diff options
author | ramverma <ram.krishna.verma@ericsson.com> | 2018-08-02 12:50:09 +0100 |
---|---|---|
committer | ramverma <ram.krishna.verma@ericsson.com> | 2018-08-02 12:50:35 +0100 |
commit | e4da736f34d7f1fc91fb1370d29f927a9e2ebe2d (patch) | |
tree | eb8bdb7dfec67512a38e373d0ae16c2a5a103f73 | |
parent | 9e318f20f2e64970bf3c2e3a5532c516231a6f8a (diff) |
Fixing sonar vulnerabilities in apex-pdp
Changed the Console class to use logger only for printing stack trace,
as the class is meant to be used for CLI usage.
Changed the CLIParser to use Console class for printing messages.
Changed the client-editor to be hosted on localhost by default, to follow
the same what others clients (deployment, monitoring & client full) are doing.
Change-Id: I6565b4b35a93b3708b926bfee04d79ead6b5346e
Issue-ID: POLICY-954
Signed-off-by: ramverma <ram.krishna.verma@ericsson.com>
5 files changed, 38 insertions, 37 deletions
diff --git a/client/client-editor/src/main/java/org/onap/policy/apex/client/editor/rest/ApexEditorParameterParser.java b/client/client-editor/src/main/java/org/onap/policy/apex/client/editor/rest/ApexEditorParameterParser.java index 32ebfba9a..beb589dca 100644 --- a/client/client-editor/src/main/java/org/onap/policy/apex/client/editor/rest/ApexEditorParameterParser.java +++ b/client/client-editor/src/main/java/org/onap/policy/apex/client/editor/rest/ApexEditorParameterParser.java @@ -55,9 +55,9 @@ public class ApexEditorParameterParser { .desc("the amount of time in seconds that the server will run for before terminating. " + "Default value is " + ApexEditorParameters.INFINITY_TIME_TO_LIVE + " to run indefinitely.") .hasArg().argName("TIME_TO_LIVE").required(false).type(Number.class).build()); - options.addOption(Option.builder("l").longOpt("listen").desc("the IP address to listen on. Default value is " - + ApexEditorParameters.DEFAULT_SERVER_URI_ROOT + " " - + "to listen on all available addresses. Use value 'localhost' to restrict access to the local machine only.") + options.addOption(Option.builder("l").longOpt("listen") + .desc("the IP address to listen on. Default value is " + ApexEditorParameters.DEFAULT_SERVER_URI_ROOT + + " to restrict access to the local machine only.") .hasArg().argName("ADDRESS").required(false).type(String.class).build()); } diff --git a/client/client-editor/src/main/java/org/onap/policy/apex/client/editor/rest/ApexEditorParameters.java b/client/client-editor/src/main/java/org/onap/policy/apex/client/editor/rest/ApexEditorParameters.java index 16afcd161..e0a2cf727 100644 --- a/client/client-editor/src/main/java/org/onap/policy/apex/client/editor/rest/ApexEditorParameters.java +++ b/client/client-editor/src/main/java/org/onap/policy/apex/client/editor/rest/ApexEditorParameters.java @@ -37,8 +37,8 @@ public class ApexEditorParameters { // Base URI the HTTP server will listen on private static final String DEFAULT_SERVER_URI_PREFIX = "http://"; - /** The server listens on all available interfaces/addresses. */ - public static final String DEFAULT_SERVER_URI_ROOT = "0.0.0.0"; + /** The server listens on localhost by default. */ + public static final String DEFAULT_SERVER_URI_ROOT = "localhost"; private static final String DEFAULT_REST_PATH = "/apexservices/"; private static final String DEFAULT_STATIC_PATH = "/"; diff --git a/client/client-editor/src/test/java/org/onap/policy/apex/client/editor/rest/TestApexEditorStartup.java b/client/client-editor/src/test/java/org/onap/policy/apex/client/editor/rest/TestApexEditorStartup.java index 0ae54e5af..d61d43b01 100644 --- a/client/client-editor/src/test/java/org/onap/policy/apex/client/editor/rest/TestApexEditorStartup.java +++ b/client/client-editor/src/test/java/org/onap/policy/apex/client/editor/rest/TestApexEditorStartup.java @@ -48,13 +48,13 @@ public class TestApexEditorStartup { final String outString = runEditor(args); assertTrue(outString.startsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:18989/apexservices/, TTL=-1sec], " - + "State=READY) starting at http://0.0.0.0:18989/apexservices/")); + + "Config=[ApexEditorParameters: URI=http://localhost:18989/apexservices/, TTL=-1sec], " + + "State=READY) starting at http://localhost:18989/apexservices/")); assertTrue(outString.contains("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:18989/apexservices/, TTL=-1sec], " - + "State=RUNNING) started at http://0.0.0.0:18989/apexservices/")); + + "Config=[ApexEditorParameters: URI=http://localhost:18989/apexservices/, TTL=-1sec], " + + "State=RUNNING) started at http://localhost:18989/apexservices/")); assertTrue(outString.replaceAll("[\\r?\\n]+", " ").endsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:18989/apexservices/, TTL=-1sec], State=STOPPED) shut down ")); + + "Config=[ApexEditorParameters: URI=http://localhost:18989/apexservices/, TTL=-1sec], State=STOPPED) shut down ")); } /** @@ -207,13 +207,13 @@ public class TestApexEditorStartup { final String outString = runEditor(args); assertTrue(outString.startsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:12321/apexservices/, TTL=-1sec], " - + "State=READY) starting at http://0.0.0.0:12321/apexservices/")); + + "Config=[ApexEditorParameters: URI=http://localhost:12321/apexservices/, TTL=-1sec], " + + "State=READY) starting at http://localhost:12321/apexservices/")); assertTrue(outString.contains("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:12321/apexservices/, TTL=-1sec], " - + "State=RUNNING) started at http://0.0.0.0:12321/apexservices/")); + + "Config=[ApexEditorParameters: URI=http://localhost:12321/apexservices/, TTL=-1sec], " + + "State=RUNNING) started at http://localhost:12321/apexservices/")); assertTrue(outString.replaceAll("[\\r?\\n]+", " ").endsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:12321/apexservices/, TTL=-1sec], State=STOPPED) shut down ")); + + "Config=[ApexEditorParameters: URI=http://localhost:12321/apexservices/, TTL=-1sec], State=STOPPED) shut down ")); } /** @@ -229,13 +229,13 @@ public class TestApexEditorStartup { final String outString = runEditor(args); assertTrue(outString.startsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:12321/apexservices/, TTL=-1sec], " - + "State=READY) starting at http://0.0.0.0:12321/apexservices/")); + + "Config=[ApexEditorParameters: URI=http://localhost:12321/apexservices/, TTL=-1sec], " + + "State=READY) starting at http://localhost:12321/apexservices/")); assertTrue(outString.contains("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:12321/apexservices/, TTL=-1sec], " - + "State=RUNNING) started at http://0.0.0.0:12321/apexservices/")); + + "Config=[ApexEditorParameters: URI=http://localhost:12321/apexservices/, TTL=-1sec], " + + "State=RUNNING) started at http://localhost:12321/apexservices/")); assertTrue(outString.replaceAll("[\\r?\\n]+", " ").endsWith("(ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:12321/apexservices/, TTL=-1sec], State=STOPPED) shut down ")); + + "Config=[ApexEditorParameters: URI=http://localhost:12321/apexservices/, TTL=-1sec], State=STOPPED) shut down ")); } @@ -274,7 +274,7 @@ public class TestApexEditorStartup { } catch (final Exception e) { assertTrue(e.getMessage() .startsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:0/apexservices/, TTL=-1sec], " + + "Config=[ApexEditorParameters: URI=http://localhost:0/apexservices/, TTL=-1sec], " + "State=STOPPED) parameters invalid, port must be between 1024 and 65535")); } } @@ -295,7 +295,7 @@ public class TestApexEditorStartup { } catch (final Exception e) { assertTrue(e.getMessage() .startsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:1023/apexservices/, TTL=-1sec], " + + "Config=[ApexEditorParameters: URI=http://localhost:1023/apexservices/, TTL=-1sec], " + "State=STOPPED) parameters invalid, port must be between 1024 and 65535")); } } @@ -316,7 +316,7 @@ public class TestApexEditorStartup { } catch (final Exception e) { assertTrue(e.getMessage() .startsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:65536/apexservices/, TTL=-1sec], " + + "Config=[ApexEditorParameters: URI=http://localhost:65536/apexservices/, TTL=-1sec], " + "State=STOPPED) parameters invalid, port must be between 1024 and 65535")); } } @@ -334,12 +334,12 @@ public class TestApexEditorStartup { final String outString = runEditor(args); assertTrue(outString.startsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:18989/apexservices/, TTL=10sec], " - + "State=READY) starting at http://0.0.0.0:18989/apexservices/")); + + "Config=[ApexEditorParameters: URI=http://localhost:18989/apexservices/, TTL=10sec], " + + "State=READY) starting at http://localhost:18989/apexservices/")); assertTrue(outString.replaceAll("[\\r?\\n]+", " ").contains("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:18989/apexservices/, TTL=10sec], State=RUNNING) started")); + + "Config=[ApexEditorParameters: URI=http://localhost:18989/apexservices/, TTL=10sec], State=RUNNING) started")); assertTrue(outString.replaceAll("[\\r?\\n]+", " ").endsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:18989/apexservices/, TTL=10sec], State=STOPPED) shut down ")); + + "Config=[ApexEditorParameters: URI=http://localhost:18989/apexservices/, TTL=10sec], State=STOPPED) shut down ")); } /** @@ -376,12 +376,12 @@ public class TestApexEditorStartup { final String outString = runEditor(args); assertTrue(outString.startsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:12321/apexservices/, TTL=10sec], " - + "State=READY) starting at http://0.0.0.0:12321/apexservices/")); + + "Config=[ApexEditorParameters: URI=http://localhost:12321/apexservices/, TTL=10sec], " + + "State=READY) starting at http://localhost:12321/apexservices/")); assertTrue(outString.replaceAll("[\\r?\\n]+", " ").contains("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:12321/apexservices/, TTL=10sec], State=RUNNING) started")); + + "Config=[ApexEditorParameters: URI=http://localhost:12321/apexservices/, TTL=10sec], State=RUNNING) started")); assertTrue(outString.replaceAll("[\\r?\\n]+", " ").endsWith("Apex Editor REST endpoint (ApexEditorMain: " - + "Config=[ApexEditorParameters: URI=http://0.0.0.0:12321/apexservices/, TTL=10sec], State=STOPPED) shut down ")); + + "Config=[ApexEditorParameters: URI=http://localhost:12321/apexservices/, TTL=10sec], State=STOPPED) shut down ")); } diff --git a/tools/tools-common/src/main/java/org/onap/policy/apex/tools/common/CliParser.java b/tools/tools-common/src/main/java/org/onap/policy/apex/tools/common/CliParser.java index 588abfc6b..31692dc21 100644 --- a/tools/tools-common/src/main/java/org/onap/policy/apex/tools/common/CliParser.java +++ b/tools/tools-common/src/main/java/org/onap/policy/apex/tools/common/CliParser.java @@ -81,8 +81,8 @@ public class CliParser { try { cmd = parser.parse(options, args); } catch (final ParseException ex) { - System.err.println("Parsing failed. Reason: " + ex.getMessage()); - ex.printStackTrace(); + Console.CONSOLE.error("Parsing failed, see reason and cause below"); + Console.CONSOLE.stacktrace(ex); } return cmd; } diff --git a/tools/tools-common/src/main/java/org/onap/policy/apex/tools/common/Console.java b/tools/tools-common/src/main/java/org/onap/policy/apex/tools/common/Console.java index 571333147..d76caa333 100644 --- a/tools/tools-common/src/main/java/org/onap/policy/apex/tools/common/Console.java +++ b/tools/tools-common/src/main/java/org/onap/policy/apex/tools/common/Console.java @@ -25,6 +25,7 @@ import java.util.List; import org.apache.commons.lang3.StringUtils; import org.apache.commons.text.StrBuilder; +import org.slf4j.ext.XLoggerFactory; import org.slf4j.helpers.MessageFormatter; /** @@ -326,12 +327,12 @@ public final class Console { if (appName != null) { System.err.print(appName + ": "); } - System.err.println("exception stack trace: "); - System.err.println(" - message: " + exception.getMessage()); + System.err.println(" exception message: " + exception.getMessage()); if (exception.getCause() != null) { - System.err.println(" - cause: " + exception.getCause()); + System.err.println(" exception cause: " + exception.getCause()); } - exception.printStackTrace(); + System.err.println("for exception stack trace, please refer logs."); + XLoggerFactory.getXLogger(Console.class).error("stacktrace", exception); } } |