diff options
author | Liam Fallon <liam.fallon@est.tech> | 2019-09-16 12:57:34 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2019-09-16 12:57:34 +0000 |
commit | cc1e7963d70b8dcf99ae7bdaecf1dd81e8a78e97 (patch) | |
tree | c9f6d9b6485f2ecb86eb0943933fb0e1a72f1576 | |
parent | d7d9df65e10edf260f5435335781dfc85939207c (diff) | |
parent | 88f175903e93e138687b5fbfe5140831df5440c2 (diff) |
Merge "Disable Jython Excutor for security"
8 files changed, 32 insertions, 24 deletions
diff --git a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/EngineParameterConstants.java b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/EngineParameterConstants.java index 96a83f3a6..1ac0ef6c2 100644 --- a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/EngineParameterConstants.java +++ b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/EngineParameterConstants.java @@ -5,15 +5,15 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - * + * * SPDX-License-Identifier: Apache-2.0 * ============LICENSE_END========================================================= */ diff --git a/packages/apex-pdp-package-full/pom.xml b/packages/apex-pdp-package-full/pom.xml index 277480abf..b9b0613d6 100644 --- a/packages/apex-pdp-package-full/pom.xml +++ b/packages/apex-pdp-package-full/pom.xml @@ -120,11 +120,12 @@ <artifactId>plugins-executor-jruby</artifactId> <version>${project.version}</version> </dependency> - <dependency> + <!-- Jython support disabled due to security concerns --> + <!-- dependency> <groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId> <artifactId>plugins-executor-jython</artifactId> <version>${project.version}</version> - </dependency> + </dependency--> <dependency> <groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId> <artifactId>plugins-executor-mvel</artifactId> diff --git a/plugins/plugins-executor/plugins-executor-jython/pom.xml b/plugins/plugins-executor/plugins-executor-jython/pom.xml index 82c9be665..9c92b67cd 100644 --- a/plugins/plugins-executor/plugins-executor-jython/pom.xml +++ b/plugins/plugins-executor/plugins-executor-jython/pom.xml @@ -17,7 +17,8 @@ SPDX-License-Identifier: Apache-2.0 ============LICENSE_END========================================================= --> -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId> diff --git a/plugins/plugins-executor/pom.xml b/plugins/plugins-executor/pom.xml index fe3e5b768..711bd0f03 100644 --- a/plugins/plugins-executor/pom.xml +++ b/plugins/plugins-executor/pom.xml @@ -44,7 +44,7 @@ <module>plugins-executor-java</module> <module>plugins-executor-javascript</module> <module>plugins-executor-jruby</module> - <module>plugins-executor-jython</module> + <!--module>plugins-executor-jython</module--> <module>plugins-executor-mvel</module> </modules> @@ -238,7 +238,8 @@ <adsite-plugins-executor-java-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-java/src</adsite-plugins-executor-java-dir> <adsite-plugins-executor-javascript-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-javascript/src</adsite-plugins-executor-javascript-dir> <adsite-plugins-executor-jruby-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-jruby/src</adsite-plugins-executor-jruby-dir> - <adsite-plugins-executor-jython-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-jython/src</adsite-plugins-executor-jython-dir> + <!-- Jython support disabled due to security concerns --> + <!-- adsite-plugins-executor-jython-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-jython/src</adsite-plugins-executor-jython-dir--> <adsite-plugins-executor-mvel-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-mvel/src</adsite-plugins-executor-mvel-dir> <adsite-services-engine-dir>${project.basedir}/services/services-engine/src</adsite-services-engine-dir> diff --git a/testsuites/integration/integration-executor-test/pom.xml b/testsuites/integration/integration-executor-test/pom.xml index fb0299178..bca011612 100644 --- a/testsuites/integration/integration-executor-test/pom.xml +++ b/testsuites/integration/integration-executor-test/pom.xml @@ -54,12 +54,13 @@ <version>${project.version}</version> <scope>test</scope> </dependency> - <dependency> + <!-- Jython support disabled due to security concerns --> + <!-- dependency> <groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId> <artifactId>plugins-executor-jython</artifactId> <version>${project.version}</version> <scope>test</scope> - </dependency> + </dependency--> <dependency> <groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId> <artifactId>plugins-executor-javascript</artifactId> diff --git a/testsuites/integration/integration-executor-test/src/test/java/org/onap/policy/apex/testsuites/integration/executor/engine/TestApexEngineJython.java b/testsuites/integration/integration-executor-test/src/test/java/org/onap/policy/apex/testsuites/integration/executor/engine/TestApexEngineJython.java index 12a28e293..088d04fd7 100644 --- a/testsuites/integration/integration-executor-test/src/test/java/org/onap/policy/apex/testsuites/integration/executor/engine/TestApexEngineJython.java +++ b/testsuites/integration/integration-executor-test/src/test/java/org/onap/policy/apex/testsuites/integration/executor/engine/TestApexEngineJython.java @@ -5,15 +5,15 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - * + * * SPDX-License-Identifier: Apache-2.0 * ============LICENSE_END========================================================= */ @@ -32,11 +32,14 @@ import org.onap.policy.apex.context.parameters.SchemaParameters; import org.onap.policy.apex.core.engine.EngineParameters; import org.onap.policy.apex.core.infrastructure.threading.ThreadUtilities; import org.onap.policy.apex.model.basicmodel.concepts.ApexException; -import org.onap.policy.apex.plugins.executor.jython.JythonExecutorParameters; +import org.onap.policy.apex.plugins.executor.javascript.JavascriptExecutorParameters; import org.onap.policy.common.parameters.ParameterService; /** - * The Class TestApexEngineJython. + * The Class TestApexEngineJython should be the test class for the Jython interpreter. + * + * <p>It actually reruns the javascript tests as a placeholder until the Jython security issues are resolved. + * */ public class TestApexEngineJython { private SchemaParameters schemaParameters; @@ -49,12 +52,12 @@ public class TestApexEngineJython { @Before public void beforeTest() { schemaParameters = new SchemaParameters(); - + schemaParameters.setName(ContextParameterConstants.SCHEMA_GROUP_NAME); schemaParameters.getSchemaHelperParameterMap().put("JAVA", new JavaSchemaHelperParameters()); ParameterService.register(schemaParameters); - + contextParameters = new ContextParameters(); contextParameters.setName(ContextParameterConstants.MAIN_GROUP_NAME); @@ -66,9 +69,9 @@ public class TestApexEngineJython { ParameterService.register(contextParameters.getDistributorParameters()); ParameterService.register(contextParameters.getLockManagerParameters()); ParameterService.register(contextParameters.getPersistorParameters()); - + engineParameters = new EngineParameters(); - engineParameters.getExecutorParameterMap().put("JYTHON", new JythonExecutorParameters()); + engineParameters.getExecutorParameterMap().put("JAVASCRIPT", new JavascriptExecutorParameters()); ParameterService.register(engineParameters); } @@ -78,7 +81,7 @@ public class TestApexEngineJython { @After public void afterTest() { ParameterService.deregister(engineParameters); - + ParameterService.deregister(contextParameters.getDistributorParameters()); ParameterService.deregister(contextParameters.getLockManagerParameters()); ParameterService.deregister(contextParameters.getPersistorParameters()); @@ -96,8 +99,8 @@ public class TestApexEngineJython { */ @Test public void testApexEngineJython() throws ApexException, InterruptedException, IOException { - new TestApexEngine("JYTHON", engineParameters); + new TestApexEngine("JAVASCRIPT", engineParameters); ThreadUtilities.sleep(5000); - new TestApexEngine("JYTHON", engineParameters); + new TestApexEngine("JAVASCRIPT", engineParameters); } } diff --git a/testsuites/performance/performance-benchmark-test/pom.xml b/testsuites/performance/performance-benchmark-test/pom.xml index e852d223a..f0358d1e8 100644 --- a/testsuites/performance/performance-benchmark-test/pom.xml +++ b/testsuites/performance/performance-benchmark-test/pom.xml @@ -73,12 +73,13 @@ <version>${project.version}</version> <scope>test</scope> </dependency> - <dependency> + <!-- Jython support disabled due to security concerns --> + <!-- dependency> <groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId> <artifactId>plugins-executor-jython</artifactId> <version>${project.version}</version> <scope>test</scope> - </dependency> + </dependency--> <dependency> <groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId> <artifactId>plugins-executor-java</artifactId> |