diff options
author | JulienBe <julien.bertozzi@intl.att.com> | 2020-10-28 11:50:25 -0400 |
---|---|---|
committer | JulienBe <julien.bertozzi@intl.att.com> | 2021-02-23 10:57:28 +0100 |
commit | b485c37b36ddb3ab5e8085c009b26e97c8e62d74 (patch) | |
tree | dcea5bd91cf72076295d46f430c725d13b42f275 /openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk | |
parent | 72b29baac0c1f08b610fd4daf2078b43ee74b3d8 (diff) |
Upgrade Vulnerable Direct Dependencies [snakeyaml]
Change-Id: I84417ab3d4f18634be519b837a34d1f1e774ceff
Signed-off-by: amohamad <a.mohamad@queensu.ca>
Issue-ID: SDC-3051
Updated MVN dependencies in the respective pom.xml files
Updated the signature of some methods to match new version 1.26
Modified test cases to match the new wording of exceptions
Still working on troublshooting other failing test cases
Change-Id: Ifc796574e6d8d4e4fc707db04944d83427b5dbe6
Signed-off-by: amohamad <a.mohamad@queensu.ca>
Signed-off-by: JulienBe <julien.bertozzi@intl.att.com>
Diffstat (limited to 'openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk')
3 files changed, 219 insertions, 89 deletions
diff --git a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/pom.xml b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/pom.xml index 54b6964bbc..4d2ec69003 100644 --- a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/pom.xml +++ b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/pom.xml @@ -7,9 +7,8 @@ <parent> <groupId>org.openecomp.sdc</groupId> - <artifactId>openecomp-sdc-lib</artifactId> + <artifactId>openecomp-sdc-validation-lib</artifactId> <version>1.8.1-SNAPSHOT</version> - <relativePath>../..</relativePath> </parent> <dependencies> diff --git a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/src/main/java/org/openecomp/sdc/validation/base/ResourceBaseValidator.java b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/src/main/java/org/openecomp/sdc/validation/base/ResourceBaseValidator.java index ba23c8b649..a15c7678f7 100644 --- a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/src/main/java/org/openecomp/sdc/validation/base/ResourceBaseValidator.java +++ b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/src/main/java/org/openecomp/sdc/validation/base/ResourceBaseValidator.java @@ -56,7 +56,7 @@ public class ResourceBaseValidator implements Validator { return MapUtils.unmodifiableMap(this.resourceTypeToImpl); } -@Override + @Override public void init(Map<String, Object> properties) { if (MapUtils.isEmpty(properties)) { return; diff --git a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/src/test/java/org/openecomp/sdc/validation/base/ResourceBaseValidatorTest.java b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/src/test/java/org/openecomp/sdc/validation/base/ResourceBaseValidatorTest.java index 35a8c00ee9..095df4f859 100644 --- a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/src/test/java/org/openecomp/sdc/validation/base/ResourceBaseValidatorTest.java +++ b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-sdk/src/test/java/org/openecomp/sdc/validation/base/ResourceBaseValidatorTest.java @@ -19,97 +19,228 @@ import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertTrue; import org.apache.commons.collections4.MapUtils; +import org.apache.commons.io.IOUtils; import org.junit.jupiter.api.Test; +import org.openecomp.core.utilities.file.FileUtils; +import org.openecomp.core.utilities.json.JsonUtil; +import org.openecomp.core.validation.errors.ErrorMessagesFormatBuilder; +import org.openecomp.core.validation.types.GlobalValidationContext; import org.openecomp.core.validation.types.MessageContainer; import org.openecomp.sdc.datatypes.configuration.ImplementationConfiguration; +import org.openecomp.sdc.heat.datatypes.manifest.FileData; +import org.openecomp.sdc.heat.datatypes.manifest.ManifestContent; +import org.openecomp.sdc.heat.datatypes.model.HeatOrchestrationTemplate; +import org.openecomp.sdc.heat.datatypes.model.Resource; +import org.openecomp.sdc.heat.services.HeatStructureUtil; +import org.openecomp.sdc.heat.services.manifest.ManifestUtil; +import org.openecomp.sdc.validation.ResourceValidator; +import org.openecomp.sdc.validation.ValidationContext; +import org.openecomp.sdc.validation.Validator; import org.openecomp.sdc.validation.type.ConfigConstants; -import org.openecomp.sdc.validation.util.ValidationTestUtil; +import org.openecomp.sdc.validation.util.ValidationUtil; -import java.util.Collections; -import java.util.HashMap; -import java.util.Map; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.net.URL; +import java.util.*; public class ResourceBaseValidatorTest { -private String testValidator = "testValidator"; - - @Test - public void testInvalidResourceType(){ - ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); - Map<String, MessageContainer> messages = ValidationTestUtil.testValidator( - resourceBaseValidator, "/InvalidResourceType"); - assertEquals(messages.get("first.yaml").getErrorMessageList().get(0).getMessage(), - "WARNING: [RBV1]: A resource has an invalid or unsupported type - null, " + - "Resource ID [FSB2]"); - } - - @Test - public void testInvalidHeatStructure(){ - ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); - Map<String, MessageContainer> messages = ValidationTestUtil.testValidator(resourceBaseValidator, - "/InvalidHeatStructure"); - assertEquals(messages.get("first.yaml").getErrorMessageList().get(0).getMessage(), - "ERROR: [RBV2]: Invalid HEAT format problem - [while scanning for the next " + - "token\n" + "found character '\\t(TAB)' that cannot start any token. " + - "(Do not use \\t(TAB) for indentation)\n" + - " in 'reader', line 10, column 1:\n" + - " \t\t\tresources:\n" + - " ^\n" + - "]"); - } - - @Test - public void testInitWithEmptyPropertiesMap() { - ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); - Map<String, Object> properties = new HashMap<>(); - resourceBaseValidator.init(properties); - - assertTrue(MapUtils.isEmpty(resourceBaseValidator.getResourceTypeToImpl())); - } - - @Test - public void testInitPropertiesMap() { - ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); - initProperties(resourceBaseValidator, getValidImplementationConfiguration()); - - Map<String, ImplementationConfiguration> resourceTypeToImpl = - resourceBaseValidator.getResourceTypeToImpl(); - assertTrue(MapUtils.isNotEmpty(resourceTypeToImpl)); - assertTrue(resourceTypeToImpl.containsKey(testValidator)); - } - - @Test - public void testInitPropertiesWithString() { - ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); - Map<String, Object> properties = new HashMap<>(); - properties.put(testValidator, "invalidValue"); - - resourceBaseValidator.init(properties); - - assertTrue(MapUtils.isEmpty(resourceBaseValidator.getResourceTypeToImpl())); - } - - @Test - public void testInitPropertiesWithoutImplClass() { - ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); - initProperties(resourceBaseValidator, new HashMap<>()); - - assertTrue(MapUtils.isEmpty(resourceBaseValidator.getResourceTypeToImpl())); - } - - public Map<String, Object> getValidImplementationConfiguration() { - Map<String, Object> implConfiguration = new HashMap<>(); - implConfiguration.put( - ConfigConstants.Impl_Class, "org.openecomp.sdc.validation.impl.validators.ForbiddenResourceGuideLineValidator"); - implConfiguration.put(ConfigConstants.Enable, true); - - return implConfiguration; - } - - private void initProperties(ResourceBaseValidator resourceBaseValidator, - Map<String, Object> implementationConfiguration) { - Map<String, Object> properties = - Collections.singletonMap(testValidator, implementationConfiguration); - - resourceBaseValidator.init(properties); - } + private String testValidator = "testValidator"; + + @Test + public void testInvalidResourceType() { + ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); + Map<String, MessageContainer> messages = testValidator(resourceBaseValidator, "/InvalidResourceType"); + assertEquals(messages.get("first.yaml").getErrorMessageList().get(0).getMessage(), + "WARNING: [RBV1]: A resource has an invalid or unsupported type - null, Resource ID [FSB2]"); + } + + @Test + public void testInvalidHeatStructure() { + ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); + Map<String, MessageContainer> messages = testValidator(resourceBaseValidator, "/InvalidHeatStructure"); + assertEquals(messages.get("first.yaml").getErrorMessageList().get(0).getMessage(), + "ERROR: [RBV2]: Invalid HEAT format problem - [while scanning for the next " + + "token\n" + "found character '\\t(TAB)' that cannot start any token. " + + "(Do not use \\t(TAB) for indentation)\n" + + " in 'reader', line 10, column 1:\n" + + " \t\t\tresources:\n" + + " ^\n" + + "]"); + } + + @Test + public void testInitWithEmptyPropertiesMap() { + ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); + Map<String, Object> properties = new HashMap<>(); + resourceBaseValidator.init(properties); + assertTrue(MapUtils.isEmpty(resourceBaseValidator.getResourceTypeToImpl())); + } + + @Test + public void testInitPropertiesMap() { + ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); + initProperties(resourceBaseValidator, getValidImplementationConfiguration()); + + Map<String, ImplementationConfiguration> resourceTypeToImpl = resourceBaseValidator.getResourceTypeToImpl(); + assertTrue(MapUtils.isNotEmpty(resourceTypeToImpl)); + assertTrue(resourceTypeToImpl.containsKey(testValidator)); + } + + @Test + public void testInitPropertiesWithString() { + ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); + Map<String, Object> properties = new HashMap<>(); + properties.put(testValidator, "invalidValue"); + resourceBaseValidator.init(properties); + assertTrue(MapUtils.isEmpty(resourceBaseValidator.getResourceTypeToImpl())); + } + + @Test + public void testInitPropertiesWithoutImplClass() { + ResourceBaseValidator resourceBaseValidator = new ResourceBaseValidator(); + initProperties(resourceBaseValidator, new HashMap<>()); + assertTrue(MapUtils.isEmpty(resourceBaseValidator.getResourceTypeToImpl())); + } + + public Map<String, Object> getValidImplementationConfiguration() { + Map<String, Object> implConfiguration = new HashMap<>(); + implConfiguration.put(ConfigConstants.Impl_Class, "org.openecomp.sdc.validation.impl.validators.ForbiddenResourceGuideLineValidator"); + implConfiguration.put(ConfigConstants.Enable, true); + + return implConfiguration; + } + + private void initProperties(ResourceBaseValidator resourceBaseValidator, Map<String, Object> implementationConfiguration) { + Map<String, Object> properties = Collections.singletonMap(testValidator, implementationConfiguration); + resourceBaseValidator.init(properties); + } + + public GlobalValidationContext createGlobalContextFromPath(String path) { + GlobalValidationContext globalValidationContext = new GlobalValidationContext(); + Map<String, byte[]> contentMap = getContentMapByPath(path); + if (contentMap == null) { + return null; + } + contentMap.forEach(globalValidationContext::addFileContext); + + return globalValidationContext; + } + + private Map<String, byte[]> getContentMapByPath(String path) { + Map<String, byte[]> contentMap = new HashMap<>(); + URL url = ResourceBaseValidator.class.getResource(path); + File pathFile = new File(url.getFile()); + File[] files; + if (pathFile.isDirectory()) { + files = pathFile.listFiles(); + } else { + files = new File[]{pathFile}; + } + + if (files == null || files.length == 0) { + return null; + } + + for (File file : files) { + + try (FileInputStream fis = new FileInputStream(file)) { + contentMap.put(file.getName(), FileUtils.toByteArray(fis)); + } catch (IOException e) { + throw new RuntimeException("Failed to read file: " + file, e); + } + + } + return contentMap; + } + + public Map<String, MessageContainer> testValidator(Validator validator, String path) { + GlobalValidationContext globalValidationContext = createGlobalContextFromPath(path); + validator.validate(globalValidationContext); + + assert globalValidationContext != null; + return globalValidationContext.getContextMessageContainers(); + } + + public Map<String, MessageContainer> testValidator(ResourceBaseValidator baseValidator, + ResourceValidator resourceValidator, + String resourceTypeToValidate, String path) { + + GlobalValidationContext globalContext = Objects.requireNonNull( + createGlobalContextFromPath(path), "Global validation context cannot be null"); + + ManifestContent manifestContent = ValidationUtil.validateManifest(globalContext); + Map<String, FileData.Type> fileTypeMap = ManifestUtil.getFileTypeMap(manifestContent); + Map<String, FileData> fileEnvMap = ManifestUtil.getFileAndItsEnv(manifestContent); + + validateFiles(baseValidator, resourceValidator, globalContext, fileEnvMap, fileTypeMap, + resourceTypeToValidate); + + return globalContext.getContextMessageContainers(); + } + + private void validateFiles(ResourceBaseValidator baseValidator, + ResourceValidator resourceValidator, + GlobalValidationContext globalContext, + Map<String, FileData> fileEnvMap, + Map<String, FileData.Type> fileTypeMap, + String resourceTypeToValidate) { + + Collection<String> files = globalContext.getFiles(); + for (String fileName : files) { + if (FileData.isHeatFile(fileTypeMap.get(fileName))) { + HeatOrchestrationTemplate heatOrchestrationTemplate = + ValidationUtil.checkHeatOrchestrationPreCondition(fileName, globalContext); + + if (Objects.isNull(heatOrchestrationTemplate)) { + continue; + } + + ValidationContext validationContext = baseValidator.createValidationContext(fileName, + fileEnvMap.get(fileName) == null ? null : fileEnvMap.get(fileName).getFile(), + heatOrchestrationTemplate, globalContext); + + validateResources(fileName, resourceValidator, resourceTypeToValidate, validationContext, + globalContext); + } + } + } + + private void validateResources(String fileName, ResourceValidator resourceValidator, + String resourceTypeToValidate, ValidationContext validationContext, + GlobalValidationContext globalValidationContext) { + + HeatOrchestrationTemplate heatOrchestrationTemplate = + ValidationUtil.checkHeatOrchestrationPreCondition(fileName, globalValidationContext); + + Map<String, Resource> resourcesMap = + Objects.requireNonNull(heatOrchestrationTemplate, "Orchestration template cannot be null").getResources(); + + if (MapUtils.isEmpty(resourcesMap)) { + return; + } + + resourcesMap.entrySet() + .stream() + .filter(resourceEntry -> isResourceNeedToBeTested(resourceEntry.getValue().getType(), resourceTypeToValidate)) + .forEach(resourceEntry -> + resourceValidator.validate + (fileName, resourceEntry, globalValidationContext, validationContext)); + } + + private boolean isResourceNeedToBeTested(String currResource, String resourceToTest) { + if (Objects.isNull(resourceToTest)) { + return HeatStructureUtil.isNestedResource(currResource); + } + + return currResource.equals(resourceToTest); + } + + public void validateErrorMessage(String actualMessage, String expected, String... params) { + assertEquals(actualMessage.replace("\n", "").replace("\r", ""), + ErrorMessagesFormatBuilder.getErrorWithParameters(expected, params).replace("\n", "") + .replace("\r", "")); + } + } |