diff options
Diffstat (limited to 'ecomp-portal-BE-common/src/main/java/org')
30 files changed, 632 insertions, 208 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequest.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequest.java index cef5fa74..fe029e0e 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequest.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsControllerExternalRequest.java @@ -39,9 +39,15 @@ package org.onap.portalapp.portal.controller; import java.util.List; +import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.validation.ConstraintViolation; +import javax.validation.Valid; +import javax.validation.Validation; +import javax.validation.Validator; +import javax.validation.ValidatorFactory; import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.ecomp.model.PortalRestResponse; @@ -88,16 +94,12 @@ import io.swagger.annotations.ApiOperation; @EnableAspectJAutoProxy @EPAuditLog public class AppsControllerExternalRequest implements BasicAuthenticationController { + private static final ValidatorFactory VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory(); private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsControllerExternalRequest.class); private static final String ONBOARD_APP = "/onboardApp"; - // Where is this used? - public boolean isAuxRESTfulCall() { - return true; - } - /** * For testing whether a user is a superadmin. */ @@ -145,10 +147,20 @@ public class AppsControllerExternalRequest implements BasicAuthenticationControl @RequestMapping(value = "/portalAdmin", method = RequestMethod.POST, produces = "application/json") @ResponseBody public PortalRestResponse<String> postPortalAdmin(HttpServletRequest request, HttpServletResponse response, - @RequestBody EPUser epUser) { + @Valid @RequestBody EPUser epUser) { EcompPortalUtils.logAndSerializeObject(logger, "postPortalAdmin", "request", epUser); PortalRestResponse<String> portalResponse = new PortalRestResponse<>(); + if (epUser!=null){ + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<EPUser>> constraintViolations = validator.validate(epUser); + if (!constraintViolations.isEmpty()){ + portalResponse.setStatus(PortalRestStatusEnum.ERROR); + portalResponse.setMessage("Data is not valid"); + return portalResponse; + } + } + // Check mandatory fields. if (epUser.getEmail() == null || epUser.getEmail().trim().length() == 0 // || epUser.getLoginId() == null || epUser.getLoginId().trim().length() == 0 // @@ -248,10 +260,18 @@ public class AppsControllerExternalRequest implements BasicAuthenticationControl @RequestMapping(value = { ONBOARD_APP }, method = RequestMethod.POST, produces = "application/json") @ResponseBody public PortalRestResponse<String> postOnboardAppExternal(HttpServletRequest request, HttpServletResponse response, - @RequestBody OnboardingApp newOnboardApp) { + @Valid @RequestBody OnboardingApp newOnboardApp) { EcompPortalUtils.logAndSerializeObject(logger, "postOnboardAppExternal", "request", newOnboardApp); PortalRestResponse<String> portalResponse = new PortalRestResponse<>(); - + if (newOnboardApp != null){ + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<OnboardingApp>> constraintViolations = validator.validate(newOnboardApp); + if (!constraintViolations.isEmpty()){ + portalResponse.setStatus(PortalRestStatusEnum.ERROR); + portalResponse.setMessage("Data is not valid"); + return portalResponse; + } + } // Validate fields if (newOnboardApp.id != null) { portalResponse.setStatus(PortalRestStatusEnum.ERROR); @@ -335,9 +355,20 @@ public class AppsControllerExternalRequest implements BasicAuthenticationControl @RequestMapping(value = { ONBOARD_APP + "/{appId}" }, method = RequestMethod.PUT, produces = "application/json") @ResponseBody public PortalRestResponse<String> putOnboardAppExternal(HttpServletRequest request, HttpServletResponse response, - @PathVariable("appId") Long appId, @RequestBody OnboardingApp oldOnboardApp) { + @PathVariable("appId") Long appId, @Valid @RequestBody OnboardingApp oldOnboardApp) { EcompPortalUtils.logAndSerializeObject(logger, "putOnboardAppExternal", "request", oldOnboardApp); PortalRestResponse<String> portalResponse = new PortalRestResponse<>(); + + if (oldOnboardApp != null){ + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<OnboardingApp>> constraintViolations = validator.validate(oldOnboardApp); + if (!constraintViolations.isEmpty()){ + portalResponse.setStatus(PortalRestStatusEnum.ERROR); + portalResponse.setMessage("Data is not valid"); + return portalResponse; + } + } + // Validate fields. if (oldOnboardApp.id == null || !appId.equals(oldOnboardApp.id)) { portalResponse.setStatus(PortalRestStatusEnum.ERROR); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardSearchResultController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardSearchResultController.java index 29f5b20f..04ee5e0b 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardSearchResultController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardSearchResultController.java @@ -45,8 +45,14 @@ import java.util.HashSet; import java.util.List; import java.util.Map; +import java.util.Set; import javax.servlet.http.HttpServletRequest; +import javax.validation.ConstraintViolation; +import javax.validation.Valid; +import javax.validation.Validation; +import javax.validation.Validator; +import javax.validation.ValidatorFactory; import org.onap.portalapp.controller.EPRestrictedBaseController; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.ecomp.model.PortalRestResponse; @@ -56,6 +62,7 @@ import org.onap.portalapp.portal.service.DashboardSearchService; import org.onap.portalapp.portal.transport.CommonWidget; import org.onap.portalapp.portal.transport.CommonWidgetMeta; import org.onap.portalapp.util.EPUserUtils; +import org.onap.portalapp.validation.SecureString; import org.onap.portalsdk.core.domain.support.CollaborateList; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.springframework.beans.factory.annotation.Autowired; @@ -68,6 +75,7 @@ import org.springframework.web.bind.annotation.RestController; @RestController @RequestMapping("/portalApi/search") public class DashboardSearchResultController extends EPRestrictedBaseController { + private static final ValidatorFactory VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory(); private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(DashboardSearchResultController.class); @@ -85,8 +93,11 @@ public class DashboardSearchResultController extends EPRestrictedBaseController @RequestMapping(value = "/widgetData", method = RequestMethod.GET, produces = "application/json") public PortalRestResponse<CommonWidgetMeta> getWidgetData(HttpServletRequest request, @RequestParam String resourceType) { - return new PortalRestResponse<CommonWidgetMeta>(PortalRestStatusEnum.OK, "success", - searchService.getWidgetData(resourceType)); + if (stringIsNotSafeHtml(resourceType)) { + return new PortalRestResponse(PortalRestStatusEnum.ERROR, "resourceType: String string is not valid", ""); + } + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", + searchService.getWidgetData(resourceType)); } /** @@ -97,19 +108,26 @@ public class DashboardSearchResultController extends EPRestrictedBaseController * @return Rest response wrapped around a String; e.g., "success" or "ERROR" */ @RequestMapping(value = "/widgetDataBulk", method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse<String> saveWidgetDataBulk(@RequestBody CommonWidgetMeta commonWidgetMeta) { + public PortalRestResponse<String> saveWidgetDataBulk(@Valid @RequestBody CommonWidgetMeta commonWidgetMeta) { logger.debug(EELFLoggerDelegate.debugLogger, "saveWidgetDataBulk: argument is {}", commonWidgetMeta); - if (commonWidgetMeta.getCategory() == null || commonWidgetMeta.getCategory().trim().equals("")) - return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "ERROR", - "Category cannot be null or empty"); + if (commonWidgetMeta.getCategory() == null || commonWidgetMeta.getCategory().trim().equals("")){ + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "ERROR", + "Cateogry cannot be null or empty"); + }else { + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<CommonWidgetMeta>> constraintViolations = validator.validate(commonWidgetMeta); + if (!constraintViolations.isEmpty()) + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "ERROR", + "Category is not valid"); + } // validate dates for (CommonWidget cw : commonWidgetMeta.getItems()) { String err = validateCommonWidget(cw); if (err != null) - return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, err, null); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, err, null); } - return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "success", - searchService.saveWidgetDataBulk(commonWidgetMeta)); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", + searchService.saveWidgetDataBulk(commonWidgetMeta)); } /** @@ -120,16 +138,23 @@ public class DashboardSearchResultController extends EPRestrictedBaseController * @return Rest response wrapped around a String; e.g., "success" or "ERROR" */ @RequestMapping(value = "/widgetData", method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse<String> saveWidgetData(@RequestBody CommonWidget commonWidget) { + public PortalRestResponse<String> saveWidgetData(@Valid @RequestBody CommonWidget commonWidget) { logger.debug(EELFLoggerDelegate.debugLogger, "saveWidgetData: argument is {}", commonWidget); - if (commonWidget.getCategory() == null || commonWidget.getCategory().trim().equals("")) - return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "ERROR", - "Cateogry cannot be null or empty"); + if (commonWidget.getCategory() == null || commonWidget.getCategory().trim().equals("")){ + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "ERROR", + "Category cannot be null or empty"); + }else { + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<CommonWidget>> constraintViolations = validator.validate(commonWidget); + if (!constraintViolations.isEmpty()) + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "ERROR", + "Category is not valid"); + } String err = validateCommonWidget(commonWidget); if (err != null) - return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, err, null); - return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "success", - searchService.saveWidgetData(commonWidget)); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, err, null); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", + searchService.saveWidgetData(commonWidget)); } /** @@ -162,10 +187,17 @@ public class DashboardSearchResultController extends EPRestrictedBaseController * @return Rest response wrapped around a String; e.g., "success" or "ERROR" */ @RequestMapping(value = "/deleteData", method = RequestMethod.POST, produces = "application/json") - public PortalRestResponse<String> deleteWidgetData(@RequestBody CommonWidget commonWidget) { + public PortalRestResponse<String> deleteWidgetData(@Valid @RequestBody CommonWidget commonWidget) { + if (commonWidget!=null){ + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<CommonWidget>> constraintViolations = validator.validate(commonWidget); + if (!constraintViolations.isEmpty()) + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "ERROR", + "CommonWidget is not valid"); + } logger.debug(EELFLoggerDelegate.debugLogger, "deleteWidgetData: argument is {}", commonWidget); - return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "success", - searchService.deleteWidgetData(commonWidget)); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", + searchService.deleteWidgetData(commonWidget)); } /** @@ -185,11 +217,14 @@ public class DashboardSearchResultController extends EPRestrictedBaseController if (user == null) { return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "searchPortal: User object is null? - check logs", - new HashMap<String, List<SearchResultItem>>()); + new HashMap<>()); } else if (searchString == null || searchString.trim().length() == 0) { return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "searchPortal: String string is null", - new HashMap<String, List<SearchResultItem>>()); - } else { + new HashMap<>()); + }else if (stringIsNotSafeHtml(searchString)){ + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "searchPortal: String string is not valid", + new HashMap<>()); + }else { logger.debug(EELFLoggerDelegate.debugLogger, "searchPortal: user {}, search string '{}'", user.getLoginId(), searchString); Map<String, List<SearchResultItem>> results = searchService.searchResults(user.getLoginId(), @@ -199,7 +234,7 @@ public class DashboardSearchResultController extends EPRestrictedBaseController } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "searchPortal failed", e); return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage() + " - check logs.", - new HashMap<String, List<SearchResultItem>>()); + new HashMap<>()); } } @@ -258,4 +293,13 @@ public class DashboardSearchResultController extends EPRestrictedBaseController } } + private boolean stringIsNotSafeHtml(String string){ + SecureString secureString = new SecureString(string); + + Validator validator = VALIDATOR_FACTORY.getValidator(); + + Set<ConstraintViolation<SecureString>> constraintViolations = validator.validate(secureString); + return !constraintViolations.isEmpty(); + } + } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/MicroserviceController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/MicroserviceController.java index 50eaa600..2f956cc3 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/MicroserviceController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/MicroserviceController.java @@ -39,9 +39,15 @@ package org.onap.portalapp.portal.controller; import java.util.List; +import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.validation.ConstraintViolation; +import javax.validation.Valid; +import javax.validation.Validation; +import javax.validation.Validator; +import javax.validation.ValidatorFactory; import org.onap.portalapp.controller.EPRestrictedBaseController; import org.onap.portalapp.portal.domain.MicroserviceData; import org.onap.portalapp.portal.domain.WidgetCatalog; @@ -72,6 +78,7 @@ import org.springframework.web.client.RestTemplate; @EnableAspectJAutoProxy @EPAuditLog public class MicroserviceController extends EPRestrictedBaseController { + public static final ValidatorFactory VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory(); String whatService = "widgets-service"; RestTemplate template = new RestTemplate(); @@ -84,53 +91,68 @@ public class MicroserviceController extends EPRestrictedBaseController { @RequestMapping(value = { "/portalApi/microservices" }, method = RequestMethod.POST) public PortalRestResponse<String> createMicroservice(HttpServletRequest request, HttpServletResponse response, - @RequestBody MicroserviceData newServiceData) throws Exception { + @Valid @RequestBody MicroserviceData newServiceData) throws Exception { if (newServiceData == null) { - return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", - "MicroserviceData cannot be null or empty"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE", + "MicroserviceData cannot be null or empty"); + }else { + Validator validator = VALIDATOR_FACTORY.getValidator(); + + Set<ConstraintViolation<MicroserviceData>> constraintViolations = validator.validate(newServiceData); + if(!constraintViolations.isEmpty()){ + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, + "ERROR", "MicroserviceData is not valid"); + } } long serviceId = microserviceService.saveMicroservice(newServiceData); try { microserviceService.saveServiceParameters(serviceId, newServiceData.getParameterList()); } catch (Exception e) { - return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage()); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage()); } - return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", ""); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "SUCCESS", ""); } @RequestMapping(value = { "/portalApi/microservices" }, method = RequestMethod.GET) public List<MicroserviceData> getMicroservice(HttpServletRequest request, HttpServletResponse response) throws Exception { - List<MicroserviceData> list = microserviceService.getMicroserviceData(); - return list; + return microserviceService.getMicroserviceData(); } @RequestMapping(value = { "/portalApi/microservices/{serviceId}" }, method = RequestMethod.PUT) public PortalRestResponse<String> updateMicroservice(HttpServletRequest request, HttpServletResponse response, - @PathVariable("serviceId") long serviceId, @RequestBody MicroserviceData newServiceData) throws Exception { + @PathVariable("serviceId") long serviceId, @Valid @RequestBody MicroserviceData newServiceData) { if (newServiceData == null) { - return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", - "MicroserviceData cannot be null or empty"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE", + "MicroserviceData cannot be null or empty"); + }else { + Validator validator = VALIDATOR_FACTORY.getValidator(); + + Set<ConstraintViolation<MicroserviceData>> constraintViolations = validator.validate(newServiceData); + if(!constraintViolations.isEmpty()){ + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, + "ERROR", "MicroserviceData is not valid"); + } } try { microserviceService.updateMicroservice(serviceId, newServiceData); } catch (Exception e) { - return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage()); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage()); } - return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", ""); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "SUCCESS", ""); } @RequestMapping(value = { "/portalApi/microservices/{serviceId}" }, method = RequestMethod.DELETE) public PortalRestResponse<String> deleteMicroservice(HttpServletRequest request, HttpServletResponse response, - @PathVariable("serviceId") long serviceId) throws Exception { + @PathVariable("serviceId") long serviceId) { try { ParameterizedTypeReference<List<WidgetCatalog>> typeRef = new ParameterizedTypeReference<List<WidgetCatalog>>() { }; // If this service is assoicated with widgets, cannnot be deleted - ResponseEntity<List<WidgetCatalog>> ans = (ResponseEntity<List<WidgetCatalog>>) template.exchange( + ResponseEntity<List<WidgetCatalog>> ans = template.exchange( EcompPortalUtils.widgetMsProtocol() + "://" + consulHealthService.getServiceLocation(whatService, SystemProperties.getProperty("microservices.widget.local.port")) + "/widget/microservices/widgetCatalog/service/" + serviceId, HttpMethod.GET, new HttpEntity(WidgetServiceHeaders.getInstance()), typeRef); @@ -140,17 +162,18 @@ public class MicroserviceController extends EPRestrictedBaseController { else{ StringBuilder sb = new StringBuilder(); for(int i = 0; i < widgets.size(); i++){ - sb.append("'" + widgets.get(i).getName() + "' "); + sb.append("'").append(widgets.get(i).getName()).append("' "); if(i < (widgets.size()-1)){ sb.append(","); } } - return new PortalRestResponse<String>(PortalRestStatusEnum.WARN, "SOME WIDGETS ASSOICATE WITH THIS SERVICE", sb.toString()); + return new PortalRestResponse<>(PortalRestStatusEnum.WARN, "SOME WIDGETS ASSOICATE WITH THIS SERVICE", + sb.toString()); } } catch (Exception e) { - return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage()); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage()); } - return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", ""); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, "SUCCESS", ""); } } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java index c8e22d39..3fda5392 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java @@ -50,6 +50,11 @@ import java.util.TreeSet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.validation.ConstraintViolation; +import javax.validation.Valid; +import javax.validation.Validation; +import javax.validation.Validator; +import javax.validation.ValidatorFactory; import org.apache.commons.lang.StringUtils; import org.json.JSONObject; import org.onap.portalapp.controller.EPRestrictedBaseController; @@ -79,6 +84,7 @@ import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; import org.onap.portalapp.util.EPUserUtils; +import org.onap.portalapp.validation.SecureString; import org.onap.portalsdk.core.domain.AuditLog; import org.onap.portalsdk.core.domain.Role; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; @@ -111,6 +117,8 @@ import com.fasterxml.jackson.databind.type.TypeFactory; @EnableAspectJAutoProxy @EPAuditLog public class RoleManageController extends EPRestrictedBaseController { + private static final ValidatorFactory VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory(); + private static final String PIPE = "|"; private static final String ROLE_INVALID_CHARS = "%=():,\"\""; @@ -497,8 +505,17 @@ public class RoleManageController extends EPRestrictedBaseController { } @RequestMapping(value = { "/portalApi/role_function_list/saveRoleFunction/{appId}" }, method = RequestMethod.POST) - public PortalRestResponse<String> saveRoleFunction(HttpServletRequest request, HttpServletResponse response, @RequestBody CentralV2RoleFunction roleFunc, + public PortalRestResponse<String> saveRoleFunction(HttpServletRequest request, HttpServletResponse response, @Valid @RequestBody CentralV2RoleFunction roleFunc, @PathVariable("appId") Long appId) throws Exception { + if (roleFunc!=null) { + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<CentralV2RoleFunction>> constraintViolations = validator.validate(roleFunc); + + if(!constraintViolations.isEmpty()){ + logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction: Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Data is not valid", "ERROR"); + } + } EPUser user = EPUserUtils.getUserSession(request); boolean saveOrUpdateResponse = false; try { @@ -594,6 +611,19 @@ public class RoleManageController extends EPRestrictedBaseController { public PortalRestResponse<String> removeRoleFunction(HttpServletRequest request, HttpServletResponse response, @RequestBody String roleFunc, @PathVariable("appId") Long appId) throws Exception { EPUser user = EPUserUtils.getUserSession(request); + + if (roleFunc!=null) { + SecureString secureString = new SecureString(roleFunc); + + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<SecureString>> constraintViolations = validator.validate(secureString); + + if(!constraintViolations.isEmpty()){ + logger.error(EELFLoggerDelegate.errorLogger, "removeRoleFunction: Failed"); + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Data is not valid", "ERROR"); + } + } + try { EPApp requestedApp = appService.getApp(appId); if (isAuthorizedUser(user, requestedApp)) { @@ -656,6 +686,18 @@ public class RoleManageController extends EPRestrictedBaseController { @RequestMapping(value = { "/portalApi/centralizedApps" }, method = RequestMethod.GET) public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) throws IOException { + if(userId!=null) { + SecureString secureString = new SecureString(userId); + + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<SecureString>> constraintViolations = validator.validate(secureString); + + if(!constraintViolations.isEmpty()){ + logger.error(EELFLoggerDelegate.errorLogger, "removeRoleFunction: Failed"); + return null; + } + } + EPUser user = EPUserUtils.getUserSession(request); List<CentralizedApp> applicationsList = null; if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user) || adminRolesService.isRoleAdmin(user)) { diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/TicketEventController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/TicketEventController.java index b9f6f76d..71f7f81a 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/TicketEventController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/TicketEventController.java @@ -47,6 +47,10 @@ import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.validation.ConstraintViolation; +import javax.validation.Validation; +import javax.validation.Validator; +import javax.validation.ValidatorFactory; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.ecomp.model.PortalRestResponse; import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum; @@ -56,6 +60,7 @@ import org.onap.portalapp.portal.service.UserNotificationService; import org.onap.portalapp.portal.transport.EpNotificationItem; import org.onap.portalapp.portal.transport.EpRoleNotificationItem; import org.onap.portalapp.portal.utils.PortalConstants; +import org.onap.portalapp.validation.SecureString; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; @@ -80,7 +85,7 @@ import io.swagger.annotations.ApiOperation; @EnableAspectJAutoProxy @EPAuditLog public class TicketEventController implements BasicAuthenticationController { - + private static final ValidatorFactory VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory(); @Autowired private UserNotificationService userNotificationService; @@ -105,6 +110,19 @@ public class TicketEventController implements BasicAuthenticationController { logger.debug(EELFLoggerDelegate.debugLogger, "Ticket Event notification" + ticketEventJson); PortalRestResponse<String> portalResponse = new PortalRestResponse<>(); + + if (ticketEventJson!=null){ + SecureString secureString = new SecureString(ticketEventJson); + Validator validator = VALIDATOR_FACTORY.getValidator(); + + Set<ConstraintViolation<SecureString>> constraintViolations = validator.validate(secureString); + if (!constraintViolations.isEmpty()){ + portalResponse.setStatus(PortalRestStatusEnum.ERROR); + portalResponse.setMessage("Data is not valid"); + return portalResponse; + } + } + try { JsonNode ticketEventNotif = mapper.readTree(ticketEventJson); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/AppContactUs.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/AppContactUs.java index 6cf2ea79..0fe8a351 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/AppContactUs.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/AppContactUs.java @@ -37,6 +37,7 @@ */ package org.onap.portalapp.portal.domain; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.support.DomainVo; import com.fasterxml.jackson.annotation.JsonBackReference; @@ -46,10 +47,15 @@ public class AppContactUs extends DomainVo { private static final long serialVersionUID = -2742197830465055134L; @JsonBackReference private EPApp app; + @SafeHtml private String description; + @SafeHtml private String contactEmail; + @SafeHtml private String contactName; + @SafeHtml private String url; + @SafeHtml private String activeYN; public EPApp getApp() { diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/CentralV2RoleFunction.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/CentralV2RoleFunction.java index d2ded5ad..a761103f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/CentralV2RoleFunction.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/CentralV2RoleFunction.java @@ -39,6 +39,7 @@ package org.onap.portalapp.portal.domain; import java.io.Serializable; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.support.DomainVo; import com.fasterxml.jackson.annotation.JsonIgnore; @@ -50,14 +51,18 @@ public class CentralV2RoleFunction extends DomainVo implements Serializable, Com * */ private static final long serialVersionUID = -4018975640065252688L; + @SafeHtml private String code; + @SafeHtml private String name; @JsonIgnore private Long appId; @JsonIgnore private Long roleId; private String type; + @SafeHtml private String action; + @SafeHtml private String editUrl; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPApp.java index 6e77e747..8227d9ab 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPApp.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPApp.java @@ -41,7 +41,9 @@ import java.util.Arrays; import javax.persistence.Lob; +import javax.validation.Valid; import org.apache.commons.lang.StringUtils; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.support.DomainVo; /** @@ -50,29 +52,44 @@ import org.onap.portalsdk.core.domain.support.DomainVo; public class EPApp extends DomainVo { private static final long serialVersionUID = 1L; - + @SafeHtml private String name; + @SafeHtml private String imageUrl; + @SafeHtml private String description; + @SafeHtml private String notes; + @SafeHtml private String url; + @SafeHtml private String alternateUrl; + @SafeHtml private String appRestEndpoint; + @SafeHtml private String mlAppName; + @SafeHtml private String mlAppAdminId; private Long motsId; + @SafeHtml private String username; + @SafeHtml private String appPassword; @Lob private byte[] thumbnail; private Boolean open; private Boolean enabled; + @SafeHtml private String uebTopicName; + @SafeHtml private String uebKey; + @SafeHtml private String uebSecret; private Integer appType; + @Valid private AppContactUs contactUs; private Boolean centralAuth; + @SafeHtml private String nameSpace; public EPApp() { diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPRole.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPRole.java index f9ff97d1..55f7e0cc 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPRole.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPRole.java @@ -41,6 +41,8 @@ import java.util.Iterator; import java.util.SortedSet; import java.util.TreeSet; +import javax.validation.Valid; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.RoleFunction; import org.onap.portalsdk.core.domain.support.DomainVo; import com.fasterxml.jackson.annotation.JsonIgnore; @@ -48,6 +50,7 @@ import com.fasterxml.jackson.annotation.JsonIgnore; public class EPRole extends DomainVo { private static final long serialVersionUID = 1L; + @SafeHtml private String name; private boolean active; private Integer priority; @@ -57,7 +60,7 @@ public class EPRole extends DomainVo { private Long appRoleId; // used by ONAP only private SortedSet<RoleFunction> roleFunctions = new TreeSet<RoleFunction>(); - + @Valid private SortedSet<EPRole> childRoles = new TreeSet<EPRole>(); @JsonIgnore diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java index ce7495f7..dff5601b 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java @@ -42,6 +42,8 @@ import java.util.Iterator; import java.util.SortedSet; import java.util.TreeSet; +import javax.validation.Valid; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalapp.portal.utils.PortalConstants; import org.onap.portalsdk.core.domain.User; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; @@ -52,44 +54,78 @@ public class EPUser extends User { private Long orgId; private Long managerId; + @SafeHtml private String firstName; + @SafeHtml private String middleInitial; + @SafeHtml private String lastName; + @SafeHtml private String phone; + @SafeHtml private String fax; + @SafeHtml private String cellular; + @SafeHtml private String email; private Long addressId; + @SafeHtml private String alertMethodCd; + @SafeHtml private String hrid; + @SafeHtml private String orgUserId; + @SafeHtml private String orgCode; + @SafeHtml private String address1; + @SafeHtml private String address2; + @SafeHtml private String city; + @SafeHtml private String state; + @SafeHtml private String zipCode; + @SafeHtml private String country; + @SafeHtml private String orgManagerUserId; + @SafeHtml private String locationClli; + @SafeHtml private String businessCountryCode; + @SafeHtml private String businessCountryName; + @SafeHtml private String businessUnit; + @SafeHtml private String businessUnitName; + @SafeHtml private String department; + @SafeHtml private String departmentName; + @SafeHtml private String companyCode; + @SafeHtml private String company; + @SafeHtml private String zipCodeSuffix; + @SafeHtml private String jobTitle; + @SafeHtml private String commandChain; + @SafeHtml private String siloStatus; + @SafeHtml private String costCenter; + @SafeHtml private String financialLocCode; - + @SafeHtml private String loginId; + @SafeHtml private String loginPwd; private Date lastLoginDate; private boolean active; @@ -97,6 +133,7 @@ public class EPUser extends User { private Long selectedProfileId; private Long timeZoneId; private boolean online; + @SafeHtml private String chatId; private Integer languageId; private static final long serialVersionUID = 1L; @@ -104,8 +141,9 @@ public class EPUser extends User { private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(EPUser.class); private static final String ECOMP_PORTAL_NAME = "ECOMP"; private boolean isGuest = false; - + @Valid private SortedSet<EPUserApp> userApps = new TreeSet<EPUserApp>(); + @Valid private SortedSet<EPRole> pseudoRoles = new TreeSet<EPRole>(); public EPUser() {} diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java index 3470a9e3..424a9152 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java @@ -37,6 +37,7 @@ */ package org.onap.portalapp.portal.domain; +import javax.validation.Valid; import org.onap.portalsdk.core.domain.support.DomainVo; @SuppressWarnings("rawtypes") @@ -45,7 +46,9 @@ public class EPUserApp extends DomainVo implements java.io.Serializable, Compara private static final long serialVersionUID = 1L; private Long userId; + @Valid private EPApp app; + @Valid private EPRole role; private Integer priority; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/MicroserviceData.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/MicroserviceData.java index f62b8928..b8f79d06 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/MicroserviceData.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/MicroserviceData.java @@ -44,6 +44,8 @@ import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; +import javax.validation.Valid; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.support.DomainVo; public class MicroserviceData extends DomainVo { @@ -55,23 +57,23 @@ public class MicroserviceData extends DomainVo { } private Long id; - + @SafeHtml private String name; - + @SafeHtml private String active; - + @SafeHtml private String desc; private long appId; - + @SafeHtml private String url; - + @SafeHtml private String securityType; - + @SafeHtml private String username; - + @SafeHtml private String password; - + @Valid private List<MicroserviceParameter> parameterList; public Long getId() { diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/MicroserviceParameter.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/MicroserviceParameter.java index 0c645716..848c6a2a 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/MicroserviceParameter.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/MicroserviceParameter.java @@ -37,6 +37,7 @@ */ package org.onap.portalapp.portal.domain; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.support.DomainVo; public class MicroserviceParameter extends DomainVo { @@ -50,9 +51,9 @@ public class MicroserviceParameter extends DomainVo { private Long id; private long serviceId; - + @SafeHtml private String para_key; - + @SafeHtml private String para_value; public Long getId() { diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/SchedulerRestInt.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/SchedulerRestInt.java index cc371719..098846f0 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/SchedulerRestInt.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/SchedulerRestInt.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -38,23 +40,15 @@ package org.onap.portalapp.portal.scheduler; -import java.text.DateFormat; -import java.text.SimpleDateFormat; - +import org.onap.portalapp.util.DateUtil; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; public class SchedulerRestInt { /** The logger. */ EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerRestInterface.class); - - /** The Constant dateFormat. */ - final static DateFormat dateFormat = new SimpleDateFormat("HH:mm:ss:SSSS"); - - /** The request date format. */ - public DateFormat requestDateFormat = new SimpleDateFormat("EEE, dd MMM YYYY HH:mm:ss z"); - + public SchedulerRestInt() { - requestDateFormat.setTimeZone(java.util.TimeZone.getTimeZone("GMT")); + DateUtil.getRequestDateFormat().setTimeZone(java.util.TimeZone.getTimeZone("GMT")); } } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/SchedulerUtil.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/SchedulerUtil.java index ce2048b2..c1ca8735 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/SchedulerUtil.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/SchedulerUtil.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -37,25 +39,21 @@ */ package org.onap.portalapp.portal.scheduler; -import java.text.DateFormat; -import java.text.SimpleDateFormat; -import java.util.Date; - +import com.fasterxml.jackson.databind.ObjectMapper; import org.onap.portalapp.portal.scheduler.restobjects.GetTimeSlotsRestObject; import org.onap.portalapp.portal.scheduler.restobjects.PostCreateNewVnfRestObject; import org.onap.portalapp.portal.scheduler.restobjects.PostSubmitVnfChangeRestObject; import org.onap.portalapp.portal.scheduler.wrapper.GetTimeSlotsWrapper; import org.onap.portalapp.portal.scheduler.wrapper.PostCreateNewVnfWrapper; import org.onap.portalapp.portal.scheduler.wrapper.PostSubmitVnfChangeTimeSlotsWrapper; +import org.onap.portalapp.util.DateUtil; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; -import com.fasterxml.jackson.databind.ObjectMapper; +import java.util.Date; public class SchedulerUtil { private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerUtil.class); - - final static DateFormat dateFormat = new SimpleDateFormat("HH:mm:ss:SSSS"); public static GetTimeSlotsWrapper getTimeSlotsWrapResponse (GetTimeSlotsRestObject<String> rs) { @@ -127,8 +125,10 @@ public class SchedulerUtil { r_json_str = mapper.writeValueAsString(t); } catch ( com.fasterxml.jackson.core.JsonProcessingException j ) { - logger.debug(EELFLoggerDelegate.debugLogger,dateFormat.format(new Date()) + "<== " + methodName + " Unable to parse object as json"); - } + logger.debug(EELFLoggerDelegate.debugLogger, + DateUtil.getDateFormat().format(new Date()) + "<== " + methodName + " Unable " + "to " + + "parse object as json"); + } } return (r_json_str); } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/client/HttpBasicClient.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/client/HttpBasicClient.java index 14b03478..17dc3f1e 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/client/HttpBasicClient.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/client/HttpBasicClient.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -39,9 +41,6 @@ package org.onap.portalapp.portal.scheduler.client; -import java.text.DateFormat; -import java.text.SimpleDateFormat; - import javax.servlet.ServletContext; import javax.ws.rs.client.Client; import javax.ws.rs.client.ClientBuilder; @@ -64,10 +63,6 @@ public class HttpBasicClient{ /** The logger. */ EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpBasicClient.class); - - /** The Constant dateFormat. */ - final static DateFormat dateFormat = new SimpleDateFormat("HH:mm:ss:SSSS"); - /** * Obtain a basic HTTP client . * diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/client/HttpsBasicClient.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/client/HttpsBasicClient.java index 857bec31..d618a6ee 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/client/HttpsBasicClient.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduler/client/HttpsBasicClient.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -39,7 +41,6 @@ package org.onap.portalapp.portal.scheduler.client; import java.io.File; -import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.Date; @@ -55,8 +56,8 @@ import org.glassfish.jersey.client.ClientConfig; import org.glassfish.jersey.client.ClientProperties; import org.onap.portalapp.portal.scheduler.SchedulerProperties; import org.onap.portalapp.portal.scheduler.util.CustomJacksonJaxBJsonProvider; +import org.onap.portalapp.util.DateUtil; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.onap.portalsdk.core.util.SystemProperties; /** * General SSL client using the VID tomcat keystore. It doesn't use client certificates. @@ -66,10 +67,7 @@ public class HttpsBasicClient{ /** The logger. */ static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpsBasicClient.class); - - /** The Constant dateFormat. */ - final static DateFormat dateFormat = new SimpleDateFormat("HH:mm:ss:SSSS"); - + /** * Retrieve an SSL client. * @@ -85,11 +83,14 @@ public class HttpsBasicClient{ SSLContext ctx = null; try { - + + SimpleDateFormat dateFormat = DateUtil.getDateFormat(); config.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true); String truststore_path = SchedulerProperties.getProperty(SchedulerProperties.VID_TRUSTSTORE_FILENAME); - logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " truststore_path=" + truststore_path); + logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " " + + "truststore_path=" + + truststore_path); String truststore_password = SchedulerProperties.getProperty(SchedulerProperties.VID_TRUSTSTORE_PASSWD_X); @@ -97,7 +98,8 @@ public class HttpsBasicClient{ //logger.debug(dateFormat.format(new Date()) + " " + methodName + " decrypted_truststore_password=" + decrypted_truststore_password); File tr = new File (truststore_path); - logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " absolute truststore path=" + tr.getAbsolutePath()); + logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " absolute " + + "truststore path=" + tr.getAbsolutePath()); //String keystore_path = certFilePath + AAIProperties.FILESEPARTOR + SystemProperties.getProperty(AAIProperties.AAI_KEYSTORE_FILENAME); //String keystore_password = SystemProperties.getProperty(AAIProperties.AAI_KEYSTORE_PASSWD_X); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxRestInt.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxRestInt.java index 1785bd13..75919eee 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxRestInt.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxRestInt.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -38,11 +40,11 @@ package org.onap.portalapp.portal.scheduleraux; -import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.Date; import org.onap.portalapp.portal.scheduler.policy.rest.RequestDetails; +import org.onap.portalapp.util.DateUtil; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import com.fasterxml.jackson.databind.ObjectMapper; @@ -51,15 +53,9 @@ public class SchedulerAuxRestInt { /** The logger. */ EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerAuxRestInterface.class); - - /** The Constant dateFormat. */ - final static DateFormat dateFormat = new SimpleDateFormat("HH:mm:ss:SSSS"); - - /** The request date format. */ - public DateFormat requestDateFormat = new SimpleDateFormat("EEE, dd MMM YYYY HH:mm:ss z"); - + public SchedulerAuxRestInt() { - requestDateFormat.setTimeZone(java.util.TimeZone.getTimeZone("GMT")); + DateUtil.getRequestDateFormat().setTimeZone(java.util.TimeZone.getTimeZone("GMT")); } /** @@ -68,6 +64,7 @@ public class SchedulerAuxRestInt { * @param r the r */ public void logRequest ( RequestDetails r ) { + SimpleDateFormat dateFormat = DateUtil.getDateFormat(); String methodName = "logRequest"; ObjectMapper mapper = new ObjectMapper(); String r_json_str = ""; @@ -77,9 +74,13 @@ public class SchedulerAuxRestInt { r_json_str = mapper.writeValueAsString(r); } catch ( com.fasterxml.jackson.core.JsonProcessingException j ) { - logger.debug(EELFLoggerDelegate.debugLogger,dateFormat.format(new Date()) + "<== " + methodName + " Unable to parse request as json"); + logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + "<== " + methodName + " " + + "Unable to " + + "parse request as json"); } } - logger.debug(EELFLoggerDelegate.debugLogger,dateFormat.format(new Date()) + "<== " + methodName + " Request=(" + r_json_str + ")"); + logger.debug(EELFLoggerDelegate.debugLogger,dateFormat.format(new Date()) + "<== " + methodName + " Request=" + + "(" + + r_json_str + ")"); } -}
\ No newline at end of file +} diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxRestInterface.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxRestInterface.java index e0a2fe5f..01a52cc8 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxRestInterface.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxRestInterface.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -37,19 +39,13 @@ */ package org.onap.portalapp.portal.scheduleraux; -import java.lang.reflect.Type; -import java.text.DateFormat; -import java.text.SimpleDateFormat; -import java.util.Collections; -import java.util.Date; - -import javax.annotation.PostConstruct; -import javax.ws.rs.client.Client; -import javax.ws.rs.client.Entity; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.MultivaluedHashMap; -import javax.ws.rs.core.Response; - +import com.fasterxml.jackson.databind.ObjectMapper; +import com.google.gson.Gson; +import com.google.gson.GsonBuilder; +import com.google.gson.JsonDeserializationContext; +import com.google.gson.JsonDeserializer; +import com.google.gson.JsonElement; +import com.google.gson.JsonParseException; import org.apache.commons.codec.binary.Base64; import org.apache.cxf.jaxrs.impl.ResponseImpl; import org.eclipse.jetty.util.security.Password; @@ -59,26 +55,26 @@ import org.onap.portalapp.portal.logging.logic.EPLogUtil; import org.onap.portalapp.portal.scheduler.SchedulerProperties; import org.onap.portalapp.portal.scheduler.client.HttpBasicClient; import org.onap.portalapp.portal.scheduler.policy.rest.RequestDetails; +import org.onap.portalapp.util.DateUtil; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.springframework.http.HttpStatus; import org.springframework.web.client.HttpClientErrorException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.google.gson.Gson; -import com.google.gson.GsonBuilder; -import com.google.gson.JsonDeserializationContext; -import com.google.gson.JsonDeserializer; -import com.google.gson.JsonElement; -import com.google.gson.JsonParseException; +import javax.ws.rs.client.Client; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.MultivaluedHashMap; +import javax.ws.rs.core.Response; +import java.lang.reflect.Type; +import java.text.SimpleDateFormat; +import java.util.Collections; +import java.util.Date; public class SchedulerAuxRestInterface extends SchedulerAuxRestInt implements SchedulerAuxRestInterfaceIfc { /** The logger. */ EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerAuxRestInterface.class); - /** The Constant dateFormat. */ - final static DateFormat dateFormat = new SimpleDateFormat("HH:mm:ss:SSSS"); - /** The client. */ private static Client client = null; @@ -147,6 +143,7 @@ public class SchedulerAuxRestInterface extends SchedulerAuxRestInt implements Sc String methodName = "Get"; logger.debug(EELFLoggerDelegate.debugLogger, " start", methodName); + SimpleDateFormat dateFormat = DateUtil.getDateFormat(); String url = ""; restObject.set(t); @@ -165,8 +162,8 @@ public class SchedulerAuxRestInterface extends SchedulerAuxRestInt implements Sc if (status == 200) { t = (T) cres.readEntity(t.getClass()); restObject.set(t); - logger.debug(EELFLoggerDelegate.debugLogger, " REST api was successfull!", dateFormat.format(new Date()), - methodName); + logger.debug(EELFLoggerDelegate.debugLogger, " REST api was successfull!", + dateFormat.format(new Date()), methodName); } else { throw new Exception(methodName + " with status=" + status + ", url= " + url); @@ -183,6 +180,7 @@ public class SchedulerAuxRestInterface extends SchedulerAuxRestInt implements Sc String methodName = "Delete"; String url = ""; Response cres = null; + SimpleDateFormat dateFormat = DateUtil.getDateFormat(); logRequest(r); @@ -191,7 +189,7 @@ public class SchedulerAuxRestInterface extends SchedulerAuxRestInt implements Sc url = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULERAUX_SERVER_URL_VAL) + path; logger.debug(EELFLoggerDelegate.debugLogger, " methodName sending request to: ", - dateFormat.format(new Date()), url, methodName); + dateFormat.format(new Date()), url, methodName); cres = client.target(url).request().accept("application/json").headers(commonHeaders) // .entity(r) @@ -235,8 +233,8 @@ public class SchedulerAuxRestInterface extends SchedulerAuxRestInt implements Sc url, e); EPLogUtil.schedulerAccessAlarm(logger, e.getStatusCode().value()); } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "Exception with the URL ", dateFormat.format(new Date()), - methodName, url, e); + logger.error(EELFLoggerDelegate.errorLogger, "Exception with the URL ", + dateFormat.format(new Date()), methodName, url, e); EPLogUtil.schedulerAccessAlarm(logger, HttpStatus.INTERNAL_SERVER_ERROR.value()); throw e; @@ -324,4 +322,4 @@ public class SchedulerAuxRestInterface extends SchedulerAuxRestInt implements Sc public void logRequest(RequestDetails r) { // TODO Auto-generated method stub } -}
\ No newline at end of file +} diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java index 4a4c9283..f0f0af5a 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -37,18 +39,13 @@ */ package org.onap.portalapp.portal.scheduleraux; -import java.text.DateFormat; -import java.text.SimpleDateFormat; - import org.glassfish.jersey.client.ClientResponse; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; public class SchedulerAuxUtil { private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerAuxUtil.class); - - final static DateFormat dateFormat = new SimpleDateFormat("HH:mm:ss:SSSS"); - + public static SchedulerAuxResponseWrapper wrapResponse ( String body, int statusCode ) { SchedulerAuxResponseWrapper w = new SchedulerAuxResponseWrapper(); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java index 5c3c51bf..bbb83827 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -63,7 +65,6 @@ import org.onap.portalapp.portal.domain.AdminUserApplications; import org.onap.portalapp.portal.domain.AppIdAndNameTransportModel; import org.onap.portalapp.portal.domain.AppsResponse; import org.onap.portalapp.portal.domain.EPApp; -import org.onap.portalapp.portal.domain.EPRole; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.domain.EPUserAppRolesRequest; import org.onap.portalapp.portal.domain.EPUserAppRolesRequestDetail; @@ -493,7 +494,7 @@ public class EPAppCommonServiceImpl implements EPAppService { if (onboardingApp.name == null || onboardingApp.name.length() == 0 || onboardingApp.url == null || onboardingApp.url.length() == 0 || onboardingApp.restrictedApp == null || onboardingApp.isOpen == null || onboardingApp.isEnabled == null - || (onboardingApp.id != null && onboardingApp.id.equals(ECOMP_APP_ID)) + || (onboardingApp.id != null && ECOMP_APP_ID.equals(onboardingApp.id.toString())) // For a normal app (appType == PortalConstants.PortalAppId), // these fields must be filled // in. @@ -509,7 +510,7 @@ public class EPAppCommonServiceImpl implements EPAppService { if (onboardingApp.name == null || onboardingApp.name.length() == 0 || onboardingApp.url == null || onboardingApp.url.length() == 0 || onboardingApp.restrictedApp == null || onboardingApp.isOpen == null || onboardingApp.isEnabled == null - || (onboardingApp.id != null && onboardingApp.id.equals(ECOMP_APP_ID)) + || (onboardingApp.id != null && ECOMP_APP_ID.equals(onboardingApp.id.toString())) // For a normal app (appType == PortalConstants.PortalAppId), // these fields must be filled // in. @@ -1494,7 +1495,7 @@ public class EPAppCommonServiceImpl implements EPAppService { // Don't encrypt or decrypt the password if it is null or the empty string private String decryptedPassword(String encryptedAppPwd, EPApp app) { String result = ""; - if (encryptedAppPwd != null & encryptedAppPwd.length() > 0) { + if (encryptedAppPwd != null && !encryptedAppPwd.isEmpty()) { try { result = CipherUtil.decryptPKC(encryptedAppPwd, SystemProperties.getProperty(SystemProperties.Decryption_Key)); @@ -1507,7 +1508,7 @@ public class EPAppCommonServiceImpl implements EPAppService { protected String encryptedPassword(String decryptedAppPwd, EPApp app) { String result = ""; - if (decryptedAppPwd != null & decryptedAppPwd.length() > 0) { + if (decryptedAppPwd != null && !decryptedAppPwd.isEmpty()) { try { result = CipherUtil.encryptPKC(decryptedAppPwd, SystemProperties.getProperty(SystemProperties.Decryption_Key)); @@ -1800,4 +1801,4 @@ public class EPAppCommonServiceImpl implements EPAppService { return userAndRoles; } -}
\ No newline at end of file +} diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/MicroserviceServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/MicroserviceServiceImpl.java index e90aeb74..b41d898a 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/MicroserviceServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/MicroserviceServiceImpl.java @@ -4,6 +4,8 @@ * =================================================================== * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -42,8 +44,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import javax.crypto.BadPaddingException; - import org.hibernate.criterion.Criterion; import org.hibernate.criterion.Restrictions; import org.onap.portalapp.portal.domain.MicroserviceData; @@ -75,9 +75,8 @@ public class MicroserviceServiceImpl implements MicroserviceService { return newService.getId(); } - public void saveServiceParameters(long serviceId, List<MicroserviceParameter> list) throws Exception { - for (int i = 0; i < list.size(); i++) { - MicroserviceParameter para = list.get(i); + public void saveServiceParameters(long serviceId, List<MicroserviceParameter> list) { + for (MicroserviceParameter para : list) { para.setServiceId(serviceId); getDataAccessService().saveDomainObject(para, null); } @@ -85,9 +84,9 @@ public class MicroserviceServiceImpl implements MicroserviceService { @Override public MicroserviceData getMicroserviceDataById(long id) { - MicroserviceData data = null; + MicroserviceData data; try { - List<Criterion> restrictionsList = new ArrayList<Criterion>(); + List<Criterion> restrictionsList = new ArrayList<>(); Criterion idCriterion = Restrictions.eq("id", id); restrictionsList.add(idCriterion); data = (MicroserviceData) dataAccessService.getList(MicroserviceData.class, null, restrictionsList, null).get(0); @@ -102,34 +101,35 @@ public class MicroserviceServiceImpl implements MicroserviceService { @SuppressWarnings("unchecked") @Override - public List<MicroserviceData> getMicroserviceData() throws Exception { + public List<MicroserviceData> getMicroserviceData() { List<MicroserviceData> list = (List<MicroserviceData>) dataAccessService.getList(MicroserviceData.class, null); - for (int i = 0; i < list.size(); i++) { - if (list.get(i).getPassword() != null) - list.get(i).setPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD); //to hide password from get request - list.get(i).setParameterList(getServiceParameters(list.get(i).getId())); + for (MicroserviceData microserviceData : list) { + if (microserviceData.getPassword() != null) { + microserviceData + .setPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD); //to hide password from get request + } + microserviceData.setParameterList(getServiceParameters(microserviceData.getId())); } return list; } private List<MicroserviceParameter> getServiceParameters(long serviceId) { - List<MicroserviceParameter> list = getMicroServiceParametersList(serviceId); - return list; + return getMicroServiceParametersList(serviceId); } @SuppressWarnings("unchecked") private List<MicroserviceParameter> getMicroServiceParametersList(long serviceId) { - List<Criterion> restrictionsList = new ArrayList<Criterion>(); + List<Criterion> restrictionsList = new ArrayList<>(); Criterion serviceIdCriterion = Restrictions.eq("serviceId", serviceId); restrictionsList.add(serviceIdCriterion); return (List<MicroserviceParameter>) dataAccessService.getList(MicroserviceParameter.class, null, restrictionsList, null); } @Override - public void deleteMicroservice(long serviceId) throws Exception { + public void deleteMicroservice(long serviceId) { try { - Map<String, String> params = new HashMap<String, String>(); + Map<String, String> params = new HashMap<>(); params.put("serviceId", Long.toString(serviceId)); dataAccessService.executeNamedQuery("deleteMicroserviceParameter", params, null); @@ -156,17 +156,16 @@ public class MicroserviceServiceImpl implements MicroserviceService { getDataAccessService().saveDomainObject(newService, null); List<MicroserviceParameter> oldService = getServiceParameters(serviceId); boolean foundParam; - for (int i = 0; i < oldService.size(); i++) { + for (MicroserviceParameter microserviceParameter : oldService) { foundParam = false; for (int n = 0; n < newService.getParameterList().size(); n++) { - if (newService.getParameterList().get(n).getId().equals(oldService.get(i).getId())) { + if (newService.getParameterList().get(n).getId().equals(microserviceParameter.getId())) { foundParam = true; break; } } - if (foundParam == false) { - MicroserviceParameter pd = oldService.get(i); - getDataAccessService().deleteDomainObject(pd, null); + if (!foundParam) { + getDataAccessService().deleteDomainObject(microserviceParameter, null); } } for (int i = 0; i < newService.getParameterList().size(); i++) { @@ -184,7 +183,7 @@ public class MicroserviceServiceImpl implements MicroserviceService { @Override @SuppressWarnings("unchecked") public List<MicroserviceParameter> getParametersById(long serviceId) { - List<Criterion> restrictionsList = new ArrayList<Criterion>(); + List<Criterion> restrictionsList = new ArrayList<>(); Criterion contextIdCrit = Restrictions.eq("serviceId", serviceId); restrictionsList.add(contextIdCrit); List<MicroserviceParameter> list = (List<MicroserviceParameter>) dataAccessService @@ -196,7 +195,7 @@ public class MicroserviceServiceImpl implements MicroserviceService { private String decryptedPassword(String encryptedPwd) throws Exception { String result = ""; - if (encryptedPwd != null & encryptedPwd.length() > 0) { + if (encryptedPwd != null && !encryptedPwd.isEmpty()) { try { result = CipherUtil.decryptPKC(encryptedPwd, SystemProperties.getProperty(SystemProperties.Decryption_Key)); @@ -210,7 +209,7 @@ public class MicroserviceServiceImpl implements MicroserviceService { private String encryptedPassword(String decryptedPwd) throws Exception { String result = ""; - if (decryptedPwd != null & decryptedPwd.length() > 0) { + if (decryptedPwd != null && !decryptedPwd.isEmpty()) { try { result = CipherUtil.encryptPKC(decryptedPwd, SystemProperties.getProperty(SystemProperties.Decryption_Key)); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java index 5d9761ce..aaaf91bd 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java @@ -176,10 +176,10 @@ public class UserRolesCommonServiceImpl { * * @param userId */ - protected void createLocalUserIfNecessary(String userId) { + protected boolean createLocalUserIfNecessary(String userId) { if (StringUtils.isEmpty(userId)) { logger.error(EELFLoggerDelegate.errorLogger, "createLocalUserIfNecessary : empty userId!"); - return; + return false; } Session localSession = null; Transaction transaction = null; @@ -188,7 +188,10 @@ public class UserRolesCommonServiceImpl { transaction = localSession.beginTransaction(); @SuppressWarnings("unchecked") List<EPUser> userList = localSession - .createQuery("from " + EPUser.class.getName() + " where orgUserId='" + userId + "'").list(); + .createQuery("from :name where orgUserId=:userId") + .setParameter("name",EPUser.class.getName()) + .setParameter("userId",userId) + .list(); if (userList.size() == 0) { EPUser client = searchService.searchUserByUserId(userId); if (client == null) { @@ -202,9 +205,11 @@ public class UserRolesCommonServiceImpl { } } transaction.commit(); + return true; } catch (Exception e) { EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); EcompPortalUtils.rollbackTransaction(transaction, "searchOrCreateUser rollback, exception = " + e); + return false; } finally { EcompPortalUtils.closeLocalSession(localSession, "searchOrCreateUser"); } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java index 2ada8ed1..17007a5f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java @@ -38,6 +38,7 @@ package org.onap.portalapp.portal.transport; import java.io.Serializable; +import java.util.Objects; @SuppressWarnings("rawtypes") public class CentralV2UserApp implements Serializable, Comparable{ @@ -99,7 +100,20 @@ public class CentralV2UserApp implements Serializable, Comparable{ this.priority = priority; } - + @Override + public boolean equals(Object other) { + if (this == other) { + return true; + } + if (!(other instanceof CentralV2UserApp)) { + return false; + } + CentralV2UserApp castOther = (CentralV2UserApp) other; + return Objects.equals(this.userId, castOther.userId) && + Objects.equals(this.app, castOther.app) && + Objects.equals(this.role, castOther.role) && + Objects.equals(this.priority, castOther.priority); + } public int compareTo(Object other){ CentralV2UserApp castOther = (CentralV2UserApp) other; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidget.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidget.java index ec27d987..3fbdc3e8 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidget.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidget.java @@ -44,6 +44,7 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import org.hibernate.validator.constraints.SafeHtml; import org.onap.portalsdk.core.domain.support.DomainVo; import com.fasterxml.jackson.annotation.JsonInclude; @@ -63,28 +64,33 @@ public class CommonWidget extends DomainVo{ private Long id; @Column(name = "category") + @SafeHtml public String category; @Column(name = "href") + @SafeHtml public String href; @Column(name = "title") + @SafeHtml public String title; @Column(name = "content") + @SafeHtml public String content; @Column(name = "event_date") + @SafeHtml public String eventDate; @Column(name = "sort_order") public Integer sortOrder; - + public CommonWidget(){ - + } - + public CommonWidget(String category, String href, String title, String content, String eventDate, Integer sortOrder){ this.category = category; this.href = href; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidgetMeta.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidgetMeta.java index 55dfc91a..51a02652 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidgetMeta.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidgetMeta.java @@ -38,14 +38,17 @@ package org.onap.portalapp.portal.transport; import java.util.List; +import javax.validation.Valid; +import org.hibernate.validator.constraints.SafeHtml; public class CommonWidgetMeta { - + @SafeHtml private String category; + @Valid private List<CommonWidget> items; - - public CommonWidgetMeta(){ - + + public CommonWidgetMeta(){ + } public CommonWidgetMeta(String category, List<CommonWidget> items){ diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/OnboardingApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/OnboardingApp.java index f2503b42..37ad5add 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/OnboardingApp.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/OnboardingApp.java @@ -37,6 +37,8 @@ */ package org.onap.portalapp.portal.transport; +import org.hibernate.validator.constraints.SafeHtml; + /** * Model of rows in the fn_app table; serialized as a message add or update an * on-boarded application. @@ -44,21 +46,21 @@ package org.onap.portalapp.portal.transport; public class OnboardingApp { public Long id; - + @SafeHtml public String name; - + @SafeHtml public String imageUrl; - + @SafeHtml public String imageLink; - + @SafeHtml public String description; - + @SafeHtml public String notes; - + @SafeHtml public String url; - + @SafeHtml public String alternateUrl; - + @SafeHtml public String restUrl; public Boolean isOpen; @@ -66,27 +68,27 @@ public class OnboardingApp { public Boolean isEnabled; public Long motsId; - + @SafeHtml public String myLoginsAppName; - + @SafeHtml public String myLoginsAppOwner; - + @SafeHtml public String username; - + @SafeHtml public String appPassword; - + @SafeHtml public String thumbnail; - + @SafeHtml public String uebTopicName; - + @SafeHtml public String uebKey; - + @SafeHtml public String uebSecret; public Boolean restrictedApp; public Boolean isCentralAuth; - + @SafeHtml public String nameSpace; /** diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/util/DateUtil.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/util/DateUtil.java new file mode 100644 index 00000000..211f8ab9 --- /dev/null +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/util/DateUtil.java @@ -0,0 +1,56 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (c) 2019 Samsung. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portalapp.util; + +import java.text.SimpleDateFormat; + +public class DateUtil { + + private DateUtil() { + throw new IllegalStateException("Utility class"); + } + + public static SimpleDateFormat getDateFormat() { + return new SimpleDateFormat("HH:mm:ss:SSSS"); + } + + public static SimpleDateFormat getRequestDateFormat(){ + return new SimpleDateFormat("EEE, dd MMM YYYY HH:mm:ss z"); + } +} diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/DataValidator.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/DataValidator.java new file mode 100644 index 00000000..46a60c81 --- /dev/null +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/DataValidator.java @@ -0,0 +1,63 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portalapp.validation; + +import java.util.Set; +import javax.validation.ConstraintViolation; +import javax.validation.Validation; +import javax.validation.Validator; +import javax.validation.ValidatorFactory; +import org.springframework.stereotype.Component; + +@Component +public class DataValidator { + private static final ValidatorFactory VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory(); + + public <E> Set<ConstraintViolation<E>> getConstraintViolations(E classToValid){ + Validator validator = VALIDATOR_FACTORY.getValidator(); + Set<ConstraintViolation<E>> constraintViolations = validator.validate(classToValid); + return constraintViolations; + } + + public <E> boolean isValid(E classToValid){ + Set<ConstraintViolation<E>> constraintViolations = getConstraintViolations(classToValid); + return constraintViolations.isEmpty(); + } + +} diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/SecureString.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/SecureString.java new file mode 100644 index 00000000..2afbddac --- /dev/null +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/SecureString.java @@ -0,0 +1,55 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portalapp.validation; + +import org.hibernate.validator.constraints.SafeHtml; + +public class SecureString { + + @SafeHtml + private String data; + + public SecureString(String string) { + this.data = string; + } + + public String getString() { + return data; + } +} |