| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
- iq nexus vulnerabilities
- sonar security hotspots and code smell
Issue-ID: POLICY-4761
Issue-ID: POLICY-4833
Change-Id: Iab2e07d2ee7b90031bc5a30210ce7d3f5a47b3fd
Signed-off-by: adheli.tavares <adheli.tavares@est.tech>
|
|
Issue-ID: POLICY-4668
Change-Id: If4e79224de61d66d7514f3abbd7b8bee1c3d5681
Signed-off-by: adheli.tavares <adheli.tavares@est.tech>
|
|
Issue-ID: POLICY-4533
Change-Id: I9d2e4d90bf997935efad16e8ae4473d635ae9d65
Signed-off-by: liamfallon <liam.fallon@est.tech>
|
|
- Upgrade Hibernate
- Upgrade Mockito
- Upgrade Mockserver
- Remove Powermock (no longer supported) and replace with spring-test ReflectionTestUtils
- Upgrade Spring Framework
- Add spring-security to allow authentication on unit tests using MockMVC
Minor clean-up
- Replace deprecated authorization configuraiton on spring boot applications with SecurityFilterChain bean
- Change @LocalPort include on tests to use test include rather than runtime include
- Remove unused imports
- Remove unused constants and variables
- Add deprecation annotations where required
Issue-ID: POLICY-4482
Change-Id: Iec5ba1283acd506c9f3c7fe7b5d7858db6abbaa7
Signed-off-by: liamfallon <liam.fallon@est.tech>
|
|
The factory classes in policy-endpoints have toString() methods that
return "[]" for their list contents. Updated the code to provide a list
of the keys rather than just an empty list.
Also replaced some toString() methods with lombok.
Also replace StringBuilder with concatenation in some cases.
Issue-ID: POLICY-3298
Change-Id: I64fca21a4b009f7e09fcc482b5d156753fb7e680
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Change-Id: I4dce0dbdf71d01fbb59e9bf861d1af1ab49e5ae7
Issue-ID: POLICY-2914
Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
|
|
Addressed the following sonars:
- too many assertions in a test case
- use parameterized test method
Disabled production sonars for util-test, as the entire module is only
used for testing other modules.
Issue-ID: POLICY-2650-sonar
Change-Id: If49775a6c95855dcd9601ee0d833bb00741b1550
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Addressed issues reported due to updates to the sonar rules:
- invoke only one method in a junit lambda
- complete the assertion
- add DOCTYPE to html
Issue-ID: POLICY-2650
Change-Id: Ib8b8a2e4736cc23849c0f7aef972ffa3365a3e00
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Addressed the following issues:
- unused imports
- unused method parameters
- use assertEquals, assertSame instead of assertTrue
- provide the parametrized type for this generic
Also fixed some checkstyle issues:
- removed blank lines between "import" groups
Issue-ID: POLICY-2650
Change-Id: I004bb650ac10c49ccd0fc405f6959896fec39f9b
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
After inspecting the fat jar generated by brmsgw, noticed that
the persistence.xml included from here it was overriden by another
one, therefore the persistence unit was not available. This
may solve the issue for the brmsgw, as with a far jar build, there
are the risks of collisions such as this of files with the same
name.
Issue-ID: POLICY-2471
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I91cf2b6d3d2f5086d77795e08800ca96d984c214
|
|
Issue-ID: POLICY-1406
Signed-off-by: Jim Hahn <jrh3@att.com>
Change-Id: I6d85bb10c15f9d82fa55d9328d18640098050dd9
|
|
Addressed the following deprecated items:
- "new Integer(xxx)"
- Observable/Observer
- Mockito.anyObject()
Added assertion to a junit test to address a sonar issue.
Did not address deprecated Nashorn javascript interpreter; that will be
done in a separate review.
Updated licenses.
Issue-ID: POLICY-1406
Signed-off-by: Jim Hahn <jrh3@att.com>
Change-Id: I81fd158f831e01d5410d79898ced658285787d47
|
|
Rewrote the code to generate the Integrity Monitor state transition
table, eliminating duplicate lines. Output the table, before and
after the change, and verified that they were identical, with one
exception: there were two places where the original code had
"StandbyStateException", while all of the others had
"StandbyStatusException". Guessing that the original code was
incorrect in these two cases, I changed the new code to always use
"StandbyStatusException" instead.
Change-Id: Ibe3044eb1ac398a0bc8f328f4e14305d4bdeb380
Issue-ID: POLICY-1791
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Fixed most sonar issues, except for code coverage.
Change-Id: I473635d896797b2290920da86c6770848bc2e883
Issue-ID: POLICY-1791
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Removed duplicate code in DbDao by refactoring common code
into a new updateIae() method.
Removed duplicate code in IntegrityMonitor by refactoring common code
into a new withinTransaction() method.
Removed duplicate code in StateManagementEntity, StateElement by
replacing with lombok Getter & Setter annotations.
Removed duplicate code in StateManagement by refactoring common code
into new setState() and getState() methods. Also removed
logger.isDebugEnabled() tests.
Added coverage for StateChangeNotifier.
Change-Id: I2e29b836dafc5de569a2267206a6a34105e44021
Issue-ID: POLICY-1791
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Used Eclipse Refactor->Extract Method to reduce cyclomatic
complexity.
Flattened nested FpManager class into IntegrityMonitor class.
Changed some strings to StringBuilder, where lots of concatenation
was being done.
Simplified some things by eliminating some try/catch blocks where
an exception can't actually (except may an out-of-memory exception).
Also addressed some sonar issues in the tests (e.g., use "<>" where
appropriate).
Eliminated some assertException methods, replacing them with assertj
methods.
Did not attempt to increase junit coverage.
Change-Id: I311acaffcd87f0cbbf382c06c7fa26177007abd5
Issue-ID: POLICY-1791
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Also removed unneeded method override in junit test.
Change-Id: I7186e9f75443f7b8ba8376aa0e00a5cf4c573696
Issue-ID: POLICY-1287
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Move method into class it is being called. Fix minor checkstyle
formatting in the class. The changes have side effects hence
revert some changes. Modify the javadoc tags
Issue-ID: POLICY-1251
Change-Id: Iecb513dafe3f60628664f3e60d6c49d3e4ce3148
Signed-off-by: kris.jinka <kris.jinka@samsung.com>
|
|
More fixes for spacing, adding comments, adding period at the
end, and move code closer to usage.
Issue-ID: POLICY-881
Change-Id: Ife99eaf627a221e87d65d24dfd145b0ee4e06d21
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Modified the code to use a CurrentTime object for its "time"
operations (e.g., sleep(), currentTimeInMillis()). Modified
junit tests to replace the CurrentTime object with TestTime
objects so they don't actually do any sleeping.
Update license date.
Remove unneeded dependency from pom.
Don't start FpManager thread within its own constructor.
toMillis() should handle -1 as an input.
Fix comment in test base superclass.
Change time units in test base from DAYS to MILLISECONDS.
Change-Id: Id6a4edb1747ca1a683e5d37522872b781294532d
Issue-ID: POLICY-908
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Change-Id: I95ebcf8aabfa01eb6453a4ba5dd88d11c8f025c9
Issue-ID: POLICY-908
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Removed checkstyle warnings in policy/common/im
Issue-ID: POLICY-695
Change-Id: I32b4797249386c0d1bd0f50792880a1759503a67
Signed-off-by: mmis <michael.morris@ericsson.com>
|
|
Change-Id: I7bf453828f7a62070e7a73362798e6f2d4806b2f
Issue-ID: POLICY-661
Signed-off-by: eikrwaq <waqas.ikram@ericsson.com>
|
|
Fixed a few more generic exceptions in integrity-audit and
integrity-monitor.
Fixed license dates.
Change-Id: Ibbc21ae5f853896e0d3e416e33b5ea2a13672f62
Issue-ID: POLICY-246
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Removed "test" from package name.
Refactored tests, creating common IntegrityMonitorTestBase.
Turned log/print statements into assertEquals in StateTransitionTest.
Turned log/print statements into assertEquals in StateManagementTest.
Modified AllSeemsWellTest to use IntegrityMonitorTestBase.
Modified IntegrityMonitorTest to use IntegrityMonitorTestBase.
Added several hooks to IntegrityMonitor to control timers at a
finer granularity.
Added hooks to IntegrityMonitor to control the FPManager thread.
Remove hooks for refresh timer, as property suffices.
Added assertException() and assertNoException() methods to
IntegrityMonitorTestBase, and then replaced most "try/catch" blocks
with calls to those methods.
Updated StateManagement to close EntityManagers.
Modify pom to remove scope from utils dependency.
Fix some comments and remove an unneeded EntityTransaction variable.
Change-Id: Ic0789d26f985a40a35f618343fa4e88aa473b2b3
Issue-ID: POLICY-582
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Added utils-test project to policy/common.
Modified integrity-audit and integrity-monitor to use the new
utils-test project to test the Exception subclasses.
Change-Id: If4a27cdb2351b7c49b084dbf287950172fa059cf
Issue-ID: POLICY-582
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
IntegrityMonitor.java:
Renamed variables, Ex: dep_groups => depGroups.
Renamed enum constants, Ex: pdp_xacml => PDP_XACML.
Merged "if" tests.
Cast values to "long" before multiplying.
Re-throw interrupt().
Write exception via logger instead of e.printStackTrace().
Moved constructor to top of the file.
Removed most logger.isDebugEnabled() checks.
Returned generic List instead of ArrayList.
Used entrySet() instead of keySet().
Removed useless parentheses.
Removed superfluous exceptions from "throws" declaration.
DbAudit.java:
Modified DbAudit to throw DbAuditException.
Replaced references to HashSet and HashMap with generic Set and Map.
Modified DbAudit to iterate over entrySet() instead of keySet().
ComponentAdminException:
Created ComponentAdminException class.
Modified ComponentAdmin methods to throw new exception class.
Extracted "stateManager" String constant.
Eliminated logger.isDebugEnabled() calls.
Updated the license data.
Eliminated double-checked locking problem from PropertyUtil:
Modified code to use Initialization On Demand Holder idiom.
Change-Id: Ic01288542041da26df483ce85ecaf292ac138f85
Issue-ID: POLICY-246
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Patch 1:
This bug tracks the AT&T bug 355533. The symptom was that drools pdps
that were backing each other up were becoming stuck in a standby state.
The cause was that the election handler thread was being hung by a call
to PolicyEngine.manager.deactivate which shuts down the topic endpoints
when the drools pdp operational state transitions to disabled. Related
problems were that the election handler heartbeat was NOT blocked when
the main thread was blocked and the IntegrityMonitor forward progress
counter was NOT blocked from incrementing when the election handler
thread was blocked. This prevented the correct failover of the drools
pdp to another healthy one. This change fixes the two causes of the
thread blockage, moves the election handler heartbeat to the main
thread and adds an interface (AllSeemsWell) which is called when
the election handler has stalled/resumed. The AllSeemsWell interface
will block forward progress counter increments when ALLNOTWELL and will
resume forward progress counter increments when ALLSEEMSWELL. In
addition, it reduces the run time of the StandbyStateManagementTest
from approximately 8 minutes to approximately 2 minutes. Since this
changes classes also changed by POLICY-444, this change must be merged
before POLICY-444 can be merged.
Patch 2: Extended sleep times in AllSeemsWellTest.
Patch 3: Commented out asserts that are keeping it from building.
Note: It builds just fine in local environment.
Patch 4: Moved the check of allNotWellMap from testTransaction to
endTransaction so it will cover calls to endTransaction from application
code rather than just calls from testTransaction.
Patch 5: Fixed potential Sonar issue in initialization of HashMaps
allSeemsWellMap and allNotWellMap
Patch 6: Changes to IntegrityMonitorTest to make it run faster and
more deterministically. This satisfies POLICY-444.
Issue-ID: POLICY-501
Change-Id: I8fbbdc481839ec6066f26392d30e230d6b1293f2
Signed-off-by: Kevin McKiou <km097d@att.com>
|
|
Focused on hard coded passwords. I believe they are only
used for JUnit tests so I moved them into a file for use.
If they still show up on sonar then I will move into a properties
file and/or mark as not going to fix.
Issue-ID: POLICY-237
Change-Id: I6fa561714091043a2ea5e2edfb0441c2dfc8b044
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Changed all instances of Sys.out or PolicyLogger to
slf4j.
Issue-ID: POLICY-178
Change-Id: Ia91af1deb18a9b5c466f6f8a6c546c17c54e14ad
Signed-off-by: Magnusen, Drew (dm741q) <dm741q@att.com>
|
|
Seems oparent sets the version resulting in Eclipse generating warnings for the pom.
Also cleaned up unused imports.
Issue-ID: POLICY-216
Change-Id: I634025f67aa8847d1c2b6c76b0c8c09336886594
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Patch 1: Tweaks Integrity-Audit JUnits to allow
at least some estimate of code coverage. It was
not possible to enable all the tests as there are
threading issues when run in the JUnit environment.
Consequently, this is about 2/3 of the actual code
coverage. The estimate coverage is about 46%
Patch 2: Changes a persistence unit in DBDAOTest.
Patch 3: Adds tweaks to IntegrityMonitor JUnits. The
estimated state management code coverage is 70%.
Patch 4: Removed an IntegrityAudit test that failed
which reduced the estimated coverage to 45%
Issue-ID: POLICY-108
Change-Id: I693e56083c3ed66e020e82d5ac906ce29224bd58
Signed-off-by: Kevin McKiou <km097d@att.com>
|
|
Resolved major and critical sonar issues in integrity-monitor
module.
Issue-ID: [POLICY-96]
Change-Id: If1da196134a73535668d42f429d647fc819ecaee
Signed-off-by: Magnusen, Drew (dm741q) <dm741q@att.com>
|
|
Change-Id: I3241f5d1f0234043b4dff718eda1ffdc48052276
Signed-off-by: Guo Ruijing <ruijing.guo@intel.com>
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
adheli.tavares
liamfallon
Jim Hahn
a.sreekumar
jhh
Krishnakumar Jinka
Pamela Dragosh
mmis
eikrwaq
Kevin McKiou
Magnusen, Drew (dm741q)
Guo Ruijing