aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java')
-rw-r--r--src/main/java/org/onap/clamp/authorization/AuthorizationController.java4
-rw-r--r--src/main/java/org/onap/clamp/clds/ClampServlet.java24
-rw-r--r--src/main/java/org/onap/clamp/clds/dao/CldsDao.java19
-rw-r--r--src/main/java/org/onap/clamp/clds/service/CldsService.java28
-rw-r--r--src/main/java/org/onap/clamp/clds/service/CldsTemplateService.java12
-rw-r--r--src/main/java/org/onap/clamp/clds/service/CldsToscaService.java13
-rw-r--r--src/main/java/org/onap/clamp/clds/util/CryptoUtils.java2
-rw-r--r--src/main/java/org/onap/clamp/clds/util/XmlTools.java8
-rw-r--r--src/main/java/org/onap/clamp/util/PrincipalUtils.java6
9 files changed, 71 insertions, 45 deletions
diff --git a/src/main/java/org/onap/clamp/authorization/AuthorizationController.java b/src/main/java/org/onap/clamp/authorization/AuthorizationController.java
index 4a35f4583..2e43495b7 100644
--- a/src/main/java/org/onap/clamp/authorization/AuthorizationController.java
+++ b/src/main/java/org/onap/clamp/authorization/AuthorizationController.java
@@ -30,7 +30,7 @@ import com.att.eelf.configuration.EELFManager;
import java.util.Date;
-import javax.ws.rs.NotAuthorizedException;
+import org.onap.clamp.clds.exception.NotAuthorizedException;
import org.apache.camel.Exchange;
import org.onap.clamp.clds.config.ClampProperties;
@@ -57,7 +57,7 @@ public class AuthorizationController {
@Autowired
private ClampProperties refProp;
- private static final String PERM_PREFIX = "security.permission.type.";
+ public static final String PERM_PREFIX = "security.permission.type.";
private static final String PERM_INSTANCE = "security.permission.instance";
/**
diff --git a/src/main/java/org/onap/clamp/clds/ClampServlet.java b/src/main/java/org/onap/clamp/clds/ClampServlet.java
index 90d0693d1..86524d1c6 100644
--- a/src/main/java/org/onap/clamp/clds/ClampServlet.java
+++ b/src/main/java/org/onap/clamp/clds/ClampServlet.java
@@ -27,6 +27,15 @@ package org.onap.clamp.clds;
import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
import org.apache.camel.component.servlet.CamelHttpTransportServlet;
import org.onap.clamp.clds.service.SecureServicePermission;
import org.springframework.context.ApplicationContext;
@@ -39,14 +48,6 @@ import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.web.context.support.WebApplicationContextUtils;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
-
public class ClampServlet extends CamelHttpTransportServlet {
/**
@@ -100,7 +101,8 @@ public class ClampServlet extends CamelHttpTransportServlet {
permissionList.add(SecureServicePermission
.create(applicationContext.getEnvironment().getProperty(PERM_TOSCA), cldsPermissionInstance, READ));
permissionList.add(SecureServicePermission
- .create(applicationContext.getEnvironment().getProperty(PERM_TOSCA), cldsPermissionInstance, UPDATE));
+ .create(applicationContext.getEnvironment().getProperty(PERM_TOSCA), cldsPermissionInstance,
+ UPDATE));
}
return permissionList;
}
@@ -122,8 +124,8 @@ public class ClampServlet extends CamelHttpTransportServlet {
grantedAuths.add(new SimpleGrantedAuthority(permString));
}
}
- Authentication auth = new UsernamePasswordAuthenticationToken(new User(principal.getName(), "", grantedAuths), "",
- grantedAuths);
+ Authentication auth = new UsernamePasswordAuthenticationToken(new User(principal.getName(), "",
+ grantedAuths), "", grantedAuths);
SecurityContextHolder.getContext().setAuthentication(auth);
}
try {
diff --git a/src/main/java/org/onap/clamp/clds/dao/CldsDao.java b/src/main/java/org/onap/clamp/clds/dao/CldsDao.java
index 44228b226..16a6a748c 100644
--- a/src/main/java/org/onap/clamp/clds/dao/CldsDao.java
+++ b/src/main/java/org/onap/clamp/clds/dao/CldsDao.java
@@ -352,7 +352,7 @@ public class CldsDao {
}
/**
- * Helper method to setup the base template properties
+ * Helper method to setup the base template properties.
*
* @param template
* the template
@@ -474,7 +474,7 @@ public class CldsDao {
}
/**
- * Helper method to setup the event prop to the CldsEvent class
+ * Helper method to setup the event prop to the CldsEvent class.
*
* @param event
* the clds event
@@ -742,12 +742,13 @@ public class CldsDao {
String dictElementShortName) {
SimpleDateFormat sdf = new SimpleDateFormat(DATE_FORMAT);
List<CldsDictionaryItem> dictionaryItems = new ArrayList<>();
- String dictionarySql = new StringBuilder("SELECT de.dict_element_id, de.dictionary_id, de.dict_element_name, " +
- "de.dict_element_short_name, de.dict_element_description, de.dict_element_type, de.created_by, " +
- "de.modified_by, de.timestamp FROM dictionary_elements de, " +
- "dictionary d WHERE de.dictionary_id = d.dictionary_id")
+ String dictionarySql = new StringBuilder("SELECT de.dict_element_id, de.dictionary_id, de.dict_element_name, "
+ + "de.dict_element_short_name, de.dict_element_description, de.dict_element_type, de.created_by, "
+ + "de.modified_by, de.timestamp FROM dictionary_elements de, "
+ + "dictionary d WHERE de.dictionary_id = d.dictionary_id")
.append((dictionaryId != null) ? (" AND d.dictionary_id = '" + dictionaryId + "'") : "")
- .append((dictElementShortName != null) ? (" AND de.dict_element_short_name = '" + dictElementShortName + "'") : "")
+ .append((dictElementShortName != null) ? (" AND de.dict_element_short_name = '" + dictElementShortName
+ + "'") : "")
.append((dictionaryName != null) ? (" AND dictionary_name = '" + dictionaryName + "'") : "").toString();
List<Map<String, Object>> rows = jdbcTemplateObject.queryForList(dictionarySql);
@@ -780,8 +781,8 @@ public class CldsDao {
*/
public Map<String, String> getDictionaryElementsByType(String dictionaryElementType) {
Map<String, String> dictionaryItems = new HashMap<>();
- String dictionarySql = new StringBuilder("SELECT dict_element_name, dict_element_short_name " +
- "FROM dictionary_elements WHERE dict_element_type = '")
+ String dictionarySql = new StringBuilder("SELECT dict_element_name, dict_element_short_name "
+ + "FROM dictionary_elements WHERE dict_element_type = '")
.append(dictionaryElementType).append("'").toString();
List<Map<String, Object>> rows = jdbcTemplateObject.queryForList(dictionarySql);
diff --git a/src/main/java/org/onap/clamp/clds/service/CldsService.java b/src/main/java/org/onap/clamp/clds/service/CldsService.java
index e81cc15f7..63a913314 100644
--- a/src/main/java/org/onap/clamp/clds/service/CldsService.java
+++ b/src/main/java/org/onap/clamp/clds/service/CldsService.java
@@ -5,6 +5,8 @@
* Copyright (C) 2017-2019 AT&T Intellectual Property. All rights
* reserved.
* ================================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
@@ -203,7 +205,7 @@ public class CldsService extends SecureServiceBase {
public List<CldsMonitoringDetails> getCldsDetails() {
util.entering(request, "CldsService: GET model details");
Date startTime = new Date();
- List<CldsMonitoringDetails> cldsMonitoringDetailsList = cldsDao.getCldsMonitoringDetails();
+ final List<CldsMonitoringDetails> cldsMonitoringDetailsList = cldsDao.getCldsMonitoringDetails();
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
auditLogger.info("GET cldsDetails completed");
@@ -223,7 +225,7 @@ public class CldsService extends SecureServiceBase {
LoggingUtils.setTimeContext(startTime, new Date());
CldsInfoProvider cldsInfoProvider = new CldsInfoProvider(this);
- CldsInfo cldsInfo = cldsInfoProvider.getCldsInfo();
+ final CldsInfo cldsInfo = cldsInfoProvider.getCldsInfo();
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
@@ -245,7 +247,7 @@ public class CldsService extends SecureServiceBase {
Date startTime = new Date();
isAuthorized(permissionReadCl);
logger.info("GET bpmnText for modelName={}", modelName);
- CldsModel model = CldsModel.retrieve(cldsDao, modelName, false);
+ final CldsModel model = CldsModel.retrieve(cldsDao, modelName, false);
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
auditLogger.info("GET model bpmn completed");
@@ -266,7 +268,7 @@ public class CldsService extends SecureServiceBase {
Date startTime = new Date();
isAuthorized(permissionReadCl);
logger.info("GET imageText for modelName={}", modelName);
- CldsModel model = CldsModel.retrieve(cldsDao, modelName, false);
+ final CldsModel model = CldsModel.retrieve(cldsDao, modelName, false);
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
auditLogger.info("GET model image completed");
@@ -282,7 +284,7 @@ public class CldsService extends SecureServiceBase {
*/
public CldsModel getModel(String modelName) {
util.entering(request, "CldsService: GET model");
- Date startTime = new Date();
+ final Date startTime = new Date();
isAuthorized(permissionReadCl);
logger.debug("GET model for modelName={}", modelName);
CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, false);
@@ -323,7 +325,7 @@ public class CldsService extends SecureServiceBase {
*/
public CldsModel putModel(String modelName, CldsModel cldsModel) {
util.entering(request, "CldsService: PUT model");
- Date startTime = new Date();
+ final Date startTime = new Date();
isAuthorized(permissionUpdateCl);
isAuthorizedForVf(cldsModel);
logger.info("PUT model for modelName={}", modelName);
@@ -350,7 +352,7 @@ public class CldsService extends SecureServiceBase {
Date startTime = new Date();
isAuthorized(permissionReadCl);
logger.info("GET list of model names");
- List<ValueItem> names = cldsDao.getModelNames();
+ final List<ValueItem> names = cldsDao.getModelNames();
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
auditLogger.info("GET model names completed");
@@ -409,11 +411,11 @@ public class CldsService extends SecureServiceBase {
model.save(cldsDao, getUserId());
// get vars and format if necessary
- String prop = model.getPropText();
- String bpmn = model.getBpmnText();
- String docText = model.getDocText();
- String controlName = model.getControlName();
- String bpmnJson = cldsBpmnTransformer.doXslTransformToString(bpmn);
+ final String prop = model.getPropText();
+ final String bpmn = model.getBpmnText();
+ final String docText = model.getDocText();
+ final String controlName = model.getControlName();
+ final String bpmnJson = cldsBpmnTransformer.doXslTransformToString(bpmn);
logger.info("PUT bpmnJson={}", bpmnJson);
// Test flag coming from UI or from Clamp config
boolean isTest = Boolean.parseBoolean(test)
@@ -471,7 +473,7 @@ public class CldsService extends SecureServiceBase {
*/
public String postDcaeEvent(String test, DcaeEvent dcaeEvent) {
util.entering(request, "CldsService: Post dcae event");
- Date startTime = new Date();
+ final Date startTime = new Date();
String userid = null;
// TODO: allow auth checking to be turned off by removing the permission
// type property
diff --git a/src/main/java/org/onap/clamp/clds/service/CldsTemplateService.java b/src/main/java/org/onap/clamp/clds/service/CldsTemplateService.java
index f60c63830..d107731b0 100644
--- a/src/main/java/org/onap/clamp/clds/service/CldsTemplateService.java
+++ b/src/main/java/org/onap/clamp/clds/service/CldsTemplateService.java
@@ -5,6 +5,8 @@
* Copyright (C) 2017-2018 AT&T Intellectual Property. All rights
* reserved.
* ================================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
@@ -79,7 +81,7 @@ public class CldsTemplateService extends SecureServiceBase {
Date startTime = new Date();
isAuthorized(permissionReadTemplate);
logger.info("GET bpmnText for templateName=" + templateName);
- CldsTemplate template = CldsTemplate.retrieve(cldsDao, templateName, false);
+ final CldsTemplate template = CldsTemplate.retrieve(cldsDao, templateName, false);
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
auditLogger.info("GET template bpmn completed");
@@ -100,7 +102,7 @@ public class CldsTemplateService extends SecureServiceBase {
Date startTime = new Date();
isAuthorized(permissionReadTemplate);
logger.info("GET imageText for templateName=" + templateName);
- CldsTemplate template = CldsTemplate.retrieve(cldsDao, templateName, false);
+ final CldsTemplate template = CldsTemplate.retrieve(cldsDao, templateName, false);
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
auditLogger.info("GET template image completed");
@@ -116,7 +118,7 @@ public class CldsTemplateService extends SecureServiceBase {
*/
public CldsTemplate getTemplate(String templateName) {
util.entering(request, "CldsTemplateService: GET template");
- Date startTime = new Date();
+ final Date startTime = new Date();
isAuthorized(permissionReadTemplate);
logger.info("GET model for templateName=" + templateName);
CldsTemplate template = CldsTemplate.retrieve(cldsDao, templateName, false);
@@ -137,7 +139,7 @@ public class CldsTemplateService extends SecureServiceBase {
*/
public CldsTemplate putTemplate(String templateName, CldsTemplate cldsTemplate) {
util.entering(request, "CldsTemplateService: PUT template");
- Date startTime = new Date();
+ final Date startTime = new Date();
isAuthorized(permissionUpdateTemplate);
logger.info("PUT Template for templateName=" + templateName);
logger.info("PUT bpmnText=" + cldsTemplate.getBpmnText());
@@ -162,7 +164,7 @@ public class CldsTemplateService extends SecureServiceBase {
Date startTime = new Date();
isAuthorized(permissionReadTemplate);
logger.info("GET list of template names");
- List<ValueItem> names = cldsDao.getTemplateNames();
+ final List<ValueItem> names = cldsDao.getTemplateNames();
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
auditLogger.info("GET template names completed");
diff --git a/src/main/java/org/onap/clamp/clds/service/CldsToscaService.java b/src/main/java/org/onap/clamp/clds/service/CldsToscaService.java
index f2c75ead1..81bafef47 100644
--- a/src/main/java/org/onap/clamp/clds/service/CldsToscaService.java
+++ b/src/main/java/org/onap/clamp/clds/service/CldsToscaService.java
@@ -5,6 +5,8 @@
* Copyright (C) 2018 AT&T Intellectual Property. All rights
* reserved.
* ================================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
@@ -84,7 +86,7 @@ public class CldsToscaService extends SecureServiceBase {
* type
*/
public ResponseEntity<?> parseToscaModelAndSave(String toscaModelName, CldsToscaModel cldsToscaModel) {
- Date startTime = new Date();
+ final Date startTime = new Date();
LoggingUtils.setRequestContext("CldsToscaService: Parse Tosca model and save", getPrincipalName());
// TODO revisit based on new permissions
isAuthorized(permissionUpdateTosca);
@@ -107,7 +109,7 @@ public class CldsToscaService extends SecureServiceBase {
LoggingUtils.setRequestContext("CldsToscaService: Get All tosca models", getPrincipalName());
// TODO revisit based on new permissions
isAuthorized(permissionReadTosca);
- List<CldsToscaModel> cldsToscaModels = Optional.ofNullable(cldsDao.getAllToscaModels()).get();
+ final List<CldsToscaModel> cldsToscaModels = Optional.ofNullable(cldsDao.getAllToscaModels()).get();
LoggingUtils.setTimeContext(startTime, new Date());
LoggingUtils.setResponseContext("0", "Get All tosca models success", this.getClass().getName());
auditLogger.info("Get All tosca models");
@@ -128,7 +130,8 @@ public class CldsToscaService extends SecureServiceBase {
LoggingUtils.setRequestContext("CldsToscaService: Get tosca models by model name", getPrincipalName());
// TODO revisit based on new permissions
isAuthorized(permissionReadTosca);
- List<CldsToscaModel> cldsToscaModels = Optional.ofNullable(cldsDao.getToscaModelByName(toscaModelName)).get();
+ final List<CldsToscaModel> cldsToscaModels = Optional.ofNullable(cldsDao.getToscaModelByName(toscaModelName))
+ .get();
LoggingUtils.setTimeContext(startTime, new Date());
LoggingUtils.setResponseContext("0", "Get tosca models by model name success", this.getClass().getName());
auditLogger.info("GET tosca models by model name completed");
@@ -140,6 +143,7 @@ public class CldsToscaService extends SecureServiceBase {
* from the database.
*
* @param policyType
+ * The type of the policy
* @return clds tosca model - CLDS tosca model for a given policy type
*/
public CldsToscaModel getToscaModelsByPolicyType(String policyType) {
@@ -147,7 +151,8 @@ public class CldsToscaService extends SecureServiceBase {
LoggingUtils.setRequestContext("CldsToscaService: Get tosca models by policyType", getPrincipalName());
// TODO revisit based on new permissions
isAuthorized(permissionReadTosca);
- List<CldsToscaModel> cldsToscaModels = Optional.ofNullable(cldsDao.getToscaModelByPolicyType(policyType)).get();
+ final List<CldsToscaModel> cldsToscaModels = Optional.ofNullable(cldsDao.getToscaModelByPolicyType(policyType))
+ .get();
LoggingUtils.setTimeContext(startTime, new Date());
LoggingUtils.setResponseContext("0", "Get tosca models by policyType success", this.getClass().getName());
auditLogger.info("GET tosca models by policyType completed");
diff --git a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java
index f08bf7b28..85aae0a5d 100644
--- a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java
+++ b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java
@@ -162,7 +162,7 @@ public final class CryptoUtils {
private static SecretKeySpec readSecretKeySpec(String propertiesFileName) {
Properties props = new Properties();
try {
- //Workaround fix to make encryption key configurable
+ // Workaround fix to make encryption key configurable
// System environment variable takes precedence for over clds/key.properties
String encryptionKey = System.getenv(AES_ENCRYPTION_KEY);
if(encryptionKey != null && encryptionKey.trim().length() > 0) {
diff --git a/src/main/java/org/onap/clamp/clds/util/XmlTools.java b/src/main/java/org/onap/clamp/clds/util/XmlTools.java
index a812fa127..a7d4ed9fb 100644
--- a/src/main/java/org/onap/clamp/clds/util/XmlTools.java
+++ b/src/main/java/org/onap/clamp/clds/util/XmlTools.java
@@ -24,6 +24,7 @@
package org.onap.clamp.clds.util;
import java.io.StringWriter;
+import javax.xml.XMLConstants;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
@@ -39,6 +40,12 @@ import org.w3c.dom.Document;
public class XmlTools {
/**
+ * Private constructor to avoid creating instances of util class.
+ */
+ private XmlTools(){
+ }
+
+ /**
* Transforms document to XML string.
*
* @param doc XML document
@@ -47,6 +54,7 @@ public class XmlTools {
public static String exportXmlDocumentAsString(Document doc) {
try {
TransformerFactory tf = TransformerFactory.newInstance();
+ tf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
Transformer transformer = tf.newTransformer();
transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
StringWriter writer = new StringWriter();
diff --git a/src/main/java/org/onap/clamp/util/PrincipalUtils.java b/src/main/java/org/onap/clamp/util/PrincipalUtils.java
index d6b20f30b..d6dfacbdb 100644
--- a/src/main/java/org/onap/clamp/util/PrincipalUtils.java
+++ b/src/main/java/org/onap/clamp/util/PrincipalUtils.java
@@ -38,6 +38,12 @@ public class PrincipalUtils {
private static SecurityContext securityContext = SecurityContextHolder.getContext();
/**
+ * Private constructor to avoid creating instances of util class.
+ */
+ private PrincipalUtils(){
+ }
+
+ /**
* Get the Full name.
*
* @return The user name