summaryrefslogtreecommitdiffstats
path: root/POLICY-SDK-APP
AgeCommit message (Collapse)AuthorFilesLines
2018-10-31Step version for Casablanca supportliamfallon1-4/+2
Issue-ID: POLICY-1233 Change-Id: I1d388e1f4a872cf4e3013f8968e9026460e847f3 Signed-off-by: liamfallon <liam.fallon@ericsson.com>
2018-10-25Fix refering to snapshot in policy/engineramverma1-1/+1
Issue-ID: POLICY-1213 Change-Id: I6666585a176b9e981976777018e4b7616e47ffc7 Signed-off-by: ramverma <ram.krishna.verma@ericsson.com>
2018-10-23Remove commons-uploadPamela Dragosh1-5/+0
Still a couple more places to remove it due to security violations. Unused dependency. Issue-ID: POLICY-1214 Change-Id: Ie9a4755fa912a863be58f6ddec104702e68287d4 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-10-04Fixed issue with springframework dependenciesMichael Mokry1-0/+13
Added exclusions to epsdk dependencies and added dependencies for springframework jars that were needed to the ONAP-SDK-APP Change-Id: I037ffa76d3d32b2db5ea2c439f40e8a86e1665f5 Issue-ID: POLICY-1154 Signed-off-by: Michael Mokry <michael.mokry@att.com>
2018-09-20Upgrade javax.mail to 1.6.2Pamela Dragosh1-3/+3
The former version was frozen in github. It looks like they moved to another website and the changes were transparent codewise. So let's see what the CLM results are for this. I believe this does remove the security vulnerability. Issue-ID: POLICY-1127 Change-Id: Ib659eddc2808131c8dded3782fcf1d382060fc29 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-09-18Merge "Fix Policy GUI Template Issue"Pamela Dragosh1-1/+1
2018-09-18Fix Policy GUI Template IssueWang, Frank(gw1218)1-1/+1
Fix the a bug in this html file by adding msPolicyloader Issue-ID: POLICY-1118 Change-Id: I7a45b232ed0680f1c8233b8ed71fdde685fbb9c9 Signed-off-by: Wang, Frank(gw1218) <gw1218@att.com>
2018-09-18Merge "Added validation on matching required fields"Jorge Hernandez2-436/+777
2018-09-18Merge "AAF integration in Policy SDK"Pamela Dragosh3-1002/+1147
2018-09-17Added validation on matching required fieldsWang,Frank(gw1218)2-436/+777
Import policy should report to end users if there are missing required matching fields in policy template. Issue-ID: POLICY-1117 Change-Id: Iac4485259b73784e641f42a22d5a12c524f4b8e2 Signed-off-by: Wang,Frank(gw1218) <gw1218@att.com> Signed-off-by: Wang, Frank(gw1218) <gw1218@att.com>
2018-09-17AAF integration in Policy SDKrb71473-1002/+1147
Upgraded SDK version. Added SQL script with encrypt key. Added a function to save role on reading from session in PolicyController.java Addressed Check Style warnings in PolicyController.java Issue-ID: POLICY-1088 Change-Id: I446b6c1a0db2a989ad3f4e982e5cdba845f81045 Signed-off-by: rb7147 <rb7147@att.com>
2018-09-17Upgrade elasticsearch v6.3.0Pamela Dragosh1-1/+1
Resolves a security issue around information disclosure. The recommendation is to upgrade to this version for the fix. Issue-ID: POLICY-1063 Change-Id: Idebb19d2c530b716a25aa91832c053e6b2d0ffce Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-09-14Upgrade commons-compress v1.18Pamela Dragosh1-1/+1
Fixes 2 security issues and brings the common property value to the root pom.xml for easier management. Issue-ID: POLICY-1063 Change-Id: I56e3318bdfae2d205c61a5ad7af70a79bd70dada Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-09-11New min/max Guard PolicyMichael Mokry3-8/+136
Made changes to support Guard policy create/update and other policy manager functions including deletePolicy and pushPolicy. Includes changes for new Guard policy support using GUI and API (Rest and Java Client) Made changes to address Jim's comments Made changes to address Liam's comments Change-Id: I133fe1fd9287ea77ea41a2788de90c7642c36b6a Issue-ID: POLICY-1038 Signed-off-by: Mike Mokry <mm117s@att.com>
2018-09-10Resolved XACML Platform Sonar issuesrb71471-26/+27
Issue-ID: POLICY-902 Change-Id: If22627dfe7df993b5c725ddf3a66c10ebbaa73ca Signed-off-by: rb7147 <rb7147@att.com>
2018-09-06Merge "XACML Platform Enhancements"Jorge Hernandez3-604/+708
2018-09-06Merge "TOSCA model enhancements"Pamela Dragosh1-54/+238
2018-09-05XACML Platform Enhancementsrb71473-604/+708
To Support Raw Policy Creation from GUI and API. GetDecision on combining algorithim with Policy Set. Issue-ID: POLICY-902 Change-Id: Ie3189f8ded2e03366bc7d65d15b95b88c89b0acd Signed-off-by: rb7147 <rb7147@att.com>
2018-08-30TOSCA model enhancementsWang,Frank(gw1218)1-54/+238
Add those features below to existing TOSCA Policy model: 1. Set default value to HTML element 2. Set description of a property as a tooltip 3. Support Boolean type 4. User defined object can be re-used by different properties in the same yaml file Issue-ID: POLICY-900 Change-Id: I337107828ce8130b9a68a2ba000ee719bbcb923e Signed-off-by: Wang,Frank(gw1218) <gw1218@att.com>
2018-08-30Upgrade to policy/parentPamela Dragosh1-263/+260
Change from oparent to policy/parent which inherit from the latest oparent. The latest oparent has dependencyManagement recommendations from the ONAP Security sub committee that the policy team is adhering as part of the effort to consolidate security work across projects. Change-Id: I1a43fc5a04dbc8c4cb2b7bedbca67ad3e9dd120b Issue-ID: INT-619 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-08-23Enhancement on DashboardWang,Frank(gw1218)8-368/+1000
Enhancement on dashboard by including more info related to CRUD actions on policies and also providing an advanced search feature. Issue-ID: POLICY-1042 Change-Id: I987e0ca13824413f90299a366fb4464fca7de06a Signed-off-by: Wang,Frank(gw1218) <gw1218@att.com>
2018-08-14Junit Coverage for Import Black List Entriesrb71471-68/+36
Issue-ID: POLICY-901 Change-Id: I3776d3c4ed01bb27ed930c074c370361e33b100a Signed-off-by: rb7147 <rb7147@att.com>
2018-08-14Resolved the Sonar issuesrb71472-92/+92
Issue-ID: POLICY-901 Change-Id: I30e1d075dd8eb4739bcb5aa1f2503a016900ff75 Signed-off-by: rb7147 <rb7147@att.com>
2018-08-06Modify Policy manager servlet for sonar issuesKrishnajinka1-103/+100
Fix basic sonar issues in policy manager servlet major and minor issues reported by sonar Basic refactoring Issue-ID: POLICY-1016 Change-Id: If3c19943c04d9af43807090b6340547d69ca6a19 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-08-03Fix major sonar issues in SDK APP admin modKrishnajinka3-479/+524
Fix Sonar reported major issues regarding extracting constants, method complexity, duplicated code blocks, more than 3 nested control blocks. Rework3 after self review. Issue-ID: POLICY-1016 Change-Id: Icbf940c966c51a8ef4319a94a3832cb1e8c360ba Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-31Fix major sonar issues in SDK APPKrishnajinka2-666/+714
Fix major issues reported by sonar in POLICY SDK APP files such as CreateBRMSParamController, PolicyManagerServlet. Also modify tabs to space. Rework2 based on review comments Issue-ID: POLICY-1016 Change-Id: I5407ade1ce9f597fa91d9ca18506f5ac2d8b1411 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-26Merge "Fix issues reported by sonar"Liam Fallon5-709/+703
2018-07-25Fix issues reported by sonarKrishnajinka5-709/+703
Fix issues related to unused method variables, extract constants, not nest more than 3 control stmts, use try with res in policy engine project. Rework for comments Issue-ID: POLICY-1008 Change-Id: If0953de9e802110df14862707f3b525652cdf112 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-25Merge "Decision BlackList Guard Enhancements"Jorge Hernandez7-225/+924
2018-07-24Decision BlackList Guard Enhancementsrb71477-225/+924
While creating a decision Bl Guard Policy we are allowing to add Blacklist entries through file upload for bulk from GUI. Issue-ID: POLICY-901 Change-Id: I4031fd4a96937b9facc330cecf72777d701d4678 Signed-off-by: rb7147 <rb7147@att.com>
2018-07-24Merge "Refactor PolicyNotificationMail for sonar issues"Pamela Dragosh1-118/+152
2018-07-23Add modified copyright noticeKrishnajinka5-82/+87
For the files which are modified add modified copyright notices as per comments from earlier review Issue-ID: POLICY-1002 Change-Id: I873b3ccc986d5f3d138ddb9e9b3c2307a0b127a6 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-23Refactor PolicyNotificationMail for sonar issuesKrishnajinka1-118/+152
SONAR flagged issues related with complexity of method being high and more than 3 nested loops in the PolicyNotificationMail Issue-ID: POLICY-986 Change-Id: Ife3e6b5610cec4bcf3898fdcad4cc2c9a3d61932 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-20FIX SONAR ISSUE NESTED TRY BLOCKSKrishnajinka5-1685/+1724
refactor the code for nested try blocks and rework based on comments and fix nested loops complexity Issue-ID: POLICY-976 Change-Id: Ied02b7838b5e4839a4906f79ff37c4fd6afeccfe Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-17USE TRY WITH RESOURCESKrishnajinka2-849/+860
Fix sonar issues to convert try blocks to try with resources plus change tabs 2 space Issue-ID: POLICY-961 Change-Id: I553d6a42f1efaab5b7eb3a53bab945a3360e69bb Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-13Reverting "Merge "fix try block""Jorge Hernandez2-18/+8
This reverts commit 240bbdbdc76e0e91af9f18164eadb2708d14c6fb, reversing changes made to 3ee69f1af0acddd1e06060ad88c0029fe7ceeaaf. Change-Id: I61f07ead1d7d3e89c512a2224efecf9ac440df10 Issue-ID: POLICY-961 Signed-off-by: Jorge Hernandez <jh1730@att.com>
2018-07-13Merge "fix try block"Jorge Hernandez2-8/+18
2018-07-13fix try blockKrishnajinka2-8/+18
Issue-ID: POLICY-961 Change-Id: Ia1f388368007a4a82a57520dc6ddd99cc484a393 Signed-off-by: Krishnajinka <kris.jinka@samsung.com>
2018-07-12Upgrade Portal SDK to resolve Security IssuesMichael Mokry1-1/+1
Upgraded version in pom to 2.3.1 Added SQL scripts from Portal to Upgrade Portal related db tables Added SQL downgrade script and license header Sorted SQL commands in upgrade script by function_cd per Jim Change-Id: Id6bef295956b6ec5b13d8fbd0006bbfe98c1c0ac Issue-ID: POLICY-918 Signed-off-by: Mike Mokry <mm117s@att.com>
2018-06-12Set default logger to EELF instead of SYSTEMOUTJim Hahn2-2/+2
Change-Id: I3395d3b95b11bf0166190beb454e60cb63de7454 Issue-ID: POLICY-784 Signed-off-by: Jim Hahn <jrh3@att.com>
2018-06-08Merge "Enforce logback version"Liam Fallon1-0/+6
2018-06-08Enforce logback versionJim Hahn1-0/+6
Some of the projects are being built with logback version, 1.1.3, which does not support the SizeAndTimeBasedRollingPolicy appender. Updated the offending pom.xml to force it to use logback 1.2.3 instead. Change-Id: I3277b28133498f4ad9fbc3ed8b3e9e7e9519bbeb Issue-ID: POLICY-785 Signed-off-by: Jim Hahn <jrh3@att.com>
2018-06-08Remove "&quot;" from logback xml filesJim Hahn1-2/+2
Logback complains if %d{} values contain "&quot;", but it works fine without them, thus they have been removed. Update licenses. Change-Id: Id1f21d3d51bb2495a92f54fcf5c3ad978612c375 Issue-ID: POLICY-785 Signed-off-by: Jim Hahn <jrh3@att.com>
2018-06-05Update engine to SNAPSHOT-1.3.0liamfallon1-1/+1
Snapshot updated for Casablanca. Change-Id: Ieb2c9a990c0f36f31c974038465e7d38aaa21e5d Issue-ID: POLICY-875 Signed-off-by: liamfallon <liam.fallon@ericsson.com>
2018-05-21Update Policy Engine to 1.2.3-SNAPSHOTliamfallon1-1/+1
These reviews must be merged in order because of layering. This review should be merged FOURTH. Change-Id: Ifca8e33b79085a4032164b44dae3401f8179f5f6 Issue-ID: POLICY-844 Signed-off-by: liamfallon <liam.fallon@ericsson.com>
2018-05-16Upgrade SNAPSHOT to 1.2.2liamfallon2-2/+2
These reviews must be merged in order because of layering. This review should be merged SECOND Note: In order to get past the following layering problems, there are temporary chages to the following POMs to temporarily use 1.2.1-SNAPSHOT for those dependencies. They are ONAP-PAP-REST/pom.xml org.onap.policy.drools-applications.controlloop.common.policy-yaml ONAP-PDP/pom.xml org.onap.policy.drools-pdp.policy-endpoints A separate review will be used to restore these dependencies to 1.2.2-SNAPSHOT once the drools-pdp and drools-applications reviews are submitted and merged PLD added version.properties Issue-ID: POLICY-798 Change-Id: Id7e83f2ba12181c63cc8845b7eeccf2004d2bab9 Signed-off-by: liamfallon <liam.fallon@ericsson.com> Signed-off-by: Pamela Dragosh <pdragosh@research.att.com> Signed-off-by: liamfallon <liam.fallon@ericsson.com>
2018-05-07fix PE DB lock timeout problemsJorge Hernandez1-2/+2
see companion docker review. The failOverReadOnly .. flags should only be used when a DB high availability environment is used, such as a master/slave configuration. As they are the jdbc parameters have caused bad interactions with the underlying persistence libraries rendering the PAP useless. It is thought that this may perhaps solve POLICY-773, POLICY-775, POLICY-779, and perhaps POLICY-776. Change-Id: Icb69a3afc0a19969a34af40d960fa8e1b94aabc0 Issue-ID: POLICY-777 Signed-off-by: Jorge Hernandez <jh1730@att.com>
2018-04-19Add license to policy-engine filesJim Hahn45-0/+864
Added license to various files. Updated XACMLPolicyScanner to work even when license comment is added to the Policy.xml file. Moved DOCTYPE before license in html files. Removed license from css files, as many are generated or come from third-party software. Removed license from other generated files. Change-Id: I9d98ca9f552a6eae17e80ef27fc7045cc4f27b8e Issue-ID: POLICY-741 Signed-off-by: Jim Hahn <jrh3@att.com>
2018-04-18Upgrade poi to clear CLMPamela Dragosh1-2/+2
https://nvd.nist.gov/vuln/detail/CVE-2017-12626 Issue-ID: POLICY-722 Change-Id: I016d2d357858729b402ad010d47a31af053d2799 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2018-04-17Upgrade hibernator to clear clmPamela Dragosh1-1/+1
Upgrade hibernator to clear clm issue. https://nvd.nist.gov/vuln/detail/CVE-2017-7536 Issue-ID: POLICY-722 Change-Id: I1a4d9aa8ad3b477db0c91bd5a53a67932554213d Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>