Code Review / policy / engine.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Fix all bugs reported by Sonar in policy/engine
[policy/engine.git] / ONAP-PAP-REST / src / main / java / org / onap / policy / pap / xacml / rest / controller / PushPolicyController.java
diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java
index 9c25b3a..397904f 100644 (file)
--- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java
+++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java
@@ -62,6 +62,9 @@ public class PushPolicyController {
        private static String errorMsg  = "error";
        private static String operation = "operation";
        private static String messageContent = "message";
+       
+       private static final String REGEX = "[0-9a-zA-Z._ ]*";
+       
        @Autowired
        public PushPolicyController(CommonClassDao commonClassDao){
                PushPolicyController.commonClassDao = commonClassDao;
@@ -128,12 +131,12 @@ public class PushPolicyController {
                }
                if(selectedPDPGroup==null){
                        String message = "Unknown groupId '" + selectedPDPGroup + "'";
+                       if(!message.matches(REGEX) ){
+                               message = "Unknown groupId";
+                       }
                        PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + " " + message);
                        response.addHeader(errorMsg, "unknownGroupId");
                        response.addHeader(operation, "push");
-                       //for fixing Header Manipulation of Fortify issue
-                       message = message.replace("\n", "");
-                       message = message.replace("\r", "");
                        response.addHeader(messageContent, message);
                        response.setStatus(HttpServletResponse.SC_NOT_FOUND);
                        return;
@@ -158,10 +161,8 @@ public class PushPolicyController {
                        return;
                }
                File temp = new File(policyName);
-               try {
-                       BufferedWriter bw = new BufferedWriter(new FileWriter(temp));
+               try (BufferedWriter bw = new BufferedWriter(new FileWriter(temp))){
                        bw.write(policyEntity.getPolicyData());
-                       bw.close();
                        URI selectedURI = temp.toURI();
                        // Create the policy Object
                        selectedPolicy = new StdPDPPolicy(policyName, true, policyID, selectedURI);
-- Archived 06/09/2021