From 69062c0ec148ccadaced3ef1d6eff63ba422c055 Mon Sep 17 00:00:00 2001
From: st782s <statta@research.att.com>
Date: Wed, 3 Jan 2018 14:30:16 -0500
Subject: Harden code

Issue-ID: PORTAL-145,PORTAL-119,PORTAL-118

Harden code to address SQL injecton, XSS vulnerabilities; Separate
docker images for portal, sdk app and DMaaPBC ui; Missing error page

Change-Id: I1818fbf86c601dd41b274729038e731fb2ec8f7d
Signed-off-by: st782s <statta@research.att.com>
---
 .../onap/portalapp/controller/core/FnMenuController.java    | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

(limited to 'ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/FnMenuController.java')

diff --git a/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/FnMenuController.java b/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/FnMenuController.java
index dfc735b1..c441417b 100644
--- a/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/FnMenuController.java
+++ b/ecomp-sdk/epsdk-app-common/src/main/java/org/onap/portalapp/controller/core/FnMenuController.java
@@ -76,7 +76,7 @@ public class FnMenuController extends RestrictedBaseController {
 
 	@Autowired
 	FnMenuService service;
-	
+
 	@Autowired
 	FunctionalMenuListService functionalMenuListService;
 
@@ -91,7 +91,7 @@ public class FnMenuController extends RestrictedBaseController {
 			logger.error(EELFLoggerDelegate.errorLogger, "getParentListFailed", e);
 			response.setCharacterEncoding("UTF-8");
 			PrintWriter out = response.getWriter();
-			out.write(e.getMessage());
+			out.write("An error occurred in the getParentList () ");
 		}
 	}
 
@@ -104,7 +104,7 @@ public class FnMenuController extends RestrictedBaseController {
 			logger.error(EELFLoggerDelegate.errorLogger, "getFunctionCDList", e);
 			response.setCharacterEncoding("UTF-8");
 			PrintWriter out = response.getWriter();
-			out.write(e.getMessage());
+			out.write("An error occurred in the getFunctionCDList ()");
 		}
 
 	}
@@ -160,7 +160,6 @@ public class FnMenuController extends RestrictedBaseController {
 			mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
 			JsonNode root = mapper.readTree(request.getReader());
 			Menu fnMenuItem = mapper.readValue(root.get("availableFnMenuItem").toString(), Menu.class);
-
 			service.saveFnMenu(fnMenuItem);
 			request.getSession()
 					.removeAttribute(SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_ATTRIBUTE_NAME));
@@ -183,7 +182,7 @@ public class FnMenuController extends RestrictedBaseController {
 			response.setCharacterEncoding("UTF-8");
 			request.setCharacterEncoding("UTF-8");
 			PrintWriter out = response.getWriter();
-			out.write(e.getMessage());
+			out.write("An error occurred in the updateFnMenu () ");
 		}
 		return null;
 
@@ -198,9 +197,7 @@ public class FnMenuController extends RestrictedBaseController {
 			JsonNode root = mapper.readTree(request.getReader());
 			Menu fnMenuItem = mapper.readValue(root.get("fnMenuItem").toString(), Menu.class);
 			Menu fnMenuItemRow = service.getMenuItemRow(fnMenuItem.getId());
-
 			service.removeMenuItem(fnMenuItemRow);
-
 			response.setCharacterEncoding("UTF-8");
 			response.setContentType("application / json");
 			request.setCharacterEncoding("UTF-8");
@@ -215,7 +212,7 @@ public class FnMenuController extends RestrictedBaseController {
 			response.setCharacterEncoding("UTF-8");
 			request.setCharacterEncoding("UTF-8");
 			PrintWriter out = response.getWriter();
-			out.write(e.getMessage());
+			out.write("An error occurred in the removeFnMenu ()");
 		}
 		return null;
 
-- 
cgit 1.2.3-korg