diff options
author | rb7147 <rb7147@att.com> | 2018-01-17 10:29:04 -0500 |
---|---|---|
committer | rb7147 <rb7147@att.com> | 2018-01-17 15:48:25 -0500 |
commit | 74552f84f136c01a99488aeff6d0f7b9a55d5fb3 (patch) | |
tree | cc1a463f40f3ea92b4d1efa4ef33f302d09444ca /packages/base/src | |
parent | 528605fe8efa3631291de0b9bf8e498bdbd0c23f (diff) |
Resolved Security Vulnerability issues
Issue-ID: POLICY-553
Change-Id: I3e0e6a31226e561cef9ec578790659d57b2f65f4
Signed-off-by: rb7147 <rb7147@att.com>
Diffstat (limited to 'packages/base/src')
3 files changed, 67 insertions, 1 deletions
diff --git a/packages/base/src/files/install/mysql/data/180201_upgrade_script.sql b/packages/base/src/files/install/mysql/data/180201_upgrade_script.sql new file mode 100644 index 000000000..f2d085e17 --- /dev/null +++ b/packages/base/src/files/install/mysql/data/180201_upgrade_script.sql @@ -0,0 +1,63 @@ +/*- +* ============LICENSE_START======================================================= +* ONAP Policy Engine +* ================================================================================ +* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +* ================================================================================ +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +* ============LICENSE_END========================================================= +*/ +use onap_sdk; + +alter table configurationdataentity modify configBody mediumtext; + +insert into fn_restricted_url values('admin','menu_admin'); +insert into fn_restricted_url values('get_role','menu_admin'); +insert into fn_restricted_url values('get_role_functions','menu_admin'); +insert into fn_restricted_url values('role_list/*','menu_admin'); +insert into fn_restricted_url values('role_function_list/*','menu_admin'); +insert into fn_restricted_url values('addRole','menu_admin'); +insert into fn_restricted_url values('addRoleFunction','menu_admin'); +insert into fn_restricted_url values('removeRole','menu_admin'); +insert into fn_restricted_url values('removeRoleFunction','menu_admin'); +insert into fn_restricted_url values('profile/*','menu_admin'); + +insert into fn_restricted_url values('welcome.htm','menu_home'); +insert into fn_restricted_url values('policy','menu_home'); +insert into fn_restricted_url values('policy','menu_policy'); +insert into fn_restricted_url values('get_RolesData','menu_home'); +insert into fn_restricted_url values('get_LockDownData','menu_home'); +insert into fn_restricted_url values('adminTabController/*','menu_home'); +insert into fn_restricted_url values('get_AutoPushPoliciesContainerData','menu_home'); +insert into fn_restricted_url values('auto_Push/*','menu_home'); +insert into fn_restricted_url values('get_PDPGroupData','menu_home'); +insert into fn_restricted_url values('pdp_Group/*','menu_home'); +insert into fn_restricted_url values('policy_download/*','menu_home'); +insert into fn_restricted_url values('watchPolicy','menu_home'); +insert into fn_restricted_url values('save_NonSuperRolesData','menu_home'); +insert into fn_restricted_url values('get_PolicyRolesScopeData','menu_home'); +insert into fn_restricted_url values('policyController/*','menu_home'); +insert into fn_restricted_url values('get_FunctionDefinitionDataByName','menu_home'); +insert into fn_restricted_url values('get_DashboardLoggingData','menu_home'); +insert into fn_restricted_url values('get_DashboardSystemAlertData','menu_home'); +insert into fn_restricted_url values('get_DashboardPDPStatusData','menu_home'); +insert into fn_restricted_url values('get_DashboardPolicyActivityData','menu_home'); +insert into fn_restricted_url values('get_DCAEPriorityValues','menu_home'); +insert into fn_restricted_url values('ms_dictionary/*','menu_home'); +insert into fn_restricted_url values('policycreation/*','menu_home'); +insert into fn_restricted_url values('getDictionary/*','menu_home'); +insert into fn_restricted_url values('saveDictionary/*/*','menu_home'); +insert into fn_restricted_url values('deleteDictionary/*/*','menu_home'); +insert into fn_restricted_url values('searchDictionary','menu_home'); +insert into fn_restricted_url values('searchPolicy','menu_home'); +insert into fn_restricted_url values('get_PolicyUserInfo','menu_home');
\ No newline at end of file diff --git a/packages/base/src/files/install/servers/onap/WEB-INF/classes/portal.properties b/packages/base/src/files/install/servers/onap/WEB-INF/classes/portal.properties index 4c95afbcc..1edaf6df1 100644 --- a/packages/base/src/files/install/servers/onap/WEB-INF/classes/portal.properties +++ b/packages/base/src/files/install/servers/onap/WEB-INF/classes/portal.properties @@ -36,7 +36,7 @@ use_rest_for_functional_menu=true ########################################################################## # Name of java class that implements the OnBoardingApiService interface. -portal.api.impl.class = org.openecomp.portalapp.service.OnBoardingApiServiceImpl +portal.api.impl.class = org.onap.portalapp.service.OnBoardingApiServiceImpl # CSP Global Log On for single sign on ecomp_redirect_url = ${{ONAP_REDIRECT_URL}} diff --git a/packages/base/src/files/install/servers/onap/WEB-INF/conf/system.properties b/packages/base/src/files/install/servers/onap/WEB-INF/conf/system.properties index bb33c3f7a..df4584d30 100644 --- a/packages/base/src/files/install/servers/onap/WEB-INF/conf/system.properties +++ b/packages/base/src/files/install/servers/onap/WEB-INF/conf/system.properties @@ -39,6 +39,9 @@ cache_load_on_startup = false user_name = fullName decryption_key = AGLDdG4D04BKm2IxIWEr8o== +#cookie domain +cookie_domain = onap.org + #DB Info #mysql db.driver = ${{JDBC_DRIVER}} |