From cba52c9e6c67ae2ee723c76f0c9ed165b657df63 Mon Sep 17 00:00:00 2001 From: aribeiro Date: Mon, 12 Jul 2021 15:10:19 +0100 Subject: Fix security vulnerabilities Issue-ID: SDC-3634 Signed-off-by: aribeiro Change-Id: I2ad864179cea8021773a9ea80953d995d75d36d0 --- .../types/EntitlementPoolEntityDto.java | 26 +------ .../types/EntitlementPoolRequestDto.java | 90 ++++------------------ .../types/FeatureGroupDescriptorDto.java | 23 ++---- .../types/LicenseAgreementDescriptorDto.java | 35 ++------- .../types/LicenseKeyGroupRequestDto.java | 83 +++----------------- .../vendorlicense/types/LimitEntityDto.java | 76 ++++++------------ .../types/VendorLicenseModelRequestDto.java | 27 ++----- 7 files changed, 71 insertions(+), 289 deletions(-) (limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests') diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/EntitlementPoolEntityDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/EntitlementPoolEntityDto.java index 835d6fcbfe..a77c5c8347 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/EntitlementPoolEntityDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/EntitlementPoolEntityDto.java @@ -21,35 +21,13 @@ package org.openecomp.sdcrests.vendorlicense.types; import io.swagger.v3.oas.annotations.media.Schema; import java.util.Set; +import lombok.Data; @Schema(description = "EntitlementPoolEntity") +@Data public class EntitlementPoolEntityDto extends EntitlementPoolRequestDto { private String id; private Set referencingFeatureGroups; private String versionUUID; - - public String getId() { - return id; - } - - public void setId(String id) { - this.id = id; - } - - public Set getReferencingFeatureGroups() { - return referencingFeatureGroups; - } - - public void setReferencingFeatureGroups(Set referencingFeatureGroups) { - this.referencingFeatureGroups = referencingFeatureGroups; - } - - public String getversionUUID() { - return versionUUID; - } - - public void setVersionUUID(String versionUUID) { - this.versionUUID = versionUUID; - } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/EntitlementPoolRequestDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/EntitlementPoolRequestDto.java index 35e6f31e28..6439583d3e 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/EntitlementPoolRequestDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/EntitlementPoolRequestDto.java @@ -19,16 +19,19 @@ */ package org.openecomp.sdcrests.vendorlicense.types; -import io.swagger.v3.oas.annotations.media.Schema; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import io.swagger.v3.oas.annotations.media.Schema; +import javax.validation.Valid; +import javax.validation.constraints.NotNull; +import javax.validation.constraints.Size; +import lombok.Data; import org.hibernate.validator.constraints.NotBlank; +import org.openecomp.sdc.common.util.ValidationUtils; import org.openecomp.sdc.vendorlicense.dao.types.EntitlementPoolType; import org.openecomp.sdc.vendorlicense.dao.types.OperationalScope; import org.openecomp.sdc.vendorlicense.dao.types.ThresholdUnit; -import javax.validation.Valid; -import javax.validation.constraints.NotNull; -import javax.validation.constraints.Size; +@Data @Schema(description = "EntitlementPoolRequest") @JsonIgnoreProperties({"time", "aggregationFunction", "entitlementMetric"}) public class EntitlementPoolRequestDto { @@ -52,83 +55,20 @@ public class EntitlementPoolRequestDto { private String startDate; private String expiryDate; - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getManufacturerReferenceNumber() { - return manufacturerReferenceNumber; - } - - public void setManufacturerReferenceNumber(String manufacturerReferenceNumber) { - this.manufacturerReferenceNumber = manufacturerReferenceNumber; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public EntitlementPoolType getType() { - return type; + public void setName(final String name) { + this.name = ValidationUtils.sanitizeInputString(name); } - public void setType(EntitlementPoolType type) { - this.type = type; + public void setManufacturerReferenceNumber(final String manufacturerReferenceNumber) { + this.manufacturerReferenceNumber = ValidationUtils.sanitizeInputString(manufacturerReferenceNumber); } - public Integer getThresholdValue() { - return thresholdValue; + public void setDescription(final String description) { + this.description = ValidationUtils.sanitizeInputString(description); } - public void setThresholdValue(Integer thresholdValue) { - this.thresholdValue = thresholdValue; + public void setIncrements(final String increments) { + this.increments = ValidationUtils.sanitizeInputString(increments); } - public ThresholdUnit getThresholdUnits() { - return thresholdUnits; - } - - public void setThresholdUnits(ThresholdUnit thresholdUnits) { - this.thresholdUnits = thresholdUnits; - } - - public String getIncrements() { - return increments; - } - - public void setIncrements(String increments) { - this.increments = increments; - } - - public MultiChoiceOrOtherDto getOperationalScope() { - return operationalScope; - } - - public void setOperationalScope(MultiChoiceOrOtherDto operationalScope) { - this.operationalScope = operationalScope; - } - - public String getStartDate() { - return startDate; - } - - public void setStartDate(String startDate) { - this.startDate = startDate; - } - - public String getExpiryDate() { - return expiryDate; - } - - public void setExpiryDate(String expiryDate) { - this.expiryDate = expiryDate; - } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/FeatureGroupDescriptorDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/FeatureGroupDescriptorDto.java index 03bf2de328..1e35fee862 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/FeatureGroupDescriptorDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/FeatureGroupDescriptorDto.java @@ -21,7 +21,10 @@ package org.openecomp.sdcrests.vendorlicense.types; import javax.validation.constraints.NotNull; import javax.validation.constraints.Size; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; +@Data public class FeatureGroupDescriptorDto { @NotNull @@ -32,27 +35,15 @@ public class FeatureGroupDescriptorDto { @NotNull private String partNumber; - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getDescription() { - return description; + public void setName(final String name) { + this.name = ValidationUtils.sanitizeInputString(name); } public void setDescription(String description) { - this.description = description; - } - - public String getPartNumber() { - return partNumber; + this.description = ValidationUtils.sanitizeInputString(description); } public void setPartNumber(String partNumber) { - this.partNumber = partNumber; + this.partNumber = ValidationUtils.sanitizeInputString(partNumber); } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LicenseAgreementDescriptorDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LicenseAgreementDescriptorDto.java index cd72d151dc..ab2f039267 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LicenseAgreementDescriptorDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LicenseAgreementDescriptorDto.java @@ -22,8 +22,11 @@ package org.openecomp.sdcrests.vendorlicense.types; import javax.validation.Valid; import javax.validation.constraints.NotNull; import javax.validation.constraints.Size; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; import org.openecomp.sdc.vendorlicense.dao.types.LicenseTerm; +@Data public class LicenseAgreementDescriptorDto { @NotNull @@ -37,35 +40,11 @@ public class LicenseAgreementDescriptorDto { @Size(max = 1000) private String requirementsAndConstrains; - public String getName() { - return name; + public void setName(final String name) { + this.name = ValidationUtils.sanitizeInputString(name); } - public void setName(String name) { - this.name = name; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public ChoiceOrOtherDto getLicenseTerm() { - return licenseTerm; - } - - public void setLicenseTerm(ChoiceOrOtherDto licenseTerm) { - this.licenseTerm = licenseTerm; - } - - public String getRequirementsAndConstrains() { - return requirementsAndConstrains; - } - - public void setRequirementsAndConstrains(String requirementsAndConstrains) { - this.requirementsAndConstrains = requirementsAndConstrains; + public void setDescription(final String description) { + this.description = ValidationUtils.sanitizeInputString(description); } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LicenseKeyGroupRequestDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LicenseKeyGroupRequestDto.java index 2eabb0aa4a..f0f57af287 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LicenseKeyGroupRequestDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LicenseKeyGroupRequestDto.java @@ -22,10 +22,13 @@ package org.openecomp.sdcrests.vendorlicense.types; import javax.validation.Valid; import javax.validation.constraints.NotNull; import javax.validation.constraints.Size; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; import org.openecomp.sdc.vendorlicense.dao.types.LicenseKeyType; import org.openecomp.sdc.vendorlicense.dao.types.OperationalScope; import org.openecomp.sdc.vendorlicense.dao.types.ThresholdUnit; +@Data public class LicenseKeyGroupRequestDto { @NotNull @@ -46,83 +49,19 @@ public class LicenseKeyGroupRequestDto { @Size(max = 120) private String increments; - public String getName() { - return name; + public void setName(final String name) { + this.name = ValidationUtils.sanitizeInputString(name); } - public void setName(String name) { - this.name = name; + public void setManufacturerReferenceNumber(final String manufacturerReferenceNumber) { + this.manufacturerReferenceNumber = ValidationUtils.sanitizeInputString(manufacturerReferenceNumber); } - public String getManufacturerReferenceNumber() { - return manufacturerReferenceNumber; + public void setDescription(final String description) { + this.description = ValidationUtils.sanitizeInputString(description); } - public void setManufacturerReferenceNumber(String manufacturerReferenceNumber) { - this.manufacturerReferenceNumber = manufacturerReferenceNumber; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public LicenseKeyType getType() { - return type; - } - - public void setType(LicenseKeyType type) { - this.type = type; - } - - public MultiChoiceOrOtherDto getOperationalScope() { - return operationalScope; - } - - public void setOperationalScope(MultiChoiceOrOtherDto operationalScope) { - this.operationalScope = operationalScope; - } - - public String getStartDate() { - return startDate; - } - - public void setStartDate(String startDate) { - this.startDate = startDate; - } - - public String getExpiryDate() { - return expiryDate; - } - - public void setExpiryDate(String expiryDate) { - this.expiryDate = expiryDate; - } - - public Integer getThresholdValue() { - return thresholdValue; - } - - public void setThresholdValue(Integer thresholdValue) { - this.thresholdValue = thresholdValue; - } - - public ThresholdUnit getThresholdUnits() { - return thresholdUnits; - } - - public void setThresholdUnits(ThresholdUnit thresholdUnits) { - this.thresholdUnits = thresholdUnits; - } - - public String getIncrements() { - return increments; - } - - public void setIncrements(String increments) { - this.increments = increments; + public void setIncrements(final String increments) { + this.increments = ValidationUtils.sanitizeInputString(increments); } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LimitEntityDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LimitEntityDto.java index a22bb0a64d..b9b018144d 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LimitEntityDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/LimitEntityDto.java @@ -19,6 +19,10 @@ */ package org.openecomp.sdcrests.vendorlicense.types; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; + +@Data public class LimitEntityDto { private String id; @@ -31,75 +35,39 @@ public class LimitEntityDto { private String aggregationFunction; private String time; - public String getId() { - return id; - } - - public void setId(String id) { - this.id = id; - } - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getType() { - return type; - } - - public void setType(String type) { - this.type = type; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public String getMetric() { - return metric; - } - - public void setMetric(String metric) { - this.metric = metric; + public void setId(final String id) { + this.id = ValidationUtils.sanitizeInputString(id); } - public String getUnit() { - return unit; + public void setName(final String name) { + this.name = ValidationUtils.sanitizeInputString(name); } - public void setUnit(String unit) { - this.unit = unit; + public void setType(final String type) { + this.type = ValidationUtils.sanitizeInputString(type); } - public String getAggregationFunction() { - return aggregationFunction; + public void setDescription(final String description) { + this.description = ValidationUtils.sanitizeInputString(description); } - public void setAggregationFunction(String aggregationFunction) { - this.aggregationFunction = aggregationFunction; + public void setMetric(final String metric) { + this.metric = ValidationUtils.sanitizeInputString(metric); } - public String getTime() { - return time; + public void setUnit(final String unit) { + this.unit = ValidationUtils.sanitizeInputString(unit); } - public void setTime(String time) { - this.time = time; + public void setAggregationFunction(final String aggregationFunction) { + this.aggregationFunction = ValidationUtils.sanitizeInputString(aggregationFunction); } - public String getValue() { - return value; + public void setTime(final String time) { + this.time = ValidationUtils.sanitizeInputString(time); } - public void setValue(String value) { - this.value = value; + public void setValue(final String value) { + this.value = ValidationUtils.sanitizeInputString(value); } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/VendorLicenseModelRequestDto.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/VendorLicenseModelRequestDto.java index 625cc721a9..ba8fd96e6e 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/VendorLicenseModelRequestDto.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-types/src/main/java/org/openecomp/sdcrests/vendorlicense/types/VendorLicenseModelRequestDto.java @@ -22,7 +22,10 @@ package org.openecomp.sdcrests.vendorlicense.types; import io.swagger.v3.oas.annotations.media.Schema; import javax.validation.constraints.NotNull; import javax.validation.constraints.Size; +import lombok.Data; +import org.openecomp.sdc.common.util.ValidationUtils; +@Data @Schema(description = "VendorLicenseModelRequest") public class VendorLicenseModelRequestDto { @@ -35,27 +38,11 @@ public class VendorLicenseModelRequestDto { @NotNull private String iconRef; - public String getVendorName() { - return vendorName; + public void setVendorName(final String vendorName) { + this.vendorName = ValidationUtils.sanitizeInputString(vendorName); } - public void setVendorName(String vendorName) { - this.vendorName = vendorName; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public String getIconRef() { - return iconRef; - } - - public void setIconRef(String iconRef) { - this.iconRef = iconRef; + public void setDescription(final String description) { + this.description = ValidationUtils.sanitizeInputString(description); } } -- cgit 1.2.3-korg