add guideline reading to GuidelineIO

Author: Conradowatz

src/main/java/de/rub/nds/scanner/core/guideline/GuidelineIO.java

@@ -9,19 +9,32 @@
 package de.rub.nds.scanner.core.guideline;
 
 import de.rub.nds.scanner.core.probe.AnalyzedProperty;
+import de.rub.nds.scanner.core.report.ScanReport;
 import de.rub.nds.scanner.core.util.JaxbSerializer;
 import jakarta.xml.bind.JAXBContext;
 import jakarta.xml.bind.JAXBException;
-import java.util.HashSet;
-import java.util.Set;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.JarURLConnection;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.*;
+import java.util.jar.JarEntry;
+import java.util.jar.JarFile;
+import java.util.stream.Stream;
+import javax.xml.stream.XMLStreamException;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.reflections.Reflections;
 import org.reflections.util.ClasspathHelper;
 import org.reflections.util.ConfigurationBuilder;
 import org.reflections.util.FilterBuilder;
 
-public final class GuidelineIO extends JaxbSerializer<Guideline<?>> {
+public final class GuidelineIO<ReportT extends ScanReport>
+        extends JaxbSerializer<Guideline<ReportT>> {
 
     private Logger LOGGER = LogManager.getLogger();
 
@@ -58,4 +71,70 @@ private JAXBContext getJAXBContext() throws JAXBException {
 
         return context;
     }
+
+    private static List<String> listXmlFiles(ClassLoader classLoader, String folder)
+            throws IOException, URISyntaxException {
+        List<String> xmlFilePaths = new ArrayList<>();
+        URL url = classLoader.getResource(folder);
+
+        if (url == null) {
+            throw new IOException("Folder not found: " + folder);
+        }
+
+        String protocol = url.getProtocol();
+
+        if ("file".equals(protocol)) {
+            // Development mode - reading directly from filesystem
+            Path path = Paths.get(url.toURI());
+            try (Stream<Path> paths = Files.list(path)) {
+                paths.filter(p -> p.toString().endsWith(".xml"))
+                        .forEach(p -> xmlFilePaths.add(folder + "/" + p.getFileName().toString()));
+            }
+        } else if ("jar".equals(protocol)) {
+            // Running from a jar
+            JarURLConnection jarConnection = (JarURLConnection) url.openConnection();
+            try (JarFile jarFile = jarConnection.getJarFile()) {
+                Enumeration<JarEntry> entries = jarFile.entries();
+                while (entries.hasMoreElements()) {
+                    JarEntry entry = entries.nextElement();
+                    String name = entry.getName();
+                    if (name.startsWith(folder + "/")
+                            && name.endsWith(".xml")
+                            && !entry.isDirectory()) {
+                        xmlFilePaths.add(name);
+                    }
+                }
+            }
+        } else {
+            throw new IOException("Unsupported protocol: " + protocol);
+        }
+
+        return xmlFilePaths;
+    }
+
+    public List<Guideline<ReportT>> readGuidelines(ClassLoader classLoader, String subFolder) {
+
+        LOGGER.debug("Loading guidelines from files...");
+
+        List<Guideline<ReportT>> guidelines = new ArrayList<>();
+
+        try {
+            // Get all files in guideline folder
+            List<String> xmlFilePaths = listXmlFiles(classLoader, subFolder);
+
+            for (String path : xmlFilePaths) {
+                try (InputStream input = classLoader.getResourceAsStream(path)) {
+                    if (input != null) {
+                        guidelines.add(read(input));
+                    }
+                }
+            }
+
+        } catch (XMLStreamException | IOException | JAXBException | URISyntaxException e) {
+            LOGGER.error("Error reading guideline reports", e);
+            return new ArrayList<>();
+        }
+
+        return guidelines;
+    }
 }

src/test/java/de/rub/nds/scanner/core/guideline/GuidelineIOTest.java

@@ -47,13 +47,13 @@ public AnalyzedPropertyCategory getCategory() {
 
     @Test
     void testConstructorWithAnalyzedPropertyClass() throws JAXBException {
-        GuidelineIO io = new GuidelineIO(TestAnalyzedProperty.class);
+        GuidelineIO<IOTestScanReport> io = new GuidelineIO<>(TestAnalyzedProperty.class);
         assertNotNull(io);
     }
 
     @Test
     void testWriteAndReadGuideline(@TempDir File tempDir) throws Exception {
-        GuidelineIO io = new GuidelineIO(TestAnalyzedProperty.class);
+        GuidelineIO<IOTestScanReport> io = new GuidelineIO<>(TestAnalyzedProperty.class);
 
         // Create a guideline
         Guideline<IOTestScanReport> guideline =
@@ -70,7 +70,7 @@ void testWriteAndReadGuideline(@TempDir File tempDir) throws Exception {
         assertTrue(file.exists());
 
         // Read back
-        Guideline<?> readGuideline = io.read(file);
+        Guideline<IOTestScanReport> readGuideline = io.read(file);
         assertNotNull(readGuideline);
         assertEquals("Test Guideline", readGuideline.getName());
         assertEquals("https://test.com", readGuideline.getLink());
@@ -79,7 +79,7 @@ void testWriteAndReadGuideline(@TempDir File tempDir) throws Exception {
 
     @Test
     void testWriteAndReadToStream() throws Exception {
-        GuidelineIO io = new GuidelineIO(TestAnalyzedProperty.class);
+        GuidelineIO<IOTestScanReport> io = new GuidelineIO<>(TestAnalyzedProperty.class);
 
         // Create a guideline
         Guideline<IOTestScanReport> guideline =
@@ -105,7 +105,7 @@ void testWriteAndReadToStream() throws Exception {
 
     @Test
     void testSerializationWithConditions() throws Exception {
-        GuidelineIO io = new GuidelineIO(TestAnalyzedProperty.class);
+        GuidelineIO<IOTestScanReport> io = new GuidelineIO<>(TestAnalyzedProperty.class);
 
         // Create guideline with condition
         TestAnalyzedProperty property = new TestAnalyzedProperty("TestProp");
@@ -125,15 +125,15 @@ void testSerializationWithConditions() throws Exception {
         io.write(baos, guideline);
 
         ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
-        Guideline<?> readGuideline = io.read(bais);
+        Guideline<IOTestScanReport> readGuideline = io.read(bais);
 
         assertNotNull(readGuideline);
         assertEquals(1, readGuideline.getChecks().size());
     }
 
     @Test
     void testEmptyGuideline() throws Exception {
-        GuidelineIO io = new GuidelineIO(TestAnalyzedProperty.class);
+        GuidelineIO<IOTestScanReport> io = new GuidelineIO<>(TestAnalyzedProperty.class);
 
         Guideline<IOTestScanReport> emptyGuideline =
                 new Guideline<>("Empty", "https://empty.test", Arrays.asList());
@@ -151,7 +151,7 @@ void testEmptyGuideline() throws Exception {
 
     @Test
     void testInvalidXmlInput() throws Exception {
-        GuidelineIO io = new GuidelineIO(TestAnalyzedProperty.class);
+        GuidelineIO<IOTestScanReport> io = new GuidelineIO<>(TestAnalyzedProperty.class);
 
         String invalidXml = "This is not valid XML";
         ByteArrayInputStream bais =
@@ -164,7 +164,7 @@ void testInvalidXmlInput() throws Exception {
     void testReflectionScanning() throws Exception {
         // This test verifies that the reflection scanning works
         // The GuidelineIO constructor should find IOTestGuidelineCheck via reflection
-        GuidelineIO io = new GuidelineIO(TestAnalyzedProperty.class);
+        GuidelineIO<IOTestScanReport> io = new GuidelineIO<>(TestAnalyzedProperty.class);
 
         // Create guideline with our test check
         Guideline<IOTestScanReport> guideline =