Resolved Fortify System Information Leak issues

[policy/engine.git] / POLICY-SDK-APP / src / main / java / org / onap / policy / controller / PolicyNotificationController.java

diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java
index f987f90..707bbac 100644 (file)
--- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java
+++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java
@@ -38,8 +38,9 @@ import org.onap.policy.common.logging.flexlogger.FlexLogger;
 import org.onap.policy.common.logging.flexlogger.Logger;
 import org.onap.policy.rest.dao.CommonClassDao;
 import org.onap.policy.rest.jpa.WatchPolicyNotificationTable;
-import org.openecomp.portalsdk.core.controller.RestrictedBaseController;
-import org.openecomp.portalsdk.core.web.support.UserUtils;
+import org.onap.policy.utils.PolicyUtils;
+import org.onap.portalsdk.core.controller.RestrictedBaseController;
+import org.onap.portalsdk.core.web.support.UserUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -60,7 +61,7 @@ public class PolicyNotificationController extends RestrictedBaseController {
        
        @RequestMapping(value={"/watchPolicy"}, method={org.springframework.web.bind.annotation.RequestMethod.POST})
        public ModelAndView watchPolicy(HttpServletRequest request, HttpServletResponse response) throws IOException{
-               String path = "";
+               StringBuilder path = new StringBuilder();
                String responseValue = "";
                try {
                        String userId = UserUtils.getUserSession(request).getOrgUserId();
@@ -76,9 +77,9 @@ public class PolicyNotificationController extends RestrictedBaseController {
                                for (int i = 0; i < arrayNode.size(); i++) {
                                        JsonNode individualElement = arrayNode.get(i);
                                        if(i == 0){
-                                               path = path + individualElement.toString().replace("\"", "").trim();
+                                               path.append(individualElement.toString().replace("\"", "").trim());
                                        }else{
-                                               path = path + File.separator + individualElement.toString().replace("\"", "").trim();
+                                               path.append(File.separator + individualElement.toString().replace("\"", "").trim());
                                        }
                                }
                        }
@@ -124,7 +125,7 @@ public class PolicyNotificationController extends RestrictedBaseController {
                        request.setCharacterEncoding("UTF-8");
                        logger.error("Error druing watchPolicy function " + e);
                        PrintWriter out = response.getWriter();
-                       out.write(e.getMessage());
+                       out.write(PolicyUtils.CATCH_EXCEPTION);
                }
                return null;
        }