aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLiam Fallon <liam.fallon@est.tech>2019-09-16 12:57:34 +0000
committerGerrit Code Review <gerrit@onap.org>2019-09-16 12:57:34 +0000
commitcc1e7963d70b8dcf99ae7bdaecf1dd81e8a78e97 (patch)
treec9f6d9b6485f2ecb86eb0943933fb0e1a72f1576
parentd7d9df65e10edf260f5435335781dfc85939207c (diff)
parent88f175903e93e138687b5fbfe5140831df5440c2 (diff)
Merge "Disable Jython Excutor for security"
-rw-r--r--core/core-engine/src/main/java/org/onap/policy/apex/core/engine/EngineParameterConstants.java6
-rw-r--r--packages/apex-pdp-package-full/pom.xml5
-rw-r--r--plugins/plugins-executor/plugins-executor-jython/pom.xml3
-rw-r--r--plugins/plugins-executor/pom.xml2
-rw-r--r--pom.xml3
-rw-r--r--testsuites/integration/integration-executor-test/pom.xml5
-rw-r--r--testsuites/integration/integration-executor-test/src/test/java/org/onap/policy/apex/testsuites/integration/executor/engine/TestApexEngineJython.java27
-rw-r--r--testsuites/performance/performance-benchmark-test/pom.xml5
8 files changed, 32 insertions, 24 deletions
diff --git a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/EngineParameterConstants.java b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/EngineParameterConstants.java
index 96a83f3a6..1ac0ef6c2 100644
--- a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/EngineParameterConstants.java
+++ b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/EngineParameterConstants.java
@@ -5,15 +5,15 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- *
+ *
* SPDX-License-Identifier: Apache-2.0
* ============LICENSE_END=========================================================
*/
diff --git a/packages/apex-pdp-package-full/pom.xml b/packages/apex-pdp-package-full/pom.xml
index 277480abf..b9b0613d6 100644
--- a/packages/apex-pdp-package-full/pom.xml
+++ b/packages/apex-pdp-package-full/pom.xml
@@ -120,11 +120,12 @@
<artifactId>plugins-executor-jruby</artifactId>
<version>${project.version}</version>
</dependency>
- <dependency>
+ <!-- Jython support disabled due to security concerns -->
+ <!-- dependency>
<groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId>
<artifactId>plugins-executor-jython</artifactId>
<version>${project.version}</version>
- </dependency>
+ </dependency-->
<dependency>
<groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId>
<artifactId>plugins-executor-mvel</artifactId>
diff --git a/plugins/plugins-executor/plugins-executor-jython/pom.xml b/plugins/plugins-executor/plugins-executor-jython/pom.xml
index 82c9be665..9c92b67cd 100644
--- a/plugins/plugins-executor/plugins-executor-jython/pom.xml
+++ b/plugins/plugins-executor/plugins-executor-jython/pom.xml
@@ -17,7 +17,8 @@
SPDX-License-Identifier: Apache-2.0
============LICENSE_END=========================================================
-->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId>
diff --git a/plugins/plugins-executor/pom.xml b/plugins/plugins-executor/pom.xml
index fe3e5b768..711bd0f03 100644
--- a/plugins/plugins-executor/pom.xml
+++ b/plugins/plugins-executor/pom.xml
@@ -44,7 +44,7 @@
<module>plugins-executor-java</module>
<module>plugins-executor-javascript</module>
<module>plugins-executor-jruby</module>
- <module>plugins-executor-jython</module>
+ <!--module>plugins-executor-jython</module-->
<module>plugins-executor-mvel</module>
</modules>
diff --git a/pom.xml b/pom.xml
index 830af4134..309f41d0f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -238,7 +238,8 @@
<adsite-plugins-executor-java-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-java/src</adsite-plugins-executor-java-dir>
<adsite-plugins-executor-javascript-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-javascript/src</adsite-plugins-executor-javascript-dir>
<adsite-plugins-executor-jruby-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-jruby/src</adsite-plugins-executor-jruby-dir>
- <adsite-plugins-executor-jython-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-jython/src</adsite-plugins-executor-jython-dir>
+ <!-- Jython support disabled due to security concerns -->
+ <!-- adsite-plugins-executor-jython-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-jython/src</adsite-plugins-executor-jython-dir-->
<adsite-plugins-executor-mvel-dir>${project.basedir}/plugins/plugins-executor/plugins-executor-mvel/src</adsite-plugins-executor-mvel-dir>
<adsite-services-engine-dir>${project.basedir}/services/services-engine/src</adsite-services-engine-dir>
diff --git a/testsuites/integration/integration-executor-test/pom.xml b/testsuites/integration/integration-executor-test/pom.xml
index fb0299178..bca011612 100644
--- a/testsuites/integration/integration-executor-test/pom.xml
+++ b/testsuites/integration/integration-executor-test/pom.xml
@@ -54,12 +54,13 @@
<version>${project.version}</version>
<scope>test</scope>
</dependency>
- <dependency>
+ <!-- Jython support disabled due to security concerns -->
+ <!-- dependency>
<groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId>
<artifactId>plugins-executor-jython</artifactId>
<version>${project.version}</version>
<scope>test</scope>
- </dependency>
+ </dependency-->
<dependency>
<groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId>
<artifactId>plugins-executor-javascript</artifactId>
diff --git a/testsuites/integration/integration-executor-test/src/test/java/org/onap/policy/apex/testsuites/integration/executor/engine/TestApexEngineJython.java b/testsuites/integration/integration-executor-test/src/test/java/org/onap/policy/apex/testsuites/integration/executor/engine/TestApexEngineJython.java
index 12a28e293..088d04fd7 100644
--- a/testsuites/integration/integration-executor-test/src/test/java/org/onap/policy/apex/testsuites/integration/executor/engine/TestApexEngineJython.java
+++ b/testsuites/integration/integration-executor-test/src/test/java/org/onap/policy/apex/testsuites/integration/executor/engine/TestApexEngineJython.java
@@ -5,15 +5,15 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- *
+ *
* SPDX-License-Identifier: Apache-2.0
* ============LICENSE_END=========================================================
*/
@@ -32,11 +32,14 @@ import org.onap.policy.apex.context.parameters.SchemaParameters;
import org.onap.policy.apex.core.engine.EngineParameters;
import org.onap.policy.apex.core.infrastructure.threading.ThreadUtilities;
import org.onap.policy.apex.model.basicmodel.concepts.ApexException;
-import org.onap.policy.apex.plugins.executor.jython.JythonExecutorParameters;
+import org.onap.policy.apex.plugins.executor.javascript.JavascriptExecutorParameters;
import org.onap.policy.common.parameters.ParameterService;
/**
- * The Class TestApexEngineJython.
+ * The Class TestApexEngineJython should be the test class for the Jython interpreter.
+ *
+ * <p>It actually reruns the javascript tests as a placeholder until the Jython security issues are resolved.
+ *
*/
public class TestApexEngineJython {
private SchemaParameters schemaParameters;
@@ -49,12 +52,12 @@ public class TestApexEngineJython {
@Before
public void beforeTest() {
schemaParameters = new SchemaParameters();
-
+
schemaParameters.setName(ContextParameterConstants.SCHEMA_GROUP_NAME);
schemaParameters.getSchemaHelperParameterMap().put("JAVA", new JavaSchemaHelperParameters());
ParameterService.register(schemaParameters);
-
+
contextParameters = new ContextParameters();
contextParameters.setName(ContextParameterConstants.MAIN_GROUP_NAME);
@@ -66,9 +69,9 @@ public class TestApexEngineJython {
ParameterService.register(contextParameters.getDistributorParameters());
ParameterService.register(contextParameters.getLockManagerParameters());
ParameterService.register(contextParameters.getPersistorParameters());
-
+
engineParameters = new EngineParameters();
- engineParameters.getExecutorParameterMap().put("JYTHON", new JythonExecutorParameters());
+ engineParameters.getExecutorParameterMap().put("JAVASCRIPT", new JavascriptExecutorParameters());
ParameterService.register(engineParameters);
}
@@ -78,7 +81,7 @@ public class TestApexEngineJython {
@After
public void afterTest() {
ParameterService.deregister(engineParameters);
-
+
ParameterService.deregister(contextParameters.getDistributorParameters());
ParameterService.deregister(contextParameters.getLockManagerParameters());
ParameterService.deregister(contextParameters.getPersistorParameters());
@@ -96,8 +99,8 @@ public class TestApexEngineJython {
*/
@Test
public void testApexEngineJython() throws ApexException, InterruptedException, IOException {
- new TestApexEngine("JYTHON", engineParameters);
+ new TestApexEngine("JAVASCRIPT", engineParameters);
ThreadUtilities.sleep(5000);
- new TestApexEngine("JYTHON", engineParameters);
+ new TestApexEngine("JAVASCRIPT", engineParameters);
}
}
diff --git a/testsuites/performance/performance-benchmark-test/pom.xml b/testsuites/performance/performance-benchmark-test/pom.xml
index e852d223a..f0358d1e8 100644
--- a/testsuites/performance/performance-benchmark-test/pom.xml
+++ b/testsuites/performance/performance-benchmark-test/pom.xml
@@ -73,12 +73,13 @@
<version>${project.version}</version>
<scope>test</scope>
</dependency>
- <dependency>
+ <!-- Jython support disabled due to security concerns -->
+ <!-- dependency>
<groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId>
<artifactId>plugins-executor-jython</artifactId>
<version>${project.version}</version>
<scope>test</scope>
- </dependency>
+ </dependency-->
<dependency>
<groupId>org.onap.policy.apex-pdp.plugins.plugins-executor</groupId>
<artifactId>plugins-executor-java</artifactId>