From 39db412ce7214d74e0df638c3dc4368bc0a55456 Mon Sep 17 00:00:00 2001 From: Patrick Brady Date: Mon, 6 Aug 2018 09:19:22 -0700 Subject: Revert query changes The changes between patch 3 and patch 4 of this commit https://gerrit.onap.org/r/#/c/55093, where the parameters are sent to the SvcLogicContext instead of values, breaks the save functionality in cdt. When SvcLogicContext is allowed to subsitute the values, the StringUtils.isEmpty functions are skipped over. Although it appears this change is changing a parameterized query to a static statement query, in fact the query is not parameterized in its current form either. In its current form, SvcLogicContext is just subsituting the values into a static statement query. SvcLogicContext does perform a simple single quote escape, which could be duplicated here. Change-Id: If3ffceed5ad147c402355ffef17a8abf0752d5b1 Signed-off-by: Patrick Brady Issue-ID: APPC-1107 --- .../org/onap/appc/artifact/handler/dbservices/DBService.java | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'appc-inbound/appc-artifact-handler/provider') diff --git a/appc-inbound/appc-artifact-handler/provider/src/main/java/org/onap/appc/artifact/handler/dbservices/DBService.java b/appc-inbound/appc-artifact-handler/provider/src/main/java/org/onap/appc/artifact/handler/dbservices/DBService.java index 308ecf476..24dd4f477 100644 --- a/appc-inbound/appc-artifact-handler/provider/src/main/java/org/onap/appc/artifact/handler/dbservices/DBService.java +++ b/appc-inbound/appc-artifact-handler/provider/src/main/java/org/onap/appc/artifact/handler/dbservices/DBService.java @@ -372,26 +372,28 @@ public class DBService { String key; QueryStatus status; if (isUpdate) { - key = UPDATE_QUERY_STR + SdcArtifactHandlerConstants.DB_DEVICE_AUTHENTICATION + " set USER_NAME = $" - + SdcArtifactHandlerConstants.USER_NAME + " , PORT_NUMBER = $" + SdcArtifactHandlerConstants.PORT_NUMBER + ""; + key = UPDATE_QUERY_STR + SdcArtifactHandlerConstants.DB_DEVICE_AUTHENTICATION + " set USER_NAME = '" + + user + "' , PORT_NUMBER = " + port + ""; if (context.getAttributeKeySet().contains(SdcArtifactHandlerConstants.URL)) { String url = context.getAttribute(SdcArtifactHandlerConstants.URL); if (StringUtils.isBlank(url)) { url = "" ; } - key = key + ", URL = $" + SdcArtifactHandlerConstants.URL + " "; + key = key + ", URL = '" + url + "' "; } key = key + WHERE_VNF_TYPE_QUERY_STR + SdcArtifactHandlerConstants.VNF_TYPE + " AND PROTOCOL = $" + SdcArtifactHandlerConstants.DEVICE_PROTOCOL + " AND ACTION = $" + SdcArtifactHandlerConstants.ACTION; } else { - key = "insert into DEVICE_AUTHENTICATION set VNF_TYPE = $" + SdcArtifactHandlerConstants.VNF_TYPE + " , PROTOCOL = $" + SdcArtifactHandlerConstants.DEVICE_PROTOCOL + " , " + "ACTION = $" + SdcArtifactHandlerConstants.ACTION + " , USER_NAME = $" + SdcArtifactHandlerConstants.USER_NAME + " , PORT_NUMBER = $" + SdcArtifactHandlerConstants.PORT_NUMBER + ""; + key = "insert into DEVICE_AUTHENTICATION set VNF_TYPE = '" + vnftype + "' , PROTOCOL = '" + protocol + + "' , " + "ACTION = '" + action + "' , USER_NAME = '" + user + "' , PORT_NUMBER = '" + port + + "'"; if (context.getAttributeKeySet().contains(SdcArtifactHandlerConstants.URL)) { String url = context.getAttribute(SdcArtifactHandlerConstants.URL); if (StringUtils.isBlank(url)) { url = ""; } - key = key + ", URL = $" + SdcArtifactHandlerConstants.URL + " "; + key = key + ", URL = '" + url + "' "; } } -- cgit 1.2.3-korg