summaryrefslogtreecommitdiffstats
path: root/rulemgt/src
diff options
context:
space:
mode:
authorGuangrongFu <fu.guangrong@zte.com.cn>2020-08-24 20:03:30 +0800
committerGuangrongFu <fu.guangrong@zte.com.cn>2020-08-24 20:08:10 +0800
commit95b4f4645fe544c8f11651d7aa78381b24fc3769 (patch)
tree7f2cd537ec26bec3b1af451e94a0bfe35d289dc3 /rulemgt/src
parentce764eb74e8c3cb143ddb31cce8b0af785d1b8a2 (diff)
Fixed Some Vulnerability Issues
Fixed the fastjson issue Fixed the retrofit issue Change-Id: Ife7dca0f0aeaf09c753615ef870b84867a970c8d Issue-ID: HOLMES-345 Signed-off-by: GuangrongFu <fu.guangrong@zte.com.cn>
Diffstat (limited to 'rulemgt/src')
-rw-r--r--rulemgt/src/main/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapper.java16
-rw-r--r--rulemgt/src/main/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPolling.java18
-rw-r--r--rulemgt/src/test/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPollingTest.java6
3 files changed, 20 insertions, 20 deletions
diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapper.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapper.java
index b0bd1f5..479437e 100644
--- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapper.java
+++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapper.java
@@ -1,5 +1,5 @@
/**
- * Copyright 2017 ZTE Corporation.
+ * Copyright 2017-2020 ZTE Corporation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -15,17 +15,18 @@
*/
package org.onap.holmes.rulemgt.bolt.enginebolt;
-import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson.JSONObject;
-import javax.inject.Inject;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
import lombok.extern.slf4j.Slf4j;
import org.apache.http.HttpResponse;
import org.jvnet.hk2.annotations.Service;
+import org.onap.holmes.common.exception.CorrelationException;
import org.onap.holmes.common.utils.HttpsUtils;
import org.onap.holmes.rulemgt.bean.request.CorrelationCheckRule4Engine;
import org.onap.holmes.rulemgt.bean.request.CorrelationDeployRule4Engine;
import org.onap.holmes.rulemgt.constant.RuleMgtConstant;
-import org.onap.holmes.common.exception.CorrelationException;
+
+import javax.inject.Inject;
@Service
@Slf4j
@@ -44,9 +45,8 @@ public class EngineWrapper {
if (response.getStatusLine().getStatusCode() == RuleMgtConstant.RESPONSE_STATUS_OK) {
log.info("Succeeded in calling the rule deployment RESTful API from the engine management service.");
try {
- // JSONObject json = JSONObject.fromObject(HttpsUtils.extractResponseEntity(response));
- JSONObject json= JSON.parseObject(HttpsUtils.extractResponseEntity(response));
- return json.get(RuleMgtConstant.PACKAGE).toString();
+ JsonObject json = JsonParser.parseString(HttpsUtils.extractResponseEntity(response)).getAsJsonObject();
+ return json.get(RuleMgtConstant.PACKAGE).getAsString();
} catch (Exception e) {
throw new CorrelationException("Failed to parse the value returned by the engine management service.", e);
}
diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPolling.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPolling.java
index dcd530c..e6bc790 100644
--- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPolling.java
+++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPolling.java
@@ -1,5 +1,5 @@
/**
- * Copyright 2017 ZTE Corporation.
+ * Copyright 2017-2020 ZTE Corporation.
* <p>
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
* in compliance with the License. You may obtain a copy of the License at
@@ -13,14 +13,8 @@
*/
package org.onap.holmes.rulemgt.dcae;
-import com.alibaba.fastjson.JSONObject;
-
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.util.HashMap;
-import java.util.List;
-import javax.ws.rs.core.MediaType;
+import com.google.gson.Gson;
import lombok.extern.slf4j.Slf4j;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpDelete;
@@ -39,6 +33,12 @@ import org.onap.holmes.rulemgt.bean.request.RuleCreateRequest;
import org.onap.holmes.rulemgt.bean.response.RuleQueryListResponse;
import org.onap.holmes.rulemgt.bean.response.RuleResult4API;
+import javax.ws.rs.core.MediaType;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.util.HashMap;
+import java.util.List;
+
@Slf4j
public class DcaeConfigurationPolling implements Runnable {
@@ -106,7 +106,7 @@ public class DcaeConfigurationPolling implements Runnable {
httpClient = HttpsUtils.getConditionalHttpsClient(HttpsUtils.DEFUALT_TIMEOUT);
HttpResponse httpResponse = HttpsUtils.get(httpGet, headers, httpClient);
String response = HttpsUtils.extractResponseEntity(httpResponse);
- return JSONObject.parseObject(response, RuleQueryListResponse.class);
+ return GsonUtil.jsonToBean(response, RuleQueryListResponse.class);
} finally {
httpGet.releaseConnection();
closeHttpClient(httpClient);
diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPollingTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPollingTest.java
index 53e60c8..6b640b2 100644
--- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPollingTest.java
+++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/dcae/DcaeConfigurationPollingTest.java
@@ -1,5 +1,5 @@
/**
- * Copyright 2017 ZTE Corporation.
+ * Copyright 2017-2020 ZTE Corporation.
* <p>
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -15,7 +15,6 @@
*/
package org.onap.holmes.rulemgt.dcae;
-import com.alibaba.fastjson.JSONObject;
import org.apache.http.HttpResponse;
import org.apache.http.StatusLine;
import org.apache.http.client.methods.HttpDelete;
@@ -31,6 +30,7 @@ import org.junit.runner.RunWith;
import org.onap.holmes.common.dcae.DcaeConfigurationQuery;
import org.onap.holmes.common.dcae.entity.DcaeConfigurations;
import org.onap.holmes.common.dcae.entity.Rule;
+import org.onap.holmes.common.utils.GsonUtil;
import org.onap.holmes.common.utils.HttpsUtils;
import org.onap.holmes.rulemgt.bean.response.RuleQueryListResponse;
import org.onap.holmes.rulemgt.bean.response.RuleResult4API;
@@ -82,7 +82,7 @@ public class DcaeConfigurationPollingTest {
expect(HttpsUtils.getConditionalHttpsClient(30000)).andReturn(clientMock);
expect(HttpsUtils.get(anyObject(HttpGet.class), anyObject(HashMap.class), anyObject(CloseableHttpClient.class)))
.andReturn(httpResponseMock);
- expect(HttpsUtils.extractResponseEntity(httpResponseMock)).andReturn(JSONObject.toJSONString(ruleQueryListResponse));
+ expect(HttpsUtils.extractResponseEntity(httpResponseMock)).andReturn(GsonUtil.beanToJson(ruleQueryListResponse));
clientMock.close();
expectLastCall();