Add requested changes

issue-10462/secure-pending-operation-6.2
Rajitha Kumara 6 months ago
parent 1576ef86d0
commit 2eb73213f3

@ -732,7 +732,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true); int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(true);
ApplicationStorageManager applicationStorageManager = APIUtil.getApplicationStorageManager(); ApplicationStorageManager applicationStorageManager = APIUtil.getApplicationStorageManager();
try { try {
String md5OfApp = applicationStorageManager.getMD5(Files.newInputStream(Paths.get(applicationArtifact.getInstallerPath()))); String md5OfApp = applicationStorageManager.
getMD5(Files.newInputStream(Paths.get(applicationArtifact.getInstallerPath())));
validateReleaseBinaryFileHash(md5OfApp); validateReleaseBinaryFileHash(md5OfApp);
releaseDTO.setUuid(UUID.randomUUID().toString()); releaseDTO.setUuid(UUID.randomUUID().toString());
releaseDTO.setAppHashValue(md5OfApp); releaseDTO.setAppHashValue(md5OfApp);
@ -748,6 +749,7 @@ public class ApplicationManagerImpl implements ApplicationManager {
String msg = "Error occurred while md5sum value retrieving process: application UUID " String msg = "Error occurred while md5sum value retrieving process: application UUID "
+ releaseDTO.getUuid(); + releaseDTO.getUuid();
log.error(msg, e); log.error(msg, e);
throw new ApplicationManagementException(msg, e);
} }
return addImageArtifacts(releaseDTO, applicationArtifact, tenantId); return addImageArtifacts(releaseDTO, applicationArtifact, tenantId);
} }
@ -896,7 +898,8 @@ public class ApplicationManagerImpl implements ApplicationManager {
log.error(msg); log.error(msg);
throw new ApplicationManagementException(msg); throw new ApplicationManagementException(msg);
} }
String md5OfApp = applicationStorageManager.getMD5(Files.newInputStream(Paths.get(applicationArtifact.getInstallerPath()))); String md5OfApp = applicationStorageManager.
getMD5(Files.newInputStream(Paths.get(applicationArtifact.getInstallerPath())));
if (md5OfApp == null) { if (md5OfApp == null) {
String msg = "Error occurred while md5sum value retrieving process: application UUID " String msg = "Error occurred while md5sum value retrieving process: application UUID "
+ applicationReleaseDTO.getUuid(); + applicationReleaseDTO.getUuid();
@ -910,7 +913,6 @@ public class ApplicationManagerImpl implements ApplicationManager {
throw new BadRequestException(msg); throw new BadRequestException(msg);
} }
applicationReleaseDTO.setAppHashValue(md5OfApp); applicationReleaseDTO.setAppHashValue(md5OfApp);
applicationStorageManager applicationStorageManager
.uploadReleaseArtifact(applicationReleaseDTO, deviceType, .uploadReleaseArtifact(applicationReleaseDTO, deviceType,
Files.newInputStream(Paths.get(applicationArtifact.getInstallerPath())), tenantId); Files.newInputStream(Paths.get(applicationArtifact.getInstallerPath())), tenantId);

@ -156,7 +156,6 @@ public class ApplicationStorageManagerImpl implements ApplicationStorageManager
public void uploadReleaseArtifact(ApplicationReleaseDTO applicationReleaseDTO, public void uploadReleaseArtifact(ApplicationReleaseDTO applicationReleaseDTO,
String deviceType, InputStream binaryFile, int tenantId) throws ResourceManagementException { String deviceType, InputStream binaryFile, int tenantId) throws ResourceManagementException {
try { try {
//byte [] content = IOUtils.toByteArray(binaryFile);
String artifactDirectoryPath = String artifactDirectoryPath =
storagePath + tenantId + File.separator + applicationReleaseDTO.getAppHashValue() + File.separator storagePath + tenantId + File.separator + applicationReleaseDTO.getAppHashValue() + File.separator
+ Constants.APP_ARTIFACT; + Constants.APP_ARTIFACT;

@ -31,6 +31,7 @@ import io.entgra.device.mgt.core.device.mgt.common.exceptions.NotFoundException;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.net.URL; import java.net.URL;
import java.nio.file.FileSystems; import java.nio.file.FileSystems;
@ -103,8 +104,13 @@ public class FileTransferServiceImpl implements FileTransferService {
@Override @Override
public boolean isExistsOnLocal(URL downloadUrl) throws FileTransferServiceException { public boolean isExistsOnLocal(URL downloadUrl) throws FileTransferServiceException {
try { try {
return FileTransferServiceHelperUtil.resolve(downloadUrl) != null; FileDescriptor fileDescriptor = FileTransferServiceHelperUtil.resolve(downloadUrl);
} catch (FileTransferServiceHelperUtilException e) { if (fileDescriptor != null && fileDescriptor.getFile() != null) {
fileDescriptor.getFile().close();
return true;
}
return false;
} catch (FileTransferServiceHelperUtilException | IOException e) {
String msg = "Error occurred while checking the existence of artifact on the local environment"; String msg = "Error occurred while checking the existence of artifact on the local environment";
log.error(msg, e); log.error(msg, e);
throw new FileTransferServiceException(msg, e); throw new FileTransferServiceException(msg, e);

@ -244,9 +244,10 @@ public class FileTransferServiceHelperUtil {
} }
private static FileDescriptor resolve(String []urlSegments) throws FileTransferServiceHelperUtilException { private static FileDescriptor resolve(String []urlSegments) throws FileTransferServiceHelperUtilException {
// check the possibility of url is pointing to a file resides in the default storage path
if (urlSegments.length < 4) { if (urlSegments.length < 4) {
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("URL path segments contain less than 2 segments"); log.debug("URL path segments contain less than 4 segments");
} }
return null; return null;
} }

Loading…
Cancel
Save