Fixes for sonar critical issues

[policy/engine.git] / POLICY-SDK-APP / src / main / java / org / onap / policy / controller / AutoPushController.java

diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AutoPushController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AutoPushController.java
index 7d601d6..c1468e3 100644 (file)
--- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AutoPushController.java
+++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AutoPushController.java
@@ -38,6 +38,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
+import javax.script.SimpleBindings;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -148,8 +149,11 @@ public class AutoPushController extends RestrictedBaseController{
                        }else{
                                if(!scopes.isEmpty()){
                                        for(String scope : scopes){
-                                               String query = "From PolicyVersion where policy_name like '"+scope+"%' and id > 0";
-                                               List<Object> filterdatas = commonClassDao.getDataByQuery(query);
+                                               scope += "%";
+                                               String query = "From PolicyVersion where policy_name like :scope and id > 0";
+                                               SimpleBindings params = new SimpleBindings();
+                                               params.put("scope", scope);
+                                               List<Object> filterdatas = commonClassDao.getDataByQuery(query, params);
                                                if(filterdatas != null){
                                                        for(int i =0; i < filterdatas.size(); i++){
                                                                data.add(filterdatas.get(i));
@@ -173,7 +177,7 @@ public class AutoPushController extends RestrictedBaseController{
        }
 
        @RequestMapping(value={"/auto_Push/PushPolicyToPDP.htm"}, method={org.springframework.web.bind.annotation.RequestMethod.POST})
-       public ModelAndView PushPolicyToPDPGroup(HttpServletRequest request, HttpServletResponse response) throws Exception {
+       public ModelAndView pushPolicyToPDPGroup(HttpServletRequest request, HttpServletResponse response) throws IOException {
                try {
                        ArrayList<Object> selectedPDPS = new ArrayList<>();
                        ArrayList<String> selectedPoliciesInUI = new ArrayList<>();
@@ -236,8 +240,11 @@ public class AutoPushController extends RestrictedBaseController{
                                                dbCheckName = dbCheckName.replace(".Decision_", ":Decision_");
                                        }
                                        String[] split = dbCheckName.split(":");
-                                       String query = "FROM PolicyEntity where policyName = '"+split[1]+"' and scope ='"+split[0]+"'";
-                                       List<Object> queryData = controller.getDataByQuery(query);
+                                       String query = "FROM PolicyEntity where policyName = :split_1 and scope = :split_0";
+                                       SimpleBindings policyParams = new SimpleBindings();
+                                       policyParams.put("split_1", split[1]);
+                                       policyParams.put("split_0", split[0]);
+                                       List<Object> queryData = controller.getDataByQuery(query, policyParams);
                                        PolicyEntity policyEntity = (PolicyEntity) queryData.get(0);
                                        File temp = new File(name);
                                        BufferedWriter bw = new BufferedWriter(new FileWriter(temp));
@@ -249,7 +256,7 @@ public class AutoPushController extends RestrictedBaseController{
                                                // Create the policy
                                                selectedPolicy = new StdPDPPolicy(name, true, id, selectedURI);
                                        } catch (IOException e) {
-                                               logger.error("Unable to create policy '" + name + "': "+ e.getMessage());
+                                               logger.error("Unable to create policy '" + name + "': "+ e.getMessage(), e);
                                        }
                                        StdPDPGroup selectedGroup = (StdPDPGroup) pdpDestinationGroupId;
                                        if (selectedPolicy != null) {
@@ -312,7 +319,7 @@ public class AutoPushController extends RestrictedBaseController{
                                refreshGroups();
                                JsonMessage msg = new JsonMessage(mapper.writeValueAsString(groups));
                                JSONObject j = new JSONObject(msg);
-                               out.write(j.toString());      
+                               out.write(j.toString());
                                return null;
                        }
                }
@@ -320,6 +327,7 @@ public class AutoPushController extends RestrictedBaseController{
                        response.setCharacterEncoding("UTF-8");
                        request.setCharacterEncoding("UTF-8");
                        PrintWriter out = response.getWriter();
+                       logger.error(e);
                        out.write(e.getMessage());
                }
                return null;
@@ -327,7 +335,7 @@ public class AutoPushController extends RestrictedBaseController{
 
        @SuppressWarnings("unchecked")
        @RequestMapping(value={"/auto_Push/remove_GroupPolicies.htm"}, method={org.springframework.web.bind.annotation.RequestMethod.POST})
-       public ModelAndView removePDPGroup(HttpServletRequest request, HttpServletResponse response) throws Exception {
+       public ModelAndView removePDPGroup(HttpServletRequest request, HttpServletResponse response) throws IOException {
                try {
                        PolicyController controller = getPolicyControllerInstance();
                        this.container = new PDPGroupContainer(controller.getPapEngine());
@@ -369,6 +377,7 @@ public class AutoPushController extends RestrictedBaseController{
                        response.setCharacterEncoding("UTF-8");
                        request.setCharacterEncoding("UTF-8");
                        PrintWriter out = response.getWriter();
+                       logger.error(e);
                        out.write(e.getMessage());
                }
                return null;