aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/main/java/org/onap/policy/clamp/clds/config/DefaultUserConfiguration.java4
-rw-r--r--src/main/resources/clds/camel/rest/clamp-api-v2.xml16
-rw-r--r--src/main/resources/clds/camel/routes/policy-flows.xml2
3 files changed, 13 insertions, 9 deletions
diff --git a/src/main/java/org/onap/policy/clamp/clds/config/DefaultUserConfiguration.java b/src/main/java/org/onap/policy/clamp/clds/config/DefaultUserConfiguration.java
index 74aeccda5..bb7b76af3 100644
--- a/src/main/java/org/onap/policy/clamp/clds/config/DefaultUserConfiguration.java
+++ b/src/main/java/org/onap/policy/clamp/clds/config/DefaultUserConfiguration.java
@@ -73,7 +73,9 @@ public class DefaultUserConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) {
try {
- http.httpBasic().and().authorizeRequests().antMatchers("/restservices/clds/v1/user/**")
+ // Do no remove the csrf as recommended by Sonar otherwise Put/post will not work
+ // Moreover this default user class is only used by dev, on prod we use AAF and this code will be disabled
+ http.csrf().disable().httpBasic().and().authorizeRequests().antMatchers("/restservices/clds/v1/user/**")
.authenticated().anyRequest().permitAll().and().sessionManagement()
.maximumSessions(1);
diff --git a/src/main/resources/clds/camel/rest/clamp-api-v2.xml b/src/main/resources/clds/camel/rest/clamp-api-v2.xml
index fe94460c4..50e8d5850 100644
--- a/src/main/resources/clds/camel/rest/clamp-api-v2.xml
+++ b/src/main/resources/clds/camel/rest/clamp-api-v2.xml
@@ -1381,12 +1381,12 @@
<simple>${body}</simple>
</setProperty>
<to
- uri="bean:org.onap.policy.clamp.loop.template.PolicyModelsService?method=getPolicyModelTosca(${header.policyModelType},${header.policyModelVersion})"/>
+ uri="bean:org.onap.policy.clamp.loop.template.PolicyModelsService?method=getPolicyModelTosca(${header.policyModelType},${header.policyModelVersion})"/>
<setBody>
<method ref="org.onap.policy.clamp.policy.PolicyPayload"
method="createPolicyPayload(${header.policyModelType}, ${header.policyModelVersion},
${header.policyName}, ${header.policyVersion}, ${exchangeProperty[policyProperties]}, ${body})"/>
- </setBody>
+ </setBody>
<to uri="direct:create-policy"/>
<to
uri="bean:org.onap.policy.clamp.flow.log.FlowLogOperation?method=endLog()"/>
@@ -1461,9 +1461,9 @@
</route>
</delete>
- <put uri="/v2/policies/pdpDeployment/"
+ <put uri="/v2/policies/pdpDeployment"
type="com.google.gson.JsonElement"
- consumes="application/json" >
+ consumes="application/json">
<route>
<doTry>
<to
@@ -1477,7 +1477,7 @@
<log loggingLevel="INFO"
message="PDP Group DEPLOY request payload: ${body}"/>
<setProperty name="raiseHttpExceptionFlag">
- <simple resultType="java.lang.Boolean">false</simple>
+ <simple resultType="java.lang.Boolean">true</simple>
</setProperty>
<to uri="direct:add-multiple-policies-to-pdp-group"/>
<to
@@ -1504,8 +1504,10 @@
<get uri="/v2/clampInformation" outType="org.onap.policy.clamp.clds.model.ClampInformation"
produces="application/json">
- <to
- uri="bean:org.onap.policy.clamp.authorization.AuthorizationController?method=getClampInformation()"/>
+ <route>
+ <to
+ uri="bean:org.onap.policy.clamp.authorization.AuthorizationController?method=getClampInformation()"/>
+ </route>
</get>
</rest>
</rests>
diff --git a/src/main/resources/clds/camel/routes/policy-flows.xml b/src/main/resources/clds/camel/routes/policy-flows.xml
index f86ade5ef..4048af496 100644
--- a/src/main/resources/clds/camel/routes/policy-flows.xml
+++ b/src/main/resources/clds/camel/routes/policy-flows.xml
@@ -493,7 +493,7 @@
</simple>
</setHeader>
<log loggingLevel="INFO"
- message="Endpoint to add policies to PDP Group: {{clamp.config.policy.pap.url}}/policy/pap/v1/pdps/deployments/batch"></log>
+ message="Endpoint to add/remove policies in batch to PDP Group: {{clamp.config.policy.pap.url}}/policy/pap/v1/pdps/deployments/batch"></log>
<toD
uri="{{clamp.config.policy.pap.url}}/policy/pap/v1/pdps/deployments/batch?bridgeEndpoint=true&amp;throwExceptionOnFailure=${exchangeProperty[raiseHttpExceptionFlag]}&amp;useSystemProperties=true&amp;authUsername={{clamp.config.policy.pap.userName}}&amp;authPassword={{clamp.config.policy.pap.password}}&amp;authenticationPreemptive=true&amp;connectionClose=true"/>
<doFinally>