001package org.apache.maven.plugins.enforcer; 002 003/* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021 022import org.apache.maven.artifact.Artifact; 023import org.apache.maven.enforcer.rule.api.EnforcerRuleException; 024import org.apache.maven.enforcer.rule.api.EnforcerRuleHelper; 025import org.apache.maven.plugin.logging.Log; 026import org.apache.maven.project.MavenProject; 027import org.apache.maven.shared.dependency.graph.DependencyGraphBuilder; 028import org.apache.maven.shared.dependency.graph.DependencyGraphBuilderException; 029import org.apache.maven.shared.dependency.graph.DependencyNode; 030import org.codehaus.plexus.component.configurator.expression.ExpressionEvaluationException; 031import org.codehaus.plexus.component.repository.exception.ComponentLookupException; 032import java.util.HashSet; 033import java.util.Set; 034 035/** 036 * Abstract Rule for banning dependencies. 037 * 038 * @author <a href="mailto:brianf@apache.org">Brian Fox</a> 039 * @version $Id$ 040 */ 041public abstract class AbstractBanDependencies 042 extends AbstractNonCacheableEnforcerRule 043{ 044 045 /** Specify if transitive dependencies should be searched (default) or only look at direct dependencies. */ 046 private boolean searchTransitive = true; 047 048 private transient DependencyGraphBuilder graphBuilder; 049 050 @Override 051 public void execute( EnforcerRuleHelper helper ) 052 throws EnforcerRuleException 053 { 054 055 // get the project 056 MavenProject project = null; 057 try 058 { 059 project = (MavenProject) helper.evaluate( "${project}" ); 060 } 061 catch ( ExpressionEvaluationException eee ) 062 { 063 throw new EnforcerRuleException( "Unable to retrieve the MavenProject: ", eee ); 064 } 065 066 try 067 { 068 graphBuilder = (DependencyGraphBuilder) helper.getComponent( DependencyGraphBuilder.class ); 069 } 070 catch ( ComponentLookupException e ) 071 { 072 // real cause is probably that one of the Maven3 graph builder could not be initiated and fails with a 073 // ClassNotFoundException 074 try 075 { 076 graphBuilder = 077 (DependencyGraphBuilder) helper.getComponent( DependencyGraphBuilder.class.getName(), "maven2" ); 078 } 079 catch ( ComponentLookupException e1 ) 080 { 081 throw new EnforcerRuleException( "Unable to lookup DependencyGraphBuilder: ", e ); 082 } 083 } 084 085 // get the correct list of dependencies 086 Set<Artifact> dependencies = getDependenciesToCheck( project ); 087 088 // look for banned dependencies 089 Set<Artifact> foundExcludes = checkDependencies( dependencies, helper.getLog() ); 090 091 // if any are found, fail the check but list all of them 092 if ( foundExcludes != null && !foundExcludes.isEmpty() ) 093 { 094 String message = getMessage(); 095 096 StringBuilder buf = new StringBuilder(); 097 if ( message != null ) 098 { 099 buf.append( message + "\n" ); 100 } 101 for ( Artifact artifact : foundExcludes ) 102 { 103 buf.append( getErrorMessage( artifact ) ); 104 } 105 message = buf.toString() + "Use 'mvn dependency:tree' to locate the source of the banned dependencies."; 106 107 throw new EnforcerRuleException( message ); 108 } 109 110 } 111 112 protected CharSequence getErrorMessage( Artifact artifact ) 113 { 114 return "Found Banned Dependency: " + artifact.getId() + "\n"; 115 } 116 117 protected Set<Artifact> getDependenciesToCheck( MavenProject project ) 118 { 119 Set<Artifact> dependencies = null; 120 try 121 { 122 DependencyNode node = graphBuilder.buildDependencyGraph( project, null ); 123 if ( searchTransitive ) 124 { 125 dependencies = getAllDescendants( node ); 126 } 127 else if ( node.getChildren() != null ) 128 { 129 dependencies = new HashSet<Artifact>(); 130 for ( DependencyNode depNode : node.getChildren() ) 131 { 132 dependencies.add( depNode.getArtifact() ); 133 } 134 } 135 } 136 catch ( DependencyGraphBuilderException e ) 137 { 138 // otherwise we need to change the signature of this protected method 139 throw new RuntimeException( e ); 140 } 141 return dependencies; 142 } 143 144 private Set<Artifact> getAllDescendants( DependencyNode node ) 145 { 146 Set<Artifact> children = null; 147 if ( node.getChildren() != null ) 148 { 149 children = new HashSet<Artifact>(); 150 for ( DependencyNode depNode : node.getChildren() ) 151 { 152 children.add( depNode.getArtifact() ); 153 Set<Artifact> subNodes = getAllDescendants( depNode ); 154 if ( subNodes != null ) 155 { 156 children.addAll( subNodes ); 157 } 158 } 159 } 160 return children; 161 } 162 163 /** 164 * Checks the set of dependencies against the list of excludes. 165 * 166 * @param dependencies the dependencies 167 * @param log the log 168 * @return the sets the 169 * @throws EnforcerRuleException the enforcer rule exception 170 */ 171 protected abstract Set<Artifact> checkDependencies( Set<Artifact> dependencies, Log log ) 172 throws EnforcerRuleException; 173 174 /** 175 * Checks if is search transitive. 176 * 177 * @return the searchTransitive 178 */ 179 public boolean isSearchTransitive() 180 { 181 return this.searchTransitive; 182 } 183 184 /** 185 * Sets the search transitive. 186 * 187 * @param theSearchTransitive the searchTransitive to set 188 */ 189 public void setSearchTransitive( boolean theSearchTransitive ) 190 { 191 this.searchTransitive = theSearchTransitive; 192 } 193 194}