aboutsummaryrefslogtreecommitdiffstats
path: root/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java')
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java13
1 files changed, 10 insertions, 3 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java
index 0fd4206cd6..79982eaa3a 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/TypesUploadServlet.java
@@ -80,6 +80,7 @@ import org.openecomp.sdc.common.datastructure.FunctionalInterfaces.ConsumerThree
import org.openecomp.sdc.common.datastructure.FunctionalInterfaces.ConsumerTwoParam;
import org.openecomp.sdc.common.datastructure.Wrapper;
import org.openecomp.sdc.common.log.wrappers.Logger;
+import org.openecomp.sdc.common.util.ValidationUtils;
import org.openecomp.sdc.exception.ResponseFormat;
import org.springframework.stereotype.Controller;
@@ -132,9 +133,10 @@ public class TypesUploadServlet extends AbstractValidationsServlet {
public Response uploadCapabilityType(@Parameter(description = "FileInputStream") @FormDataParam("capabilityTypeZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator,
@Parameter(description = "model") @FormDataParam("model") String modelName) {
+ final String sanitizedModelName = ValidationUtils.sanitizeInputString(modelName);
ConsumerThreeParam<Wrapper<Response>, String, String> createElementsMethod = (responseWrapper, ymlPayload, model) -> createElementsType(responseWrapper,
- () -> capabilityTypeImportManager.createCapabilityTypes(ymlPayload, modelName));
- return uploadElementTypeServletLogic(createElementsMethod, file, request, creator, NodeTypeEnum.CapabilityType.name(), modelName);
+ () -> capabilityTypeImportManager.createCapabilityTypes(ymlPayload, sanitizedModelName));
+ return uploadElementTypeServletLogic(createElementsMethod, file, request, creator, NodeTypeEnum.CapabilityType.name(), sanitizedModelName);
}
@POST
@@ -149,6 +151,7 @@ public class TypesUploadServlet extends AbstractValidationsServlet {
public Response uploadRelationshipType(@Parameter(description = "FileInputStream") @FormDataParam("relationshipTypeZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator,
@Parameter(description = "model") @FormDataParam("model") String modelName) {
+ modelName = ValidationUtils.sanitizeInputString(modelName);
return uploadElementTypeServletLogic(this::createRelationshipTypes, file, request, creator, NodeTypeEnum.RelationshipType.getName(), modelName);
}
@@ -164,8 +167,9 @@ public class TypesUploadServlet extends AbstractValidationsServlet {
public Response uploadInterfaceLifecycleType(@Parameter(description = "FileInputStream") @FormDataParam("interfaceLifecycleTypeZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator,
@Parameter(description = "model") @FormDataParam("model") String modelName) {
+ final String sanitizedModelName = ValidationUtils.sanitizeInputString(modelName);
ConsumerTwoParam<Wrapper<Response>, String> createElementsMethod = (responseWrapper, ymlPayload) -> createElementsType(responseWrapper,
- () -> interfaceLifecycleTypeImportManager.createLifecycleTypes(ymlPayload, modelName));
+ () -> interfaceLifecycleTypeImportManager.createLifecycleTypes(ymlPayload, sanitizedModelName));
return uploadElementTypeServletLogic(createElementsMethod, file, request, creator, "Interface Types");
}
@@ -197,6 +201,7 @@ public class TypesUploadServlet extends AbstractValidationsServlet {
public Response uploadDataTypes(@Parameter(description = "FileInputStream") @FormDataParam("dataTypesZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator,
@Parameter(description = "model") @FormDataParam("model") String modelName) {
+ modelName = ValidationUtils.sanitizeInputString(modelName);
return uploadElementTypeServletLogic(this::createDataTypes, file, request, creator, NodeTypeEnum.DataType.getName(), modelName);
}
@@ -213,6 +218,7 @@ public class TypesUploadServlet extends AbstractValidationsServlet {
@Parameter(description = "model") @FormDataParam("model") String modelName,
@Parameter(description = "FileInputStream") @FormDataParam("groupTypesZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator) {
+ modelName = ValidationUtils.sanitizeInputString(modelName);
Map<String, ToscaTypeMetadata> typesMetadata = getTypesMetadata(toscaTypesMetaData);
return uploadTypesWithMetaData(this::createGroupTypes, typesMetadata, file, request, creator, NodeTypeEnum.GroupType.getName(), modelName);
}
@@ -230,6 +236,7 @@ public class TypesUploadServlet extends AbstractValidationsServlet {
@Parameter(description = "model") @FormDataParam("model") String modelName,
@Parameter(description = "FileInputStream") @FormDataParam("policyTypesZip") File file,
@Context final HttpServletRequest request, @HeaderParam("USER_ID") String creator) {
+ modelName = ValidationUtils.sanitizeInputString(modelName);
Map<String, ToscaTypeMetadata> typesMetadata = getTypesMetadata(toscaTypesMetaData);
return uploadTypesWithMetaData(this::createPolicyTypes, typesMetadata, file, request, creator, NodeTypeEnum.PolicyType.getName(), modelName);
}