package org.owasp.dependencycheck.analyzer;

import java.util.ArrayList;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.owasp.dependencycheck.BaseTest;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.analyzer.exception.AnalysisException;
import org.owasp.dependencycheck.dependency.Confidence;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.dependency.naming.PurlIdentifier;
import org.owasp.dependencycheck.utils.Settings;
import org.owasp.dependencycheck.xml.suppression.PropertyType;
import org.owasp.dependencycheck.xml.suppression.SuppressionRule;

/* loaded from: input_file:org/owasp/dependencycheck/analyzer/UnusedSuppressionRuleAnalyzerTest.class */
class UnusedSuppressionRuleAnalyzerTest extends BaseTest {
    private static final String NAME = "Unused Suppression Rule Analyzer";
    private static final String PACKAGE_NAME = "CoolAsACucumber";
    private static final String EXPECTED_EX = "should have thrown an AnalysisException";

    UnusedSuppressionRuleAnalyzerTest() {
    }

    @Test
    void testGetName() {
        Assertions.assertEquals(NAME, new UnusedSuppressionRuleAnalyzer().getName());
    }

    @Test
    void testException() throws Exception {
        Dependency dependency = getDependency("1.0");
        Dependency dependency2 = getDependency("1.1");
        try {
            getAnalyzer(true).analyzeDependency(dependency, getEngine(true, false, dependency, dependency2));
            throw new Exception(EXPECTED_EX);
        } catch (AnalysisException e) {
            Assertions.assertEquals(String.format("There are %d unused suppression rule(s): check logs.", 1), e.getMessage());
            UnusedSuppressionRuleAnalyzer analyzer = getAnalyzer(false);
            analyzer.analyzeDependency(dependency, getEngine(true, false, dependency, dependency2));
            Assertions.assertEquals(1, analyzer.getUnusedSuppressionRuleCount());
        }
    }

    @Test
    void testCheckUnusedRules() throws Exception {
        Dependency dependency = getDependency("1.0");
        Dependency dependency2 = getDependency("1.1");
        checkUnusedRules(false, 0, false, false, dependency);
        checkUnusedRules(false, 1, true, false, dependency, dependency2);
        checkUnusedRules(false, 0, true, true, dependency, dependency2);
        checkUnusedRules(true, 0, false, false, dependency);
        checkUnusedRules(true, 1, true, false, dependency, dependency2);
        checkUnusedRules(true, 0, true, true, dependency, dependency2);
    }

    private void checkUnusedRules(boolean z, int i, boolean z2, boolean z3, Dependency... dependencyArr) {
        UnusedSuppressionRuleAnalyzer analyzer = getAnalyzer(z);
        Assertions.assertNotNull(analyzer);
        analyzer.checkUnusedRules(getEngine(z2, z3, dependencyArr));
        Assertions.assertEquals(i, analyzer.getUnusedSuppressionRuleCount());
    }

    private Dependency getDependency(String str, String str2, String str3, String str4) throws Exception {
        Dependency dependency = new Dependency();
        dependency.addSoftwareIdentifier(new PurlIdentifier(str, str2, str3, str4, Confidence.HIGHEST));
        return dependency;
    }

    private Dependency getDependency(String str) throws Exception {
        return getDependency("maven", "test", PACKAGE_NAME, str);
    }

    private Engine getEngine(boolean z, boolean z2, Dependency... dependencyArr) {
        Engine engine = new Engine(getSettings());
        ArrayList arrayList = new ArrayList();
        if (dependencyArr != null) {
            for (Dependency dependency : dependencyArr) {
                arrayList.add(dependency);
            }
        }
        engine.setDependencies(arrayList);
        if (!z) {
            return engine;
        }
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(getSuppressionRule(z2));
        engine.putObject("suppression.rules", arrayList2);
        return engine;
    }

    private UnusedSuppressionRuleAnalyzer getAnalyzer(boolean z) {
        UnusedSuppressionRuleAnalyzer unusedSuppressionRuleAnalyzer = new UnusedSuppressionRuleAnalyzer();
        Assertions.assertNotNull(unusedSuppressionRuleAnalyzer);
        Settings settings = getSettings();
        settings.setBoolean("analyzer.suppression.unused.fail", z);
        unusedSuppressionRuleAnalyzer.initialize(settings);
        Assertions.assertEquals(Boolean.valueOf(z), Boolean.valueOf(unusedSuppressionRuleAnalyzer.failsForUnusedSuppressionRule()));
        Assertions.assertEquals(0, unusedSuppressionRuleAnalyzer.getUnusedSuppressionRuleCount());
        return unusedSuppressionRuleAnalyzer;
    }

    private SuppressionRule getSuppressionRule(boolean z) {
        SuppressionRule suppressionRule = new SuppressionRule();
        suppressionRule.addVulnerabilityName(getPropertyType("CVE-2023-5072", false, false));
        suppressionRule.setPackageUrl(getPropertyType("^pkg:maven/test.CoolAsACucumber." + z, false, false));
        suppressionRule.addCpe(getPropertyType(PACKAGE_NAME, false, false));
        suppressionRule.setBase(false);
        suppressionRule.setMatched(z);
        return suppressionRule;
    }

    private PropertyType getPropertyType(String str, boolean z, boolean z2) {
        PropertyType propertyType = new PropertyType();
        propertyType.setValue(str);
        propertyType.setRegex(z);
        propertyType.setCaseSensitive(z2);
        return propertyType;
    }
}
