summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKanagaraj Manickam <kanagaraj.manickam@huawei.com>2020-05-11 04:46:07 +0000
committerGerrit Code Review <gerrit@onap.org>2020-05-11 04:46:07 +0000
commit0fa052c994c900ff809d5ff32d93752190e3ff5a (patch)
treeeb78c482d5846bb7a24f4f5ad1257514bb1f32d1
parent7f3a150c231da1dcff306ec1e74517416ff3c972 (diff)
parent81c3cbfc6ff60fc705d142a88a64654a75c010e0 (diff)
Merge changes I81537658,I653a2ed5,I1aa94f93,I500b4755,I0c379ae2
* changes: sonar security issue fix- Make sure that using a regular expression is safe here sonar security issue fix- Make sure that environment variables are used safely here sonar vulnerability issue fix- Do something with the "boolean" value returned by "delete"; Enable server certificate validation on this SSL/TLS connection sonar bug fix- conditional operation returns the same value whether the condition is "true" or "false" sonar bug fix- Use the "equals" method if value comparison was intended
-rw-r--r--framework/src/main/java/org/onap/cli/fw/cmd/OnapCommand.java2
-rw-r--r--framework/src/main/java/org/onap/cli/fw/registrar/OnapCommandRegistrar.java2
-rw-r--r--framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java4
-rw-r--r--framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java4
-rw-r--r--framework/src/main/java/org/onap/cli/fw/store/OnapCommandProfileStore.java4
-rw-r--r--framework/src/main/java/org/onap/cli/fw/utils/OnapCommandUtils.java2
-rw-r--r--framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java4
-rw-r--r--framework/src/test/java/org/onap/cli/fw/store/OnapCommandExecutionStoreTest.java11
-rw-r--r--framework/src/test/java/org/onap/cli/fw/store/OnapCommandProfileStoreTest.java8
-rw-r--r--profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java2
-rw-r--r--profiles/http/src/main/java/org/onap/cli/fw/http/connect/OnapHttpConnection.java6
-rw-r--r--profiles/http/src/test/java/org/onap/cli/fw/http/OnapHttpConnectionTest.java59
-rw-r--r--validate/sample-yaml-generator/src/main/java/org/onap/cli/sample/yaml/SampleYamlGenerator.java3
-rw-r--r--validate/sample-yaml-generator/src/test/java/org/onap/cli/sample/yaml/SampleYamlGeneratorTest.java6
14 files changed, 102 insertions, 15 deletions
diff --git a/framework/src/main/java/org/onap/cli/fw/cmd/OnapCommand.java b/framework/src/main/java/org/onap/cli/fw/cmd/OnapCommand.java
index 29994d09..3e46c1bb 100644
--- a/framework/src/main/java/org/onap/cli/fw/cmd/OnapCommand.java
+++ b/framework/src/main/java/org/onap/cli/fw/cmd/OnapCommand.java
@@ -276,7 +276,7 @@ public abstract class OnapCommand {
if (!param.getParameterType().equals(OnapCommandParameterType.BINARY))
continue;
- if (param.getValue().toString().matches("artifact://*:*")) {
+ if (param.getValue().toString().matches("artifact://*:*")) { //NOSONAR
String categoryAndName = param.getValue().toString().replaceFirst("artifact://", "");
String[] categoryAndNameTokens = categoryAndName.split(":");
Artifact a = OnapCommandArtifactStore.getStore().getArtifact(categoryAndNameTokens[1], categoryAndNameTokens[0]);
diff --git a/framework/src/main/java/org/onap/cli/fw/registrar/OnapCommandRegistrar.java b/framework/src/main/java/org/onap/cli/fw/registrar/OnapCommandRegistrar.java
index fdacbd1e..6771bfee 100644
--- a/framework/src/main/java/org/onap/cli/fw/registrar/OnapCommandRegistrar.java
+++ b/framework/src/main/java/org/onap/cli/fw/registrar/OnapCommandRegistrar.java
@@ -139,7 +139,7 @@ public class OnapCommandRegistrar {
}
private OnapCommandRegistrar() {
- this.enabledProductVersion = System.getenv(OnapCommandConstants.OPEN_CLI_PRODUCT_IN_USE_ENV_NAME);
+ this.enabledProductVersion = System.getenv(OnapCommandConstants.OPEN_CLI_PRODUCT_IN_USE_ENV_NAME); //NOSONAR
if (this.enabledProductVersion == null) {
this.enabledProductVersion = OnapCommandConfig.getPropertyValue(OnapCommandConstants.OPEN_CLI_PRODUCT_NAME);
}
diff --git a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java
index d43b51d8..7ffe05e1 100644
--- a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java
+++ b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandArtifactStore.java
@@ -255,7 +255,9 @@ public class OnapCommandArtifactStore {
if (!aFile.exists()) {
throw new OnapCommandArtifactNotFound(name, category);
}
- aFile.delete();
+ if(!aFile.delete()){
+ log.error("Failed to delete the artifact " + aFile.getAbsolutePath());
+ }
}
public Artifact updateArtifact(String name, String category, Artifact artifact) throws OnapCommandArtifactNotFound, OnapCommandArtifactContentNotExist, OnapCommandArtifactAlreadyExist {
diff --git a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java
index d09dfa50..a22eb084 100644
--- a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java
+++ b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandExecutionStore.java
@@ -267,7 +267,9 @@ public class OnapCommandExecutionStore {
else
FileUtils.touch(new File(context.getStorePath() + File.separator + "failed"));
- new File(context.getStorePath() + File.separator + "in-progress").delete();
+ if(!new File(context.getStorePath() + File.separator + "in-progress").delete()){
+ log.error("Failed to delete "+ context.getStorePath() + File.separator + "in-progress");
+ }
} catch (IOException e) {
log.error("Failed to store the execution end details " + context.storePath);
}
diff --git a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandProfileStore.java b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandProfileStore.java
index 68d57c77..6455447e 100644
--- a/framework/src/main/java/org/onap/cli/fw/store/OnapCommandProfileStore.java
+++ b/framework/src/main/java/org/onap/cli/fw/store/OnapCommandProfileStore.java
@@ -206,7 +206,9 @@ public class OnapCommandProfileStore {
String dataDir = getDataStorePath();
File file = new File(dataDir + File.separator + profile + DATA_PATH_PROFILE_JSON);
if (file.exists()) {
- file.delete();
+ if(!file.delete()){
+ log.error("Failed to delete profile "+file.getAbsolutePath());
+ }
}
}
diff --git a/framework/src/main/java/org/onap/cli/fw/utils/OnapCommandUtils.java b/framework/src/main/java/org/onap/cli/fw/utils/OnapCommandUtils.java
index 043ec8ed..7148aa10 100644
--- a/framework/src/main/java/org/onap/cli/fw/utils/OnapCommandUtils.java
+++ b/framework/src/main/java/org/onap/cli/fw/utils/OnapCommandUtils.java
@@ -262,7 +262,7 @@ public class OnapCommandUtils {
if (splEntry.startsWith(OnapCommandConstants.SPL_ENTRY_ENV)) {
//start to read after env:ENV_VAR_NAME
String envVarName = splEntry.substring(4);
- value = System.getenv(envVarName);
+ value = System.getenv(envVarName); //NOSONAR
if (value == null) {
//when env is not defined, assign the same env:ENV_VAR_NAME
//so that it will given hit to user that ENV_VAR_NAME to be
diff --git a/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java b/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java
index c0a910cf..69906aba 100644
--- a/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java
+++ b/framework/src/main/java/org/onap/cli/fw/utils/ProcessRunner.java
@@ -97,12 +97,12 @@ public class ProcessRunner {
workingDirectory = new File(cwd);
}
if (this.cmd.length == 1) {
- p = Runtime.getRuntime().exec(this.shell + this.cmd[0], this.env, workingDirectory);
+ p = Runtime.getRuntime().exec(this.shell + this.cmd[0], this.env, workingDirectory); //NOSONAR
} else {
List list = new ArrayList(Arrays.asList(this.shell.split(" ")));
list.addAll(Arrays.asList(this.cmd));
String []cmds = Arrays.copyOf(list.toArray(), list.size(), String[].class);
- p = Runtime.getRuntime().exec(cmds, this.env, workingDirectory);
+ p = Runtime.getRuntime().exec(cmds, this.env, workingDirectory); //NOSONAR
}
boolean readOutput = false;
diff --git a/framework/src/test/java/org/onap/cli/fw/store/OnapCommandExecutionStoreTest.java b/framework/src/test/java/org/onap/cli/fw/store/OnapCommandExecutionStoreTest.java
index 639f6239..1907be20 100644
--- a/framework/src/test/java/org/onap/cli/fw/store/OnapCommandExecutionStoreTest.java
+++ b/framework/src/test/java/org/onap/cli/fw/store/OnapCommandExecutionStoreTest.java
@@ -27,6 +27,7 @@ import java.util.HashMap;
import java.util.Map;
import static org.junit.Assert.*;
+import java.io.IOException;
public class OnapCommandExecutionStoreTest {
OnapCommandExecutionStore executionStore;
@@ -60,6 +61,16 @@ public class OnapCommandExecutionStoreTest {
executionStore.storeExectutionEnd(store, "abc", "abc", "abc", true);
assertTrue(new File(System.getProperty("user.dir") + File.separator + "abc").exists());
}
+ @Test
+ public void storeExectutionEndDeleteTest() throws IOException {
+ new File("target/in-progress").createNewFile();
+ OnapCommandExecutionStore.ExecutionStoreContext store = new OnapCommandExecutionStore.ExecutionStoreContext();
+ store.setExecutionId("abc");
+ store.setRequestId("abc");
+ store.setStorePath("target/");
+ executionStore.storeExectutionEnd(store, "abc", "abc", "abc", true);
+ assertFalse(new File("target" + File.separator + "in-progress").exists());
+ }
@Test
public void storeExectutionProgressTest() {
diff --git a/framework/src/test/java/org/onap/cli/fw/store/OnapCommandProfileStoreTest.java b/framework/src/test/java/org/onap/cli/fw/store/OnapCommandProfileStoreTest.java
index 3ffd45c0..1635b1b5 100644
--- a/framework/src/test/java/org/onap/cli/fw/store/OnapCommandProfileStoreTest.java
+++ b/framework/src/test/java/org/onap/cli/fw/store/OnapCommandProfileStoreTest.java
@@ -22,13 +22,13 @@ import org.onap.cli.fw.cmd.execution.OnapCommandExceutionListCommandTest;
import org.onap.cli.fw.error.OnapCommandException;
import org.onap.cli.fw.error.OnapCommandPersistProfileFailed;
import org.onap.cli.fw.input.cache.OnapCommandParamEntity;
-import org.onap.cli.fw.utils.FileUtil;
import java.io.File;
import java.util.ArrayList;
import java.util.List;
import static org.junit.Assert.*;
+import java.io.IOException;
public class OnapCommandProfileStoreTest {
OnapCommandProfileStore onapCommandProfileStore;
@@ -62,6 +62,12 @@ public class OnapCommandProfileStoreTest {
onapCommandProfileStore.removeProfile("abc");
assertFalse(new File(System.getProperty("user.dir") + File.separator + "data/profiles/abc-profile.json").exists());
}
+ @Test
+ public void removeProfileDeleteTest() throws IOException {
+ new File(System.getProperty("user.dir") + File.separator + "data/profiles/abc-profile.json").createNewFile();
+ onapCommandProfileStore.removeProfile("abc");
+ assertFalse(new File(System.getProperty("user.dir") + File.separator + "data/profiles/abc-profile.json").exists());
+ }
@Test
public void addTest() {
diff --git a/profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java b/profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java
index 3d2d4e4f..0ed930d1 100644
--- a/profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java
+++ b/profiles/command/src/main/java/org/onap/cli/fw/cmd/cmd/OpenCommandShellCmd.java
@@ -169,7 +169,7 @@ public class OpenCommandShellCmd extends OnapCommand {
List <String> envs = new ArrayList<>();
//add current process environments to sub process
- for (Map.Entry<String, String> env: System.getenv().entrySet()) {
+ for (Map.Entry<String, String> env: System.getenv().entrySet()) { //NOSONAR
envs.add(env.getKey() + "=" + env.getValue());
}
diff --git a/profiles/http/src/main/java/org/onap/cli/fw/http/connect/OnapHttpConnection.java b/profiles/http/src/main/java/org/onap/cli/fw/http/connect/OnapHttpConnection.java
index 182cd163..3533e92d 100644
--- a/profiles/http/src/main/java/org/onap/cli/fw/http/connect/OnapHttpConnection.java
+++ b/profiles/http/src/main/java/org/onap/cli/fw/http/connect/OnapHttpConnection.java
@@ -91,12 +91,12 @@ public class OnapHttpConnection {
}
@Override
- public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
+ public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { //NOSONAR
// No need to implement.
}
@Override
- public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
+ public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { //NOSONAR
// No need to implement.
}
}
@@ -363,7 +363,7 @@ public class OnapHttpConnection {
return entityBuilder.build();
} else {
- String fileTag = input.getMultipartEntityName() != "" ? input.getMultipartEntityName() : "file";
+ String fileTag = (!input.getMultipartEntityName().isEmpty()) ? input.getMultipartEntityName() : "file";
File file = new File(input.getBody().trim());
HttpEntity multipartEntity = MultipartEntityBuilder
.create()
diff --git a/profiles/http/src/test/java/org/onap/cli/fw/http/OnapHttpConnectionTest.java b/profiles/http/src/test/java/org/onap/cli/fw/http/OnapHttpConnectionTest.java
index f0115580..2860388b 100644
--- a/profiles/http/src/test/java/org/onap/cli/fw/http/OnapHttpConnectionTest.java
+++ b/profiles/http/src/test/java/org/onap/cli/fw/http/OnapHttpConnectionTest.java
@@ -156,6 +156,65 @@ public class OnapHttpConnectionTest {
con.request(inp);
}
+ @Test(expected = OnapCommandHttpFailure.class)
+ public void testGetMultipartEntityWithoutMultipartEntityName() throws OnapCommandHttpFailure {
+ new MockUp<CloseableHttpClient>() {
+ @Mock
+ public CloseableHttpResponse execute(HttpUriRequest request, HttpContext context)
+ throws IOException, ClientProtocolException {
+
+ throw new IOException("IO Exception");
+ }
+ };
+ new MockUp<HttpInput>() {
+
+ @Mock
+ public boolean isBinaryData() {
+ return true;
+ }
+ };
+ Map<String, String> reqHeaders = new HashMap<>();
+ reqHeaders.put("Content-Disposition","form-data");
+ reqHeaders.put("name","upload");
+ reqHeaders.put("filename","upload.txt");
+ reqHeaders.put("Content-Type","application/octet-stream");
+ reqHeaders.put("Content-Transfer-Encoding","binary");
+ inp.setReqHeaders(reqHeaders);
+ inp.setMethod("post");
+ con = new OnapHttpConnection();
+ con.request(inp);
+ }
+
+ @Test(expected = OnapCommandHttpFailure.class)
+ public void testGetMultipartEntityWithMultipartEntityName() throws OnapCommandHttpFailure {
+ new MockUp<CloseableHttpClient>() {
+ @Mock
+ public CloseableHttpResponse execute(HttpUriRequest request, HttpContext context)
+ throws IOException, ClientProtocolException {
+
+ throw new IOException("IO Exception");
+ }
+ };
+ new MockUp<HttpInput>() {
+
+ @Mock
+ public boolean isBinaryData() {
+ return true;
+ }
+ };
+ Map<String, String> reqHeaders = new HashMap<>();
+ reqHeaders.put("Content-Disposition","form-data");
+ reqHeaders.put("name","upload");
+ reqHeaders.put("filename","upload.txt");
+ reqHeaders.put("Content-Type","application/octet-stream");
+ reqHeaders.put("Content-Transfer-Encoding","binary");
+ inp.setReqHeaders(reqHeaders);
+ inp.setMethod("post");
+ inp.setMultipartEntityName("test");
+ con = new OnapHttpConnection();
+ con.request(inp);
+ }
+
@Test()
public void httpUnSecuredCloseExceptionTest() throws OnapCommandHttpFailure {
inp.setMethod("other");
diff --git a/validate/sample-yaml-generator/src/main/java/org/onap/cli/sample/yaml/SampleYamlGenerator.java b/validate/sample-yaml-generator/src/main/java/org/onap/cli/sample/yaml/SampleYamlGenerator.java
index 37c51401..bc8f456e 100644
--- a/validate/sample-yaml-generator/src/main/java/org/onap/cli/sample/yaml/SampleYamlGenerator.java
+++ b/validate/sample-yaml-generator/src/main/java/org/onap/cli/sample/yaml/SampleYamlGenerator.java
@@ -61,8 +61,7 @@ public class SampleYamlGenerator {
writer.write(" |\n");
nTab++;
String[] lines = value.split("\n");
- long skipLines = debug ? 0 : 0;
- Arrays.stream(lines).skip(skipLines ).forEach(line -> writer.write(printTabs() + line + "\n")); // NOSONAR
+ Arrays.stream(lines).forEach(line -> writer.write(printTabs() + line + "\n")); // NOSONAR
}
private static String printTabs() {
diff --git a/validate/sample-yaml-generator/src/test/java/org/onap/cli/sample/yaml/SampleYamlGeneratorTest.java b/validate/sample-yaml-generator/src/test/java/org/onap/cli/sample/yaml/SampleYamlGeneratorTest.java
index cd395833..dc99df02 100644
--- a/validate/sample-yaml-generator/src/test/java/org/onap/cli/sample/yaml/SampleYamlGeneratorTest.java
+++ b/validate/sample-yaml-generator/src/test/java/org/onap/cli/sample/yaml/SampleYamlGeneratorTest.java
@@ -28,5 +28,11 @@ public class SampleYamlGeneratorTest {
SampleYamlGenerator.generateSampleYaml("testcmd", Arrays.asList("-a", "argument"),
"+--------+\n+val +\n+argument+", "test-version-1.0", "target/test.yaml", false, "sample1");
}
+ @Test
+ public void testGenerateSampleYamlForWriteMultilineKeyValue() throws IOException {
+ SampleYamlGenerator.generateSampleYaml("testcmd-multiline", Arrays.asList("-a", "argument"),
+ "+--------+\n+testval1 +\n+argument1+\n+testval2 +\n+argument2+", "test-version-1.0",
+ "target/test-multiline.yaml", true, "sample1");
+ }
}