X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FExternalAppsRestfulController.java;h=7615b66067d451a2194f7722dec24a79a436fe69;hb=refs%2Fchanges%2F60%2F97360%2F1;hp=fb0c269b0f9133d306b636b430076583c6bb3245;hpb=24608a9e1450c409dc3870440d29e91cc3a26bb9;p=portal.git

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAppsRestfulController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAppsRestfulController.java
index fb0c269b..7615b660 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAppsRestfulController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAppsRestfulController.java
@@ -4,6 +4,8 @@
  * ===================================================================
  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
  * ===================================================================
+ *  Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
  *
  * Unless otherwise specified, all software contained herein is licensed
  * under the Apache License, Version 2.0 (the "License");
@@ -64,6 +66,8 @@ import org.onap.portalapp.portal.transport.FunctionalMenuItem;
 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
 import org.onap.portalapp.portal.utils.EcompPortalUtils;
 import org.onap.portalapp.portal.utils.PortalConstants;
+import org.onap.portalapp.validation.DataValidator;
+import org.onap.portalapp.validation.SecureString;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.onboarding.crossapi.PortalAPIResponse;
 import org.slf4j.MDC;
@@ -88,6 +92,7 @@ import io.swagger.annotations.ApiOperation;
 public class ExternalAppsRestfulController extends EPRestrictedRESTfulBaseController {
 
 	private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAppsRestfulController.class);
+	private final DataValidator DATA_VALIDATOR = new DataValidator();
 
 	@Autowired
 	private FunctionalMenuService functionalMenuService;
@@ -109,14 +114,21 @@ public class ExternalAppsRestfulController extends EPRestrictedRESTfulBaseContro
 	@ResponseBody
 	public PortalAPIResponse publishNotification(HttpServletRequest request,
 			@RequestBody EpNotificationItem notificationItem) throws Exception {
+
+		if(!DATA_VALIDATOR.isValid(notificationItem)){
+			PortalAPIResponse response = new PortalAPIResponse(false, "failed");
+			return response;
+		}
 		String appKey = request.getHeader("uebkey");
 		EPApp app = findEpApp(appKey);
 		List<Long> postRoleIds = new ArrayList<Long>();
-		for (Long roleId : notificationItem.getRoleIds()) {
-			EPRole role = epRoleService.getRole(app.getId(), roleId);
-			if (role != null)
-				postRoleIds.add(role.getId());
-		}
+		if (app != null) {
+        for (Long roleId : notificationItem.getRoleIds()) {
+            EPRole role = epRoleService.getRole(app.getId(), roleId);
+            if (role != null)
+                postRoleIds.add(role.getId());
+        	}
+    	}
 
 		// --- recreate the user notification object with the POrtal Role Ids
 		EpNotificationItem postItem = new EpNotificationItem();
@@ -151,10 +163,10 @@ public class ExternalAppsRestfulController extends EPRestrictedRESTfulBaseContro
 		try {
 			list = this.getDataAccessService().executeNamedQuery("getMyAppDetailsByUebKey", params, null);
 		} catch (Exception e) {
-			logger.error(EELFLoggerDelegate.errorLogger, "getMyAppDetailsByUebKey failed", e);			
+			logger.error(EELFLoggerDelegate.errorLogger, "getMyAppDetailsByUebKey failed", e);
 		}
 			
-		return (list == null || list.size() == 0) ? null : (EPApp) list.get(0);
+		return (list == null || list.isEmpty()) ? null : (EPApp) list.get(0);
 	}
 
 	@ApiOperation(value = "Gets favorite items within the functional menu for the current user.", response = FavoritesFunctionalMenuItemJson.class, responseContainer="List")