Fixed typos, minor changes and added test #3521

sechub-commons-core/src/main/java/com/mercedesbenz/sechub/commons/core/ConfigurationFailureException.java

@@ -3,6 +3,8 @@
 
 public class ConfigurationFailureException extends Exception {
 
+    private static final long serialVersionUID = -384180667154600386L;
+
     public ConfigurationFailureException(String message) {
         super(message);
     }
@@ -11,6 +13,4 @@ public ConfigurationFailureException(String message, Throwable cause) {
         super(message, cause);
     }
 
-    private static final long serialVersionUID = -384180667154600386L;
-
 }

sechub-doc/src/docs/asciidoc/documents/shared/snippet/pds-param-template-metadata-syntax.json

@@ -1,7 +1,7 @@
   [ //<1>
     {
         "templateId" : "templateId", //<2>
-        "tempplateType": "WEBSCAN_LOGIN", //<3>
+        "templateType": "WEBSCAN_LOGIN", //<3>
 
         "assetData" : { //<4>
                 "assetId" : "assetId", //<5>

sechub-doc/src/test/java/com/mercedesbenz/sechub/ExampleFile.java

@@ -41,6 +41,7 @@ public enum ExampleFile {
 
     WEBSCAN_FORM_BASED_SCRIPT_AUTH_WITH_TOTP("src/docs/asciidoc/documents/shared/configuration/sechub_config_example21_webscan_login_form_with_totp.json"),
 
+    PDS_PARAM_TEMPLATE_META_DATA_SYNTAX("src/docs/asciidoc/documents/shared/snippet/pds-param-template-metadata-syntax.json");
     ;
 
     private String path;

sechub-doc/src/test/java/com/mercedesbenz/sechub/ExampleFilesValidTest.java

@@ -13,7 +13,10 @@
 
 import com.mercedesbenz.sechub.commons.model.*;
 import com.mercedesbenz.sechub.commons.model.login.*;
+import com.mercedesbenz.sechub.commons.model.template.TemplateType;
 import com.mercedesbenz.sechub.commons.pds.PDSDefaultParameterKeyConstants;
+import com.mercedesbenz.sechub.commons.pds.data.PDSTemplateMetaData;
+import com.mercedesbenz.sechub.commons.pds.data.PDSTemplateMetaData.PDSAssetData;
 import com.mercedesbenz.sechub.pds.commons.core.config.PDSProductParameterDefinition;
 import com.mercedesbenz.sechub.pds.commons.core.config.PDSProductParameterSetup;
 import com.mercedesbenz.sechub.pds.commons.core.config.PDSProductSetup;
@@ -310,6 +313,28 @@ void webscan_form_based_script_auth_with_totp_can_be_read_and_contains_expected_
         assertEquals(EncodingType.BASE64, totp.getEncodingType());
     }
 
+    @Test
+    void pds_param_template_metadata_array_syntax_example_is_valid() {
+        /* prepare */
+        String json = TestFileReader.readTextFromFile(ExampleFile.PDS_PARAM_TEMPLATE_META_DATA_SYNTAX.getPath());
+
+        /* execute */
+        List<PDSTemplateMetaData> result = JSONConverter.get().fromJSONtoListOf(PDSTemplateMetaData.class, json);
+
+        /* test */
+        assertEquals(1, result.size());
+        PDSTemplateMetaData data = result.iterator().next();
+        assertEquals("templateId", data.getTemplateId());
+        assertEquals(TemplateType.WEBSCAN_LOGIN, data.getTemplateType());
+
+        PDSAssetData assetData = data.getAssetData();
+        assertNotNull(assetData);
+        assertEquals("assetId", assetData.getAssetId());
+        assertEquals("fileChecksum", assetData.getChecksum());
+        assertEquals("fileName", assetData.getFileName());
+
+    }
+
     private void assertDefaultValue(PDSProductSetup setup, boolean isMandatory, String parameterKey, String expectedDefault) {
         PDSProductParameterSetup parameters = setup.getParameters();
         List<PDSProductParameterDefinition> list = null;

sechub-scan/src/main/java/com/mercedesbenz/sechub/domain/scan/asset/AssetService.java

@@ -66,30 +66,34 @@ public class AssetService {
     }
     /* @formatter:on */
 
-    @UseCaseAdminUploadsAssetFile(@Step(number = 2, name = "Service tries to upload file for asset", description = "Uploaded file will be stored in database and in storage"))
-    public void uploadAssetFile(String assetId, MultipartFile multipartFile, String checkSum) {
+    @UseCaseAdminDeletesAssetCompletely(@Step(number = 2, name = "Services deletes all asset parts"))
+    @Transactional
+    public void deleteAsset(String assetId) throws IOException {
         inputAssertion.assertIsValidAssetId(assetId);
 
-        inputAssertion.assertIsValidSha256Checksum(checkSum);
+        repository.deleteAssetFilesHavingAssetId(assetId);
+        storageService.createAssetStorage(assetId).deleteAll();
+    }
 
-        String fileName = assertAssetFile(multipartFile);
+    @UseCaseAdminDeletesOneFileFromAsset(@Step(number = 2, name = "Services deletes file from asset"))
+    public void deleteAssetFile(String assetId, String fileName) throws IOException {
+        inputAssertion.assertIsValidAssetId(assetId);
+        inputAssertion.assertIsValidAssetFileName(fileName);
 
-        handleChecksumValidation(fileName, multipartFile, checkSum, assetId);
+        repository.deleteById(AssetFileCompositeKey.builder().assetId(assetId).fileName(fileName).build());
+        storageService.createAssetStorage(assetId).delete(fileName);
+    }
 
-        try {
-            /* now store */
-            byte[] bytes = multipartFile.getBytes();
-            persistFileAndChecksumInDatabase(fileName, bytes, checkSum, assetId);
+    @UseCaseAdminDownloadsAssetFile(@Step(number = 2, name = "Service downloads asset file from database"))
+    public void downloadAssetFile(String assetId, String fileName, ServletOutputStream outputStream) throws IOException {
+        inputAssertion.assertIsValidAssetId(assetId);
+        inputAssertion.assertIsValidAssetFileName(fileName);
 
-            ensureAssetFileInStorageAvailableAndHasSameChecksumAsInDatabase(fileName, assetId);
+        notNull(outputStream, "output stream may not be null!");
 
-            LOG.info("Successfully uploaded file '{}' for asset '{}'", fileName, assetId);
+        AssetFile assetFile = assertAssetFileFromDatabase(assetId, fileName);
+        outputStream.write(assetFile.getData());
 
-        } catch (IOException e) {
-            throw new SecHubRuntimeException("Was not able to upload file '" + fileName + "' for asset '" + assetId + "'", e);
-        } catch (ConfigurationFailureException e) {
-            throw new IllegalStateException("A configuration failure should not happen at this point!", e);
-        }
     }
 
     /**
@@ -143,16 +147,63 @@ public void ensureAssetFileInStorageAvailableAndHasSameChecksumAsInDatabase(Stri
 
     }
 
-    private void persistFileAndChecksumInDatabase(String fileName, byte[] bytes, String checkSum, String assetId) throws IOException {
-        /* delete if exists */
-        AssetFileCompositeKey key = AssetFileCompositeKey.builder().assetId(assetId).fileName(fileName).build();
-        repository.deleteById(key);
+    @UseCaseAdminFetchesAssetIds(@Step(number = 2, name = "Service fetches all asset ids from database"))
+    public List<String> fetchAllAssetIds() {
+        return repository.fetchAllAssetIds();
+    }
 
-        AssetFile assetFile = new AssetFile(key);
-        assetFile.setChecksum(checkSum);
-        assetFile.setData(bytes);
+    /**
+     * Fetches asset details (from database)
+     *
+     * @param assetId asset identifier
+     * @return detail data
+     * @throws NotFoundException when no asset exists for given identifier
+     */
+    @UseCaseAdminFetchesAssetDetails(@Step(number = 2, name = "Service fetches asset details for given asset id"))
+    public AssetDetailData fetchAssetDetails(String assetId) {
+        inputAssertion.assertIsValidAssetId(assetId);
 
-        repository.save(assetFile);
+        List<AssetFile> assetFiles = repository.fetchAllAssetFilesWithAssetId(assetId);
+        if (assetFiles.isEmpty()) {
+            throw new NotFoundException("No asset data available for asset id:" + assetId);
+        }
+
+        AssetDetailData data = new AssetDetailData();
+        data.setAssetId(assetId);
+        for (AssetFile assetFile : assetFiles) {
+            AssetFileData information = new AssetFileData();
+            information.setFileName(assetFile.getKey().getFileName());
+            information.setChecksum(assetFile.getChecksum());
+            data.getFiles().add(information);
+        }
+
+        return data;
+    }
+
+    @UseCaseAdminUploadsAssetFile(@Step(number = 2, name = "Service tries to upload file for asset", description = "Uploaded file will be stored in database and in storage"))
+    public void uploadAssetFile(String assetId, MultipartFile multipartFile, String checkSum) {
+        inputAssertion.assertIsValidAssetId(assetId);
+
+        inputAssertion.assertIsValidSha256Checksum(checkSum);
+
+        String fileName = assertAssetFile(multipartFile);
+
+        handleChecksumValidation(fileName, multipartFile, checkSum, assetId);
+
+        try {
+            /* now store */
+            byte[] bytes = multipartFile.getBytes();
+            persistFileAndChecksumInDatabase(fileName, bytes, checkSum, assetId);
+
+            ensureAssetFileInStorageAvailableAndHasSameChecksumAsInDatabase(fileName, assetId);
+
+            LOG.info("Successfully uploaded file '{}' for asset '{}'", fileName, assetId);
+
+        } catch (IOException e) {
+            throw new SecHubRuntimeException("Was not able to upload file '" + fileName + "' for asset '" + assetId + "'", e);
+        } catch (ConfigurationFailureException e) {
+            throw new IllegalStateException("A configuration failure should not happen at this point!", e);
+        }
     }
 
     private String assertAssetFile(MultipartFile file) {
@@ -169,15 +220,14 @@ private String assertAssetFile(MultipartFile file) {
         return fileName;
     }
 
-    private void handleChecksumValidation(String fileName, MultipartFile file, String checkSum, String assetid) {
-        try (InputStream inputStream = file.getInputStream()) {
-            /* validate */
-            assertCheckSumCorrect(checkSum, inputStream);
-
-        } catch (IOException e) {
-            LOG.error("Was not able to validate uploaded file checksum for file '{}' in asset '{}'", fileName, assetid, e);
-            throw new SecHubRuntimeException("Was not able to validate uploaded asset checksum");
+    private AssetFile assertAssetFileFromDatabase(String assetId, String fileName) {
+        AssetFileCompositeKey key = AssetFileCompositeKey.builder().assetId(assetId).fileName(fileName).build();
+        Optional<AssetFile> result = repository.findById(key);
+        if (result.isEmpty()) {
+            throw new NotFoundException("For asset:" + assetId + " no file with name:" + fileName + " exists!");
         }
+        AssetFile assetFile = result.get();
+        return assetFile;
     }
 
     private void assertCheckSumCorrect(String checkSum, InputStream inputStream) {
@@ -187,88 +237,38 @@ private void assertCheckSumCorrect(String checkSum, InputStream inputStream) {
         }
     }
 
-    private void storeStream(String fileName, String checkSum, AssetStorage assetStorage, long fileSize, InputStream inputStream) throws IOException {
-        assetStorage.store(fileName, inputStream, fileSize);
-
-        long checksumSizeInBytes = checkSum.getBytes().length;
-        assetStorage.store(createFileNameForChecksum(fileName), new StringInputStream(checkSum), checksumSizeInBytes);
-    }
-
     private String createFileNameForChecksum(String fileName) {
         return fileName + DOT_CHECKSUM;
     }
 
-    @UseCaseAdminDownloadsAssetFile(@Step(number = 2, name = "Service downloads asset file from database"))
-    public void downloadAssetFile(String assetId, String fileName, ServletOutputStream outputStream) throws IOException {
-        inputAssertion.assertIsValidAssetId(assetId);
-        inputAssertion.assertIsValidAssetFileName(fileName);
-
-        notNull(outputStream, "output stream may not be null!");
-
-        AssetFile assetFile = assertAssetFileFromDatabase(assetId, fileName);
-        outputStream.write(assetFile.getData());
-
-    }
+    private void handleChecksumValidation(String fileName, MultipartFile file, String checkSum, String assetid) {
+        try (InputStream inputStream = file.getInputStream()) {
+            /* validate */
+            assertCheckSumCorrect(checkSum, inputStream);
 
-    private AssetFile assertAssetFileFromDatabase(String assetId, String fileName) {
-        AssetFileCompositeKey key = AssetFileCompositeKey.builder().assetId(assetId).fileName(fileName).build();
-        Optional<AssetFile> result = repository.findById(key);
-        if (result.isEmpty()) {
-            throw new NotFoundException("For asset:" + assetId + " no file with name:" + fileName + " exists!");
+        } catch (IOException e) {
+            LOG.error("Was not able to validate uploaded file checksum for file '{}' in asset '{}'", fileName, assetid, e);
+            throw new SecHubRuntimeException("Was not able to validate uploaded asset checksum");
         }
-        AssetFile assetFile = result.get();
-        return assetFile;
     }
 
-    @UseCaseAdminFetchesAssetIds(@Step(number = 2, name = "Service fetches all asset ids from database"))
-    public List<String> fetchAllAssetIds() {
-        return repository.fetchAllAssetIds();
-    }
-
-    /**
-     * Fetches asset details (from database)
-     *
-     * @param assetId asset identifier
-     * @return detail data
-     * @throws NotFoundException when no asset exists for given identifier
-     */
-    @UseCaseAdminFetchesAssetDetails(@Step(number = 2, name = "Service fetches asset details for given asset id"))
-    public AssetDetailData fetchAssetDetails(String assetId) {
-        inputAssertion.assertIsValidAssetId(assetId);
-
-        List<AssetFile> assetFiles = repository.fetchAllAssetFilesWithAssetId(assetId);
-        if (assetFiles.isEmpty()) {
-            throw new NotFoundException("No asset data available for asset id:" + assetId);
-        }
-
-        AssetDetailData data = new AssetDetailData();
-        data.setAssetId(assetId);
-        for (AssetFile assetFile : assetFiles) {
-            AssetFileData information = new AssetFileData();
-            information.setFileName(assetFile.getKey().getFileName());
-            information.setChecksum(assetFile.getChecksum());
-            data.getFiles().add(information);
-        }
-
-        return data;
-    }
+    private void persistFileAndChecksumInDatabase(String fileName, byte[] bytes, String checkSum, String assetId) throws IOException {
+        /* delete if exists */
+        AssetFileCompositeKey key = AssetFileCompositeKey.builder().assetId(assetId).fileName(fileName).build();
+        repository.deleteById(key);
 
-    @UseCaseAdminDeletesOneFileFromAsset(@Step(number = 2, name = "Services deletes file from asset"))
-    public void deleteAssetFile(String assetId, String fileName) throws IOException {
-        inputAssertion.assertIsValidAssetId(assetId);
-        inputAssertion.assertIsValidAssetFileName(fileName);
+        AssetFile assetFile = new AssetFile(key);
+        assetFile.setChecksum(checkSum);
+        assetFile.setData(bytes);
 
-        repository.deleteById(AssetFileCompositeKey.builder().assetId(assetId).fileName(fileName).build());
-        storageService.createAssetStorage(assetId).delete(fileName);
+        repository.save(assetFile);
     }
 
-    @UseCaseAdminDeletesAssetCompletely(@Step(number = 2, name = "Services deletes all asset parts"))
-    @Transactional
-    public void deleteAsset(String assetId) throws IOException {
-        inputAssertion.assertIsValidAssetId(assetId);
+    private void storeStream(String fileName, String checkSum, AssetStorage assetStorage, long fileSize, InputStream inputStream) throws IOException {
+        assetStorage.store(fileName, inputStream, fileSize);
 
-        repository.deleteAssetFilesHavingAssetId(assetId);
-        storageService.createAssetStorage(assetId).deleteAll();
+        long checksumSizeInBytes = checkSum.getBytes().length;
+        assetStorage.store(createFileNameForChecksum(fileName), new StringInputStream(checkSum), checksumSizeInBytes);
     }
 
 }

sechub-scan/src/test/java/com/mercedesbenz/sechub/domain/scan/asset/AssetFileInformationTest.java

@@ -59,7 +59,7 @@ void equals_returns_false_when_checksums_are_NOT_same() {
         info1.setFileName(sameFileName);
 
         AssetFileData info2 = new AssetFileData();
-        info1.setChecksum("cecksum-2");
+        info2.setChecksum("checksum-2");
         info2.setFileName(sameFileName);
 
         /* execute + test */
@@ -76,7 +76,7 @@ void equals_returns_false_when_checksums_and_filename_are_NOT_same() {
         info1.setFileName("file-1");
 
         AssetFileData info2 = new AssetFileData();
-        info1.setChecksum("cecksum-2");
+        info2.setChecksum("checksum-2");
         info2.setFileName("file-2");
 
         /* execute + test */

sechub-storage-sharedvolume-spring/src/main/java/com/mercedesbenz/sechub/storage/sharevolume/spring/AbstractSharedVolumeStorage.java

@@ -52,7 +52,7 @@ public AbstractSharedVolumeStorage(Path rootLocation, String rootStoragePath, Ob
         }
         this.relativePath = volumePath.relativize(rootLocation).toAbsolutePath().normalize();
 
-        LOG.debug("Created {} with releative path:{}, volumePath: {}", getClass().getSimpleName(), relativePath, volumePath);
+        LOG.debug("Created {} with relative path:{}, volumePath: {}", getClass().getSimpleName(), relativePath, volumePath);
     }
 
     @Override
@@ -114,7 +114,7 @@ public void delete(String name) throws IOException {
 
         Path path = getPathToFile(name);
         if (!Files.exists(path)) {
-            LOG.debug("File '{}' did not exis in volumePatht: {}, skip deletion", name, volumePath);
+            LOG.debug("File '{}' did not exist in volumePath: {}, skip deletion", name, volumePath);
             return;
         }
         Files.delete(path);