From ce764eb74e8c3cb143ddb31cce8b0af785d1b8a2 Mon Sep 17 00:00:00 2001 From: GuangrongFu Date: Fri, 14 Aug 2020 09:15:57 +0800 Subject: Tried to Fix Some Vulnerability Issues Change-Id: I240abe1ccb8c50d10069c083a0e6ceb0f5bf49c0 Issue-ID: HOLMES-345 Signed-off-by: GuangrongFu --- .../org/onap/holmes/rulemgt/RuleActiveApp.java | 1 - .../java/org/onap/holmes/rulemgt/msb/MsbQuery.java | 68 ++++++++-------------- .../holmes/rulemgt/resources/RuleMgtResources.java | 22 +++---- .../rulemgt/bolt/enginebolt/EngineServiceTest.java | 22 +++---- .../rulemgt/bolt/enginebolt/EngineWrapperTest.java | 17 +++--- .../holmes/rulemgt/wrapper/RuleMgtWrapperTest.java | 6 +- 6 files changed, 56 insertions(+), 80 deletions(-) (limited to 'rulemgt/src') diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java index 21855f8..c839b5a 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/RuleActiveApp.java @@ -51,7 +51,6 @@ public class RuleActiveApp extends IOCApplication { public void run(RuleAppConfig configuration, Environment environment) throws Exception { super.run(configuration, environment); - environment.jersey().register(new RuleMgtResources()); try { new MSBRegisterUtil().register2Msb(createMicroServiceInfo()); } catch (CorrelationException e) { diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java index 51ed0f2..df0783d 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/msb/MsbQuery.java @@ -1,5 +1,5 @@ /** - * Copyright 2017 ZTE Corporation. + * Copyright 2017-2020 ZTE Corporation. *

* Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,73 +15,55 @@ */ package org.onap.holmes.rulemgt.msb; -import lombok.extern.slf4j.Slf4j; -import org.glassfish.hk2.api.ServiceLocator; import org.onap.holmes.common.dropwizard.ioc.utils.ServiceLocatorHolder; -import org.onap.holmes.rulemgt.send.RuleAllocator; import org.onap.holmes.rulemgt.send.Ip4AddingRule; -import org.onap.holmes.rulemgt.wrapper.RuleMgtWrapper; +import org.onap.holmes.rulemgt.send.RuleAllocator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import java.util.List; import java.util.Timer; import java.util.TimerTask; +import static java.util.concurrent.TimeUnit.SECONDS; -@Slf4j public class MsbQuery { - private RuleAllocator ruleAllocator; - + static final private Logger log = LoggerFactory.getLogger(MsbQuery.class); + final private RuleAllocator ruleAllocator; private Ip4AddingRule ip4AddingRule; - private EngineInsQueryTool engineInsQueryTool; - private RuleMgtWrapper ruleMgtWrapper; - - private List timerIpList; - public MsbQuery() { ruleAllocator = new RuleAllocator(); - - ServiceLocator locator = ServiceLocatorHolder.getLocator(); - ip4AddingRule = locator.getService(Ip4AddingRule.class); - engineInsQueryTool = locator.getService(EngineInsQueryTool.class); - ruleMgtWrapper = locator.getService(RuleMgtWrapper.class); + ip4AddingRule = ServiceLocatorHolder.getLocator().getService(Ip4AddingRule.class); + engineInsQueryTool = ServiceLocatorHolder.getLocator().getService(EngineInsQueryTool.class); } public void startTimer() { try { - timer(); + new Timer().schedule(new TimerTask() { + + public void run() { + try { + List timerIpList = engineInsQueryTool.getInstanceList(); + log.info(String.format("There are %d engine instance(s) running currently.", timerIpList.size())); + + ip4AddingRule.setIpList(timerIpList); + ruleAllocator.allocateRules(timerIpList); + } catch (Exception e) { + log.error("The timing query engine instance failed ", e); + } + } + + }, SECONDS.toMillis(10), SECONDS.toMillis(30)); } catch (Exception e) { log.error("MSBQuery startTimer timer task failed !" + e.getMessage(), e); try { - Thread.sleep(30000); + SECONDS.sleep(30); } catch (InterruptedException e1) { Thread.currentThread().interrupt(); } } - - - } - - public void timer() throws Exception { - Timer timer = new Timer(); - timer.schedule(new TimerTask() { - - public void run() { - try { - timerIpList = engineInsQueryTool.getInstanceList(); - log.info(String.format("There are %d engine instance(s) running currently.", timerIpList.size())); - - ip4AddingRule.setIpList(timerIpList); - ruleAllocator.allocateRules(timerIpList); - } catch (Exception e) { - log.error("The timing query engine instance failed ", e); - } - } - - }, 10000, 30000); - } - } diff --git a/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java b/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java index 8e5b7a0..445c2f9 100644 --- a/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java +++ b/rulemgt/src/main/java/org/onap/holmes/rulemgt/resources/RuleMgtResources.java @@ -1,5 +1,5 @@ /** - * Copyright 2017 ZTE Corporation. + * Copyright 2017-2020 ZTE Corporation. * * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. You may obtain a copy of the License at @@ -18,19 +18,6 @@ import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.SwaggerDefinition; -import java.util.Locale; -import javax.inject.Inject; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.DELETE; -import javax.ws.rs.GET; -import javax.ws.rs.POST; -import javax.ws.rs.PUT; -import javax.ws.rs.Path; -import javax.ws.rs.PathParam; -import javax.ws.rs.Produces; -import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.MediaType; import lombok.extern.slf4j.Slf4j; import org.jvnet.hk2.annotations.Service; import org.onap.holmes.common.exception.CorrelationException; @@ -47,6 +34,13 @@ import org.onap.holmes.rulemgt.bean.response.RuleQueryListResponse; import org.onap.holmes.rulemgt.constant.RuleMgtConstant; import org.onap.holmes.rulemgt.wrapper.RuleMgtWrapper; +import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.*; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.MediaType; +import java.util.Locale; + @Service @SwaggerDefinition @Path("/rule") diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java index 82e51a5..91be5d3 100644 --- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java +++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineServiceTest.java @@ -1,12 +1,12 @@ /** * Copyright 2017 ZTE Corporation. - * + *

* Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * + *

+ * http://www.apache.org/licenses/LICENSE-2.0 + *

* Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -18,10 +18,6 @@ package org.onap.holmes.rulemgt.bolt.enginebolt; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.equalTo; - -import java.util.HashMap; import org.apache.http.HttpResponse; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.impl.client.CloseableHttpClient; @@ -30,22 +26,28 @@ import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; +import org.junit.runner.RunWith; import org.onap.holmes.common.utils.HttpsUtils; import org.onap.holmes.rulemgt.bean.request.CorrelationDeployRule4Engine; import org.powermock.api.easymock.PowerMock; import org.powermock.core.classloader.annotations.PowerMockIgnore; import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; import org.powermock.modules.junit4.rule.PowerMockRule; import org.powermock.reflect.Whitebox; +import java.util.HashMap; + +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.equalTo; + @PrepareForTest({HttpClients.class, CloseableHttpClient.class, HttpsUtils.class}) @PowerMockIgnore("javax.net.ssl.*") +@RunWith(PowerMockRunner.class) public class EngineServiceTest { @Rule public ExpectedException thrown = ExpectedException.none(); - @Rule - public PowerMockRule powerMockRule = new PowerMockRule(); private EngineService engineService; private HttpResponse httpResponseMock; private CloseableHttpClient closeableHttpClient; diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java index 0664db7..0dd2fbd 100644 --- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java +++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/bolt/enginebolt/EngineWrapperTest.java @@ -17,9 +17,6 @@ package org.onap.holmes.rulemgt.bolt.enginebolt; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.equalTo; - import org.apache.http.HttpResponse; import org.apache.http.StatusLine; import org.easymock.EasyMock; @@ -28,16 +25,18 @@ import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; import org.junit.runner.RunWith; +import org.onap.holmes.common.exception.CorrelationException; import org.onap.holmes.common.utils.HttpsUtils; import org.onap.holmes.rulemgt.bean.request.CorrelationCheckRule4Engine; import org.onap.holmes.rulemgt.bean.request.CorrelationDeployRule4Engine; -import org.onap.holmes.common.exception.CorrelationException; import org.powermock.api.easymock.PowerMock; -import org.powermock.api.mockito.PowerMockito; import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; import org.powermock.reflect.Whitebox; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.equalTo; + @PrepareForTest({EngineWrapper.class, EngineService.class, HttpsUtils.class, HttpResponse.class, StatusLine.class}) @RunWith(PowerMockRunner.class) @@ -97,7 +96,7 @@ public class EngineWrapperTest { public void deployEngine_parse_content_exception() throws Exception { PowerMock.resetAll(); String content = ""; - PowerMockito.mockStatic(HttpsUtils.class); + PowerMock.mockStatic(HttpsUtils.class); thrown.expect(CorrelationException.class); thrown.expectMessage( "Failed to parse the value returned by the engine management service."); @@ -107,7 +106,7 @@ public class EngineWrapperTest { .andReturn(httpResponse); EasyMock.expect(httpResponse.getStatusLine()).andReturn(statusLineMock); EasyMock.expect(statusLineMock.getStatusCode()).andReturn(200); - PowerMockito.when(HttpsUtils.extractResponseEntity(httpResponse)).thenReturn(content); + EasyMock.expect(HttpsUtils.extractResponseEntity(httpResponse)).andReturn(content); PowerMock.replayAll(); engineWrapper.deployEngine(new CorrelationDeployRule4Engine(),"10.96.33.34"); @@ -119,14 +118,14 @@ public class EngineWrapperTest { public void deployEngine_success() throws Exception { PowerMock.resetAll(); String content = "{\"packageName\":\"test\"}"; - PowerMockito.mockStatic(HttpsUtils.class); + PowerMock.mockStatic(HttpsUtils.class); EasyMock.expect( engineServiceMock.deploy(EasyMock.anyObject(CorrelationDeployRule4Engine.class), EasyMock.anyObject(String.class))) .andReturn(httpResponse); EasyMock.expect(httpResponse.getStatusLine()).andReturn(statusLineMock); EasyMock.expect(statusLineMock.getStatusCode()).andReturn(200); - PowerMockito.when(HttpsUtils.extractResponseEntity(httpResponse)).thenReturn(content); + EasyMock.expect(HttpsUtils.extractResponseEntity(httpResponse)).andReturn(content); PowerMock.replayAll(); String result = engineWrapper.deployEngine(new CorrelationDeployRule4Engine(),"10.96.33.34"); diff --git a/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java b/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java index 90384ce..7033aff 100644 --- a/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java +++ b/rulemgt/src/test/java/org/onap/holmes/rulemgt/wrapper/RuleMgtWrapperTest.java @@ -22,6 +22,7 @@ import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; +import org.junit.runner.RunWith; import org.onap.holmes.common.api.entity.CorrelationRule; import org.onap.holmes.common.exception.CorrelationException; import org.onap.holmes.common.utils.DbDaoUtil; @@ -33,7 +34,7 @@ import org.onap.holmes.rulemgt.db.CorrelationRuleDao; import org.onap.holmes.rulemgt.db.CorrelationRuleQueryDao; import org.onap.holmes.rulemgt.send.Ip4AddingRule; import org.powermock.api.easymock.PowerMock; -import org.powermock.modules.junit4.rule.PowerMockRule; +import org.powermock.modules.junit4.PowerMockRunner; import org.powermock.reflect.Whitebox; import java.util.ArrayList; @@ -44,12 +45,11 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.is; +@RunWith(PowerMockRunner.class) public class RuleMgtWrapperTest { @Rule public ExpectedException thrown = ExpectedException.none(); - @Rule - public PowerMockRule powerMockRule = new PowerMockRule(); private RuleMgtWrapper ruleMgtWrapper; -- cgit 1.2.3-korg