From 6104273a0412c73bdbf63f68d88760dada0153d6 Mon Sep 17 00:00:00 2001 From: eramkve Date: Wed, 21 Mar 2018 20:25:05 +0000 Subject: Fix vulnerabilities and bugs in policy/engine Code fixes for 1 bug and 17 vulnerabilities reported by Sonar in policy/engine Change-Id: I7b641795c790ec15418bd9ae3a414279e1b0f733 Issue-ID: POLICY-662 Signed-off-by: eramkve --- .../org/onap/policy/pdp/rest/XACMLPdpLoader.java | 18 ++++++---------- .../policy/pdp/rest/api/services/PAPServices.java | 24 +++++++++++++--------- .../api/services/BRMSParamPolicyServiceTest.java | 4 ++-- .../services/ClosedLoopFaultPolicyServiceTest.java | 4 ++-- .../services/ClosedLoopPMPolicyServiceTest.java | 4 ++-- .../api/services/DecisionPolicyServiceTest.java | 4 ++-- .../api/services/FirewallPolicyServiceTest.java | 4 ++-- .../services/MicroServicesPolicyServiceTest.java | 4 ++-- .../pdp/rest/api/services/PAPServicesTest.java | 4 ++-- 9 files changed, 34 insertions(+), 36 deletions(-) (limited to 'ONAP-PDP-REST/src') diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/XACMLPdpLoader.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/XACMLPdpLoader.java index 5c9f8602f..102d43f0c 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/XACMLPdpLoader.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/XACMLPdpLoader.java @@ -550,20 +550,14 @@ public class XACMLPdpLoader { // properties // changed = true; + } catch (MalformedURLException e) { + papUrls.failed(); + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Policy '" + policy + + "' had bad URL in new configuration, URL='" + propLocation + "'"); } catch (Exception e) { papUrls.failed(); - if (e instanceof MalformedURLException) { - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Policy '" - + policy - + "' had bad URL in new configuration, URL='" - + propLocation + "'"); - - } else { - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while retrieving policy " - + policy - + " from URL " - + url + ", e=" + e); - } + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while retrieving policy " + + policy + " from URL " + url + ", e=" + e); } papUrls.getNext(); } diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java index 59194841f..3c0ea3894 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java @@ -54,12 +54,16 @@ public class PAPServices { private int responseCode = 0; private static String environment = "DEVL"; - public static Boolean junit = false; + private static Boolean isJunit = false; private static List paps = null; private static final Object papResourceLock = new Object(); private String operation = null; private String requestMethod = null; - private String encoding = null; + private String encoding = null; + + public static void setJunit(boolean isJunit) { + PAPServices.isJunit = isJunit; + } public PAPServices() { environment = PDPApiAuth.getEnvironment(); @@ -164,7 +168,7 @@ public class PAPServices { } else if(content != null){ // the content is an object to be encoded in JSON ObjectMapper mapper = new ObjectMapper(); - if (!junit) { + if (!isJunit) { mapper.writeValue(connection.getOutputStream(), content); } @@ -174,7 +178,7 @@ public class PAPServices { responseCode = connection.getResponseCode(); // If Connected to PAP then break from the loop and continue // with the Request - if (connection.getResponseCode() > 0 || junit) { + if (connection.getResponseCode() > 0 || isJunit) { connected = true; break; } else { @@ -183,7 +187,7 @@ public class PAPServices { } } catch (Exception e) { // This means that the PAP is not working - if (junit) { + if (isJunit) { connected = true; break; } @@ -212,7 +216,7 @@ public class PAPServices { XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Decoding the result ", e); } - if (junit) { + if (isJunit) { response = SUCCESS; } }else{ @@ -326,10 +330,10 @@ public class PAPServices { private String checkResponse(HttpURLConnection connection, UUID requestID) throws IOException { String response = null; - if (responseCode == 200 || junit) { + if (responseCode == 200 || isJunit) { // Check for successful creation of policy String isSuccess = null; - if (!junit) { // is this a junit test? + if (!isJunit) { // is this a junit test? isSuccess = connection.getHeaderField("successMapKey"); operation = connection.getHeaderField("operation"); } else { @@ -603,7 +607,7 @@ public class PAPServices { responseCode = connection.getResponseCode(); // If Connected to PAP then break from the loop and continue // with the Request - if (connection.getResponseCode() > 0 || junit) { + if (connection.getResponseCode() > 0 || isJunit) { connected = true; break; } else { @@ -612,7 +616,7 @@ public class PAPServices { } } catch (Exception e) { // This means that the PAP is not working - if (junit) { + if (isJunit) { connected = true; break; } diff --git a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/BRMSParamPolicyServiceTest.java b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/BRMSParamPolicyServiceTest.java index 8867a7828..23e47f418 100644 --- a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/BRMSParamPolicyServiceTest.java +++ b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/BRMSParamPolicyServiceTest.java @@ -50,7 +50,7 @@ public class BRMSParamPolicyServiceTest { String succeeded = prop.getProperty("xacml.rest.pap.url"); List paps = Arrays.asList(succeeded.split(",")); PAPServices.setPaps(paps); - PAPServices.junit = true; + PAPServices.setJunit(true); PolicyParameters policyParameters = new PolicyParameters(); policyParameters.setPolicyConfigType(PolicyConfigType.BRMS_PARAM); @@ -80,7 +80,7 @@ public class BRMSParamPolicyServiceTest { @After public void tearDown() throws Exception { PAPServices.setPaps(null); - PAPServices.junit = false; + PAPServices.setJunit(false); } @Test diff --git a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/ClosedLoopFaultPolicyServiceTest.java b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/ClosedLoopFaultPolicyServiceTest.java index de884b349..c21bc9c77 100644 --- a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/ClosedLoopFaultPolicyServiceTest.java +++ b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/ClosedLoopFaultPolicyServiceTest.java @@ -47,7 +47,7 @@ public class ClosedLoopFaultPolicyServiceTest { String succeeded = prop.getProperty("xacml.rest.pap.url"); List paps = Arrays.asList(succeeded.split(",")); PAPServices.setPaps(paps); - PAPServices.junit = true; + PAPServices.setJunit(true); PolicyParameters policyParameters = new PolicyParameters(); policyParameters.setPolicyConfigType(PolicyConfigType.ClosedLoop_Fault); @@ -69,7 +69,7 @@ public class ClosedLoopFaultPolicyServiceTest { @After public void tearDown() throws Exception { PAPServices.setPaps(null); - PAPServices.junit = false; + PAPServices.setJunit(false); } @Test diff --git a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/ClosedLoopPMPolicyServiceTest.java b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/ClosedLoopPMPolicyServiceTest.java index 19bb279e6..99dc67742 100644 --- a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/ClosedLoopPMPolicyServiceTest.java +++ b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/ClosedLoopPMPolicyServiceTest.java @@ -47,7 +47,7 @@ public class ClosedLoopPMPolicyServiceTest { String succeeded = prop.getProperty("xacml.rest.pap.url"); List paps = Arrays.asList(succeeded.split(",")); PAPServices.setPaps(paps); - PAPServices.junit = true; + PAPServices.setJunit(true); PolicyParameters policyParameters = new PolicyParameters(); policyParameters.setPolicyConfigType(PolicyConfigType.ClosedLoop_PM); @@ -69,7 +69,7 @@ public class ClosedLoopPMPolicyServiceTest { @After public void tearDown() throws Exception { PAPServices.setPaps(null); - PAPServices.junit = false; + PAPServices.setJunit(false); } @Test diff --git a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/DecisionPolicyServiceTest.java b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/DecisionPolicyServiceTest.java index 0fcb0027c..fe0668115 100644 --- a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/DecisionPolicyServiceTest.java +++ b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/DecisionPolicyServiceTest.java @@ -49,7 +49,7 @@ public class DecisionPolicyServiceTest { String succeeded = prop.getProperty("xacml.rest.pap.url"); List paps = Arrays.asList(succeeded.split(",")); PAPServices.setPaps(paps); - PAPServices.junit = true; + PAPServices.setJunit(true); PolicyParameters policyParameters = new PolicyParameters(); policyParameters.setPolicyClass(PolicyClass.Decision); @@ -94,7 +94,7 @@ public class DecisionPolicyServiceTest { @After public void tearDown() throws Exception { PAPServices.setPaps(null); - PAPServices.junit = false; + PAPServices.setJunit(false); } @Test diff --git a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/FirewallPolicyServiceTest.java b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/FirewallPolicyServiceTest.java index 4343a5060..ccedd7553 100644 --- a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/FirewallPolicyServiceTest.java +++ b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/FirewallPolicyServiceTest.java @@ -46,7 +46,7 @@ public class FirewallPolicyServiceTest { String succeeded = prop.getProperty("xacml.rest.pap.url"); List paps = Arrays.asList(succeeded.split(",")); PAPServices.setPaps(paps); - PAPServices.junit = true; + PAPServices.setJunit(true); PolicyParameters policyParameters = new PolicyParameters(); policyParameters.setPolicyConfigType(PolicyConfigType.Firewall); //required @@ -67,7 +67,7 @@ public class FirewallPolicyServiceTest { @After public void tearDown() throws Exception { PAPServices.setPaps(null); - PAPServices.junit = false; + PAPServices.setJunit(false); } @Test diff --git a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/MicroServicesPolicyServiceTest.java b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/MicroServicesPolicyServiceTest.java index a9301e728..e460a853b 100644 --- a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/MicroServicesPolicyServiceTest.java +++ b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/MicroServicesPolicyServiceTest.java @@ -47,7 +47,7 @@ public class MicroServicesPolicyServiceTest { String succeeded = prop.getProperty("xacml.rest.pap.url"); List paps = Arrays.asList(succeeded.split(",")); PAPServices.setPaps(paps); - PAPServices.junit = true; + PAPServices.setJunit(true); PolicyParameters policyParameters = new PolicyParameters(); policyParameters.setPolicyConfigType(PolicyConfigType.MicroService); @@ -69,7 +69,7 @@ public class MicroServicesPolicyServiceTest { @After public void tearDown() throws Exception { PAPServices.setPaps(null); - PAPServices.junit = false; + PAPServices.setJunit(false); } @Test diff --git a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/PAPServicesTest.java b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/PAPServicesTest.java index 9d1d13910..93fde841d 100644 --- a/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/PAPServicesTest.java +++ b/ONAP-PDP-REST/src/test/java/org/onap/policy/pdp/rest/api/services/PAPServicesTest.java @@ -40,7 +40,7 @@ public class PAPServicesTest { @Before public void setUp() throws Exception { - PAPServices.junit = true; + PAPServices.setJunit(true); Properties prop = new Properties(); prop.load(new FileInputStream("src/test/resources/pass.xacml.pdp.properties")); String succeeded = prop.getProperty("xacml.rest.pap.url"); @@ -53,7 +53,7 @@ public class PAPServicesTest { @After public void tearDown() throws Exception { PAPServices.setPaps(null); - PAPServices.junit = false; + PAPServices.setJunit(false); } @Test -- cgit 1.2.3-korg