[fineract] branch develop updated: FINERACT-1724 - [x] eliminate sonar security hotspots

Fri, 25 Nov 2022 01:59:14 -0800 

This is an automated email from the ASF dual-hosted git repository.

arnold pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/fineract.git


The following commit(s) were added to refs/heads/develop by this push:
     new 3f0872d1e FINERACT-1724 - [x] eliminate sonar security hotspots
3f0872d1e is described below

commit 3f0872d1ecab053e345a700729c96beaa7068348
Author: Janos Haber <[email protected]>
AuthorDate: Thu Nov 24 23:27:54 2022 +0100

    FINERACT-1724
    - [x] eliminate sonar security hotspots
---
 .../service/JournalEntryReadPlatformServiceImpl.java         |  3 ++-
 .../service/ProvisioningEntriesReadPlatformServiceImpl.java  |  3 ++-
 .../infrastructure/jobs/filter/LoanCOBApiFilter.java         | 12 +++++++++---
 .../service/SavingsAccountChargeReadPlatformServiceImpl.java |  2 +-
 4 files changed, 14 insertions(+), 6 deletions(-)

diff --git 
a/fineract-provider/src/main/java/org/apache/fineract/accounting/journalentry/service/JournalEntryReadPlatformServiceImpl.java
 
b/fineract-provider/src/main/java/org/apache/fineract/accounting/journalentry/service/JournalEntryReadPlatformServiceImpl.java
index c5f512603..aaaddbd11 100644
--- 
a/fineract-provider/src/main/java/org/apache/fineract/accounting/journalentry/service/JournalEntryReadPlatformServiceImpl.java
+++ 
b/fineract-provider/src/main/java/org/apache/fineract/accounting/journalentry/service/JournalEntryReadPlatformServiceImpl.java
@@ -384,7 +384,8 @@ public class JournalEntryReadPlatformServiceImpl implements 
JournalEntryReadPlat
         try {
 
             final GLJournalEntryMapper rm = new 
GLJournalEntryMapper(associationParametersData);
-            final String sql = "select " + rm.schema() + " where 
journalEntry.id = ?";
+            // Programmatic query, disable sonar issue
+            final String sql = "select " + rm.schema() + " where 
journalEntry.id = ?"; // NOSONAR
 
             return this.jdbcTemplate.queryForObject(sql, rm, glJournalEntryId);
         } catch (final EmptyResultDataAccessException e) {
diff --git 
a/fineract-provider/src/main/java/org/apache/fineract/accounting/provisioning/service/ProvisioningEntriesReadPlatformServiceImpl.java
 
b/fineract-provider/src/main/java/org/apache/fineract/accounting/provisioning/service/ProvisioningEntriesReadPlatformServiceImpl.java
index a0faf234e..e11a92337 100644
--- 
a/fineract-provider/src/main/java/org/apache/fineract/accounting/provisioning/service/ProvisioningEntriesReadPlatformServiceImpl.java
+++ 
b/fineract-provider/src/main/java/org/apache/fineract/accounting/provisioning/service/ProvisioningEntriesReadPlatformServiceImpl.java
@@ -109,7 +109,8 @@ public class ProvisioningEntriesReadPlatformServiceImpl 
implements ProvisioningE
     @Override
     public ProvisioningEntryData retrieveProvisioningEntryData(Long entryId) {
         ProvisioningEntryDataMapperWithSumReserved mapper1 = new 
ProvisioningEntryDataMapperWithSumReserved();
-        final String sql = "select" + mapper1.getSchema() + " where entry.id = 
? group by entry.id, created.username, modified.username";
+        // Programmatic query, disable sonar
+        final String sql = "select" + mapper1.getSchema() + " where entry.id = 
? group by entry.id, created.username, modified.username"; // NOSONAR
         return this.jdbcTemplate.queryForObject(sql, mapper1, entryId);
     }
 
diff --git 
a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/jobs/filter/LoanCOBApiFilter.java
 
b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/jobs/filter/LoanCOBApiFilter.java
index 6ca5ac501..f3a3a2488 100644
--- 
a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/jobs/filter/LoanCOBApiFilter.java
+++ 
b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/jobs/filter/LoanCOBApiFilter.java
@@ -23,8 +23,9 @@ import java.io.IOException;
 import java.math.BigDecimal;
 import java.util.Collections;
 import java.util.List;
-import java.util.function.Function;
+import java.util.function.Predicate;
 import java.util.function.Supplier;
+import java.util.regex.Pattern;
 import java.util.stream.Stream;
 import java.util.stream.StreamSupport;
 import javax.servlet.FilterChain;
@@ -56,7 +57,12 @@ public class LoanCOBApiFilter extends OncePerRequestFilter {
     private final InlineLoanCOBExecutorServiceImpl 
inlineLoanCOBExecutorService;
 
     private static final List<HttpMethod> HTTP_METHODS = 
List.of(HttpMethod.POST, HttpMethod.PUT, HttpMethod.DELETE);
-    private static final Function<String, Boolean> URL_FUNCTION = s -> 
s.matches("/loans/\\d+.*") || s.matches("/loans/glimAccount/\\d+.*");
+
+    private static final Pattern LOAN_PATH_PATTERN = 
Pattern.compile("/loans/\\d+");
+
+    private static final Pattern LOAN_GLIMACCOUNT_PATH_PATTERN = 
Pattern.compile("/loans/glimAccount/\\d+");
+    private static final Predicate<String> URL_FUNCTION = s -> 
LOAN_PATH_PATTERN.matcher(s).find()
+            || LOAN_GLIMACCOUNT_PATH_PATTERN.matcher(s).find();
     private static final Integer LOAN_ID_INDEX_IN_URL = 2;
     private static final Integer GLIM_ID_INDEX_IN_URL = 3;
     private static final Integer GLIM_STRING_INDEX_IN_URL = 2;
@@ -143,7 +149,7 @@ public class LoanCOBApiFilter extends OncePerRequestFilter {
         if (StringUtils.isBlank(request.getPathInfo())) {
             return false;
         }
-        return HTTP_METHODS.contains(HttpMethod.valueOf(request.getMethod())) 
&& URL_FUNCTION.apply(request.getPathInfo());
+        return HTTP_METHODS.contains(HttpMethod.valueOf(request.getMethod())) 
&& URL_FUNCTION.test(request.getPathInfo());
     }
 
     private boolean isGlim(Supplier<Stream<String>> streamSupplier) {
diff --git 
a/fineract-provider/src/main/java/org/apache/fineract/portfolio/savings/service/SavingsAccountChargeReadPlatformServiceImpl.java
 
b/fineract-provider/src/main/java/org/apache/fineract/portfolio/savings/service/SavingsAccountChargeReadPlatformServiceImpl.java
index ed128d97f..4e10ca9d1 100644
--- 
a/fineract-provider/src/main/java/org/apache/fineract/portfolio/savings/service/SavingsAccountChargeReadPlatformServiceImpl.java
+++ 
b/fineract-provider/src/main/java/org/apache/fineract/portfolio/savings/service/SavingsAccountChargeReadPlatformServiceImpl.java
@@ -264,7 +264,7 @@ public class SavingsAccountChargeReadPlatformServiceImpl 
implements SavingsAccou
                 + " where sac.charge_due_date is not null and 
sac.charge_due_date <= ? and sac.waived = false and sac.is_paid_derived=false 
and sac.is_active=true and sa.status_enum = ? "
                 + " order by sac.charge_due_date ";
 
-        return this.jdbcTemplate.query(sql, this.chargeDueMapper,
+        return this.jdbcTemplate.query(sql, this.chargeDueMapper, // NOSONAR
                 new Object[] { DateUtils.getBusinessLocalDate(), 
SavingsAccountStatusType.ACTIVE.getValue() }); // NOSONAR
     }

Reply via email to