summaryrefslogtreecommitdiffstats
path: root/appc-config
diff options
context:
space:
mode:
authorKeighron, Lori (lk2924) <lk2924@att.com>2019-11-19 15:12:06 -0500
committerKeighron, Lori (lk2924) <lk2924@att.com>2019-11-19 15:16:48 -0500
commitd6801d69b3d29ce0aa99d3214f7cf4bfd02fb706 (patch)
tree792454cfbccfcbcaa1e957cc608e2444e701ba24 /appc-config
parentd37a45ab352084738b3f95cb64cc83d4e1484d0b (diff)
Apply defect and Fortify fixes to config bundle code
Apply defect and Fortify fixes to config bundle code Change-Id: I30ec12950c8e2ddcee8a643a9b74a06486c7d6bf Issue-ID: APPC-1787 Signed-off-by: Keighron, Lori (lk2924) <lk2924@att.com>
Diffstat (limited to 'appc-config')
-rw-r--r--appc-config/appc-config-adaptor/provider/src/main/java/org/onap/appc/ccadaptor/ConfigComponentAdaptor.java2
-rw-r--r--appc-config/appc-config-audit/provider/src/main/java/org/onap/sdnc/config/audit/node/CompareXmlData.java5
-rw-r--r--appc-config/appc-config-generator/provider/src/main/java/org/onap/sdnc/config/generator/tool/CheckDataTool.java6
-rw-r--r--appc-config/appc-encryption-tool/provider/src/main/java/org/onap/appc/encryptiontool/wrapper/WrapperEncryptionTool.java4
-rw-r--r--appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/executorImpl/RestExecutor.java3
-rw-r--r--appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowControlNode.java2
-rw-r--r--appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowSequenceGenerator.java19
-rw-r--r--appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/utils/FlowControllerConstants.java1
-rw-r--r--appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowControlNodeTest.java1
-rw-r--r--appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowSequenceGeneratorTest.java3
10 files changed, 37 insertions, 9 deletions
diff --git a/appc-config/appc-config-adaptor/provider/src/main/java/org/onap/appc/ccadaptor/ConfigComponentAdaptor.java b/appc-config/appc-config-adaptor/provider/src/main/java/org/onap/appc/ccadaptor/ConfigComponentAdaptor.java
index dd924229e..bb3627596 100644
--- a/appc-config/appc-config-adaptor/provider/src/main/java/org/onap/appc/ccadaptor/ConfigComponentAdaptor.java
+++ b/appc-config/appc-config-adaptor/provider/src/main/java/org/onap/appc/ccadaptor/ConfigComponentAdaptor.java
@@ -163,7 +163,7 @@ public class ConfigComponentAdaptor implements SvcLogicAdaptor {
parmval = parameters.get("config-component-configPassword");
if ((parmval != null) && (parmval.length() > 0)) {
- log.debug("Overwriting configPassword with " + parmval);
+ //log.debug("Overwriting configPassword with " + parmval);
configPassword = parmval;
}
diff --git a/appc-config/appc-config-audit/provider/src/main/java/org/onap/sdnc/config/audit/node/CompareXmlData.java b/appc-config/appc-config-audit/provider/src/main/java/org/onap/sdnc/config/audit/node/CompareXmlData.java
index e5e2b757f..9f1e4c97e 100644
--- a/appc-config/appc-config-audit/provider/src/main/java/org/onap/sdnc/config/audit/node/CompareXmlData.java
+++ b/appc-config/appc-config-audit/provider/src/main/java/org/onap/sdnc/config/audit/node/CompareXmlData.java
@@ -29,6 +29,7 @@ package org.onap.sdnc.config.audit.node;
import java.io.IOException;
import java.io.StringReader;
+import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
@@ -121,6 +122,10 @@ public class CompareXmlData implements CompareDataInterface
public Document getCompareDoc(String inXml) throws ParserConfigurationException, SAXException, IOException
{
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
+ dbFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
+ dbFactory.setFeature("http://xml.org/sax/features/external-general-entities", false);
+ dbFactory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
+
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
StringReader reader = new StringReader(inXml);
InputSource inputSource = new InputSource(reader);
diff --git a/appc-config/appc-config-generator/provider/src/main/java/org/onap/sdnc/config/generator/tool/CheckDataTool.java b/appc-config/appc-config-generator/provider/src/main/java/org/onap/sdnc/config/generator/tool/CheckDataTool.java
index 17d3447c8..38089ec81 100644
--- a/appc-config/appc-config-generator/provider/src/main/java/org/onap/sdnc/config/generator/tool/CheckDataTool.java
+++ b/appc-config/appc-config-generator/provider/src/main/java/org/onap/sdnc/config/generator/tool/CheckDataTool.java
@@ -26,6 +26,8 @@ package org.onap.sdnc.config.generator.tool;
import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
import java.io.StringReader;
+
+import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import org.codehaus.jettison.json.JSONArray;
@@ -73,6 +75,10 @@ public class CheckDataTool {
public static boolean isXML(String data) {
try {
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
+ dbFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
+ dbFactory.setFeature("http://xml.org/sax/features/external-general-entities", false);
+ dbFactory.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
+
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
dBuilder.parse(new InputSource(new StringReader(data)));
return true;
diff --git a/appc-config/appc-encryption-tool/provider/src/main/java/org/onap/appc/encryptiontool/wrapper/WrapperEncryptionTool.java b/appc-config/appc-encryption-tool/provider/src/main/java/org/onap/appc/encryptiontool/wrapper/WrapperEncryptionTool.java
index 287081764..8de6d5b98 100644
--- a/appc-config/appc-encryption-tool/provider/src/main/java/org/onap/appc/encryptiontool/wrapper/WrapperEncryptionTool.java
+++ b/appc-config/appc-encryption-tool/provider/src/main/java/org/onap/appc/encryptiontool/wrapper/WrapperEncryptionTool.java
@@ -52,8 +52,8 @@ public class WrapperEncryptionTool {
String action = args[4];
String port = args[5];
String url = args[6];
- log.info("vnfType = " + vnfType + " protocol = " + protocol + " " + USER_PARAM + "=" + user + " " + PASS_PARAM
- + "=" + password + " action=" + action + " " + PORT_PARAM + "=" + port + " " + URL_PARAM + "=" + url);
+ //log.info("vnfType = " + vnfType + " protocol = " + protocol + " " + USER_PARAM + "=" + user + " " + PASS_PARAM
+ // + "=" + password + " action=" + action + " " + PORT_PARAM + "=" + port + " " + URL_PARAM + "=" + url);
if (StringUtils.isBlank(user)) {
log.info("ERROR-USER can not be null");
diff --git a/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/executorImpl/RestExecutor.java b/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/executorImpl/RestExecutor.java
index 408f0a305..d8036f57a 100644
--- a/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/executorImpl/RestExecutor.java
+++ b/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/executorImpl/RestExecutor.java
@@ -52,7 +52,8 @@ public class RestExecutor implements FlowExecutorInterface {
@Override
public Map<String, String> execute(Transaction transaction, SvcLogicContext ctx) throws Exception {
- log.info("Configuring Rest Operation....." + transaction.toString());
+ String woPswd = transaction.toString().replaceAll("pswd=(.*?), ", "pswd=XXXX, ");
+ log.info("Configuring Rest Operation....." + woPswd);
Map<String, String> outputMessage = new HashMap<>();
Client client = null;
diff --git a/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowControlNode.java b/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowControlNode.java
index e298967d0..74932b41e 100644
--- a/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowControlNode.java
+++ b/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowControlNode.java
@@ -28,6 +28,7 @@ import static org.onap.appc.flow.controller.utils.FlowControllerConstants.DESING
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.GRAPH;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.INPUT_PARAM_RESPONSE_PREFIX;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.NODE;
+import static org.onap.appc.flow.controller.utils.FlowControllerConstants.OUTPUT_PARAM_ERROR_CODE;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.OUTPUT_PARAM_ERROR_MESSAGE;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.OUTPUT_PARAM_STATUS;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.OUTPUT_STATUS_FAILURE;
@@ -104,6 +105,7 @@ public class FlowControlNode implements SvcLogicJavaPlugin {
} catch (Exception e) {
ctx.setAttribute(responsePrefix + OUTPUT_PARAM_STATUS, OUTPUT_STATUS_FAILURE);
ctx.setAttribute(responsePrefix + OUTPUT_PARAM_ERROR_MESSAGE, e.getMessage());
+ ctx.setAttribute(responsePrefix + OUTPUT_PARAM_ERROR_CODE, ctx.getAttribute(OUTPUT_PARAM_ERROR_CODE));
log.error("Error occurred in processFlow ", e);
throw new SvcLogicException(e.getMessage());
}
diff --git a/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowSequenceGenerator.java b/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowSequenceGenerator.java
index 276301ed3..345b3e12e 100644
--- a/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowSequenceGenerator.java
+++ b/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/node/FlowSequenceGenerator.java
@@ -23,6 +23,8 @@ import static org.onap.appc.flow.controller.utils.FlowControllerConstants.DESING
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.EXTERNAL;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.FLOW_SEQUENCE;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.GENERATION_NODE;
+import static org.onap.appc.flow.controller.utils.FlowControllerConstants.OUTPUT_PARAM_ERROR_CODE;
+import static org.onap.appc.flow.controller.utils.FlowControllerConstants.OUTPUT_PARAM_ERROR_MESSAGE;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.RUNTIME;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.SEQUENCE_TYPE;
import static org.onap.appc.flow.controller.utils.FlowControllerConstants.VNFC_TYPE;
@@ -131,8 +133,21 @@ class FlowSequenceGenerator {
flowSequence = output.toString();
log.info("MultistepSequenceGenerator-Output: " + flowSequence);
- if (!flowSequence.contains("transactions")) {
- throw new Exception("No transactions were generated for this request");
+ // check for transactions data
+ if (!flowSequence.contains("transaction-id")) {
+ // check for status data
+ JSONObject statusJson = new JSONObject(output.toString()).optJSONObject("status");
+ if (statusJson != null) {
+ log.info("statusJson=" + statusJson);
+ if (statusJson.has("code")) {
+ // extract code and set into ctx
+ log.info("Setting " + OUTPUT_PARAM_ERROR_CODE + "=" + statusJson.get("code").toString() + " in context ctx");
+ ctx.setAttribute(OUTPUT_PARAM_ERROR_CODE, statusJson.get("code").toString());
+ log.info("Setting " + OUTPUT_PARAM_ERROR_MESSAGE + "=" + statusJson.get("message").toString() + " in context ctx");
+ ctx.setAttribute(OUTPUT_PARAM_ERROR_MESSAGE, statusJson.get("message").toString());
+ }
+ }
+ throw new Exception("Failed to generate the sequence for this request");
}
} else if (sequenceType.equalsIgnoreCase(EXTERNAL)) {
diff --git a/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/utils/FlowControllerConstants.java b/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/utils/FlowControllerConstants.java
index c4000dfe1..411cea5b7 100644
--- a/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/utils/FlowControllerConstants.java
+++ b/appc-config/appc-flow-controller/provider/src/main/java/org/onap/appc/flow/controller/utils/FlowControllerConstants.java
@@ -34,6 +34,7 @@ public class FlowControllerConstants {
public static final String OUTPUT_PARAM_STATUS = "status";
public static final String OUTPUT_PARAM_ERROR_MESSAGE = "error-message";
+ public static final String OUTPUT_PARAM_ERROR_CODE = "error-code";
public static final String OUTPUT_STATUS_SUCCESS = "success";
public static final String OUTPUT_STATUS_FAILURE = "failure";
diff --git a/appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowControlNodeTest.java b/appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowControlNodeTest.java
index d89059ddf..64914bb8c 100644
--- a/appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowControlNodeTest.java
+++ b/appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowControlNodeTest.java
@@ -37,7 +37,6 @@ import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
import org.onap.appc.flow.controller.data.ResponseAction;
-import org.onap.appc.flow.controller.data.Transaction;
import org.onap.appc.flow.controller.dbervices.FlowControlDBService;
import org.onap.ccsdk.sli.core.sli.SvcLogicContext;
import org.onap.ccsdk.sli.core.sli.SvcLogicException;
diff --git a/appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowSequenceGeneratorTest.java b/appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowSequenceGeneratorTest.java
index 1846a0922..8658e4512 100644
--- a/appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowSequenceGeneratorTest.java
+++ b/appc-config/appc-flow-controller/provider/src/test/java/org/onap/appc/flow/controller/node/FlowSequenceGeneratorTest.java
@@ -171,7 +171,6 @@ public class FlowSequenceGeneratorTest {
String flowSequence = flowSequenceGenerator.getFlowSequence(inParams, ctx, localCtx);
- //Assert.assertEquals("{'dummy-json-object':'some-param'}".replaceAll("'", "\""), flowSequence);
Assert.assertEquals("{'transactions':[{'transaction-id':'1','payload':''}]}".replaceAll("'", "\""), flowSequence);
}
@@ -185,7 +184,7 @@ public class FlowSequenceGeneratorTest {
// {"status":{"code":450,"message":"Request is not supported"}}
map.put("restResponse", "{'output':{'status':{'code':450,'message':'Request is not supported'}}}".replaceAll("'", "\""));
when(restExecutor.execute(any(Transaction.class), eq(localCtx))).thenReturn(map);
- expectedException.expectMessage("No transactions were generated for this request");
+ expectedException.expectMessage("Failed to generate the sequence for this request");
String flowSequence = flowSequenceGenerator.getFlowSequence(inParams, ctx, localCtx);
}