diff options
author | Kotta, Shireesha (sk434m) <sk434m@att.com> | 2019-06-28 15:27:29 -0400 |
---|---|---|
committer | Kotta, Shireesha (sk434m) <sk434m@att.com> | 2019-06-28 15:27:29 -0400 |
commit | 179ff1eb0c1ac9eef4d152c47df5cb12a4584c0f (patch) | |
tree | b9b744e106d688e807ffb31b6a986230034423d5 /ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller | |
parent | d63c87226df57e7bd0513f9b17374716197056fa (diff) |
PENTEST:Do not display stack trace for the api's
Issue-ID: PORTAL-654
PENTEST:Do not display stack trace for the api's and all users info for
get_user api
Change-Id: I68a4e3c7eba2628363275d63535290034591aa07
Signed-off-by: Kotta, Shireesha (sk434m) <sk434m@att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller')
-rw-r--r-- | ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/ProfileSearchController.java | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/ProfileSearchController.java b/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/ProfileSearchController.java index f5d37e2b..a94c3b46 100644 --- a/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/ProfileSearchController.java +++ b/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/ProfileSearchController.java @@ -50,10 +50,12 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.json.JSONObject; +import org.onap.portalsdk.core.auth.LoginStrategy; import org.onap.portalsdk.core.controller.RestrictedBaseController; import org.onap.portalsdk.core.domain.MenuData; import org.onap.portalsdk.core.domain.User; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.core.onboarding.exception.PortalAPIException; import org.onap.portalsdk.core.service.FnMenuService; import org.onap.portalsdk.core.service.UserProfileService; import org.onap.portalsdk.core.service.UserService; @@ -83,6 +85,9 @@ public class ProfileSearchController extends RestrictedBaseController { @Autowired private FnMenuService fnMenuService; + + @Autowired + private LoginStrategy loginStrategy; @RequestMapping(value = { "/profile_search" }, method = RequestMethod.GET) public ModelAndView profileSearch(HttpServletRequest request) { @@ -103,11 +108,21 @@ public class ProfileSearchController extends RestrictedBaseController { @RequestMapping(value = { "/get_user" }, method = RequestMethod.GET) public void getUser(HttpServletRequest request, HttpServletResponse response) { logger.info(EELFLoggerDelegate.applicationLogger, "Initiating get_user in ProfileSearchController"); + String userId = ""; + try { + userId = loginStrategy.getUserId(request); + } catch (PortalAPIException e1) { + logger.error(EELFLoggerDelegate.applicationLogger, "No User found in request", e1); + } + + final String requestedUserId = userId; ObjectMapper mapper = new ObjectMapper(); List<User> profileList = null; try { profileList = service.findAll(); - JsonMessage msg = new JsonMessage(mapper.writeValueAsString(profileList)); + User user = profileList.stream() + .filter(x -> x.getOrgUserId().equals(requestedUserId)).findAny().orElse(null); + JsonMessage msg = new JsonMessage(mapper.writeValueAsString(user)); JSONObject j = new JSONObject(msg); response.setContentType(APPLICATION_JSON); response.getWriter().write(j.toString()); @@ -180,4 +195,4 @@ public class ProfileSearchController extends RestrictedBaseController { logger.error(EELFLoggerDelegate.applicationLogger, "toggleProfileActive failed", e); } } -} +}
\ No newline at end of file |