diff options
Diffstat (limited to 'plugins/reception-plugins/src/main')
3 files changed, 60 insertions, 59 deletions
diff --git a/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/AutomationCompositionDecoderFileInCsar.java b/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/AutomationCompositionDecoderFileInCsar.java index 7bfcb0f9..fb7a8d99 100644 --- a/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/AutomationCompositionDecoderFileInCsar.java +++ b/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/AutomationCompositionDecoderFileInCsar.java @@ -1,7 +1,6 @@ /*- * ============LICENSE_START======================================================= - * Copyright (C) 2022 Nordix Foundation. - * Modifications Copyright (C) 2022 Nordix Foundation. + * Copyright (C) 2021-2022 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,7 +23,9 @@ package org.onap.policy.distribution.reception.decoding.policy.file; import java.io.IOException; import java.util.ArrayList; import java.util.Collection; -import java.util.Enumeration; +import java.util.List; +import java.util.Optional; +import java.util.stream.Collectors; import java.util.zip.ZipEntry; import java.util.zip.ZipFile; import org.onap.policy.common.parameters.ParameterService; @@ -70,42 +71,24 @@ public class AutomationCompositionDecoderFileInCsar implements PolicyDecoder<Csa @Override public Collection<ToscaEntity> decode(final Csar csar) throws PolicyDecodingException { final Collection<ToscaEntity> automationCompositionList = new ArrayList<>(); - ToscaServiceTemplate nodeTypes = null; - ToscaServiceTemplate dataTypes = null; try (var zipFile = new ZipFile(csar.getCsarFilePath())) { - final Enumeration<? extends ZipEntry> entries = zipFile.entries(); - while (entries.hasMoreElements()) { - // - // Sonar will flag this as a Security Hotspot - // "Expanding archive files is security-sensitive" - // isZipEntryValid ensures the file being read exists in the archive - // - final ZipEntry entry = entries.nextElement(); // NOSONAR - final String entryName = entry.getName(); - - // Store node_types - if (entryName.contains(NODE_TYPES)) { - nodeTypes = ReceptionUtil.decodeFile(zipFile, entry); - } + final List<? extends ZipEntry> entries = zipFile.stream() + .filter(entry -> entry.getName().contains(decoderParameters.getAutomationCompositionType())) + .collect(Collectors.toList()); - // Store data_types - if (entryName.contains(DATA_TYPES)) { - dataTypes = ReceptionUtil.decodeFile(zipFile, entry); - } + for (ZipEntry entry : entries) { + ReceptionUtil.validateZipEntry(entry.getName(), csar.getCsarFilePath(), entry.getSize()); + final ToscaServiceTemplate automationComposition = ReceptionUtil.decodeFile(zipFile, entry); + + if (null != automationComposition.getToscaTopologyTemplate()) { + validateTypes(zipFile, NODE_TYPES) + .ifPresent(node -> automationComposition.setNodeTypes(node.getNodeTypes())); + + validateTypes(zipFile, DATA_TYPES) + .ifPresent(data -> automationComposition.setDataTypes(data.getDataTypes())); - if (entryName.contains(decoderParameters.getAutomationCompositionType())) { - ReceptionUtil.validateZipEntry(entryName, csar.getCsarFilePath(), entry.getSize()); - final ToscaServiceTemplate automationComposition = ReceptionUtil.decodeFile(zipFile, entry); - if (null != automationComposition.getToscaTopologyTemplate()) { - if (null != nodeTypes) { - automationComposition.setNodeTypes(nodeTypes.getNodeTypes()); - } - if (null != dataTypes) { - automationComposition.setDataTypes(dataTypes.getDataTypes()); - } - automationCompositionList.add(automationComposition); - } + automationCompositionList.add(automationComposition); } } } catch (final IOException | CoderException exp) { @@ -114,4 +97,28 @@ public class AutomationCompositionDecoderFileInCsar implements PolicyDecoder<Csa return automationCompositionList; } + + /** + * Decode and validate if node or data type is available withing ACM csar file. + * + * @param zipFile full csar file + * @return tosca template with parsed node/data type + * @throws CoderException if file can't be parsed + */ + private Optional<ToscaServiceTemplate> validateTypes(final ZipFile zipFile, String type) + throws CoderException { + + try { + ToscaServiceTemplate template = null; + final Optional<? extends ZipEntry> file = zipFile.stream() + .filter(entry -> entry.getName().contains(type)).findFirst(); + + if (file.isPresent()) { + template = ReceptionUtil.decodeFile(zipFile, file.get()); + } + return Optional.ofNullable(template); + } catch (final IOException | CoderException exp) { + throw new CoderException("Couldn't decode " + type + " type", exp); + } + } } diff --git a/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/PolicyDecoderFileInCsarToPolicy.java b/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/PolicyDecoderFileInCsarToPolicy.java index c4ba21fe..8d0a554a 100644 --- a/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/PolicyDecoderFileInCsarToPolicy.java +++ b/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/decoding/policy/file/PolicyDecoderFileInCsarToPolicy.java @@ -1,7 +1,7 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2018 Ericsson. All rights reserved. - * Copyright (C) 2022 Nordix Foundation. + * Modifications Copyright (C) 2019, 2021-2022 Nordix Foundation. * Modifications Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. * Modifications Copyright (C) 2021 Bell Canada. All rights reserved. * ================================================================================ @@ -26,7 +26,8 @@ package org.onap.policy.distribution.reception.decoding.policy.file; import java.io.IOException; import java.util.ArrayList; import java.util.Collection; -import java.util.Enumeration; +import java.util.List; +import java.util.stream.Collectors; import java.util.zip.ZipEntry; import java.util.zip.ZipFile; import org.onap.policy.common.parameters.ParameterService; @@ -72,25 +73,14 @@ public class PolicyDecoderFileInCsarToPolicy implements PolicyDecoder<Csar, Tosc final Collection<ToscaEntity> policyList = new ArrayList<>(); try (var zipFile = new ZipFile(csar.getCsarFilePath())) { - final Enumeration<? extends ZipEntry> entries = zipFile.entries(); - while (entries.hasMoreElements()) { - // - // Sonar will flag this as a Security Hotspot - // "Expanding archive files is security-sensitive" - // isZipEntryValid ensures the file being read exists in the archive - // - final ZipEntry entry = entries.nextElement(); // NOSONAR - final String entryName = entry.getName(); + final List<? extends ZipEntry> entries = zipFile.stream() + .filter(entry -> entry.getName().contains(decoderParameters.getPolicyTypeFileName()) + || entry.getName().contains(decoderParameters.getPolicyFileName())).collect(Collectors.toList()); - // - // We only care about policy types and policies - // - if (entryName.contains(decoderParameters.getPolicyTypeFileName()) - || entryName.contains(decoderParameters.getPolicyFileName())) { - ReceptionUtil.validateZipEntry(entryName, csar.getCsarFilePath(), entry.getSize()); - final ToscaServiceTemplate policy = ReceptionUtil.decodeFile(zipFile, entry); - policyList.add(policy); - } + for (ZipEntry entry : entries) { + ReceptionUtil.validateZipEntry(entry.getName(), csar.getCsarFilePath(), entry.getSize()); + final ToscaServiceTemplate policy = ReceptionUtil.decodeFile(zipFile, entry); + policyList.add(policy); } } catch (final IOException | CoderException exp) { throw new PolicyDecodingException("Failed decoding the policy", exp); diff --git a/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/util/ReceptionUtil.java b/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/util/ReceptionUtil.java index 9c0bab43..c26286da 100644 --- a/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/util/ReceptionUtil.java +++ b/plugins/reception-plugins/src/main/java/org/onap/policy/distribution/reception/util/ReceptionUtil.java @@ -1,7 +1,6 @@ /*- * ============LICENSE_START======================================================= * Copyright (C) 2022 Nordix Foundation. - * Modifications Copyright (C) 2022 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,6 +21,7 @@ package org.onap.policy.distribution.reception.util; import java.io.IOException; +import java.io.InvalidClassException; import java.nio.file.Path; import java.util.zip.ZipEntry; import java.util.zip.ZipFile; @@ -38,8 +38,12 @@ import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate; */ public class ReceptionUtil { - private static StandardCoder coder = new StandardCoder(); - private static StandardYamlCoder yamlCoder = new StandardYamlCoder(); + private ReceptionUtil() throws InvalidClassException { + throw new InvalidClassException("Can't instantiate a helper class!"); + } + + private static final StandardCoder coder = new StandardCoder(); + private static final StandardYamlCoder yamlCoder = new StandardYamlCoder(); private static final long MAX_FILE_SIZE = 512L * 1024; /** @@ -66,7 +70,7 @@ public class ReceptionUtil { // // Throw an exception if path is outside the csar // - if (! path.startsWith(csarPath)) { + if (!path.startsWith(csarPath)) { throw new PolicyDecodingException("Potential path injection for zip entry " + entryName); } } |