Gitiles
Code Review Sign In
gerrit.nordix.org / onap / policy / gui / 510ac390315ad3e6f97a86d9475252a717fd20f0^! / .
commit510ac390315ad3e6f97a86d9475252a717fd20f0[log] [tgz]
authordanielhanrahan <daniel.hanrahan@est.tech>Wed Mar 02 20:32:45 2022 +0000
committerdanielhanrahan <daniel.hanrahan@est.tech>Wed Mar 02 21:07:08 2022 +0000
treec5b8e1fdb57d2192cec3f2c120b24a1cbc3ceba4
parent68d8522852e49d5553418cc19981fda25cf90d7e [diff]
Fix sonar security issues in policy-gui

Suppress warnings regarding use of @RequestMapping without HTTP method.
It is intentional that these proxy methods handle all requests.

Issue-ID: POLICY-3638
Signed-off-by: danielhanrahan <daniel.hanrahan@est.tech>
Change-Id: I79ce6ef994fcbac17d5d8226eedfd98885e2cdbf

diff --git a/gui-server/src/main/java/org/onap/policy/gui/server/rest/ApexEditorRestController.java b/gui-server/src/main/java/org/onap/policy/gui/server/rest/ApexEditorRestController.java
index a4b92ef..3d7b49f 100644
--- a/gui-server/src/main/java/org/onap/policy/gui/server/rest/ApexEditorRestController.java
+++ b/gui-server/src/main/java/org/onap/policy/gui/server/rest/ApexEditorRestController.java

@@ -33,6 +33,7 @@
     /**
      * Strip /apex-editor prefix from Apex Editor rest calls.
      */
+    @SuppressWarnings("java:S3752") // Suppress warning about RequestMapping without HTTP method.
     @RequestMapping("/**")
     public ModelAndView forwardApexEditorRest(ModelMap model, HttpServletRequest request) {
         String targetUrl = request.getRequestURI().replaceFirst("^/apex-editor", "");

diff --git a/gui-server/src/main/java/org/onap/policy/gui/server/rest/ClampRestController.java b/gui-server/src/main/java/org/onap/policy/gui/server/rest/ClampRestController.java
index 1975f37..b13003c 100644
--- a/gui-server/src/main/java/org/onap/policy/gui/server/rest/ClampRestController.java
+++ b/gui-server/src/main/java/org/onap/policy/gui/server/rest/ClampRestController.java

@@ -51,6 +51,7 @@
     /**
      * Proxy rest calls to clamp backend.
      */
+    @SuppressWarnings("java:S3752") // Suppress warning about RequestMapping without HTTP method.
     @RequestMapping("/**")
     public ResponseEntity<String> mirrorRest(@RequestBody(required = false) String body,
                                              @RequestHeader HttpHeaders headers,