Search in sources :

Example 1 with ISqlLibraryService

use of org.cerberus.crud.service.ISqlLibraryService in project cerberus-source by cerberustesting.

the class UpdateSqlLibrary method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request  servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException      if an I/O error occurs
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
    JSONObject jsonResponse = new JSONObject();
    ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
    Answer ans = new Answer();
    MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
    msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
    ans.setResultMessage(msg);
    response.setContentType("text/html;charset=UTF-8");
    PrintWriter out = response.getWriter();
    String charset = request.getCharacterEncoding();
    // Parameter that are already controled by GUI (no need to decode) --> We SECURE them
    // Parameter that needs to be secured --> We SECURE+DECODE them
    String name = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("name"), null, charset);
    String type = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("type"), null, charset);
    String database = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("database"), null, charset);
    String description = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("description"), null, charset);
    // Parameter that we cannot secure as we need the html --> We DECODE them
    String script = ParameterParserUtil.parseStringParamAndDecode(request.getParameter("script"), null, charset);
    // Prepare the final answer.
    MessageEvent msg1 = new MessageEvent(MessageEventEnum.GENERIC_OK);
    Answer finalAnswer = new Answer(msg1);
    /**
     * Checking all constrains before calling the services.
     */
    if (StringUtil.isNullOrEmpty(name)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "SqlLibrary").replace("%OPERATION%", "Update").replace("%REASON%", "SqlLibrary ID (name) is missing."));
        finalAnswer.setResultMessage(msg);
    } else {
        /**
         * All data seems cleans so we can call the services.
         */
        ISqlLibraryService sqlLibraryService = appContext.getBean(ISqlLibraryService.class);
        AnswerItem resp = sqlLibraryService.readByKey(name);
        if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
            /**
             * Object could not be found. We stop here and report the error.
             */
            finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) resp);
        } else {
            /**
             * The service was able to perform the query and confirm the
             * object exist, then we can update it.
             */
            SqlLibrary sqlLib = (SqlLibrary) resp.getItem();
            sqlLib.setType(type);
            sqlLib.setDescription(description);
            sqlLib.setDatabase(database);
            sqlLib.setScript(script);
            ans = sqlLibraryService.update(sqlLib);
            finalAnswer = AnswerUtil.agregateAnswer(finalAnswer, (Answer) ans);
            if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
                /**
                 * Update was successful. Adding Log entry.
                 */
                ILogEventService logEventService = appContext.getBean(LogEventService.class);
                logEventService.createForPrivateCalls("/UpdateSqlLibrary", "UPDATE", "Updated SqlLibrary : ['" + name + "']", request);
            }
        }
    }
    /**
     * Formating and returning the json result.
     */
    jsonResponse.put("messageType", finalAnswer.getResultMessage().getMessage().getCodeString());
    jsonResponse.put("message", finalAnswer.getResultMessage().getDescription());
    response.getWriter().print(jsonResponse);
    response.getWriter().flush();
}
Also used : Answer(org.cerberus.util.answer.Answer) ApplicationContext(org.springframework.context.ApplicationContext) JSONObject(org.json.JSONObject) MessageEvent(org.cerberus.engine.entity.MessageEvent) ISqlLibraryService(org.cerberus.crud.service.ISqlLibraryService) SqlLibrary(org.cerberus.crud.entity.SqlLibrary) ILogEventService(org.cerberus.crud.service.ILogEventService) AnswerItem(org.cerberus.util.answer.AnswerItem) PrintWriter(java.io.PrintWriter)

Example 2 with ISqlLibraryService

use of org.cerberus.crud.service.ISqlLibraryService in project cerberus-source by cerberustesting.

the class CalculatePropertyForTestCase method doGet.

@Override
protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
    PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.BLOCKS);
    String type = policy.sanitize(httpServletRequest.getParameter("type"));
    ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
    String result = null;
    String description = null;
    String system = "";
    String property = httpServletRequest.getParameter("property");
    String testName = policy.sanitize(httpServletRequest.getParameter("test"));
    String testCaseName = policy.sanitize(httpServletRequest.getParameter("testCase"));
    String country = policy.sanitize(httpServletRequest.getParameter("country"));
    String environment = policy.sanitize(httpServletRequest.getParameter("environment"));
    try {
        if (type.equals("executeSoapFromLib")) {
            IAppServiceService appServiceService = appContext.getBean(AppServiceService.class);
            ISoapService soapService = appContext.getBean(ISoapService.class);
            IXmlUnitService xmlUnitService = appContext.getBean(IXmlUnitService.class);
            AppService appService = appServiceService.findAppServiceByKey(property);
            if (appService != null) {
                ExecutionUUID executionUUIDObject = appContext.getBean(ExecutionUUID.class);
                UUID executionUUID = UUID.randomUUID();
                executionUUIDObject.setExecutionUUID(executionUUID.toString(), null);
                soapService.callSOAP(appService.getServiceRequest(), appService.getServicePath(), appService.getOperation(), appService.getAttachementURL(), null, null, 60000, system);
                result = xmlUnitService.getFromXml(executionUUID.toString(), appService.getAttachementURL());
                description = appService.getDescription();
                executionUUIDObject.removeExecutionUUID(executionUUID.toString());
                LOG.debug("Clean ExecutionUUID");
            }
        } else {
            try {
                ITestCaseService testCaseService = appContext.getBean(TestCaseService.class);
                IApplicationService applicationService = appContext.getBean(ApplicationService.class);
                TestCase testCase = testCaseService.findTestCaseByKey(testName, testCaseName);
                if (testCase != null) {
                    system = applicationService.convert(applicationService.readByKey(testCase.getApplication())).getSystem();
                } else {
                    throw new CerberusException(new MessageGeneral(MessageGeneralEnum.NO_DATA_FOUND));
                }
            } catch (CerberusException ex) {
                LOG.warn(ex);
            }
            if (system != null) {
                String database = policy.sanitize(httpServletRequest.getParameter("database"));
                ICountryEnvironmentDatabaseService countryEnvironmentDatabaseService = appContext.getBean(CountryEnvironmentDatabaseService.class);
                CountryEnvironmentDatabase countryEnvironmentDatabase;
                countryEnvironmentDatabase = countryEnvironmentDatabaseService.convert(countryEnvironmentDatabaseService.readByKey(system, country, environment, database));
                String connectionName = countryEnvironmentDatabase.getConnectionPoolName();
                if (type.equals("executeSqlFromLib")) {
                    ISqlLibraryService sqlLibraryService = appContext.getBean(SqlLibraryService.class);
                    SqlLibrary sl = sqlLibraryService.findSqlLibraryByKey(policy.sanitize(property));
                    property = sl.getScript();
                    if (!(StringUtil.isNullOrEmpty(connectionName)) && !(StringUtil.isNullOrEmpty(policy.sanitize(property)))) {
                        ISQLService sqlService = appContext.getBean(ISQLService.class);
                        IParameterService parameterService = appContext.getBean(IParameterService.class);
                        Integer sqlTimeout = parameterService.getParameterIntegerByKey("cerberus_propertyexternalsql_timeout", system, 60);
                        result = sqlService.queryDatabase(connectionName, policy.sanitize(property), 1, sqlTimeout).get(0);
                        description = sl.getDescription();
                    }
                }
            }
        }
    } catch (CerberusException ex) {
        LOG.warn(ex);
        result = ex.getMessageError().getDescription();
        description = ex.getMessageError().getDescription();
    } catch (CerberusEventException ex) {
        LOG.warn(ex);
        result = ex.getMessageError().getDescription();
        description = ex.getMessageError().getDescription();
    }
    if (result != null) {
        try {
            JSONObject jsonObject = new JSONObject();
            jsonObject.put("resultList", result);
            jsonObject.put("description", description);
            httpServletResponse.setContentType("application/json");
            httpServletResponse.getWriter().print(jsonObject.toString());
        } catch (JSONException exception) {
            LOG.warn(exception.toString());
        }
    }
}
Also used : AppService(org.cerberus.crud.entity.AppService) CerberusException(org.cerberus.exception.CerberusException) PolicyFactory(org.owasp.html.PolicyFactory) ExecutionUUID(org.cerberus.engine.entity.ExecutionUUID) SqlLibrary(org.cerberus.crud.entity.SqlLibrary) JSONException(org.json.JSONException) IAppServiceService(org.cerberus.crud.service.IAppServiceService) IParameterService(org.cerberus.crud.service.IParameterService) CerberusEventException(org.cerberus.exception.CerberusEventException) ApplicationContext(org.springframework.context.ApplicationContext) ISQLService(org.cerberus.service.sql.ISQLService) MessageGeneral(org.cerberus.engine.entity.MessageGeneral) JSONObject(org.json.JSONObject) ISoapService(org.cerberus.service.soap.ISoapService) TestCase(org.cerberus.crud.entity.TestCase) ITestCaseService(org.cerberus.crud.service.ITestCaseService) ISqlLibraryService(org.cerberus.crud.service.ISqlLibraryService) ICountryEnvironmentDatabaseService(org.cerberus.crud.service.ICountryEnvironmentDatabaseService) UUID(java.util.UUID) ExecutionUUID(org.cerberus.engine.entity.ExecutionUUID) IXmlUnitService(org.cerberus.service.xmlunit.IXmlUnitService) IApplicationService(org.cerberus.crud.service.IApplicationService) CountryEnvironmentDatabase(org.cerberus.crud.entity.CountryEnvironmentDatabase)

Example 3 with ISqlLibraryService

use of org.cerberus.crud.service.ISqlLibraryService in project cerberus-source by cerberustesting.

the class CreateSqlLibrary method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
    JSONObject jsonResponse = new JSONObject();
    ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
    Answer ans = new Answer();
    MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
    msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
    ans.setResultMessage(msg);
    response.setContentType("text/html;charset=UTF-8");
    String charset = request.getCharacterEncoding();
    // Parameter that are already controled by GUI (no need to decode) --> We SECURE them
    // Parameter that needs to be secured --> We SECURE+DECODE them
    String name = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("name"), null, charset);
    String type = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("type"), null, charset);
    String database = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("database"), null, charset);
    String description = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("description"), null, charset);
    // Parameter that we cannot secure as we need the html --> We DECODE them
    String script = ParameterParserUtil.parseStringParamAndDecode(request.getParameter("script"), null, charset);
    /**
     * Checking all constrains before calling the services.
     */
    if (StringUtil.isNullOrEmpty(name)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "SqlLibrary").replace("%OPERATION%", "Create").replace("%REASON%", "SqlLibrary name is missing!"));
        ans.setResultMessage(msg);
    } else {
        /**
         * All data seems cleans so we can call the services.
         */
        ISqlLibraryService sqlLibraryService = appContext.getBean(ISqlLibraryService.class);
        IFactorySqlLibrary factorySqlLibrary = appContext.getBean(IFactorySqlLibrary.class);
        SqlLibrary sqlLib = factorySqlLibrary.create(name, type, database, script, description);
        ans = sqlLibraryService.create(sqlLib);
        if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
            /**
             * Adding Log entry.
             */
            ILogEventService logEventService = appContext.getBean(LogEventService.class);
            logEventService.createForPrivateCalls("/CreateSqlLibrary", "CREATE", "Create SQLLibrary : " + name, request);
        }
    }
    /**
     * Formating and returning the json result.
     */
    jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
    jsonResponse.put("message", ans.getResultMessage().getDescription());
    response.getWriter().print(jsonResponse);
    response.getWriter().flush();
}
Also used : Answer(org.cerberus.util.answer.Answer) ApplicationContext(org.springframework.context.ApplicationContext) JSONObject(org.json.JSONObject) MessageEvent(org.cerberus.engine.entity.MessageEvent) ISqlLibraryService(org.cerberus.crud.service.ISqlLibraryService) IFactorySqlLibrary(org.cerberus.crud.factory.IFactorySqlLibrary) SqlLibrary(org.cerberus.crud.entity.SqlLibrary) ILogEventService(org.cerberus.crud.service.ILogEventService) IFactorySqlLibrary(org.cerberus.crud.factory.IFactorySqlLibrary)

Example 4 with ISqlLibraryService

use of org.cerberus.crud.service.ISqlLibraryService in project cerberus-source by cerberustesting.

the class DeleteSqlLibrary method processRequest.

/**
 * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
 * methods.
 *
 * @param request  servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException      if an I/O error occurs
 */
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException, JSONException {
    JSONObject jsonResponse = new JSONObject();
    ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
    Answer ans = new Answer();
    MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
    msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
    ans.setResultMessage(msg);
    response.setContentType("application/json");
    String charset = request.getCharacterEncoding();
    String name = ParameterParserUtil.parseStringParamAndDecodeAndSanitize(request.getParameter("name"), null, charset);
    ISqlLibraryService sqlLibraryService = appContext.getBean(ISqlLibraryService.class);
    /**
     * Checking all constrains before calling the services.
     */
    if (StringUtil.isNullOrEmpty(name)) {
        msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
        msg.setDescription(msg.getDescription().replace("%ITEM%", "SqlLibrary").replace("%OPERATION%", "Delete").replace("%REASON%", "SqlLibrary ID (name) is missing!"));
        ans.setResultMessage(msg);
    } else {
        /**
         * All data seems cleans so we can call the services.
         */
        AnswerItem resp = sqlLibraryService.readByKey(name);
        if (!(resp.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode()) && resp.getItem() != null)) {
            /**
             * Object could not be found. We stop here and report the error.
             */
            msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_EXPECTED);
            msg.setDescription(msg.getDescription().replace("%ITEM%", "SqlLibrary").replace("%OPERATION%", "Delete").replace("%REASON%", "SqlLibrary does not exist."));
            ans.setResultMessage(msg);
        } else {
            /**
             * The service was able to perform the query and confirm the
             * object exist, then we can delete it.
             */
            SqlLibrary sql = (SqlLibrary) resp.getItem();
            ans = sqlLibraryService.delete(sql);
            if (ans.isCodeEquals(MessageEventEnum.DATA_OPERATION_OK.getCode())) {
                /**
                 * Adding Log entry.
                 */
                ILogEventService logEventService = appContext.getBean(LogEventService.class);
                logEventService.createForPrivateCalls("/DeleteSqlLibrary", "DELETE", "Delete SQLLibrary : " + name, request);
            }
        }
    }
    /**
     * Formating and returning the json result.
     */
    jsonResponse.put("messageType", ans.getResultMessage().getMessage().getCodeString());
    jsonResponse.put("message", ans.getResultMessage().getDescription());
    response.getWriter().print(jsonResponse);
    response.getWriter().flush();
}
Also used : Answer(org.cerberus.util.answer.Answer) ApplicationContext(org.springframework.context.ApplicationContext) JSONObject(org.json.JSONObject) MessageEvent(org.cerberus.engine.entity.MessageEvent) ISqlLibraryService(org.cerberus.crud.service.ISqlLibraryService) SqlLibrary(org.cerberus.crud.entity.SqlLibrary) ILogEventService(org.cerberus.crud.service.ILogEventService) AnswerItem(org.cerberus.util.answer.AnswerItem)

Aggregations

SqlLibrary (org.cerberus.crud.entity.SqlLibrary)4 ISqlLibraryService (org.cerberus.crud.service.ISqlLibraryService)4 JSONObject (org.json.JSONObject)4 ApplicationContext (org.springframework.context.ApplicationContext)4 ILogEventService (org.cerberus.crud.service.ILogEventService)3 MessageEvent (org.cerberus.engine.entity.MessageEvent)3 Answer (org.cerberus.util.answer.Answer)3 AnswerItem (org.cerberus.util.answer.AnswerItem)2 PrintWriter (java.io.PrintWriter)1 UUID (java.util.UUID)1 AppService (org.cerberus.crud.entity.AppService)1 CountryEnvironmentDatabase (org.cerberus.crud.entity.CountryEnvironmentDatabase)1 TestCase (org.cerberus.crud.entity.TestCase)1 IFactorySqlLibrary (org.cerberus.crud.factory.IFactorySqlLibrary)1 IAppServiceService (org.cerberus.crud.service.IAppServiceService)1 IApplicationService (org.cerberus.crud.service.IApplicationService)1 ICountryEnvironmentDatabaseService (org.cerberus.crud.service.ICountryEnvironmentDatabaseService)1 IParameterService (org.cerberus.crud.service.IParameterService)1 ITestCaseService (org.cerberus.crud.service.ITestCaseService)1 ExecutionUUID (org.cerberus.engine.entity.ExecutionUUID)1