summaryrefslogtreecommitdiffstats
path: root/catalog-fe/src
AgeCommit message (Collapse)AuthorFilesLines
2022-10-18Fix security risk 'Improper Input Validation'vasraz1-0/+70
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I6a52148aec3b567db43ec57109214e52d106f73c Issue-ID: SDC-4189
2022-10-04Fix bug 'X-Frame-Options not configured: Lack of clickjacking protection'vasraz2-18/+49
Add new Filter (ContentSecurityPolicyHeaderFilter) Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Ic8151df64e4b95b3d59b44a5f74dd12210f55e87 Issue-ID: SDC-4192
2022-09-08Fix high-severity bug 'application exposed to path traversal attack'vasraz1-112/+118
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I7f4b1e8d083cc39f8e57dcedddecc6af56fdc9c2 Issue-ID: SDC-4169
2022-04-26Replace deprecated GEventEvaluator with JaninoEventEvaluatorvasraz1-4/+2
Change-Id: I21bfd0aaa66a32ecc1755cbe1efd78b0cd4254cf Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3984
2022-03-07Update esapi dependency for sec vulnerabilityMichaelMorris1-1/+3
Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-3895 Change-Id: I457f6865f081faf9474e2f63006b339b7c1512ea
2022-02-28Increase FE timoutvasraz1-8/+9
Change-Id: Id25eb2931119404a90a48ee7a50b286c975a6f82 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3886
2022-02-26Implement improved MinIo clientvasraz1-1/+1
Change-Id: Ic9abd6b0bdaa17e9deff2279a64416d81f7ad606 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3886
2022-01-13Improve testing stabilityvasraz2-4/+4
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I3f631642a97e65d6628816767e0a5408f02f4bc6 Issue-ID: SDC-3839
2021-11-15Fix critical cross site scriptingvasraz2-15/+15
Change-Id: I66a220f71a2e950055107a725191b46bcbe8c6a6 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3607 Issue-ID: SDC-3755
2021-10-12Revert "Fix critical cross site scripting"vasraz1-4/+3
This reverts commit 7c8f40bc6df4a5a4d5822e48ecbe5ebe6a0d251a. Change-Id: I5719e82cffd36a21f265217265acf7eac060124b Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3755
2021-08-11Fix critical cross site scriptingaribeiro1-3/+4
xss (cross site scripting) issue identified in sonarcloud Issue-ID: SDC-3607 Signed-off-by: aribeiro <anderson.ribeiro@est.tech> Change-Id: I729f14587154a02759ec62d5134cd115ac6eff38
2021-07-29fix security vulnerabilityaribeiro1-5/+6
Issue-ID: SDC-3607 Signed-off-by: aribeiro <anderson.ribeiro@est.tech> Change-Id: I935898fcf1ae74dc8f162153ff2cf4744b8f2f99
2021-04-12Fix weak-cryptography issuesxuegao2-118/+1
Load the truststore/keystore of our own instead of using the default one. Issue-ID: SDC-3495 Change-Id: I0ecd764d5198480a065fd38299cc9ff9da66af29 Signed-off-by: xuegao <xue.gao@intl.att.com>
2021-03-29Reformat catalog-fevasraz23-826/+596
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-3449 Change-Id: Ic4c34262e5cb4e5851af493400ccc01af5684a18
2021-03-18Improve test coveragevasraz1-1/+1
Use Lombok annotations to improve test coverage Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Iaaed0023960cfe0a31e1b50fb868196ab488cb4c Issue-ID: SDC-3428
2021-03-16Remove unused dcae-be healthcheckChrisC2-49/+1
Remove DCAE-DS backend Healthchecks that are noisy in the logs DCAE-DS was sunset in G release Issue-ID: SDC-3514 Signed-off-by: ChrisC <christophe.closset@intl.att.com> Change-Id: Iad9d6738ec813be9b87766ed189deda34e711ab1
2021-02-22Fix locally failing TCs in catalog-bevasraz1-146/+147
Migrate to Junit 5 TCs that extends JerseyTest Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I4c81e70836ee5e634291d74cd1773d221dce3702 Issue-ID: SDC-3377 Signed-off-by: aribeiro <anderson.ribeiro@est.tech>
2021-02-03Fix potential NPExuegao1-1/+2
Fix the potentail NPE in FeProxyServlet. Issue-ID: SDC-3451 Signed-off-by: xuegao <xue.gao@intl.att.com> Change-Id: I156e33c92882a264b98ea9e476382ae90a3befd4
2021-01-20Remove dead codeJulienBe2-10/+4
Remove unused variables Remove unnecessary statements Issue-ID: SDC-3428 Signed-off-by: JulienBe <julien.bertozzi@intl.att.com> Change-Id: Iddc8ffdc141edd409d50f90c03cb6612f6ebf042 Signed-off-by: JulienBe <julien.bertozzi@intl.att.com>
2021-01-19Add basic authxuegao1-8/+15
Adding basic auth for SDC apis. Issue-ID: OJSI-90 Signed-off-by: xuegao <xue.gao@intl.att.com> Change-Id: Ie84e6bab8d8526f7f4d21a36bba52d8fe9abebbb Signed-off-by: xuegao <xue.gao@intl.att.com>
2020-10-30Remove the Log4j 1.2.15sebdet2-2/+2
Remove the log4j 1.2.15 brought by Sigar library + update ESAPI to support slf4J instead of log4j Issue-ID: SDC-3310 Signed-off-by: sebdet <sebastien.determe@intl.att.com> Change-Id: I63cee67d113f51dbe82a64c69629c62b47918103 Signed-off-by: sebdet <sebastien.determe@intl.att.com>
2020-09-08Upgrade to java 11sebdet1-2/+0
MOve SDC to Java 11, this is one of the PR to move to Jdk 11, jenkins will have to be changed as well Issue-ID: SDC-2725 Change-Id: I85f13f14ba8004f6e9656093a837465a2e4af3e1 Signed-off-by: sebdet <sebastien.determe@intl.att.com> Signed-off-by: xuegao <xg353y@intl.att.com> Signed-off-by: sebdet <sebastien.determe@intl.att.com>
2020-06-21Toggletalio1-1/+1
Add toggling mechanism to catalog side. The first toggleable feature is healing - this was added to healing flow, in healJanusGraphDao Issue-ID: SDC-2874 Signed-off-by: talio <talio@amdocs.com> Change-Id: If386651cab8304ebaf13497ded3a7a50bd60e477 Signed-off-by: talio <talio@amdocs.com>
2020-05-05Setting default store types when not defined in configuration for init of ↵ilanap1-3/+4
https client Issue-ID: SDC-2962 Signed-off-by: ilanap <ilanap@amdocs.com> Change-Id: I9d88031c7d20951a4a77138340b1ddc26f47c0b6 Signed-off-by: ilanap <ilanap@amdocs.com>
2020-04-21Fix 404 in sdc-FE calls to workflowandre.schmid1-11/+12
Fixes webpack workflow proxy configuration. Fixes FE proxy while rewriting URLs to workflow plugin. Fixes compilation problems to run locally the catalog-ui. Change-Id: I89f3f46bd8ce0159713b1d0d957a2e75f8a3d062 Issue-ID: SDC-2943 Signed-off-by: andre.schmid <andre.schmid@est.tech>
2020-04-21Fix catalog-fe plugin online checkingandre.schmid1-0/+452
ESAPI encoder cannot be loaded due to a missing ESAPI.properties file in path, which causes an exception and breaks the online checking call. The plugin is always shown as offline. Change-Id: I05088d200e9a1bea1de2e00c07d5bbf6e3a67d41 Issue-ID: SDC-2945 Signed-off-by: andre.schmid <andre.schmid@est.tech>
2020-04-19Removed explicit references to exceptions in log messagesChris André1-1/+1
Issue-ID: SDC-2884 Change-Id: I6f3e9503922cc3a4f4049fced8d23cede7b0455a Signed-off-by: Chris Andre <chris.andre@yoppworks.com>
2020-03-30Initial fix for https call to pluginsilanap2-3/+185
Creates an http/https client to check whether plugin is online. missing UI fixes still Issue-ID: SDC-2843 Signed-off-by: ilanap <ilanap@amdocs.com> Change-Id: I06ee08c73881c8a8c458198f9b6a0f9df1021f52 Signed-off-by: ilanap <ilanap@amdocs.com>
2020-03-12Disable SecurityFilterOfir Sonsino2-15/+16
Bumping version to 1.7.0 Change-Id: I041bb5ce967b687e10be97dbbaa3ba1d119d13ff Issue-ID: SDC-2825 Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
2020-03-11portal url fixOfir Sonsino1-2/+2
Change-Id: Iab8c7cd48f7210d1833928e7ea075e2221db94c7 Issue-ID: SDC-2799 Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
2020-03-05portal and cadi properties fixOfir Sonsino1-2/+1
Change-Id: Id83f0ddd1846e4887d1d5a7c3fb5bf8db406186a Issue-ID: SDC-2799 Signed-off-by: Ofir Sonsino <os0695@intl.att.com>
2020-02-18Configuration file runtime reloadandre.schmid1-7/+0
Reloads the backend configuration file when the file listener catches a change. Forces validations errors when the configuration file could not be parsed. Remove not used configurations. Change-Id: Ic6fcb2b557d52ec53074c38ab8e0fcfa96e9be67 Issue-ID: SDC-2758 Signed-off-by: andre.schmid <andre.schmid@est.tech>
2020-01-22Catalog alignmentys969343-1321/+2367
Issue-ID: SDC-2724 Signed-off-by: ys9693 <ys9693@att.com> Change-Id: I52b4aacb58cbd432ca0e1ff7ff1f7dd52099c6fe
2019-12-18Revert "Add Option to proxy to plugins"aribeiro2-102/+39
This reverts commit ee4c4d72 Issue-ID: SDC-2648 Change-Id: I1f6cba80d3fb803530573c75f2fc54ca207e768a Signed-off-by: aribeiro <anderson.ribeiro@est.tech>
2019-12-05Add Option to proxy to pluginsilanap2-39/+102
Added option to proxy the plugins throught the catalog proxy. Remove hardcoded redirect to workflow and added to the plugin configuration. Issue-ID: SDC-2691 Signed-off-by: ilanap <ilanap@amdocs.com> Change-Id: Ica479ff00e1a8c281b9280b5495ac022172775c4 Signed-off-by: ilanap <ilanap@amdocs.com>
2019-12-01Fix Security Hotspots issuesvasraz1-2/+6
Change-Id: Icc45769cff71c8153c0afba6e2363b0399144175 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Issue-ID: SDC-2671
2019-12-01Sonar fixes for API to retrieve UI configurationilanap1-6/+8
Added configuration file with the menu configuration from catalog-ui. Added to the configuration manager. to chef and to the ui rest APIs. Issue-ID: SDC-2663 Signed-off-by: ilanap <ilanap@amdocs.com> Change-Id: I032a7666f470e7d4797a555470bf9eb4a43cfcc4
2019-11-27Add API to retrieve UI configurationilanap3-0/+259
Added configuration file with the menu configuration from catalog-ui. Added to the configuration manager. to chef and to the ui rest APIs. Issue-ID: SDC-2663 Signed-off-by: ilanap <ilanap@amdocs.com> Change-Id: Ia5e014a273238981241821c0d81b0455bd662b28 Signed-off-by: ilanap <ilanap@amdocs.com>
2019-08-26Fully HTTPS support in the catalog-fek.kedron2-12/+51
Fully HTTPS support: -Updated jvm configuration to support call to the SDC components using HTTPS. -Checkstyle in the recipes -Added buildRestClient method to create the CloseableHttpClient supporting the SSL connection -Sonar fixes in the PluginStatusBL class Issue-ID: SDC-2516 Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com> Change-Id: I35b9e22026898d2cc67a4b2d86d9d508a33fcb59
2019-08-22increasing code coverage in catalog feBartosz Gardziejewski2-0/+194
Issue-ID: SDC-2326 Signed-off-by: Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> Change-Id: Ica194c87def27163e20b2802100d9f296586a6ed
2019-08-05Additional unit testsTomasz Golabek5-520/+157
Some tests for catalog-fe Change-Id: I383021c7d1e85131adebd559e4763e12e36cba67 Issue-ID: SDC-2326 Signed-off-by: Tomasz Golabek <tomasz.golabek@nokia.com>
2019-07-17fixing warnings from checkstyle in catalog-feBartosz Gardziejewski20-813/+820
Issue-ID: SDC-2454 Signed-off-by: Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> Change-Id: I1fbeccb8c661233b81fea787457631f4a898fd46
2019-07-11Added oparent to sdc mainTomasz Golabek9-6/+186
Removed errors regarding to a missing license and others. Started locally and executed basic api tests Change-Id: Iea37613defc97f7b40613d60c10990841cb2a209 Issue-ID: SDC-2419 Signed-off-by: Tomasz Golabek <tomasz.golabek@nokia.com>
2019-06-27Add unit tests for HealthCheckServicem.kowalski31-0/+72
Issue-ID: SDC-2327 Signed-off-by: Marcin Kowalski <m.kowalski3@partner.samsung.com> Change-Id: Ia72210625c45b4e9b7bd5d26aa52893167133a93
2019-06-20Clean up MdcData and ImportMetadataTomasz Golabek6-274/+146
Removed duplicated class. Added assertions to check the logic. Change-Id: Ia953ee0c88d71214cf620cdd286f6ecdd3f3d26d Issue-ID: SDC-2326 Signed-off-by: Tomasz Golabek <tomasz.golabek@nokia.com>
2019-06-12Upgrade SDC from Titan to Janus Graphshrikantawachar1-1/+1
Upgrade SDC from Titan to Janus Graph Change-Id: I67fb8b8e60cc6751697bc5ff2f06754c92803786 Issue-ID: SDC-2296 Signed-off-by: shrikantawachar <shrikant.awachar@amdocs.com>
2019-06-04Added unit tests for FeHealthCheckServletPiotr Borelowski1-0/+70
Improve unit test coverage in sdc/catalog-fe Issue-ID: SDC-2327 Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com> Change-Id: Ic292318327bf23bc572b9efe72810028b2365592
2019-06-04Added unit tests for AuditPiotr Borelowski1-0/+138
Improve unit test coverage in sdc/catalog-fe Issue-ID: SDC-2327 Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com> Change-Id: Id6aaf7afded77ccedbaecbc1775c6dde1c1f1773 Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com>
2019-06-02Added unit tests for KibanaServletPiotr Borelowski2-52/+146
Improve unit test coverage in sdc/catalog-fe Remove sonar code smells Issue-ID: SDC-2327 Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com> Change-Id: I365ec437e999d7e0505a9345268405ac26495762
2019-03-25fix a typoLiang Ding2-2/+2
retrive -- > retrieve Change-Id: Ic6bce5b991c042cc2d19f1f72dd827644111b105 Issue-ID: SDC-2207 Signed-off-by: Liang Ding <liang.ding@intel.com>