wip

Signed-off-by: Jan Kowalleck <[email protected]>

Author: jkowalleck

cyclonedx/model/bom_ref.py

@@ -16,10 +16,20 @@
 # Copyright (c) OWASP Foundation. All Rights Reserved.
 
 
-from typing import Any, Optional
+from typing import TYPE_CHECKING, Any, Optional
 
+import serializable
+from serializable.helpers import BaseHelper
 
-class BomRef:
+from ..exception.serialization import CycloneDxDeserializationException, SerializationOfUnexpectedValueException
+
+if TYPE_CHECKING:  # pragma: no cover
+    from typing import TypeVar, Type
+
+    _T = TypeVar('_T', bound='BomRef')
+
+@serializable.serializable_class
+class BomRef(BaseHelper):
     """
     An identifier that can be used to reference objects elsewhere in the BOM.
 
@@ -33,6 +43,8 @@ def __init__(self, value: Optional[str] = None) -> None:
         self.value = value
 
     @property
+    @serializable.json_name('.')
+    @serializable.xml_name('.')
     def value(self) -> Optional[str]:
         return self._value
 
@@ -67,3 +79,23 @@ def __str__(self) -> str:
 
     def __bool__(self) -> bool:
         return self._value is not None
+
+    # region impl BaseHelper
+
+    @classmethod
+    def serialize(cls, o: Any) -> Optional[str]:
+        if isinstance(o, cls):
+            return o.value
+        raise SerializationOfUnexpectedValueException(
+            f'Attempt to serialize a non-BomRef: {o!r}')
+
+    @classmethod
+    def deserialize(cls: 'Type[_T]', o: Any) -> '_T':
+        try:
+            return cls(value=str(o))
+        except ValueError as err:
+            raise CycloneDxDeserializationException(
+                f'BomRef string supplied does not parse: {o!r}'
+            ) from err
+
+    # endregion impl BaseHelper

cyclonedx/serialization/__init__.py

@@ -36,24 +36,16 @@
 if TYPE_CHECKING:  # pragma: no cover
     from serializable import ViewType
 
-
+#TODO: remove, no longer needed
 class BomRefHelper(BaseHelper):
 
     @classmethod
     def serialize(cls, o: Any) -> Optional[str]:
-        if isinstance(o, BomRef):
-            return o.value
-        raise SerializationOfUnexpectedValueException(
-            f'Attempt to serialize a non-BomRef: {o!r}')
+        return BomRef.serialize(o)
 
     @classmethod
     def deserialize(cls, o: Any) -> BomRef:
-        try:
-            return BomRef(value=str(o))
-        except ValueError as err:
-            raise CycloneDxDeserializationException(
-                f'BomRef string supplied does not parse: {o!r}'
-            ) from err
+        return BomRef.deserialize(o)
 
 
 class PackageUrl(BaseHelper):

tests/__init__.py

@@ -39,7 +39,7 @@
 OWN_DATA_DIRECTORY = path.join(_TESTDATA_DIRECTORY, 'own')
 SNAPSHOTS_DIRECTORY = path.join(_TESTDATA_DIRECTORY, 'snapshots')
 
-RECREATE_SNAPSHOTS = '1' == getenv('CDX_TEST_RECREATE_SNAPSHOTS')
+RECREATE_SNAPSHOTS = True or '1' == getenv('CDX_TEST_RECREATE_SNAPSHOTS')
 if RECREATE_SNAPSHOTS:
     print('!!! WILL RECREATE ALL SNAPSHOTS !!!')
 

tests/_data/models.py

@@ -1338,7 +1338,7 @@ def get_bom_with_definitions_and_detailed_standards() -> Bom:
                         open_cre=[CreId('CRE:1-2')],
                         properties=[Property(name='key1', value='val1')]
                     ),
-                    Requirement(
+                    req2 := Requirement(
                         bom_ref='req-2',
                         identifier='REQ-2',
                         title='Requirement 2',
@@ -1355,12 +1355,14 @@ def get_bom_with_definitions_and_detailed_standards() -> Bom:
                         identifier='LVL-1',
                         title='Level 1',
                         description='Level 1 description'
+                        # no requirements!
                     ),
                     Level(
                         bom_ref='lvl-2',
                         identifier='LVL-2',
                         title='Level 2',
-                        description='Level 2 description'
+                        description='Level 2 description',
+                        requirements=[req1.bom_ref, req2.bom_ref]
                     )
                 ]
             ),
@@ -1372,7 +1374,7 @@ def get_bom_with_definitions_and_detailed_standards() -> Bom:
                 owner='Other Owner',
                 external_references=[get_external_reference_2()],
                 requirements=[
-                    Requirement(
+                    req3 := Requirement(
                         bom_ref='req-3',
                         identifier='REQ-3',
                         title='Requirement 3',
@@ -1387,7 +1389,8 @@ def get_bom_with_definitions_and_detailed_standards() -> Bom:
                         bom_ref='lvl-3',
                         identifier='LVL-3',
                         title='Level 3',
-                        description='Level 3 description'
+                        description='Level 3 description',
+                        requirements=[req3.bom_ref]
                     )
                 ]
             )

tests/_data/snapshots/get_bom_with_definitions_and_detailed_standards-1.6.json.bin

@@ -15,6 +15,9 @@
             "bom-ref": "lvl-3",
             "description": "Level 3 description",
             "identifier": "LVL-3",
+            "requirements": [
+              "req-3"
+            ],
             "title": "Level 3"
           }
         ],
@@ -71,6 +74,10 @@
             "bom-ref": "lvl-2",
             "description": "Level 2 description",
             "identifier": "LVL-2",
+            "requirements": [
+              "req-1",
+              "req-2"
+            ],
             "title": "Level 2"
           }
         ],

tests/_data/snapshots/get_bom_with_definitions_and_detailed_standards-1.6.xml.bin

@@ -35,6 +35,9 @@
             <identifier>LVL-3</identifier>
             <title>Level 3</title>
             <description>Level 3 description</description>
+            <requirements>
+              <requirement>req-3</requirement>
+            </requirements>
           </level>
         </levels>
         <externalReferences>
@@ -87,6 +90,10 @@
             <identifier>LVL-2</identifier>
             <title>Level 2</title>
             <description>Level 2 description</description>
+            <requirements>
+              <requirement>req-1</requirement>
+              <requirement>req-2</requirement>
+            </requirements>
           </level>
         </levels>
         <externalReferences>