From 1a32a85b3307b11fba07bc6f2ac3fe6d2c0028d0 Mon Sep 17 00:00:00 2001 From: rb7147 Date: Tue, 12 Dec 2017 10:56:11 -0500 Subject: Policy Elastic Search Validation Enhancements Issue-ID: POLICY-497 Change-Id: If97fe30706bcdbeeafaf28e5cca8fae31998cb7c Signed-off-by: rb7147 --- .../rest/elk/client/ElasticSearchPolicyUpdate.java | 21 ++--- .../xacml/rest/elk/client/ElkConnectorImpl.java | 11 +++ .../elk/client/PolicyElasticSearchController.java | 12 +-- .../pap/xacml/rest/elk/ElkConnectorImplTest.java | 100 +++++++++++++++++++++ .../src/files/install/elk/config/elasticsearch.yml | 5 ++ 5 files changed, 132 insertions(+), 17 deletions(-) create mode 100644 ONAP-PAP-REST/src/test/java/org/onap/policy/pap/xacml/rest/elk/ElkConnectorImplTest.java diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElasticSearchPolicyUpdate.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElasticSearchPolicyUpdate.java index ee6fd0568..430f9cd65 100644 --- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElasticSearchPolicyUpdate.java +++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElasticSearchPolicyUpdate.java @@ -177,13 +177,10 @@ public class ElasticSearchPolicyUpdate { while(configResult.next()){ String configBody = configResult.getString("configbody"); String configType = configResult.getString("configtype"); - if("JSON".equalsIgnoreCase(configType)){ - policyDataString.append("\"jsonBodyData\":"+configBody+",\"configType\":\""+configType+"\","); - }else if("OTHER".equalsIgnoreCase(configType)){ - if(configBody!=null){ - configBody= configBody.replaceAll("\"", ""); - policyDataString.append("\"jsonBodyData\":\""+configBody+"\",\"configType\":\""+configType+"\","); - } + if(configBody!=null){ + configBody = configBody.replace("null", "\"\""); + configBody= configBody.replace("\"", "\\\""); + policyDataString.append("\"jsonBodyData\":\""+configBody+"\",\"configType\":\""+configType+"\","); } } configResult.close(); @@ -197,7 +194,9 @@ public class ElasticSearchPolicyUpdate { ResultSet actionResult = pstmt.executeQuery(); while(actionResult.next()){ String actionBody = actionResult.getString("actionbody"); - policyDataString.append("\"jsonBodyData\":"+actionBody+","); + actionBody = actionBody.replace("null", "\"\""); + actionBody = actionBody.replace("\"", "\\\""); + policyDataString.append("\"jsonBodyData\":\""+actionBody+"\","); } actionResult.close(); } @@ -205,13 +204,11 @@ public class ElasticSearchPolicyUpdate { String _id = policyWithScopeName; - policyDataString.append(constructPolicyData(policyData, policyDataString)); - - String dataString = policyDataString.toString(); + String dataString = constructPolicyData(policyData, policyDataString); dataString = dataString.substring(0, dataString.length()-1); dataString = dataString.trim().replace(System.getProperty("line.separator"), "") + "}"; dataString = dataString.replace("null", "\"\""); - dataString = dataString.replaceAll(" ", "").replaceAll("\n", ""); + dataString = dataString.replaceAll("\n", ""); try{ Gson gson = new Gson(); diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElkConnectorImpl.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElkConnectorImpl.java index 88f9e2c87..9091d79ed 100644 --- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElkConnectorImpl.java +++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElkConnectorImpl.java @@ -101,6 +101,9 @@ public class ElkConnectorImpl implements ElkConnector{ throw e; } } + private boolean isAlphaNumeric(String query){ + return query.matches("[a-zA-Z_0-9]+"); + } @Override public JestResult search(PolicyIndexType type, String text) throws IllegalStateException, IllegalArgumentException { @@ -112,6 +115,10 @@ public class ElkConnectorImpl implements ElkConnector{ throw new IllegalArgumentException("No search string provided"); } + if(!isAlphaNumeric(text)){ + throw new IllegalArgumentException("Search must be alpha numeric"); + } + QueryStringQueryBuilder mQ = QueryBuilders.queryStringQuery("*"+text+"*"); SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder().query(mQ); @@ -198,6 +205,10 @@ public class ElkConnectorImpl implements ElkConnector{ return search(type, text); } + if(!isAlphaNumeric(text)){ + throw new IllegalArgumentException("Search must be alpha numeric"); + } + String matches_s = ""; matches_s = "{\n" + " \"size\" : "+ ElkConnectorImpl.QUERY_MAXRECORDS + ",\n" + diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/PolicyElasticSearchController.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/PolicyElasticSearchController.java index 78da2a572..77e45e30d 100644 --- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/PolicyElasticSearchController.java +++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/PolicyElasticSearchController.java @@ -231,7 +231,7 @@ public class PolicyElasticSearchController{ if(searchData.getPolicyType() != null && "closedLoop".equals(searchData.getPolicyType())){ searchKeyValue.put("jsonBodyData", "*" +entry[1] +"*"); }else{ - searchKeyValue.put(entry[0], entry[1]); + searchText = entry[1]; } } } @@ -265,13 +265,13 @@ public class PolicyElasticSearchController{ searchKeyValue.put("jsonBodyData."+d2Service+"", "true"); } if(searchData.getVnfType() != null){ - searchKeyValue.put("jsonBodyData", "*" +searchData.getVnfType() +"*"); + searchKeyValue.put("jsonBodyData", "*"+searchData.getVnfType()+"*"); } if(searchData.getPolicyStatus() != null){ - searchKeyValue.put("jsonBodyData", "*" +searchData.getPolicyStatus()+"*"); + searchKeyValue.put("jsonBodyData", "*"+searchData.getPolicyStatus()+"*"); } if(searchData.getVproAction() != null){ - searchKeyValue.put("jsonBodyData", "*" +searchData.getVproAction()+"*"); + searchKeyValue.put("jsonBodyData", "*"+searchData.getVproAction()+"*"); } if(searchData.getServiceType() != null){ searchKeyValue.put("serviceType", searchData.getServiceType()); @@ -288,8 +288,10 @@ public class PolicyElasticSearchController{ type = ElkConnector.PolicyIndexType.decision; }else if(policyType.equalsIgnoreCase("config")){ type = ElkConnector.PolicyIndexType.config; - }else { + }else if(policyType.equalsIgnoreCase("closedloop")){ type = ElkConnector.PolicyIndexType.closedloop; + }else{ + type = ElkConnector.PolicyIndexType.all; } }else{ type = ElkConnector.PolicyIndexType.all; diff --git a/ONAP-PAP-REST/src/test/java/org/onap/policy/pap/xacml/rest/elk/ElkConnectorImplTest.java b/ONAP-PAP-REST/src/test/java/org/onap/policy/pap/xacml/rest/elk/ElkConnectorImplTest.java new file mode 100644 index 000000000..c0f59273c --- /dev/null +++ b/ONAP-PAP-REST/src/test/java/org/onap/policy/pap/xacml/rest/elk/ElkConnectorImplTest.java @@ -0,0 +1,100 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP-PAP-REST + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pap.xacml.rest.elk; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; +import io.searchbox.client.JestResult; + +import java.lang.reflect.Method; + +import org.junit.Test; +import org.onap.policy.pap.xacml.rest.elk.client.ElkConnector.PolicyIndexType; +import org.onap.policy.pap.xacml.rest.elk.client.ElkConnectorImpl; + +public class ElkConnectorImplTest { + + @Test + public void isAlphaNumericTest() { + try { + Method method = ElkConnectorImpl.class.getDeclaredMethod("isAlphaNumeric", String.class); + method.setAccessible(true); + assertTrue((boolean) method.invoke(new ElkConnectorImpl(), "abc123")); + assertFalse((boolean) method.invoke(new ElkConnectorImpl(), "abc123*")); + assertFalse((boolean) method.invoke(new ElkConnectorImpl(), "abc123{}")); + assertFalse((boolean) method.invoke(new ElkConnectorImpl(), "abc123\n")); + assertFalse((boolean) method.invoke(new ElkConnectorImpl(), "abc123<")); + assertFalse((boolean) method.invoke(new ElkConnectorImpl(), "abc123:")); + } catch (Exception e) { + fail(); + } + } + + @Test + public void searchTest(){ + JestResult r1=null, r2=null, r3=null, r4=null; + + // Should always work if the above test passes and ELK server is up + try{ + r1 = new ElkConnectorImpl().search(PolicyIndexType.decision, "abc123"); + } catch (Exception e) { + // ELK server is down. Don't continue the test + if(e instanceof IllegalStateException){ + return; + } + fail(); + } + + // Should always work + try{ + r2 = new ElkConnectorImpl().search(PolicyIndexType.decision, "The_quick_brown_fox_jumps_over_the_lazy_dog"); + } catch (Exception e) { + fail(); + } + + // Should throw exception + try{ + r3 = new ElkConnectorImpl().search(PolicyIndexType.decision, "abc123{}"); + } catch (Exception e) { + if(! (e instanceof IllegalArgumentException)){ + fail(); + } + } + + // Should throw exception + try{ + r4 = new ElkConnectorImpl().search(PolicyIndexType.decision, "The quick brown fox jumps over the lazy dog"); + } catch (Exception e) { + if(! (e instanceof IllegalArgumentException)){ + fail(); + } + } + + assertNotNull(r1); + assertNotNull(r2); + assertNull(r3); + assertNull(r4); + } + +} diff --git a/packages/base/src/files/install/elk/config/elasticsearch.yml b/packages/base/src/files/install/elk/config/elasticsearch.yml index ec6def080..ef32b08d0 100644 --- a/packages/base/src/files/install/elk/config/elasticsearch.yml +++ b/packages/base/src/files/install/elk/config/elasticsearch.yml @@ -89,3 +89,8 @@ network.bind_host: ["_local_"] # Require explicit names when deleting indices: # #action.destructive_requires_name: true +#--------------------------------- Scripting ----------------------------------- +# These will be removed in v6.0 +script.inline: false +script.stored: false +script.file: false -- cgit 1.2.3-korg