Added SpdxPackageVerificationCode class with the excluded files list

Updated spreadsheet with the the new verification code and updated the
spreadsheet format
Renamed Unverified License tab -> Extracted Lic Info

Test/org/spdx/rdfparser/TestPackageInfoSheet.java

@@ -1,3 +1,19 @@
+/**
+ * Copyright (c) 2011 Source Auditor Inc.
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+*/
 package org.spdx.rdfparser;
 
 import static org.junit.Assert.*;
@@ -64,15 +80,17 @@ public void testAddAndGet() throws SpreadsheetException {
 		testLicenses2[1] = new SPDXNonStandardLicense("License4", "License 4 text");
 		SPDXLicenseInfo testLicense2 = new SPDXConjunctiveLicenseSet(testLicenses2);
 		SPDXLicenseInfo[] testLicenseInfos = new SPDXLicenseInfo[] {new SPDXNoneLicense()};
+		SpdxPackageVerificationCode testVerification = new SpdxPackageVerificationCode("value",
+				new String[] {"skippedfil1", "skippedfile2"});
 //		String lic2String = PackageInfoSheet.licensesToString(testLicenses2);
 		SPDXPackageInfo pkgInfo1 = new SPDXPackageInfo("decname1", "machinename1", 
 				"sha1-1", "sourceinfo1", testLicense1,
 				testLicense2, testLicenseInfos, "license comments", "dec-copyright1",
-				"short desc1", "desc1", "http://url1", "filechecksum1");
+				"short desc1", "desc1", "http://url1", testVerification);
 		SPDXPackageInfo pkgInfo2 = new SPDXPackageInfo("decname1", "machinename1", 
 				"sha1-1", "sourceinfo1", testLicense1,
 				testLicense2, testLicenseInfos, "licensecomments2", "dec-copyright1",
-				"short desc1", "desc1", "http://url1", "filechecksum1");
+				"short desc1", "desc1", "http://url1", testVerification);
 		Workbook wb = new HSSFWorkbook();
 		PackageInfoSheet.create(wb, "Package Info");
 		PackageInfoSheet pkgInfoSheet = new PackageInfoSheet(wb, "Package Info", OriginsSheet.CURRENT_VERSION);
@@ -95,7 +113,7 @@ private void comparePkgInfo(SPDXPackageInfo pkgInfo1,
 		assertEquals(pkgInfo1.getConcludedLicense(), pkgInfo2.getConcludedLicense());
 		assertEquals(pkgInfo1.getDeclaredName(), pkgInfo2.getDeclaredName());
 		assertEquals(pkgInfo1.getDescription(), pkgInfo2.getDescription());
-		assertEquals(pkgInfo1.getFileChecksum(), pkgInfo2.getFileChecksum());
+		assertEquals(pkgInfo1.getPackageVerification().getValue(), pkgInfo2.getPackageVerification().getValue());
 		assertEquals(pkgInfo1.getFileName(), pkgInfo2.getFileName());
 		assertEquals(pkgInfo1.getSha1(), pkgInfo2.getSha1());
 		assertEquals(pkgInfo1.getShortDescription(), pkgInfo2.getShortDescription());
@@ -104,6 +122,14 @@ private void comparePkgInfo(SPDXPackageInfo pkgInfo1,
 		if (!compareLicenses(pkgInfo1.getLicensesFromFiles(), pkgInfo2.getLicensesFromFiles())) {
 			fail("license infos not equal");
 		}
+		assertEquals(pkgInfo1.getPackageVerification().getValue(),
+				pkgInfo2.getPackageVerification().getValue());
+		assertEquals(pkgInfo1.getPackageVerification().getExcludedFileNames().length,
+				pkgInfo2.getPackageVerification().getExcludedFileNames().length);
+		for (int i = 0; i < pkgInfo1.getPackageVerification().getExcludedFileNames().length; i++) {
+			assertEquals(pkgInfo1.getPackageVerification().getExcludedFileNames()[i], 
+					pkgInfo2.getPackageVerification().getExcludedFileNames()[i]);
+		}
 	}
 
 	/**

Test/org/spdx/rdfparser/TestPerFileSheet.java

@@ -1,27 +1,19 @@
 /**
  * Copyright (c) 2011 Source Auditor Inc.
-* Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote products
- *    derived from this software without specific prior written permission.
  *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+*/
 package org.spdx.rdfparser;
 
 import static org.junit.Assert.*;

Test/org/spdx/rdfparser/TestSPDXDocument.java

@@ -1,27 +1,19 @@
 /**
  * Copyright (c) 2011 Source Auditor Inc.
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote products
- *    derived from this software without specific prior written permission.
  *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+*/
 package org.spdx.rdfparser;
 
 import static org.junit.Assert.*;
@@ -276,7 +268,10 @@ public void testGetSpdxPackage() throws InvalidSPDXAnalysisException, IOExceptio
 		pkg.setSha1("0123456789abcdef0123456789abcdef01234567");
 		pkg.setShortDescription("Short description");
 		pkg.setSourceInfo("Source info");
-		pkg.setVerificationCode("0123456789abcdef0123456789abcdef01234567");
+		String[] skippedFiles = new String[] {"skipped1", "skipped2"};
+		pkg.setVerificationCode(
+				new SpdxPackageVerificationCode("0123456789abcdef0123456789abcdef01234567",
+						skippedFiles));
 		verify = pkg.verify();
 		assertEquals(0, verify.size());
 	}
@@ -440,7 +435,10 @@ public void testVerify() throws InvalidSPDXAnalysisException, IOException {
 		pkg.setSha1("0123456789abcdef0123456789abcdef01234567");
 		pkg.setShortDescription("Short description");
 		pkg.setSourceInfo("Source info");
-		pkg.setVerificationCode("0123456789abcdef0123456789abcdef01234567");
+		String[] skippedFiles = new String[] {"skipped1", "skipped2"};
+		pkg.setVerificationCode(
+				new SpdxPackageVerificationCode("0123456789abcdef0123456789abcdef01234567",
+						skippedFiles));
 		verify = pkg.verify();
 		assertEquals(0, verify.size());
 		DateFormat format = new SimpleDateFormat(SpdxRdfConstants.SPDX_DATE_FORMAT);

Test/org/spdx/rdfparser/TestSPDXFile.java

@@ -1,27 +1,19 @@
 /**
  * Copyright (c) 2011 Source Auditor Inc.
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote products
- *    derived from this software without specific prior written permission.
  *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+*/
 package org.spdx.rdfparser;
 
 import static org.junit.Assert.*;

Test/org/spdx/rdfparser/TestSpdxPackageVerificationCode.java

@@ -0,0 +1,160 @@
+/**
+ * Copyright (c) 2011 Source Auditor Inc.
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+*/
+package org.spdx.rdfparser;
+
+import static org.junit.Assert.*;
+
+import java.util.ArrayList;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import com.hp.hpl.jena.rdf.model.Model;
+import com.hp.hpl.jena.rdf.model.ModelFactory;
+import com.hp.hpl.jena.rdf.model.Resource;
+
+/**
+ * @author Source Auditor
+ *
+ */
+public class TestSpdxPackageVerificationCode {
+
+	static final String[] VALUES = new String[] {"0123456789abcdef0123456789abcdef01234567",
+			"c1ef456789abcdab0123456789abcdef01234567", "invalidvalue"};
+
+	static final String[] VALUES2 = new String[] {"ab23456789abcdef0123456789abcdef01234567",
+		"00ef456789abcdab0123456789abcdef01234567", "2invalidvalue2"};
+
+	static final String[] [] SKIPPED_FILES = new String[][] {new String[] {"skipped1", "skipped2"},
+			new String[0], new String[] {"oneSkippedFile"}};
+
+	static final String[] [] SKIPPED_FILES2 = new String[][] {new String[] {},
+		new String[] {"single/file"}, new String[] {"a/b/c", "d/e/f", "g/hi"}};
+
+	SpdxPackageVerificationCode[] VERIFICATION_CODES;
+	Model model;
+	/**
+	 * @throws java.lang.Exception
+	 */
+	@Before
+	public void setUp() throws Exception {
+		model = ModelFactory.createDefaultModel();
+		VERIFICATION_CODES = new SpdxPackageVerificationCode[] {
+					new SpdxPackageVerificationCode(VALUES[0], SKIPPED_FILES[0]),
+					new SpdxPackageVerificationCode(VALUES[1], SKIPPED_FILES[1]),
+					new SpdxPackageVerificationCode(VALUES[2], SKIPPED_FILES[2])
+				};
+	}
+
+	/**
+	 * @throws java.lang.Exception
+	 */
+	@After
+	public void tearDown() throws Exception {
+	}
+
+	/**
+	 * Test method for {@link org.spdx.rdfparser.SpdxPackageVerificationCode#setExcludedFileNames(java.lang.String[])}.
+	 * @throws InvalidSPDXAnalysisException 
+	 */
+	@Test
+	public void testSetExcludedFileNames() throws InvalidSPDXAnalysisException {
+		Resource[] verificationResources = new Resource[VERIFICATION_CODES.length];
+		for (int i  = 0; i < verificationResources.length; i++) {
+			verificationResources[i] = VERIFICATION_CODES[i].createResource(model);
+		}
+		for (int i  = 0; i < verificationResources.length; i++) {
+			SpdxPackageVerificationCode comp = new SpdxPackageVerificationCode(model, verificationResources[i].asNode());
+			comp.setExcludedFileNames(SKIPPED_FILES2[i]);
+			assertEquals(SKIPPED_FILES2[i].length, comp.getExcludedFileNames().length);
+			compareArrays(SKIPPED_FILES2[i], comp.getExcludedFileNames());
+			assertEquals(VALUES[i], comp.getValue());
+		}
+	}
+
+	/**
+	 * @param strings
+	 * @param excludedFileNames
+	 */
+	private void compareArrays(String[] s1, String[] s2) {
+		assertEquals(s1.length, s2.length);
+		for (int i = 0; i < s1.length; i++) {
+			boolean found = false;
+			for (int j = 0; j < s2.length; j++) {
+				if (s1[i].equals(s2[j])) {
+					found = true;
+					break;
+				}
+			}
+			assertTrue(found);
+		}
+	}
+
+	/**
+	 * Test method for {@link org.spdx.rdfparser.SpdxPackageVerificationCode#addExcludedFileName(java.lang.String)}.
+	 * @throws InvalidSPDXAnalysisException 
+	 */
+	@Test
+	public void testAddExcludedFileName() throws InvalidSPDXAnalysisException {
+		Resource[] verificationResources = new Resource[VERIFICATION_CODES.length];
+		for (int i  = 0; i < verificationResources.length; i++) {
+			verificationResources[i] = VERIFICATION_CODES[i].createResource(model);
+		}
+		for (int i  = 0; i < verificationResources.length; i++) {
+			SpdxPackageVerificationCode comp = new SpdxPackageVerificationCode(model, verificationResources[i].asNode());
+			comp.addExcludedFileName("File"+String.valueOf(i));
+			String[] compNames = new String[SKIPPED_FILES[i].length+1];
+			for (int j = 0; j < SKIPPED_FILES[i].length; j++) {
+				compNames[j] = SKIPPED_FILES[i][j];
+			}
+			compNames[SKIPPED_FILES[i].length] = "File"+String.valueOf(i);
+			assertEquals(compNames.length, comp.getExcludedFileNames().length);
+			compareArrays(compNames, comp.getExcludedFileNames());
+			assertEquals(VALUES[i], comp.getValue());
+		}
+	}
+
+	/**
+	 * Test method for {@link org.spdx.rdfparser.SpdxPackageVerificationCode#setValue(java.lang.String)}.
+	 * @throws InvalidSPDXAnalysisException 
+	 */
+	@Test
+	public void testSetValue() throws InvalidSPDXAnalysisException {
+		Resource[] verificationResources = new Resource[VERIFICATION_CODES.length];
+		for (int i  = 0; i < verificationResources.length; i++) {
+			verificationResources[i] = VERIFICATION_CODES[i].createResource(model);
+		}
+		for (int i  = 0; i < verificationResources.length; i++) {
+			SpdxPackageVerificationCode comp = new SpdxPackageVerificationCode(model, verificationResources[i].asNode());
+			comp.setValue(VALUES2[i]);
+			compareArrays(SKIPPED_FILES[i], comp.getExcludedFileNames());
+			assertEquals(VALUES2[i], comp.getValue());
+		}
+	}
+
+	@Test
+	public void testVerify() {
+		ArrayList<String> verify = VERIFICATION_CODES[0].verify();
+		assertEquals(0, verify.size());
+		verify = VERIFICATION_CODES[1].verify();
+		assertEquals(0, verify.size());
+		verify = VERIFICATION_CODES[2].verify();
+		assertEquals(1, verify.size());
+	}
+
+}

src/org/spdx/rdfparser/PrettyPrinter.java

@@ -139,9 +139,9 @@ private static void prettyPrintPackage(SPDXPackage pkg) throws InvalidSPDXAnalys
 		if (pkg.getSha1() != null && !pkg.getSha1().isEmpty()) {
 			System.out.printf("SHA1: %1s\n",pkg.getSha1());				
 		}
-		// file verification code
-		if (pkg.getVerificationCode() != null && !pkg.getVerificationCode().isEmpty()) {
-			System.out.printf("Verification: %1s\n", pkg.getVerificationCode());
+		// package verification code
+		if (pkg.getVerificationCode() != null && pkg.getVerificationCode().getValue() != null && !pkg.getVerificationCode().getValue().isEmpty()) {
+			System.out.printf("Verification: %1s\n", pkg.getVerificationCode().getValue());
 		}
 		// Description
 		if (pkg.getDescription() != null && !pkg.getDescription().isEmpty()) {

src/org/spdx/rdfparser/SPDXChecksum.java

@@ -119,6 +119,11 @@ public void setValue(String value) {
 		}
 	}
 
+	/**
+	 * Creates a resource from this SPDX Checksum
+	 * @param model
+	 * @return
+	 */
 	public Resource createResource(Model model) {
 		this.model = model;
 		Resource type = model.createResource(SpdxRdfConstants.SPDX_NAMESPACE +