* Use of CADI
* 68% JUnit Test Coverage
* Addressing security issues
- * Internationalization language support - partially implemented
+ * Angular 6 upgrade delivered foundation code with sample screen
+ * Documentation on the Angular 6 upgrade can be found `here <https://docs.onap.org/en/latest/submodules/portal.git/docs/tutorials/portal-sdk/your-angular-app.html>`_
+ * Internationalization language support - partially implemented.
* Reporting feature enhancement in portal/sdk - design and partial code changes
+ * There is more information about new features at `DEMOS - R4 Dublin Demos <https://wiki.onap.org/display/DW/DEMOS+-+R4+Dublin+Demos>`_
**Bug Fixes**
* Fixed Sonar reported critical issues.
* Mismatch while displaying active online user in Portal.
* Internationalization Language component partially completed.
* Functional Menu change requires manual refresh.
+ * Modifying Onboarded App configurations from the onboarding page malfunctions but changes to the App configuration can be done through accessing the database (portal:fn_app table) directly.
**Security Notes**
* CVE-2019-12317 - Number of XSS vulnerabilities in Portal [`OJSI-15 <https://jira.onap.org/browse/OJSI-15>`_]
* CVE-2019-12122 - ONAP Portal allows to retrieve password of currently active user [`OJSI-65 <https://jira.onap.org/browse/OJSI-65>`_]
* CVE-2019-12121 - ONAP Portal is vulnerable for Padding Oracle attack [`OJSI-92 <https://jira.onap.org/browse/OJSI-92>`_]
- * In defult deployment PORTAL (portal-app) exposes HTTP port 8989 outside of cluster. [`OJSI-97 <https://jira.onap.org/browse/OJSI-97>`_]
- * In defult deployment PORTAL (portal-app) exposes HTTP port 30215 outside of cluster. [`OJSI-105 <https://jira.onap.org/browse/OJSI-105>`_]
- * In defult deployment PORTAL (portal-sdk) exposes HTTP port 30212 outside of cluster. [`OJSI-106 <https://jira.onap.org/browse/OJSI-106>`_]
+ * In default deployment PORTAL (portal-app) exposes HTTP port 8989 outside of cluster. [`OJSI-97 <https://jira.onap.org/browse/OJSI-97>`_]
+ * In default deployment PORTAL (portal-app) exposes HTTP port 30215 outside of cluster. [`OJSI-105 <https://jira.onap.org/browse/OJSI-105>`_]
+ * In default deployment PORTAL (portal-sdk) exposes HTTP port 30212 outside of cluster. [`OJSI-106 <https://jira.onap.org/browse/OJSI-106>`_]
* CVE-2019-12318 - Number of SQL Injections in Portal [`OJSI-174 <https://jira.onap.org/browse/OJSI-174>`_]
* Portal stores users passwords encrypted instead of hashed [`OJSI-190 <https://jira.onap.org/browse/OJSI-190>`_]
package org.onap.portalapp.portal.service;
import java.util.ArrayList;
-import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
-import java.util.SortedSet;
-import java.util.TreeSet;
import java.util.stream.Collectors;
-
import javax.annotation.PostConstruct;
-
import org.apache.cxf.common.util.StringUtils;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.hibernate.Transaction;
import org.json.JSONArray;
import org.json.JSONObject;
-import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
import org.onap.portalapp.portal.domain.EPApp;
import org.onap.portalapp.portal.domain.EPRole;
import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.logging.logic.EPLogUtil;
import org.onap.portalapp.portal.transport.AppNameIdIsAdmin;
import org.onap.portalapp.portal.transport.AppsListWithAdminRole;
-import org.onap.portalapp.portal.transport.EPUserAppCurrentRoles;
import org.onap.portalapp.portal.transport.ExternalAccessUser;
import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
import org.onap.portalapp.portal.utils.EcompPortalUtils;
import org.onap.portalapp.portal.utils.PortalConstants;
import org.onap.portalapp.util.EPUserUtils;
-import org.onap.portalsdk.core.domain.RoleFunction;
-import org.onap.portalsdk.core.domain.User;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.service.DataAccessService;
import org.onap.portalsdk.core.util.SystemProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.client.RestTemplate;
-
import com.fasterxml.jackson.databind.ObjectMapper;
@Service("adminRolesService")
private Long ACCOUNT_ADMIN_ROLE_ID = 999L;
private Long ECOMP_APP_ID = 1L;
public static final String TYPE_APPROVER = "approver";
+ private static final String ADMIN_ACCOUNT= "Is account admin for user {}";
private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesServiceImpl.class);
final Map<String, Long> userParams = new HashMap<>();
userParams.put("userId", user.getId());
- logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
List<Integer> userAdminApps = new ArrayList<>();
userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
Set<String> getRoleFuncListOfPortalSet1=new HashSet<>();
Set<String> roleFunSet = new HashSet<>();
roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")).collect(Collectors.toSet());
- if (roleFunSet.size() > 0)
+ if (!roleFunSet.isEmpty())
for (String roleFunction : roleFunSet) {
String type = externalAccessRolesService.getFunctionCodeType(roleFunction);
getRoleFuncListOfPortalSet1.add(type);
try {
final Map<String, Long> userParams = new HashMap<>();
userParams.put("userId", user.getId());
- logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
List<Integer> userAdminApps = new ArrayList<>();
userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
- if(userAdminApps.size()>=1){
+ if(!userAdminApps.isEmpty()){
isApplicationAccountAdmin=userAdminApps.contains((int) (long) app.getId());
logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),app.getId());
}
Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfPortal);
Set<String> roleFunSet = new HashSet<>();
roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")).collect(Collectors.toSet());
- if (roleFunSet.size() > 0)
+ if (!roleFunSet.isEmpty())
for (String roleFunction : roleFunSet) {
String roleFun = EcompPortalUtils.getFunctionCode(roleFunction);
getRoleFuncListOfPortalSet.remove(roleFunction);
finalRoleFunctionSet.add(EPUserUtils.decodeFunctionCode(roleFn));
}
-// List<String> functionsOfUser = new ArrayList<>(getRoleFuncListOfPortal);
return finalRoleFunctionSet;
}
try {
final Map<String, Long> userParams = new HashMap<>();
userParams.put("userId", user.getId());
- logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
List<Integer> userAdminApps = new ArrayList<>();
userAdminApps =dataAccessService.executeNamedQuery("getAllAdminAppsofTheUser", userParams, null);
- if(userAdminApps.size()>=1){
+ if(!userAdminApps.isEmpty()){
isApplicationAccountAdmin=userAdminApps.contains((int) (long) app.getId());
logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),app.getId());
}