Fixes for sonar critical issues

[policy/engine.git] / POLICY-SDK-APP / src / main / java / org / onap / policy / controller / PolicyExportAndImportController.java

diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyExportAndImportController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyExportAndImportController.java
index d26781c..a6c6bf6 100644 (file)
--- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyExportAndImportController.java
+++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyExportAndImportController.java
@@ -24,6 +24,7 @@ package org.onap.policy.controller;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
+import java.io.IOException;
 import java.io.PrintWriter;
 import java.util.ArrayList;
 import java.util.HashSet;
@@ -32,6 +33,7 @@ import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Set;
 
+import javax.script.SimpleBindings;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -115,7 +117,7 @@ public class PolicyExportAndImportController extends RestrictedBaseController {
        public PolicyExportAndImportController(){}
 
        @RequestMapping(value={"/policy_download/exportPolicy.htm"}, method={org.springframework.web.bind.annotation.RequestMethod.POST})
-       public void exportPolicy(HttpServletRequest request, HttpServletResponse response) throws Exception{
+       public void exportPolicy(HttpServletRequest request, HttpServletResponse response) throws IOException{
                try{
                        String file = null;
                        selectedPolicy = new ArrayList<>();
@@ -201,7 +203,7 @@ public class PolicyExportAndImportController extends RestrictedBaseController {
        }
 
        //Policy Import 
-       public JSONObject importRepositoryFile(String file, HttpServletRequest request) throws Exception{
+       public JSONObject importRepositoryFile(String file, HttpServletRequest request) throws IOException{
                boolean configExists = false;
                boolean actionExists = false;
                String configName = null;
@@ -279,8 +281,11 @@ public class PolicyExportAndImportController extends RestrictedBaseController {
 
                                if(finalColumn){
                                        scope = policyEntity.getScope().replace(".", File.separator);
-                                       String query = "FROM PolicyEntity where policyName = '"+policyEntity.getPolicyName()+"' and scope ='"+policyEntity.getScope()+"'";
-                                       List<Object> queryData = controller.getDataByQuery(query);
+                                       String query = "FROM PolicyEntity where policyName = :policyName and scope = :policyScope";
+                                       SimpleBindings params = new SimpleBindings();
+                                       params.put("policyName", policyEntity.getPolicyName());
+                                       params.put("policyScope", policyEntity.getScope());
+                                       List<Object> queryData = controller.getDataByQuery(query, params);
                                        if(!queryData.isEmpty()){
                                                continue;
                                        }