diff options
17 files changed, 270 insertions, 668 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/jarutil/ExtractJar.java b/ecomp-portal-BE-common/src/main/java/jarutil/ExtractJar.java index b5508636..50059d37 100644 --- a/ecomp-portal-BE-common/src/main/java/jarutil/ExtractJar.java +++ b/ecomp-portal-BE-common/src/main/java/jarutil/ExtractJar.java @@ -45,18 +45,17 @@ import java.io.OutputStream; import java.io.Reader; import java.io.Writer; import java.net.URL; +import java.util.Objects; import java.util.jar.JarEntry; import java.util.jar.JarInputStream; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; public class ExtractJar { - - public static final int bufferSize = 8192; - public static final String jarFile = "raptor_upgrade.jar"; + private static final int BUFFER_SIZE = 8192; private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExtractJar.class); - public static void main(String[] args) throws Exception { + public static void main(String[] args) { if (args.length > 0 && args[0] != null && args[0].length() > 0) extractFilesFromJar(args[0]); else { @@ -66,52 +65,42 @@ public class ExtractJar { } } - public static void extractFilesFromJar(String directory) throws IOException { + @SuppressWarnings("ResultOfMethodCallIgnored") + public static void extractFilesFromJar(String directory) { Class clazz = ExtractJar.class; - String classContainer = clazz.getProtectionDomain().getCodeSource().getLocation().toString(); URL jarUrl = clazz.getProtectionDomain().getCodeSource().getLocation(); try(JarInputStream entryStream = new JarInputStream(jarUrl.openStream())){ JarEntry entry; - while (true) { entry = entryStream.getNextJarEntry(); if (entry == null) - break; - if (entry.getName().indexOf("jarutil") < 0) { - logger.info(entry.getName()); - File file = new File(directory, entry.getName()); - if (entry.isDirectory()) { - if (!file.exists()) + logger.info("Raptor setup complete"); + if (!Objects.requireNonNull(entry).getName().contains("jarutil")) { + logger.info(entry.getName()); + File file = new File(directory, entry.getName()); + if (entry.isDirectory() && !file.exists()) { file.mkdirs(); - } else { - // make directory (some jars don't list dirs) - File dir = new File(file.getParent()); - if (!dir.exists()) - dir.mkdirs(); - if (file.exists()) - file.delete(); - // Make file - FileOutputStream fout = new FileOutputStream(file); - copy(entryStream, fout); - fout.close(); - - // touch the file. - if (entry.getTime() >= 0) - file.setLastModified(entry.getTime()); + } else { + // make directory (some jars don't list dirs) + File dir = new File(file.getParent()); + if (!dir.exists()) + dir.mkdirs(); + if (file.exists()) + file.delete(); + // Make file + FileOutputStream fos = new FileOutputStream(file); + copy(entryStream, fos); + fos.close(); + + // touch the file. + if (entry.getTime() >= 0) + file.setLastModified(entry.getTime()); + } + } - - } entryStream.closeEntry(); - } - System.out.println("************************************************"); - System.out.println("* *"); - System.out.println("* *"); - System.out.println("* RAPTOR SETUP COMPLETE. *"); - System.out.println("* *"); - System.out.println("* Thank you for upgrading. *"); - System.out.println("* *"); - System.out.println("************************************************"); + logger.info("Raptor setup complete"); }catch(Exception e) { logger.error("Exception in extractFilesFromJar",e); } @@ -119,14 +108,14 @@ public class ExtractJar { } public static void copy(InputStream in, OutputStream out, long byteCount) throws IOException { - byte[] buffer = new byte[bufferSize]; - int len = bufferSize; + byte[] buffer = new byte[BUFFER_SIZE]; + int len; if (byteCount >= 0) { while (byteCount > 0) { - if (byteCount < bufferSize) + if (byteCount < BUFFER_SIZE) len = in.read(buffer, 0, (int) byteCount); else - len = in.read(buffer, 0, bufferSize); + len = in.read(buffer, 0, BUFFER_SIZE); if (len == -1) break; @@ -135,7 +124,7 @@ public class ExtractJar { } } else { while (true) { - len = in.read(buffer, 0, bufferSize); + len = in.read(buffer, 0, BUFFER_SIZE); if (len < 0) break; out.write(buffer, 0, len); @@ -148,14 +137,14 @@ public class ExtractJar { * Copy Reader to Writer for byteCount bytes or until EOF or exception. */ public static void copy(Reader in, Writer out, long byteCount) throws IOException { - char[] buffer = new char[bufferSize]; - int len = bufferSize; + char[] buffer = new char[BUFFER_SIZE]; + int len; if (byteCount >= 0) { while (byteCount > 0) { - if (byteCount < bufferSize) + if (byteCount < BUFFER_SIZE) len = in.read(buffer, 0, (int) byteCount); else - len = in.read(buffer, 0, bufferSize); + len = in.read(buffer, 0, BUFFER_SIZE); if (len == -1) break; @@ -164,7 +153,7 @@ public class ExtractJar { } } else { while (true) { - len = in.read(buffer, 0, bufferSize); + len = in.read(buffer, 0, BUFFER_SIZE); if (len == -1) break; out.write(buffer, 0, len); @@ -186,8 +175,9 @@ public class ExtractJar { public static boolean deleteDir(File dir) { if (dir.isDirectory()) { String[] children = dir.list(); - for (int i = 0; i < children.length; i++) { - boolean success = deleteDir(new File(dir, children[i])); + assert children != null; + for (String child : children) { + boolean success = deleteDir(new File(dir, child)); if (!success) { return false; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/PortalAdminController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/PortalAdminController.java index 1186f444..32b28c7d 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/PortalAdminController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/PortalAdminController.java @@ -56,12 +56,15 @@ import org.onap.portalapp.portal.transport.PortalAdmin; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.util.EPUserUtils; +import org.onap.portalapp.validation.DataValidator; +import org.onap.portalapp.validation.SecureString; import org.onap.portalsdk.core.domain.AuditLog; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.service.AuditService; import org.onap.portalsdk.core.util.SystemProperties; import org.slf4j.MDC; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; @@ -70,18 +73,24 @@ import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; @RestController -@org.springframework.context.annotation.Configuration +@Configuration @EnableAspectJAutoProxy @EPAuditLog public class PortalAdminController extends EPRestrictedBaseController { - @Autowired - PortalAdminService portalAdminService; - @Autowired - AdminRolesService adminRolesService; - @Autowired - AuditService auditService; + private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalAdminController.class); + private static final DataValidator DATA_VALIDATOR = new DataValidator(); - EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalAdminController.class); + private PortalAdminService portalAdminService; + private AdminRolesService adminRolesService; + private AuditService auditService; + + @Autowired + public PortalAdminController(PortalAdminService portalAdminService, + AdminRolesService adminRolesService, AuditService auditService){ + this.portalAdminService = portalAdminService; + this.adminRolesService = adminRolesService; + this.auditService = auditService; + } @RequestMapping(value = { "/portalApi/portalAdmins" }, method = RequestMethod.GET, produces = "application/json") public List<PortalAdmin> getPortalAdmins(HttpServletRequest request, HttpServletResponse response) { @@ -116,7 +125,10 @@ public class PortalAdminController extends EPRestrictedBaseController { HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); FieldsValidator fieldsValidator = null; - if (user == null) { + if(!DATA_VALIDATOR.isValid(new SecureString(userId))){ + logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin not valid userId"); + EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin"); + }else if (user == null) { logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.createPortalAdmin, null user"); EcompPortalUtils.setBadPermissions(user, response, "createPortalAdmin"); } else if (!adminRolesService.isSuperAdmin(user)) { @@ -158,6 +170,12 @@ public class PortalAdminController extends EPRestrictedBaseController { @RequestMapping(value = { "/portalApi/portalAdmin/{userInfo}" }, method = RequestMethod.DELETE) public FieldsValidator deletePortalAdmin(HttpServletRequest request, @PathVariable("userInfo") String userInfo, HttpServletResponse response) { + + if(!DATA_VALIDATOR.isValid(new SecureString(userInfo))){ + logger.debug(EELFLoggerDelegate.debugLogger, "PortalAdminController.deletePortalAdmin not valid userId"); + return null; + } + int userIdIdx = userInfo.indexOf("-"); Long userId = null; String sbcid = null; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/SharedContext.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/SharedContext.java index b3adf0a6..14837dbf 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/SharedContext.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/SharedContext.java @@ -45,6 +45,13 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import javax.validation.constraints.Digits; +import javax.validation.constraints.NotNull; +import javax.validation.constraints.Size; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.support.DomainVo; /** @@ -55,137 +62,39 @@ import org.onap.portalsdk.core.domain.support.DomainVo; */ @Entity @Table(name = "fn_shared_context") +@NoArgsConstructor +@Getter +@Setter public class SharedContext extends DomainVo { - - // generated private static final long serialVersionUID = 7287469622586677888L; @Id @GeneratedValue(strategy = GenerationType.AUTO) + @Digits(integer = 11, fraction = 0) private Long id; + + @NotNull private Date create_time; + + @NotNull + @SafeHtml + @Size(max = 64) private String context_id; + + @NotNull + @SafeHtml + @Size(max = 128) private String ckey; - private String cvalue; - /** - * Mandatory no-argument constructor - */ - public SharedContext() { - } + @NotNull + @SafeHtml + @Size(max = 1024) + private String cvalue; - /** - * Convenience constructor. The database ID and creation timestamp are - * populated when the object is added to the database. - * - * @param contextId - * context ID - * @param key - * context key - * @param value - * context value - */ public SharedContext(final String contextId, final String key, final String value) { this.context_id = contextId; this.ckey = key; this.cvalue = value; } - /** - * Gets the database row ID. - * - * @return Database row ID - */ - public Long getId() { - return id; - } - - /** - * Sets the database row ID. - * - * @param id - * database row ID - */ - public void setId(final Long id) { - this.id = id; - } - - /** - * Gets the creation time - * - * @return Creation time as a Date - */ - public Date getCreate_time() { - return create_time; - } - - /** - * Sets the creation time - * - * @param create_time - * Date - */ - public void setCreate_time(final Date create_time) { - this.create_time = create_time; - } - - /** - * Gets the context ID - * - * @return Context ID - */ - public String getContext_id() { - return context_id; - } - - /** - * Sets the context ID - * - * @param context_id - * String - */ - public void setContext_id(final String context_id) { - this.context_id = context_id; - } - - /** - * Gets the key of the key-value pair. Called ckey because "key" is a - * reserved word in Mysql. - * - * @return The key - */ - public String getCkey() { - return ckey; - } - - /** - * Sets the key of the key-value pair. - * - * @param ckey - * String - */ - public void setCkey(final String ckey) { - this.ckey = ckey; - } - - /** - * Gets the value of the key-value pair. Called cvalue because "value" is a - * reserved word in Mysql. - * - * @return value - */ - public String getCvalue() { - return cvalue; - } - - /** - * Sets the value of the key-value pair. - * - * @param cvalue - * value - */ - public void setCvalue(final String cvalue) { - this.cvalue = cvalue; - } - } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java index 146050a4..39c906a1 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java @@ -40,6 +40,7 @@ package org.onap.portalapp.portal.interceptor; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; import java.util.Set; import java.util.regex.Matcher; @@ -246,7 +247,7 @@ public class PortalResourceInterceptor extends ResourceInterceptor { logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the loop as the uri contains auxapi : {}"); String nameSpace=PortalApiProperties.getProperty(PortalApiConstants.AUTH_NAMESPACE); logger.debug(EELFLoggerDelegate.debugLogger, "namespace form the portal properties : {}",nameSpace); - Boolean accessallowed=AuthUtil.isAccessAllowed(request, nameSpace); + Boolean accessallowed=AuthUtil.isAccessAllowed(request, nameSpace, new HashMap<>()); logger.debug(EELFLoggerDelegate.debugLogger, "AccessAllowed for the request and namespace : {}",accessallowed); if(accessallowed){ logger.debug(EELFLoggerDelegate.debugLogger, "AccessAllowed is allowed: {}",accessallowed); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java index 656cf9ea..b41dcd7a 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java @@ -283,13 +283,20 @@ public class UserRolesCommonServiceImpl { transaction = localSession.beginTransaction(); @SuppressWarnings("unchecked") List<EPUser> userList = localSession - .createQuery("from " + EPUser.class.getName() + " where orgUserId='" + userId + "'").list(); + .createQuery("from :name where orgUserId=:userId") + .setParameter("name",EPUser.class.getName()) + .setParameter("userId",userId) + .list(); if (userList.size() > 0) { EPUser client = userList.get(0); roleActive = ("DELETE".equals(reqType)) ? "" : " and role.active = 'Y'"; @SuppressWarnings("unchecked") - List<EPUserApp> userRoles = localSession.createQuery("from " + EPUserApp.class.getName() - + " where app.id=" + appId + roleActive + " and userId=" + client.getId()).list(); + List<EPUserApp> userRoles = localSession.createQuery("from :name where app.id=:appId :roleActive and userId=:userId") + .setParameter("name",EPUserApp.class.getName()) + .setParameter("appId",appId) + .setParameter("roleActive",roleActive) + .setParameter("userId",client.getId()) + .list(); if ("DELETE".equals(reqType)) { for (EPUserApp userAppRoleList : userRoles) { @@ -335,7 +342,10 @@ public class UserRolesCommonServiceImpl { } else { // remote app @SuppressWarnings("unchecked") List<EPRole> roles = localSession - .createQuery("from " + EPRole.class.getName() + " where appId=" + appId).list(); + .createQuery("from :name where appId=:appId") + .setParameter("name",EPRole.class.getName()) + .setParameter("appId",appId) + .list(); for (EPRole role : roles) { if (!extRequestValue && app.getCentralAuth()) { rolesMap.put(role.getId(), role); @@ -587,8 +597,9 @@ public class UserRolesCommonServiceImpl { "syncAppRoles: There is exactly 1 menu item for this role, so emptying the url"); @SuppressWarnings("unchecked") List<FunctionalMenuItem> funcMenuItems = localSession - .createQuery( - "from " + FunctionalMenuItem.class.getName() + " where menuId=" + menuId) + .createQuery("from :name where menuId=:menuId") + .setParameter("name",FunctionalMenuItem.class.getName()) + .setParameter("menuId",menuId) .list(); if (funcMenuItems.size() > 0) { logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item"); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidget.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidget.java index 3fbdc3e8..90277877 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidget.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidget.java @@ -44,6 +44,11 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import javax.validation.constraints.Pattern; +import javax.validation.constraints.Size; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.support.DomainVo; import com.fasterxml.jackson.annotation.JsonInclude; @@ -54,6 +59,9 @@ import com.fasterxml.jackson.annotation.JsonInclude; @Entity @Table(name="fn_common_widget_data") @JsonInclude(JsonInclude.Include.NON_NULL) +@NoArgsConstructor +@Getter +@Setter public class CommonWidget extends DomainVo{ private static final long serialVersionUID = 7897021982887364557L; @@ -64,22 +72,28 @@ public class CommonWidget extends DomainVo{ private Long id; @Column(name = "category") + @Size(max = 32) @SafeHtml public String category; @Column(name = "href") + @Size(max = 512) @SafeHtml public String href; @Column(name = "title") + @Size(max = 256) @SafeHtml public String title; @Column(name = "content") + @Size(max = 4096) @SafeHtml public String content; @Column(name = "event_date") + @Size(max = 10) + @Pattern(regexp = "([1-2][0-9]{3})-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])") @SafeHtml public String eventDate; @@ -87,10 +101,6 @@ public class CommonWidget extends DomainVo{ public Integer sortOrder; - public CommonWidget(){ - - } - public CommonWidget(String category, String href, String title, String content, String eventDate, Integer sortOrder){ this.category = category; this.href = href; @@ -100,63 +110,4 @@ public class CommonWidget extends DomainVo{ this.sortOrder = sortOrder; } - public String getCategory() { - return category; - } - - public void setCategory(String category) { - this.category = category; - } - - public String getHref() { - return href; - } - - public void setHref(String href) { - this.href = href; - } - - public String getTitle() { - return title; - } - - public void setTitle(String title) { - this.title = title; - } - - public Integer getSortOrder() { - return sortOrder; - } - - public void setSortOrder(Integer sortOrder) { - this.sortOrder = sortOrder; - } - - public static long getSerialversionuid() { - return serialVersionUID; - } - - public Long getId() { - return id; - } - - public void setId(Long id) { - this.id = id; - } - - public String getContent() { - return content; - } - - public void setContent(String content) { - this.content = content; - } - - public String getEventDate() { - return eventDate; - } - - public void setEventDate(String eventDate) { - this.eventDate = eventDate; - } } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EpNotificationItem.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EpNotificationItem.java index 8f912297..7a10e959 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EpNotificationItem.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EpNotificationItem.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -52,7 +52,13 @@ import javax.persistence.JoinColumn; import javax.persistence.OneToMany; import javax.persistence.Table; import javax.persistence.Transient; - +import javax.validation.constraints.Digits; +import javax.validation.constraints.Size; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.support.DomainVo; @@ -63,287 +69,77 @@ import org.onap.portalsdk.core.domain.support.DomainVo; @Entity @Table(name = "ep_notification") +@NoArgsConstructor +@Getter +@Setter +@EqualsAndHashCode(callSuper = false) public class EpNotificationItem extends DomainVo { - public EpNotificationItem() { - }; - private static final long serialVersionUID = 1L; @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "notification_ID") + @Digits(integer = 11, fraction = 0) public Long notificationId; @Column(name = "is_for_online_users") + @Size(max = 1) + @SafeHtml public String isForOnlineUsers; @Column(name = "is_for_all_roles") + @Size(max = 1) + @SafeHtml public String isForAllRoles; @Column(name = "active_YN") + @Size(max = 1) + @SafeHtml public String activeYn; - + @Column(name = "msg_header") + @Size(max = 100) + @SafeHtml public String msgHeader; @Column(name = "msg_description") + @Size(max = 2000) + @SafeHtml public String msgDescription; - + @Column(name = "msg_source") + @Size(max = 50) + @SafeHtml public String msgSource; @Column(name = "start_time") public Date startTime; - + @Column(name = "end_time") public Date endTime; @Column(name = "priority") + @Digits(integer = 11, fraction = 0) public Long priority; - + @Column(name = "creator_ID") + @Digits(integer = 11, fraction = 0) public Long creatorId; - + @Column(name = "created_date") public Date createdDate; - + @Column(name = "notification_hyperlink") + @Size(max = 512) + @SafeHtml public String notificationHyperlink; - - + @OneToMany(fetch = FetchType.LAZY, cascade = {CascadeType.ALL}, orphanRemoval = true) @JoinColumn(name="notification_ID") private Set<EpRoleNotificationItem> roles; - + @Transient private List<Long> roleIds; - - public Long getNotificationId() { - return notificationId; - } - - public void setNotificationId(Long notificationId) { - this.notificationId = notificationId; - } - - public String getIsForOnlineUsers() { - return isForOnlineUsers; - } - - public void setIsForOnlineUsers(String isForOnlineUsers) { - this.isForOnlineUsers = isForOnlineUsers; - } - - public String getIsForAllRoles() { - return isForAllRoles; - } - - public void setIsForAllRoles(String isForAllRoles) { - this.isForAllRoles = isForAllRoles; - } - - public String getActiveYn() { - return activeYn; - } - - public void setActiveYn(String activeYn) { - this.activeYn = activeYn; - } - - public String getMsgHeader() { - return msgHeader; - } - - public void setMsgHeader(String msgHeader) { - this.msgHeader = msgHeader; - } - - public String getMsgDescription() { - return msgDescription; - } - - public void setMsgDescription(String msgDescription) { - this.msgDescription = msgDescription; - } - - public Date getStartTime() { - return startTime; - } - - public void setStartTime(Date startTime) { - this.startTime = startTime; - } - - public Date getEndTime() { - return endTime; - } - - public void setEndTime(Date endTime) { - this.endTime = endTime; - } - - public Long getPriority() { - return priority; - } - - public void setPriority(Long priority) { - this.priority = priority; - } - - public Long getCreatorId() { - return creatorId; - } - - public void setCreatorId(Long creatorId) { - this.creatorId = creatorId; - } - - public Date getCreatedDate() { - return createdDate; - } - - public void setCreatedDate(Date createdDate) { - this.createdDate = createdDate; - } - - public static long getSerialversionuid() { - return serialVersionUID; - } - - public Set<EpRoleNotificationItem> getRoles() { - return roles; - } - - public void setRoles(Set<EpRoleNotificationItem> roles) { - this.roles = roles; - } - - public List<Long> getRoleIds() { - return roleIds; - } - - public void setRoleIds(List<Long> roleIds) { - this.roleIds = roleIds; - } - - public String getMsgSource() { - return msgSource; - } - - public void setMsgSource(String msgSource) { - this.msgSource = msgSource; - } - - public String getNotificationHyperlink() { - return notificationHyperlink; - } - - public void setNotificationHyperlink(String notificationHyperlink) { - this.notificationHyperlink = notificationHyperlink; - } - - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result + ((activeYn == null) ? 0 : activeYn.hashCode()); - result = prime * result + ((createdDate == null) ? 0 : createdDate.hashCode()); - result = prime * result + ((creatorId == null) ? 0 : creatorId.hashCode()); - result = prime * result + ((endTime == null) ? 0 : endTime.hashCode()); - result = prime * result + ((isForAllRoles == null) ? 0 : isForAllRoles.hashCode()); - result = prime * result + ((isForOnlineUsers == null) ? 0 : isForOnlineUsers.hashCode()); - result = prime * result + ((msgDescription == null) ? 0 : msgDescription.hashCode()); - result = prime * result + ((msgHeader == null) ? 0 : msgHeader.hashCode()); - result = prime * result + ((msgSource == null) ? 0 : msgSource.hashCode()); - result = prime * result + ((notificationId == null) ? 0 : notificationId.hashCode()); - result = prime * result + ((priority == null) ? 0 : priority.hashCode()); - result = prime * result + ((roleIds == null) ? 0 : roleIds.hashCode()); - result = prime * result + ((roles == null) ? 0 : roles.hashCode()); - result = prime * result + ((startTime == null) ? 0 : startTime.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) { - if (this == obj) - return true; - if (obj == null) - return false; - if (getClass() != obj.getClass()) - return false; - EpNotificationItem other = (EpNotificationItem) obj; - if (activeYn == null) { - if (other.activeYn != null) - return false; - } else if (!activeYn.equals(other.activeYn)) - return false; - if (createdDate == null) { - if (other.createdDate != null) - return false; - } else if (!createdDate.equals(other.createdDate)) - return false; - if (creatorId == null) { - if (other.creatorId != null) - return false; - } else if (!creatorId.equals(other.creatorId)) - return false; - if (endTime == null) { - if (other.endTime != null) - return false; - } else if (!endTime.equals(other.endTime)) - return false; - if (isForAllRoles == null) { - if (other.isForAllRoles != null) - return false; - } else if (!isForAllRoles.equals(other.isForAllRoles)) - return false; - if (isForOnlineUsers == null) { - if (other.isForOnlineUsers != null) - return false; - } else if (!isForOnlineUsers.equals(other.isForOnlineUsers)) - return false; - if (msgDescription == null) { - if (other.msgDescription != null) - return false; - } else if (!msgDescription.equals(other.msgDescription)) - return false; - if (msgHeader == null) { - if (other.msgHeader != null) - return false; - } else if (!msgHeader.equals(other.msgHeader)) - return false; - if (msgSource == null) { - if (other.msgSource != null) - return false; - } else if (!msgSource.equals(other.msgSource)) - return false; - if (notificationId == null) { - if (other.notificationId != null) - return false; - } else if (!notificationId.equals(other.notificationId)) - return false; - if (priority == null) { - if (other.priority != null) - return false; - } else if (!priority.equals(other.priority)) - return false; - if (roleIds == null) { - if (other.roleIds != null) - return false; - } else if (!roleIds.equals(other.roleIds)) - return false; - if (roles == null) { - if (other.roles != null) - return false; - } else if (!roles.equals(other.roles)) - return false; - if (startTime == null) { - if (other.startTime != null) - return false; - } else if (!startTime.equals(other.startTime)) - return false; - return true; - } @Override public String toString() { @@ -353,5 +149,5 @@ public class EpNotificationItem extends DomainVo { + ", endTime=" + endTime + ", priority=" + priority + ", creatorId=" + creatorId + ", createdDate=" + createdDate + ", roles=" + roles + ", roleIds=" + roleIds + "]"; } - + } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EpRoleNotificationItem.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EpRoleNotificationItem.java index bda65401..b258ab0d 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EpRoleNotificationItem.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EpRoleNotificationItem.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -44,65 +44,36 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import javax.validation.constraints.Digits; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; import org.onap.portalsdk.core.domain.support.DomainVo; @Entity @Table(name="ep_role_notification") +@NoArgsConstructor +@Getter +@Setter public class EpRoleNotificationItem extends DomainVo { - public EpRoleNotificationItem(){}; - private static final long serialVersionUID = 1L; @Id @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name = "ID") + @Digits(integer = 11, fraction = 0) public Long id; @Column(name = "notification_ID") + @Digits(integer = 11, fraction = 0) public Long notificationId; @Column(name = "role_ID") + @Digits(integer = 11, fraction = 0) public Integer roleId; @Column(name = "recv_user_id") + @Digits(integer = 11, fraction = 0) public Integer RecvUserId; - - public Long getId() { - return id; - } - - public void setId(Long id) { - this.id = id; - } - - public Long getNotificationId() { - return notificationId; - } - - public void setNotificationId(Long notificationId) { - this.notificationId = notificationId; - } - - public Integer getRoleId() { - return roleId; - } - - public void setRoleId(Integer roleId) { - this.roleId = roleId; - } - - public static long getSerialversionuid() { - return serialVersionUID; - } - - public Integer getRecvUserId() { - return RecvUserId; - } - - public void setRecvUserId(Integer recvUserId) { - RecvUserId = recvUserId; - } - - } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/FavoritesFunctionalMenuItemJson.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/FavoritesFunctionalMenuItemJson.java index 71004cc4..1c444a9f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/FavoritesFunctionalMenuItemJson.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/FavoritesFunctionalMenuItemJson.java @@ -44,7 +44,7 @@ import javax.persistence.Entity; import javax.persistence.Id; import javax.persistence.Table; import javax.persistence.Transient; - +import javax.validation.constraints.Digits; /** @@ -55,21 +55,23 @@ import javax.persistence.Transient; public class FavoritesFunctionalMenuItemJson implements Serializable { private static final long serialVersionUID = 1L; - + @Id @Column(name = "user_id") + @Digits(integer = 11, fraction = 0) public Long userId; - + @Id @Column(name = "menu_id") + @Digits(integer = 11, fraction = 0) public Long menuId; - + @Column(name = "text") public String text; - + @Column(name = "url") public String url; - + @Transient public Boolean restrictedApp; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/FunctionalMenuRole.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/FunctionalMenuRole.java index 0cb7c0f4..a177334e 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/FunctionalMenuRole.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/FunctionalMenuRole.java @@ -44,90 +44,41 @@ import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import javax.validation.constraints.Digits; +import javax.validation.constraints.NotNull; +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; +import lombok.ToString; @Entity @Table(name="fn_menu_functional_roles") +@Getter +@Setter +@ToString +@EqualsAndHashCode public class FunctionalMenuRole implements Serializable { private static final long serialVersionUID = 1L; @Id @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name = "ID") + @Digits(integer = 11, fraction = 0) public Integer id; - + @Column(name = "MENU_ID") + @Digits(integer = 11, fraction = 0) + @NotNull public Long menuId; - + @Column(name = "APP_ID") + @Digits(integer = 11, fraction = 0) + @NotNull public Integer appId; - + @Column(name = "ROLE_ID") + @Digits(integer = 11, fraction = 0) + @NotNull public Integer roleId; - public Integer getId() { - return id; - } - - public void setId(Integer id) { - this.id = id; - } - - public Long getMenuId() { - return menuId; - } - - public void setMenuId(Long menuId) { - this.menuId = menuId; - } - - public Integer getAppId() { - return appId; - } - - public void setAppId(Integer appId) { - this.appId = appId; - } - - public Integer getRoleId() { - return roleId; - } - - public void setRoleId(Integer roleId) { - this.roleId = roleId; - } - - @Override - public String toString() { - return "FunctionalMenuRole [id=" + id + ", menuId=" + menuId + ", appId=" + appId + ", roleId=" + roleId + "]"; - } - - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result + ((appId == null) ? 0 : appId.hashCode()); - result = prime * result + ((id == null) ? 0 : id.hashCode()); - result = prime * result + ((menuId == null) ? 0 : menuId.hashCode()); - result = prime * result + ((roleId == null) ? 0 : roleId.hashCode()); - return result; - } - - @Override - public boolean equals(Object o) { - - if (o == this) return true; - if (!(o instanceof FunctionalMenuRole)) { - return false; - } - FunctionalMenuRole functionalMenuRole = (FunctionalMenuRole) o; - System.out.println("test"); - return id.equals(functionalMenuRole.getId()) && - menuId.equals(functionalMenuRole.menuId) && - appId.equals(functionalMenuRole.appId) && - roleId.equals(functionalMenuRole.roleId) ; - } - - - - } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/PortalAdmin.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/PortalAdmin.java index d923df8c..62e768db 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/PortalAdmin.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/PortalAdmin.java @@ -45,59 +45,41 @@ import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import javax.validation.constraints.Digits; +import javax.validation.constraints.Size; +import lombok.Getter; +import lombok.Setter; +import org.hibernate.validator.constraints.SafeHtml; /** * This is to handle portal admins */ @Entity @Table(name = "fn_user") +@Getter +@Setter public class PortalAdmin implements Serializable { private static final long serialVersionUID = 1L; @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name = "user_id") + @Digits(integer = 11, fraction = 0) public Long userId; @Column(name = "login_id") + @Size(max = 25) + @SafeHtml public String loginId; @Column(name = "first_name") + @Size(max = 50) + @SafeHtml public String firstName; @Column(name = "last_name") + @Size(max = 50) + @SafeHtml public String lastName; - public Long getUserId() { - return userId; - } - - public void setUserId(Long userId) { - this.userId = userId; - } - - public String getLoginId() { - return loginId; - } - - public void setLoginId(String loginId) { - this.loginId = loginId; - } - - public String getFirstName() { - return firstName; - } - - public void setFirstName(String firstName) { - this.firstName = firstName; - } - - public String getLastName() { - return lastName; - } - - public void setLastName(String lastName) { - this.lastName = lastName; - } - } diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/DashboardSearchResultControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/DashboardSearchResultControllerTest.java index 34667853..c905e8d1 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/DashboardSearchResultControllerTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/DashboardSearchResultControllerTest.java @@ -182,8 +182,8 @@ public class DashboardSearchResultControllerTest { @Test public void saveWidgetDataBulkIfCategoryNullTest() { PortalRestResponse<String> ecpectedPortalRestResponse = new PortalRestResponse<>(); - ecpectedPortalRestResponse.setMessage("java.text.ParseException: Unparseable date: \"1\""); - ecpectedPortalRestResponse.setResponse(null); + ecpectedPortalRestResponse.setMessage("ERROR"); + ecpectedPortalRestResponse.setResponse("Category is not valid"); ecpectedPortalRestResponse.setStatus(PortalRestStatusEnum.ERROR); CommonWidgetMeta commonWidgetMeta = new CommonWidgetMeta(); @@ -280,8 +280,8 @@ public class DashboardSearchResultControllerTest { @Test public void saveWidgetDataDateErrorTest() { PortalRestResponse<String> ecpectedPortalRestResponse = new PortalRestResponse<>(); - ecpectedPortalRestResponse.setMessage("java.text.ParseException: Unparseable date: \"1\""); - ecpectedPortalRestResponse.setResponse(null); + ecpectedPortalRestResponse.setMessage("ERROR"); + ecpectedPortalRestResponse.setResponse("Category is not valid"); ecpectedPortalRestResponse.setStatus(PortalRestStatusEnum.ERROR); CommonWidget commonWidget = new CommonWidget(); commonWidget.setId((long) 1); diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/PortalAdminControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/PortalAdminControllerTest.java index 20bb3e8b..bd8d1551 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/PortalAdminControllerTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/PortalAdminControllerTest.java @@ -42,22 +42,17 @@ import static org.junit.Assert.assertNull; import java.util.ArrayList; import java.util.List; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - import org.junit.Before; import org.junit.Test; import org.mockito.InjectMocks; -import org.mockito.Matchers; import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.MockitoAnnotations; -import org.onap.portalapp.portal.controller.PortalAdminController; import org.onap.portalapp.portal.core.MockEPUser; import org.onap.portalapp.portal.domain.EPRole; import org.onap.portalapp.portal.domain.EPUser; -import org.onap.portalapp.portal.exceptions.NoHealthyServiceException; import org.onap.portalapp.portal.framework.MockitoTestSuite; import org.onap.portalapp.portal.service.AdminRolesService; import org.onap.portalapp.portal.service.AdminRolesServiceImpl; @@ -73,7 +68,7 @@ import org.onap.portalsdk.core.service.AuditServiceImpl; public class PortalAdminControllerTest extends MockitoTestSuite{ @InjectMocks - PortalAdminController portalAdminController = new PortalAdminController(); + PortalAdminController portalAdminController; @Mock AdminRolesService adminRolesService = new AdminRolesServiceImpl(); @@ -168,9 +163,22 @@ public class PortalAdminControllerTest extends MockitoTestSuite{ assertEquals(actualFieldValidator,expectedFieldValidator); } - - + @Test + public void createPortalAdminXSSTest() + { + EPUser user = mockUser.mockEPUser(); + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); + FieldsValidator expectedFieldValidator = null; + FieldsValidator actualFieldValidator; + String userId = "<IMG SRC=jAVasCrIPt:alert(‘XSS’)>"; + Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(true); + Mockito.when(portalAdminService.createPortalAdmin(userId)).thenReturn(expectedFieldValidator); + actualFieldValidator = portalAdminController.createPortalAdmin(mockedRequest, userId, mockedResponse); + assertEquals(expectedFieldValidator, actualFieldValidator); + + } + @Test public void createPortalAdminIfUserIsNullTest() { @@ -204,6 +212,17 @@ public class PortalAdminControllerTest extends MockitoTestSuite{ assertNull(actualPortalAdminsList); } + + @Test + public void deletePortalAdminXSSTest() + { + EPUser user = mockUser.mockEPUser(); + Mockito.when(EPUserUtils.getUserSession(mockedRequest)).thenReturn(user); + Mockito.when(adminRolesService.isSuperAdmin(user)).thenReturn(true); + FieldsValidator actualFieldValidator = portalAdminController.deletePortalAdmin(mockedRequest,"<img src=xss onerror=alert(1)>" , mockedResponse); + assertNull(actualFieldValidator); + + } @Test public void deletePortalAdminTest1() diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java index 9b5058d3..fb6c325c 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImplTest.java @@ -473,8 +473,10 @@ public class UserRolesCommonServiceImplTest { Mockito.when(epFunctionalMenuQuery2.setParameter("menuId",10l)).thenReturn(epFunctionalMenuQuery2); Mockito.doReturn(mockFunctionalMenuRolesList).when(epFunctionalMenuQuery2).list(); - Mockito.when(session.createQuery("from " + FunctionalMenuItem.class.getName() + " where menuId=" + 10l)) + Mockito.when(session.createQuery("from :name where menuId=:menuId")) .thenReturn(epFunctionalMenuItemQuery); + Mockito.when(epFunctionalMenuItemQuery.setParameter("name",FunctionalMenuItem.class.getName())).thenReturn(epFunctionalMenuItemQuery); + Mockito.when(epFunctionalMenuItemQuery.setParameter("menuId",10l)).thenReturn(epFunctionalMenuItemQuery); Mockito.doReturn(mockFunctionalMenuItemList).when(epFunctionalMenuItemQuery).list(); List<EcompRole> mockEcompRoleList2 = new ArrayList<>(); EcompRole mockUserAppRoles = new EcompRole(); diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/FunctionalMenuRoleTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/FunctionalMenuRoleTest.java index 3000c2f4..44047322 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/FunctionalMenuRoleTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/FunctionalMenuRoleTest.java @@ -37,41 +37,41 @@ */ package org.onap.portalapp.portal.transport; -import static org.junit.Assert.*; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; import org.junit.Test; -import org.onap.portalapp.portal.transport.FunctionalMenuRole; public class FunctionalMenuRoleTest { public FunctionalMenuRole mockFunctionalMenuRole(){ FunctionalMenuRole functionalMenuRole = new FunctionalMenuRole(); - + functionalMenuRole.setId(1); functionalMenuRole.setMenuId((long)1); functionalMenuRole.setAppId(1); functionalMenuRole.setRoleId(1); - + return functionalMenuRole; } - + @Test public void functionalMenuRoleTest(){ FunctionalMenuRole functionalMenuRole = mockFunctionalMenuRole(); - + FunctionalMenuRole functionalMenuRole1 = new FunctionalMenuRole(); functionalMenuRole1.setId(1); functionalMenuRole1.setMenuId((long)1); functionalMenuRole1.setAppId(1); functionalMenuRole1.setRoleId(1); - + assertEquals(functionalMenuRole.getId().toString(), "1"); assertEquals(functionalMenuRole.getMenuId(), new Long(1)); assertEquals(functionalMenuRole.getAppId().toString(), "1"); assertEquals(functionalMenuRole.getRoleId().toString(), "1"); - assertEquals(functionalMenuRole.toString(), "FunctionalMenuRole [id=1, menuId=1, appId=1, roleId=1]"); + assertEquals(functionalMenuRole.toString(), "FunctionalMenuRole(id=1, menuId=1, appId=1, roleId=1)"); assertTrue(functionalMenuRole.equals(functionalMenuRole1)); assertEquals(functionalMenuRole.hashCode(), functionalMenuRole1.hashCode()); - + } } diff --git a/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/controller/DashboardSearchResultControllerTest.java b/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/controller/DashboardSearchResultControllerTest.java index ff588daa..297abef8 100644 --- a/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/controller/DashboardSearchResultControllerTest.java +++ b/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/controller/DashboardSearchResultControllerTest.java @@ -146,8 +146,8 @@ public class DashboardSearchResultControllerTest { @Test public void saveWidgetDataBulkExceptionTest() { PortalRestResponse<String> ecpectedPortalRestResponse = new PortalRestResponse<String>(); - ecpectedPortalRestResponse.setMessage("java.text.ParseException: Unparseable date: \"date\""); - ecpectedPortalRestResponse.setResponse(null); + ecpectedPortalRestResponse.setMessage("ERROR"); + ecpectedPortalRestResponse.setResponse("Category is not valid"); ecpectedPortalRestResponse.setStatus(PortalRestStatusEnum.ERROR); CommonWidgetMeta commonWidgetMeta = new CommonWidgetMeta(); commonWidgetMeta.setCategory("test"); @@ -270,8 +270,8 @@ public class DashboardSearchResultControllerTest { @Test public void saveWidgetDataExceptionTest() { PortalRestResponse<String> ecpectedPortalRestResponse = new PortalRestResponse<String>(); - ecpectedPortalRestResponse.setMessage("java.text.ParseException: Unparseable date: \"date\""); - ecpectedPortalRestResponse.setResponse(null); + ecpectedPortalRestResponse.setMessage("ERROR"); + ecpectedPortalRestResponse.setResponse("Category is not valid"); ecpectedPortalRestResponse.setStatus(PortalRestStatusEnum.ERROR); CommonWidget commonWidget = new CommonWidget(); commonWidget.setCategory("test"); diff --git a/ecomp-portal-widget-ms/widget-ms/src/main/java/org/onap/portalapp/widget/service/impl/WidgetCatalogServiceImpl.java b/ecomp-portal-widget-ms/widget-ms/src/main/java/org/onap/portalapp/widget/service/impl/WidgetCatalogServiceImpl.java index b99863eb..59180d37 100644 --- a/ecomp-portal-widget-ms/widget-ms/src/main/java/org/onap/portalapp/widget/service/impl/WidgetCatalogServiceImpl.java +++ b/ecomp-portal-widget-ms/widget-ms/src/main/java/org/onap/portalapp/widget/service/impl/WidgetCatalogServiceImpl.java @@ -244,16 +244,15 @@ public class WidgetCatalogServiceImpl implements WidgetCatalogService { logger.debug("WidgetCatalogServiceImpl.getWidgetCatalog: result={}", widgets); return widgets; } - - - - - + private void updateAppId(long widgetId, Set<RoleApp> roles){ Session session = sessionFactory.openSession(); for(RoleApp role: roles){ - String sql = "UPDATE ep_widget_catalog_role SET app_id = " + role.getApp().getAppId() + " WHERE widget_id = " + widgetId + " AND ROLE_ID = " + role.getRoleId() ; + String sql = "UPDATE ep_widget_catalog_role SET app_id = :appId WHERE widget_id = :widgetId AND ROLE_ID = :roleId" ; Query query = session.createSQLQuery(sql); + query.setParameter("appId", role.getApp().getAppId()); + query.setParameter("widgetId", widgetId); + query.setParameter("roleId", role.getRoleId()); query.executeUpdate(); } session.flush(); |