Code Review
/
dmaap
/
datarouter.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Merge "Fix DRFeedsServlet Vulnerabilities"
[dmaap/datarouter.git]
/
datarouter-prov
/
src
/
main
/
java
/
org
/
onap
/
dmaap
/
datarouter
/
provisioning
/
StatisticsServlet.java
diff --git
a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java
b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java
index
4917402
..
3902dc6
100755
(executable)
--- a/
datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java
+++ b/
datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java
@@
-28,7
+28,6
@@
import java.sql.Connection;
import java.sql.PreparedStatement;
\r
import java.sql.ResultSet;
\r
import java.sql.SQLException;
\r
import java.sql.PreparedStatement;
\r
import java.sql.ResultSet;
\r
import java.sql.SQLException;
\r
-import java.sql.Statement;
\r
import java.text.ParseException;
\r
import java.text.SimpleDateFormat;
\r
import java.util.Calendar;
\r
import java.text.ParseException;
\r
import java.text.SimpleDateFormat;
\r
import java.util.Calendar;
\r
@@
-44,6
+43,8
@@
import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
import org.onap.dmaap.datarouter.provisioning.utils.DB;
\r
import org.onap.dmaap.datarouter.provisioning.utils.LOGJSONObject;
\r
\r
import org.onap.dmaap.datarouter.provisioning.utils.DB;
\r
import org.onap.dmaap.datarouter.provisioning.utils.LOGJSONObject;
\r
\r
+import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
\r
+
\r
/**
\r
* This Servlet handles requests to the <Statistics API> and <Statistics consilidated
\r
* resultset>,
\r
/**
\r
* This Servlet handles requests to the <Statistics API> and <Statistics consilidated
\r
* resultset>,
\r
@@
-64,13
+65,13
@@
public class StatisticsServlet extends BaseServlet {
* DELETE a logging URL -- not supported.
\r
*/
\r
@Override
\r
* DELETE a logging URL -- not supported.
\r
*/
\r
@Override
\r
- public void doDelete(HttpServletRequest req, HttpServletResponse resp)
throws IOException
{
\r
+ public void doDelete(HttpServletRequest req, HttpServletResponse resp) {
\r
String message = "DELETE not allowed for the logURL.";
\r
EventLogRecord elr = new EventLogRecord(req);
\r
elr.setMessage(message);
\r
elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
\r
eventlogger.info(elr);
\r
String message = "DELETE not allowed for the logURL.";
\r
EventLogRecord elr = new EventLogRecord(req);
\r
elr.setMessage(message);
\r
elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
\r
eventlogger.info(elr);
\r
-
resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, message
);
\r
+
sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger
);
\r
}
\r
\r
/**
\r
}
\r
\r
/**
\r
@@
-78,24
+79,27
@@
public class StatisticsServlet extends BaseServlet {
* <b>Statistics API</b> document for details on how this method should be invoked.
\r
*/
\r
@Override
\r
* <b>Statistics API</b> document for details on how this method should be invoked.
\r
*/
\r
@Override
\r
- public void doGet(HttpServletRequest req, HttpServletResponse resp)
throws IOException
{
\r
+ public void doGet(HttpServletRequest req, HttpServletResponse resp) {
\r
\r
Map<String, String> map = buildMapFromRequest(req);
\r
if (map.get("err") != null) {
\r
\r
Map<String, String> map = buildMapFromRequest(req);
\r
if (map.get("err") != null) {
\r
-
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "Invalid arguments: " + map.get("err")
);
\r
+
sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, "Invalid arguments: " + map.get("err"), eventlogger
);
\r
return;
\r
}
\r
// check Accept: header??
\r
\r
resp.setStatus(HttpServletResponse.SC_OK);
\r
resp.setContentType(LOGLIST_CONTENT_TYPE);
\r
return;
\r
}
\r
// check Accept: header??
\r
\r
resp.setStatus(HttpServletResponse.SC_OK);
\r
resp.setContentType(LOGLIST_CONTENT_TYPE);
\r
- ServletOutputStream out = resp.getOutputStream();
\r
\r
String outputType = "json";
\r
String feedids = null;
\r
\r
if (req.getParameter("feedid") == null && req.getParameter("groupid") == null) {
\r
\r
String outputType = "json";
\r
String feedids = null;
\r
\r
if (req.getParameter("feedid") == null && req.getParameter("groupid") == null) {
\r
- out.print("Invalid request, Feedid or Group ID is required.");
\r
+ try {
\r
+ resp.getOutputStream().print("Invalid request, Feedid or Group ID is required.");
\r
+ } catch (IOException ioe) {
\r
+ eventlogger.error("IOException: " + ioe.getMessage());
\r
+ }
\r
}
\r
\r
if (req.getParameter("feedid") != null && req.getParameter("groupid") == null) {
\r
}
\r
\r
if (req.getParameter("feedid") != null && req.getParameter("groupid") == null) {
\r
@@
-114,10
+118,8
@@
public class StatisticsServlet extends BaseServlet {
System.out.println("groupid1" + groupid1.toString());
\r
\r
\r
System.out.println("groupid1" + groupid1.toString());
\r
\r
\r
- } catch (NumberFormatException e) {
\r
- e.printStackTrace();
\r
- } catch (SQLException e) {
\r
- e.printStackTrace();
\r
+ } catch (NumberFormatException | SQLException e) {
\r
+ eventlogger.error(e.getMessage());
\r
}
\r
}
\r
if (req.getParameter("groupid") != null && req.getParameter("feedid") != null) {
\r
}
\r
}
\r
if (req.getParameter("groupid") != null && req.getParameter("feedid") != null) {
\r
@@
-135,10
+137,8
@@
public class StatisticsServlet extends BaseServlet {
System.out.println("groupid1" + groupid1.toString());
\r
\r
\r
System.out.println("groupid1" + groupid1.toString());
\r
\r
\r
- } catch (NumberFormatException e) {
\r
- e.printStackTrace();
\r
- } catch (SQLException e) {
\r
- e.printStackTrace();
\r
+ } catch (NumberFormatException | SQLException e) {
\r
+ eventlogger.error(e.getMessage());
\r
}
\r
}
\r
\r
}
\r
}
\r
\r
@@
-179,8
+179,11
@@
public class StatisticsServlet extends BaseServlet {
if (req.getParameter("output_type") != null) {
\r
outputType = req.getParameter("output_type");
\r
}
\r
if (req.getParameter("output_type") != null) {
\r
outputType = req.getParameter("output_type");
\r
}
\r
-
\r
- this.getRecordsForSQL(map, outputType, out, resp);
\r
+ try {
\r
+ this.getRecordsForSQL(map, outputType, resp.getOutputStream(), resp);
\r
+ } catch (IOException ioe) {
\r
+ eventlogger.error("IOException: " + ioe.getMessage());
\r
+ }
\r
\r
}
\r
\r
\r
}
\r
\r
@@
-288,7
+291,7
@@
public class StatisticsServlet extends BaseServlet {
System.out.println("feedIds" + feedIds.toString());
\r
}
\r
} catch (SQLException e) {
\r
System.out.println("feedIds" + feedIds.toString());
\r
}
\r
} catch (SQLException e) {
\r
- e
.printStackTrace(
);
\r
+ e
ventlogger.error(e.getMessage()
);
\r
} finally {
\r
try {
\r
if (resultSet != null) {
\r
} finally {
\r
try {
\r
if (resultSet != null) {
\r
@@
-299,7
+302,7
@@
public class StatisticsServlet extends BaseServlet {
db.release(conn);
\r
}
\r
} catch (Exception e) {
\r
db.release(conn);
\r
}
\r
} catch (Exception e) {
\r
- e
.printStackTrace(
);
\r
+ e
ventlogger.error(e.getMessage()
);
\r
}
\r
}
\r
return feedIds;
\r
}
\r
}
\r
return feedIds;
\r
@@
-399,26
+402,26
@@
public class StatisticsServlet extends BaseServlet {
* PUT a Statistics URL -- not supported.
\r
*/
\r
@Override
\r
* PUT a Statistics URL -- not supported.
\r
*/
\r
@Override
\r
- public void doPut(HttpServletRequest req, HttpServletResponse resp)
throws IOException
{
\r
+ public void doPut(HttpServletRequest req, HttpServletResponse resp) {
\r
String message = "PUT not allowed for the StatisticsURL.";
\r
EventLogRecord elr = new EventLogRecord(req);
\r
elr.setMessage(message);
\r
elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
\r
eventlogger.info(elr);
\r
String message = "PUT not allowed for the StatisticsURL.";
\r
EventLogRecord elr = new EventLogRecord(req);
\r
elr.setMessage(message);
\r
elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
\r
eventlogger.info(elr);
\r
-
resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, message
);
\r
+
sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger
);
\r
}
\r
\r
/**
\r
* POST a Statistics URL -- not supported.
\r
*/
\r
@Override
\r
}
\r
\r
/**
\r
* POST a Statistics URL -- not supported.
\r
*/
\r
@Override
\r
- public void doPost(HttpServletRequest req, HttpServletResponse resp)
throws IOException
{
\r
+ public void doPost(HttpServletRequest req, HttpServletResponse resp) {
\r
String message = "POST not allowed for the StatisticsURL.";
\r
EventLogRecord elr = new EventLogRecord(req);
\r
elr.setMessage(message);
\r
elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
\r
eventlogger.info(elr);
\r
String message = "POST not allowed for the StatisticsURL.";
\r
EventLogRecord elr = new EventLogRecord(req);
\r
elr.setMessage(message);
\r
elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
\r
eventlogger.info(elr);
\r
-
resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, message
);
\r
+
sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger
);
\r
}
\r
\r
private Map<String, String> buildMapFromRequest(HttpServletRequest req) {
\r
}
\r
\r
private Map<String, String> buildMapFromRequest(HttpServletRequest req) {
\r
@@
-562,18
+565,15
@@
public class StatisticsServlet extends BaseServlet {
}
\r
}
\r
} catch (SQLException e) {
\r
}
\r
}
\r
} catch (SQLException e) {
\r
- e
.printStackTrace(
);
\r
+ e
ventlogger.error("SQLException:" + e
);
\r
}
\r
intlogger.debug("Time: " + (System.currentTimeMillis() - start) + " ms");
\r
} catch (IOException e) {
\r
eventlogger.error("IOException - Generating JSON/CSV:" + e);
\r
}
\r
intlogger.debug("Time: " + (System.currentTimeMillis() - start) + " ms");
\r
} catch (IOException e) {
\r
eventlogger.error("IOException - Generating JSON/CSV:" + e);
\r
- e.printStackTrace();
\r
} catch (JSONException e) {
\r
eventlogger.error("JSONException - executing SQL query:" + e);
\r
} catch (JSONException e) {
\r
eventlogger.error("JSONException - executing SQL query:" + e);
\r
- e.printStackTrace();
\r
} catch (ParseException e) {
\r
eventlogger.error("ParseException - executing SQL query:" + e);
\r
} catch (ParseException e) {
\r
eventlogger.error("ParseException - executing SQL query:" + e);
\r
- e.printStackTrace();
\r
}
\r
}
\r
}
\r
}
\r
}
\r
}
\r