Skip to content

Commit

Permalink
Use LogUtils.sanitizeParam for logged user inputs
Browse files Browse the repository at this point in the history 
Signed-off-by: HARPER Jon <[email protected]>
  • Loading branch information
@jonenst
jonenst committed Sep 25, 2024
1 parent 0e8dd82 commit 0a9a404
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions src/main/java/org/gridsuite/merge/orchestrator/server/MergeOrchestratorController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
package org.gridsuite.merge.orchestrator.server;

import com.powsybl.commons.report.ReportNode;
import com.powsybl.ws.commons.LogUtils;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
Expand Down Expand Up @@ -78,7 +79,7 @@ public ResponseEntity<List<Merge>> getMerges(@PathVariable("processUuid") UUID p
public ResponseEntity<byte[]> exportNetwork(@Parameter(description = "Process uuid") @PathVariable("processUuid") UUID processUuid,
@Parameter(description = "Process date") @PathVariable("date") String date,
@Parameter(description = "Export format") @PathVariable("format") String format) {
LOGGER.debug("Exporting merge for process {} : {}", processUuid, date);
LOGGER.debug("Exporting merge for process {} : {}", LogUtils.sanitizeParam(processUuid.toString()), LogUtils.sanitizeParam(date));
String decodedDate = URLDecoder.decode(date, StandardCharsets.UTF_8);
ZonedDateTime dateTime = ZonedDateTime.parse(decodedDate);

Expand All @@ -94,7 +95,7 @@ public ResponseEntity<byte[]> exportNetwork(@Parameter(description = "Process uu
@ApiResponses(value = {@ApiResponse(responseCode = "200", description = "IGMs replaced")})
public ResponseEntity<Map<String, IgmReplacingInfo>> replaceIGMs(@Parameter(description = "Process uuid") @PathVariable("processUuid") UUID processUuid,
@Parameter(description = "Process date") @PathVariable("date") String date) {
LOGGER.debug("Replacing igms for merge process {} : {}", processUuid, date);
LOGGER.debug("Replacing igms for merge process {} : {}", LogUtils.sanitizeParam(processUuid.toString()), LogUtils.sanitizeParam(date));
String decodedDate = URLDecoder.decode(date, StandardCharsets.UTF_8);
ZonedDateTime dateTime = ZonedDateTime.parse(decodedDate);

Expand All @@ -107,7 +108,7 @@ public ResponseEntity<Map<String, IgmReplacingInfo>> replaceIGMs(@Parameter(desc
@ApiResponses(value = {@ApiResponse(responseCode = "200", description = "The report for process"), @ApiResponse(responseCode = "404", description = "The process not found")})
public ResponseEntity<ReportNode> getReport(@Parameter(description = "Process uuid") @PathVariable("processUuid") UUID processUuid,
@Parameter(description = "Process date") @PathVariable("date") String date) {
LOGGER.debug("Get report for merge process {} : {}", processUuid, date);
LOGGER.debug("Get report for merge process {} : {}", LogUtils.sanitizeParam(processUuid.toString()), LogUtils.sanitizeParam(date));
String decodedDate = URLDecoder.decode(date, StandardCharsets.UTF_8);
LocalDateTime dateTime = LocalDateTime.ofInstant(ZonedDateTime.parse(decodedDate).toInstant(), ZoneOffset.UTC);

Expand All @@ -119,7 +120,7 @@ public ResponseEntity<ReportNode> getReport(@Parameter(description = "Process uu
@ApiResponses(value = {@ApiResponse(responseCode = "200", description = "The report for process deleted"), @ApiResponse(responseCode = "404", description = "The process not found")})
public ResponseEntity<Void> deleteReport(@Parameter(description = "Process uuid") @PathVariable("processUuid") UUID processUuid,
@Parameter(description = "Process date") @PathVariable("date") String date) {
LOGGER.debug("Delete report for merge process {} : {}", processUuid, date);
LOGGER.debug("Delete report for merge process {} : {}", LogUtils.sanitizeParam(processUuid.toString()), LogUtils.sanitizeParam(date));

String decodedDate = URLDecoder.decode(date, StandardCharsets.UTF_8);
LocalDateTime dateTime = LocalDateTime.ofInstant(ZonedDateTime.parse(decodedDate).toInstant(), ZoneOffset.UTC);
Expand Down

0 comments on commit 0a9a404

Please sign in to comment.