Fix Fortify Scan Issue:

[policy/engine.git] / POLICY-SDK-APP / src / main / java / org / onap / policy / admin / PolicyRestController.java
diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyRestController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyRestController.java

index 64b8813..801d4ec 100644 (file)
--- a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyRestController.java
+++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyRestController.java
@@ -2,7 +2,7 @@
   * ============LICENSE_START=======================================================
   * ONAP Policy Engine
   * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
   * ================================================================================
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
@@ -66,7 +66,7 @@ import org.springframework.web.bind.annotation.RestController;
  import org.springframework.web.client.HttpClientErrorException;
  import org.springframework.web.client.RestTemplate;
  import org.springframework.web.servlet.ModelAndView;
-
+import org.onap.policy.utils.CryptoUtils;
  import com.att.research.xacml.util.XACMLProperties;
  import com.fasterxml.jackson.databind.DeserializationFeature;
  import com.fasterxml.jackson.databind.JsonNode;
@@ -131,7 +131,7 @@ public class PolicyRestController extends RestrictedBaseController{
                                         policyData.setDomainDir(dirName + root.get(PolicyController.getPolicydata()).get(modal).get("name").toString().replace("\"", ""));
                                 }
                         }else{
-                               String domain = root.get(PolicyController.getPolicydata()).get("model").get("name").toString();
+                               String domain = root.get(PolicyController.getPolicydata()).get(modal).get("name").toString();
                                 if(domain.contains("/")){
                                         domain = domain.substring(0, domain.lastIndexOf('/')).replace("/", File.separator);
                                 }
@@ -141,14 +141,11 @@ public class PolicyRestController extends RestrictedBaseController{
  
                         if(policyData.getConfigPolicyType() != null){
                                 if("ClosedLoop_Fault".equalsIgnoreCase(policyData.getConfigPolicyType())){
-                                       CreateClosedLoopFaultController faultController = new CreateClosedLoopFaultController();
-                                       policyData = faultController.setDataToPolicyRestAdapter(policyData, root);
+                                       policyData = new CreateClosedLoopFaultController().setDataToPolicyRestAdapter(policyData, root);
                                 }else if("Firewall Config".equalsIgnoreCase(policyData.getConfigPolicyType())){
-                                       CreateFirewallController fwController = new CreateFirewallController();
-                                       policyData = fwController.setDataToPolicyRestAdapter(policyData);
+                                       policyData = new CreateFirewallController().setDataToPolicyRestAdapter(policyData);
                                 }else if("Micro Service".equalsIgnoreCase(policyData.getConfigPolicyType())){
-                                       CreateDcaeMicroServiceController msController = new CreateDcaeMicroServiceController();
-                                       policyData = msController.setDataToPolicyRestAdapter(policyData, root);
+                                       policyData = new CreateDcaeMicroServiceController().setDataToPolicyRestAdapter(policyData, root);
                                 }
                         }
  
@@ -198,7 +195,7 @@ public class PolicyRestController extends RestrictedBaseController{
         private ResponseEntity<?> sendToPAP(String body, String requestURI, HttpMethod method){
                 String papUrl = PolicyController.getPapUrl();
                 String papID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID);
-               String papPass = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS);
+               String papPass = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS));
  
                 Base64.Encoder encoder = Base64.getEncoder();
                 String encoding = encoder.encodeToString((papID+":"+papPass).getBytes(StandardCharsets.UTF_8));
@@ -248,7 +245,7 @@ public class PolicyRestController extends RestrictedBaseController{
                 String boundary = null;
                 String papUrl = PolicyController.getPapUrl();
                 String papID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID);
-               String papPass = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS);
+               String papPass = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS));
         
                 Base64.Encoder encoder = Base64.getEncoder();
                 String encoding = encoder.encodeToString((papID+":"+papPass).getBytes(StandardCharsets.UTF_8));
@@ -372,7 +369,7 @@ public class PolicyRestController extends RestrictedBaseController{
         @RequestMapping(value={"/getDictionary/*"}, method={RequestMethod.GET})
         public void getDictionaryController(HttpServletRequest request, HttpServletResponse response){
                 String uri = request.getRequestURI().replace("/getDictionary", "");
-               String body = null;
+               String body;
                 ResponseEntity<?> responseEntity = sendToPAP(null, uri, HttpMethod.GET);
                 if(responseEntity != null){
                         body = responseEntity.getBody().toString();
@@ -387,7 +384,7 @@ public class PolicyRestController extends RestrictedBaseController{
         }
         
         @RequestMapping(value={"/saveDictionary/*/*"}, method={RequestMethod.POST})
-       public ModelAndView saveDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException{
+       public void saveDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException{
                 String userId = "";
                 String uri = request.getRequestURI().replace("/saveDictionary", "");
                 if(uri.startsWith("/")){
@@ -404,12 +401,15 @@ public class PolicyRestController extends RestrictedBaseController{
                 policyLogger.info("***********************************************************************************************************************************");
                 
                 String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim());
-               response.getWriter().write(body);
-               return null;
+               if(body != null && !body.isEmpty()){
+                       response.getWriter().write(body);
+               }else{
+                       response.getWriter().write("Failed");
+               }               
         }
         
         @RequestMapping(value={"/deleteDictionary/*/*"}, method={RequestMethod.POST})
-       public ModelAndView deletetDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException {
+       public void deletetDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException {
                 String uri = request.getRequestURI().replace("/deleteDictionary", "");
                 if(uri.startsWith("/")){
                         uri = uri.substring(uri.indexOf('/')+1);
@@ -422,13 +422,16 @@ public class PolicyRestController extends RestrictedBaseController{
                 policyLogger.info("*************************************************************************************************************************************");
                 
                 String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim());
-               response.getWriter().write(body);
-               return null;
+               if(body != null && !body.isEmpty()){
+                       response.getWriter().write(body);
+               }else{
+                       response.getWriter().write("Failed");
+               }               
         }
         
         @RequestMapping(value={"/searchDictionary"}, method={RequestMethod.POST})
         public ModelAndView searchDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException {
-               Object resultList = null;
+               Object resultList;
                 String uri = request.getRequestURI();
                 if(uri.startsWith("/")){
                         uri = uri.substring(uri.indexOf('/')+1);
@@ -461,7 +464,7 @@ public class PolicyRestController extends RestrictedBaseController{
         
         @RequestMapping(value={"/searchPolicy"}, method={RequestMethod.POST})
         public ModelAndView searchPolicy(HttpServletRequest request, HttpServletResponse response) throws IOException{
-               Object resultList = null;
+               Object resultList;
                 String uri = request.getRequestURI()+"?action=search";
                 if(uri.startsWith("/")){
                         uri = uri.substring(uri.indexOf('/')+1);
@@ -474,7 +477,9 @@ public class PolicyRestController extends RestrictedBaseController{
                         resultList = json.get("policyresult");
                 }catch(Exception e){
                         List<String> data = new ArrayList<>();
-                       data.add("Elastic Search Server is down");
+                       resultList = json.get("data");
+                       data.add("Exception");
+                       data.add(resultList.toString());
                         resultList = data;
                         policyLogger.error("Exception Occured while searching for Policy in Elastic Database" +e);
                 }
@@ -493,5 +498,10 @@ public class PolicyRestController extends RestrictedBaseController{
                 String uri = "searchPolicy?action=delete&policyName='"+fileName+"'";
                 callPAP(null, "POST", uri.trim());
         }
+       
+       public String notifyOtherPAPSToUpdateConfigurations(String mode, String newName, String oldName){
+               String uri = "onap/notifyOtherPAPs?action="+mode+"&newPolicyName="+newName+"&oldPolicyName="+oldName+"";
+               return callPAP(null, "POST", uri.trim());
+       }
  
  }