Merge "Set secure flag & log exception"

author: Manoop Talasila <talasila@research.att.com> 2019-09-16 15:49:46 +0000
committer: Gerrit Code Review <gerrit@onap.org> 2019-09-16 15:49:46 +0000
commit: 510f243992dc434f51178d1797a8045de839c25f (patch)
tree: 2c87717b1b16da7bb57ffd7875d72fdc22ed53ae
parent: fadf5206f07dada8b60b8ee5923cb33de90dbe5b (diff)
parent: a9a8be6107f6b9fdfe1bb477f6d41f8e1d817f84 (diff)
3 files changed, 179 insertions, 179 deletions
diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/ECOMPLogoutController.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/ECOMPLogoutController.java
index 062a2e2a..54fcf3af 100644
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/ECOMPLogoutController.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/ECOMPLogoutController.java
@@ -33,7 +33,7 @@
  *
  * ============LICENSE_END============================================
  *
- * 
+ *
  */
 package org.onap.portalapp.controller;
 
@@ -62,72 +62,77 @@ import org.springframework.web.servlet.ModelAndView;
 @org.springframework.context.annotation.Configuration
 @EnableAspectJAutoProxy
 @Profile("src")
-public class ECOMPLogoutController extends EPUnRestrictedBaseController{
-	
-	private EPUser user;
-	private static final String EP_SERVICE = "EPService";
-	EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ECOMPLogoutController.class);
-
-	@EPAuditLog
-	@RequestMapping(value = {"/logout.htm" }, method = RequestMethod.GET)
-	public ModelAndView logOut(HttpServletRequest request,
-	            						HttpServletResponse response) throws Exception {
-	
-		ModelAndView modelView = null;
-				
-		chatRoomLogout(request);
-		logger.debug(EELFLoggerDelegate.debugLogger, "ECOMPLogoutController.handleRequestInternal - Logout request received.");
-		
-		modelView = new ModelAndView("redirect:login.htm");
-		
-		/**
-		if (UserUtils.isClientMobileDevice(request)){
-		modelView.setViewName(modelView.getViewName().concat("?viewType=mobile"));
-		}
-		*/
-		String cookieDoamin = EPSystemProperties.getProperty(EPSystemProperties.COOKIE_DOMAIN);
-		Cookie epCookie = new Cookie(EP_SERVICE, "");
-		epCookie.setMaxAge(0);
-		epCookie.setDomain(cookieDoamin);
-		epCookie.setPath("/");
-		
-		Cookie appHeaderCookie = new Cookie("show_app_header", "");
-		appHeaderCookie.setMaxAge(0);
-		appHeaderCookie.setDomain(cookieDoamin);
-		appHeaderCookie.setPath("/");
-		
-		Cookie appTabCookie = new Cookie("cookieTabs", "");
-		appTabCookie.setMaxAge(0);
-		appTabCookie.setDomain(cookieDoamin);
-		appTabCookie.setPath("/");
-		
-		Cookie appVisInvisTabCookie = new Cookie("visInVisCookieTabs", "");
-		appVisInvisTabCookie.setMaxAge(0);
-		appVisInvisTabCookie.setDomain(cookieDoamin);
-		appVisInvisTabCookie.setPath("/");
-		
-	    response.addCookie(epCookie);	
-	    response.addCookie(appHeaderCookie);
-	    response.addCookie(appTabCookie);
-	    response.addCookie(appVisInvisTabCookie);
-		request.getSession().invalidate();
-		
-		logger.debug(EELFLoggerDelegate.debugLogger, "ECOMPLogoutController.handleRequestInternal - Successfully processed the logout request.");
-		
-		return modelView;
-	}
-	
-	@EPMetricsLog
-	public void chatRoomLogout(HttpServletRequest request){
-		request = ((ServletRequestAttributes)RequestContextHolder.currentRequestAttributes()).getRequest(); 
-		setUser(EPUserUtils.getUserSession(request));
-	}
-	
-	public EPUser getUser() {
-		return user;
-	}
-	
-	public void setUser(EPUser user) {
-		this.user = user;
-	}
+public class ECOMPLogoutController extends EPUnRestrictedBaseController {
+
+    private EPUser user;
+    private static final String EP_SERVICE = "EPService";
+    EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ECOMPLogoutController.class);
+
+    @EPAuditLog
+    @RequestMapping(value = { "/logout.htm" }, method = RequestMethod.GET)
+    public ModelAndView logOut(HttpServletRequest request,
+            HttpServletResponse response) throws Exception {
+
+        ModelAndView modelView = null;
+
+        chatRoomLogout(request);
+        logger.debug(EELFLoggerDelegate.debugLogger,
+                "ECOMPLogoutController.handleRequestInternal - Logout request received.");
+
+        modelView = new ModelAndView("redirect:login.htm");
+
+        /**
+         * if (UserUtils.isClientMobileDevice(request)){
+         * modelView.setViewName(modelView.getViewName().concat("?viewType=mobile")); }
+         */
+        String cookieDoamin = EPSystemProperties.getProperty(EPSystemProperties.COOKIE_DOMAIN);
+        Cookie epCookie = new Cookie(EP_SERVICE, "");
+        epCookie.setSecure(true);
+        epCookie.setMaxAge(0);
+        epCookie.setDomain(cookieDoamin);
+        epCookie.setPath("/");
+
+        Cookie appHeaderCookie = new Cookie("show_app_header", "");
+        appHeaderCookie.setSecure(true);
+        appHeaderCookie.setMaxAge(0);
+        appHeaderCookie.setDomain(cookieDoamin);
+        appHeaderCookie.setPath("/");
+
+        Cookie appTabCookie = new Cookie("cookieTabs", "");
+        appTabCookie.setSecure(true);
+        appTabCookie.setMaxAge(0);
+        appTabCookie.setDomain(cookieDoamin);
+        appTabCookie.setPath("/");
+
+        Cookie appVisInvisTabCookie = new Cookie("visInVisCookieTabs", "");
+        appVisInvisTabCookie.setSecure(true);
+        appVisInvisTabCookie.setMaxAge(0);
+        appVisInvisTabCookie.setDomain(cookieDoamin);
+        appVisInvisTabCookie.setPath("/");
+
+        response.addCookie(epCookie);
+        response.addCookie(appHeaderCookie);
+        response.addCookie(appTabCookie);
+        response.addCookie(appVisInvisTabCookie);
+        request.getSession().invalidate();
+
+        logger.debug(EELFLoggerDelegate.debugLogger,
+                "ECOMPLogoutController.handleRequestInternal - Successfully processed the logout request.");
+
+        return modelView;
+    }
+
+    @EPMetricsLog
+    public void chatRoomLogout(HttpServletRequest request) {
+        request = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
+        setUser(EPUserUtils.getUserSession(request));
+    }
+
+    public EPUser getUser() {
+        return user;
+    }
+
+    public void setUser(EPUser user) {
+        this.user = user;
+    }
 }
diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/PeerBroadcastSocket.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/PeerBroadcastSocket.java
index c80419f9..de8524e0 100644
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/PeerBroadcastSocket.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/PeerBroadcastSocket.java
@@ -35,7 +35,7 @@
  *
  * ============LICENSE_END============================================
  *
- * 
+ *
  */
 package org.onap.portalapp.controller;
 
@@ -53,51 +53,50 @@ import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 
 @ServerEndpoint("/opencontact")
 public class PeerBroadcastSocket {
-	private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PeerBroadcastSocket.class);
-	private static final ObjectMapper mapper = new ObjectMapper();
+    private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PeerBroadcastSocket.class);
+    private static final ObjectMapper mapper = new ObjectMapper();
 
-	protected static final Map<String, Object> channelMap = new HashMap<>();
-	private Map<String, String> sessionMap = new HashMap<>();
+    private static final Map<String, Object> channelMap = new HashMap<>();
+    private Map<String, String> sessionMap = new HashMap<>();
 
-	@OnMessage
-	public void message(String message, Session session) {
-		try {
-			Map<String, Object> jsonObject = mapper.readValue(message, Map.class);
-			save(jsonObject, session);
-		} catch (Exception ex) {
-			logger.error(EELFLoggerDelegate.errorLogger, "Failed" + ex.getMessage());
-		}
-	}
+    @OnMessage
+    public void message(String message, Session session) {
+        try {
+            Map<String, Object> jsonObject = mapper.readValue(message, Map.class);
+            save(jsonObject, session);
+        } catch (Exception ex) {
+            logger.error(EELFLoggerDelegate.errorLogger, "Failed", ex);
+        }
+    }
 
-	@OnOpen
-	public void open(Session session) {
-		logger.info(EELFLoggerDelegate.debugLogger, "Channel opened");
-	}
+    @OnOpen
+    public void open(Session session) {
+        logger.info(EELFLoggerDelegate.debugLogger, "Channel opened");
+    }
 
-	@OnClose
-	public void close(Session session) {
-		String channel = sessionMap.get(session.getId());
-		if (channel != null) {
-			Object sessObj = channelMap.get(channel);
-			if (sessObj != null) {
-				try {
-					((Session) sessObj).close();
-				} catch (IOException e) {
-					logger.error(EELFLoggerDelegate.errorLogger, "Failed to close" + e.getMessage());
-				}
-			}
-			channelMap.remove(channel);
-		}
-		logger.info(EELFLoggerDelegate.debugLogger, "Channel closed");
-	}
+    @OnClose
+    public void close(Session session) {
+        String channel = sessionMap.get(session.getId());
+        if (channel != null) {
+            Object sessObj = channelMap.get(channel);
+            if (sessObj != null) {
+                try {
+                    ((Session) sessObj).close();
+                } catch (IOException e) {
+                    logger.error(EELFLoggerDelegate.errorLogger, "Failed to close", e);
+                }
+            }
+            channelMap.remove(channel);
+        }
+        logger.info(EELFLoggerDelegate.debugLogger, "Channel closed");
+    }
 
-	private void save(Map<String, Object> jsonObject, Session session) {
-		final Optional<String> from = Optional.of(jsonObject.get("from").toString());
-		if (from.isPresent() && channelMap.get(from.get()) == null) {
-			this.channelMap.put(from.toString(), session);
-			this.sessionMap.put(session.getId(), from.toString());
-		}
-	}
+    private void save(Map<String, Object> jsonObject, Session session) {
+        final Optional<String> from = Optional.of(jsonObject.get("from").toString());
+        if (from.isPresent() && channelMap.get(from.get()) == null) {
+            channelMap.put(from.toString(), session);
+            this.sessionMap.put(session.getId(), from.toString());
+        }
+    }
 
 }
-
diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/portal/controller/AppsOSController.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/portal/controller/AppsOSController.java
index e109ef5d..b1154aa3 100644
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/portal/controller/AppsOSController.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/portal/controller/AppsOSController.java
@@ -39,23 +39,17 @@ package org.onap.portalapp.portal.controller;
 
 import java.util.HashMap;
 import java.util.Map;
-
 import java.util.Set;
 import javax.servlet.http.HttpServletRequest;
-
 import javax.validation.ConstraintViolation;
 import javax.validation.Validation;
 import javax.validation.Validator;
 import javax.validation.ValidatorFactory;
-import lombok.NoArgsConstructor;
 import org.json.JSONObject;
 import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
 import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
-import org.onap.portalapp.portal.service.AdminRolesService;
-import org.onap.portalapp.portal.service.EPAppService;
-import org.onap.portalapp.portal.service.PersUserAppService;
 import org.onap.portalapp.portal.service.UserService;
 import org.onap.portalapp.util.EPUserUtils;
 import org.onap.portalapp.validation.SecureString;
@@ -68,6 +62,7 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
+import lombok.NoArgsConstructor;
 
 @RestController
 @Configuration
@@ -75,73 +70,74 @@ import org.springframework.web.bind.annotation.RestController;
 @EPAuditLog
 @NoArgsConstructor
 public class AppsOSController extends AppsController {
-	private static final ValidatorFactory validatorFactory = Validation.buildDefaultValidatorFactory();
-	
-	private static final String FAILURE = "failure";
-	private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsOSController.class);
+    private static final ValidatorFactory validatorFactory = Validation.buildDefaultValidatorFactory();
 
-	@Autowired
-	UserService userService;
+    private static final String FAILURE = "failure";
+    private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsOSController.class);
+
+    @Autowired
+    UserService userService;
+
+    /**
+     * Create new application's contact us details.
+     *
+     * @param contactUs
+     * @return
+     */
+    @RequestMapping(value = "/portalApi/saveNewUser", method = RequestMethod.POST, produces = "application/json")
+    public PortalRestResponse<String> saveNewUser(HttpServletRequest request, @RequestBody EPUser newUser) {
+        EPUser user = EPUserUtils.getUserSession(request);
+        if (newUser == null)
+            return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, FAILURE,
+                    "New User cannot be null or empty");
+
+        if (!(super.getAdminRolesService().isSuperAdmin(user) || super.getAdminRolesService().isAccountAdmin(user))
+                && !user.getLoginId().equalsIgnoreCase(newUser.getLoginId())) {
+            return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, FAILURE,
+                    "UnAuthorized");
+        }
 
-       /**
-	 * Create new application's contact us details.
-	 * 
-	 * @param contactUs
-	 * @return
-	 */
-	@RequestMapping(value = "/portalApi/saveNewUser", method = RequestMethod.POST, produces = "application/json")
-	public PortalRestResponse<String> saveNewUser(HttpServletRequest request,@RequestBody EPUser newUser) {
-		EPUser user = EPUserUtils.getUserSession(request);
-		if (newUser == null)
-			return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, FAILURE,
-					"New User cannot be null or empty");
-		
-		if (!(super.getAdminRolesService().isSuperAdmin(user) || super.getAdminRolesService().isAccountAdmin(user))){
-			if(!user.getLoginId().equalsIgnoreCase(newUser.getLoginId()))
-				return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, FAILURE,
-						"UnAuthorized");
-		}
-			
         String checkDuplicate = request.getParameter("isCheck");
-		String saveNewUser = FAILURE;
-		try {
-			saveNewUser = userService.saveNewUser(newUser,checkDuplicate);
-		} catch (Exception e) {
-			return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, saveNewUser, e.getMessage());
-		}
-		return new PortalRestResponse<>(PortalRestStatusEnum.OK, saveNewUser, "");
-	}
-	
-	@RequestMapping(value = { "/portalApi/currentUserProfile/{loginId}" }, method = RequestMethod.GET, produces = "application/json")
-	public String getCurrentUserProfile(HttpServletRequest request, @PathVariable("loginId") String loginId) {
+        String saveNewUser = FAILURE;
+        try {
+            saveNewUser = userService.saveNewUser(newUser, checkDuplicate);
+        } catch (Exception e) {
+            logger.error(EELFLoggerDelegate.errorLogger, "Exception in saveNewUser", e);
+            return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, saveNewUser, e.getMessage());
+        }
+        return new PortalRestResponse<>(PortalRestStatusEnum.OK, saveNewUser, "");
+    }
+
+    @RequestMapping(value = { "/portalApi/currentUserProfile/{loginId}" }, method = RequestMethod.GET,
+            produces = "application/json")
+    public String getCurrentUserProfile(HttpServletRequest request, @PathVariable("loginId") String loginId) {
 
-		if(loginId != null){
-			Validator validator = validatorFactory.getValidator();
-			SecureString secureString = new SecureString(loginId);
-			Set<ConstraintViolation<SecureString>> constraintViolations = validator.validate(secureString);
+        if (loginId != null) {
+            Validator validator = validatorFactory.getValidator();
+            SecureString secureString = new SecureString(loginId);
+            Set<ConstraintViolation<SecureString>> constraintViolations = validator.validate(secureString);
 
-			if (!constraintViolations.isEmpty()){
-				return "loginId is not valid";
-			}
-		}
+            if (!constraintViolations.isEmpty()) {
+                return "loginId is not valid";
+            }
+        }
 
-		
-		Map<String,String> map = new HashMap<>();
-		EPUser user;
-		try {
-			 user = (EPUser) userService.getUserByUserId(loginId).get(0);
-			 map.put("firstName", user.getFirstName());
-		     map.put("lastName", user.getLastName());
-		     map.put("email", user.getEmail());
-			 map.put("loginId", user.getLoginId());
-			 map.put("loginPwd",user.getLoginPwd());
-			 map.put("middleInitial",user.getMiddleInitial());
-		} catch (Exception e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "Failed to get user info", e);
-		}
+        Map<String, String> map = new HashMap<>();
+        EPUser user;
+        try {
+            user = (EPUser) userService.getUserByUserId(loginId).get(0);
+            map.put("firstName", user.getFirstName());
+            map.put("lastName", user.getLastName());
+            map.put("email", user.getEmail());
+            map.put("loginId", user.getLoginId());
+            map.put("loginPwd", user.getLoginPwd());
+            map.put("middleInitial", user.getMiddleInitial());
+        } catch (Exception e) {
+            logger.error(EELFLoggerDelegate.errorLogger, "Failed to get user info", e);
+        }
 
-		JSONObject j = new JSONObject(map);
-		return j.toString();
-	}
+        JSONObject j = new JSONObject(map);
+        return j.toString();
+    }
 
-}
-\ No newline at end of file
+}
author	Manoop Talasila <talasila@research.att.com>	2019-09-16 15:49:46 +0000
committer	Gerrit Code Review <gerrit@onap.org>	2019-09-16 15:49:46 +0000
commit	510f243992dc434f51178d1797a8045de839c25f (patch)
tree	2c87717b1b16da7bb57ffd7875d72fdc22ed53ae
parent	fadf5206f07dada8b60b8ee5923cb33de90dbe5b (diff)
parent	a9a8be6107f6b9fdfe1bb477f6d41f8e1d817f84 (diff)