From cba52c9e6c67ae2ee723c76f0c9ed165b657df63 Mon Sep 17 00:00:00 2001 From: aribeiro Date: Mon, 12 Jul 2021 15:10:19 +0100 Subject: Fix security vulnerabilities Issue-ID: SDC-3634 Signed-off-by: aribeiro Change-Id: I2ad864179cea8021773a9ea80953d995d75d36d0 --- .../sdcrests/item/types/ActivityLogDto.java | 55 ++++----------- .../sdcrests/item/types/CommitRequestDto.java | 12 ++-- .../sdcrests/item/types/ItemCreationDto.java | 19 ++--- .../org/openecomp/sdcrests/item/types/ItemDto.java | 58 ++++------------ .../openecomp/sdcrests/item/types/RevisionDto.java | 35 +++------- .../sdcrests/item/types/SubmitRequestDto.java | 12 ++-- .../openecomp/sdcrests/item/types/VersionDto.java | 80 ++++------------------ .../sdcrests/item/types/VersionRequestDto.java | 17 ++--- 8 files changed, 72 insertions(+), 216 deletions(-) (limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types') diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ActivityLogDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ActivityLogDto.java index a4b688085c..2a7289e259 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ActivityLogDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ActivityLogDto.java @@ -20,7 +20,12 @@ package org.openecomp.sdcrests.item.types; import java.util.Date; +import lombok.Data; +import lombok.NoArgsConstructor; +import org.openecomp.sdc.common.util.ValidationUtils; +@Data +@NoArgsConstructor public class ActivityLogDto { private String id; @@ -30,54 +35,20 @@ public class ActivityLogDto { private String user; private ActivityStatus status; - public ActivityLogDto() { + public void setId(final String id) { + this.id = ValidationUtils.sanitizeInputString(id); } - public String getId() { - return id; + public void setType(final String type) { + this.type = ValidationUtils.sanitizeInputString(type); } - public void setId(String id) { - this.id = id; + public void setComment(final String comment) { + this.comment = ValidationUtils.sanitizeInputString(comment); } - public Date getTimestamp() { - return timestamp; + public void setUser(final String user) { + this.user = ValidationUtils.sanitizeInputString(user); } - public void setTimestamp(Date timestamp) { - this.timestamp = timestamp; - } - - public String getType() { - return type; - } - - public void setType(String type) { - this.type = type; - } - - public String getComment() { - return comment; - } - - public void setComment(String comment) { - this.comment = comment; - } - - public String getUser() { - return user; - } - - public void setUser(String user) { - this.user = user; - } - - public ActivityStatus getStatus() { - return status; - } - - public void setStatus(ActivityStatus status) { - this.status = status; - } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/CommitRequestDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/CommitRequestDto.java index 821b7713eb..15b08fc5b4 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/CommitRequestDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/CommitRequestDto.java @@ -19,15 +19,15 @@ */ package org.openecomp.sdcrests.item.types; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; + +@Data public class CommitRequestDto { private String message; - public String getMessage() { - return message; - } - - public void setMessage(String message) { - this.message = message; + public void setMessage(final String message) { + this.message = ValidationUtils.sanitizeInputString(message); } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ItemCreationDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ItemCreationDto.java index dec7c97674..7437aec6e3 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ItemCreationDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ItemCreationDto.java @@ -19,24 +19,17 @@ */ package org.openecomp.sdcrests.item.types; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; + +@Data public class ItemCreationDto { private String itemId; private VersionDto version; - public String getItemId() { - return itemId; - } - - public void setItemId(String itemId) { - this.itemId = itemId; + public void setItemId(final String itemId) { + this.itemId = ValidationUtils.sanitizeInputString(itemId); } - public VersionDto getVersion() { - return version; - } - - public void setVersion(VersionDto version) { - this.version = version; - } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ItemDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ItemDto.java index 38633fb6f7..34ad19fa7c 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ItemDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/ItemDto.java @@ -20,7 +20,10 @@ package org.openecomp.sdcrests.item.types; import java.util.Map; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; +@Data public class ItemDto { private String id; @@ -31,59 +34,28 @@ public class ItemDto { private String status; private Map properties; - public String getId() { - return id; + public void setId(final String id) { + this.id = ValidationUtils.sanitizeInputString(id); } - public void setId(String id) { - this.id = id; + public void setType(final String type) { + this.type = ValidationUtils.sanitizeInputString(type); } - public String getType() { - return type; + public void setName(final String name) { + this.name = ValidationUtils.sanitizeInputString(name); } - public void setType(String type) { - this.type = type; + public void setDescription(final String description) { + this.description = ValidationUtils.sanitizeInputString(description); } - public String getName() { - return name; + public void setOwner(final String owner) { + this.owner = ValidationUtils.sanitizeInputString(owner); } - public void setName(String name) { - this.name = name; + public void setStatus(final String status) { + this.status = ValidationUtils.sanitizeInputString(status); } - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public String getOwner() { - return owner; - } - - public void setOwner(String owner) { - this.owner = owner; - } - - public String getStatus() { - return status; - } - - public void setStatus(String status) { - this.status = status; - } - - public Map getProperties() { - return properties; - } - - public void setProperties(Map properties) { - this.properties = properties; - } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/RevisionDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/RevisionDto.java index d7bd88f4be..e115388239 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/RevisionDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/RevisionDto.java @@ -20,7 +20,10 @@ package org.openecomp.sdcrests.item.types; import java.util.Date; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; +@Data public class RevisionDto { private String id; @@ -28,35 +31,15 @@ public class RevisionDto { private Date time; private String user; - public String getId() { - return id; + public void setId(final String id) { + this.id = ValidationUtils.sanitizeInputString(id); } - public void setId(String id) { - this.id = id; + public void setMessage(final String message) { + this.message = ValidationUtils.sanitizeInputString(message); } - public String getMessage() { - return message; - } - - public void setMessage(String message) { - this.message = message; - } - - public Date getTime() { - return time; - } - - public void setTime(Date time) { - this.time = time; - } - - public String getUser() { - return user; - } - - public void setUser(String user) { - this.user = user; + public void setUser(final String user) { + this.user = ValidationUtils.sanitizeInputString(user); } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/SubmitRequestDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/SubmitRequestDto.java index 3f4b4a94da..aa8ae2c7ae 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/SubmitRequestDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/SubmitRequestDto.java @@ -19,15 +19,15 @@ */ package org.openecomp.sdcrests.item.types; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; + +@Data public class SubmitRequestDto { private String message; - public String getMessage() { - return message; - } - - public void setMessage(String message) { - this.message = message; + public void setMessage(final String message) { + this.message = ValidationUtils.sanitizeInputString(message); } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/VersionDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/VersionDto.java index 83884d3a1d..38582beb19 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/VersionDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/VersionDto.java @@ -21,9 +21,14 @@ package org.openecomp.sdcrests.item.types; import java.util.Date; import java.util.Map; +import lombok.Data; +import lombok.NoArgsConstructor; +import org.openecomp.sdc.common.util.ValidationUtils; import org.openecomp.sdc.versioning.dao.types.VersionState; import org.openecomp.sdc.versioning.dao.types.VersionStatus; +@Data +@NoArgsConstructor public class VersionDto { private String id; @@ -36,78 +41,19 @@ public class VersionDto { private Date modificationTime; private Map additionalInfo; - public VersionDto() { + public void setId(final String id) { + this.id = ValidationUtils.sanitizeInputString(id); } - public String getId() { - return id; + public void setName(final String name) { + this.name = ValidationUtils.sanitizeInputString(name); } - public void setId(String id) { - this.id = id; + public void setDescription(final String description) { + this.description = ValidationUtils.sanitizeInputString(description); } - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public String getBaseId() { - return baseId; - } - - public void setBaseId(String baseId) { - this.baseId = baseId; - } - - public VersionStatus getStatus() { - return status; - } - - public void setStatus(VersionStatus status) { - this.status = status; - } - - public VersionState getState() { - return state; - } - - public void setState(VersionState state) { - this.state = state; - } - - public Date getCreationTime() { - return creationTime; - } - - public void setCreationTime(Date creationTime) { - this.creationTime = creationTime; - } - - public Date getModificationTime() { - return modificationTime; - } - - public void setModificationTime(Date modificationTime) { - this.modificationTime = modificationTime; - } - - public Map getAdditionalInfo() { - return additionalInfo; - } - - public void setAdditionalInfo(Map additionalInfo) { - this.additionalInfo = additionalInfo; + public void setBaseId(final String baseId) { + this.baseId = ValidationUtils.sanitizeInputString(baseId); } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/VersionRequestDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/VersionRequestDto.java index 81747d4612..628ffd294e 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/VersionRequestDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-types/src/main/java/org/openecomp/sdcrests/item/types/VersionRequestDto.java @@ -19,26 +19,17 @@ */ package org.openecomp.sdcrests.item.types; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; import org.openecomp.sdc.versioning.types.VersionCreationMethod; +@Data public class VersionRequestDto { private String description; private VersionCreationMethod creationMethod; - public String getDescription() { - return description; - } - public void setDescription(String description) { - this.description = description; - } - - public VersionCreationMethod getCreationMethod() { - return creationMethod; - } - - public void setCreationMethod(VersionCreationMethod creationMethod) { - this.creationMethod = creationMethod; + this.description = ValidationUtils.sanitizeInputString(description); } } -- cgit 1.2.3-korg