Update ignore feature; need to handle in Report too

Author: piperchester

Analyze.py

@@ -5,25 +5,45 @@
 import fnmatch
 import os
 
+from Permissions import Permissions
+
 class Analyze:
     """Analyze object that scrapes project source looking for permissions matches."""
 
-    def __init__(self, project_root, package_name, permissions):
+    def __init__(self, project_root, package_name, permissions, ignore):
         """Init method of Analyze."""
         self.project_root = project_root
         self.package_name = package_name
         self.permissions = permissions
         self.report_file_name = "reports/source_report_" + self.package_name + ".txt"
         self.source_files = []
         self.lines = []
+        self.ignore = ignore
 
     def search_project_root(self):
         """Looks in the source root for matching files with permissions."""
         print("Analyzing from project root....")
-        search_string = "permission"
+
         source_root = self.project_root + "/app/src/"
         matches = []
 
+        # Add any ignored group permissions to the set of individual perms
+        dangerous_permissions = Permissions().dangerous_permissions
+        if len(self.ignore['groups']) > 0:
+            for group in self.ignore['groups']:
+
+                # Get the specific list of permission group and permissions
+                ignored_permissions = dangerous_permissions[group]
+                for permission in ignored_permissions:
+                    dangerous_permission = "android.permission." + permission
+                    self.ignore['individual'].add(dangerous_permission)
+
+        # Ignore specific permissions
+        if len(self.ignore['individual']) > 0:
+            print("Based on config, ignoring the following permissions:")
+            for permission in self.ignore['individual']:
+                print("Ignoring: " + permission)
+
         # Search for matching java files
         for root, dirnames, filenames in os.walk(source_root):
             for filename in fnmatch.filter(filenames, "*.java"):
@@ -32,12 +52,19 @@ def search_project_root(self):
             current_file = ""
             with open(file) as java_file:
                 for index, line in enumerate(java_file):
-                    if search_string in line:
-                        if current_file is not java_file.name:
-                            current_file = java_file.name
-                            self.lines.append(('{} {:>4}\n'.format("\nFile: ", current_file)))
-                            self.source_files.append(current_file)
-                        self.lines.append(('{:>4} {}'.format(index, line.rstrip())))
+                    if "permission" in line:
+
+                        # Ignore the line if it has an ignored permission,
+                        # otherwise add the line to the source_lines list
+                        for ignored_permission in self.ignore['individual']:
+                            if ignored_permission in line:
+                                break
+                        else:
+                            if current_file is not java_file.name:
+                                current_file = java_file.name
+                                self.lines.append(('{} {:>4}\n'.format("\nFile: ", current_file)))
+                                self.source_files.append(current_file)
+                            self.lines.append(('{:>4} {}'.format(index, line.rstrip())))
         print("Analyzing finished!")
 
         # Print the source report

MPerm.py

@@ -110,7 +110,7 @@ def main():
         print("Looking in root for a config.txt...")
         ignore = {
             'groups': set(),
-            'permissions': set()
+            'individual': set()
         }
         try:
             with open("./config.txt") as config:
@@ -125,7 +125,7 @@ def main():
                         elif line != '\n':
                             # specific permissions
                             sanitized = line.rstrip()
-                            ignore['permissions'].add(sanitized)
+                            ignore['individual'].add(sanitized)
             print("Config found. Analysis will ignore the stated permissions.")
 
         except FileNotFoundError:
@@ -146,7 +146,7 @@ def main():
         third_party_permissions = get_third_party_permissions(manifest_tree)
 
         # Scrape the source
-        analyzer = Analyze(source_path, package_name, permissions)
+        analyzer = Analyze(source_path, package_name, permissions, ignore)
         source_report = analyzer.search_project_root()
 
         # Analyze and print results