summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorst782s <statta@research.att.com>2017-11-06 16:05:26 -0500
committerst782s <statta@research.att.com>2017-11-07 14:03:14 -0500
commit418d7273d6d8f6fed2698df89c9910be8498a677 (patch)
treea022deb5da7a12c7f2c5e9c49b042bf76eca1b0a
parentf11362ef34d550f8adff2067a136f660c1959e5e (diff)
Release new SDK Version
Issue: PORTAL-19, PORTAL-135 Includes SDK 2.1 release updates deprecating certain methods to address vulnerabilities Change-Id: Ibf105a0cf3c7d7e89eb05862c54aadfacf575d97 Signed-off-by: st782s <statta@research.att.com>
-rw-r--r--ecomp-sdk/epsdk-analytics/pom.xml2
-rw-r--r--ecomp-sdk/epsdk-app-common/pom.xml2
-rw-r--r--ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/LogoutController.java2
-rw-r--r--ecomp-sdk/epsdk-app-os/pom.xml2
-rw-r--r--ecomp-sdk/epsdk-app-os/src/main/webapp/app/fusion/scripts/DS2-view-models/ds2-profile/self_profile.html2
-rw-r--r--ecomp-sdk/epsdk-app-overlay/pom.xml2
-rw-r--r--ecomp-sdk/epsdk-core/README.md3
-rw-r--r--ecomp-sdk/epsdk-core/pom.xml2
-rw-r--r--ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/logging/aspect/EELFLoggerAspect.java15
-rw-r--r--ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/AuditServiceImpl.java2
-rw-r--r--ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessService.java21
-rw-r--r--ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessServiceImpl.java35
-rw-r--r--ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LdapServiceImpl.java3
-rw-r--r--ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginServiceImpl.java2
-rw-r--r--ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/ProfileServiceImpl.java2
-rw-r--r--ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/RoleServiceImpl.java2
-rw-r--r--ecomp-sdk/epsdk-fw/pom.xml2
-rw-r--r--ecomp-sdk/epsdk-workflow/pom.xml2
-rw-r--r--ecomp-sdk/pom.xml2
19 files changed, 93 insertions, 12 deletions
diff --git a/ecomp-sdk/epsdk-analytics/pom.xml b/ecomp-sdk/epsdk-analytics/pom.xml
index 3ef1ddb9..9d433363 100644
--- a/ecomp-sdk/epsdk-analytics/pom.xml
+++ b/ecomp-sdk/epsdk-analytics/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>1.4.0-SNAPSHOT</version>
+ <version>2.1.0-SNAPSHOT</version>
</parent>
<!-- GroupId is inherited from parent -->
diff --git a/ecomp-sdk/epsdk-app-common/pom.xml b/ecomp-sdk/epsdk-app-common/pom.xml
index ebb7c26a..cb14aec0 100644
--- a/ecomp-sdk/epsdk-app-common/pom.xml
+++ b/ecomp-sdk/epsdk-app-common/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>1.4.0-SNAPSHOT</version>
+ <version>2.1.0-SNAPSHOT</version>
</parent>
<!-- GroupId is inherited from parent -->
diff --git a/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/LogoutController.java b/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/LogoutController.java
index 548ad986..ba490d53 100644
--- a/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/LogoutController.java
+++ b/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/LogoutController.java
@@ -51,6 +51,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.servlet.ModelAndView;
+import org.onap.portalsdk.core.logging.aspect.MetricsLog;
@Controller
@RequestMapping("/")
@@ -106,6 +107,7 @@ public class LogoutController extends UnRestrictedBaseController {
return modelView;
}
+ @MetricsLog
public void chatRoomLogout(HttpServletRequest request) {
request = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
setUser(UserUtils.getUserSession(request));
diff --git a/ecomp-sdk/epsdk-app-os/pom.xml b/ecomp-sdk/epsdk-app-os/pom.xml
index 469cf37a..dc8e9d94 100644
--- a/ecomp-sdk/epsdk-app-os/pom.xml
+++ b/ecomp-sdk/epsdk-app-os/pom.xml
@@ -8,7 +8,7 @@
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>1.4.0-SNAPSHOT</version>
+ <version>2.1.0-SNAPSHOT</version>
</parent>
<!-- GroupId is inherited from parent -->
diff --git a/ecomp-sdk/epsdk-app-os/src/main/webapp/app/fusion/scripts/DS2-view-models/ds2-profile/self_profile.html b/ecomp-sdk/epsdk-app-os/src/main/webapp/app/fusion/scripts/DS2-view-models/ds2-profile/self_profile.html
index 845681e3..ca317616 100644
--- a/ecomp-sdk/epsdk-app-os/src/main/webapp/app/fusion/scripts/DS2-view-models/ds2-profile/self_profile.html
+++ b/ecomp-sdk/epsdk-app-os/src/main/webapp/app/fusion/scripts/DS2-view-models/ds2-profile/self_profile.html
@@ -155,7 +155,7 @@
</div>
</div>
- <div>
+ <div class="form-row">
<button class="btn btn-alt btn-small" type="button" ng-click="saveProfile()" ng-show="(isAppCentralized=='false')">Save</button>
</div>
<br>
diff --git a/ecomp-sdk/epsdk-app-overlay/pom.xml b/ecomp-sdk/epsdk-app-overlay/pom.xml
index 6d4f95de..ebc9ccb9 100644
--- a/ecomp-sdk/epsdk-app-overlay/pom.xml
+++ b/ecomp-sdk/epsdk-app-overlay/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>1.4.0-SNAPSHOT</version>
+ <version>2.1.0-SNAPSHOT</version>
</parent>
<!-- GroupId is inherited from parent -->
diff --git a/ecomp-sdk/epsdk-core/README.md b/ecomp-sdk/epsdk-core/README.md
index 2d65f17b..fbc2bf24 100644
--- a/ecomp-sdk/epsdk-core/README.md
+++ b/ecomp-sdk/epsdk-core/README.md
@@ -13,6 +13,9 @@ ECOMP SDK web application.
### ONAP Distributions
+Version 2.1.0
+- PORTAL-19 Rename Java package base to org.onap
+
Version 1.4.0
- PORTAL-19 Rename Java package base to org.onap
- PORTAL-42 Use OParent as parent POM
diff --git a/ecomp-sdk/epsdk-core/pom.xml b/ecomp-sdk/epsdk-core/pom.xml
index d9993110..49b8f901 100644
--- a/ecomp-sdk/epsdk-core/pom.xml
+++ b/ecomp-sdk/epsdk-core/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>1.4.0-SNAPSHOT</version>
+ <version>2.1.0-SNAPSHOT</version>
</parent>
<!-- GroupId is inherited from parent -->
diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/logging/aspect/EELFLoggerAspect.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/logging/aspect/EELFLoggerAspect.java
index 3ffd0894..0e23a36f 100644
--- a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/logging/aspect/EELFLoggerAspect.java
+++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/logging/aspect/EELFLoggerAspect.java
@@ -43,6 +43,7 @@ import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.onap.portalsdk.core.util.SystemProperties.SecurityEventTypeEnum;
import org.springframework.beans.factory.annotation.Autowired;
+import org.onap.portalsdk.core.logging.aspect.MetricsLog;
@Aspect
@org.springframework.context.annotation.Configuration
@@ -108,4 +109,18 @@ public class EELFLoggerAspect {
return result;
}
+
+ //Metrics Logging
+ @Pointcut("execution(* *(..))")
+ public void performMetricsLogging() {}
+
+ @Around("performMetricsLogging() && @within(MetricsLog)")
+ public Object metricsLoggingAroundClass(ProceedingJoinPoint joinPoint, MetricsLog MetricsLog) throws Throwable {
+ return this.logAroundMethod(joinPoint, null);
+ }
+
+ @Around("performMetricsLogging() && @annotation(MetricsLog)")
+ public Object metricsLoggingAroundMethod(ProceedingJoinPoint joinPoint, MetricsLog MetricsLog) throws Throwable {
+ return this.logAroundMethod(joinPoint, null);
+ }
}
diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/AuditServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/AuditServiceImpl.java
index 1bc81d9a..68cbe11c 100644
--- a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/AuditServiceImpl.java
+++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/AuditServiceImpl.java
@@ -43,9 +43,11 @@ import org.onap.portalsdk.core.domain.AuditLog;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
+import org.onap.portalsdk.core.logging.aspect.MetricsLog;
@Service("auditService")
@Transactional
+@MetricsLog
public class AuditServiceImpl implements AuditService {
@Autowired
diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessService.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessService.java
index 8eacefa9..f2863e06 100644
--- a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessService.java
+++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessService.java
@@ -60,10 +60,31 @@ public interface DataAccessService {
void saveDomainObject(DomainVo domainObject, Map additionalParams);
// generic get list method(s)
+ /**
+ * @deprecated
+ * This method may be vulnerable to SQL Injection attacks depending on the usage and is being deprecated. Please use
+ * getList(Class<?> domainClass, ProjectionList projectionsList, List<Criterion> restrictionsList,
+ List<Order> orderByList) method instead
+ */
+ @Deprecated
List getList(Class domainClass, Map additionalParams);
+ /**
+ * @deprecated
+ * This method may be vulnerable to SQL Injection attacks depending on the usage and is being deprecated. Please use
+ * getList(Class<?> domainClass, ProjectionList projectionsList, List<Criterion> restrictionsList,
+ List<Order> orderByList) method instead
+ */
+ @Deprecated
List getList(Class domainClass, String filter, String orderBy, Map additionalParams);
+ /**
+ * @deprecated
+ * This method may be vulnerable to SQL Injection attacks depending on the usage and is being deprecated. Please use
+ * getList(Class<?> domainClass, ProjectionList projectionsList, List<Criterion> restrictionsList,
+ List<Order> orderByList) method instead
+ */
+ @Deprecated
List getList(Class domainClass, String filter, int fromIndex, int toIndex, String orderBy,
Map additionalParams);
diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessServiceImpl.java
index f34610cb..8fce7e89 100644
--- a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessServiceImpl.java
+++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/DataAccessServiceImpl.java
@@ -157,6 +157,11 @@ public class DataAccessServiceImpl extends FusionService implements DataAccessSe
/**
* generic get list method
*
+ * @deprecated
+ * This method may be vulnerable to SQL Injection attacks depending on the usage and is being deprecated. Please use
+ * getList(Class<?> domainClass, ProjectionList projectionsList, List<Criterion> restrictionsList,
+ List<Order> orderByList) method instead
+ *
* @param domainClass
* @param filterClause
* @param fromIndex
@@ -164,6 +169,7 @@ public class DataAccessServiceImpl extends FusionService implements DataAccessSe
* @param orderBy
* @return
*/
+ @Deprecated
private List getListCommon(Class domainClass, String filterClause, Integer fromIndex, Integer toIndex,
String orderBy) {
String className = domainClass.getName();
@@ -186,17 +192,38 @@ public class DataAccessServiceImpl extends FusionService implements DataAccessSe
return list;
}
+ /**
+ * @deprecated
+ * This method may be vulnerable to SQL Injection attacks depending on the usage and is being deprecated. Please use
+ * getList(Class<?> domainClass, ProjectionList projectionsList, List<Criterion> restrictionsList,
+ List<Order> orderByList) method instead
+ */
@Override
+ @Deprecated
public List getList(Class domainClass, Map additionalParams) {
return getListCommon(domainClass, null, null, null, null);
}
+ /**
+ * @deprecated
+ * This method may be vulnerable to SQL Injection attacks depending on the usage and is being deprecated. Please use
+ * getList(Class<?> domainClass, ProjectionList projectionsList, List<Criterion> restrictionsList,
+ List<Order> orderByList) method instead
+ */
@Override
+ @Deprecated
public List getList(Class domainClass, String filter, String orderBy, Map additionalParams) {
return getListCommon(domainClass, filter, null, null, orderBy);
}
-
+
+ /**
+ * @deprecated
+ * This method may be vulnerable to SQL Injection attacks depending on the usage and is being deprecated. Please use
+ * getList(Class<?> domainClass, ProjectionList projectionsList, List<Criterion> restrictionsList,
+ List<Order> orderByList) method instead
+ */
@Override
+ @Deprecated
public List getList(Class domainClass, String filter, int fromIndex, int toIndex, String orderBy,
Map additionalParams) {
return getListCommon(domainClass, filter, new Integer(fromIndex), new Integer(toIndex), orderBy);
@@ -401,8 +428,10 @@ public class DataAccessServiceImpl extends FusionService implements DataAccessSe
@Override
public int executeNamedUpdateQuery(String queryName, Map params, Map additionalParams) {
- logger.error(EELFLoggerDelegate.errorLogger, "Not implemented");
- throw new UnsupportedOperationException();
+ Session session = sessionFactory.getCurrentSession();
+ Query query = session.getNamedQuery(queryName);
+ bindQueryParameters(query,params);
+ return query.executeUpdate();
}
@Override
diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LdapServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LdapServiceImpl.java
index 6470ca63..9f078403 100644
--- a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LdapServiceImpl.java
+++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LdapServiceImpl.java
@@ -58,6 +58,7 @@ import org.onap.portalsdk.core.util.SystemProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
+import org.onap.portalsdk.core.logging.aspect.MetricsLog;
@Service("ldapService")
@Transactional
@@ -144,6 +145,7 @@ public class LdapServiceImpl extends FusionService implements LdapService {
}
@SuppressWarnings({ "rawtypes", "unchecked" })
+ @MetricsLog
private ArrayList processResults(NamingEnumeration e) throws NamingException {
ArrayList results = new ArrayList();
int count = 0;
@@ -163,6 +165,7 @@ public class LdapServiceImpl extends FusionService implements LdapService {
}
@SuppressWarnings("rawtypes")
+ @MetricsLog
private DomainVo processAttributes(Attributes resultAttributes) {
User user = new User();
try {
diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginServiceImpl.java
index d16a86d8..840c6063 100644
--- a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginServiceImpl.java
+++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginServiceImpl.java
@@ -56,8 +56,10 @@ import org.onap.portalsdk.core.web.support.AppUtils;
import org.onap.portalsdk.core.web.support.UserUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
+import org.onap.portalsdk.core.logging.aspect.MetricsLog;
@Transactional
+@MetricsLog
public class LoginServiceImpl extends FusionService implements LoginService {
private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginServiceImpl.class);
diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/ProfileServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/ProfileServiceImpl.java
index 20b14eb6..f91cf2eb 100644
--- a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/ProfileServiceImpl.java
+++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/ProfileServiceImpl.java
@@ -44,8 +44,10 @@ import org.onap.portalsdk.core.domain.Profile;
import org.onap.portalsdk.core.domain.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
+import org.onap.portalsdk.core.logging.aspect.MetricsLog;
@Transactional
+@MetricsLog
public class ProfileServiceImpl implements ProfileService {
@Autowired
diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/RoleServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/RoleServiceImpl.java
index e0e2d2e3..cfb1c34a 100644
--- a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/RoleServiceImpl.java
+++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/RoleServiceImpl.java
@@ -52,8 +52,10 @@ import org.onap.portalsdk.core.domain.RoleFunction;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
+import org.onap.portalsdk.core.logging.aspect.MetricsLog;
@Transactional
+@MetricsLog
public class RoleServiceImpl implements RoleService {
private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(RoleServiceImpl.class);
diff --git a/ecomp-sdk/epsdk-fw/pom.xml b/ecomp-sdk/epsdk-fw/pom.xml
index cb431a1a..de185f48 100644
--- a/ecomp-sdk/epsdk-fw/pom.xml
+++ b/ecomp-sdk/epsdk-fw/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>1.4.0-SNAPSHOT</version>
+ <version>2.1.0-SNAPSHOT</version>
</parent>
<!-- GroupId is inherited from parent -->
diff --git a/ecomp-sdk/epsdk-workflow/pom.xml b/ecomp-sdk/epsdk-workflow/pom.xml
index 09b1eb36..077aa328 100644
--- a/ecomp-sdk/epsdk-workflow/pom.xml
+++ b/ecomp-sdk/epsdk-workflow/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>1.4.0-SNAPSHOT</version>
+ <version>2.1.0-SNAPSHOT</version>
</parent>
<!-- GroupId is inherited from parent -->
diff --git a/ecomp-sdk/pom.xml b/ecomp-sdk/pom.xml
index 8cae0a58..788f63e0 100644
--- a/ecomp-sdk/pom.xml
+++ b/ecomp-sdk/pom.xml
@@ -14,7 +14,7 @@
<!-- Portal SDK Maven parent project -->
<groupId>org.onap.portal.sdk</groupId>
<artifactId>epsdk-project</artifactId>
- <version>1.4.0-SNAPSHOT</version>
+ <version>2.1.0-SNAPSHOT</version>
<packaging>pom</packaging>
<name>portal-sdk</name>
<url>https://wiki.onap.org/display/DW/Portal</url>