diff options
author | Eran (ev672n), Vosk <ev672n@att.com> | 2018-10-16 17:33:49 +0300 |
---|---|---|
committer | Eran (ev672n), Vosk <ev672n@att.com> | 2018-10-17 15:41:16 +0300 |
commit | 3fc94dd71339db72d60220add95b6b72c932abdb (patch) | |
tree | e6a3e0296f09f79be86ee76f9f3d40fcad97e8b2 /dcaedt_be | |
parent | 936253bccdcebe82ed06b55025087e96bbd35551 (diff) |
security check issues
recheck eun-clm updating spring version, using security check issues
Change-Id: Ic9eb249b70d4e32669fc6f1f4262b0fb91c0cd70
Issue-ID: SDC-1829
Signed-off-by: Eran (ev672n), Vosk <ev672n@att.com>
Diffstat (limited to 'dcaedt_be')
9 files changed, 41 insertions, 38 deletions
diff --git a/dcaedt_be/pom.xml b/dcaedt_be/pom.xml index 15753cc..59abbd1 100644 --- a/dcaedt_be/pom.xml +++ b/dcaedt_be/pom.xml @@ -13,6 +13,7 @@ </parent> <properties> + <!--suppress UnresolvedMavenProperty --> <docker.staging.tag>${parsedVersion.majorVersion}.${parsedVersion.minorVersion}-STAGING-latest</docker.staging.tag> </properties> @@ -85,13 +86,13 @@ <dependency> <groupId>org.powermock</groupId> <artifactId>powermock-module-junit4</artifactId> - <version>1.6.4</version> + <version>2.0.0-beta.5</version> <scope>test</scope> </dependency> <dependency> <groupId>org.powermock</groupId> - <artifactId>powermock-api-mockito</artifactId> - <version>1.6.4</version> + <artifactId>powermock-api-mockito2</artifactId> + <version>2.0.0-beta.5</version> <scope>test</scope> </dependency> <dependency> @@ -134,7 +135,7 @@ <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-jetty</artifactId> - <version>1.5.2.RELEASE</version> + <version>2.0.5.RELEASE</version> <exclusions> <exclusion> <groupId>org.eclipse.jetty.websocket</groupId> @@ -292,6 +293,16 @@ <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> + <executions> + <execution> + <goals> + <goal>repackage</goal> + </goals> + <configuration> + <classifier>exec</classifier> + </configuration> + </execution> + </executions> <configuration> <webXml>src/main/webapp/WEB-INF/web.xml</webXml> <webResources> diff --git a/dcaedt_be/src/main/java/org/onap/sdc/dcae/composition/CompositionEngine.java b/dcaedt_be/src/main/java/org/onap/sdc/dcae/composition/CompositionEngine.java index c633c59..f07358a 100644 --- a/dcaedt_be/src/main/java/org/onap/sdc/dcae/composition/CompositionEngine.java +++ b/dcaedt_be/src/main/java/org/onap/sdc/dcae/composition/CompositionEngine.java @@ -14,7 +14,7 @@ import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.builder.SpringApplicationBuilder; import org.springframework.boot.web.servlet.FilterRegistrationBean; -import org.springframework.boot.web.support.SpringBootServletInitializer; +import org.springframework.boot.web.servlet.support.SpringBootServletInitializer; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; diff --git a/dcaedt_be/src/main/java/org/onap/sdc/dcae/composition/controller/CompositionController.java b/dcaedt_be/src/main/java/org/onap/sdc/dcae/composition/controller/CompositionController.java index aad0250..e13990d 100644 --- a/dcaedt_be/src/main/java/org/onap/sdc/dcae/composition/controller/CompositionController.java +++ b/dcaedt_be/src/main/java/org/onap/sdc/dcae/composition/controller/CompositionController.java @@ -1,9 +1,6 @@ package org.onap.sdc.dcae.composition.controller; import org.onap.sdc.common.onaplog.Enums.LogLevel; -import org.onap.sdc.dcae.catalog.engine.CatalogResponse; -import org.onap.sdc.dcae.catalog.engine.ElementRequest; -import org.onap.sdc.dcae.catalog.engine.ItemsRequest; import org.onap.sdc.dcae.composition.impl.CompositionBusinessLogic; import org.onap.sdc.dcae.composition.impl.CompositionCatalogBusinessLogic; import org.onap.sdc.dcae.composition.restmodels.MessageResponse; @@ -18,7 +15,6 @@ import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.*; -import org.springframework.web.context.request.async.DeferredResult; @RestController @EnableAutoConfiguration diff --git a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/BlueprintBusinessLogicTest.java b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/BlueprintBusinessLogicTest.java index a00130f..9150c59 100644 --- a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/BlueprintBusinessLogicTest.java +++ b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/BlueprintBusinessLogicTest.java @@ -3,10 +3,9 @@ package org.onap.sdc.dcae.composition.impl; import org.junit.Assert; import org.junit.Before; import org.junit.Test; -import org.junit.runner.RunWith; import org.mockito.InjectMocks; import org.mockito.Mock; -import org.mockito.runners.MockitoJUnitRunner; +import org.mockito.MockitoAnnotations; import org.onap.sdc.dcae.client.ISdcClient; import org.onap.sdc.dcae.composition.restmodels.sdc.Artifact; import org.onap.sdc.dcae.composition.restmodels.sdc.ResourceDetailed; @@ -15,12 +14,10 @@ import org.springframework.http.ResponseEntity; import java.util.ArrayList; -import static org.mockito.Matchers.anyString; -import static org.mockito.Matchers.eq; +import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.when; import static org.onap.sdc.dcae.composition.util.DcaeBeConstants.Composition.fileNames.COMPOSITION_YML; -@RunWith(MockitoJUnitRunner.class) public class BlueprintBusinessLogicTest { private static final String USER_ID = "UserId"; @@ -39,13 +36,13 @@ public class BlueprintBusinessLogicTest { @Before public void setup() { + MockitoAnnotations.initMocks(this); new ErrorConfigurationLoader(System.getProperty("user.dir")+"/src/main/webapp/WEB-INF"); resourceDetailed = new ResourceDetailed(); resourceDetailed.setUuid(VFCMT_UUID); classUnderTest.setSdcRestClient(sdcClientMock); when(sdcClientMock.getResource(eq(VFCMT_UUID), eq(REQUEST_ID))).thenReturn(resourceDetailed); - when(sdcClientMock.getResourceArtifact(eq(VFCMT_UUID), anyString(), anyString())).thenReturn("\"{\\\\\\\"version\\\\\\\":0,\\\\\\\"flowType\\\\\\\":\\\\\\\"templateInfoFlowType\\\\\\\",\\\\\\\"nodes\\\\\\\":[],\\\\\\\"inputs\\\\\\\":[],\\\\\\\"outputs\\\\\\\":[],\\\\\\\"relations\\\\\\\":[]}\\\"\""); } @Test diff --git a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/CompositionBusinessLogicTest.java b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/CompositionBusinessLogicTest.java index d9b65b2..5e6d2a3 100644 --- a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/CompositionBusinessLogicTest.java +++ b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/CompositionBusinessLogicTest.java @@ -21,9 +21,12 @@ import java.util.Arrays; import java.util.List; import static org.junit.Assert.assertEquals; -import static org.mockito.Matchers.any; -import static org.mockito.Matchers.anyString; -import static org.mockito.Mockito.*; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + public class CompositionBusinessLogicTest { @@ -63,14 +66,14 @@ public class CompositionBusinessLogicTest { emulateListOfArtifactsWithCompositionYml(); when(sdcClientMock.getResource(anyString(),anyString())).thenReturn(vfcmt); when(vfcmt.getLifecycleState()).thenReturn("NOT_CERTIFIED_CHECKIN"); - when(sdcClientMock.changeResourceLifecycleState(anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn(vfcmt); + when(sdcClientMock.changeResourceLifecycleState(anyString(), any(), anyString(), any(), anyString())).thenReturn(vfcmt); compositionBusinessLogic.saveComposition(justAString, justAString, justAString, justAString, false); verify(sdcClientMock).getResource(anyString(),anyString()); verify(sdcClientMock, times(0)).createResourceArtifact(anyString(),anyString(),any(),anyString()); verify(sdcClientMock).updateResourceArtifact(anyString(), anyString(), any(), anyString()); - verify(sdcClientMock, times(2)).changeResourceLifecycleState(anyString(),anyString(),anyString(),anyString(),anyString()); + verify(sdcClientMock, times(2)).changeResourceLifecycleState(anyString(),any(),anyString(),any(),anyString()); } @Test @@ -81,14 +84,14 @@ public class CompositionBusinessLogicTest { when(vfcmt.getLifecycleState()).thenReturn("NOT_CERTIFIED_CHECKIN"); RequestError requestError = new RequestError(); requestError.setServiceException(new ServiceException("SVC4086", "", null)); - when(sdcClientMock.changeResourceLifecycleState(anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn(vfcmt).thenThrow(new ASDCException(HttpStatus.FORBIDDEN, requestError)); + when(sdcClientMock.changeResourceLifecycleState(anyString(), any(), anyString(), any(), anyString())).thenReturn(vfcmt).thenThrow(new ASDCException(HttpStatus.FORBIDDEN, requestError)); ResponseEntity result = compositionBusinessLogic.saveComposition(justAString, justAString, justAString, justAString, false); verify(sdcClientMock).getResource(anyString(),anyString()); verify(sdcClientMock, times(0)).createResourceArtifact(anyString(),anyString(),any(),anyString()); verify(sdcClientMock).updateResourceArtifact(anyString(), anyString(), any(), anyString()); - verify(sdcClientMock, times(3)).changeResourceLifecycleState(anyString(),anyString(),anyString(),anyString(),anyString()); + verify(sdcClientMock, times(3)).changeResourceLifecycleState(anyString(),any(),anyString(),any(),anyString()); assertEquals(403, result.getStatusCodeValue()); } diff --git a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/CompositionCatalogBusinessLogicTest.java b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/CompositionCatalogBusinessLogicTest.java index 25bf1f1..7c773ee 100644 --- a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/CompositionCatalogBusinessLogicTest.java +++ b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/CompositionCatalogBusinessLogicTest.java @@ -7,21 +7,14 @@ import org.mockito.InjectMocks; import org.mockito.Mock; import org.mockito.MockitoAnnotations; import org.onap.sdc.dcae.catalog.asdc.ASDCCatalog; -import org.onap.sdc.dcae.catalog.asdc.ASDCException; import org.onap.sdc.dcae.catalog.engine.CatalogController; -import org.onap.sdc.dcae.catalog.engine.CatalogError; -import org.onap.sdc.dcae.catalog.engine.CatalogResponse; import org.onap.sdc.dcae.client.ISdcClient; import org.onap.sdc.dcae.composition.restmodels.canvas.DcaeComponentCatalog; import org.onap.sdc.dcae.composition.restmodels.sdc.Resource; import org.onap.sdc.dcae.composition.util.DcaeBeConstants; import org.onap.sdc.dcae.errormng.ErrorConfigurationLoader; -import org.onap.sdc.dcae.errormng.RequestError; import org.onap.sdc.dcae.errormng.ResponseFormat; -import org.onap.sdc.dcae.errormng.ServiceException; -import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; -import org.springframework.web.context.request.async.DeferredResult; import java.util.Arrays; import java.util.List; diff --git a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/ReferenceBusinessLogicTest.java b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/ReferenceBusinessLogicTest.java index 70c0577..f69f660 100644 --- a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/ReferenceBusinessLogicTest.java +++ b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/ReferenceBusinessLogicTest.java @@ -3,10 +3,9 @@ package org.onap.sdc.dcae.composition.impl; import org.junit.Assert; import org.junit.Before; import org.junit.Test; -import org.junit.runner.RunWith; import org.mockito.InjectMocks; import org.mockito.Mock; -import org.mockito.runners.MockitoJUnitRunner; +import org.mockito.MockitoAnnotations; import org.onap.sdc.dcae.client.ISdcClient; import org.onap.sdc.dcae.composition.restmodels.MonitoringComponent; import org.onap.sdc.dcae.composition.restmodels.sdc.*; @@ -17,13 +16,15 @@ import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.client.HttpClientErrorException; -import java.util.*; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.Map; import static org.mockito.Matchers.anyString; import static org.mockito.Matchers.eq; import static org.mockito.Mockito.*; -@RunWith(MockitoJUnitRunner.class) public class ReferenceBusinessLogicTest { private String userId = "me"; private String requestId = "1"; @@ -41,6 +42,7 @@ public class ReferenceBusinessLogicTest { @Before public void setup(){ + MockitoAnnotations.initMocks(this); classUnderTest.setSdcRestClient(sdcClientMock); new ErrorConfigurationLoader(System.getProperty("user.dir")+"/src/main/webapp/WEB-INF"); } @@ -99,7 +101,7 @@ public class ReferenceBusinessLogicTest { mockGetService(); ResponseEntity responseEntity = classUnderTest.deleteVfcmtReferenceBlueprint(userId, "", monitoringComponentName, serviceUuid, vfiName, "", requestId); verify(sdcClientMock).getService(serviceUuid, requestId); - verify(sdcClientMock).deleteInstanceArtifact(anyString(), anyString(), anyString(), anyString(), anyString(), anyString()); + verify(sdcClientMock).deleteInstanceArtifact(anyString(), anyString(), anyString(), anyString(), any(), anyString()); Assert.assertEquals(HttpStatus.OK, responseEntity.getStatusCode()); } @@ -115,7 +117,7 @@ public class ReferenceBusinessLogicTest { @Test public void deleteVfcmtReferenceBlueprint_exceptionSdcdeleteInstanceResourceArtifact() throws Exception { mockGetService(); - doThrow(new RuntimeException("")).when(sdcClientMock).deleteInstanceArtifact(anyString(), anyString(), anyString(), anyString(), anyString(), anyString()); + doThrow(new RuntimeException("")).when(sdcClientMock).deleteInstanceArtifact(anyString(), anyString(), anyString(), anyString(), any(), anyString()); ResponseEntity<ResponseFormat> responseEntity = classUnderTest.deleteVfcmtReferenceBlueprint(userId, "", monitoringComponentName, serviceUuid, vfiName, "", requestId); diff --git a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/ServiceBusinessLogicTest.java b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/ServiceBusinessLogicTest.java index a6f82f6..15c460a 100644 --- a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/ServiceBusinessLogicTest.java +++ b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/ServiceBusinessLogicTest.java @@ -28,6 +28,7 @@ import java.util.stream.Collectors; import static org.assertj.core.api.Assertions.assertThat; import static org.junit.Assert.assertEquals; +import static org.mockito.ArgumentMatchers.any; import static org.mockito.Matchers.anyString; import static org.mockito.Mockito.when; import static org.testng.Assert.assertNotEquals; @@ -154,7 +155,7 @@ public class ServiceBusinessLogicTest { @Test public void test_GetAttachedService() { - when(serviceBusinessLogic.getSdcRestClient().getResourceArtifact(anyString(), anyString(), anyString())).thenReturn("artifact data"); + when(serviceBusinessLogic.getSdcRestClient().getResourceArtifact(any(), any(), any())).thenReturn("artifact data"); ResponseEntity<MessageResponse> result = serviceBusinessLogic.getAttachedService(vfcmtUuid, requestId); assertEquals(HttpStatus.OK, result.getStatusCode()); diff --git a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/VfcmtBusinessLogicTest.java b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/VfcmtBusinessLogicTest.java index 5f1ba41..c347c34 100644 --- a/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/VfcmtBusinessLogicTest.java +++ b/dcaedt_be/src/test/java/org/onap/sdc/dcae/composition/impl/VfcmtBusinessLogicTest.java @@ -118,11 +118,11 @@ public class VfcmtBusinessLogicTest { verify(sdcClientMock, times(0)).createResource(userId, request, requestId); verify(sdcClientMock).getResource(anyString(),anyString()); - verify(sdcClientMock).getResourceArtifact(anyString(),anyString(),anyString()); + verify(sdcClientMock).getResourceArtifact(any(),anyString(),anyString()); verify(sdcClientMock, times(0)).createResourceArtifact(anyString(),anyString(),any(),anyString()); verify(sdcClientMock, times(0)).updateResourceArtifact(anyString(), anyString(), any(), anyString()); verify(sdcClientMock).addExternalMonitoringReference(anyString(),any(),any(),anyString()); - verify(sdcClientMock).changeResourceLifecycleState(anyString(),anyString(),anyString(),anyString(),anyString()); + verify(sdcClientMock).changeResourceLifecycleState(anyString(),any(),anyString(),anyString(),anyString()); } |