exclude rules. It is meant to allow wide exclusion rules with 
199      * wildcards and still allow a
200      * smaller set of includes. <br>
201      * For example, to ban all xerces except xerces-api -> exclude "xerces", 
202      * include "xerces:xerces-api"
203      * 
204      * @see {@link #setIncludes(List)}
205      * @param theIncludes the includes to set
206      */
207     public void setIncludes( List<String> theIncludes )
208     {
209         this.includes = theIncludes;
210     }
211 
212 }