Merge "Tried to Fix Some Vulnerability Issues"
[holmes/rule-management.git] / rulemgt / src / main / java / org / onap / holmes / rulemgt / resources / RuleMgtResources.java
index dc21e0d..445c2f9 100644 (file)
@@ -1,17 +1,15 @@
 /**\r
- * Copyright 2017 ZTE Corporation.\r
+ * Copyright 2017-2020 ZTE Corporation.\r
  *\r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except\r
+ * in compliance with the License. You may obtain a copy of the License at\r
  *\r
- *     http://www.apache.org/licenses/LICENSE-2.0\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
  *\r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
+ * Unless required by applicable law or agreed to in writing, software distributed under the License\r
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express\r
+ * or implied. See the License for the specific language governing permissions and limitations under\r
+ * the License.\r
  */\r
 package org.onap.holmes.rulemgt.resources;\r
 \r
@@ -20,26 +18,11 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;\r
 import io.swagger.annotations.ApiParam;\r
 import io.swagger.annotations.SwaggerDefinition;\r
-import java.io.IOException;\r
-import java.util.Locale;\r
-import javax.inject.Inject;\r
-import javax.servlet.http.HttpServletRequest;\r
-import javax.ws.rs.DELETE;\r
-import javax.ws.rs.GET;\r
-import javax.ws.rs.POST;\r
-import javax.ws.rs.PUT;\r
-import javax.ws.rs.Path;\r
-import javax.ws.rs.PathParam;\r
-import javax.ws.rs.Produces;\r
-import javax.ws.rs.QueryParam;\r
-import javax.ws.rs.core.Context;\r
-import javax.ws.rs.core.MediaType;\r
 import lombok.extern.slf4j.Slf4j;\r
-import net.sf.json.JSONObject;\r
 import org.jvnet.hk2.annotations.Service;\r
 import org.onap.holmes.common.exception.CorrelationException;\r
 import org.onap.holmes.common.utils.ExceptionUtil;\r
-import org.onap.holmes.common.utils.JacksonUtil;\r
+import org.onap.holmes.common.utils.GsonUtil;\r
 import org.onap.holmes.common.utils.LanguageUtil;\r
 import org.onap.holmes.common.utils.UserUtil;\r
 import org.onap.holmes.rulemgt.bean.request.RuleCreateRequest;\r
@@ -51,6 +34,13 @@ import org.onap.holmes.rulemgt.bean.response.RuleQueryListResponse;
 import org.onap.holmes.rulemgt.constant.RuleMgtConstant;\r
 import org.onap.holmes.rulemgt.wrapper.RuleMgtWrapper;\r
 \r
+import javax.inject.Inject;\r
+import javax.servlet.http.HttpServletRequest;\r
+import javax.ws.rs.*;\r
+import javax.ws.rs.core.Context;\r
+import javax.ws.rs.core.MediaType;\r
+import java.util.Locale;\r
+\r
 @Service\r
 @SwaggerDefinition\r
 @Path("/rule")\r
@@ -68,9 +58,10 @@ public class RuleMgtResources {
             response = RuleAddAndUpdateResponse.class)\r
     @Timed\r
     public RuleAddAndUpdateResponse addCorrelationRule(@Context HttpServletRequest request,\r
-            @ApiParam(value = "The request entity of the HTTP call, which comprises \"rulename\"(required), "\r
-                    + "\"loopcontrolname\"(required), \"content\"(required), \"enabled\"(required) "\r
-                    + "and \"description\"(optional)", required = true)\r
+            @ApiParam(value =\r
+                    "The request entity of the HTTP call, which comprises \"ruleName\"(required), "\r
+                            + "\"loopControlName\"(required), \"content\"(required), \"enabled\"(required) "\r
+                            + "and \"description\"(optional)", required = true)\r
                     RuleCreateRequest ruleCreateRequest) {\r
         Locale locale = LanguageUtil.getLocale(request);\r
         RuleAddAndUpdateResponse ruleChangeResponse;\r
@@ -90,13 +81,15 @@ public class RuleMgtResources {
     @ApiOperation(value = "Update an existing rule; deploy it to the Drools engine if it is enabled.", response = RuleAddAndUpdateResponse.class)\r
     @Timed\r
     public RuleAddAndUpdateResponse updateCorrelationRule(@Context HttpServletRequest request,\r
-            @ApiParam(value = "The request entity of the HTTP call, which comprises \"ruleid\"(required), "\r
-                    + "\"content\"(required), \"enabled\"(required) and \"description\"(optional)", required = true)\r
+            @ApiParam(value =\r
+                    "The request entity of the HTTP call, which comprises \"ruleId\"(required), "\r
+                            + "\"content\"(required), \"enabled\"(required) and \"description\"(optional)", required = true)\r
                     RuleUpdateRequest ruleUpdateRequest) {\r
         Locale locale = LanguageUtil.getLocale(request);\r
         RuleAddAndUpdateResponse ruleChangeResponse;\r
         try {\r
-            ruleChangeResponse = ruleMgtWrapper.updateCorrelationRule(UserUtil.getUserName(request), ruleUpdateRequest);\r
+            ruleChangeResponse = ruleMgtWrapper\r
+                    .updateCorrelationRule(UserUtil.getUserName(request), ruleUpdateRequest);\r
             log.info("update rule:" + ruleUpdateRequest.getRuleId() + " successful");\r
             return ruleChangeResponse;\r
         } catch (CorrelationException e) {\r
@@ -128,17 +121,19 @@ public class RuleMgtResources {
     @ApiOperation(value = "Query rules using certain criteria.", response = RuleQueryListResponse.class)\r
     @Timed\r
     public RuleQueryListResponse getCorrelationRules(@Context HttpServletRequest request,\r
-            @ApiParam(value = "A JSON string used as a query parameter, which comprises \"ruleid\"(optional), "\r
-                    + "\"rulename\"(optional), \"creator\"(optional), "\r
-                    + "\"modifier\"(optional) and \"enabled\"(optional). E.g. {\"ruleid\":\"rule_1484727187317\"}",\r
+            @ApiParam(value =\r
+                    "A JSON string used as a query parameter, which comprises \"ruleid\"(optional), "\r
+                            + "\"rulename\"(optional), \"creator\"(optional), "\r
+                            + "\"modifier\"(optional) and \"enabled\"(optional). E.g. {\"ruleid\":\"rule_1484727187317\"}",\r
                     required = false) @QueryParam("queryrequest") String ruleQueryRequest) {\r
         Locale locale = LanguageUtil.getLocale(request);\r
         RuleQueryListResponse ruleQueryListResponse;\r
+\r
         RuleQueryCondition ruleQueryCondition = getRuleQueryCondition(ruleQueryRequest, request);\r
         try {\r
             ruleQueryListResponse = ruleMgtWrapper\r
                     .getCorrelationRuleByCondition(ruleQueryCondition);\r
-            log.info("query rule successful by condition:" + JSONObject.fromObject(ruleQueryCondition));\r
+            log.info("query rule successful by condition:" + ruleQueryCondition);\r
             return ruleQueryListResponse;\r
         } catch (CorrelationException e) {\r
             log.error("query rule failed,cause query condition conversion failure", e);\r
@@ -149,18 +144,16 @@ public class RuleMgtResources {
     private RuleQueryCondition getRuleQueryCondition(String queryRequest,\r
             HttpServletRequest request) {\r
         Locale locale = LanguageUtil.getLocale(request);\r
-        try {\r
-            RuleQueryCondition ruleQueryCondition = JacksonUtil\r
-                    .jsonToBean(queryRequest, RuleQueryCondition.class);\r
-            if (queryRequest == null) {\r
-                ruleQueryCondition.setEnabled(RuleMgtConstant.STATUS_RULE_ALL);\r
-            } else if (queryRequest.indexOf("enabled") == -1) {\r
-                ruleQueryCondition.setEnabled(RuleMgtConstant.STATUS_RULE_ALL);\r
+        RuleQueryCondition ruleQueryCondition = GsonUtil\r
+                .jsonToBean(queryRequest, RuleQueryCondition.class);\r
+        if (queryRequest == null) {\r
+            if (ruleQueryCondition == null) {\r
+                ruleQueryCondition = new RuleQueryCondition();\r
             }\r
-            return ruleQueryCondition;\r
-        } catch (IOException e) {\r
-            log.warn("queryRequest convert to json failed", e);\r
-            throw ExceptionUtil.buildExceptionResponse("The request format is invalid!");\r
+            ruleQueryCondition.setEnabled(RuleMgtConstant.STATUS_RULE_ALL);\r
+        } else if (queryRequest.indexOf("enabled") == -1) {\r
+            ruleQueryCondition.setEnabled(RuleMgtConstant.STATUS_RULE_ALL);\r
         }\r
+        return ruleQueryCondition;\r
     }\r
 }\r