summaryrefslogtreecommitdiffstats
path: root/model/basic-model/src/main/java
diff options
context:
space:
mode:
authorJim Hahn <jrh3@att.com>2021-02-17 15:23:38 -0500
committerJim Hahn <jrh3@att.com>2021-02-18 17:47:55 +0000
commitb6977d2f7ce64ece732ac1a1a0525dac972d7ccf (patch)
tree4966f5aa4737b0fef8241989eb216cce7fbe9294 /model/basic-model/src/main/java
parent4e05982e36aa66b83fa0ee44b9631412442c3969 (diff)
Fix sonars in apex-pdp
Addressed the following issues: - initialize mocks before use - use parameterized queries - Random() is not secure - provide parameterized type for generics - unused imports - constructor visibility - use compute() instead of containsKey()/put() - make final fields static - rename constants to all upper case - no assert() in Thread.run() methods - nested try - nested if/else - too many break/continue - use try-with-resources - repeatable annotations - overlapping characters in reg ex - hashcode is not sufficient in compareTo() - need equals() with compareTo() - make class an interface - use parameterized test - multiple calls in assert() - log or re-throw - use different type of lambda - use parameterized logging - use StringBuilder instead of concatenation - use StandardCharsets.UTF_8 Issue-ID: POLICY-2906 Change-Id: I2cf8c885e3e22c2c6cbe6403a34906928afad022 Signed-off-by: Jim Hahn <jrh3@att.com>
Diffstat (limited to 'model/basic-model/src/main/java')
-rw-r--r--model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxConcept.java5
-rw-r--r--model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKey.java5
-rw-r--r--model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInfo.java11
-rw-r--r--model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInformation.java10
-rw-r--r--model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxModel.java6
-rw-r--r--model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/dao/impl/DefaultApexDao.java63
-rw-r--r--model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/handling/ApexModelReader.java3
7 files changed, 70 insertions, 33 deletions
diff --git a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxConcept.java b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxConcept.java
index 8bbc652e7..0e2c6bef2 100644
--- a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxConcept.java
+++ b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxConcept.java
@@ -2,6 +2,7 @@
* ============LICENSE_START=======================================================
* Copyright (C) 2016-2018 Ericsson. All rights reserved.
* Modifications Copyright (C) 2019 Nordix Foundation.
+ * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -41,7 +42,7 @@ public abstract class AxConcept implements Serializable, Comparable<AxConcept> {
/**
* Default constructor.
*/
- public AxConcept() {
+ protected AxConcept() {
// Default constructor
}
@@ -50,7 +51,7 @@ public abstract class AxConcept implements Serializable, Comparable<AxConcept> {
*
* @param copyConcept the concept to copy from
*/
- public AxConcept(final AxConcept copyConcept) {
+ protected AxConcept(final AxConcept copyConcept) {
Assertions.argumentNotNull(copyConcept, "copy concept may not be null");
copyConcept.copyTo(this);
}
diff --git a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKey.java b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKey.java
index 743847358..1b6f0148f 100644
--- a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKey.java
+++ b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKey.java
@@ -1,6 +1,7 @@
/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2016-2018 Ericsson. All rights reserved.
+ * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -67,7 +68,7 @@ public abstract class AxKey extends AxConcept {
/**
* Default constructor.
*/
- public AxKey() {
+ protected AxKey() {
super();
}
@@ -76,7 +77,7 @@ public abstract class AxKey extends AxConcept {
*
* @param copyConcept the concept to copy from
*/
- public AxKey(final AxKey copyConcept) {
+ protected AxKey(final AxKey copyConcept) {
super(copyConcept);
}
diff --git a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInfo.java b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInfo.java
index fc8c0cd14..4b84a403a 100644
--- a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInfo.java
+++ b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInfo.java
@@ -2,6 +2,7 @@
* ============LICENSE_START=======================================================
* Copyright (C) 2016-2018 Ericsson. All rights reserved.
* Modifications Copyright (C) 2019 Nordix Foundation.
+ * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -63,7 +64,10 @@ public class AxKeyInfo extends AxConcept {
private static final int MAX_DESCRIPTION_LENGTH_8192 = 8192;
private static final int UUID_BYTE_LENGTH_16 = 16;
- private static final Random sharedRandom = new Random();
+ /*
+ * This is not used for encryption/security, thus disabling sonar.
+ */
+ private static final Random sharedRandom = new Random(); // NOSONAR
@EmbeddedId
@XmlElement(name = "key", required = true)
@@ -334,7 +338,10 @@ public class AxKeyInfo extends AxConcept {
public static UUID generateReproducibleUuid(final String seed) {
Random random = sharedRandom;
if (!StringUtils.isEmpty(seed)) {
- random = new Random(seed.hashCode());
+ /*
+ * This is not used for encryption/security, thus disabling sonar.
+ */
+ random = new Random(seed.hashCode()); // NOSONAR
}
final byte[] array = new byte[UUID_BYTE_LENGTH_16];
random.nextBytes(array);
diff --git a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInformation.java b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInformation.java
index 446a00a68..2619d2eea 100644
--- a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInformation.java
+++ b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxKeyInformation.java
@@ -2,6 +2,7 @@
* ============LICENSE_START=======================================================
* Copyright (C) 2016-2018 Ericsson. All rights reserved.
* Modifications Copyright (C) 2019-2020 Nordix Foundation.
+ * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -148,12 +149,13 @@ public class AxKeyInformation extends AxConcept implements AxConceptGetter<AxKey
}
final AxArtifactKey artifactKey = (AxArtifactKey) axKey;
- if (!keyInfoMap.containsKey(artifactKey)) {
+
+ keyInfoMap.computeIfAbsent(artifactKey, unusedKey -> {
final AxKeyInfo keyInfo = new AxKeyInfo(artifactKey);
// generate a reproducible UUID
keyInfo.setUuid(AxKeyInfo.generateReproducibleUuid(keyInfo.getId() + keyInfo.getDescription()));
- keyInfoMap.put(artifactKey, keyInfo);
- }
+ return keyInfo;
+ });
}
}
@@ -422,4 +424,4 @@ public class AxKeyInformation extends AxConcept implements AxConceptGetter<AxKey
return new AxConceptGetterImpl<>((NavigableMap<AxArtifactKey, AxKeyInfo>) keyInfoMap).getAll(conceptKeyName,
conceptKeyVersion);
}
-} \ No newline at end of file
+}
diff --git a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxModel.java b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxModel.java
index 9c71638fc..da6fb49c6 100644
--- a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxModel.java
+++ b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/concepts/AxModel.java
@@ -2,6 +2,7 @@
* ============LICENSE_START=======================================================
* Copyright (C) 2016-2018 Ericsson. All rights reserved.
* Modifications Copyright (C) 2019 Nordix Foundation.
+ * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -30,7 +31,6 @@ import javax.persistence.Entity;
import javax.persistence.Inheritance;
import javax.persistence.InheritanceType;
import javax.persistence.JoinColumn;
-import javax.persistence.JoinColumns;
import javax.persistence.OneToOne;
import javax.persistence.Table;
import javax.xml.bind.annotation.XmlAccessType;
@@ -76,8 +76,8 @@ public class AxModel extends AxConcept {
// @formatter:off
@OneToOne(cascade = CascadeType.ALL)
- @JoinColumns({ @JoinColumn(name = "keyInformationName", referencedColumnName = "name"),
- @JoinColumn(name = "keyInformationVersion", referencedColumnName = "version") })
+ @JoinColumn(name = "keyInformationName", referencedColumnName = "name")
+ @JoinColumn(name = "keyInformationVersion", referencedColumnName = "version")
@XmlElement(name = "keyInformation", required = true)
@XmlJavaTypeAdapter(KeyInfoMarshalFilter.class)
private AxKeyInformation keyInformation;
diff --git a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/dao/impl/DefaultApexDao.java b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/dao/impl/DefaultApexDao.java
index 39e8b0def..738d15ed3 100644
--- a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/dao/impl/DefaultApexDao.java
+++ b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/dao/impl/DefaultApexDao.java
@@ -2,6 +2,7 @@
* ============LICENSE_START=======================================================
* Copyright (C) 2016-2018 Ericsson. All rights reserved.
* Modifications Copyright (C) 2019-2020 Nordix Foundation.
+ * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -47,12 +48,18 @@ import org.slf4j.ext.XLoggerFactory;
public class DefaultApexDao implements ApexDao {
private static final XLogger LOGGER = XLoggerFactory.getXLogger(DefaultApexDao.class);
+ private static final String COL_LOCALNAME = "local_name";
+ private static final String COL_PARENT_VERSION = "parent_version";
+ private static final String COL_PARENT_NAME = "parent_name";
+ private static final String COL_VERSION = "key_version";
+ private static final String COL_NAME = "key_name";
+
private static final String SELECT_C_FROM = "SELECT c FROM ";
- private static final String AND_C_KEY_LOCAL_NAME = "' AND c.key.localName='";
- private static final String AND_C_KEY_PARENT_KEY_VERSION = "' AND c.key.parentKeyVersion='";
- private static final String C_WHERE_C_KEY_PARENT_KEY_NAME = " c WHERE c.key.parentKeyName='";
- private static final String AND_C_KEY_VERSION = "' AND c.key.version='";
- private static final String C_WHERE_C_KEY_NAME = " c WHERE c.key.name='";
+ private static final String AND_C_KEY_LOCAL_NAME = " AND c.key.localName=:" + COL_LOCALNAME;
+ private static final String AND_C_KEY_PARENT_KEY_VERSION = " AND c.key.parentKeyVersion=:" + COL_PARENT_VERSION;
+ private static final String C_WHERE_C_KEY_PARENT_KEY_NAME = " c WHERE c.key.parentKeyName=:" + COL_PARENT_NAME;
+ private static final String AND_C_KEY_VERSION = " AND c.key.version=:" + COL_VERSION;
+ private static final String C_WHERE_C_KEY_NAME = " c WHERE c.key.name=:" + COL_NAME;
private static final String DELETE_FROM = "DELETE FROM ";
// Entity manager for JPA
@@ -151,8 +158,10 @@ public class DefaultApexDao implements ApexDao {
final EntityManager mg = getEntityManager();
try {
mg.getTransaction().begin();
- mg.createQuery(DELETE_FROM + someClass.getSimpleName() + C_WHERE_C_KEY_NAME + key.getName()
- + AND_C_KEY_VERSION + key.getVersion() + "'", someClass).executeUpdate();
+ mg.createQuery(DELETE_FROM + someClass.getSimpleName() + C_WHERE_C_KEY_NAME + AND_C_KEY_VERSION, someClass)
+ .setParameter(COL_NAME, key.getName())
+ .setParameter(COL_VERSION, key.getVersion())
+ .executeUpdate();
mg.getTransaction().commit();
} finally {
mg.close();
@@ -171,8 +180,12 @@ public class DefaultApexDao implements ApexDao {
try {
mg.getTransaction().begin();
mg.createQuery(DELETE_FROM + someClass.getSimpleName() + C_WHERE_C_KEY_PARENT_KEY_NAME
- + key.getParentKeyName() + AND_C_KEY_PARENT_KEY_VERSION + key.getParentKeyVersion()
- + AND_C_KEY_LOCAL_NAME + key.getLocalName() + "'", someClass).executeUpdate();
+ + AND_C_KEY_PARENT_KEY_VERSION
+ + AND_C_KEY_LOCAL_NAME, someClass)
+ .setParameter(COL_PARENT_NAME, key.getParentKeyName())
+ .setParameter(COL_PARENT_VERSION, key.getParentKeyVersion())
+ .setParameter(COL_LOCALNAME, key.getLocalName())
+ .executeUpdate();
mg.getTransaction().commit();
} finally {
mg.close();
@@ -234,7 +247,10 @@ public class DefaultApexDao implements ApexDao {
mg.getTransaction().begin();
for (final AxArtifactKey key : keys) {
deletedCount += mg.createQuery(DELETE_FROM + someClass.getSimpleName() + C_WHERE_C_KEY_NAME
- + key.getName() + AND_C_KEY_VERSION + key.getVersion() + "'", someClass).executeUpdate();
+ + AND_C_KEY_VERSION, someClass)
+ .setParameter(COL_NAME, key.getName())
+ .setParameter(COL_VERSION, key.getVersion())
+ .executeUpdate();
}
mg.getTransaction().commit();
} finally {
@@ -260,9 +276,11 @@ public class DefaultApexDao implements ApexDao {
deletedCount +=
mg.createQuery(
DELETE_FROM + someClass.getSimpleName() + C_WHERE_C_KEY_PARENT_KEY_NAME
- + key.getParentKeyName() + AND_C_KEY_PARENT_KEY_VERSION
- + key.getParentKeyVersion() + AND_C_KEY_LOCAL_NAME + key.getLocalName() + "'",
- someClass).executeUpdate();
+ + AND_C_KEY_PARENT_KEY_VERSION + AND_C_KEY_LOCAL_NAME, someClass)
+ .setParameter(COL_PARENT_NAME, key.getParentKeyName())
+ .setParameter(COL_PARENT_VERSION, key.getParentKeyVersion())
+ .setParameter(COL_LOCALNAME, key.getLocalName())
+ .executeUpdate();
}
mg.getTransaction().commit();
} finally {
@@ -372,8 +390,9 @@ public class DefaultApexDao implements ApexDao {
return mg
.createQuery(
SELECT_C_FROM + someClass.getSimpleName() + C_WHERE_C_KEY_PARENT_KEY_NAME
- + parentKey.getName() + AND_C_KEY_PARENT_KEY_VERSION + parentKey.getVersion() + "'",
- someClass)
+ + AND_C_KEY_PARENT_KEY_VERSION, someClass)
+ .setParameter(COL_PARENT_NAME, parentKey.getName())
+ .setParameter(COL_PARENT_VERSION, parentKey.getVersion())
.getResultList();
} finally {
mg.close();
@@ -391,8 +410,11 @@ public class DefaultApexDao implements ApexDao {
final EntityManager mg = getEntityManager();
List<T> ret;
try {
- ret = mg.createQuery(SELECT_C_FROM + someClass.getSimpleName() + C_WHERE_C_KEY_NAME + key.getName()
- + AND_C_KEY_VERSION + key.getVersion() + "'", someClass).getResultList();
+ ret = mg.createQuery(SELECT_C_FROM + someClass.getSimpleName() + C_WHERE_C_KEY_NAME
+ + AND_C_KEY_VERSION, someClass)
+ .setParameter(COL_NAME, key.getName())
+ .setParameter(COL_VERSION, key.getVersion())
+ .getResultList();
} finally {
mg.close();
}
@@ -418,8 +440,11 @@ public class DefaultApexDao implements ApexDao {
List<T> ret;
try {
ret = mg.createQuery(SELECT_C_FROM + someClass.getSimpleName() + C_WHERE_C_KEY_PARENT_KEY_NAME
- + key.getParentKeyName() + AND_C_KEY_PARENT_KEY_VERSION + key.getParentKeyVersion()
- + AND_C_KEY_LOCAL_NAME + key.getLocalName() + "'", someClass).getResultList();
+ + AND_C_KEY_PARENT_KEY_VERSION + AND_C_KEY_LOCAL_NAME, someClass)
+ .setParameter(COL_PARENT_NAME, key.getParentKeyName())
+ .setParameter(COL_PARENT_VERSION, key.getParentKeyVersion())
+ .setParameter(COL_LOCALNAME, key.getLocalName())
+ .getResultList();
} finally {
mg.close();
}
diff --git a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/handling/ApexModelReader.java b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/handling/ApexModelReader.java
index 39eacce30..db7360e75 100644
--- a/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/handling/ApexModelReader.java
+++ b/model/basic-model/src/main/java/org/onap/policy/apex/model/basicmodel/handling/ApexModelReader.java
@@ -2,6 +2,7 @@
* ============LICENSE_START=======================================================
* Copyright (C) 2016-2018 Ericsson. All rights reserved.
* Modifications Copyright (C) 2019-2020 Nordix Foundation.
+ * Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -61,7 +62,7 @@ public class ApexModelReader<C extends AxConcept> {
// (starts with <?xml...>
private static final String XML_INPUT_TYPE_REGEXP = "^\\s*<\\?xml.*>\\s*";
// starts with some kind of bracket [ or (
- private static final String JSON_INPUT_TYPE_REGEXP = "^\\s*[\\(\\{\\[][\\s+\\S]*[\\)\\}\\]]";
+ private static final String JSON_INPUT_TYPE_REGEXP = "^\\s*[\\(\\{\\[][\\s\\S]*[\\)\\}\\]]";
// or {, then has something, then has
// and has a close bracket