diff options
| author |   Jim Hahn <jrh3@att.com> | 2021-02-17 15:23:38 -0500 |
|---|---|---|
| committer | Jim Hahn <jrh3@att.com> | 2021-02-18 17:47:55 +0000 |
| commit | b6977d2f7ce64ece732ac1a1a0525dac972d7ccf (patch) | |
| tree | 4966f5aa4737b0fef8241989eb216cce7fbe9294 /core | |
| parent | 4e05982e36aa66b83fa0ee44b9631412442c3969 (diff) | |
Fix sonars in apex-pdp
Addressed the following issues:
- initialize mocks before use
- use parameterized queries
- Random() is not secure
- provide parameterized type for generics
- unused imports
- constructor visibility
- use compute() instead of containsKey()/put()
- make final fields static
- rename constants to all upper case
- no assert() in Thread.run() methods
- nested try
- nested if/else
- too many break/continue
- use try-with-resources
- repeatable annotations
- overlapping characters in reg ex
- hashcode is not sufficient in compareTo()
- need equals() with compareTo()
- make class an interface
- use parameterized test
- multiple calls in assert()
- log or re-throw
- use different type of lambda
- use parameterized logging
- use StringBuilder instead of concatenation
- use StandardCharsets.UTF_8
Issue-ID: POLICY-2906
Change-Id: I2cf8c885e3e22c2c6cbe6403a34906928afad022
Signed-off-by: Jim Hahn <jrh3@att.com>
Diffstat (limited to 'core')
9 files changed, 65 insertions, 84 deletions
diff --git a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/event/EnEvent.java b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/event/EnEvent.java index 2f9627dd1..d4b212421 100644 --- a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/event/EnEvent.java +++ b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/event/EnEvent.java @@ -2,6 +2,7 @@ * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. * Modifications Copyright (C) 2019 Nordix Foundation. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -68,7 +69,10 @@ public class EnEvent extends HashMap<String, Object> { @Setter private AxConcept[] userArtifactStack; - private static Random rand = new Random(System.nanoTime()); + /* + * This is not used for encryption/security, thus disabling sonar. + */ + private static Random rand = new Random(System.nanoTime()); // NOSONAR // An identifier for the current event execution. The default value here will always be a random // number, and should diff --git a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/AbstractExecutionContext.java b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/AbstractExecutionContext.java index a47ccaa48..527673108 100644 --- a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/AbstractExecutionContext.java +++ b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/AbstractExecutionContext.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2020 Nordix Foundation. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -35,12 +36,12 @@ import org.onap.policy.common.utils.coder.StandardCoder; @Getter public class AbstractExecutionContext { /** A constant <code>boolean true</code> value available for reuse e.g., for the return value */ - public final Boolean isTrue = true; + public static final Boolean IS_TRUE = true; /** * A constant <code>boolean false</code> value available for reuse e.g., for the return value */ - public final Boolean isFalse = false; + public static final Boolean IS_FALSE = false; /** the execution ID for the current APEX policy execution instance. */ public final Long executionId; diff --git a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/TaskExecutionContext.java b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/TaskExecutionContext.java index 1a19d18b8..49459dfae 100644 --- a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/TaskExecutionContext.java +++ b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/TaskExecutionContext.java @@ -2,6 +2,7 @@ * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. * Modifications Copyright (C) 2020 Nordix Foundation. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,10 +30,8 @@ import java.util.Map; import java.util.Properties; import java.util.TreeMap; import lombok.Getter; -import lombok.Setter; import org.onap.policy.apex.context.ContextAlbum; import org.onap.policy.apex.context.ContextRuntimeException; -import org.onap.policy.apex.context.SchemaHelper; import org.onap.policy.apex.core.engine.context.ApexInternalContext; import org.onap.policy.apex.core.engine.executor.Executor; import org.onap.policy.apex.core.engine.executor.TaskExecutor; @@ -40,8 +39,6 @@ import org.onap.policy.apex.model.basicmodel.concepts.AxArtifactKey; import org.onap.policy.apex.model.basicmodel.concepts.AxConcept; import org.onap.policy.apex.model.policymodel.concepts.AxTask; import org.onap.policy.apex.model.policymodel.concepts.AxTaskParameter; -import org.onap.policy.common.utils.coder.CoderException; -import org.onap.policy.common.utils.coder.StandardCoder; import org.slf4j.ext.XLogger; import org.slf4j.ext.XLoggerFactory; diff --git a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/TaskSelectionExecutionContext.java b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/TaskSelectionExecutionContext.java index 9c3c2be0f..69d51c45a 100644 --- a/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/TaskSelectionExecutionContext.java +++ b/core/core-engine/src/main/java/org/onap/policy/apex/core/engine/executor/context/TaskSelectionExecutionContext.java @@ -2,6 +2,7 @@ * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. * Modifications Copyright (C) 2020 Nordix Foundation. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,10 +25,8 @@ package org.onap.policy.apex.core.engine.executor.context; import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.Properties; import java.util.TreeMap; import lombok.Getter; -import lombok.Setter; import org.onap.policy.apex.context.ContextAlbum; import org.onap.policy.apex.context.ContextRuntimeException; import org.onap.policy.apex.core.engine.context.ApexInternalContext; diff --git a/core/core-engine/src/test/java/org/onap/policy/apex/core/engine/engine/impl/ApexEngineImplTest.java b/core/core-engine/src/test/java/org/onap/policy/apex/core/engine/engine/impl/ApexEngineImplTest.java index e539750e6..d559d7591 100644 --- a/core/core-engine/src/test/java/org/onap/policy/apex/core/engine/engine/impl/ApexEngineImplTest.java +++ b/core/core-engine/src/test/java/org/onap/policy/apex/core/engine/engine/impl/ApexEngineImplTest.java @@ -2,6 +2,7 @@ * ============LICENSE_START======================================================= * Copyright (C) 2018 Ericsson. All rights reserved. * Modifications Copyright (C) 2019-2020 Nordix Foundation. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -309,8 +310,7 @@ public class ApexEngineImplTest { (new Thread() { @Override public void run() { - assertTrue(engine.handleEvent(event)); - assertEquals(AxEngineState.STOPPED, engine.getState()); + engine.handleEvent(event); } }).start(); await().atLeast(50, TimeUnit.MILLISECONDS).until(() -> engine.getState().equals(AxEngineState.EXECUTING)); @@ -330,8 +330,7 @@ public class ApexEngineImplTest { (new Thread() { @Override public void run() { - assertTrue(engine.handleEvent(event)); - assertEquals(AxEngineState.STOPPED, engine.getState()); + engine.handleEvent(event); } }).start(); diff --git a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/java/classes/ClassUtils.java b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/java/classes/ClassUtils.java index aa3adf4d0..03bedce81 100644 --- a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/java/classes/ClassUtils.java +++ b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/java/classes/ClassUtils.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,6 +25,7 @@ import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; +import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.net.URL; import java.net.URLClassLoader; @@ -91,33 +93,7 @@ public abstract class ClassUtils { URL[] urls = ((URLClassLoader) ClassLoader.getSystemClassLoader()).getURLs(); // Try get the classes in the bootstrap loader - try { - final Class<?> nullclassloader = Class.forName("sun.misc.Launcher"); - if (nullclassloader != null) { - Method mmethod = nullclassloader.getMethod("getBootstrapClassPath"); - if (mmethod != null) { - final Object cp = mmethod.invoke(null, (Object[]) null); - if (cp != null) { - mmethod = cp.getClass().getMethod("getURLs"); - if (mmethod != null) { - final URL[] moreurls = (URL[]) (mmethod.invoke(cp, (Object[]) null)); - if (moreurls != null && moreurls.length > 0) { - if (urls.length == 0) { - urls = moreurls; - } else { - final URL[] result = Arrays.copyOf(urls, urls.length + moreurls.length); - System.arraycopy(moreurls, 0, result, urls.length, moreurls.length); - urls = result; - } - } - } - } - } - // end long way! - } - } catch (final ClassNotFoundException e) { - LOGGER.warn("Failed to find default path for JRE libraries", e); - } + urls = getClassesFromBootstrapLoader(urls); // Iterate over the class path entries for (final URL url : urls) { @@ -141,6 +117,47 @@ public abstract class ClassUtils { return classNameSet; } + private static URL[] getClassesFromBootstrapLoader(URL[] urls) + throws NoSuchMethodException, IllegalAccessException, InvocationTargetException { + try { + final Class<?> nullclassloader = Class.forName("sun.misc.Launcher"); + if (nullclassloader == null) { + return urls; + } + + Method mmethod = nullclassloader.getMethod("getBootstrapClassPath"); + if (mmethod == null) { + return urls; + } + + final Object cp = mmethod.invoke(null, (Object[]) null); + if (cp == null) { + return urls; + } + + mmethod = cp.getClass().getMethod("getURLs"); + if (mmethod == null) { + return urls; + } + + final URL[] moreurls = (URL[]) (mmethod.invoke(cp, (Object[]) null)); + if (moreurls == null || moreurls.length == 0) { + return urls; + } + + if (urls.length == 0) { + return moreurls; + } else { + final URL[] result = Arrays.copyOf(urls, urls.length + moreurls.length); + System.arraycopy(moreurls, 0, result, urls.length, moreurls.length); + return result; + } + } catch (final ClassNotFoundException e) { + LOGGER.warn("Failed to find default path for JRE libraries", e); + return urls; + } + } + /** * Find all classes in directories and JARs in those directories. * diff --git a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/impl/ws/RawMessageHandler.java b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/impl/ws/RawMessageHandler.java index acd7bdfea..0493eafb5 100644 --- a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/impl/ws/RawMessageHandler.java +++ b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/impl/ws/RawMessageHandler.java @@ -2,6 +2,7 @@ * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. * Modifications Copyright (C) 2019-2020 Nordix Foundation. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -158,29 +159,16 @@ public class RawMessageHandler<M> implements WebSocketMessageListener<M>, Runnab while ((messageBlock = messageBlockQueue.poll(1, TimeUnit.MILLISECONDS)) != null) { dataHandler.post(messageBlock); } - } catch (final InterruptedException e) { - // restore the interrupt status - Thread.currentThread().interrupt(); - LOGGER.debug(RAW_MESSAGE_LISTENING_INTERRUPTED); - break; - } - try { // Read string messages from the queue and pass it to the data handler String stringMessage = null; while ((stringMessage = stringMessageQueue.poll(1, TimeUnit.MILLISECONDS)) != null) { dataHandler.post(stringMessage); } - } catch (final InterruptedException e) { - // restore the interrupt status - Thread.currentThread().interrupt(); - LOGGER.debug(RAW_MESSAGE_LISTENING_INTERRUPTED); - break; - } - // Wait for new messages - try { + // Wait for new messages Thread.sleep(QUEUE_POLL_TIMEOUT); + } catch (final InterruptedException e) { // restore the interrupt status Thread.currentThread().interrupt(); diff --git a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/util/MessagingUtils.java b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/util/MessagingUtils.java index 463e85f3e..bda1f870c 100644 --- a/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/util/MessagingUtils.java +++ b/core/core-infrastructure/src/main/java/org/onap/policy/apex/core/infrastructure/messaging/util/MessagingUtils.java @@ -2,6 +2,7 @@ * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. * Modifications Copyright (C) 2019 Nordix Foundation. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -218,37 +219,11 @@ public final class MessagingUtils { public static byte[] serializeObject(final Object object) { LOGGER.entry(object.getClass().getName()); final ByteArrayOutputStream bytesOut = new ByteArrayOutputStream(); - ObjectOutputStream oos = null; - try { - oos = new ObjectOutputStream(bytesOut); + try (ObjectOutputStream oos = new ObjectOutputStream(bytesOut)) { oos.writeObject(object); } catch (final IOException e) { LOGGER.warn("error on object serialization", e); - } finally { - flushAndClose(oos, bytesOut); } return bytesOut.toByteArray(); } - - /** - * Flush and close an object stream and a byte array output stream. - * - * @param oos the object output stream - * @param bytesOut the byte array output stream - */ - private static void flushAndClose(final ObjectOutputStream oos, final ByteArrayOutputStream bytesOut) { - try { - if (oos != null) { - oos.flush(); - oos.close(); - } - if (bytesOut != null) { - bytesOut.close(); - } - - } catch (final IOException e) { - LOGGER.error("Failed to close the Srialization operation"); - LOGGER.catching(e); - } - } } diff --git a/core/core-protocols/src/main/java/org/onap/policy/apex/core/protocols/Message.java b/core/core-protocols/src/main/java/org/onap/policy/apex/core/protocols/Message.java index 6853cc75c..b79308e4a 100644 --- a/core/core-protocols/src/main/java/org/onap/policy/apex/core/protocols/Message.java +++ b/core/core-protocols/src/main/java/org/onap/policy/apex/core/protocols/Message.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2016-2018 Ericsson. All rights reserved. + * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -55,7 +56,7 @@ public abstract class Message implements Serializable { * @param action the action or message type of the message * @param targetKey the artifact key of the artifact to which this message relates */ - public Message(final Action action, final AxArtifactKey targetKey) { + protected Message(final Action action, final AxArtifactKey targetKey) { this(action, targetKey, null); } @@ -66,7 +67,7 @@ public abstract class Message implements Serializable { * @param targetKey the artifact key of the artifact to which this message relates * @param messageData the message data to deliver */ - public Message(final Action action, final AxArtifactKey targetKey, final String messageData) { + protected Message(final Action action, final AxArtifactKey targetKey, final String messageData) { this.action = action; this.targetKey = targetKey; this.messageData = messageData; |