Merge "Fix NPE & other sonar issues"

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index b1b0266..1fb4b86 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -5,6 +5,53 @@
 
 Portal Platform Release Notes
 =============================
+Version: 2.6.0
+--------------
+:Release Date: 2019-10-03
+
+.. toctree::
+    :maxdepth: 1
+
+Maintanance release with bug fixes and security enhancements.
+
+**No New Features**
+
+**Bug Fixes**
+        * Portal Setup - MariaDB issue.
+        * Issue editing application url.
+        * PORTAL-* charts now use nodePortPrefix variable.
+        * Fixed Sonar reported critical issues.
+
+**Known Issues**
+
+**Security Notes**
+        * Security Enhancements - Fixed OJSI issues.
+        * Addressed security issues reported by NexusIQ Critical and Severe issues
+
+Quick Links:
+     - `PORTAL project page <https://wiki.onap.org/display/DW/Portal+Platform+Project>`_
+        
+     - `Passing Badge information for PORTAL <https://bestpractices.coreinfrastructure.org/en/projects/1441>`_
+
+     - `Project Vulnerability Review Table for PORTAL <https://wiki.onap.org/pages/viewpage.action?pageId=68542388>`_
+
+**Upgrade Notes**
+        * For https Apps onboarded to portal, a certificate has to be downloaded in the browser when first trying to access the landing page of the App.
+        * For onboarded Apps using http (since Portal is using https) the browser asks the user to click to Proceed to the unsafe URL.
+        * For onboarded Apps using http the icon in the URL bar will appear red, click on it and allow unsafe scripts.
+        * The first time some apps are selected in the Applications panel, an error stating the webpage might be temporarily down, copy the presented URL to a new browser; once that is done, the application will open in the Portal.
+
+**Deprecation Notes**
+
+**Other**
+        * Below are the docker images released as part of Portal Platform project:
+        * onap/portal-app:2.6.0
+        * onap/portal-db:2.6.0
+        * onap/portal-sdk:2.6.0
+        * onap/portal-wms:2.6.0
+        * portal/sdk java artifacts - (Release branch: “release-2.6.0”)
+
+               
 Version: 2.5.0
 --------------
 :Release Date: 2019-06-13

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java
index 9feecec..0be0d35 100644 (file)
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java
@@ -789,7 +789,8 @@ public class AppsController extends EPRestrictedBaseController {
                                EcompPortalUtils.setBadPermissions(user, response, "postOnboardingApps");
                        } else {
                                newOnboardingApp.normalize();
-                               checkIfNameSpaceIsValid(newOnboardingApp, fieldsValidator, response);
+                               if(newOnboardingApp.isCentralAuth != null && newOnboardingApp.isCentralAuth)
+                                       checkIfNameSpaceIsValid(newOnboardingApp, fieldsValidator, response);
                                fieldsValidator = appService.addOnboardingApp(newOnboardingApp, user);
                                response.setStatus(fieldsValidator.httpStatusCode.intValue());
                        }

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WidgetsController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WidgetsController.java
index 45035a2..b718d56 100644 (file)
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WidgetsController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WidgetsController.java
@@ -121,17 +121,18 @@ public class WidgetsController extends EPRestrictedBaseController {
                        @RequestBody OnboardingWidget onboardingWidget, HttpServletResponse response) {
                EPUser user = EPUserUtils.getUserSession(request);
                FieldsValidator fieldsValidator = null;
-               if (onboardingWidget!=null){
-                       if(!dataValidator.isValid(onboardingWidget)){
+               if (onboardingWidget!=null && !dataValidator.isValid(onboardingWidget)){
                                fieldsValidator = new FieldsValidator();
                                fieldsValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE);
                                return fieldsValidator;
-                       }
                }
 
                if (userHasPermissions(user, response, "putOnboardingWidget")) {
-                       onboardingWidget.id = widgetId; // !
-                       onboardingWidget.normalize();
+            if (onboardingWidget != null) {
+                onboardingWidget.id = widgetId; // !
+                onboardingWidget.normalize();
+            }
+
                        fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
                        response.setStatus(fieldsValidator.httpStatusCode.intValue());
                }
@@ -146,17 +147,18 @@ public class WidgetsController extends EPRestrictedBaseController {
                EPUser user = EPUserUtils.getUserSession(request);
                FieldsValidator fieldsValidator = null;
 
-               if (onboardingWidget!=null){
-                       if(!dataValidator.isValid(onboardingWidget)){
+               if (onboardingWidget!=null && !dataValidator.isValid(onboardingWidget)){
                                fieldsValidator = new FieldsValidator();
                                fieldsValidator.setHttpStatusCode((long)HttpServletResponse.SC_NOT_ACCEPTABLE);
                                return fieldsValidator;
-                       }
                }
 
                if (userHasPermissions(user, response, "postOnboardingWidget")) {
-                       onboardingWidget.id = null; // !
-                       onboardingWidget.normalize();
+                   
+            if (onboardingWidget != null) {
+                onboardingWidget.id = null; // !
+                onboardingWidget.normalize();
+            }
                        fieldsValidator = widgetService.setOnboardingWidget(user, onboardingWidget);
                        response.setStatus(fieldsValidator.httpStatusCode.intValue());
                }

diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
index 43449b3..2bf10e4 100644 (file)
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
@@ -297,15 +297,18 @@ public class ExternalAppConfig extends AppConfig implements Configurable {
         * @return New instance of {@link SchedulerFactoryBean}
         */
 
-/*     @Bean
+   /*  
+    @Bean
        public EPUebHelper epUebHelper() {
                return new EPUebHelper();
        }
-*/
+
        @Bean
        public HealthMonitor healthMonitor() {
                return new HealthMonitor();
        }
+       */
+       
 
        /**
         * Creates and returns a new instance of a {@link MainUebHandler}.

diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/DomainVo.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/DomainVo.java
index 6901aee..a965c62 100644 (file)
--- a/portal-BE/src/main/java/org/onap/portal/domain/dto/DomainVo.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/DomainVo.java
@@ -54,7 +54,9 @@ import lombok.Getter;
 import lombok.NoArgsConstructor;
 import lombok.Setter;
 import org.onap.portal.domain.db.fn.FnUser;
+import org.onap.portal.utils.EcompPortalUtils;
 import org.onap.portalsdk.core.domain.FusionVo;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 
 @Getter
 @Setter
@@ -73,7 +75,8 @@ public class DomainVo extends FusionVo implements Serializable, Cloneable, Compa
        protected Long rowNum;
        protected Serializable auditUserId;
        protected Set auditTrail = null;
-
+       private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(DomainVo.class);
+       
        @Override
        public int compareTo(Object obj) {
               Long c1 = this.getId();
@@ -99,7 +102,7 @@ public class DomainVo extends FusionVo implements Serializable, Cloneable, Compa
                             newVo.setId(null);
                      }
               } catch (Exception var8) {
-                     var8.printStackTrace();
+                  logger.error("exception occured",var8);
               }
 
               return newVo;