summaryrefslogtreecommitdiffstats
path: root/ecomp-portal-BE-os/src/main/java
AgeCommit message (Collapse)AuthorFilesLines
2019-09-09Set secure flag & log exceptionParshad Patel3-179/+179
Make sure creating this cookie without the "secure" flag is safe here Either log or rethrow this exception Change this instance-reference to a static reference Issue-ID: PORTAL-562 Change-Id: I4b6e07ec54ec038c0d584816791ed5169e618676 Signed-off-by: Parshad Patel <pars.patel@samsung.com>
2019-08-27Portal Setup - App issuestatta2-0/+392
Issue-ID: PORTAL-723 Change-Id: Iff1523b2a474f56a74c9fcb9fd850e0e38f6fc68 Signed-off-by: statta <statta@research.att.com>
2019-08-13Merge "Fix sonar issues in portal"Manoop Talasila1-0/+2
2019-08-13Merge "EPUserUtils class fix"Manoop Talasila3-6/+4
2019-08-06Fix sonar issues in portalParshad Patel1-0/+2
Use a logger to log this exception Make sure creating this cookie without the "secure" flag is safe here Either re-interrupt this method or rethrow the "InterruptedException" Issue-ID: PORTAL-562 Change-Id: I91d6adce835d9adec4328642e8445f074f7d2d57 Signed-off-by: Parshad Patel <pars.patel@samsung.com>
2019-07-22Merge "XSS Vulnerability fix in AppsController"Manoop Talasila1-17/+11
2019-07-16EPUserUtils class fixDominik Mizyn3-6/+4
Sonar errors EPUserUtils class fix Issue-ID: PORTAL-667 Change-Id: I7a8a39ac52ee2da5d2c2ab0016a8bbea0acb4d21 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-07-12Unused classes delete from PortalDominik Mizyn2-392/+0
These classes are unused anywhere in the Portal project. Issue-ID: PORTAL-655 Change-Id: If92d0df0efb0b5120190a44c46b2fed31ba32b89 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-07-12XSS Vulnerability fix in AppsControllerDominik Mizyn1-17/+11
Custom XSS filter used to fix thisa issue. DataValidator upgrade to single instance of ValidatorFactory; Issue-ID: OJSI-15 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: I7222cfb84e1e5bb240619aac9c7bca85d215229a
2019-07-01EPAppServiceImpl class fix.Dominik Mizyn1-35/+9
Sonar issues fix: Remove this unused "logger" private field. Remove this unused "syncRests" private field. unused imports delete and unneeded fields initialization fix. StringBuilder performance fix. Issue-ID: PORTAL-620 Change-Id: Ibd1cf732b216594b47801767d0a98e59b0aba200 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-21PeerBroadcastSocket sonar issues fix and code refactorDominik Mizyn1-39/+16
Sonar issues fix and code refactor. Session data save moved to another method. Rest of code don't really do anything. Issue-ID: PORTAL-624 Change-Id: I53b36377f2d2645d8c24ad2384959f0599e07303 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-21ONAPWelcomeController sonar issue fixDominik Mizyn1-11/+4
String viewName and getter/setter can be romoved from his class. ONAPWelcomeController Overrides this field 1 to 1. Issue-ID: PORTAL-652 Change-Id: Idbb41f52a63c6ea681f6ba7753991d766849e3a2 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-21ONAPLoginController sonar issues fix.Dominik Mizyn1-16/+21
Sonar issues fix plus @Autowired in constructor not in fields. Issue-ID: PORTAL-651 Change-Id: I99329b986877d040c6fdda9daf42a5c501a39605 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-21SimpleLoginStrategy sonar issues fixDominik Mizyn1-16/+18
"Either remove or fill this block of code." "Move the "" string literal on the left side of this string comparison." "Define and throw a dedicated exception instead of using a generic one." Issue-ID: PORTAL-650 Change-Id: I92018287a6f585020f0ae6f042b1bb1de84a5e14 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-21OpenIdConnectLoginStrategy sonar issues fixDominik Mizyn1-7/+4
Redundant suppression("rawtypes") removed. Sonar issue: Move the "" string literal on the left side of this string comparison. Define and throw a dedicated exception instead of using a generic one. Issue-ID: PORTAL-649 Change-Id: Ia2c80ad4848c22c94a2db731425250784d382841 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Merge "XSS Vulnerability fix in DashboardSearchResultController"Sunder Tattavarada1-11/+39
2019-06-14Merge "XSS Vulnerability fix in AppsOSController"Sunder Tattavarada1-3/+21
2019-06-05XSS Vulnerability fix in DashboardSearchResultControllerDominik Mizyn1-11/+39
Custom Validator is used to secure this endpoints. Issue-ID: OJSI-15 Change-Id: Idf523a53bc5fe9e1df8110526d56336953759c86 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-31XSS Vulnerability fix in AppsOSControllerDominik Mizyn1-3/+21
SecureString class used to secure PathVariable. Issue-ID: OJSI-207 Change-Id: I6275c5db4d8d97dc60ef1676b651e3d8802ad9f7 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-05-30Merge "Don't give the user the exact stack trace of the exception"Manoop Talasila1-20/+26
2019-05-29Don't give the user the exact stack trace of the exceptionPiotr Borelowski1-20/+26
Catching the exception in the SecurityXssFilter class. Issue-ID: OJSI-192 Change-Id: I8d9d7a3032f98afcb58285b13b13d5ce35fddadd Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com>
2019-05-28Don't give user the exact exception descriptionPiotr Borelowski1-0/+8
The exact description of the exception especially if related to cryptography cannot be given to the user as it may be abused by the attacker. To fix that, we started to use @ExceptionHandler for all exceptions in the LoginController as well. CVE: CVE-2019-12121 Issue-ID: OJSI-92 Change-Id: I100b37ff33d28ebccc2411c3acc62bdb7ce11ca8 Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com> Reviewed-by: Krzysztof Opasiak <k.opasiak@samsung.com> Acked-by: Manoop Talasila <talasila@research.att.com>
2019-03-20CADI AAF Integration and merging the codehb123f2-19/+44
Issue-ID: PORTAL-319 CADI AAF Integration and code merge Change-Id: I6e44f3b2741858d8d403b77a49ec9a0153084801 Signed-off-by: hb123f <hbindu@research.att.com>
2019-02-07Merge "PeerBroadcastSocket(Make "channelMap" field final)"Manoop Talasila1-1/+3
2019-02-07Merge "Sonar issue-fix -- (ExternalAppConfig.java)"Manoop Talasila1-4/+2
2019-01-03PeerBroadcastSocket(Make "channelMap" field final)Driptaroop Das1-1/+3
PeerBroadcastSocket.java - Make this "public static channelMap" field final(line:58) Issue-ID: PORTAL-500 Change-Id: Id1227b06e64d37b29c66083da0ef8f37b2c032df Signed-off-by: Driptaroop Das <driptaroop.das@in.ibm.com>
2018-12-05Sonar Issue Fix - PORTAL-486Driptaroop Das1-9/+3
Remove this method to simply inherit it.(ExternalAppInitializer.java) Issue-ID: PORTAL-486 Change-Id: Ifce3ea6ab7dc58e199f4a93dd75c427eebae9f6c Signed-off-by: Driptaroop Das <driptaroop.das@in.ibm.com>
2018-12-04Sonar issue-fix -- (ExternalAppConfig.java)Driptaroop Das1-4/+2
Fixed sonar issue - Remove this method to simply inherit it. (ExternalAppConfig.java) Issue-ID: PORTAL-483 Change-Id: Id624b5a9b2bb70f1ab08dbbe0b5669fa63aed1ec Signed-off-by: Driptaroop Das <driptaroop.das@in.ibm.com>
2018-10-09Add roles to userKotta, Shireesha (sk434m)1-14/+6
Issue-ID: PORTAL-432 add roles to user when the app is centralized Change-Id: I46a782be24ea1804597dc7205bf98170731ffe4d Signed-off-by: Kotta, Shireesha (sk434m) <shireesha.kotta@att.com>
2018-10-03search user changesKishore Reddy, Gujja (kg811t)1-6/+4
Issue-ID: PORTAL-386 failed to create user with special char in login_id Change-Id: I613daa21efed9f6f137bd817a1a8aa2f9669cee8 Signed-off-by: Kishore Reddy, Gujja (kg811t) <kishore.reddy.gujja@att.com>
2018-09-26login and Certman AAF Integration changesKishore Reddy, Gujja (kg811t)5-197/+17
Issue-ID: PORTAL-386, PORTAL-389 failed to create user with special char in login_id Change-Id: I415adf615a7af97319d8d11a740e75d3dfa11583 Signed-off-by: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>
2018-09-12Merge "OpenCollaborationController.Java:fixed sonar issue"Manoop Talasila1-3/+2
2018-09-12Merge "TicketEventServiceImpl : Fixed sonar issue"Manoop Talasila1-3/+3
2018-09-12Merge "LoginStrategy.java : Fixed sonar issue"Manoop Talasila1-0/+3
2018-08-24LoginStrategy.java : Fixed sonar issueArundathi Patil1-0/+3
Fixed sonar issue, annotate interface with @FunctionalInterface annotation Issue-ID: PORTAL-374 Change-Id: I30472b6c18ef350b687d74acce4545c250462f6d Signed-off-by: Arundathi Patil <arundpil@in.ibm.com>
2018-08-24TicketEventServiceImpl : Fixed sonar issueArundathi Patil1-3/+3
Fixed below sonar issue at line 52, Immediately return this expression instead of assigning it to the temporary variable 'hyperlink' Issue-ID: PORTAL-364 Change-Id: I33b854b15e163146415040bf98dbd7e992d04b61 Signed-off-by: Arundathi Patil <arundpil@in.ibm.com>
2018-08-24OpenCollaborationController.Java:fixed sonar issueArundathi Patil1-3/+2
Fixed the below sonar issue at line number 40 and 41, 'Remove unused imports'. Issue-ID: PORTAL-370 Change-Id: Id009380e96bb38391ae90e599e0f90c6344642ca Signed-off-by: Arundathi Patil <arundpil@in.ibm.com>
2018-08-17Sonar CriticalShubhada Ramkrishna Vaze1-0/+2
Either log or rethrow this exception. Change-Id: Icad977130e20d5a4d1fe972be73277b5d45d41b7 Issue-ID: PORTAL-363 Signed-off-by: Shubhada Ramkrishna Vaze <SV00449682@TechMahindra.com>
2018-07-30JUnits for coveragesa282w1-2/+7
Issue-ID: PORTAL-273 JUnits for sonar coverage Change-Id: Icb88d8563164281d29877bbc2de9c8f1f780aa0c Signed-off-by: sa282w <sa282w@att.com>
2018-05-31Merge "Changed app to redirect when the session expires."Manoop Talasila1-2/+9
2018-05-30Changed app to redirect when the session expires.William Kurkian1-2/+9
Reverted previous change to redirect from incorrect login screens. Instead, navigating to the main application page without a valid session results in being sent to the login page Removed some mistaken changes These didn't relate to the fix Issue-ID: PORTAL-278 Change-Id: I82c4a1ed26ede0119cdc4d1f9b818780ca876801 Signed-off-by: William Kurkian <wkurkian@cisco.com>
2018-05-25Bulk upload changes and music health check apisKishore Reddy, Gujja (kg811t)11-758/+37
Issue-ID: PORTAL-290, PORTAL-291 Bulk upload changes and music health check apis Change-Id: I63d289d75420658ff4a14385a5106838fa8c32b2 Signed-off-by: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>
2018-04-24Fix to delete portal adminHima Elisetty1-156/+0
Issue-ID: PORTAL-220 Portal admin deletion Change-Id: Id7c0b94470e81772d25e3af1a077b327de3f79c4 Change-Id: I620b76c4f20227236655c6ff06bb455890494061 Signed-off-by: Hima Elisetty <hb123f@att.com>
2018-04-19Replace ecomp referencesHima Elisetty45-51/+51
Issue-ID: PORTAL-19 Remove ecomp trademark Change-Id: I76311f2ab10b2c0d406415ea2f922d1aad993e21 Signed-off-by: Hima Elisetty <hbindu@research.att.com>
2018-04-11Change decryption algorithmst782s1-2/+2
Issue-ID: PORTAL-252 Change-Id: I93d7f6bc54ab626e1830d67ac73ff9ec612de82f Signed-off-by: st782s <statta@research.att.com>
2018-03-27Merge "Sonar Issues for ExternalAppInitializer.java"Sunder Tattavarada1-5/+1
2018-03-27Merge "Sonar Issues for ExternalAppConfig.java"Sunder Tattavarada1-26/+15
2018-03-27Sonar Issues for ExternalAppInitializer.javaHari Om Verma1-5/+1
Minor and Major Sonar issues for ExternalAppInitializer.java Change-Id: I2673a13f73e88acc970c6aa64431f8124cf068cf Issue-ID: PORTAL-227 Signed-off-by: Hari Om Verma <hv00482922@techmahindra.com>
2018-03-27Sonar Issues for ExternalAppConfig.javaHari Om Verma1-26/+15
Minor and Major Sonar issues for ExternalAppConfig.java Change-Id: Ib62f9436a63639fa6481bd9823712e252a6dd83b Issue-ID: PORTAL-226 Signed-off-by: Hari Om Verma <hv00482922@techmahindra.com>
2018-03-23Docker changes and Music IntegrationKishore Reddy, Gujja (kg811t)1-1/+3
Issue-ID: PORTAL-136, PORTAL-155, PORTAL-210,PORTAL-217 Includes JUNITS and docker changes, music integration and security fixes Change-Id: Ib974401b48efc1f0d4f98036b0028043c3283691 Signed-off-by: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>