Example 46 with PolicyFactory
use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class GetCountryForTestCase method doGet.
@Override
protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
String testName = policy.sanitize(httpServletRequest.getParameter("test"));
String testCaseName = policy.sanitize(httpServletRequest.getParameter("testCase"));
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
ITestCaseCountryService testCaseCountryService = appContext.getBean(ITestCaseCountryService.class);
JSONArray array = new JSONArray();
JSONObject jsonObject = new JSONObject();
for (String country : testCaseCountryService.findListOfCountryByTestTestCase(testName, testCaseName)) {
array.put(country);
}
try {
jsonObject.put("countriesList", array);
httpServletResponse.setContentType("application/json");
httpServletResponse.getWriter().print(jsonObject.toString());
} catch (JSONException exception) {
LOG.warn(exception.toString());
}
}
Also used :
ApplicationContext(org.springframework.context.ApplicationContext)
PolicyFactory(org.owasp.html.PolicyFactory)
JSONObject(org.json.JSONObject)
JSONArray(org.json.JSONArray)
JSONException(org.json.JSONException)
ITestCaseCountryService(org.cerberus.crud.service.ITestCaseCountryService)
Example 47 with PolicyFactory
use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class ExportTestCase method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param httpServletRequest servlet request
* @param httpServletResponse servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
try {
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
ITestCaseService testService = appContext.getBean(ITestCaseService.class);
// TODO pass DAO to Service
ITestCaseCountryPropertiesDAO testCaseDAO = appContext.getBean(TestCaseCountryPropertiesDAO.class);
ILoadTestCaseService loadTestCaseService = appContext.getBean(ILoadTestCaseService.class);
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
String test = policy.sanitize(httpServletRequest.getParameter("test"));
String testcase = policy.sanitize(httpServletRequest.getParameter("testcase"));
TestCase tcInfo = testService.findTestCaseByKeyWithDependency(test, testcase);
JSONObject jsonObject = new JSONObject();
try {
jsonObject.put("origin", tcInfo.getOrigine());
jsonObject.put("refOrigin", tcInfo.getRefOrigine());
jsonObject.put("creator", tcInfo.getUsrCreated());
jsonObject.put("implementer", tcInfo.getImplementer());
jsonObject.put("lastModifier", tcInfo.getUsrModif());
jsonObject.put("project", tcInfo.getProject());
jsonObject.put("ticket", tcInfo.getTicket());
jsonObject.put("application", tcInfo.getApplication());
jsonObject.put("runQA", tcInfo.getActiveQA());
jsonObject.put("runUAT", tcInfo.getActiveUAT());
jsonObject.put("runPROD", tcInfo.getActivePROD());
jsonObject.put("priority", tcInfo.getPriority());
jsonObject.put("group", tcInfo.getGroup());
jsonObject.put("status", tcInfo.getStatus());
JSONArray countryList = new JSONArray();
for (TestCaseCountry tcc : tcInfo.getTestCaseCountry()) {
countryList.put(tcc.getCountry());
}
jsonObject.put("countriesList", countryList);
jsonObject.put("shortDescription", tcInfo.getDescription());
jsonObject.put("description", tcInfo.getBehaviorOrValueExpected());
jsonObject.put("howTo", tcInfo.getHowTo());
jsonObject.put("active", tcInfo.getTcActive());
jsonObject.put("fromSprint", tcInfo.getFromBuild());
jsonObject.put("fromRevision", tcInfo.getFromRev());
jsonObject.put("toSprint", tcInfo.getToBuild());
jsonObject.put("toRevision", tcInfo.getToRev());
jsonObject.put("lastExecutionStatus", tcInfo.getLastExecutionStatus());
jsonObject.put("bugID", tcInfo.getBugID());
jsonObject.put("targetSprint", tcInfo.getTargetBuild());
jsonObject.put("targetRevision", tcInfo.getTargetRev());
jsonObject.put("comment", tcInfo.getComment());
jsonObject.put("test", tcInfo.getTest());
jsonObject.put("testcase", tcInfo.getTestCase());
JSONArray propertyList = new JSONArray();
List<TestCaseCountryProperties> properties = testCaseDAO.findDistinctPropertiesOfTestCase(test, testcase);
for (TestCaseCountryProperties prop : properties) {
JSONObject property = new JSONObject();
property.put("property", prop.getProperty());
property.put("description", prop.getDescription());
property.put("type", prop.getType());
property.put("database", prop.getDatabase());
property.put("value1", prop.getValue1());
property.put("value2", prop.getValue2());
property.put("length", prop.getLength());
property.put("rowLimit", prop.getRowLimit());
property.put("nature", prop.getNature());
List<String> countriesSelected = testCaseDAO.findCountryByProperty(prop);
for (TestCaseCountry tcc : tcInfo.getTestCaseCountry()) {
if (countriesSelected.contains(tcc.getCountry())) {
property.put(tcc.getCountry(), true);
} else {
property.put(tcc.getCountry(), false);
}
}
propertyList.put(property);
}
jsonObject.put("properties", propertyList);
List<TestCaseStep> tcs = loadTestCaseService.loadTestCaseStep(tcInfo);
JSONArray list = new JSONArray();
for (TestCaseStep step : tcs) {
JSONObject stepObject = new JSONObject();
stepObject.put("number", step.getStep());
stepObject.put("name", step.getDescription());
int i = 1;
JSONArray actionList = new JSONArray();
JSONArray controlList = new JSONArray();
JSONArray sequenceList = new JSONArray();
for (TestCaseStepAction action : step.getTestCaseStepAction()) {
JSONObject actionObject = new JSONObject();
actionObject.put("sequence", i);
actionObject.put("action", action.getAction());
actionObject.put("object", action.getValue1());
actionObject.put("property", action.getValue2());
actionObject.put("fatal", "");
actionList.put(actionObject);
sequenceList.put(actionObject);
for (TestCaseStepActionControl control : action.getTestCaseStepActionControl()) {
JSONObject controlObject = new JSONObject();
controlObject.put("step", control.getStep());
controlObject.put("sequence", control.getSequence());
controlObject.put("order", control.getControlSequence());
controlObject.put("action", control.getControl());
controlObject.put("object", control.getValue2());
controlObject.put("property", control.getValue1());
controlObject.put("fatal", control.getFatal());
controlList.put(controlObject);
// test
controlObject = new JSONObject();
controlObject.put("sequence", i);
controlObject.put("action", control.getControl());
controlObject.put("object", control.getValue2());
controlObject.put("property", control.getValue1());
controlObject.put("fatal", control.getFatal());
sequenceList.put(controlObject);
}
i++;
}
stepObject.put("actions", actionList);
stepObject.put("controls", controlList);
stepObject.put("sequences", sequenceList);
list.put(stepObject);
}
// jsonObject.put("actions", actionList);
// jsonObject.put("controls", controlList);
jsonObject.put("list", list);
httpServletResponse.setContentType("application/json");
httpServletResponse.setHeader("Content-Disposition", "attachment; filename=" + test + testcase + ".json");
httpServletResponse.getOutputStream().print(jsonObject.toString());
} catch (JSONException exception) {
LOG.warn(exception.toString());
}
} catch (CerberusException ex) {
LOG.warn(ex);
}
}
Also used :
TestCaseStepAction(org.cerberus.crud.entity.TestCaseStepAction)
CerberusException(org.cerberus.exception.CerberusException)
TestCaseCountryProperties(org.cerberus.crud.entity.TestCaseCountryProperties)
PolicyFactory(org.owasp.html.PolicyFactory)
JSONArray(org.json.JSONArray)
ILoadTestCaseService(org.cerberus.crud.service.ILoadTestCaseService)
JSONException(org.json.JSONException)
TestCaseStep(org.cerberus.crud.entity.TestCaseStep)
ApplicationContext(org.springframework.context.ApplicationContext)
ITestCaseCountryPropertiesDAO(org.cerberus.crud.dao.ITestCaseCountryPropertiesDAO)
JSONObject(org.json.JSONObject)
TestCase(org.cerberus.crud.entity.TestCase)
ITestCaseService(org.cerberus.crud.service.ITestCaseService)
TestCaseCountry(org.cerberus.crud.entity.TestCaseCountry)
TestCaseStepActionControl(org.cerberus.crud.entity.TestCaseStepActionControl)
Example 48 with PolicyFactory
use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class GetStepInLibrary method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException {
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
// String system = policy.sanitize(request.getParameter("system"));
String system = ParameterParserUtil.parseStringParamAndSanitize(request.getParameter("system"), null);
String test = policy.sanitize(request.getParameter("test"));
String testCase = policy.sanitize(request.getParameter("testCase"));
String withTestCase = policy.sanitize(request.getParameter("withTestCase"));
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
ITestCaseStepService testCaseStepService = appContext.getBean(ITestCaseStepService.class);
ITestCaseService testCaseService = appContext.getBean(ITestCaseService.class);
JSONArray array = new JSONArray();
JSONObject jsonObject = new JSONObject();
try {
List<TestCaseStep> tcsList;
if (test.equals("") && testCase.equals("")) {
tcsList = testCaseStepService.getStepLibraryBySystem(system);
} else if (testCase.equals("")) {
tcsList = testCaseStepService.getStepLibraryBySystemTest(system, test);
} else {
tcsList = testCaseStepService.getStepLibraryBySystemTestTestCase(system, test, testCase);
}
for (TestCaseStep list : tcsList) {
JSONObject tcs = new JSONObject();
tcs.put("test", list.getTest());
tcs.put("testCase", list.getTestCase());
tcs.put("step", list.getStep());
tcs.put("sort", list.getSort());
tcs.put("description", list.getDescription());
if (list.getTestCaseObj() != null) {
tcs.put("tcdesc", list.getTestCaseObj().getDescription());
tcs.put("tcapp", list.getTestCaseObj().getApplication());
}
array.put(tcs);
}
jsonObject.put("testCaseStepList", array);
response.setContentType("application/json");
response.getWriter().print(jsonObject.toString());
} catch (JSONException exception) {
LOG.warn(exception.toString());
}
}
Also used :
ApplicationContext(org.springframework.context.ApplicationContext)
PolicyFactory(org.owasp.html.PolicyFactory)
JSONObject(org.json.JSONObject)
ITestCaseStepService(org.cerberus.crud.service.ITestCaseStepService)
ITestCaseService(org.cerberus.crud.service.ITestCaseService)
JSONArray(org.json.JSONArray)
JSONException(org.json.JSONException)
TestCaseStep(org.cerberus.crud.entity.TestCaseStep)
Example 49 with PolicyFactory
use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class ReadApplicationObject method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
* @throws CerberusException
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException {
String echo = request.getParameter("sEcho");
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
response.setContentType("application/json");
response.setCharacterEncoding("utf8");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
// Default message to unexpected error.
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
// Get Parameters
String columnName = ParameterParserUtil.parseStringParam(request.getParameter("columnName"), "");
/**
* Parsing and securing all required parameters.
*/
// Nothing to do here as no parameter to check.
//
// Global boolean on the servlet that define if the user has permition to edit and delete object.
boolean userHasPermissions = request.isUserInRole("Integrator");
// Init Answer with potencial error from Parsing parameter.
AnswerItem answer = new AnswerItem(new MessageEvent(MessageEventEnum.DATA_OPERATION_OK));
try {
JSONObject jsonResponse = new JSONObject();
if (request.getParameter("application") != null && request.getParameter("object") != null) {
answer = findApplicationObject(request.getParameter("application"), request.getParameter("object"), appContext, userHasPermissions, request);
jsonResponse = (JSONObject) answer.getItem();
} else if (request.getParameter("id") != null) {
int id = -1;
boolean int_error = false;
try {
id = Integer.getInteger(request.getParameter("id"));
} catch (Exception e) {
int_error = true;
}
if (!int_error) {
answer = findApplicationObject(id, appContext, userHasPermissions, request);
jsonResponse = (JSONObject) answer.getItem();
}
} else if (request.getParameter("columnName") != null) {
answer = findValuesForColumnFilter(appContext, request);
jsonResponse = (JSONObject) answer.getItem();
} else if (request.getParameter("application") == null) {
answer = findApplicationObjectList(null, appContext, userHasPermissions, request);
jsonResponse = (JSONObject) answer.getItem();
} else if (request.getParameter("iDisplayStart") == null) {
answer = findApplicationObjectList(request.getParameter("application"), appContext, userHasPermissions);
jsonResponse = (JSONObject) answer.getItem();
} else {
answer = findApplicationObjectList(request.getParameter("application"), appContext, userHasPermissions, request);
jsonResponse = (JSONObject) answer.getItem();
}
jsonResponse.put("messageType", answer.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", answer.getResultMessage().getDescription());
jsonResponse.put("sEcho", echo);
response.getWriter().print(jsonResponse.toString());
} catch (JSONException e) {
LOG.warn(e);
// returns a default error message with the json format that is able to be parsed by the client-side
response.getWriter().print(AnswerUtil.createGenericErrorAnswer());
}
}
Also used :
ApplicationContext(org.springframework.context.ApplicationContext)
PolicyFactory(org.owasp.html.PolicyFactory)
JSONObject(org.json.JSONObject)
MessageEvent(org.cerberus.engine.entity.MessageEvent)
JSONException(org.json.JSONException)
AnswerItem(org.cerberus.util.answer.AnswerItem)
ServletException(javax.servlet.ServletException)
JSONException(org.json.JSONException)
IOException(java.io.IOException)
CerberusException(org.cerberus.exception.CerberusException)
Example 50 with PolicyFactory
use of org.owasp.html.PolicyFactory in project cerberus-source by cerberustesting.
the class ReadCountryEnvironmentDatabase method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
* @throws org.cerberus.exception.CerberusException
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException, CerberusException {
String echo = request.getParameter("sEcho");
ApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(this.getServletContext());
PolicyFactory policy = Sanitizers.FORMATTING.and(Sanitizers.LINKS);
response.setContentType("application/json");
response.setCharacterEncoding("utf8");
// Calling Servlet Transversal Util.
ServletUtil.servletStart(request);
// Default message to unexpected error.
MessageEvent msg = new MessageEvent(MessageEventEnum.DATA_OPERATION_ERROR_UNEXPECTED);
msg.setDescription(msg.getDescription().replace("%DESCRIPTION%", ""));
/**
* Parsing and securing all required parameters.
*/
String system = policy.sanitize(request.getParameter("system"));
String country = policy.sanitize(request.getParameter("country"));
String environment = policy.sanitize(request.getParameter("environment"));
// Global boolean on the servlet that define if the user has permition to edit and delete object.
boolean userHasPermissions = request.isUserInRole("IntegratorRO");
// Init Answer with potencial error from Parsing parameter.
AnswerItem answer = new AnswerItem(msg);
try {
JSONObject jsonResponse = new JSONObject();
if (1 == 1) {
answer = findCountryEnvDatabaseList(request.getParameter("system"), request.getParameter("country"), request.getParameter("environment"), appContext, userHasPermissions, request);
jsonResponse = (JSONObject) answer.getItem();
}
jsonResponse.put("messageType", answer.getResultMessage().getMessage().getCodeString());
jsonResponse.put("message", answer.getResultMessage().getDescription());
jsonResponse.put("sEcho", echo);
response.getWriter().print(jsonResponse.toString());
} catch (JSONException e) {
LOG.warn(e);
// returns a default error message with the json format that is able to be parsed by the client-side
response.setContentType("application/json");
response.getWriter().print(AnswerUtil.createGenericErrorAnswer());
}
}
Also used :
ApplicationContext(org.springframework.context.ApplicationContext)
PolicyFactory(org.owasp.html.PolicyFactory)
JSONObject(org.json.JSONObject)
MessageEvent(org.cerberus.engine.entity.MessageEvent)
JSONException(org.json.JSONException)
AnswerItem(org.cerberus.util.answer.AnswerItem)
Aggregations
PolicyFactory (org.owasp.html.PolicyFactory)123
ApplicationContext (org.springframework.context.ApplicationContext)116
JSONObject (org.json.JSONObject)115
MessageEvent (org.cerberus.engine.entity.MessageEvent)93
AnswerItem (org.cerberus.util.answer.AnswerItem)74
JSONException (org.json.JSONException)70
ILogEventService (org.cerberus.crud.service.ILogEventService)62
Answer (org.cerberus.util.answer.Answer)60
CerberusException (org.cerberus.exception.CerberusException)35
IOException (java.io.IOException)32
ServletException (javax.servlet.ServletException)31
JSONArray (org.json.JSONArray)24
ITestCaseService (org.cerberus.crud.service.ITestCaseService)19
TestCase (org.cerberus.crud.entity.TestCase)17
ArrayList (java.util.ArrayList)14
LogEventService (org.cerberus.crud.service.impl.LogEventService)11
TestCaseStep (org.cerberus.crud.entity.TestCaseStep)10
IParameterService (org.cerberus.crud.service.IParameterService)9
TestCaseCountry (org.cerberus.crud.entity.TestCaseCountry)7
ICountryEnvParamService (org.cerberus.crud.service.ICountryEnvParamService)7
