X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ONAP-PAP-REST%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fpolicy%2Fpap%2Fxacml%2Frest%2Felk%2Fclient%2FElkConnectorImpl.java;h=d87e75f7135fe69b3a74a349da8a43de138dbfe7;hb=5805752884388261d7183e88a8ae633ebf3a46d6;hp=88f9e2c877c2e40c2cf509edaf2dc0e57fdceaab;hpb=cbc5914ca2c1770797f6ad2a05ea9d7c30a55b63;p=policy%2Fengine.git diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElkConnectorImpl.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElkConnectorImpl.java index 88f9e2c87..d87e75f71 100644 --- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElkConnectorImpl.java +++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/elk/client/ElkConnectorImpl.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP-PAP-REST * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -101,6 +101,9 @@ public class ElkConnectorImpl implements ElkConnector{ throw e; } } + private boolean isAlphaNumeric(String query){ + return query.matches("[a-zA-Z_0-9]+"); + } @Override public JestResult search(PolicyIndexType type, String text) throws IllegalStateException, IllegalArgumentException { @@ -112,6 +115,10 @@ public class ElkConnectorImpl implements ElkConnector{ throw new IllegalArgumentException("No search string provided"); } + if(!isAlphaNumeric(text)){ + throw new IllegalArgumentException("Search must be alpha numeric"); + } + QueryStringQueryBuilder mQ = QueryBuilders.queryStringQuery("*"+text+"*"); SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder().query(mQ); @@ -159,7 +166,7 @@ public class ElkConnectorImpl implements ElkConnector{ String errorMessage = result.getErrorMessage(); if (errorMessage != null && !errorMessage.isEmpty()) { - String xMessage = errorMessage; + String xMessage; if (errorMessage.contains("TokenMgrError")) { int indexError = errorMessage.lastIndexOf("TokenMgrError"); xMessage = "Invalid Search Expression. Details: " + errorMessage.substring(indexError); @@ -198,6 +205,10 @@ public class ElkConnectorImpl implements ElkConnector{ return search(type, text); } + if(!isAlphaNumeric(text)){ + throw new IllegalArgumentException("Search must be alpha numeric"); + } + String matches_s = ""; matches_s = "{\n" + " \"size\" : "+ ElkConnectorImpl.QUERY_MAXRECORDS + ",\n" + @@ -338,13 +349,13 @@ public class ElkConnectorImpl implements ElkConnector{ if (result.isSucceeded()) { if (LOGGER.isInfoEnabled()) - LOGGER.info("OK: PUT operation of " + "->" + ": " + + LOGGER.info("ElkConnector: OK: PUT operation of " + "->" + ": " + "success=" + result.isSucceeded() + "[" + result.getResponseCode() + ":" + result.getPathToResult() + "]" + System.lineSeparator() + result.getJsonString()); } else { if (LOGGER.isWarnEnabled()) - LOGGER.warn("FAILURE: PUT operation of "+ "->" + ": " + + LOGGER.warn("ElkConnector: FAILURE: PUT operation of "+ "->" + ": " + "success=" + result.isSucceeded() + "[" + result.getResponseCode() + ":" + result.getPathToResult() + "]" + System.lineSeparator() + result.getJsonString());