From 6104273a0412c73bdbf63f68d88760dada0153d6 Mon Sep 17 00:00:00 2001 From: eramkve Date: Wed, 21 Mar 2018 20:25:05 +0000 Subject: Fix vulnerabilities and bugs in policy/engine Code fixes for 1 bug and 17 vulnerabilities reported by Sonar in policy/engine Change-Id: I7b641795c790ec15418bd9ae3a414279e1b0f733 Issue-ID: POLICY-662 Signed-off-by: eramkve --- .../org/onap/policy/pdp/rest/XACMLPdpLoader.java | 18 ++++++---------- .../policy/pdp/rest/api/services/PAPServices.java | 24 +++++++++++++--------- 2 files changed, 20 insertions(+), 22 deletions(-) (limited to 'ONAP-PDP-REST/src/main/java/org/onap') diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/XACMLPdpLoader.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/XACMLPdpLoader.java index 5c9f8602f..102d43f0c 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/XACMLPdpLoader.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/XACMLPdpLoader.java @@ -550,20 +550,14 @@ public class XACMLPdpLoader { // properties // changed = true; + } catch (MalformedURLException e) { + papUrls.failed(); + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Policy '" + policy + + "' had bad URL in new configuration, URL='" + propLocation + "'"); } catch (Exception e) { papUrls.failed(); - if (e instanceof MalformedURLException) { - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Policy '" - + policy - + "' had bad URL in new configuration, URL='" - + propLocation + "'"); - - } else { - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while retrieving policy " - + policy - + " from URL " - + url + ", e=" + e); - } + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while retrieving policy " + + policy + " from URL " + url + ", e=" + e); } papUrls.getNext(); } diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java index 59194841f..3c0ea3894 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java @@ -54,12 +54,16 @@ public class PAPServices { private int responseCode = 0; private static String environment = "DEVL"; - public static Boolean junit = false; + private static Boolean isJunit = false; private static List paps = null; private static final Object papResourceLock = new Object(); private String operation = null; private String requestMethod = null; - private String encoding = null; + private String encoding = null; + + public static void setJunit(boolean isJunit) { + PAPServices.isJunit = isJunit; + } public PAPServices() { environment = PDPApiAuth.getEnvironment(); @@ -164,7 +168,7 @@ public class PAPServices { } else if(content != null){ // the content is an object to be encoded in JSON ObjectMapper mapper = new ObjectMapper(); - if (!junit) { + if (!isJunit) { mapper.writeValue(connection.getOutputStream(), content); } @@ -174,7 +178,7 @@ public class PAPServices { responseCode = connection.getResponseCode(); // If Connected to PAP then break from the loop and continue // with the Request - if (connection.getResponseCode() > 0 || junit) { + if (connection.getResponseCode() > 0 || isJunit) { connected = true; break; } else { @@ -183,7 +187,7 @@ public class PAPServices { } } catch (Exception e) { // This means that the PAP is not working - if (junit) { + if (isJunit) { connected = true; break; } @@ -212,7 +216,7 @@ public class PAPServices { XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Decoding the result ", e); } - if (junit) { + if (isJunit) { response = SUCCESS; } }else{ @@ -326,10 +330,10 @@ public class PAPServices { private String checkResponse(HttpURLConnection connection, UUID requestID) throws IOException { String response = null; - if (responseCode == 200 || junit) { + if (responseCode == 200 || isJunit) { // Check for successful creation of policy String isSuccess = null; - if (!junit) { // is this a junit test? + if (!isJunit) { // is this a junit test? isSuccess = connection.getHeaderField("successMapKey"); operation = connection.getHeaderField("operation"); } else { @@ -603,7 +607,7 @@ public class PAPServices { responseCode = connection.getResponseCode(); // If Connected to PAP then break from the loop and continue // with the Request - if (connection.getResponseCode() > 0 || junit) { + if (connection.getResponseCode() > 0 || isJunit) { connected = true; break; } else { @@ -612,7 +616,7 @@ public class PAPServices { } } catch (Exception e) { // This means that the PAP is not working - if (junit) { + if (isJunit) { connected = true; break; } -- cgit 1.2.3-korg