some cleanup

.idea/compiler.xml

@@ -8,6 +8,7 @@
         <sourceTestOutputDir name="target/generated-test-sources/test-annotations" />
         <outputRelativeToContentRoot value="true" />
         <module name="validationtool" />
+        <module name="validator" />
       </profile>
     </annotationProcessing>
   </component>

.idea/misc.xml

@@ -79,7 +79,7 @@
   <component name="NodePackageJsonFileManager">
     <packageJsonPaths />
   </component>
-  <component name="ProjectRootManager" version="2" languageLevel="JDK_1_6" project-jdk-name="11" project-jdk-type="JavaSDK">
+  <component name="ProjectRootManager" version="2" languageLevel="JDK_1_6" default="false" project-jdk-name="openjdk-14" project-jdk-type="JavaSDK">
     <output url="file://$PROJECT_DIR$/out" />
   </component>
   <component name="jetbrains.communicator.idea.IdProvider" IDEtalkID="4B2DA906C3A7DF4F7B6EA28093E19A3F" />

CHANGELOG.md

@@ -9,12 +9,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## next version (unreleased)
 
 ### Added
-
-- Support java.xml.transform.Source/java.xml.transform.StreamSource as Input
+- Added a builder style configuration API to configure scenarios
+- Added an option to configure xml security e.g. to load from http sources or not from a specific repository 
+(so loading is configurable less restrictive, default strategy is to only load from a local repository)
+- Support java.xml.transform.Source as Input
 
 ### Changed
-
 - Inputs are NOT read into memory (e.g. Byte-Array) prior processing within the validator. This reduces memory consumption.
+- CheckConfiguration is deprecated now. Use Configuration.load(...) or Configuration.build(...)
+- Overall processing of xml files is based on Saxon s9api. No JAXP or SAX classes are used by 
+the validator (this further improves performance and memory consumption)
+- 
 
 ## UNRELEASED
 ### Fixed

docs/api.md

@@ -56,7 +56,7 @@ public class StandardExample {
         // Load scenarios.xml from classpath
         URL scenarios = this.getClass().getClassLoader().getResource("scenarios.xml");
         // Load the rest of the specific Validator configuration from classpath
-        CheckConfiguration config = new CheckConfiguration(scenarios.toURI());
+        Configuration config = Configuration.load(scenarios.toURI());
         // Use the default validation procedure
         Check validator = new DefaultCheck(config);
         // Validate a single document

src/main/java/de/kosit/validationtool/api/AcceptRecommendation.java

@@ -1,21 +1,22 @@
 package de.kosit.validationtool.api;
 
 /**
- * Tri-state describtion of a Recommendation.
+ * Tri-state recommendation whether to accept the {@link Input} or not.
  */
 public enum AcceptRecommendation {
+
     /**
      * The evaluation of the overall validation could not be computed.
      */
     UNDEFINED,
 
     /**
-     * Recommendation is to accept input based on the evaluation of the overall validation.
+     * Recommendation is to accept {@link Input} based on the evaluation of the overall validation.
      */
     ACCEPTABLE,
 
     /**
-     * Recommendation is to reject input based on the evaluation of the overall validation.
+     * Recommendation is to reject {@link Input}  based on the evaluation of the overall validation.
      */
     REJECT
 }

src/main/java/de/kosit/validationtool/api/Configuration.java

@@ -18,7 +18,7 @@ import de.kosit.validationtool.impl.Scenario;
  * <li>Using a builder style api {@link de.kosit.validationtool.config.ConfigurationBuilder}to configure the
  * {@link Check}</li>
  * </ol>
- * 
+ * <p>
  * Both methods can be used via convinience methods. See below.
  *
  * @author Andreas Penski
@@ -61,6 +61,12 @@ public interface Configuration {
      */
     String getDate();
 
+    /**
+     * Add some additional parameters to the validator configuration. Parameter usage depends on actual implementation of
+     * {@link Check}
+     *
+     * @return
+     */
     Map<String, Object> getAdditionalParameters();
 
     /**

src/main/java/de/kosit/validationtool/api/ResolvingConfigurationStrategy.java

@@ -10,12 +10,15 @@ import javax.xml.validation.Validator;
 import net.sf.saxon.s9api.Processor;
 
 /**
- * Centralized construction and configuration of XML related infrastructore components. The KoSIT Validator provides out
- * of the box implementaions with various security levels.
+ * Centralized construction and configuration of XML related infrastructure components. This interface allows to use
+ * custom implementations and configurations of internal xml related factories and objects.
+ * 
+ * The KoSIT Validator provides out of the box implementations with various security levels based on openjdk SAX stack.
  * 
  * If you decide to implement a custom strategy, please be aware of XML security within your stack. The validator
  * components beyond this strategy asume secured implementation of the interfaces provided by this strategy. There is no
- * effort to mitigate or prevent xml related security issues such as XXE, loading external sources etc.
+ * effort to mitigate or prevent xml related security issues such as XXE, loading external sources etc. Your would be
+ * responsible for this!
  * 
  * @see de.kosit.validationtool.impl.ResolvingMode
  * @author Andreas Penski
@@ -35,12 +38,14 @@ public interface ResolvingConfigurationStrategy {
      * leverages the saxon s9api for internal processing e.g. xml reading and writing. So this is the main object to secure
      * for reading, transforming and writing xml files.
      * 
+     * Note: you need exactly one instance for all validator related processing.
+     * 
      * @return a preconfigured {@link Processor}
      */
     Processor getProcessor();
 
     /**
-     * Creates a specific implementation for resolving referenced objects in XML files. The URIResolver, it is used for
+     * Creates a specific implementation for resolving referenced objects in XML files. The URIResolver is used for
      * dereferencing an absolute URI (after resolution) to return a {@link javax.xml.transform.Source}. It <b>can</b> be
      * used for resolving relative URIs against a base URI or restrict access to certain URIs.
      * <p>
@@ -48,6 +53,7 @@ public interface ResolvingConfigurationStrategy {
      * <code>xsl:import-schema</code> declarations.
      * </p>
      * 
+     * @param scenarioRepository an optional repository, your implementation might not need this
      * @return a preconfigured {@link URIResolver}
      */
     URIResolver createResolver(URI scenarioRepository);

src/main/java/de/kosit/validationtool/cmd/CommandLineApplication.java

@@ -29,6 +29,7 @@ import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.stream.Collectors;
+import java.util.stream.StreamSupport;
 
 import org.apache.commons.cli.CommandLine;
 import org.apache.commons.cli.CommandLineParser;

src/main/java/de/kosit/validationtool/config/ConfigurationBuilder.java

@@ -64,12 +64,17 @@ public class ConfigurationBuilder {
 
     private String description;
 
+    /**
+     * Add a specific author name to this configuration.
+     * 
+     * @param authorName the name of the author
+     * @return this
+     */
     public ConfigurationBuilder author(final String authorName) {
         this.author = authorName;
         return this;
     }
 
-
     public ConfigurationBuilder name(final String name) {
         this.name = name;
         return this;
@@ -135,6 +140,12 @@ public class ConfigurationBuilder {
         throw new NotImplementedException("Not yet defined");
     }
 
+    /**
+     * Create a named schematron configuration.
+     * 
+     * @param name the name of the schematron configuration
+     * @return new {@link SchemaBuilder}
+     */
     public static SchematronBuilder schematron(final String name) {
         return new SchematronBuilder().name(name);
     }

src/main/java/de/kosit/validationtool/config/ConfigurationLoader.java

@@ -175,11 +175,27 @@ public class ConfigurationLoader {
         return s;
     }
 
+    /**
+     * Sets actual {@link ResolvingMode}, when the validator needs to resolve stuff on startup.
+     * @param mode the resolving mode
+     * @return this
+     */
     public ConfigurationLoader setResolvingMode(final ResolvingMode mode) {
         this.resolvingMode = mode;
         return this;
     }
 
+    public ConfigurationLoader setResolvingStrategy(final ResolvingConfigurationStrategy strategy){
+        this.resolvingConfigurationStrategy = strategy;
+        return this;
+    }
+
+    /**
+     * Add a parameter to the configuration.
+     * @param name the name of the parameter
+     * @param value the parameter value object
+     * @return this
+     */
     public ConfigurationLoader addParameter(final String name, final Object value) {
         this.parameters.put(name, value);
         return this;

src/main/java/de/kosit/validationtool/config/FallbackBuilder.java

@@ -13,6 +13,8 @@ import de.kosit.validationtool.model.scenarios.CreateReportType;
 import de.kosit.validationtool.model.scenarios.ScenarioType;
 
 /**
+ * Create a fallback {@link Scenario} configuration.
+ * 
  * @author Andreas Penski
  */
 public class FallbackBuilder implements Builder<Scenario> {

src/main/java/de/kosit/validationtool/config/XPathBuilder.java

@@ -72,7 +72,7 @@ class XPathBuilder implements Builder<XPathExecutable> {
                 extractNamespaces();
             }
         } catch (final IllegalStateException e) {
-            final String msg = String.format("Error creating %s xpath", this.name, e);
+            final String msg = String.format("Error creating %s xpath: %s", this.name, e.getMessage());
             log.error(msg, e);
             return new Result<>(Collections.singletonList(msg));
 

src/main/java/de/kosit/validationtool/impl/EngineInformation.java

@@ -1,5 +1,7 @@
 package de.kosit.validationtool.impl;
 
+import lombok.SneakyThrows;
+
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.Properties;
@@ -65,6 +67,10 @@ public class EngineInformation {
         return getFrameworkVersion().substring(0, 1);
     }
 
+    public static String getBuild() {
+        return PROPERTIES.getProperty("build_number");
+    }
+
     /**
      * Gibt den Namespace des eingesetzten Frameworks zurück.
      * 

src/main/java/de/kosit/validationtool/impl/tasks/ComputeAcceptanceAction.java

@@ -60,7 +60,7 @@ public class ComputeAcceptanceAction implements CheckAction {
         } catch (final SaxonApiException e) {
             final String msg = String.format("Error evaluating accept recommendation: %s", selector.getUnderlyingXPathContext().toString());
             log.error(msg, e);
-            results.addProcessingError(msg);
+            results.stopProcessing(msg);
         }
     }
 

src/main/java/de/kosit/validationtool/impl/tasks/CreateReportAction.java

@@ -28,6 +28,7 @@ import javax.xml.bind.Marshaller;
 import javax.xml.bind.util.JAXBSource;
 import javax.xml.transform.URIResolver;
 
+import lombok.extern.slf4j.Slf4j;
 import org.xml.sax.ContentHandler;
 import org.xml.sax.DTDHandler;
 import org.xml.sax.EntityResolver;
@@ -64,6 +65,7 @@ import net.sf.saxon.s9api.XsltTransformer;
  * @author Andreas Penski
  */
 @RequiredArgsConstructor
+@Slf4j
 public class CreateReportAction implements CheckAction {
 
     /**
@@ -206,7 +208,8 @@ public class CreateReportAction implements CheckAction {
             results.setReport(destination.getXdmNode());
 
         } catch (final SaxonApiException | SAXException | JAXBException e) {
-            throw new IllegalStateException("Can not create final report", e);
+            log.error("Error creating final report", e);
+            results.stopProcessing("Can not create final report: " + e.getMessage());
         }
     }
 

src/main/java/de/kosit/validationtool/impl/xml/RelativeUriResolver.java

@@ -94,16 +94,5 @@ public class RelativeUriResolver implements URIResolver {
     }
 
 
-    public Reader resolve(final URI absoluteURI, final String encoding, final Configuration config) throws XPathException {
-        if (isUnderBaseUri(absoluteURI)) {
-            try {
-                return new InputStreamReader(absoluteURI.toURL().openStream(), encoding);
-            } catch (final IOException e) {
-                throw new IllegalStateException(String.format("Can not resolve required  %s", absoluteURI), e);
-            }
-        } else {
-            throw new IllegalStateException(String.format(
-                    "The resolved transformation artifact %s is not within the configured repository %s", absoluteURI, this.baseUri));
-        }
-    }
+
 }

src/main/java/de/kosit/validationtool/impl/xml/RemoteResolvingStrategy.java

@@ -0,0 +1,7 @@
+package de.kosit.validationtool.impl.xml;
+
+public class RemoteResolvingStrategy extends StrictLocalResolvingStrategy {
+
+
+
+}

src/main/java/de/kosit/validationtool/impl/xml/StrictLocalResolvingStrategy.java

@@ -10,7 +10,9 @@ import javax.xml.validation.Validator;
 import lombok.extern.slf4j.Slf4j;
 
 /**
- * 
+ * This is a slightly more open implementation that allows resolving artifacts from local filesystems. Your are not
+ * bound to a specific 'repository'. But your validation artifacts (schema, xsl, etc.) must be available locally. This
+ * implementation does not allow loading from http sources
  * 
  * @author Andreas Penski
  */
@@ -18,16 +20,23 @@ import lombok.extern.slf4j.Slf4j;
 public class StrictLocalResolvingStrategy extends StrictRelativeResolvingStrategy {
 
     /**
-     * e.g. don't allow any scheme
+     * Allow loading schema files from any local location.
+     * 
+     * @return a configured {@link SchemaFactory}
      */
-
     @Override
     public SchemaFactory createSchemaFactory() {
         final SchemaFactory schemaFactory = super.createSchemaFactory();
-        allowExternalSchema(schemaFactory, "file", "jar");
+        allowExternalSchema(schemaFactory, "file");
         return schemaFactory;
     }
 
+    /**
+     * The default resolver is able to resolve locally and relative.
+     * 
+     * @param repository the repository is not used by this strategy
+     * @return null!
+     */
     @Override
     public URIResolver createResolver(final URI repository) {
         // intentionally return 'null', since all resolving is configured with the other objects
@@ -37,7 +46,7 @@ public class StrictLocalResolvingStrategy extends StrictRelativeResolvingStrateg
     @Override
     public Validator createValidator(final Schema schema) {
         final Validator validator = super.createValidator(schema);
-        allowExternalSchema(validator, "file", "jar");
+        allowExternalSchema(validator, "file");
         return validator;
     }
 

src/main/java/de/kosit/validationtool/impl/xml/StrictRelativeResolvingStrategy.java

@@ -95,6 +95,7 @@ public class StrictRelativeResolvingStrategy extends BaseResolvingStrategy {
         processor.setConfigurationProperty(FeatureKeys.XML_PARSER_FEATURE + encode(FEATURE_SECURE_PROCESSING), true);
         processor.setConfigurationProperty(FeatureKeys.XML_PARSER_FEATURE + encode(DISSALLOW_DOCTYPE_DECL_FEATURE), true);
         processor.setConfigurationProperty(FeatureKeys.XML_PARSER_FEATURE + encode(LOAD_EXTERNAL_DTD_FEATURE), false);
+        processor.setConfigurationProperty(FeatureKeys.XML_PARSER_FEATURE + encode(XMLConstants.ACCESS_EXTERNAL_DTD), false);
         return processor;
     }
 

src/main/model/xsd/daemon.xsd

@@ -16,7 +16,6 @@
     <complexType name="HealthType">
         <sequence>
             <element name="status">
-
                 <simpleType>
                     <restriction base="string">
                         <enumeration value="UP"></enumeration>

src/test/java/de/kosit/validationtool/impl/tasks/CreateReportActionTest.java

@@ -38,8 +38,6 @@ public class CreateReportActionTest {
 
     private ContentRepository repository;
 
-    @Rule
-    public ExpectedException expectedException = ExpectedException.none();
 
     @Before
     public void setup() {
@@ -72,15 +70,15 @@ public class CreateReportActionTest {
 
     @Test
     public void testExecutionException() throws SaxonApiException {
-        this.expectedException.expect(IllegalStateException.class);
-        this.expectedException.expectMessage(Matchers.containsString("Can not create final report"));
         final Processor p = mock(Processor.class);
         final DocumentBuilder documentBuilder = mock(DocumentBuilder.class);
         this.action = new CreateReportAction(p, new ConversionService(), null);
 
         when(p.newDocumentBuilder()).thenReturn(documentBuilder);
         when(documentBuilder.build(any(Source.class))).thenThrow(new SaxonApiException("mocked"));
-        this.action.check(TestBagBuilder.createBag(InputFactory.read(Simple.SIMPLE_VALID), true));
+        final Bag bag = TestBagBuilder.createBag(InputFactory.read(Simple.SIMPLE_VALID), true);
+        this.action.check(bag);
+        assertThat(bag.isStopped()).isTrue();
 
     }
 }

src/test/resources/examples/simple/assertions.xml

@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Licensed to the Koordinierungsstelle für IT-Standards (KoSIT) under
+  ~ one or more contributor license agreements. See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership.  KoSIT licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License. You may obtain a copy of the License at
+  ~
+  ~ http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied. See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  -->
+
+<assertions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+            xmlns="http://www.xoev.de/de/validator/framework/1/assertions"
+            xsi:schemaLocation="http://www.xoev.de/de/validator/framework/1/assertions file:/C:/fb/svn/xoev/produkte/prueftool/trunk/xsd/assertions.xsd">
+
+    <namespace prefix="rep">http://www.xoev.de/de/validator/varl/1</namespace>
+
+    <assertion report-doc="ubl-0001.xml" test="/rep:report/rep:scenarioMatched/rep:validationStepResult/@id = 'xsd'">
+        Schema wurde validiert
+    </assertion>
+
+
+
+</assertions>