summaryrefslogtreecommitdiffstats
path: root/ecomp-sdk/epsdk-analytics/src
diff options
context:
space:
mode:
authorst398c <st398c@research.att.com>2019-03-28 16:30:03 -0400
committerst398c <st398c@research.att.com>2019-03-28 16:30:03 -0400
commitfa5f20d91c416a855f0d6afe157db8250574617c (patch)
tree3dd5dd3f8bccc8c0f30ca41cb2569aa4b0c5cefb /ecomp-sdk/epsdk-analytics/src
parent1ded3bb69c5e91cd879d83e13d2b3295710cdb4f (diff)
Fortify, version, Junit
Issue-ID: PORTAL-543, PORTAL-273, PORTAL-544 Change-Id: Ib864ef78bbd534170cab90d9314f2d8943f78872 Signed-off-by: Thota, Saisree <st398c@research.att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-analytics/src')
-rw-r--r--ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/SearchHandler.java34
-rw-r--r--ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/DbUtils.java31
-rw-r--r--ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/fusion/web/RaptorControllerAsync.java4
3 files changed, 57 insertions, 12 deletions
diff --git a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/SearchHandler.java b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/SearchHandler.java
index 5d3c94e9..8b4fc340 100644
--- a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/SearchHandler.java
+++ b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/SearchHandler.java
@@ -216,6 +216,7 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
String sql = Globals.getLoadReportSearchResult();
String rep_id = "";
+ String rep_id_sql_value = "";
String rep_id_options = "";
String rep_id_sql = Globals.getLoadReportSearchRepIdSql();
//rep_id_sql = " AND ROUND(cr.rep_id, 0) like coalesce('%%', ROUND(cr.rep_id, 0)) ";
@@ -237,20 +238,24 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
if(AppUtils.nvl(rep_id_options).length()>0 ) {
switch (rep_id_options) {
case "0":
- rep_id_sql = " AND cr.rep_id = "+ rep_id+" ";
+ rep_id_sql = " AND cr.rep_id = ? ";
+ rep_id_sql_value = rep_id;
break;
case "1":
- rep_id_sql = " AND cr.rep_id < "+ rep_id+" ";
+ rep_id_sql = " AND cr.rep_id < ? ";
+ rep_id_sql_value = rep_id;
break;
case "2":
- rep_id_sql = " AND cr.rep_id > "+ rep_id+" ";
+ rep_id_sql = " AND cr.rep_id > ? ";
+ rep_id_sql_value = rep_id;
break;
default:
rep_id_sql = Globals.getLoadReportSearchRepIdSql();
break;
}
} else {
- rep_id_sql = " AND cr.rep_id = "+ rep_id+" ";
+ rep_id_sql = " AND cr.rep_id = ? ";
+ rep_id_sql_value = rep_id;
}
} else {
rep_id_sql = Globals.getLoadReportSearchRepIdSql(); //equal is default
@@ -259,6 +264,7 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
sql = sql.replace("[fReportID]", rep_id_sql);
String rep_name = "";
+ String rep_name_sql_value = "";
String rep_name_options = "";
String rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%%') ";
if(request.getParameter("rep_name")!=null) {
@@ -277,23 +283,29 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
if(AppUtils.nvl(rep_name_options).length()>0 ) {
switch (rep_name_options) {
case "0":
- rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('"+rep_name+"%') ";
+ rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+ rep_name_sql_value = rep_name+"%";
break;
case "1":
- rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%"+rep_name+"') ";
+ rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+ rep_name_sql_value = "%"+rep_name;
break;
case "2":
- rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%"+rep_name+"%') ";
+ rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+ rep_name_sql_value = "%"+rep_name+"%";
break;
default:
- rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%%') ";
+ rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+ rep_name_sql_value = "%%";
break;
}
} else {
- rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%"+rep_name+"%') "; //contains is default
+ rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) "; //contains is default
+ rep_name_sql_value = "%"+rep_name+"%";
}
} else {
- rep_name_sql = " AND UPPER(cr.title) LIKE UPPER('%%') ";
+ rep_name_sql = " AND UPPER(cr.title) LIKE UPPER(?) ";
+ rep_name_sql_value = "%%";
}
sql = sql.replace("[fReportName]",rep_name_sql);
@@ -365,7 +377,7 @@ public class SearchHandler extends org.onap.portalsdk.analytics.RaptorObject {
sql = sql.replace("[roleList.toString()]", roleList.toString());
//System.out.println("query is for search list is : " + sql);
- DataSet ds = DbUtils.executeQuery(sql);
+ DataSet ds = DbUtils.executeQuery(sql, rep_name_sql_value, rep_id_sql_value);
ReportSearchResultJSON rsr = new ReportSearchResultJSON(0, 6, 7);
rsr.parseData(ds, request, 0, 20, 6, 7);
diff --git a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/DbUtils.java b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/DbUtils.java
index e179d388..37d3612c 100644
--- a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/DbUtils.java
+++ b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/DbUtils.java
@@ -39,6 +39,7 @@ package org.onap.portalsdk.analytics.system;
import java.sql.CallableStatement;
import java.sql.Connection;
+import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
@@ -46,6 +47,7 @@ import java.sql.Types;
import javax.sql.DataSource;
+import org.apache.commons.lang3.StringUtils;
import org.onap.portalsdk.analytics.error.RaptorException;
import org.onap.portalsdk.analytics.error.ReportSQLException;
import org.onap.portalsdk.analytics.model.runtime.ReportRuntime;
@@ -200,6 +202,35 @@ public class DbUtils {
throw new ReportSQLException(e.getMessage(), sql);
}
} // executeQuery
+
+ public static DataSet executeQuery(String sql, String reportName, String reportID) throws ReportSQLException {
+ Connection con = null;
+ try {
+ con = getConnection();
+ PreparedStatement preparedStatement = con.prepareStatement(sql);
+ if(StringUtils.isNotBlank(reportID)) {
+ preparedStatement.setString(1, reportID);
+ preparedStatement.setString(2, reportName);
+ }else {
+ preparedStatement.setString(1, reportName);
+ }
+
+ try(ResultSet rs = preparedStatement.executeQuery();)
+ {
+ logger.debug(EELFLoggerDelegate.debugLogger, ("[SQL CALL FROM RAPTOR] [SQL] " + sql));
+ return new DataSet(rs, Integer.MAX_VALUE);
+ }
+ } catch (SQLException e) {
+ throw new ReportSQLException(e.getMessage(), sql);
+ } catch (ReportSQLException ex) {
+ logger.error(EELFLoggerDelegate.debugLogger, ("Error " + sql));
+ throw new ReportSQLException(ex.getMessage(), ex);
+ }catch(Exception ex1) {
+ throw new ReportSQLException(ex1.getMessage(), ex1.getCause());
+ } finally {
+ clearConnection(con);
+ }
+ } // executeQuery
public static DataSet executeQuery(String sql) throws ReportSQLException {
return executeQuery(sql, Integer.MAX_VALUE);
diff --git a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/fusion/web/RaptorControllerAsync.java b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/fusion/web/RaptorControllerAsync.java
index c761bdcc..dbecbbd8 100644
--- a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/fusion/web/RaptorControllerAsync.java
+++ b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/system/fusion/web/RaptorControllerAsync.java
@@ -671,7 +671,9 @@ public class RaptorControllerAsync extends RestrictedBaseController {
ReportRuntime rr = null;
boolean newReport = false;
MessageJSON messageJSON = new MessageJSON();
-
+ if("-1".equals(id)) {
+ id = "Create";
+ }
try {
if (id.equals("InSession")) {
rdef = (ReportDefinition) request.getSession().getAttribute(AppConstants.SI_REPORT_DEFINITION);