Code Review / dmaap / datarouter.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
DMAAP-DR - Additional parameter validation
[dmaap/datarouter.git] / datarouter-prov / src / main / java / org / onap / dmaap / datarouter / provisioning / StatisticsServlet.java
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java
index 7163a63..4bc3977 100755 (executable)
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/StatisticsServlet.java
@@ -155,22 +155,43 @@ public class StatisticsServlet extends BaseServlet {
         if (req.getParameter("type") != null) {\r
             map.put(EVENT_TYPE, req.getParameter("type").replace("|", ","));\r
         }\r
-        if (req.getParameter(OUTPUT_TYPE) != null && req.getParameter(OUTPUT_TYPE).equals(CSV_OUTPUT_TYPE)) {\r
-            map.put(OUTPUT_TYPE, CSV_OUTPUT_TYPE);\r
-            outputType = CSV_OUTPUT_TYPE;\r
+        if (req.getParameter(OUTPUT_TYPE) != null) {\r
+            map.put(OUTPUT_TYPE, req.getParameter(OUTPUT_TYPE));\r
+            outputType = req.getParameter(OUTPUT_TYPE);\r
         }\r
         if (req.getParameter(OUTPUT_TYPE) != null && req.getParameter(OUTPUT_TYPE).equals(JSON_OUTPUT_TYPE)) {\r
             map.put(OUTPUT_TYPE, JSON_OUTPUT_TYPE);\r
         }\r
         if (req.getParameter(START_TIME) != null) {\r
-            map.put(START_TIME, req.getParameter(START_TIME));\r
+            String start_time = req.getParameter(START_TIME);\r
+            try{\r
+                Long.parseLong(start_time);\r
+                map.put(START_TIME, start_time);\r
+            }\r
+            catch (NumberFormatException e){\r
+                eventlogger.error("Invalid start time StatisticsServlet.doGet: " +  e.getMessage(), e);\r
+            }\r
         }\r
         if (req.getParameter(END_TIME) != null) {\r
-            map.put(END_TIME, req.getParameter(END_TIME));\r
+            String end_time = req.getParameter(END_TIME);\r
+            try{\r
+                Long.parseLong(end_time);\r
+                map.put(END_TIME, end_time);\r
+            }\r
+            catch (NumberFormatException e){\r
+                eventlogger.error("Invalid end time StatisticsServlet.doGet: " +  e.getMessage(), e);\r
+            }\r
         }\r
         if (req.getParameter("time") != null) {\r
-            map.put(START_TIME, req.getParameter("time"));\r
-            map.put(END_TIME, null);\r
+            String time = req.getParameter("time");\r
+            try{\r
+                Long.parseLong(time);\r
+                map.put(START_TIME, time);\r
+                map.put(END_TIME, null);\r
+            }\r
+            catch (NumberFormatException e){\r
+                eventlogger.error("Invalid end time StatisticsServlet.doGet: " +  e.getMessage(), e);\r
+            }\r
         }\r
         try {\r
             this.getRecordsForSQL(map, outputType, resp.getOutputStream(), resp);\r
@@ -180,6 +201,10 @@ public class StatisticsServlet extends BaseServlet {
 \r
     }\r
 \r
+    private boolean validateDateInput(String date){\r
+\r
+        return true;\r
+    }\r
 \r
     /**\r
      * rsToJson - Converting RS to JSON object.\r
The Data Routing System project is intended to provide a common framework by which data producers can make data available to data consumers and a way for potential consumers to find feeds with the data they require. The interface to DR is exposed as a RESTful web service known as the DR Publishing and Delivery API