summaryrefslogtreecommitdiffstats
path: root/ONAP-PAP-REST
AgeCommit message (Collapse)AuthorFilesLines
2018-09-17Upgrade elasticsearch v6.3.0Pamela Dragosh1-2/+2
Resolves a security issue around information disclosure. The recommendation is to upgrade to this version for the fix. Issue-ID: POLICY-1063 Change-Id: Idebb19d2c530b716a25aa91832c053e6b2d0ffce Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-09-17Merge "Upgrade commons-compress v1.18"Liam Fallon1-1/+1
2018-09-14Upgrade commons-compress v1.18Pamela Dragosh1-1/+1
Fixes 2 security issues and brings the common property value to the root pom.xml for easier management. Issue-ID: POLICY-1063 Change-Id: I56e3318bdfae2d205c61a5ad7af70a79bd70dada Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-09-14Upgrade springframework 4.3.18.RELEASEPamela Dragosh1-1/+0
To resolve security issue for 4.3.15.RELEASE and also have a single place where the dependency is defined for the sub-modules. NOTE: 4.2.0.RELEASE is left alone in Policy SDK App due to Portal SDK dependency. Issue-ID: POLICY-1063 Change-Id: Ibdc464b16b4771faccb2c8c472efa7fbcbf3352c Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-09-11Modified Min Max Guard xacml templateMichael Mokry1-36/+32
Changed the condition to remove not from permit and have only one not for deny Change-Id: Ie4563aba000fa5366095fe23d23c37019b5224d4 Issue-ID: POLICY-1038 Signed-off-by: Michael Mokry <mm117s@att.com>
2018-09-11New min/max Guard PolicyMichael Mokry4-16/+226
Made changes to support Guard policy create/update and other policy manager functions including deletePolicy and pushPolicy. Includes changes for new Guard policy support using GUI and API (Rest and Java Client) Made changes to address Jim's comments Made changes to address Liam's comments Change-Id: I133fe1fd9287ea77ea41a2788de90c7642c36b6a Issue-ID: POLICY-1038 Signed-off-by: Mike Mokry <mm117s@att.com>
2018-09-10Resolved XACML Platform Sonar issuesrb71471-11/+13
Issue-ID: POLICY-902 Change-Id: If22627dfe7df993b5c725ddf3a66c10ebbaa73ca Signed-off-by: rb7147 <rb7147@att.com>
2018-09-05XACML Platform Enhancementsrb71475-477/+527
To Support Raw Policy Creation from GUI and API. GetDecision on combining algorithim with Policy Set. Issue-ID: POLICY-902 Change-Id: Ie3189f8ded2e03366bc7d65d15b95b88c89b0acd Signed-off-by: rb7147 <rb7147@att.com>
2018-08-30Upgrade to policy/parentPamela Dragosh1-282/+279
Change from oparent to policy/parent which inherit from the latest oparent. The latest oparent has dependencyManagement recommendations from the ONAP Security sub committee that the policy team is adhering as part of the effort to consolidate security work across projects. Change-Id: I1a43fc5a04dbc8c4cb2b7bedbca67ad3e9dd120b Issue-ID: INT-619 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-08-20Use builder for std pap policyKrishnajinka1-9/+39
Modify constructor in stdpappolicy to use builder this will fix the sonar issue related with more than 7 parameters method parameters Issue-ID: POLICY-1016 Change-Id: Id736a66e5ea48f0f233cffb640cdce8aaa8f2c0d Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-08-14Optimize PAP policy constructor with builderKrishnajinka1-9/+32
Fix sonar issue about constructor using more than 7 params. Use builder parameters object for setting the attributes of std pap policy.Recommit1 Issue-ID: POLICY-1016 Change-Id: Id9631a42813960baa78df4ab0c0f6706244c3180 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-08-13Merge "Modify std pap policy to use builder in constr"Pamela Dragosh1-7/+32
2018-08-13Merge "Fix comparison issues in onap pap rest"Pamela Dragosh13-2067/+2461
2018-08-13Modify std pap policy to use builder in constrKrishnajinka1-7/+32
Fix sonar issue about constructor using more than 7 params. Use builder parameters object for setting the attributes of std pap policy.Rework2 Issue-ID: POLICY-1016 Change-Id: If26f7daa8d5b5d387238aad74daeddd49a8b95bb Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-08-11Fix comparison issues in onap pap restkrishnajinka13-2067/+2461
Fix issues about incorrect comparison in pap rest modules indicated by analysis tools.Rework to fix review comments1 Issue-ID: POLICY-1016 Change-Id: I7a0ee45a721307fc3ba89ab65e807613a3df2542 Signed-off-by: krisjinka <kris.jinka@samsung.com>
2018-08-10Add PAP Policy parameter builder xacml policykrishnajinka1-105/+195
Fix Sonar flagged major issue about 14 params instead of 9 in the constructor of std pap policy class. Commit5 for modify constrctor.fix test Issue-ID: POLICY-1016 Change-Id: I79c8482b7fc4e203cb18402ba2b5a68a120c57b1 Signed-off-by: krisjinka <kris.jinka@samsung.com>
2018-08-03Modify ONAP PAP REST classes basic checkstyleKrishnajinka71-13730/+13730
Modify tabs to space for checkstyle issue fix in ONAP PAP REST module. It helps future reviews and refactoring. Remaining classes Issue-ID: POLICY-1014 Change-Id: I677eadac9e8364b388be922024528c27fd1e2545 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-08-02Convert tabs to space in ONAP PAP REST1Krishnajinka29-9382/+9382
Modify tabs to space for checkstyle issue fix in ONAP PAP REST module. It helps future reviews and refactoring Issue-ID: POLICY-1014 Change-Id: Idcf45689565f039c76a3ef0f40ad9a46b41bd8d6 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-25Merge "Decision BlackList Guard Enhancements"Jorge Hernandez4-5/+27
2018-07-25Fix sonar issue about nested stmtsKrishnajinka1-24/+24
Refactor code to not nest more than 3 condition or loop stmts in policy PolicyEngineUtils. Rework based on review comments Issue-ID: POLICY-1003 Change-Id: I95fcfa0f99c517c02357c85ca39cd2f934e8da4d Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-24Decision BlackList Guard Enhancementsrb71474-5/+27
While creating a decision Bl Guard Policy we are allowing to add Blacklist entries through file upload for bulk from GUI. Issue-ID: POLICY-901 Change-Id: I4031fd4a96937b9facc330cecf72777d701d4678 Signed-off-by: rb7147 <rb7147@att.com>
2018-07-23Add modified copyright noticeKrishnajinka5-320/+325
For the files which are modified add modified copyright notices as per comments from earlier review Issue-ID: POLICY-1002 Change-Id: I873b3ccc986d5f3d138ddb9e9b3c2307a0b127a6 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-20FIX SONAR ISSUE NESTED TRY BLOCKSKrishnajinka3-189/+200
refactor the code for nested try blocks and rework based on comments and fix nested loops complexity Issue-ID: POLICY-976 Change-Id: Ied02b7838b5e4839a4906f79ff37c4fd6afeccfe Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-17USE TRY WITH RESOURCESKrishnajinka4-3355/+3321
Fix sonar issues to convert try blocks to try with resources plus change tabs 2 space Issue-ID: POLICY-961 Change-Id: I553d6a42f1efaab5b7eb3a53bab945a3360e69bb Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-13Reverting "Merge "fix try block""Jorge Hernandez4-10/+40
This reverts commit 240bbdbdc76e0e91af9f18164eadb2708d14c6fb, reversing changes made to 3ee69f1af0acddd1e06060ad88c0029fe7ceeaaf. Change-Id: I61f07ead1d7d3e89c512a2224efecf9ac440df10 Issue-ID: POLICY-961 Signed-off-by: Jorge Hernandez <jh1730@att.com>
2018-07-13fix try blockKrishnajinka4-40/+10
Issue-ID: POLICY-961 Change-Id: Ia1f388368007a4a82a57520dc6ddd99cc484a393 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-06-20Change PrefixList.class to Zone.classJim Hahn2-625/+428
Changed the class. Modified the junit test to catch that type of issue, refactoring it to extract common code. Change-Id: Ibc3d22821f103cd3954d2f2f54d4d62307dbf4c6 Issue-ID: POLICY-909 Signed-off-by: Jim Hahn <jrh3@att.com>
2018-06-08Remove "&quot;" from logback xml filesJim Hahn1-1/+1
Logback complains if %d{} values contain "&quot;", but it works fine without them, thus they have been removed. Update licenses. Change-Id: Id1f21d3d51bb2495a92f54fcf5c3ad978612c375 Issue-ID: POLICY-785 Signed-off-by: Jim Hahn <jrh3@att.com>
2018-06-05Update engine to SNAPSHOT-1.3.0liamfallon1-1/+1
Snapshot updated for Casablanca. Change-Id: Ieb2c9a990c0f36f31c974038465e7d38aaa21e5d Issue-ID: POLICY-875 Signed-off-by: liamfallon <liam.fallon@ericsson.com>
2018-05-21Update Policy Engine to 1.2.3-SNAPSHOTliamfallon1-1/+1
These reviews must be merged in order because of layering. This review should be merged FOURTH. Change-Id: Ifca8e33b79085a4032164b44dae3401f8179f5f6 Issue-ID: POLICY-844 Signed-off-by: liamfallon <liam.fallon@ericsson.com>
2018-05-16Upgrade SNAPSHOT to 1.2.2liamfallon1-1/+1
These reviews must be merged in order because of layering. This review should be merged SECOND Note: In order to get past the following layering problems, there are temporary chages to the following POMs to temporarily use 1.2.1-SNAPSHOT for those dependencies. They are ONAP-PAP-REST/pom.xml org.onap.policy.drools-applications.controlloop.common.policy-yaml ONAP-PDP/pom.xml org.onap.policy.drools-pdp.policy-endpoints A separate review will be used to restore these dependencies to 1.2.2-SNAPSHOT once the drools-pdp and drools-applications reviews are submitted and merged PLD added version.properties Issue-ID: POLICY-798 Change-Id: Id7e83f2ba12181c63cc8845b7eeccf2004d2bab9 Signed-off-by: liamfallon <liam.fallon@ericsson.com> Signed-off-by: Pamela Dragosh <pdragosh@research.att.com> Signed-off-by: liamfallon <liam.fallon@ericsson.com>
2018-05-07fix PE DB lock timeout problemsJorge Hernandez2-3/+3
see companion docker review. The failOverReadOnly .. flags should only be used when a DB high availability environment is used, such as a master/slave configuration. As they are the jdbc parameters have caused bad interactions with the underlying persistence libraries rendering the PAP useless. It is thought that this may perhaps solve POLICY-773, POLICY-775, POLICY-779, and perhaps POLICY-776. Change-Id: Icb69a3afc0a19969a34af40d960fa8e1b94aabc0 Issue-ID: POLICY-777 Signed-off-by: Jorge Hernandez <jh1730@att.com>
2018-04-19Add license to policy-engine filesJim Hahn9-0/+176
Added license to various files. Updated XACMLPolicyScanner to work even when license comment is added to the Policy.xml file. Moved DOCTYPE before license in html files. Removed license from css files, as many are generated or come from third-party software. Removed license from other generated files. Change-Id: I9d98ca9f552a6eae17e80ef27fc7045cc4f27b8e Issue-ID: POLICY-741 Signed-off-by: Jim Hahn <jrh3@att.com>
2018-04-17Upgrade hibernator and nettyPamela Dragosh1-2/+2
Forgot one place for hibernator and need to upgrade netty to clear CLM issue. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2156 Issue-ID: POLICY-722 Change-Id: I741c47110af916c222f92329791217b0c3bc07df Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-04-16Upgrade Spring to 4.3.15-RELEASEPamela Dragosh1-1/+1
Upgrade to fix 3 security issues: https://nvd.nist.gov/vuln/detail/CVE-2018-1270 https://nvd.nist.gov/vuln/detail/CVE-2016-9878 https://nvd.nist.gov/vuln/detail/CVE-2018-1271 Issue-ID: POLICY-722 Change-Id: Icfa5775905ad091dbe55eadfb4414c67abebc13a Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-04-13Upgrade to SNAPSHOT 1.2.1Pamela Dragosh1-1/+1
Issue-ID: POLICY-736 Change-Id: If5c959aa1c0a123c7fd9eee281e39e1d646b6b03 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-04-12Merge "OOF Policy Config File Creation Issue"v1.2.0Jorge Hernandez1-3/+5
2018-04-12OOF Policy Config File Creation IssueMichael Mokry1-3/+5
Fixed the issue with creating the config file with the wrong file name so that the PDP can pick it up when pushing the policy and getCOnfig will return the Config retrieved rather than a CONFIG_NOT_FOUND 400 status. I found this issue in the new CSIT tests for HPA policies and this should also resolve the failed test in Integration as well. Change-Id: I617133a188f3ba915feafd79da4f3e9d0b0eb4a6 Issue-ID: POLICY-738 Signed-off-by: Michael Mokry <mm117s@att.com>
2018-04-11Fix Fortify Header Manipulation IssueWang,Frank(gw1218)1-1/+8
Fix Forfity issue on group Id by adding a validation on this input value. Issue-ID: POLICY-734 Change-Id: I83321a5ffd1ddca84f985b5fd8659e502ca967d7 Signed-off-by: Wang,Frank(gw1218) <gw1218@att.com>
2018-04-03ONAP log files consolidationChou, Joseph (JC2555)2-9/+9
Check in changes for pap,pdp,console,brmsgw,paplp and pdplp Change-Id: I23525a44e0f269d04d9870c3eed18b6b8daacb2c Issue-ID: POLICY-562 Signed-off-by: Chou, Joseph (JC2555) <jc2555@att.com>
2018-03-30JUnit additions for XACML,PAP-RESTbobbymander1-26/+38
Issue-ID: POLICY-605 Change-Id: I4b55a85eacf989ddb55743300e7f75e4b72882d0 Signed-off-by: bobbymander <bobby.mander@att.com>
2018-03-30POM fixes due to update in cadi-aafbobbymander1-5/+0
Issue-ID: POLICY-507 Change-Id: I493233f8e0e90eaf24e9c09c7433c6fb9fadb268 Signed-off-by: bobbymander <bobby.mander@att.com>
2018-03-28POM changes to centralize test scope depsbobbymander1-40/+0
Issue-ID: POLICY-600 Change-Id: I870317bbd125c6016818ec435ea7a406123c66c1 Signed-off-by: bobbymander <bobby.mander@att.com>
2018-03-28Merge "ONAP code change for log files consolidation"Jorge Hernandez2-9/+9
2018-03-28ONAP code change for log files consolidationChou, Joseph (JC2555)2-9/+9
Undo the change so this would not block other test activity Change-Id: I4f7dd2e14f30034eefbf958be3c912af2962e8a2 Issue-ID: POLICY-562 Signed-off-by: Chou, Joseph (JC2555) <jc2555@att.com>
2018-03-26Merge "New Optimization Policy"Pamela Dragosh21-143/+1969
2018-03-26New Optimization PolicyMichael Mokry21-143/+1969
This is the new Optimization Policy to support the Integration of the OOF Policy Model into the Policy Platform. Added changes from Frank Wang to fix the following issues with existing Model Parser: 1. TOSCA Rendering issues 2. Matching Attributes support 3. ImportModelAPI to support TOSCA model upload via REST API Running local Sonar tonight to start fixing Sonar issues Added changes per review comments and fixed Sonar issues Change-Id: Ia8ce09c28a718ce4460475e76a750caef774bd6b Issue-ID: POLICY-622 Signed-off-by: Michael Mokry <mm117s@att.com>
2018-03-26Merge "ONAP code change for log files consolidation"Jorge Hernandez2-9/+9
2018-03-25Merge "Fix final 10 vulnerabilities in policy/engine"Pamela Dragosh12-34/+46
2018-03-25Merge "JUnit additions for PAP-REST,REST"Pamela Dragosh2-15/+62