aboutsummaryrefslogtreecommitdiffstats
path: root/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java')
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java36
1 files changed, 18 insertions, 18 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java
index f13621ff10..87c890de1b 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/LifecycleServlet.java
@@ -33,6 +33,18 @@ import io.swagger.v3.oas.annotations.servers.Server;
import io.swagger.v3.oas.annotations.servers.Servers;
import io.swagger.v3.oas.annotations.tags.Tag;
import io.swagger.v3.oas.annotations.tags.Tags;
+import java.io.IOException;
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.HeaderParam;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
import org.openecomp.sdc.be.components.lifecycle.LifecycleBusinessLogic;
@@ -54,22 +66,10 @@ import org.openecomp.sdc.common.log.elements.LoggerSupportability;
import org.openecomp.sdc.common.log.enums.LoggerSupportabilityActions;
import org.openecomp.sdc.common.log.enums.StatusCode;
import org.openecomp.sdc.common.log.wrappers.Logger;
+import org.openecomp.sdc.common.util.ValidationUtils;
import org.openecomp.sdc.exception.ResponseFormat;
import org.springframework.stereotype.Controller;
-import javax.inject.Inject;
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.HeaderParam;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-import java.io.IOException;
-
@Loggable(prepend = true, value = Loggable.DEBUG, trim = false)
@Path("/v1/catalog")
@Tags({@Tag(name = "SDC Internal APIs")})
@@ -101,9 +101,8 @@ public class LifecycleServlet extends BeGenericServlet {
@ApiResponse(responseCode = "409", description = "Resource already exist")})
@PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response changeResourceState(
- @Parameter(
- description = "LifecycleChangeInfo - relevant for checkin, failCertification, cancelCertification",
- required = false) String jsonChangeInfo,
+ @Parameter(description = "LifecycleChangeInfo - relevant for checkin, failCertification, cancelCertification")
+ String jsonChangeInfo,
@Parameter(description = "validValues: resources / services / products",
schema = @Schema(allowableValues = {ComponentTypeEnum.RESOURCE_PARAM_NAME,
ComponentTypeEnum.SERVICE_PARAM_NAME, ComponentTypeEnum.PRODUCT_PARAM_NAME})) @PathParam(
@@ -116,7 +115,6 @@ public class LifecycleServlet extends BeGenericServlet {
@Context final HttpServletRequest request,
@Parameter(description = "id of user initiating the operation") @HeaderParam(
value = Constants.USER_ID_HEADER) String userId) throws IOException {
-
String url = request.getMethod() + " " + request.getRequestURI();
log.debug("Start handle request of {}", url);
loggerSupportability.log(LoggerSupportabilityActions.CHANGELIFECYCLESTATE, StatusCode.STARTED,"Starting to change lifecycle state to " + lifecycleTransition + " by user " + userId);
@@ -143,7 +141,9 @@ public class LifecycleServlet extends BeGenericServlet {
try {
if (jsonChangeInfo != null && !jsonChangeInfo.isEmpty()) {
ObjectMapper mapper = new ObjectMapper();
- changeInfo = new LifecycleChangeInfoWithAction(mapper.readValue(jsonChangeInfo, LifecycleChangeInfoBase.class).getUserRemarks());
+ changeInfo = new LifecycleChangeInfoWithAction(mapper
+ .readValue(ValidationUtils.sanitizeInputString(jsonChangeInfo), LifecycleChangeInfoBase.class)
+ .getUserRemarks());
}
}