summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2019-06-17Application Onboarding page changes Kotta, Shireesha (sk434m)60-4442/+6550
Issue-ID: PORTAL-644 Application Onboarding page changes , DB scripts Change-Id: Id689e15f5abd56192420e6761440659531108ab4 Signed-off-by: Kotta, Shireesha (sk434m) <sk434m@att.com>
2019-06-14Merge "WidgetFileApp class DB constraints"Sunder Tattavarada1-56/+13
2019-06-14Merge "FavoritesFunctionalMenuItem class DB constraints"Sunder Tattavarada1-0/+3
2019-06-14Merge "WidgetCatalog class DB constraints"Sunder Tattavarada1-72/+21
2019-06-14Merge "Change default character to utf8 for portal db"Sunder Tattavarada2-2/+3
2019-06-14Merge "Sonar critical fixes in MicroserviceServiceImpl"Sunder Tattavarada1-0/+2
2019-06-14Merge "Sonar fix: make "dateFormat" an instance variable"Sunder Tattavarada8-83/+126
2019-06-14Merge "Sonar critical fixes in EPAppCommonServiceImpl"Sunder Tattavarada1-6/+7
2019-06-14Merge "RoleApp class DB constraints"Sunder Tattavarada3-126/+28
2019-06-14Merge "App class DB constraints"Sunder Tattavarada1-1/+9
2019-06-14Merge "FunctionalMenuItem DB constraints fix"Sunder Tattavarada2-8/+15
2019-06-14Merge "FunctionalMenuItem DB constraints add"Sunder Tattavarada2-13/+47
2019-06-14Merge "XSS Vulnerability fix in DashboardSearchResultController"Sunder Tattavarada2-11/+143
2019-06-14Merge "Custom data validator"Sunder Tattavarada3-3/+164
2019-06-14Merge "XSS Vulnerability fix in TicketEventController"Sunder Tattavarada2-1/+31
2019-06-14Merge "XSS Vulnerability fix in RoleManageController"Sunder Tattavarada3-1/+127
2019-06-14Merge "Fix sql injection vulnerability"Sunder Tattavarada2-3/+34
2019-06-14Merge "XSS Vulnerability fix in AppsOSController"Sunder Tattavarada2-3/+32
2019-06-14Merge "XSS Vulnerability fix in AppsControllerExternalRequest"Sunder Tattavarada8-30/+210
2019-06-14Merge "Sonar issue: Correct this "&" to "&&" in MicroserviceServiceImpl"Sunder Tattavarada1-25/+22
2019-06-14Merge "XSS Vulnerability fix in MicroserviceController"Sunder Tattavarada4-67/+112
2019-06-14Merge "XSS Vulnerability fix in DashboardSearchResultController"Sunder Tattavarada6-58/+270
2019-06-14WidgetFileApp class DB constraintsDominik Mizyn1-56/+13
Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-633 Change-Id: Id7b45dedafe2e5f9e799a93d219baef46c88d124 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14FavoritesFunctionalMenuItem class DB constraintsDominik Mizyn1-0/+3
Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-632 Change-Id: Ia7c2f4ad0aa5cc85db73142d0fecd46da535c3d9 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-13Merge "Fix sonar issue: Override "equals(Object obj)""Sunder Tattavarada2-1/+27
2019-06-13WidgetCatalog class DB constraintsDominik Mizyn1-72/+21
Java Bean Validation SR 380 annotations added to classes Plains getter/setter converted to lombok annotation Issue-ID: PORTAL-630 Change-Id: Id866ec4bc0dc428adfbb7cdc64fe15f7faf837f7 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-13RoleApp class DB constraintsDominik Mizyn3-126/+28
Java Bean Validation SR 380 annotations added to classes Lombod added to widget-ms Plains getter/setter converted to lombok annotation Issue-ID: PORTAL-629 Change-Id: I31639672510994412149ed8be92cb8e1b022f646 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-13App class DB constraintsDominik Mizyn1-1/+9
Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-627 Change-Id: I827f99ef75c6af3f9881fe68f1cb245795ba2734 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-13FunctionalMenuItem DB constraints fixDominik Mizyn2-8/+15
Add @Digits to secure Long type fields Issue-ID: PORTAL-626 Change-Id: I59080c9103369d96a42c574356f0635265335d0a Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-13FunctionalMenuItem DB constraints addDominik Mizyn2-13/+47
Java Bean Validation SR 380 annotations added to classes Unnecessary boxing removed. Issue-ID: PORTAL-626 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: Ic1c20870fd781d46061077fd14b81a65dea93e6e
2019-06-11Updated Dublin Release NotesWelch, Lorraine (lb2391)1-9/+10
Issue-ID: PORTAL-592 Signed-off-by: Welch, Lorraine (lb2391) <lb2391@att.com> Change-Id: I4d1e7e8bd83ed2adb7df25ccf4c694b1c81ef879
2019-06-10Sonar critical fixes in MicroserviceServiceImplr.bogacki1-4/+4
Fixed critical issues according to the Sonar analysis: -Fixed imports. -Fixed logical comparisons. Issue-ID: PORTAL-591 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Icc2b6fb45777582486e1060245cdf94e4f6d685d
2019-06-10Sonar fix: make "dateFormat" an instance variabler.bogacki8-83/+126
Fixed critical Sonar issue. SimpleDateFormat was declared as a static but it is not tread-safe and it keeps an internal state. Compliant solution has been applied with additional DateUtil class. Issue-ID: PORTAL-590 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Ic6243052804a410cb750c6c219c702469c86ff78
2019-06-10Sonar critical fixes in EPAppCommonServiceImplr.bogacki1-6/+7
Fixed issues according to the Sonar analysis: -Fixed imports. -Fixed logical comparisons. -Fixed comparisons between unrelated types. Issue-ID: PORTAL-588 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Ibc204e0218788bb82f947c668d68fb6e88db7043
2019-06-07Added lorraineawelch to INFO.yamlWelch, Lorraine (lb2391)1-0/+5
Issue-ID: PORTAL-618 Signed-off-by: Welch, Lorraine (lb2391) <lb2391@att.com> Change-Id: I3d7f57c8cc20347f8adeefbada2eaffde0940262
2019-06-05XSS Vulnerability fix in DashboardSearchResultControllerDominik Mizyn2-11/+143
Custom Validator is used to secure this endpoints. Issue-ID: OJSI-15 Change-Id: Idf523a53bc5fe9e1df8110526d56336953759c86 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-05Custom data validatorDominik Mizyn3-3/+164
By creating custom data validator we can reduce code duplications. Issue-ID: OJSI-15 Change-Id: I39decf1d6ded559322c4445f0956fad2a159878d Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-31XSS Vulnerability fix in TicketEventControllerDominik Mizyn2-1/+31
@SafeHtml and SecureString used to fix this issue; Issue-ID: OJSI-209 Change-Id: I588872839696c824135bab88c100b31c23d960ba Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-31XSS Vulnerability fix in RoleManageControllerDominik Mizyn3-1/+127
@SafeHtml and SecureString used to secure this class Issue-ID: OJSI-208 Change-Id: Ie01799933add3419cacf0fc716ce2da6da0a2853 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-31XSS Vulnerability fix in AppsOSControllerDominik Mizyn2-3/+32
SecureString class used to secure PathVariable. Issue-ID: OJSI-207 Change-Id: I6275c5db4d8d97dc60ef1676b651e3d8802ad9f7 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-30Merge changes I1c586793,I47249407,Idad22dea,I5c3bee06,I5cb96956Manoop Talasila1-0/+6
* changes: Document OJSI-190 vulnerability Document OJSI-174 (CVE-2019-12318) vulnerability Document OJSI-92 (CVE-2019-12121) vulnerability Document OJSI-65 (CVE-2019-1212) vulnerability Document OJSI-15 (CVE-2019-12317) vulnerability
2019-05-30Merge "Don't give the user the exact stack trace of the exception"Manoop Talasila1-20/+26
2019-05-30Merge "Don't give user the exact exception description"Manoop Talasila1-0/+8
2019-05-30Document OJSI-190 vulnerabilityKrzysztof Opasiak1-0/+1
Issue-ID: OJSI-190 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I1c586793b744a5807e7b1a7a1d416dfd43409ab0
2019-05-30Document OJSI-174 (CVE-2019-12318) vulnerabilityKrzysztof Opasiak1-0/+1
Issue-ID: OJSI-174 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I47249407ccb62ca7ffd1d8edc9ada8793f4c53c9
2019-05-30Document OJSI-92 (CVE-2019-12121) vulnerabilityKrzysztof Opasiak1-0/+1
Issue-ID: OJSI-92 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Idad22deafb262da539c52fa8733e7ea098fd1361
2019-05-30Document OJSI-65 (CVE-2019-1212) vulnerabilityKrzysztof Opasiak1-0/+1
Issue-ID: OJSI-65 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I5c3bee06c2b1da3eca2bb583c57decb35b0f32c0
2019-05-30Document OJSI-15 (CVE-2019-12317) vulnerabilityKrzysztof Opasiak1-0/+2
Issue-ID: OJSI-15 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I5cb96956f25e09a390ef24a52f6222c0cc7b9e94
2019-05-30XSS Vulnerability fix in AppsControllerExternalRequestDominik Mizyn8-30/+210
@SafeHtml annotation is used to fix this problem. This patch also fix some minor issues: * isAuxRESTfulCall() method delete. Method was nowhere used. * '.length() == 0' changed to '.isEmpty()' Issue-ID: PORTAL-604 Change-Id: Ib7091622081f507812654b50275ad7ac4c97bfc3 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-30Sonar issue: Correct this "&" to "&&" in MicroserviceServiceImplDominik Mizyn1-25/+22
This patch also fix some minor issues: * 'fori' loop replaced with 'foreach' * Sonar issue: Replace the type specification in this constructor call with the diamond operator ("<>"). * redundant 'throws'. Exception will never throw * unnecessary temporary local variable Issue-ID: PORTAL-603 Change-Id: If23afb9f4a10f0ad06c712cb95a38b54dc5cd089 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>