diff --git a/src/main/java/de/tum/cit/ase/ares/api/architecture/java/wala/JavaWalaSecurityTestCaseCollection.java b/src/main/java/de/tum/cit/ase/ares/api/architecture/java/wala/JavaWalaSecurityTestCaseCollection.java index 58941646..ee4cc0cd 100644 --- a/src/main/java/de/tum/cit/ase/ares/api/architecture/java/wala/JavaWalaSecurityTestCaseCollection.java +++ b/src/main/java/de/tum/cit/ase/ares/api/architecture/java/wala/JavaWalaSecurityTestCaseCollection.java @@ -4,9 +4,6 @@ import com.ibm.wala.ipa.callgraph.CGNode; import com.ibm.wala.ipa.callgraph.CallGraph; import com.ibm.wala.shrike.shrikeCT.InvalidClassFileException; -import com.ibm.wala.ssa.IR; -import com.ibm.wala.ssa.SSAInstruction; -import com.ibm.wala.ssa.SymbolTable; import com.tngtech.archunit.core.domain.JavaClasses; import de.tum.cit.ase.ares.api.architecture.java.FileHandlerConstants; import de.tum.cit.ase.ares.api.architecture.java.archunit.JavaArchUnitTestCaseCollection; @@ -64,16 +61,14 @@ private static void createNoClassShouldHaveMethodRule( return; } try { - String sb = "'" + ruleName + "'\r\n" + - "Method <" + - reachableNodes.getLast().getMethod().getSignature() + - "> calls method <" + - reachableNodes.get(reachableNodes.size() - 2).getMethod().getSignature() + - "> in (" + reachableNodes.getLast().getMethod().getDeclaringClass().getName().getClassName().toString() + ".java:" + reachableNodes.getLast().getMethod().getSourcePosition(0).getFirstLine() + - ") accesses <" + - reachableNodes.getFirst().getMethod().getSignature(); - - throw new AssertionError(sb); + throw new AssertionError(localize("security.architecture.method.call.message", + ruleName, + reachableNodes.getLast().getMethod().getSignature(), + reachableNodes.get(reachableNodes.size() - 2).getMethod().getSignature(), + reachableNodes.getLast().getMethod().getDeclaringClass().getName().getClassName().toString(), + reachableNodes.getLast().getMethod().getSourcePosition(0).getFirstLine(), + reachableNodes.getFirst().getMethod().getSignature() + )); } catch (InvalidClassFileException e) { throw new SecurityException(localize("security.architecture.invalid.class.file")); } diff --git a/src/main/resources/de/tum/cit/ase/ares/api/localization/messages.properties b/src/main/resources/de/tum/cit/ase/ares/api/localization/messages.properties index 8769efc2..5c3df0b5 100644 --- a/src/main/resources/de/tum/cit/ase/ares/api/localization/messages.properties +++ b/src/main/resources/de/tum/cit/ase/ares/api/localization/messages.properties @@ -79,6 +79,7 @@ security.architecture.manipulate.threads=Manipulates threads security.architecture.package.import=Imports forbidden packages security.architecture.serialize=Serializes objects security.architecture.class.loading=Manipulates the loading of classes +security.architecture.method.call.message=%s\r\nMethod <%s> calls method <%s> in (%s.java:%d) accesses <%s> # Ares Code Creation security.settings.error=Security configuration error: The class for the specific security test case settings could not be found. Ensure the class name is correct and the class is available at runtime. diff --git a/src/main/resources/de/tum/cit/ase/ares/api/localization/messages_de.properties b/src/main/resources/de/tum/cit/ase/ares/api/localization/messages_de.properties index 8af805e1..7d059704 100644 --- a/src/main/resources/de/tum/cit/ase/ares/api/localization/messages_de.properties +++ b/src/main/resources/de/tum/cit/ase/ares/api/localization/messages_de.properties @@ -79,6 +79,7 @@ security.architecture.manipulate.threads=Manipuliert Threads security.architecture.package.import=Importiert verbotene Pakete security.architecture.serialize=Serialisiert Objekte security.architecture.class.loading=Manipuliert das Laden von Klassen +security.architecture.method.call.message='%s'\r\nMethode <%s> ruft Methode <%s> in (%s.java:%d) auf und greift auf <%s> zu # Ares Code Creation security.settings.error=Sicherheitskonfigurationsfehler: Die Klasse für die spezifischen Sicherheitstestfalleinstellungen konnte nicht gefunden werden. Stellen Sie sicher, dass der Klassenname korrekt ist und die Klasse zur Laufzeit verfügbar ist.