summaryrefslogtreecommitdiffstats
path: root/ecomp-portal-BE-common/src/main
AgeCommit message (Collapse)AuthorFilesLines
2019-07-01LanguageServiceImpl logging vulnerability fixDominik Mizyn1-14/+20
Sonar issue: "Use a logger to log this exception" fix This patch also minor code issues Issue-ID: PORTAL-622 Change-Id: I304285ca7837bcf929249f7c6b93b6de9cf8fae5 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-18Merge "Fix sql injection vulnerability"Sunder Tattavarada1-2/+6
2019-06-18Merge "Fix sql injection vulnerability"Sunder Tattavarada1-1/+4
2019-06-18Merge "Fix sql injection vulnerability"Sunder Tattavarada1-2/+6
2019-06-18WebAnalyticsExtAppController sonar issuesDominik Mizyn1-60/+30
- Rename this local variable to match the regular expression - Make this anonymous inner class a lambda. - Immediately return this expression instead of assigning it to the temporary variable "response". - Move the "" string literal on the left side of this string comparison. - Replace the type specification in this constructor call with the diamond operator ("<>"). Issue-ID: PORTAL-648 Change-Id: I1666d94dccbbe8aa835ea9a443a9973a245353f4 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-18HealthMonitor sonar issuesDominik Mizyn2-124/+85
Remove this unused "numIntervalsClusterNotHealthy" local variable. Use "Long.parseLong" for this string-to-long conversion. Make the enclosing method "static" or remove this set. Change this instance-reference to a static reference. Remove the literal "false" boolean value. This block of commented-out lines of code should be removed. Add the "@Override" annotation above this method signature Issue-ID: PORTAL-647 Change-Id: I1880177f0906e6267807bbb9c0b7a81651e3c020 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-18EPLdapService sonar issue fixDominik Mizyn1-1/+1
Annotate the interface with the @FunctionalInterface annotation. Issue-ID: PORTAL-646 Change-Id: Idc6c70b9edaed73024721a3bc8c91796a0df9183 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-18AppWithRolesForUser sonar security issueDominik Mizyn3-82/+42
I used Lombok annotation to provide accessors. Issue-ID: PORTAL-645 Change-Id: Iad852434f30b81535398913df162fa8f4bd1ecff Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-17Merge "PortalAdminUserRole class DB constraints"Sunder Tattavarada1-0/+4
2019-06-17Merge "Application Onboarding page changes "Lorraine Welch20-4185/+4629
2019-06-17Application Onboarding page changes Kotta, Shireesha (sk434m)20-4185/+4629
Issue-ID: PORTAL-644 Application Onboarding page changes , DB scripts Change-Id: Id689e15f5abd56192420e6761440659531108ab4 Signed-off-by: Kotta, Shireesha (sk434m) <sk434m@att.com>
2019-06-17Merge "Sonar: Reduce cyclomatic complexity"Sunder Tattavarada1-7/+22
2019-06-17Fix sql injection vulnerabilityDominik Orliński1-2/+6
Use a variable binding instead of concatenation. Change test 'getAppRolesForNonCentralizedPartnerAppTest'. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: I676ed349746cdabf320027dd27a0c16949fff6d8
2019-06-17Fix sql injection vulnerabilityDominik Orliński1-1/+4
Use a variable binding instead of concatenation. Change test 'getAppRolesForNonCentralizedPartnerAppTest'. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: I45895dc7665ff17394e602cbccf875e4e91b5ce1
2019-06-17Fix sql injection vulnerabilityDominik Orliński1-2/+6
Use a variable binding instead of concatenation. Change test 'getAppRolesForNonCentralizedPartnerAppTest'. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: I5cb7561e4b2b781834bd4f2ec36dee58b4738bf2
2019-06-14Merge "FavoritesFunctionalMenuItem class DB constraints"Sunder Tattavarada1-0/+3
2019-06-14Merge "Sonar critical fixes in MicroserviceServiceImpl"Sunder Tattavarada1-0/+2
2019-06-14Merge "Sonar fix: make "dateFormat" an instance variable"Sunder Tattavarada8-83/+126
2019-06-14Merge "Sonar critical fixes in EPAppCommonServiceImpl"Sunder Tattavarada1-6/+7
2019-06-14Merge "RoleApp class DB constraints"Sunder Tattavarada1-76/+7
2019-06-14Merge "FunctionalMenuItem DB constraints fix"Sunder Tattavarada2-8/+15
2019-06-14Merge "FunctionalMenuItem DB constraints add"Sunder Tattavarada2-13/+47
2019-06-14Merge "Custom data validator"Sunder Tattavarada2-3/+66
2019-06-14Merge "XSS Vulnerability fix in TicketEventController"Sunder Tattavarada1-1/+19
2019-06-14Merge "XSS Vulnerability fix in RoleManageController"Sunder Tattavarada2-1/+48
2019-06-14Merge "Fix sql injection vulnerability"Sunder Tattavarada1-3/+8
2019-06-14PortalAdminUserRole class DB constraintsDominik Mizyn1-0/+4
Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-636 Change-Id: I8fb4f50e672e17b9e169303eb09255fe57288b45 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14FavoritesFunctionalMenuItem class DB constraintsDominik Mizyn1-0/+3
Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-632 Change-Id: Ia7c2f4ad0aa5cc85db73142d0fecd46da535c3d9 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-13RoleApp class DB constraintsDominik Mizyn1-76/+7
Java Bean Validation SR 380 annotations added to classes Lombod added to widget-ms Plains getter/setter converted to lombok annotation Issue-ID: PORTAL-629 Change-Id: I31639672510994412149ed8be92cb8e1b022f646 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-13FunctionalMenuItem DB constraints fixDominik Mizyn2-8/+15
Add @Digits to secure Long type fields Issue-ID: PORTAL-626 Change-Id: I59080c9103369d96a42c574356f0635265335d0a Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-13FunctionalMenuItem DB constraints addDominik Mizyn2-13/+47
Java Bean Validation SR 380 annotations added to classes Unnecessary boxing removed. Issue-ID: PORTAL-626 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: Ic1c20870fd781d46061077fd14b81a65dea93e6e
2019-06-10Sonar critical fixes in MicroserviceServiceImplr.bogacki1-4/+4
Fixed critical issues according to the Sonar analysis: -Fixed imports. -Fixed logical comparisons. Issue-ID: PORTAL-591 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Icc2b6fb45777582486e1060245cdf94e4f6d685d
2019-06-10Sonar fix: make "dateFormat" an instance variabler.bogacki8-83/+126
Fixed critical Sonar issue. SimpleDateFormat was declared as a static but it is not tread-safe and it keeps an internal state. Compliant solution has been applied with additional DateUtil class. Issue-ID: PORTAL-590 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Ic6243052804a410cb750c6c219c702469c86ff78
2019-06-10Sonar critical fixes in EPAppCommonServiceImplr.bogacki1-6/+7
Fixed issues according to the Sonar analysis: -Fixed imports. -Fixed logical comparisons. -Fixed comparisons between unrelated types. Issue-ID: PORTAL-588 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Ibc204e0218788bb82f947c668d68fb6e88db7043
2019-06-05Custom data validatorDominik Mizyn2-3/+66
By creating custom data validator we can reduce code duplications. Issue-ID: OJSI-15 Change-Id: I39decf1d6ded559322c4445f0956fad2a159878d Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-31XSS Vulnerability fix in TicketEventControllerDominik Mizyn1-1/+19
@SafeHtml and SecureString used to fix this issue; Issue-ID: OJSI-209 Change-Id: I588872839696c824135bab88c100b31c23d960ba Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-31XSS Vulnerability fix in RoleManageControllerDominik Mizyn2-1/+48
@SafeHtml and SecureString used to secure this class Issue-ID: OJSI-208 Change-Id: Ie01799933add3419cacf0fc716ce2da6da0a2853 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-30XSS Vulnerability fix in AppsControllerExternalRequestDominik Mizyn7-30/+130
@SafeHtml annotation is used to fix this problem. This patch also fix some minor issues: * isAuxRESTfulCall() method delete. Method was nowhere used. * '.length() == 0' changed to '.isEmpty()' Issue-ID: PORTAL-604 Change-Id: Ib7091622081f507812654b50275ad7ac4c97bfc3 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-30Sonar issue: Correct this "&" to "&&" in MicroserviceServiceImplDominik Mizyn1-25/+22
This patch also fix some minor issues: * 'fori' loop replaced with 'foreach' * Sonar issue: Replace the type specification in this constructor call with the diamond operator ("<>"). * redundant 'throws'. Exception will never throw * unnecessary temporary local variable Issue-ID: PORTAL-603 Change-Id: If23afb9f4a10f0ad06c712cb95a38b54dc5cd089 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-30XSS Vulnerability fix in MicroserviceControllerDominik Mizyn3-28/+54
@SafeHtml annotation is used to fix this problem. This commit also fix: * redundant local variable issue * sonar issue: Replace the type specification in this constructor call with the diamond operator ("<>"). * performance issue - String concatenation argument as argument to 'StringBuilder.append()' call * redundant cast * redundant 'throws Exception'. 'Exception' is never thrown * access static member via instance reference * unused declarations Issue-ID: PORTAL-602 Change-Id: Id92fe2d9cfe239474403f611f3d5d0170acf63cc Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-30XSS Vulnerability fix in DashboardSearchResultControllerDominik Mizyn4-30/+138
@SafeHtml annotation is used to fix this problem. New class 'SecureString' must be added to project to valid incoming Strings from '@RequestParam String incoming String' pom.xml file update. This patch also fix: * remove unnecessary semicolon * Sonar issue: Replace the type specification in this constructor call with the diamond operator ("<>") Issue-ID: PORTAL-601 Change-Id: Id214b6e65f0c486141679fd23725a7fb66443acd Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-30Fix sonar issue: Override "equals(Object obj)"Dominik Mizyn1-1/+15
This commit provide equals method for CentralV2UserApp and test for this method. Issue-ID: PORTAL-599 Change-Id: Ied44c680032831ec6a02211f658ec16f0aad8f4a Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-30Fix sql injection vulnerabilityDominik Orliński1-3/+8
Use a variable binding instead of concatenation. Add new test for function 'createLocalUserIfNecessary'. Issue-ID: OJSI-174 Change-Id: Iddd65893bb2cb16c90d4f8db59816fdf261874bc Signed-off-by: Dominik Orliński <d.orlinski@samsung.com>
2019-05-29Sonar: Reduce cyclomatic complexityDominik Mizyn1-7/+22
Reduce the number of conditional operators for equals(). Improve testEquals() to better cover this method. This patch also: * immediately returns expression instead of assigning it to the temporary variable "str", * adds the "@Override" annotation above equals() method signature. Issue-ID: PORTAL-595 Change-Id: I15f600acce873eb3f22cc405d06a50890c7e87c3 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-28Removed user password from portal's profile APIr.bogacki1-2/+6
ONAP Portal allowed to retrieve password of currently active user via "/portalApi/loggedinUser" endpoint. Prefilled "Login Password" field has been changed to "*****" and password is not send anymore to the frontend. Only after change of this default value password will be updated. Confirm Password field has been removed from the UI. In the future password change could be additionally also checked on the backend side to verify current password before updating it. Issue-ID: OJSI-65 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Reviewed-by: Krzysztof Opasiak <k.opasiak@samsung.com> Acked-by: Manoop Talasila <talasila@research.att.com> Change-Id: I00b7713557247d211927c437f31f118095ad0726
2019-05-02Fix Sonar Bugs NullPointersk.kazak2-8/+14
Fix Sonar bugs - potential NullPointerException in portal-BE-common: ExternalAppsRestfulController and ApplicationRestClientServiceImpl Changed Tests for updated method in ExternalAppsRestfulController Added new test Formatted according to ONAP formatting guidelines Change-Id: I7c0587127e32ba3f06a138a0b4b2526fa10ea1f6 Issue-ID: PORTAL-556 Signed-off-by: k.kazak <k.kazak@samsung.com>
2019-05-02Merge "Fix no name language option bug"Manoop Talasila1-11/+27
2019-04-30Merge "Fix Sonar Bugs NullPointers"Manoop Talasila3-38/+33
2019-04-30Fix no name language option bugshentao9991-11/+27
Change-Id: I0bfc185ea41324d040ffa23c831bbbaa8f51ef3c Issue-ID: PORTAL-566 Signed-off-by: shentao999 <shentao@chinamobile.com>
2019-04-29Fix Sonar Bugs NullPointersk.kazak3-38/+33
Fix Sonar bugs - potential NullPointerException Remove unused code Add/Update Tests for updated methods Change-Id: Iaf28a0ee5f6507da1caf4b497e2d73bf35bc0b58 Issue-ID: PORTAL-556 Signed-off-by: k.kazak <k.kazak@samsung.com>