date:20180202

[GitHub] fineract pull request #438: Injection fix

2018-02-02 Thread asfgit

Github user asfgit closed the pull request at:

https://github.com/apache/fineract/pull/438


---

[2/2] fineract git commit: fixes for CVE-2018-1289

2018-02-02 Thread vishwasbabu

fixes for CVE-2018-1289


Project: http://git-wip-us.apache.org/repos/asf/fineract/repo
Commit: http://git-wip-us.apache.org/repos/asf/fineract/commit/1d38bd25
Tree: http://git-wip-us.apache.org/repos/asf/fineract/tree/1d38bd25
Diff: http://git-wip-us.apache.org/repos/asf/fineract/diff/1d38bd25

Branch: refs/heads/develop
Commit: 1d38bd25d0b90e6260b9d24d37d77bc50055b8bb
Parents: 17fd243 e7035d1
Author: Vishwas Babu A J 
Authored: Fri Feb 2 15:36:07 2018 -0800
Committer: Vishwas Babu A J 
Committed: Fri Feb 2 15:36:07 2018 -0800

--
 .../JournalEntryReadPlatformServiceImpl.java| 11 +--
 .../service/AuditReadPlatformServiceImpl.java   |  2 ++
 .../SchedulerJobRunnerReadServiceImpl.java  |  9 --
 ...ReportMailingJobReadPlatformServiceImpl.java |  9 --
 ...ingJobRunHistoryReadPlatformServiceImpl.java |  9 --
 .../security/utils/ColumnValidator.java | 30 +++-
 .../security/utils/SQLInjectionValidator.java   |  2 +-
 .../sms/service/SmsReadPlatformServiceImpl.java |  9 --
 .../NotificationReadPlatformServiceImpl.java| 26 +++--
 .../service/OfficeReadPlatformServiceImpl.java  | 10 +--
 ...AccountTransfersReadPlatformServiceImpl.java | 12 ++--
 ...structionHistoryReadPlatformServiceImpl.java |  9 --
 ...ndingInstructionReadPlatformServiceImpl.java |  9 --
 .../service/ClientReadPlatformServiceImpl.java  |  3 +-
 .../service/CenterReadPlatformServiceImpl.java  |  5 
 .../service/GroupReadPlatformServiceImpl.java   |  4 +++
 .../service/LoanReadPlatformServiceImpl.java|  2 ++
 ...nHoldTransactionReadPlatformServiceImpl.java |  8 +-
 .../SavingsAccountReadPlatformServiceImpl.java  |  4 ++-
 ...eAccountDividendReadPlatformServiceImpl.java | 11 +--
 ...eProductDividendReadPlatformServiceImpl.java | 12 ++--
 21 files changed, 146 insertions(+), 50 deletions(-)
--

[1/2] fineract git commit: Injection fix

2018-02-02 Thread vishwasbabu

Repository: fineract
Updated Branches:
  refs/heads/develop 17fd243ae -> 1d38bd25d


Injection fix


Project: http://git-wip-us.apache.org/repos/asf/fineract/repo
Commit: http://git-wip-us.apache.org/repos/asf/fineract/commit/e7035d1f
Tree: http://git-wip-us.apache.org/repos/asf/fineract/tree/e7035d1f
Diff: http://git-wip-us.apache.org/repos/asf/fineract/diff/e7035d1f

Branch: refs/heads/develop
Commit: e7035d1f394bd4f65603cc9a31d79d44f1dc73ef
Parents: 17fd243
Author: Avik Ganguly 
Authored: Sat Jan 20 10:00:51 2018 +0530
Committer: Avik Ganguly 
Committed: Sat Jan 20 10:00:51 2018 +0530

--
 .../JournalEntryReadPlatformServiceImpl.java| 11 +--
 .../service/AuditReadPlatformServiceImpl.java   |  2 ++
 .../SchedulerJobRunnerReadServiceImpl.java  |  9 --
 ...ReportMailingJobReadPlatformServiceImpl.java |  9 --
 ...ingJobRunHistoryReadPlatformServiceImpl.java |  9 --
 .../security/utils/ColumnValidator.java | 30 +++-
 .../security/utils/SQLInjectionValidator.java   |  2 +-
 .../sms/service/SmsReadPlatformServiceImpl.java |  9 --
 .../NotificationReadPlatformServiceImpl.java| 26 +++--
 .../service/OfficeReadPlatformServiceImpl.java  | 10 +--
 ...AccountTransfersReadPlatformServiceImpl.java | 12 ++--
 ...structionHistoryReadPlatformServiceImpl.java |  9 --
 ...ndingInstructionReadPlatformServiceImpl.java |  9 --
 .../service/ClientReadPlatformServiceImpl.java  |  3 +-
 .../service/CenterReadPlatformServiceImpl.java  |  5 
 .../service/GroupReadPlatformServiceImpl.java   |  4 +++
 .../service/LoanReadPlatformServiceImpl.java|  2 ++
 ...nHoldTransactionReadPlatformServiceImpl.java |  8 +-
 .../SavingsAccountReadPlatformServiceImpl.java  |  4 ++-
 ...eAccountDividendReadPlatformServiceImpl.java | 11 +--
 ...eProductDividendReadPlatformServiceImpl.java | 12 ++--
 21 files changed, 146 insertions(+), 50 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/fineract/blob/e7035d1f/fineract-provider/src/main/java/org/apache/fineract/accounting/journalentry/service/JournalEntryReadPlatformServiceImpl.java
--
diff --git 
a/fineract-provider/src/main/java/org/apache/fineract/accounting/journalentry/service/JournalEntryReadPlatformServiceImpl.java
 
b/fineract-provider/src/main/java/org/apache/fineract/accounting/journalentry/service/JournalEntryReadPlatformServiceImpl.java
index 49efaa0..928ed40 100755
--- 
a/fineract-provider/src/main/java/org/apache/fineract/accounting/journalentry/service/JournalEntryReadPlatformServiceImpl.java
+++ 
b/fineract-provider/src/main/java/org/apache/fineract/accounting/journalentry/service/JournalEntryReadPlatformServiceImpl.java
@@ -49,6 +49,7 @@ import org.apache.fineract.infrastructure.core.service.Page;
 import org.apache.fineract.infrastructure.core.service.PaginationHelper;
 import org.apache.fineract.infrastructure.core.service.RoutingDataSource;
 import org.apache.fineract.infrastructure.core.service.SearchParameters;
+import org.apache.fineract.infrastructure.security.utils.ColumnValidator;
 import org.apache.fineract.organisation.monetary.data.CurrencyData;
 import org.apache.fineract.organisation.office.data.OfficeData;
 import 
org.apache.fineract.organisation.office.service.OfficeReadPlatformService;
@@ -74,18 +75,22 @@ public class JournalEntryReadPlatformServiceImpl implements 
JournalEntryReadPlat
 private final JdbcTemplate jdbcTemplate;
 private final GLAccountReadPlatformService glAccountReadPlatformService;
 private final OfficeReadPlatformService officeReadPlatformService;
+private final ColumnValidator columnValidator;
 private final FinancialActivityAccountRepositoryWrapper 
financialActivityAccountRepositoryWrapper;
 
 private final PaginationHelper paginationHelper = new 
PaginationHelper<>();
 
 @Autowired
 public JournalEntryReadPlatformServiceImpl(final RoutingDataSource 
dataSource,
-final GLAccountReadPlatformService glAccountReadPlatformService, 
final OfficeReadPlatformService officeReadPlatformService,
+final GLAccountReadPlatformService glAccountReadPlatformService,
+final ColumnValidator columnValidator,
+final OfficeReadPlatformService officeReadPlatformService,
 final FinancialActivityAccountRepositoryWrapper 
financialActivityAccountRepositoryWrapper) {
 this.jdbcTemplate = new JdbcTemplate(dataSource);
 this.glAccountReadPlatformService = glAccountReadPlatformService;
 this.officeReadPlatformService = officeReadPlatformService;
 this.financialActivityAccountRepositoryWrapper = 
financialActivityAccountRepositoryWrapper;
+this.columnValidator = columnValidator;

[GitHub] fineract pull request #438: Injection fix

[2/2] fineract git commit: fixes for CVE-2018-1289

[1/2] fineract git commit: Injection fix

3 matches

Site Navigation

Mail list logo

Footer information