From 93adeb4a2503fbdb4d8e06d777a4aa836b28d720 Mon Sep 17 00:00:00 2001
From: wasala <przemyslaw.wasala@nokia.com>
Date: Tue, 18 Sep 2018 14:17:19 +0200
Subject: Security vulnerabilities corrections

*Improved imported libraries
*Fixed imported libraries in connection
of risk security

Change-Id: I28e6b22f8088f70cae431e6e99936cdb67e4cc0d
Issue-ID: DCAEGEN2-764
Signed-off-by: wasala <przemyslaw.wasala@nokia.com>
---
 datafile-commons/pom.xml                            | 21 +++++----------------
 .../collectors/datafile/model/utils/HttpUtils.java  |  6 +++---
 .../datafile/model/CommonFunctionsTest.java         | 20 ++------------------
 .../datafile/model/ConsumerDmaapModelTest.java      |  7 +++----
 .../datafile/model/utils/HttpUtilsTest.java         |  5 ++---
 5 files changed, 15 insertions(+), 44 deletions(-)

(limited to 'datafile-commons')

diff --git a/datafile-commons/pom.xml b/datafile-commons/pom.xml
index 3f551542..d018ff79 100644
--- a/datafile-commons/pom.xml
+++ b/datafile-commons/pom.xml
@@ -31,10 +31,6 @@
   <artifactId>datafile-commons</artifactId>
   <packaging>jar</packaging>
 
-  <properties>
-    <main.basedir>${project.parent.basedir}</main.basedir>
-  </properties>
-
   <dependencies>
     <dependency>
       <groupId>org.immutables</groupId>
@@ -44,16 +40,6 @@
       <groupId>org.immutables</groupId>
       <artifactId>gson</artifactId>
     </dependency>
-    <dependency>
-      <groupId>org.apache.httpcomponents</groupId>
-      <artifactId>httpclient</artifactId>
-    </dependency>
-    <dependency>
-      <groupId>org.apache.commons</groupId>
-      <artifactId>commons-lang3</artifactId>
-    </dependency>
-
-    <!-- TEST DEPENDENCIES -->
     <dependency>
       <groupId>org.junit.jupiter</groupId>
       <artifactId>junit-jupiter-api</artifactId>
@@ -69,8 +55,6 @@
       <artifactId>mockito-core</artifactId>
       <scope>test</scope>
     </dependency>
-
-    <!-- LOGGING DEPENDENCIES -->
     <dependency>
       <groupId>ch.qos.logback</groupId>
       <artifactId>logback-classic</artifactId>
@@ -83,5 +67,10 @@
       <groupId>org.slf4j</groupId>
       <artifactId>log4j-over-slf4j</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-web</artifactId>
+      <version>5.0.5.RELEASE</version>
+    </dependency>
   </dependencies>
 </project>
diff --git a/datafile-commons/src/main/java/org/onap/dcaegen2/collectors/datafile/model/utils/HttpUtils.java b/datafile-commons/src/main/java/org/onap/dcaegen2/collectors/datafile/model/utils/HttpUtils.java
index af41b356..91cc3c69 100644
--- a/datafile-commons/src/main/java/org/onap/dcaegen2/collectors/datafile/model/utils/HttpUtils.java
+++ b/datafile-commons/src/main/java/org/onap/dcaegen2/collectors/datafile/model/utils/HttpUtils.java
@@ -18,13 +18,13 @@
 
 package org.onap.dcaegen2.collectors.datafile.model.utils;
 
-import org.apache.http.HttpStatus;
+import org.springframework.http.HttpStatus;
 
-public final class HttpUtils implements HttpStatus {
+public final class HttpUtils {
 
     private HttpUtils() {}
 
     public static boolean isSuccessfulResponseCode(Integer statusCode) {
-        return statusCode >= 200 && statusCode < 300;
+        return statusCode >= HttpStatus.OK.value() && statusCode < HttpStatus.MULTIPLE_CHOICES.value();
     }
 }
diff --git a/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/CommonFunctionsTest.java b/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/CommonFunctionsTest.java
index 675589fb..062724e7 100644
--- a/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/CommonFunctionsTest.java
+++ b/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/CommonFunctionsTest.java
@@ -17,31 +17,15 @@
 package org.onap.dcaegen2.collectors.datafile.model;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
 
-import org.apache.http.HttpEntity;
-import org.apache.http.HttpResponse;
-import org.apache.http.StatusLine;
-import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.Test;
 
 class CommonFunctionsTest {
     // Given
     private ConsumerDmaapModel model = new ConsumerDmaapModelForUnitTest();
     private static final String EXPECTED_RESULT =
-            "{\"location\":\"target/A20161224.1030-1045.bin.gz\",\"compression\":\"gzip\","
-                    + "\"fileFormatType\":\"org.3GPP.32.435#measCollec\",\"fileFormatVersion\":\"V10\"}";
-
-    private static final HttpResponse httpResponseMock = mock(HttpResponse.class);
-    private static final HttpEntity httpEntityMock = mock(HttpEntity.class);
-    private static final StatusLine statusLineMock = mock(StatusLine.class);
-
-    @BeforeAll
-    static void setup() {
-        when(httpResponseMock.getEntity()).thenReturn(httpEntityMock);
-        when(httpResponseMock.getStatusLine()).thenReturn(statusLineMock);
-    }
+        "{\"location\":\"target/A20161224.1030-1045.bin.gz\",\"compression\":\"gzip\","
+            + "\"fileFormatType\":\"org.3GPP.32.435#measCollec\",\"fileFormatVersion\":\"V10\"}";
 
     @Test
     void createJsonBody_shouldReturnJsonInString() {
diff --git a/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/ConsumerDmaapModelTest.java b/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/ConsumerDmaapModelTest.java
index dcccd5f5..5b028973 100644
--- a/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/ConsumerDmaapModelTest.java
+++ b/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/ConsumerDmaapModelTest.java
@@ -21,8 +21,6 @@ import org.junit.jupiter.api.Test;
 
 public class ConsumerDmaapModelTest {
 
-    // Given
-    private ConsumerDmaapModel consumerDmaapModel;
     private static final String LOCATION = "target/A20161224.1030-1045.bin.gz";
     private static final String COMPRESSION = "gzip";
     private static final String FILE_FORMAT_TYPE = "org.3GPP.32.435#measCollec";
@@ -32,8 +30,9 @@ public class ConsumerDmaapModelTest {
     public void consumerDmaapModelBuilder_shouldBuildAnObject() {
 
         // When
-        consumerDmaapModel = ImmutableConsumerDmaapModel.builder().location(LOCATION).compression(COMPRESSION)
-                .fileFormatType(FILE_FORMAT_TYPE).fileFormatVersion(FILE_FORMAT_VERSION).build();
+        // Given
+        ConsumerDmaapModel consumerDmaapModel = ImmutableConsumerDmaapModel.builder().location(LOCATION).compression(COMPRESSION)
+            .fileFormatType(FILE_FORMAT_TYPE).fileFormatVersion(FILE_FORMAT_VERSION).build();
 
         // Then
         Assertions.assertNotNull(consumerDmaapModel);
diff --git a/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/utils/HttpUtilsTest.java b/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/utils/HttpUtilsTest.java
index 83fe14a7..8effcbb8 100644
--- a/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/utils/HttpUtilsTest.java
+++ b/datafile-commons/src/test/java/org/onap/dcaegen2/collectors/datafile/model/utils/HttpUtilsTest.java
@@ -21,7 +21,6 @@ package org.onap.dcaegen2.collectors.datafile.model.utils;
 import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
-import org.apache.http.HttpStatus;
 import org.junit.jupiter.api.Test;
 
 
@@ -29,11 +28,11 @@ public class HttpUtilsTest {
 
     @Test
     public void isSuccessfulResponseCode_shouldReturnTrue() {
-        assertTrue(HttpUtils.isSuccessfulResponseCode(HttpUtils.SC_ACCEPTED));
+        assertTrue(HttpUtils.isSuccessfulResponseCode(202));
     }
 
     @Test
     public void isSuccessfulResponseCode_shouldReturnFalse() {
-        assertFalse(HttpUtils.isSuccessfulResponseCode(HttpStatus.SC_BAD_GATEWAY));
+        assertFalse(HttpUtils.isSuccessfulResponseCode(502));
     }
 }
-- 
cgit 1.2.3-korg