summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2019-07-22Merge "XSS Vulnerability fix in AuxApiRequestMapperController"Manoop Talasila5-22/+352
2019-07-22Merge "XSS Vulnerability fix in SharedContextRestController"Manoop Talasila3-70/+200
2019-07-22Merge "XSS Vulnerability fix in WidgetsController"Manoop Talasila3-25/+106
2019-07-22Merge "XSS Vulnerability fix in AuditLogController"Manoop Talasila2-20/+42
2019-07-22Merge "XSS Vulnerability fix in AppContactUsController"Manoop Talasila3-52/+101
2019-07-22Merge "XSS Vulnerability fix in AppsController"Manoop Talasila8-127/+209
2019-07-19Merge "NoClassDefFoundError javax/xml/bind/ValidationException"Lorraine Welch1-0/+5
2019-07-15XSS Vulnerability fix in AuxApiRequestMapperControllerDominik Mizyn5-22/+352
Custom data validotor is used to valid incoming data. Issue-ID: OJSI-15 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: I1b2a1fe0fcb6278a7b12017479243009142c2cbd
2019-07-12NoClassDefFoundError javax/xml/bind/ValidationExceptionDominik Mizyn1-0/+5
Add dependency to pom.xml file Issue-ID: PORTAL-660 Change-Id: I02e21024d10cca71b2f090117fb0afdf0b29578b Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-07-12Unused classes delete from PortalDominik Mizyn3-514/+0
These classes are unused anywhere in the Portal project. Issue-ID: PORTAL-655 Change-Id: If92d0df0efb0b5120190a44c46b2fed31ba32b89 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-07-12XSS Vulnerability fix in SharedContextRestControllerDominik Mizyn3-70/+200
Custom data validator used to secure this class Issue-ID: OJSI-15 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: I231731b9deb60310b698d70179cddd471cffd7fb
2019-07-12XSS Vulnerability fix in WidgetsControllerDominik Mizyn3-25/+106
Custom data validator used to fix this issue. Issue-ID: OJSI-15 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: I0113097b2118656780f4f9bca8b4ee99e85b6f6d
2019-07-12XSS Vulnerability fix in AuditLogControllerDominik Mizyn2-20/+42
Custom data validator used to fix this issue. Issue-ID: OJSI-15 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: Iafaca1806cf7106b91efdfd9cb40132020b114f2
2019-07-12XSS Vulnerability fix in AppContactUsControllerDominik Mizyn3-52/+101
Custom data validator used to fix this issue. Issue-ID: OJSI-15 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: Ie8df4df552cfe53e3839c7021284f0226ea56a39
2019-07-12XSS Vulnerability fix in AppsControllerDominik Mizyn8-127/+209
Custom XSS filter used to fix thisa issue. DataValidator upgrade to single instance of ValidatorFactory; Issue-ID: OJSI-15 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: I7222cfb84e1e5bb240619aac9c7bca85d215229a
2019-07-11CRLF fix in your-angular-app.rst fileDominik Mizyn1-55/+55
Fix CRLF Issue-ID: PORTAL-659 Change-Id: I562115ec29306e8a73b31f1f0e62e05b54cfdd9d Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-07-10Revert "Fix sql injection vulnerability"Krzysztof Opasiak2-6/+3
This reverts commit 941133a42bad6a1d73c63913a950d1e4bc814fde. This is required because this commit breaks the portal unit test due to some other changes that happen between verify job and merge of that commit. Issue-ID: OJSI-174 Change-Id: Ieb53f8ba23e2b1b05c67ec4d7d51c6d5107cfb87 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2019-07-10Merge "LanguageServiceImpl logging vulnerability fix"Sunder Tattavarada1-14/+20
2019-07-10Merge "EPAppServiceImpl class fix."Sunder Tattavarada1-35/+9
2019-07-09Merge "SharedContext class DB constraints"Manoop Talasila1-116/+25
2019-07-09Merge "FunctionalMenuRole class DB constraints"Manoop Talasila2-78/+29
2019-07-09Merge "PortalAdmin class DB constraints"Manoop Talasila1-32/+14
2019-07-09Merge "FavoritesFunctionalMenuItemJson class DB constraints"Manoop Talasila1-6/+8
2019-07-09Merge "EpNotificationItem class DB constraints"Manoop Talasila1-242/+38
2019-07-09Merge "EpRoleNotificationItem class DB constraints"Manoop Talasila1-41/+12
2019-07-09Merge "ExtractJar sonar issues fix"Manoop Talasila1-51/+41
2019-07-09Merge "CommonWidget class DB constraints"Manoop Talasila3-71/+22
2019-07-09Merge "XSS Vulnerability fix in PortalAdminController"Sunder Tattavarada2-17/+54
2019-07-08Merge "Fix sql injection vulnerability"Sunder Tattavarada1-2/+6
2019-07-08Merge "Fix sql injection vulnerability"Sunder Tattavarada1-1/+4
2019-07-08Merge "Fix sql injection vulnerability"Sunder Tattavarada1-1/+4
2019-07-08Merge "Fix sql injection vulnerability"Sunder Tattavarada2-3/+6
2019-07-08Merge "Fix sql injection vulnerability"Sunder Tattavarada1-6/+5
2019-07-05XSS Vulnerability fix in PortalAdminControllerDominik Mizyn2-17/+54
Custom data validator used to fix this issue. Issue-ID: OJSI-15 Change-Id: I224887d31e4e2d7301544194ef44ba38e66e047d Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-07-03AuthUtil method isAccessAllowed() argument changeDominik Mizyn1-1/+2
Change argument length to match argument length from to sdk version. Issue-ID: PORTAL-656 Change-Id: I6fe28800e0baccaab43419d3aa0d8c43b1ebe771 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-07-01LanguageServiceImpl logging vulnerability fixDominik Mizyn1-14/+20
Sonar issue: "Use a logger to log this exception" fix This patch also minor code issues Issue-ID: PORTAL-622 Change-Id: I304285ca7837bcf929249f7c6b93b6de9cf8fae5 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-07-01EPAppServiceImpl class fix.Dominik Mizyn1-35/+9
Sonar issues fix: Remove this unused "logger" private field. Remove this unused "syncRests" private field. unused imports delete and unneeded fields initialization fix. StringBuilder performance fix. Issue-ID: PORTAL-620 Change-Id: Ibd1cf732b216594b47801767d0a98e59b0aba200 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-25Fix sql injection vulnerabilityDominik Orliński1-1/+4
Use a variable binding instead of concatenation. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: Ia655ccf79800c132b3ac466016b8fdfd9f9c27bd
2019-06-25Fix sql injection vulnerabilityDominik Orliński1-2/+6
Use a variable binding instead of concatenation. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: I9dcec677ee9edd0d274a486af37eb950d8e828cf
2019-06-25Fix sql injection vulnerabilityDominik Orliński1-1/+4
Use a variable binding instead of concatenation. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: I8d72c819004f05fbbf464cde73b405f2028c7bb6
2019-06-21PeerBroadcastSocket sonar issues fix and code refactorDominik Mizyn1-39/+16
Sonar issues fix and code refactor. Session data save moved to another method. Rest of code don't really do anything. Issue-ID: PORTAL-624 Change-Id: I53b36377f2d2645d8c24ad2384959f0599e07303 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-21ONAPWelcomeController sonar issue fixDominik Mizyn1-11/+4
String viewName and getter/setter can be romoved from his class. ONAPWelcomeController Overrides this field 1 to 1. Issue-ID: PORTAL-652 Change-Id: Idbb41f52a63c6ea681f6ba7753991d766849e3a2 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-21ONAPLoginController sonar issues fix.Dominik Mizyn1-16/+21
Sonar issues fix plus @Autowired in constructor not in fields. Issue-ID: PORTAL-651 Change-Id: I99329b986877d040c6fdda9daf42a5c501a39605 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-21SimpleLoginStrategy sonar issues fixDominik Mizyn1-16/+18
"Either remove or fill this block of code." "Move the "" string literal on the left side of this string comparison." "Define and throw a dedicated exception instead of using a generic one." Issue-ID: PORTAL-650 Change-Id: I92018287a6f585020f0ae6f042b1bb1de84a5e14 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-21OpenIdConnectLoginStrategy sonar issues fixDominik Mizyn1-7/+4
Redundant suppression("rawtypes") removed. Sonar issue: Move the "" string literal on the left side of this string comparison. Define and throw a dedicated exception instead of using a generic one. Issue-ID: PORTAL-649 Change-Id: Ia2c80ad4848c22c94a2db731425250784d382841 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-19Fix sql injection vulnerabilityDominik Orliński1-6/+5
Use a variable binding instead of concatenation. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: I0574e882e4d500408b6a6bab8986822669cba5d4
2019-06-19Fix sql injection vulnerabilityDominik Orliński2-3/+6
Use a variable binding instead of concatenation. Change test 'getAppRolesForNonCentralizedPartnerAppTest'. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: Ia75da49ed582836a47b5fdcddab62fbe02e36e72
2019-06-18Merge "Fix sql injection vulnerability"Sunder Tattavarada2-4/+12
2019-06-18Merge "Fix sql injection vulnerability"Sunder Tattavarada2-3/+8
2019-06-18Merge "Fix sql injection vulnerability"Sunder Tattavarada2-3/+12