From 881f14bc8676cedd68e17bd007a869fa85578fa1 Mon Sep 17 00:00:00 2001 From: Thomas Nelson arthudent3 Date: Wed, 19 Jun 2019 22:19:10 +0000 Subject: Some bug fixes and Minor Chages. Remove some Commented out code. Cleaned up Variables. Encryption of passwords added Updated Test Cases Fixed some errors in how they were reported. Reduced Logging clutter Some Vulnerability fixes. Change-Id: I64c7935d167d4a976681b5a18fd51aa667d0cd95 Issue-ID: MUSIC-413 Signed-off-by: Thomas Nelson arthudent3 --- jar/src/main/java/org/onap/music/main/MusicUtil.java | 2 +- .../main/java/org/onap/music/main/PropertiesListener.java | 2 +- .../main/java/org/onap/music/rest/RestMusicDataAPI.java | 14 +++++++++----- 3 files changed, 11 insertions(+), 7 deletions(-) (limited to 'jar/src/main') diff --git a/jar/src/main/java/org/onap/music/main/MusicUtil.java b/jar/src/main/java/org/onap/music/main/MusicUtil.java index 686b0d04..4acc3c5a 100755 --- a/jar/src/main/java/org/onap/music/main/MusicUtil.java +++ b/jar/src/main/java/org/onap/music/main/MusicUtil.java @@ -82,7 +82,7 @@ public class MusicUtil { "all.pubic.ips", "cassandra.user", "cassandra.password", "aaf.endpoint.url" }; private static String cassName = "cassandra"; - private static String cassPwd = "cassandra"; + private static String cassPwd = ""; private static String aafEndpointUrl = null; private static int cassandraPort = 9042; diff --git a/jar/src/main/java/org/onap/music/main/PropertiesListener.java b/jar/src/main/java/org/onap/music/main/PropertiesListener.java index beb88af6..724d3d45 100755 --- a/jar/src/main/java/org/onap/music/main/PropertiesListener.java +++ b/jar/src/main/java/org/onap/music/main/PropertiesListener.java @@ -81,7 +81,7 @@ public class PropertiesListener implements ServletContextListener { break; case "debug": MusicUtil.setDebug(Boolean - .getBoolean(prop.getProperty(key).toLowerCase())); + .parseBoolean(prop.getProperty(key).toLowerCase())); break; case "version": MusicUtil.setVersion(prop.getProperty(key)); diff --git a/jar/src/main/java/org/onap/music/rest/RestMusicDataAPI.java b/jar/src/main/java/org/onap/music/rest/RestMusicDataAPI.java index fc31cd9e..4b29f9a1 100755 --- a/jar/src/main/java/org/onap/music/rest/RestMusicDataAPI.java +++ b/jar/src/main/java/org/onap/music/rest/RestMusicDataAPI.java @@ -218,12 +218,16 @@ public class RestMusicDataAPI { try { queryObject = new PreparedQueryObject(); - queryObject.appendQueryString("CREATE ROLE IF NOT EXISTS '" + userId - + "' WITH PASSWORD = '" + password + "' AND LOGIN = true;"); +// queryObject.appendQueryString("CREATE ROLE IF NOT EXISTS '" + userId +// + "' WITH PASSWORD = '" + password + "' AND LOGIN = true;"); + queryObject.appendQueryString("CREATE ROLE IF NOT EXISTS ? " + + " WITH PASSWORD = ? AND LOGIN = true;"); + queryObject.addValue(userId); + queryObject.addValue(password); MusicCore.nonKeyRelatedPut(queryObject, consistency); queryObject = new PreparedQueryObject(); queryObject.appendQueryString("GRANT ALL PERMISSIONS on KEYSPACE " + keyspaceName - + " to '" + userId + "'"); + + " to '" + userId + "'"); queryObject.appendQueryString(";"); MusicCore.nonKeyRelatedPut(queryObject, consistency); } catch (Exception e) { @@ -235,8 +239,8 @@ public class RestMusicDataAPI { String hashedpwd = BCrypt.hashpw(password, BCrypt.gensalt()); queryObject = new PreparedQueryObject(); queryObject.appendQueryString( - "INSERT into admin.keyspace_master (uuid, keyspace_name, application_name, is_api, " - + "password, username, is_aaf) values (?,?,?,?,?,?,?)"); + "INSERT into admin.keyspace_master (uuid, keyspace_name, application_name, is_api, " + + "password, username, is_aaf) values (?,?,?,?,?,?,?)"); queryObject.addValue(MusicUtil.convertToActualDataType(DataType.uuid(), newAid)); queryObject.addValue(MusicUtil.convertToActualDataType(DataType.text(), keyspaceName)); queryObject.addValue(MusicUtil.convertToActualDataType(DataType.text(), ns)); -- cgit 1.2.3-korg