summaryrefslogtreecommitdiffstats
path: root/POLICY-SDK-APP/src/main/java
diff options
context:
space:
mode:
authorMagnusen, Drew (dm741q) <dm741q@att.com>2018-01-10 14:41:24 -0600
committerMagnusen, Drew (dm741q) <dm741q@att.com>2018-01-16 09:48:51 -0600
commit7f94862a50f552f840cbb2a84ee1c3e20fc3c708 (patch)
tree2c386b622f5c7a6e2e3cd451aeb7cd216b820397 /POLICY-SDK-APP/src/main/java
parentc7ebb39ee23233b0104d3a0f9b1f8fdd66911d18 (diff)
Restrict file upload size in policy editor
Restrict file upload size in Policy Editory using a configurable value (in bytes) set in xacml.admin.properties. Default value is 30MB. Issue-ID: POLICY-538 Change-Id: I4d8539ab33320446aed250ea4fdc51de585d5f2a Signed-off-by: Magnusen, Drew (dm741q) <dm741q@att.com>
Diffstat (limited to 'POLICY-SDK-APP/src/main/java')
-rw-r--r--POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyManagerServlet.java20
-rw-r--r--POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyController.java18
2 files changed, 28 insertions, 10 deletions
diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyManagerServlet.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyManagerServlet.java
index 151d36a33..2c67b451e 100644
--- a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyManagerServlet.java
+++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyManagerServlet.java
@@ -227,24 +227,24 @@ public class PolicyManagerServlet extends HttpServlet {
if (!item.isFormField()) {
// Process form file field (input type="file").
files.put(item.getName(), item.getInputStream());
- if(item.getName().endsWith(".xls")){
- OutputStream outputStream = null;
- try{
- File file = new File(item.getName());
- outputStream = new FileOutputStream(file);
+ if(item.getName().endsWith(".xls") && item.getSize() <= PolicyController.getFileSizeLimit()){
+ File file = new File(item.getName());
+ try (OutputStream outputStream = new FileOutputStream(file);)
+ {
IOUtils.copy(item.getInputStream(), outputStream);
- outputStream.close();
newFile = file.toString();
PolicyExportAndImportController importController = new PolicyExportAndImportController();
importController.importRepositoryFile(newFile, request);
}catch(Exception e){
LOGGER.error("Upload error : " + e);
- }finally{
- if(outputStream != null){
- outputStream.close();
- }
}
}
+ else if (!item.getName().endsWith(".xls")) {
+ LOGGER.error("Non .xls filetype uploaded: " + item.getName());
+ }
+ else { //uploaded file size is greater than allowed
+ LOGGER.error("Upload file size limit exceeded! File size (Bytes) is: " + item.getSize());
+ }
}
}
diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyController.java
index d244cf528..bd8c8287c 100644
--- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyController.java
+++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyController.java
@@ -144,6 +144,9 @@ public class PolicyController extends RestrictedBaseController {
private static String configHome;
private static String actionHome;
+ //File upload size
+ private static long fileSizeLimit;
+
private static boolean jUnit = false;
@@ -176,6 +179,8 @@ public class PolicyController extends RestrictedBaseController {
}
// load a properties file
prop.load(input);
+ //file upload size limit property
+ setFileSizeLimit(prop.getProperty("file.size.limit"));
//pap url
setPapUrl(prop.getProperty("xacml.rest.pap.url"));
// get the property values
@@ -716,6 +721,19 @@ public class PolicyController extends RestrictedBaseController {
return file;
}
+ public static void setFileSizeLimit(String uploadSize) {
+ //Default size limit is 30MB
+ if (uploadSize == null || uploadSize.isEmpty()) {
+ fileSizeLimit = 30000000;
+ }
+ else {
+ fileSizeLimit = Long.parseLong(uploadSize);
+ }
+ }
+
+ public static long getFileSizeLimit() {
+ return fileSizeLimit;
+ }
public String convertDate(String dateTTL) {
String formateDate = null;
if(dateTTL.contains("-")){