import java.util.List;
+import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.validation.ConstraintViolation;
+import javax.validation.Valid;
+import javax.validation.Validation;
+import javax.validation.Validator;
+import javax.validation.ValidatorFactory;
import org.onap.portalapp.controller.EPRestrictedBaseController;
import org.onap.portalapp.portal.domain.MicroserviceData;
import org.onap.portalapp.portal.domain.WidgetCatalog;
@EnableAspectJAutoProxy
@EPAuditLog
public class MicroserviceController extends EPRestrictedBaseController {
+ public static final ValidatorFactory VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory();
String whatService = "widgets-service";
RestTemplate template = new RestTemplate();
@RequestMapping(value = { "/portalApi/microservices" }, method = RequestMethod.POST)
public PortalRestResponse<String> createMicroservice(HttpServletRequest request, HttpServletResponse response,
- @RequestBody MicroserviceData newServiceData) throws Exception {
+ @Valid @RequestBody MicroserviceData newServiceData) throws Exception {
if (newServiceData == null) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE",
- "MicroserviceData cannot be null or empty");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE",
+ "MicroserviceData cannot be null or empty");
+ }else {
+ Validator validator = VALIDATOR_FACTORY.getValidator();
+
+ Set<ConstraintViolation<MicroserviceData>> constraintViolations = validator.validate(newServiceData);
+ if(!constraintViolations.isEmpty()){
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
+ "ERROR", "MicroserviceData is not valid");
+ }
}
long serviceId = microserviceService.saveMicroservice(newServiceData);
try {
microserviceService.saveServiceParameters(serviceId, newServiceData.getParameterList());
} catch (Exception e) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage());
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage());
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", "");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "SUCCESS", "");
}
@RequestMapping(value = { "/portalApi/microservices" }, method = RequestMethod.GET)
public List<MicroserviceData> getMicroservice(HttpServletRequest request, HttpServletResponse response)
throws Exception {
- List<MicroserviceData> list = microserviceService.getMicroserviceData();
- return list;
+ return microserviceService.getMicroserviceData();
}
@RequestMapping(value = { "/portalApi/microservices/{serviceId}" }, method = RequestMethod.PUT)
public PortalRestResponse<String> updateMicroservice(HttpServletRequest request, HttpServletResponse response,
- @PathVariable("serviceId") long serviceId, @RequestBody MicroserviceData newServiceData) throws Exception {
+ @PathVariable("serviceId") long serviceId, @Valid @RequestBody MicroserviceData newServiceData) {
if (newServiceData == null) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE",
- "MicroserviceData cannot be null or empty");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE",
+ "MicroserviceData cannot be null or empty");
+ }else {
+ Validator validator = VALIDATOR_FACTORY.getValidator();
+
+ Set<ConstraintViolation<MicroserviceData>> constraintViolations = validator.validate(newServiceData);
+ if(!constraintViolations.isEmpty()){
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
+ "ERROR", "MicroserviceData is not valid");
+ }
}
try {
microserviceService.updateMicroservice(serviceId, newServiceData);
} catch (Exception e) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage());
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage());
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", "");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "SUCCESS", "");
}
@RequestMapping(value = { "/portalApi/microservices/{serviceId}" }, method = RequestMethod.DELETE)
public PortalRestResponse<String> deleteMicroservice(HttpServletRequest request, HttpServletResponse response,
- @PathVariable("serviceId") long serviceId) throws Exception {
+ @PathVariable("serviceId") long serviceId) {
try {
ParameterizedTypeReference<List<WidgetCatalog>> typeRef = new ParameterizedTypeReference<List<WidgetCatalog>>() {
};
// If this service is assoicated with widgets, cannnot be deleted
- ResponseEntity<List<WidgetCatalog>> ans = (ResponseEntity<List<WidgetCatalog>>) template.exchange(
+ ResponseEntity<List<WidgetCatalog>> ans = template.exchange(
EcompPortalUtils.widgetMsProtocol() + "://" + consulHealthService.getServiceLocation(whatService, SystemProperties.getProperty("microservices.widget.local.port"))
+ "/widget/microservices/widgetCatalog/service/" + serviceId,
HttpMethod.GET, new HttpEntity(WidgetServiceHeaders.getInstance()), typeRef);
else{
StringBuilder sb = new StringBuilder();
for(int i = 0; i < widgets.size(); i++){
- sb.append("'" + widgets.get(i).getName() + "' ");
+ sb.append("'").append(widgets.get(i).getName()).append("' ");
if(i < (widgets.size()-1)){
sb.append(",");
}
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.WARN, "SOME WIDGETS ASSOICATE WITH THIS SERVICE", sb.toString());
+ return new PortalRestResponse<>(PortalRestStatusEnum.WARN, "SOME WIDGETS ASSOICATE WITH THIS SERVICE",
+ sb.toString());
}
} catch (Exception e) {
- return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage());
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "FAILURE", e.getMessage());
}
- return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "SUCCESS", "");
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, "SUCCESS", "");
}
}
@SuppressWarnings("rawtypes")
@Mock
- ResponseEntity<List<WidgetCatalog>> ans = new ResponseEntity<List<WidgetCatalog>>(HttpStatus.OK);
+ ResponseEntity<List<WidgetCatalog>> ans = new ResponseEntity<>(HttpStatus.OK);
@Before
public void setup() {
@Test
public void createMicroserviceIfServiceDataNullTest() throws Exception {
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("FAILURE");
expectedportalRestResponse.setResponse("MicroserviceData cannot be null or empty");
- PortalRestStatusEnum portalRestStatusEnum = null;
- expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
MicroserviceData microserviceData = null;
PortalRestResponse<String> actualportalRestResponse = microserviceController.createMicroservice(mockedRequest,
mockedResponse, microserviceData);
@Test
public void createMicroserviceTest() throws Exception {
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("SUCCESS");
expectedportalRestResponse.setResponse("");
- PortalRestStatusEnum portalRestStatusEnum = null;
- expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
PortalRestResponse<String> actualportalRestResponse = microserviceController.createMicroservice(mockedRequest,
mockedResponse, microserviceData);
assertEquals(actualportalRestResponse, expectedportalRestResponse);
}
+ @Test
+ public void createMicroserviceXSSTest() throws Exception {
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
+ expectedportalRestResponse.setMessage("ERROR");
+ expectedportalRestResponse.setResponse("MicroserviceData is not valid");
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+ MicroserviceData XSSMicroserviceData = new MicroserviceData();
+ XSSMicroserviceData.setActive("<script>alert(123);</script>");
+ XSSMicroserviceData.setName("<script>alert(/XSS”)</script>");
+ PortalRestResponse<String> actualportalRestResponse = microserviceController.createMicroservice(mockedRequest,
+ mockedResponse, XSSMicroserviceData);
+ assertEquals(expectedportalRestResponse, actualportalRestResponse);
+ }
+
@Test
public void createMicroserviceExceptionTest() throws Exception {
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("FAILURE");
expectedportalRestResponse.setResponse(null);
- PortalRestStatusEnum portalRestStatusEnum = null;
- expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
Mockito.when(microserviceService.saveMicroservice(microserviceData)).thenReturn((long) 1);
Mockito.when(microserviceData.getParameterList()).thenThrow(nullPointerException);
PortalRestResponse<String> actualportalRestResponse = microserviceController.createMicroservice(mockedRequest,
}
@Test
- public void updateMicroserviceIfServiceISNullTest() throws Exception {
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ public void updateMicroserviceIfServiceISNullTest() {
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("FAILURE");
expectedportalRestResponse.setResponse("MicroserviceData cannot be null or empty");
- PortalRestStatusEnum portalRestStatusEnum = null;
- expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
MicroserviceData microserviceData = null;
PortalRestResponse<String> actualportalRestResponse = microserviceController.updateMicroservice(mockedRequest,
mockedResponse, 1, microserviceData);
}
@Test
- public void updateMicroserviceTest() throws Exception {
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ public void updateMicroserviceTest() {
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("SUCCESS");
expectedportalRestResponse.setResponse("");
- PortalRestStatusEnum portalRestStatusEnum = null;
- expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
PortalRestResponse<String> actualportalRestResponse = microserviceController.updateMicroservice(mockedRequest,
- mockedResponse, 1, microserviceData);
+ mockedResponse, 1, microserviceData);
assertEquals(actualportalRestResponse, expectedportalRestResponse);
}
@Test
- public void updateMicroserviceExceptionTest() throws Exception {
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ public void updateMicroserviceXSSTest() {
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
+ expectedportalRestResponse.setMessage("ERROR");
+ expectedportalRestResponse.setResponse("MicroserviceData is not valid");
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
+ MicroserviceData XSSMicroserviceData = new MicroserviceData();
+ XSSMicroserviceData.setActive("<script>alert(123);</script>");
+ XSSMicroserviceData.setName("<script>alert(/XSS”)</script>");
+ PortalRestResponse<String> actualportalRestResponse = microserviceController.updateMicroservice(mockedRequest,
+ mockedResponse, 1, XSSMicroserviceData);
+ assertEquals(expectedportalRestResponse, actualportalRestResponse);
+ }
+
+ @Test
+ public void updateMicroserviceExceptionTest() {
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("FAILURE");
expectedportalRestResponse.setResponse(null);
- PortalRestStatusEnum portalRestStatusEnum = null;
- expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
Mockito.when(microserviceController.updateMicroservice(mockedRequest, mockedResponse, 1, microserviceData))
.thenThrow(nullPointerException);
PortalRestResponse<String> actualportalRestResponse = microserviceController.updateMicroservice(mockedRequest,
}
@Test
- public void deleteMicroserviceExceptionTest() throws Exception {
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ public void deleteMicroserviceExceptionTest() {
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("FAILURE");
PowerMockito.mockStatic(EcompPortalUtils.class);
expectedportalRestResponse.setResponse(
- "I/O error on GET request for \"" + EcompPortalUtils.widgetMsProtocol() + "://null/widget/microservices/widgetCatalog/service/1\":null; nested exception is java.net.UnknownHostException: null");
- PortalRestStatusEnum portalRestStatusEnum = null;
- expectedportalRestResponse.setStatus(portalRestStatusEnum.ERROR);
+ "I/O error on GET request for \"" + org.onap.portalapp.portal.utils.EcompPortalUtils.widgetMsProtocol()
+ + "://null/widget/microservices/widgetCatalog/service/1\":null; nested exception is java.net.UnknownHostException: null");
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.ERROR);
PowerMockito.mockStatic(WidgetServiceHeaders.class);
PortalRestResponse<String> actuaPportalRestResponse = microserviceController.deleteMicroservice(mockedRequest,
mockedResponse, 1);
@SuppressWarnings("unchecked")
@Test
public void deleteMicroserviceTest() throws Exception {
- String HTTPS = "https://";
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("SOME WIDGETS ASSOICATE WITH THIS SERVICE");
expectedportalRestResponse.setResponse("'null' ,'null' ");
- PortalRestStatusEnum portalRestStatusEnum = null;
- expectedportalRestResponse.setStatus(portalRestStatusEnum.WARN);
- List<WidgetCatalog> List = new ArrayList<WidgetCatalog>();
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.WARN);
+ List<WidgetCatalog> List = new ArrayList<>();
WidgetCatalog widgetCatalog = new WidgetCatalog();
widgetCatalog.setId(1);
WidgetCatalog widgetCatalog1 = new WidgetCatalog();
ParameterizedTypeReference<List<WidgetCatalog>> typeRef = new ParameterizedTypeReference<List<WidgetCatalog>>() {
};
Mockito.when(template.exchange(
- EcompPortalUtils.widgetMsProtocol() + "://" + consulHealthService.getServiceLocation(whatService, SystemProperties.getProperty("microservices.widget.local.port"))
+ org.onap.portalapp.portal.utils.EcompPortalUtils.widgetMsProtocol() + "://" + consulHealthService.getServiceLocation(whatService, SystemProperties.getProperty("microservices.widget.local.port"))
+ "/widget/microservices/widgetCatalog/service/" + 1,
HttpMethod.GET, new HttpEntity(WidgetServiceHeaders.getInstance()), typeRef)).thenReturn(ans);
@SuppressWarnings("unchecked")
@Test
public void deleteMicroserviceWhenNoWidgetsAssociatedTest() throws Exception {
- PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>();
+ PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<>();
expectedportalRestResponse.setMessage("SUCCESS");
expectedportalRestResponse.setResponse("");
- PortalRestStatusEnum portalRestStatusEnum = null;
- expectedportalRestResponse.setStatus(portalRestStatusEnum.OK);
- List<WidgetCatalog> List = new ArrayList<WidgetCatalog>();
+ expectedportalRestResponse.setStatus(PortalRestStatusEnum.OK);
+ List<WidgetCatalog> List = new ArrayList<>();
PowerMockito.mockStatic(WidgetServiceHeaders.class);
PowerMockito.mockStatic(EcompPortalUtils.class);
String whatService = "widgets-service";
ParameterizedTypeReference<List<WidgetCatalog>> typeRef = new ParameterizedTypeReference<List<WidgetCatalog>>() {
};
Mockito.when(template.exchange(
- EcompPortalUtils.widgetMsProtocol() + "://" + consulHealthService.getServiceLocation(whatService, SystemProperties.getProperty("microservices.widget.local.port"))
+ org.onap.portalapp.portal.utils.EcompPortalUtils.widgetMsProtocol() + "://" + consulHealthService.getServiceLocation(whatService, SystemProperties.getProperty("microservices.widget.local.port"))
+ "/widget/microservices/widgetCatalog/service/" + 1,
HttpMethod.GET, new HttpEntity(WidgetServiceHeaders.getInstance()), typeRef)).thenReturn(ans);
PortalRestResponse<String> actuaPportalRestResponse = microserviceController.deleteMicroservice(mockedRequest,
Code Review / portal.git / commitdiff