gaspersic/java-design-patterns
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix: Github reports security vulnerabilities #933 (#960)

Browse Source 
* Fix: Github reports security vulnerabilities  #933

Upgrade camel and spring-data

* -Fix github security vulnerabilities in spring-data and camel

* -Code changes for review comments
This commit is contained in:
Gaurav Deshpande 2019-10-08 10:12:54 +05:30 committed by Ilkka Seppälä
parent f5455f9887
commit 84c4b034a9
14 changed files with 72 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
eip-aggregator/src/test/java/com/iluwatar/eip/aggregator/routes/AggregatorRouteTest.java
View File

@ -28,7 +28,7 @@ import org.apache.camel.component.mock.MockEndpoint;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.test.SpringApplicationConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ActiveProfiles;
@ -44,7 +44,7 @@ import static org.junit.jupiter.api.Assertions.assertEquals;
* </p>
*/
@ExtendWith(SpringExtension.class)
@SpringApplicationConfiguration(classes = AggregatorRouteTest.class)
@SpringBootTest(classes = AggregatorRouteTest.class)
@ActiveProfiles("test")
@EnableAutoConfiguration
@ComponentScan

4
eip-splitter/src/test/java/com/iluwatar/eip/splitter/routes/SplitterRouteTest.java
View File

@ -28,7 +28,7 @@ import org.apache.camel.component.mock.MockEndpoint;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.test.SpringApplicationConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ActiveProfiles;
@ -42,7 +42,7 @@ import org.springframework.test.context.junit.jupiter.SpringExtension;
* </p>
*/
@ExtendWith(SpringExtension.class)
@SpringApplicationConfiguration(classes = SplitterRouteTest.class)
@SpringBootTest(classes = SplitterRouteTest.class)
@ActiveProfiles("test")
@EnableAutoConfiguration
@ComponentScan

4
eip-wire-tap/src/test/java/com/iluwatar/eip/wiretap/routes/WireTapRouteTest.java
View File

@ -29,7 +29,7 @@ import org.apache.camel.component.mock.MockEndpoint;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.test.SpringApplicationConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ActiveProfiles;
@ -45,7 +45,7 @@ import static org.junit.jupiter.api.Assertions.assertEquals;
* </p>
*/
@ExtendWith(SpringExtension.class)
@SpringApplicationConfiguration(classes = WireTapRouteTest.class)
@SpringBootTest(classes = WireTapRouteTest.class)
@ActiveProfiles("test")
@EnableAutoConfiguration
@ComponentScan

6
layers/pom.xml
View File

@ -41,7 +41,11 @@
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<artifactId>hibernate-core</artifactId>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
</dependency>
<dependency>
<groupId>commons-dbcp</groupId>

27
layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java
View File

@ -72,18 +72,23 @@ public class CakeBakingServiceImpl implements CakeBakingService {
}
}
CakeToppingDao toppingBean = context.getBean(CakeToppingDao.class);
CakeTopping topping = toppingBean.findOne(matchingToppings.iterator().next().getId());
Optional<CakeTopping> topping = toppingBean.findById(matchingToppings.iterator().next().getId());
CakeDao cakeBean = context.getBean(CakeDao.class);
Cake cake = new Cake();
cake.setTopping(topping);
cake.setLayers(foundLayers);
cakeBean.save(cake);
topping.setCake(cake);
toppingBean.save(topping);
CakeLayerDao layerBean = context.getBean(CakeLayerDao.class);
for (CakeLayer layer : foundLayers) {
layer.setCake(cake);
layerBean.save(layer);
if (topping.isPresent()) {
Cake cake = new Cake();
cake.setTopping(topping.get());
cake.setLayers(foundLayers);
cakeBean.save(cake);
topping.get().setCake(cake);
toppingBean.save(topping.get());
CakeLayerDao layerBean = context.getBean(CakeLayerDao.class);
for (CakeLayer layer : foundLayers) {
layer.setCake(cake);
layerBean.save(layer);
}
} else {
throw new CakeBakingException(String.format("Topping %s is not available",
cakeInfo.cakeToppingInfo.name));
}
}

2
layers/src/main/resources/applicationContext.xml
View File

@ -50,7 +50,7 @@
<property name="dataSource" ref="dataSource" />
<property name="packagesToScan" value="com.iluwatar" />
<property name="persistenceProvider">
<bean class="org.hibernate.ejb.HibernatePersistence" />
<bean class="org.hibernate.jpa.HibernatePersistenceProvider" />
</property>
<property name="jpaProperties">
<map>

21
pom.xml
View File

@ -28,10 +28,10 @@
<inceptionYear>2014</inceptionYear>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<hibernate.version>5.0.1.Final</hibernate.version>
<spring.version>4.2.4.RELEASE</spring.version>
<spring-boot.version>1.3.3.RELEASE</spring-boot.version>
<spring-data.version>1.9.2.RELEASE</spring-data.version>
<hibernate.version>5.2.18.Final</hibernate.version>
<spring.version>5.0.13.RELEASE</spring.version>
<spring-boot.version>2.0.9.RELEASE</spring-boot.version>
<spring-data.version>2.0.14.RELEASE</spring-data.version>
<h2.version>1.4.190</h2.version>
<junit.version>4.12</junit.version>
<junit-jupiter.version>5.0.2</junit-jupiter.version>
@ -40,7 +40,7 @@
<compiler.version>3.8.1</compiler.version>
<jacoco.version>0.8.4</jacoco.version>
<commons-dbcp.version>1.4</commons-dbcp.version>
<camel.version>2.16.1</camel.version>
<camel.version>2.24.0</camel.version>
<guava.version>19.0</guava.version>
<mockito.version>1.10.19</mockito.version>
<apache-httpcomponents.version>4.5.10</apache-httpcomponents.version>
@ -55,6 +55,7 @@
<aws-lambda-java-events.version>2.0.1</aws-lambda-java-events.version>
<jackson.version>2.8.5</jackson.version>
<pmd.version>3.12.0</pmd.version>
<log4j.version>1.2.17</log4j.version>
<jaxb-api.version>2.3.0</jaxb-api.version>
<annotation-api.version>1.3.1</annotation-api.version>
</properties>
@ -191,11 +192,6 @@
<artifactId>hibernate-core</artifactId>
<version>${hibernate.version}</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>${hibernate.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
@ -300,6 +296,11 @@
<artifactId>mongo-java-driver</artifactId>
<version>${mongo-java-driver.version}</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>${log4j.version}</version>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>

6
repository/pom.xml
View File

@ -44,7 +44,7 @@
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<artifactId>hibernate-core</artifactId>
</dependency>
<dependency>
<groupId>commons-dbcp</groupId>
@ -71,5 +71,9 @@
<groupId>javax.annotation</groupId>
<artifactId>javax.annotation-api</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
</dependency>
</dependencies>
</project>

9
repository/src/main/java/com/iluwatar/repository/App.java
View File

@ -23,6 +23,7 @@
package com.iluwatar.repository;
import java.util.List;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -84,17 +85,17 @@ public class App {
nasta.setSurname("Spotakova");
repository.save(nasta);
LOGGER.info("Find by id 2: {}", repository.findOne(2L));
LOGGER.info("Find by id 2: {}", repository.findById(2L).get());
// Remove record from Person
repository.delete(2L);
repository.deleteById(2L);
// count records
LOGGER.info("Count Person records: {}", repository.count());
// find by name
Person p = repository.findOne(new PersonSpecifications.NameEqualSpec("John"));
LOGGER.info("Find by John is {}", p);
Optional<Person> p = repository.findOne(new PersonSpecifications.NameEqualSpec("John"));
LOGGER.info("Find by John is {}", p.get());
// find by age
persons = repository.findAll(new PersonSpecifications.AgeBetweenSpec(20, 40));

13
repository/src/main/java/com/iluwatar/repository/AppConfig.java
View File

@ -24,6 +24,7 @@ package com.iluwatar.repository;
import java.sql.SQLException;
import java.util.List;
import java.util.Optional;
import java.util.Properties;
import javax.sql.DataSource;
@ -32,6 +33,7 @@ import org.apache.commons.dbcp.BasicDataSource;
import org.hibernate.jpa.HibernatePersistenceProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.SpringBootConfiguration;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
@ -44,6 +46,7 @@ import org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean;
*
*/
@EnableJpaRepositories
@SpringBootConfiguration
public class AppConfig {
private static final Logger LOGGER = LoggerFactory.getLogger(AppConfig.class);
@ -60,7 +63,7 @@ public class AppConfig {
basicDataSource.setUrl("jdbc:h2:~/databases/person");
basicDataSource.setUsername("sa");
basicDataSource.setPassword("sa");
return (DataSource) basicDataSource;
return basicDataSource;
}
/**
@ -134,17 +137,17 @@ public class AppConfig {
nasta.setSurname("Spotakova");
repository.save(nasta);
LOGGER.info("Find by id 2: {}", repository.findOne(2L));
LOGGER.info("Find by id 2: {}", repository.findById(2L).get());
// Remove record from Person
repository.delete(2L);
repository.deleteById(2L);
// count records
LOGGER.info("Count Person records: {}", repository.count());
// find by name
Person p = repository.findOne(new PersonSpecifications.NameEqualSpec("John"));
LOGGER.info("Find by John is {}", p);
Optional<Person> p = repository.findOne(new PersonSpecifications.NameEqualSpec("John"));
LOGGER.info("Find by John is {}", p.get());
// find by age
persons = repository.findAll(new PersonSpecifications.AgeBetweenSpec(20, 40));

2
repository/src/main/resources/applicationContext.xml
View File

@ -49,7 +49,7 @@
<property name="dataSource" ref="dataSource" />
<property name="packagesToScan" value="com.iluwatar" />
<property name="persistenceProvider">
<bean class="org.hibernate.ejb.HibernatePersistence" />
<bean class="org.hibernate.jpa.HibernatePersistenceProvider" />
</property>
<property name="jpaProperties">
<map>

12
repository/src/test/java/com/iluwatar/repository/AnnotationBasedRepositoryTest.java
View File

@ -28,6 +28,7 @@ import static org.junit.jupiter.api.Assertions.assertTrue;
import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import javax.annotation.Resource;
@ -35,9 +36,8 @@ import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit.jupiter.SpringExtension;
import org.springframework.test.context.support.AnnotationConfigContextLoader;
import com.google.common.collect.Lists;
@ -47,7 +47,7 @@ import com.google.common.collect.Lists;
*
*/
@ExtendWith(SpringExtension.class)
@ContextConfiguration(classes = { AppConfig.class }, loader = AnnotationConfigContextLoader.class)
@SpringBootTest(classes = { AppConfig.class })
public class AnnotationBasedRepositoryTest {
@Resource
@ -66,7 +66,7 @@ public class AnnotationBasedRepositoryTest {
@BeforeEach
public void setup() {
repository.save(persons);
repository.saveAll(persons);
}
@Test
@ -119,8 +119,8 @@ public class AnnotationBasedRepositoryTest {
@Test
public void testFindOneByNameEqualSpec() {
Person actual = repository.findOne(new PersonSpecifications.NameEqualSpec("Terry"));
assertEquals(terry, actual);
Optional<Person> actual = repository.findOne(new PersonSpecifications.NameEqualSpec("Terry"));
assertEquals(terry, actual.get());
}
@AfterEach

5
repository/src/test/java/com/iluwatar/repository/AppConfigTest.java
View File

@ -25,9 +25,8 @@ package com.iluwatar.repository;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit.jupiter.SpringExtension;
import org.springframework.test.context.support.AnnotationConfigContextLoader;
import org.springframework.transaction.annotation.Transactional;
import javax.sql.DataSource;
@ -42,7 +41,7 @@ import static org.junit.jupiter.api.Assertions.assertNotNull;
*
*/
@ExtendWith(SpringExtension.class)
@ContextConfiguration(classes = { AppConfig.class }, loader = AnnotationConfigContextLoader.class)
@SpringBootTest(classes = { AppConfig.class })
public class AppConfigTest {
@Autowired

11
repository/src/test/java/com/iluwatar/repository/RepositoryTest.java
View File

@ -28,6 +28,7 @@ import static org.junit.jupiter.api.Assertions.assertTrue;
import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import javax.annotation.Resource;
@ -35,7 +36,7 @@ import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit.jupiter.SpringExtension;
import com.google.common.collect.Lists;
@ -45,7 +46,7 @@ import com.google.common.collect.Lists;
* by {@link org.springframework.data.jpa.domain.Specification} are also test.
*/
@ExtendWith(SpringExtension.class)
@ContextConfiguration(locations = { "classpath:applicationContext.xml" })
@SpringBootTest(properties = { "locations=classpath:applicationContext.xml" })
public class RepositoryTest {
@Resource
@ -64,7 +65,7 @@ public class RepositoryTest {
@BeforeEach
public void setup() {
repository.save(persons);
repository.saveAll(persons);
}
@Test
@ -115,8 +116,8 @@ public class RepositoryTest {
@Test
public void testFindOneByNameEqualSpec() {
Person actual = repository.findOne(new PersonSpecifications.NameEqualSpec("Terry"));
assertEquals(terry, actual);
Optional<Person> actual = repository.findOne(new PersonSpecifications.NameEqualSpec("Terry"));
assertEquals(terry, actual.get());
}
@AfterEach