Simplify and tidy up config

Tidy up model.

Relocation: drop all that webdav mumbo-jumbo, and for now relocation
is interpreted as Path, that if relative, is resolved from the
relocated configuration directory.

Author: cstamas

src/main/java/org/codehaus/plexus/components/secdispatcher/SecDispatcher.java

@@ -26,7 +26,7 @@ public interface SecDispatcher {
      * The default path of configuration.
      * <p>
      * The character {@code ~} (tilde) may be present as first character ONLY and is
-     * interpreted as "user home".
+     * interpreted as "user.home" system property, and it MUST be followed by path separator.
      */
     String DEFAULT_CONFIGURATION = "~/.m2/settings-security.xml";
 

src/main/java/org/codehaus/plexus/components/secdispatcher/internal/DefaultSecDispatcher.java

@@ -17,6 +17,7 @@
 import javax.inject.Named;
 import javax.inject.Singleton;
 
+import java.nio.file.Paths;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
@@ -170,7 +171,7 @@ private boolean isEncryptedString(String str) {
     private SettingsSecurity getConfiguration(boolean mandatory) throws SecDispatcherException {
         String location = System.getProperty(SYSTEM_PROPERTY_CONFIGURATION_LOCATION, getConfigurationFile());
         location = location.charAt(0) == '~' ? System.getProperty("user.home") + location.substring(1) : location;
-        SettingsSecurity sec = SecUtil.read(location, true);
+        SettingsSecurity sec = SecUtil.read(Paths.get(location), true);
         if (mandatory && sec == null)
             throw new SecDispatcherException("Please check that configuration file on path " + location + " exists");
 

src/main/java/org/codehaus/plexus/components/secdispatcher/internal/SecUtil.java

@@ -17,11 +17,11 @@
 
 import java.io.IOException;
 import java.io.InputStream;
-import java.net.URL;
 import java.nio.file.Files;
 import java.nio.file.NoSuchFileException;
-import java.nio.file.Paths;
+import java.nio.file.Path;
 import java.util.HashMap;
+import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Map;
 
@@ -40,21 +40,36 @@
  * @version $Id$
  *
  */
-public class SecUtil {
+public final class SecUtil {
+    private SecUtil() {}
 
-    public static final String PROTOCOL_DELIM = "://";
-    public static final int PROTOCOL_DELIM_LEN = PROTOCOL_DELIM.length();
-    public static final String[] URL_PROTOCOLS =
-            new String[] {"http", "https", "dav", "file", "davs", "webdav", "webdavs", "dav+http", "dav+https"};
+    private static final int MAX_RELOCATIONS = 5;
 
-    public static SettingsSecurity read(String location, boolean cycle) throws SecDispatcherException {
-        if (location == null) throw new SecDispatcherException("location to read from is null");
+    /**
+     * Reads the configuration model up, optionally resolving relocation too.
+     */
+    public static SettingsSecurity read(Path configurationFile, boolean followRelocation)
+            throws SecDispatcherException {
+        requireNonNull(configurationFile, "configurationFile must not be null");
+        LinkedHashSet<Path> paths = new LinkedHashSet<>();
+        return read(paths, configurationFile, followRelocation);
+    }
+
+    private static SettingsSecurity read(LinkedHashSet<Path> paths, Path configurationFile, boolean follow)
+            throws SecDispatcherException {
+        if (!paths.add(configurationFile)) {
+            throw new SecDispatcherException("Configuration relocation form a cycle: " + paths);
+        }
+        if (paths.size() > MAX_RELOCATIONS) {
+            throw new SecDispatcherException("Configuration relocation is too deep: " + paths);
+        }
         SettingsSecurity sec;
         try {
-            try (InputStream in = toStream(location)) {
+            try (InputStream in = Files.newInputStream(configurationFile)) {
                 sec = new SecurityConfigurationStaxReader().read(in);
             }
-            if (cycle && sec.getRelocation() != null) return read(sec.getRelocation(), true);
+            if (follow && sec.getRelocation() != null)
+                return read(paths, configurationFile.getParent().resolve(sec.getRelocation()), true);
             return sec;
         } catch (NoSuchFileException e) {
             return null;
@@ -65,21 +80,6 @@ public static SettingsSecurity read(String location, boolean cycle) throws SecDi
         }
     }
 
-    private static InputStream toStream(String resource) throws IOException {
-        requireNonNull(resource, "resource is null");
-        int ind = resource.indexOf(PROTOCOL_DELIM);
-        if (ind > 1) {
-            String protocol = resource.substring(0, ind);
-            resource = resource.substring(ind + PROTOCOL_DELIM_LEN);
-            for (String p : URL_PROTOCOLS) {
-                if (protocol.regionMatches(true, 0, p, 0, p.length())) {
-                    return new URL(p + PROTOCOL_DELIM + resource).openStream();
-                }
-            }
-        }
-        return Files.newInputStream(Paths.get(resource));
-    }
-
     public static Map<String, String> getConfig(SettingsSecurity sec, String name) {
         if (sec != null && name != null) {
             List<Config> cl = sec.getConfigurations();

src/main/mdo/settings-security.mdo

@@ -19,91 +19,80 @@
   xml.schemaLocation="https://codehaus-plexus.github.io/xsd/plexus-sec-dispatcher-${version}.xsd">
 
   <id>settings-security</id>
-  
   <name>SecurityConfiguration</name>
   <description>SecurityConfiguration</description>
-  
+
   <defaults>
     <default>
       <key>package</key>
       <value>org.codehaus.plexus.components.secdispatcher.model</value>
     </default>
   </defaults>
-  
-  <classes>
 
+  <classes>
     <class rootElement="true">
       <name>SettingsSecurity</name>
       <version>1.0.0+</version>
       <fields>
-
         <field>
           <name>master</name>
           <version>1.0.0/2.1.0</version>
           <type>String</type>
           <description>encrypted master password</description>
         </field>
-
         <field>
           <name>modelVersion</name>
           <version>3.0.0+</version>
           <type>String</type>
           <required>true</required>
           <description>The version of the model</description>
         </field>
-
         <field>
           <name>masterSource</name>
           <version>3.0.0+</version>
           <type>String</type>
           <required>true</required>
-          <description>The URI describing the source of the master password</description>
+          <description>The masterSource describes the source of the master password</description>
         </field>
-
         <field>
           <name>masterCipher</name>
           <version>3.0.0+</version>
           <type>String</type>
           <required>true</required>
-          <description>The Cipher to be used</description>
+          <description>The Cipher to be used for master password</description>
         </field>
-
         <field>
           <name>relocation</name>
           <version>1.0.0+</version>
           <type>String</type>
           <required>false</required>
-          <description>reference to the location of the security file</description>
+          <description>Relocates configuration to given reference. Reference if relative, will be resolved from the relocated configuration directory</description>
         </field>
-
         <field>
           <name>configurations</name>
           <version>1.0.0+</version>
-          <description>named configurations</description>
+          <description>Optional named Dispatcher configurations</description>
           <required>false</required>
           <association>
             <type>Config</type>
             <multiplicity>*</multiplicity>
           </association>
         </field>
-
       </fields>
     </class>
 
     <class>
       <name>Config</name>
       <version>1.0.0+</version>
-      <description>Named configuration</description>
+      <description>Named Dispatcher configuration</description>
       <fields>
-      
         <field>
           <name>name</name>
           <type>String</type>
           <required>true</required>
           <version>1.0.0+</version>
-          <description>name of this configuration</description>
+          <description>Name of Dispatcher configuration is meant for</description>
         </field>
-
         <field>
           <name>properties</name>
           <version>1.0.0+</version>
@@ -113,35 +102,28 @@
             <multiplicity>*</multiplicity>
           </association>
         </field>
-        
       </fields>
     </class>
-
     <class>
       <name>ConfigProperty</name>
       <version>1.0.0+</version>
       <description>generic property - name/value pair</description>
-      
       <fields>
-      
         <field>
           <name>name</name>
           <type>String</type>
           <required>true</required>
           <version>1.0.0+</version>
           <description>name of this property</description>
         </field>
-
         <field>
           <name>value</name>
           <type>String</type>
           <required>true</required>
           <version>1.0.0+</version>
           <description>value of this property</description>
         </field>
-        
       </fields>
     </class>
-
   </classes>
 </model>

src/test/java/org/codehaus/plexus/components/secdispatcher/internal/SecUtilTest.java

@@ -15,9 +15,11 @@
 
 import java.io.OutputStream;
 import java.nio.file.Files;
+import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.Map;
 
+import org.codehaus.plexus.components.secdispatcher.SecDispatcherException;
 import org.codehaus.plexus.components.secdispatcher.model.Config;
 import org.codehaus.plexus.components.secdispatcher.model.ConfigProperty;
 import org.codehaus.plexus.components.secdispatcher.model.SettingsSecurity;
@@ -27,6 +29,8 @@
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  *
@@ -41,6 +45,10 @@ public class SecUtilTest {
     String _propVal = "pval";
 
     private void saveSec(String masterSource) throws Exception {
+        saveSec("./target/sec1.xml", masterSource);
+    }
+
+    private void saveSec(String path, String masterSource) throws Exception {
         SettingsSecurity sec = new SettingsSecurity();
 
         sec.setRelocation(null);
@@ -56,7 +64,7 @@ private void saveSec(String masterSource) throws Exception {
 
         sec.addConfiguration(conf);
 
-        try (OutputStream fos = Files.newOutputStream(Paths.get("./target/sec1.xml"))) {
+        try (OutputStream fos = Files.newOutputStream(Paths.get(path))) {
             new SecurityConfigurationStaxWriter().write(fos, sec);
         }
     }
@@ -65,7 +73,7 @@ private void saveSec(String masterSource) throws Exception {
     public void prepare() throws Exception {
         System.setProperty(DefaultSecDispatcher.SYSTEM_PROPERTY_CONFIGURATION_LOCATION, "./target/sec.xml");
         SettingsSecurity sec = new SettingsSecurity();
-        sec.setRelocation("./target/sec1.xml");
+        sec.setRelocation("sec1.xml");
         try (OutputStream fos = Files.newOutputStream(Paths.get("./target/sec.xml"))) {
             new SecurityConfigurationStaxWriter().write(fos, sec);
         }
@@ -74,12 +82,42 @@ public void prepare() throws Exception {
 
     @Test
     void testReadWithRelocation() throws Exception {
-        SettingsSecurity sec = SecUtil.read("./target/sec.xml", true);
+        SettingsSecurity sec = SecUtil.read(Paths.get("./target/sec.xml"), true);
         assertNotNull(sec);
         assertEquals("magic:mighty", sec.getMasterSource());
         Map<String, String> conf = SecUtil.getConfig(sec, _confName);
         assertNotNull(conf);
         assertNotNull(conf.get(_propName));
         assertEquals(_propVal, conf.get(_propName));
     }
+
+    @Test
+    void testReadWithRelocationCycleSelf() throws Exception {
+        Path sec1 = Paths.get("./target/sec-cycle-1.xml");
+        SettingsSecurity s1 = new SettingsSecurity();
+        s1.setRelocation("sec-cycle-1.xml");
+        try (OutputStream fos = Files.newOutputStream(sec1)) {
+            new SecurityConfigurationStaxWriter().write(fos, s1);
+        }
+        SecDispatcherException ex = assertThrows(SecDispatcherException.class, () -> SecUtil.read(sec1, true));
+        assertTrue(ex.getMessage().contains("cycle"));
+    }
+
+    @Test
+    void testReadWithRelocationCycle() throws Exception {
+        Path sec1 = Paths.get("./target/sec-cycle-1.xml");
+        Path sec2 = Paths.get("./target/sec-cycle-2.xml");
+        SettingsSecurity s1 = new SettingsSecurity();
+        s1.setRelocation("sec-cycle-2.xml");
+        try (OutputStream fos = Files.newOutputStream(sec1)) {
+            new SecurityConfigurationStaxWriter().write(fos, s1);
+        }
+        SettingsSecurity s2 = new SettingsSecurity();
+        s2.setRelocation("sec-cycle-1.xml");
+        try (OutputStream fos = Files.newOutputStream(sec1)) {
+            new SecurityConfigurationStaxWriter().write(fos, s2);
+        }
+        SecDispatcherException ex = assertThrows(SecDispatcherException.class, () -> SecUtil.read(sec1, true));
+        assertTrue(ex.getMessage().contains("cycle"));
+    }
 }