diff options
Diffstat (limited to 'POLICY-SDK-APP/src/main/java')
8 files changed, 232 insertions, 133 deletions
diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyManagerServlet.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyManagerServlet.java index 6fab5a608..b4817147c 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyManagerServlet.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyManagerServlet.java @@ -45,6 +45,7 @@ import java.util.Set; import javax.json.Json; import javax.json.JsonArray; import javax.json.JsonReader; +import javax.script.SimpleBindings; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.annotation.WebInitParam; @@ -371,8 +372,11 @@ public class PolicyManagerServlet extends HttpServlet { if(policyName.contains("\\")){ policyName = policyName.replace("\\", "\\\\"); } - String policyVersionQuery = "From PolicyVersion where policy_name ='"+policyName+"' and active_version = '"+version+"'and id >0"; - List<Object> activeData = controller.getDataByQuery(policyVersionQuery); + String policyVersionQuery = "From PolicyVersion where policy_name = :policyName and active_version = :version and id >0"; + SimpleBindings pvParams = new SimpleBindings(); + pvParams.put("policyName", policyName); + pvParams.put("version", version); + List<Object> activeData = controller.getDataByQuery(policyVersionQuery, pvParams); if(!activeData.isEmpty()){ PolicyVersion policy = (PolicyVersion) activeData.get(0); JSONObject el = new JSONObject(); @@ -461,8 +465,11 @@ public class PolicyManagerServlet extends HttpServlet { dbCheckName = dbCheckName.replace(".Decision_", ":Decision_"); } String[] splitDBCheckName = dbCheckName.split(":"); - String peQuery = "FROM PolicyEntity where policyName = '"+splitDBCheckName[1]+"' and scope ='"+splitDBCheckName[0]+"'"; - List<Object> policyEntity = controller.getDataByQuery(peQuery); + String peQuery = "FROM PolicyEntity where policyName = :splitDBCheckName_1 and scope = :splitDBCheckName_0"; + SimpleBindings policyParams = new SimpleBindings(); + policyParams.put("splitDBCheckName_1", splitDBCheckName[1]); + policyParams.put("splitDBCheckName_0", splitDBCheckName[0]); + List<Object> policyEntity = controller.getDataByQuery(peQuery, policyParams); PolicyEntity pentity = (PolicyEntity) policyEntity.get(0); if(pentity.isDeleted()){ return error("The Policy is Not Existing in Workspace"); @@ -520,8 +527,11 @@ public class PolicyManagerServlet extends HttpServlet { } PolicyController controller = getPolicyControllerInstance(); String[] split = path.split(":"); - String query = "FROM PolicyEntity where policyName = '"+split[1]+"' and scope ='"+split[0]+"'"; - List<Object> queryData = controller.getDataByQuery(query); + String query = "FROM PolicyEntity where policyName = :split_1 and scope = :split_0"; + SimpleBindings peParams = new SimpleBindings(); + peParams.put("split_1", split[1]); + peParams.put("split_0", split[0]); + List<Object> queryData = controller.getDataByQuery(query, peParams); if(!queryData.isEmpty()){ PolicyEntity entity = (PolicyEntity) queryData.get(0); File temp = null; @@ -650,13 +660,15 @@ public class PolicyManagerServlet extends HttpServlet { private List<Object> queryPolicyEditorScopes(String scopeName){ String scopeNamequery = ""; + SimpleBindings params = new SimpleBindings(); if(scopeName == null){ scopeNamequery = "from PolicyEditorScopes"; }else{ - scopeNamequery = "from PolicyEditorScopes where SCOPENAME like'" +scopeName+"%'"; + scopeNamequery = "from PolicyEditorScopes where SCOPENAME like :scopeName"; + params.put("scopeName", scopeName + "%"); } PolicyController controller = getPolicyControllerInstance(); - List<Object> scopesList = controller.getDataByQuery(scopeNamequery); + List<Object> scopesList = controller.getDataByQuery(scopeNamequery, params); return scopesList; } @@ -669,10 +681,14 @@ public class PolicyManagerServlet extends HttpServlet { if(scopeName.contains("\\")){ scopeName = scopeName.replace("\\", "\\\\\\\\"); } - String query = "from PolicyVersion where POLICY_NAME like '" +scopeName+"%'"; - String scopeNamequery = "from PolicyEditorScopes where SCOPENAME like '" +scopeName+"%'"; - List<Object> activePolicies = controller.getDataByQuery(query); - List<Object> scopesList = controller.getDataByQuery(scopeNamequery); + String query = "from PolicyVersion where POLICY_NAME like :scopeName"; + String scopeNamequery = "from PolicyEditorScopes where SCOPENAME like :scopeName"; + + SimpleBindings params = new SimpleBindings(); + params.put("scopeName", scopeName + "%"); + + List<Object> activePolicies = controller.getDataByQuery(query, params); + List<Object> scopesList = controller.getDataByQuery(scopeNamequery, params); for(Object list : scopesList){ PolicyEditorScopes scopeById = (PolicyEditorScopes) list; String scope = scopeById.getScopeName(); @@ -773,10 +789,12 @@ public class PolicyManagerServlet extends HttpServlet { newScopeName = newScopeName.replace("\\", "\\\\\\\\"); } PolicyController controller = getPolicyControllerInstance(); - String query = "from PolicyVersion where POLICY_NAME like'" +scopeName+"%'"; - String scopeNamequery = "from PolicyEditorScopes where SCOPENAME like'" +scopeName+"%'"; - List<Object> activePolicies = controller.getDataByQuery(query); - List<Object> scopesList = controller.getDataByQuery(scopeNamequery); + String query = "from PolicyVersion where POLICY_NAME like :scopeName"; + String scopeNamequery = "from PolicyEditorScopes where SCOPENAME like :scopeName"; + SimpleBindings pvParams = new SimpleBindings(); + pvParams.put("scopeName", scopeName + "%"); + List<Object> activePolicies = controller.getDataByQuery(query, pvParams); + List<Object> scopesList = controller.getDataByQuery(scopeNamequery, pvParams); for(Object object : activePolicies){ PolicyVersion activeVersion = (PolicyVersion) object; String policyOldPath = activeVersion.getPolicyName().replace(File.separator, "/") + "." + activeVersion.getActiveVersion() + ".xml"; @@ -866,8 +884,11 @@ public class PolicyManagerServlet extends HttpServlet { String[] oldPolicySplit = oldPolicyCheck.split(":"); //Check PolicyEntity table with newPolicy Name - String policyEntityquery = "FROM PolicyEntity where policyName = '"+newPolicySplit[1]+"' and scope ='"+newPolicySplit[0]+"'"; - List<Object> queryData = controller.getDataByQuery(policyEntityquery); + String policyEntityquery = "FROM PolicyEntity where policyName = :newPolicySplit_1 and scope = :newPolicySplit_1"; + SimpleBindings policyParams = new SimpleBindings(); + policyParams.put("newPolicySplit_1", newPolicySplit[1]); + policyParams.put("newPolicySplit_0", newPolicySplit[0]); + List<Object> queryData = controller.getDataByQuery(policyEntityquery, policyParams); if(!queryData.isEmpty()){ entity = (PolicyEntity) queryData.get(0); return error("Policy rename failed. Since, the policy with same name already exists."); @@ -875,20 +896,26 @@ public class PolicyManagerServlet extends HttpServlet { //Query the Policy Entity with oldPolicy Name String policyEntityCheck = oldPolicySplit[1].substring(0, oldPolicySplit[1].indexOf(".")); - String oldpolicyEntityquery = "FROM PolicyEntity where policyName like '"+policyEntityCheck+"%' and scope ='"+oldPolicySplit[0]+"'"; - List<Object> oldEntityData = controller.getDataByQuery(oldpolicyEntityquery); + String oldpolicyEntityquery = "FROM PolicyEntity where policyName like :policyEntityCheck and scope = :oldPolicySplit_0"; + SimpleBindings params = new SimpleBindings(); + params.put("policyEntityCheck", policyEntityCheck + "%"); + params.put("oldPolicySplit_0", oldPolicySplit[0]); + List<Object> oldEntityData = controller.getDataByQuery(oldpolicyEntityquery, params); if(!oldEntityData.isEmpty()){ String groupQuery = "FROM PolicyGroupEntity where ("; + SimpleBindings geParams = new SimpleBindings(); for(int i=0; i<oldEntityData.size(); i++){ entity = (PolicyEntity) oldEntityData.get(i); if(i == 0){ - groupQuery = groupQuery + "policyid =" + entity.getPolicyId(); + groupQuery = groupQuery + "policyid = :policyId"; + geParams.put("policyId", entity.getPolicyId()); }else{ - groupQuery = groupQuery + " or policyid =" + entity.getPolicyId(); + groupQuery = groupQuery + " or policyid = :policyId" + i; + geParams.put("policyId" + i, entity.getPolicyId()); } } groupQuery = groupQuery + ")"; - List<Object> groupEntityData = controller.getDataByQuery(groupQuery); + List<Object> groupEntityData = controller.getDataByQuery(groupQuery, geParams); if(groupEntityData.size() > 0){ return error("Policy rename failed. Since the policy or its version is active in PDP Groups."); } @@ -1077,15 +1104,21 @@ public class PolicyManagerServlet extends HttpServlet { boolean success = false; //Check PolicyEntity table with newPolicy Name - String policyEntityquery = "FROM PolicyEntity where policyName = '"+newPolicySplit[1]+"' and scope ='"+newPolicySplit[0]+"'"; - List<Object> queryData = controller.getDataByQuery(policyEntityquery); + String policyEntityquery = "FROM PolicyEntity where policyName = :newPolicySplit_1 and scope = :newPolicySplit_0"; + SimpleBindings policyParams = new SimpleBindings(); + policyParams.put("newPolicySplit_1", newPolicySplit[1]); + policyParams.put("newPolicySplit_0", newPolicySplit[0]); + List<Object> queryData = controller.getDataByQuery(policyEntityquery, policyParams); if(!queryData.isEmpty()){ return error("Policy already exists with same name"); } //Query the Policy Entity with oldPolicy Name - policyEntityquery = "FROM PolicyEntity where policyName = '"+oldPolicySplit[1]+"' and scope ='"+oldPolicySplit[0]+"'"; - queryData = controller.getDataByQuery(policyEntityquery); + policyEntityquery = "FROM PolicyEntity where policyName = :oldPolicySplit_1 and scope = :oldPolicySplit_0"; + SimpleBindings peParams = new SimpleBindings(); + peParams.put("oldPolicySplit_1", oldPolicySplit[1]); + peParams.put("oldPolicySplit_0", oldPolicySplit[0]); + queryData = controller.getDataByQuery(policyEntityquery, peParams); if(!queryData.isEmpty()){ entity = (PolicyEntity) queryData.get(0); } @@ -1131,6 +1164,7 @@ public class PolicyManagerServlet extends HttpServlet { String policyNamewithExtension = path.replace("/", File.separator); String policyVersionName = policyNamewithExtension.replace(".xml", ""); String query = ""; + SimpleBindings policyParams = new SimpleBindings(); if(path.endsWith(".xml")){ policyNamewithoutExtension = policyVersionName.substring(0, policyVersionName.lastIndexOf(".")); policyNamewithoutExtension = policyNamewithoutExtension.replace(File.separator, "."); @@ -1143,13 +1177,16 @@ public class PolicyManagerServlet extends HttpServlet { splitPolicyName = policyNamewithoutExtension.replace(".Decision_", ":Decision_"); } String[] split = splitPolicyName.split(":"); - query = "FROM PolicyEntity where policyName like '"+split[1]+"%' and scope ='"+split[0]+"'"; + query = "FROM PolicyEntity where policyName like split_1 and scope = split_0"; + policyParams.put("split_1", split[1] + "%"); + policyParams.put("split_0", split[0]); }else{ policyNamewithoutExtension = path.replace(File.separator, "."); - query = "FROM PolicyEntity where scope like '"+policyNamewithoutExtension+"%'"; + query = "FROM PolicyEntity where scope like :policyNamewithoutExtension"; + policyParams.put("policyNamewithoutExtension", policyNamewithoutExtension + "%"); } - List<Object> policyEntityobjects = controller.getDataByQuery(query); + List<Object> policyEntityobjects = controller.getDataByQuery(query, policyParams); String activePolicyName = null; boolean pdpCheck = false; if(path.endsWith(".xml")){ @@ -1159,8 +1196,10 @@ public class PolicyManagerServlet extends HttpServlet { if(!policyEntityobjects.isEmpty()){ for(Object object : policyEntityobjects){ policyEntity = (PolicyEntity) object; - String groupEntityquery = "from PolicyGroupEntity where policyid = '"+policyEntity.getPolicyId()+"'"; - List<Object> groupobject = controller.getDataByQuery(groupEntityquery); + String groupEntityquery = "from PolicyGroupEntity where policyid = :policyId"; + SimpleBindings pgeParams = new SimpleBindings(); + pgeParams.put("policyId", policyEntity.getPolicyId()); + List<Object> groupobject = controller.getDataByQuery(groupEntityquery, pgeParams); if(!groupobject.isEmpty()){ pdpCheck = true; activePolicyName = policyEntity.getScope() +"."+ policyEntity.getPolicyName(); @@ -1202,14 +1241,21 @@ public class PolicyManagerServlet extends HttpServlet { }else if("CURRENT".equals(deleteVersion)){ String currentVersionPolicyName = policyNamewithExtension.substring(policyNamewithExtension.lastIndexOf(File.separator)+1); String currentVersionScope = policyNamewithExtension.substring(0, policyNamewithExtension.lastIndexOf(File.separator)).replace(File.separator, "."); - query = "FROM PolicyEntity where policyName = '"+currentVersionPolicyName+"' and scope ='"+currentVersionScope+"'"; - List<Object> policyEntitys = controller.getDataByQuery(query); + query = "FROM PolicyEntity where policyName = :currentVersionPolicyName and scope = :currentVersionScope"; + + SimpleBindings peParams = new SimpleBindings(); + peParams.put("currentVersionPolicyName", currentVersionPolicyName); + peParams.put("currentVersionScope", currentVersionScope); + + List<Object> policyEntitys = controller.getDataByQuery(query, peParams); if(!policyEntitys.isEmpty()){ policyEntity = (PolicyEntity) policyEntitys.get(0); } if(policyEntity != null){ - String groupEntityquery = "from PolicyGroupEntity where policyid = '"+policyEntity.getPolicyId()+"' and policyid > 0"; - List<Object> groupobject = controller.getDataByQuery(groupEntityquery); + String groupEntityquery = "from PolicyGroupEntity where policyid = :policyEntityId and policyid > 0"; + SimpleBindings geParams = new SimpleBindings(); + geParams.put("policyEntityId", policyEntity.getPolicyId()); + List<Object> groupobject = controller.getDataByQuery(groupEntityquery, geParams); if(groupobject.isEmpty()){ //Delete the entity from Elastic Search Database String searchFileName = policyEntity.getScope() + "." + policyEntity.getPolicyName(); @@ -1260,8 +1306,10 @@ public class PolicyManagerServlet extends HttpServlet { if(!policyEntityobjects.isEmpty()){ for(Object object : policyEntityobjects){ policyEntity = (PolicyEntity) object; - String groupEntityquery = "from PolicyGroupEntity where policyid = '"+policyEntity.getPolicyId()+"'"; - List<Object> groupobject = controller.getDataByQuery(groupEntityquery); + String groupEntityquery = "from PolicyGroupEntity where policyid = :policyEntityId"; + SimpleBindings geParams = new SimpleBindings(); + geParams.put("policyEntityId", policyEntity.getPolicyId()); + List<Object> groupobject = controller.getDataByQuery(groupEntityquery, geParams); if(!groupobject.isEmpty()){ pdpCheck = true; activePoliciesInPDP.add(policyEntity.getScope()+"."+policyEntity.getPolicyName()); @@ -1344,8 +1392,11 @@ public class PolicyManagerServlet extends HttpServlet { } String[] split = dbCheckName.split(":"); - String query = "FROM PolicyEntity where policyName = '"+split[1]+"' and scope ='"+split[0]+"'"; - List<Object> queryData = controller.getDataByQuery(query); + String query = "FROM PolicyEntity where policyName = :split_1 and scope = :split_0"; + SimpleBindings peParams = new SimpleBindings(); + peParams.put("split_1", split[1]); + peParams.put("split_0", split[0]); + List<Object> queryData = controller.getDataByQuery(query, peParams); PolicyEntity entity = (PolicyEntity) queryData.get(0); InputStream stream = new ByteArrayInputStream(entity.getPolicyData().getBytes(StandardCharsets.UTF_8)); diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyNotificationMail.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyNotificationMail.java index bf89c01ff..a4e476200 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyNotificationMail.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyNotificationMail.java @@ -30,6 +30,7 @@ import java.util.Properties; import javax.mail.MessagingException; import javax.mail.internet.InternetAddress; import javax.mail.internet.MimeMessage; +import javax.script.SimpleBindings; import org.onap.policy.common.logging.flexlogger.FlexLogger; import org.onap.policy.common.logging.flexlogger.Logger; @@ -116,9 +117,12 @@ public class PolicyNotificationMail{ policyFileName = policyFileName.replace("\\", "\\\\"); } - String query = "from WatchPolicyNotificationTable where policyName like'" +policyFileName+"%'"; + policyFileName += "%"; + String query = "from WatchPolicyNotificationTable where policyName like:policyFileName"; boolean sendFlag = false; - List<Object> watchList = policyNotificationDao.getDataByQuery(query); + SimpleBindings params = new SimpleBindings(); + params.put("policyFileName", policyFileName); + List<Object> watchList = policyNotificationDao.getDataByQuery(query, params); if(watchList != null && !watchList.isEmpty()){ for(Object watch : watchList){ WatchPolicyNotificationTable list = (WatchPolicyNotificationTable) watch; diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AutoPushController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AutoPushController.java index 7d601d6f3..b72993f19 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AutoPushController.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AutoPushController.java @@ -38,6 +38,7 @@ import java.util.List; import java.util.Map; import java.util.Set; +import javax.script.SimpleBindings; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -148,8 +149,11 @@ public class AutoPushController extends RestrictedBaseController{ }else{ if(!scopes.isEmpty()){ for(String scope : scopes){ - String query = "From PolicyVersion where policy_name like '"+scope+"%' and id > 0"; - List<Object> filterdatas = commonClassDao.getDataByQuery(query); + scope += "%"; + String query = "From PolicyVersion where policy_name like :scope and id > 0"; + SimpleBindings params = new SimpleBindings(); + params.put("scope", scope); + List<Object> filterdatas = commonClassDao.getDataByQuery(query, params); if(filterdatas != null){ for(int i =0; i < filterdatas.size(); i++){ data.add(filterdatas.get(i)); @@ -236,8 +240,11 @@ public class AutoPushController extends RestrictedBaseController{ dbCheckName = dbCheckName.replace(".Decision_", ":Decision_"); } String[] split = dbCheckName.split(":"); - String query = "FROM PolicyEntity where policyName = '"+split[1]+"' and scope ='"+split[0]+"'"; - List<Object> queryData = controller.getDataByQuery(query); + String query = "FROM PolicyEntity where policyName = :split_1 and scope = :split_0"; + SimpleBindings policyParams = new SimpleBindings(); + policyParams.put("split_1", split[1]); + policyParams.put("split_0", split[0]); + List<Object> queryData = controller.getDataByQuery(query, policyParams); PolicyEntity policyEntity = (PolicyEntity) queryData.get(0); File temp = new File(name); BufferedWriter bw = new BufferedWriter(new FileWriter(temp)); diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/DashboardController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/DashboardController.java index d6d4a2c69..aedb94301 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/DashboardController.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/DashboardController.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -40,6 +40,7 @@ import javax.management.ReflectionException; import javax.management.remote.JMXConnector; import javax.management.remote.JMXConnectorFactory; import javax.management.remote.JMXServiceURL; +import javax.script.SimpleBindings; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -76,16 +77,16 @@ public class DashboardController extends RestrictedBaseController{ private static final Logger policyLogger = FlexLogger.getLogger(DashboardController.class); @Autowired SystemLogDbDao systemDAO; - + @Autowired CommonClassDao commonClassDao; - + private int pdpCount; private PDPGroupContainer pdpConatiner; private ArrayList<Object> pdpStatusData; private ArrayList<Object> papStatusData; private ArrayList<Object> policyActivityData; - + private PolicyController policyController; public PolicyController getPolicyController() { return policyController; @@ -94,11 +95,11 @@ public class DashboardController extends RestrictedBaseController{ public void setPolicyController(PolicyController policyController) { this.policyController = policyController; } - + private PolicyController getPolicyControllerInstance(){ return policyController != null ? getPolicyController() : new PolicyController(); } - + @RequestMapping(value={"/get_DashboardLoggingData"}, method={org.springframework.web.bind.annotation.RequestMethod.GET} , produces=MediaType.APPLICATION_JSON_VALUE) public void getData(HttpServletRequest request, HttpServletResponse response){ try{ @@ -113,7 +114,7 @@ public class DashboardController extends RestrictedBaseController{ policyLogger.error("Exception Occured"+e); } } - + @RequestMapping(value={"/get_DashboardSystemAlertData"}, method={org.springframework.web.bind.annotation.RequestMethod.GET} , produces=MediaType.APPLICATION_JSON_VALUE) public void getSystemAlertData(HttpServletRequest request, HttpServletResponse response){ try{ @@ -128,7 +129,7 @@ public class DashboardController extends RestrictedBaseController{ policyLogger.error("Exception Occured"+e); } } - + @RequestMapping(value={"/get_DashboardPAPStatusData"}, method={org.springframework.web.bind.annotation.RequestMethod.GET} , produces=MediaType.APPLICATION_JSON_VALUE) public void getPAPStatusData(HttpServletRequest request, HttpServletResponse response){ try{ @@ -145,7 +146,7 @@ public class DashboardController extends RestrictedBaseController{ policyLogger.error("Exception Occured"+e); } } - + @RequestMapping(value={"/get_DashboardPDPStatusData"}, method={org.springframework.web.bind.annotation.RequestMethod.GET} , produces=MediaType.APPLICATION_JSON_VALUE) public void getPDPStatusData(HttpServletRequest request, HttpServletResponse response){ try{ @@ -164,7 +165,7 @@ public class DashboardController extends RestrictedBaseController{ policyLogger.error("Exception Occured"+e); } } - + @RequestMapping(value={"/get_DashboardPolicyActivityData"}, method={org.springframework.web.bind.annotation.RequestMethod.GET} , produces=MediaType.APPLICATION_JSON_VALUE) public void getPolicyActivityData(HttpServletRequest request, HttpServletResponse response){ try{ @@ -183,7 +184,7 @@ public class DashboardController extends RestrictedBaseController{ policyLogger.error("Exception Occured"+e); } } - + /* * Add the PAP information to the PAP Table */ @@ -195,7 +196,7 @@ public class DashboardController extends RestrictedBaseController{ Set<OnapPDPGroup> groups = controller.getPapEngine().getOnapPDPGroups(); if (groups == null) { papStatus = "UNKNOWN"; - throw new PAPException("PAP not running"); + throw new PAPException("PAP not running"); }else { papStatus = "IS_OK"; } @@ -207,23 +208,23 @@ public class DashboardController extends RestrictedBaseController{ JSONObject object = new JSONObject(); object.put("system", papURL); object.put("status", papStatus); - List<Object> data = commonClassDao.getDataByQuery("from PolicyEntity"); + List<Object> data = commonClassDao.getDataByQuery("from PolicyEntity", new SimpleBindings()); object.put("noOfPolicy", data.size()); object.put("noOfConnectedTrap", pdpCount); papStatusData.add(0, object); } - + /** * Add PDP Information to the PDP Table - * + * */ - public void addPDPToTable(){ + public void addPDPToTable(){ pdpCount = 0; pdpStatusData = new ArrayList<>(); long naCount; long denyCount = 0; long permitCount = 0; - for (PDPGroup group : this.pdpConatiner.getGroups()){ + for (PDPGroup group : this.pdpConatiner.getGroups()){ for (PDP pdp : group.getPdps()){ naCount = -1; if ("UP_TO_DATE".equals(pdp.getStatus().getStatus().toString()) && ((OnapPDP) pdp).getJmxPort() != 0){ @@ -247,7 +248,7 @@ public class DashboardController extends RestrictedBaseController{ object.put("denyCount", "NA"); object.put("naCount", "NA"); pdpStatusData.add(object); - }else{ + }else{ JSONObject object = new JSONObject(); object.put("id", pdp.getId()); object.put("name", pdp.getName()); @@ -263,23 +264,23 @@ public class DashboardController extends RestrictedBaseController{ } } } - - private static String parseIPSystem(String line) { + + private static String parseIPSystem(String line) { Pattern pattern = Pattern.compile("://(.+?):"); Matcher ip = pattern.matcher(line); if (ip.find()) { return ip.group(1); - } + } return null; } - + /* * Contact JMX Connector Sever and return the value of the given jmxAttribute */ @SuppressWarnings({ "rawtypes", "unchecked" }) private long getRequestCounts(String host, int port, String jmxAttribute) { - + policyLogger.debug("Create an RMI connector client and connect it to the JMX connector server"); HashMap map = new HashMap(); map = null; @@ -295,7 +296,7 @@ public class DashboardController extends RestrictedBaseController{ policyLogger.error("MalformedURLException for JMX connection" , e); } catch (IOException e) { policyLogger.error("Error in reteriving" + jmxAttribute + " from JMX connection", e); - } catch (AttributeNotFoundException e) { + } catch (AttributeNotFoundException e) { policyLogger.error("AttributeNotFoundException " + jmxAttribute + " for JMX connection", e); } catch (InstanceNotFoundException e) { policyLogger.error("InstanceNotFoundException " + host + " for JMX connection", e); @@ -307,15 +308,15 @@ public class DashboardController extends RestrictedBaseController{ } catch (ReflectionException e) { policyLogger.error("ReflectionException for JMX connection", e); } - + return -1; } - + private static JMXServiceURL createConnectionURL(String host, int port) throws MalformedURLException{ return new JMXServiceURL("rmi", "", 0, "/jndi/rmi://" + host + ":" + port + "/jmxrmi"); } - - + + /* * Add the information to the Policy Table */ @@ -325,9 +326,9 @@ public class DashboardController extends RestrictedBaseController{ int policyFireCount = 0; Map<String, String> policyMap = new HashMap<>(); Object policyList = null; - //get list of policy - - for (PDPGroup group : this.pdpConatiner.getGroups()){ + //get list of policy + + for (PDPGroup group : this.pdpConatiner.getGroups()){ for (PDPPolicy policy : group.getPolicies()){ try{ policyMap.put(policy.getPolicyId().replace(" ", ""), policy.getId()); @@ -335,8 +336,8 @@ public class DashboardController extends RestrictedBaseController{ policyLogger.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID+policy.getName() +e); } } - - for (PDP pdp : group.getPdps()){ + + for (PDP pdp : group.getPdps()){ // Add rows to the Policy Table policyList = null; if ("UP_TO_DATE".equals(pdp.getStatus().getStatus().toString()) && ((OnapPDP) pdp).getJmxPort() != 0){ @@ -345,16 +346,16 @@ public class DashboardController extends RestrictedBaseController{ } if (policyList != null && policyList.toString().length() > 3){ String[] splitPolicy = policyList.toString().split(","); - for (String policyKeyValue : splitPolicy){ - policyID = urnPolicyID(policyKeyValue); - policyFireCount = countPolicyID(policyKeyValue); + for (String policyKeyValue : splitPolicy){ + policyID = urnPolicyID(policyKeyValue); + policyFireCount = countPolicyID(policyKeyValue); if (policyID != null ){ if (policyMap.containsKey(policyID)){ JSONObject object = new JSONObject(); object.put("policyId", policyMap.get(policyID)); object.put("fireCount", policyFireCount); object.put("system", pdp.getId()); - policyActivityData.add(object); + policyActivityData.add(object); } } } @@ -372,11 +373,11 @@ public class DashboardController extends RestrictedBaseController{ object.put("system", pdp.getId()); policyActivityData.add(object); } - } + } } } } - + /* * Contact JMX Connector Sever and return the list of {policy id , count} */ @@ -397,7 +398,7 @@ public class DashboardController extends RestrictedBaseController{ policyLogger.error("MalformedURLException for JMX connection" , e); } catch (IOException e) { policyLogger.error("AttributeNotFoundException for policyMap" , e); - } catch (AttributeNotFoundException e) { + } catch (AttributeNotFoundException e) { policyLogger.error("AttributeNotFoundException for JMX connection", e); } catch (InstanceNotFoundException e) { policyLogger.error("InstanceNotFoundException " + host + " for JMX connection", e); @@ -409,22 +410,22 @@ public class DashboardController extends RestrictedBaseController{ } catch (ReflectionException e) { policyLogger.error("ReflectionException for JMX connection", e); } - + return null; - + } - + private static String urnPolicyID(String line){ - String[] splitLine = line.toString().split("="); + String[] splitLine = line.toString().split("="); String removeSpaces = splitLine[0].replaceAll("\\s+", ""); return removeSpaces.replace("{", ""); } - + private static Integer countPolicyID(String line){ String[] splitLine = line.toString().split("="); String sCount = splitLine[1].replace("}", ""); int intCount = Integer.parseInt(sCount); return intCount; } - + } diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyController.java index 375ee2d10..35b9b959d 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyController.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyController.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -33,6 +33,7 @@ import java.util.Properties; import javax.annotation.PostConstruct; import javax.mail.MessagingException; +import javax.script.SimpleBindings; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -65,7 +66,7 @@ import org.onap.policy.xacml.api.pap.PAPPolicyEngine; import com.att.research.xacml.util.XACMLProperties; import com.fasterxml.jackson.databind.ObjectMapper; -import org.onap.policy.common.logging.flexlogger.FlexLogger; +import org.onap.policy.common.logging.flexlogger.FlexLogger; import org.onap.policy.common.logging.flexlogger.Logger; @@ -75,7 +76,7 @@ public class PolicyController extends RestrictedBaseController { private static final Logger policyLogger = FlexLogger.getLogger(PolicyController.class); private static CommonClassDao commonClassDao; - + // Our authorization object // XacmlAdminAuthorization authorizer = new XacmlAdminAuthorization(); @@ -108,7 +109,7 @@ public class PolicyController extends RestrictedBaseController { private static final String characterEncoding = "UTF-8"; private static final String contentType = "application/json"; private static final String file = "file"; - + //Smtp Java Mail Properties private static String smtpHost = null; private static String smtpPort = null; @@ -127,20 +128,20 @@ public class PolicyController extends RestrictedBaseController { private static String xacmldbUserName = null; private static String xacmldbPassword = null; - //AutoPush feature. + //AutoPush feature. private static String autoPushAvailable; private static String autoPushDSClosedLoop; private static String autoPushDSFirewall; private static String autoPushDSMicroservice; private static String autoPushPDPGroup; - + //papURL private static String papUrl; - + //MicroService Model Properties private static String msOnapName; private static String msPolicyName; - + //WebApp directories private static String configHome; private static String actionHome; @@ -162,7 +163,7 @@ public class PolicyController extends RestrictedBaseController { // load a properties file prop.load(input); //pap url - setPapUrl(prop.getProperty("xacml.rest.pap.url")); + setPapUrl(prop.getProperty("xacml.rest.pap.url")); // get the property values setSmtpHost(prop.getProperty("onap.smtp.host")); setSmtpPort(prop.getProperty("onap.smtp.port")); @@ -192,7 +193,7 @@ public class PolicyController extends RestrictedBaseController { //WebApp directories setConfigHome(prop.getProperty("xacml.rest.config.webapps") + "Config"); setActionHome(prop.getProperty("xacml.rest.config.webapps") + "Action"); - //Get the Property Values for Dashboard tab Limit + //Get the Property Values for Dashboard tab Limit try{ setLogTableLimit(prop.getProperty("xacml.onap.dashboard.logTableLimit")); setSystemAlertTableLimit(prop.getProperty("xacml.onap.dashboard.systemAlertTableLimit")); @@ -214,7 +215,7 @@ public class PolicyController extends RestrictedBaseController { } } - //Initialize the FunctionDefinition table at Server Start up + //Initialize the FunctionDefinition table at Server Start up Map<Datatype, List<FunctionDefinition>> functionMap = getFunctionDatatypeMap(); for (Datatype id : functionMap.keySet()) { List<FunctionDefinition> functionDefinations = functionMap.get(id); @@ -225,7 +226,7 @@ public class PolicyController extends RestrictedBaseController { } - public static Map<Datatype, List<FunctionDefinition>> getFunctionDatatypeMap() { + public static Map<Datatype, List<FunctionDefinition>> getFunctionDatatypeMap() { synchronized(mapAccess) { if (mapDatatype2Function == null) { buildFunctionMaps(); @@ -245,8 +246,8 @@ public class PolicyController extends RestrictedBaseController { private static void buildFunctionMaps() { mapDatatype2Function = new HashMap<>(); - mapID2Function = new HashMap<>(); - List<Object> functiondefinitions = commonClassDao.getData(FunctionDefinition.class); + mapID2Function = new HashMap<>(); + List<Object> functiondefinitions = commonClassDao.getData(FunctionDefinition.class); for (int i = 0; i < functiondefinitions.size(); i ++) { FunctionDefinition value = (FunctionDefinition) functiondefinitions.get(i); mapID2Function.put(value.getXacmlid(), value); @@ -271,7 +272,7 @@ public class PolicyController extends RestrictedBaseController { policyLogger.error(XACMLErrorConstants.ERROR_DATA_ISSUE +"Error while retriving the Function Definition data"+e); } } - + public PolicyEntity getPolicyEntityData(String scope, String policyName){ String key = scope + ":" + policyName; List<Object> data = commonClassDao.getDataById(PolicyEntity.class, "scope:policyName", key); @@ -319,19 +320,19 @@ public class PolicyController extends RestrictedBaseController { } } - //Policy tabs Model and View + //Policy tabs Model and View @RequestMapping(value= {"/policy", "/policy/Editor" } , method = RequestMethod.GET) public ModelAndView view(HttpServletRequest request){ String myRequestURL = request.getRequestURL().toString(); try { // // Set the URL for the RESTful PAP Engine - // + // setPapEngine((PAPPolicyEngine) new RESTfulPAPEngine(myRequestURL)); new PDPGroupContainer((PAPPolicyEngine) new RESTfulPAPEngine(myRequestURL)); } catch (Exception e) { policyLogger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR+"Exception Occured while loading PAP"+e); - } + } Map<String, Object> model = new HashMap<>(); return new ModelAndView("policy_Editor","model", model); } @@ -351,7 +352,7 @@ public class PolicyController extends RestrictedBaseController { } public static boolean getActivePolicy(String query) { - if(commonClassDao.getDataByQuery(query).size() > 0){ + if(commonClassDao.getDataByQuery(query, new SimpleBindings()).size() > 0){ return true; }else{ return false; @@ -359,9 +360,9 @@ public class PolicyController extends RestrictedBaseController { } public void executeQuery(String query) { - commonClassDao.updateQuery(query); + commonClassDao.updateQuery(query); } - + public void saveData(Object cloneEntity) { commonClassDao.save(cloneEntity); } @@ -373,7 +374,7 @@ public class PolicyController extends RestrictedBaseController { public void deleteData(Object entity) { commonClassDao.delete(entity); } - + public List<Object> getData(@SuppressWarnings("rawtypes") Class className){ return commonClassDao.getData(className); } @@ -382,8 +383,8 @@ public class PolicyController extends RestrictedBaseController { return (PolicyVersion) commonClassDao.getEntityItem(PolicyVersion.class, "policyName", query); } - public List<Object> getDataByQuery(String query){ - return commonClassDao.getDataByQuery(query); + public List<Object> getDataByQuery(String query, SimpleBindings params){ + return commonClassDao.getDataByQuery(query, params); } @@ -391,8 +392,8 @@ public class PolicyController extends RestrictedBaseController { public Object getEntityItem(Class className, String columname, String key){ return commonClassDao.getEntityItem(className, columname, key); } - - + + public void watchPolicyFunction(PolicyVersion entity, String policyName, String mode){ PolicyNotificationMail email = new PolicyNotificationMail(); try { @@ -413,8 +414,11 @@ public class PolicyController extends RestrictedBaseController { dbCheckName = dbCheckName.replace(".Decision_", ":Decision_"); } String[] splitDBCheckName = dbCheckName.split(":"); - String query = "FROM PolicyEntity where policyName like'"+splitDBCheckName[1]+"%' and scope ='"+splitDBCheckName[0]+"'"; - List<Object> policyEntity = commonClassDao.getDataByQuery(query); + String query = "FROM PolicyEntity where policyName like :splitDBCheckName1 and scope = :splitDBCheckName0"; + SimpleBindings params = new SimpleBindings(); + params.put("splitDBCheckName1", splitDBCheckName[1] + "%"); + params.put("splitDBCheckName0", splitDBCheckName[0]); + List<Object> policyEntity = commonClassDao.getDataByQuery(query, params); List<String> av = new ArrayList<>(); for(Object entity : policyEntity){ PolicyEntity pEntity = (PolicyEntity) entity; @@ -448,7 +452,7 @@ public class PolicyController extends RestrictedBaseController { public static void setSystemAlertTableLimit(String systemAlertTableLimit) { PolicyController.systemAlertTableLimit = systemAlertTableLimit; } - + public static CommonClassDao getCommonClassDao() { return commonClassDao; } @@ -693,4 +697,3 @@ public class PolicyController extends RestrictedBaseController { return file; } } - diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyExportAndImportController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyExportAndImportController.java index d26781c0f..bb6f38b8e 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyExportAndImportController.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyExportAndImportController.java @@ -32,6 +32,7 @@ import java.util.LinkedHashMap; import java.util.List; import java.util.Set; +import javax.script.SimpleBindings; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -279,8 +280,11 @@ public class PolicyExportAndImportController extends RestrictedBaseController { if(finalColumn){ scope = policyEntity.getScope().replace(".", File.separator); - String query = "FROM PolicyEntity where policyName = '"+policyEntity.getPolicyName()+"' and scope ='"+policyEntity.getScope()+"'"; - List<Object> queryData = controller.getDataByQuery(query); + String query = "FROM PolicyEntity where policyName = :policyName and scope = :policyScope"; + SimpleBindings params = new SimpleBindings(); + params.put("policyName", policyEntity.getPolicyName()); + params.put("policyScope", policyEntity.getScope()); + List<Object> queryData = controller.getDataByQuery(query, params); if(!queryData.isEmpty()){ continue; } diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java index f3291a79b..731217573 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java @@ -28,6 +28,7 @@ import java.io.File; import java.io.PrintWriter; import java.util.List; +import javax.script.SimpleBindings; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -86,8 +87,11 @@ public class PolicyNotificationController extends RestrictedBaseController { if(finalName.contains("\\")){ finalName = finalName.replace("\\", "\\\\"); } - String query = "from WatchPolicyNotificationTable where POLICYNAME = '"+finalName+"' and LOGINIDS = '"+userId+"'"; - List<Object> watchList = commonClassDao.getDataByQuery(query); + String query = "from WatchPolicyNotificationTable where POLICYNAME = :finalName and LOGINIDS = :userId"; + SimpleBindings params = new SimpleBindings(); + params.put("finalName", finalName); + params.put("userId", userId); + List<Object> watchList = commonClassDao.getDataByQuery(query, params); if(watchList.isEmpty()){ if(finalName.contains("\\\\")){ finalName = finalName.replace("\\\\", File.separator); diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/daoImp/CommonClassDaoImpl.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/daoImp/CommonClassDaoImpl.java index 05bf50f1b..336c42ca8 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/daoImp/CommonClassDaoImpl.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/daoImp/CommonClassDaoImpl.java @@ -22,6 +22,9 @@ package org.onap.policy.daoImp; import java.util.ArrayList; import java.util.List; +import java.util.Map; + +import javax.script.SimpleBindings; import org.hibernate.Criteria; import org.hibernate.Query; @@ -44,9 +47,26 @@ import org.springframework.stereotype.Service; public class CommonClassDaoImpl implements CommonClassDao{ private static final Logger LOGGER = FlexLogger.getLogger(CommonClassDaoImpl.class); + private static SessionFactory sessionfactory; + + public static SessionFactory getSessionfactory() { + return sessionfactory; + } + + public static void setSessionfactory(SessionFactory sessionfactory) { + CommonClassDaoImpl.sessionfactory = sessionfactory; + } + + @Autowired + private CommonClassDaoImpl(SessionFactory sessionfactory){ + CommonClassDaoImpl.sessionfactory = sessionfactory; + } + + public CommonClassDaoImpl(){ + //Default Constructor + } + - @Autowired - SessionFactory sessionfactory; @SuppressWarnings({ "unchecked", "rawtypes" }) @Override @@ -237,24 +257,29 @@ public class CommonClassDaoImpl implements CommonClassDao{ @Override public void deleteAll() {} - + @SuppressWarnings("unchecked") @Override - public List<Object> getDataByQuery(String query) { + public List<Object> getDataByQuery(String query, SimpleBindings params) { Session session = sessionfactory.openSession(); Transaction tx = session.beginTransaction(); List<Object> data = null; try { Query hbquery = session.createQuery(query); + for (Map.Entry<String, Object> paramPair : params.entrySet()) { + hbquery.setParameter(paramPair.getKey(), paramPair.getValue()); + } data = hbquery.list(); tx.commit(); } catch (Exception e) { - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error While Querying Database Table"+e); + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error While Querying Database Table"+e); + throw e; }finally{ try{ session.close(); }catch(Exception e1){ LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error While Closing Connection/Statement"+e1); + throw e1; } } return data; |