From 510ac390315ad3e6f97a86d9475252a717fd20f0 Mon Sep 17 00:00:00 2001
From: danielhanrahan <daniel.hanrahan@est.tech>
Date: Wed, 2 Mar 2022 20:32:45 +0000
Subject: Fix sonar security issues in policy-gui

Suppress warnings regarding use of @RequestMapping without HTTP method.
It is intentional that these proxy methods handle all requests.

Issue-ID: POLICY-3638
Signed-off-by: danielhanrahan <daniel.hanrahan@est.tech>
Change-Id: I79ce6ef994fcbac17d5d8226eedfd98885e2cdbf
---
 .../java/org/onap/policy/gui/server/rest/ApexEditorRestController.java   | 1 +
 .../main/java/org/onap/policy/gui/server/rest/ClampRestController.java   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/gui-server/src/main/java/org/onap/policy/gui/server/rest/ApexEditorRestController.java b/gui-server/src/main/java/org/onap/policy/gui/server/rest/ApexEditorRestController.java
index a4b92ef..3d7b49f 100644
--- a/gui-server/src/main/java/org/onap/policy/gui/server/rest/ApexEditorRestController.java
+++ b/gui-server/src/main/java/org/onap/policy/gui/server/rest/ApexEditorRestController.java
@@ -33,6 +33,7 @@ public class ApexEditorRestController {
     /**
      * Strip /apex-editor prefix from Apex Editor rest calls.
      */
+    @SuppressWarnings("java:S3752") // Suppress warning about RequestMapping without HTTP method.
     @RequestMapping("/**")
     public ModelAndView forwardApexEditorRest(ModelMap model, HttpServletRequest request) {
         String targetUrl = request.getRequestURI().replaceFirst("^/apex-editor", "");
diff --git a/gui-server/src/main/java/org/onap/policy/gui/server/rest/ClampRestController.java b/gui-server/src/main/java/org/onap/policy/gui/server/rest/ClampRestController.java
index 1975f37..b13003c 100644
--- a/gui-server/src/main/java/org/onap/policy/gui/server/rest/ClampRestController.java
+++ b/gui-server/src/main/java/org/onap/policy/gui/server/rest/ClampRestController.java
@@ -51,6 +51,7 @@ public class ClampRestController {
     /**
      * Proxy rest calls to clamp backend.
      */
+    @SuppressWarnings("java:S3752") // Suppress warning about RequestMapping without HTTP method.
     @RequestMapping("/**")
     public ResponseEntity<String> mirrorRest(@RequestBody(required = false) String body,
                                              @RequestHeader HttpHeaders headers,
-- 
cgit 1.2.3-korg