Index: .idea/sonarIssues.xml =================================================================== diff -u -r31a357f42e37457d57156ff06788729aaa98de6e -rc8171c0033762ec05750a14448a5142f78e0b492 --- .idea/sonarIssues.xml (.../sonarIssues.xml) (revision 31a357f42e37457d57156ff06788729aaa98de6e) +++ .idea/sonarIssues.xml (.../sonarIssues.xml) (revision c8171c0033762ec05750a14448a5142f78e0b492) @@ -2328,6 +2328,11 @@ + + + + + Index: standard/Fortifystandard.bat =================================================================== diff -u --- standard/Fortifystandard.bat (revision 0) +++ standard/Fortifystandard.bat (revision c8171c0033762ec05750a14448a5142f78e0b492) @@ -0,0 +1,137 @@ +@echo off +REM ########################################################################### +REM Script generated by HP Fortify SCA Scan Wizard (c) HP Fortify 2011 +REM Created on 2017/11/29 10:45:16 +REM ########################################################################### +REM Generated for the following languages: +REM HTML +REM Java +REM Javascript +REM JSP J2EE +REM PHP +REM SQL +REM XML +REM ########################################################################### +REM DEBUG - if set to true, runs SCA in debug mode +REM SOURCEANALYZER - the name of the SCA executable +REM BUILDID - the SCA build id +REM LAUNCHERSWITCHES - the launcher settings that are used to invoke SCA +REM ARGFILE - the name of the argument file that's extracted and passed to SCA +REM MEMORY - the memory settings for SCA +REM OLDFILENUMBER - this defines the file which contains the number of files within the project, it is automatically generated +REM FILENOMAXDIFF - this is the percentage of difference between the number of files which will trigger a warning by the script +REM ########################################################################### + +set DEBUG=false +set SOURCEANALYZER=sourceanalyzer +set FPR="Fortifystandard.fpr" +set BUILDID="standard" +set ARGFILE="Fortifystandard.bat.args" +set MEMORY=-Xmx66343M -Xms400M -Xss24M +set LAUNCHERSWITCHES="" +set OLDFILENUMBER=Fortifystandard.bat.fileno +set FILENOMAXDIFF=10 + +set PROJECTROOT0="C:\DEV\ideaIU-15.0.6\jstree\backend\standard" +IF NOT EXIST %PROJECTROOT0% ( + ECHO ERROR: This script is being run on a different machine than it was + ECHO generated on or the targeted project has been moved. This script is + ECHO configured to locate files at + ECHO %PROJECTROOT0% + ECHO Please modify the %%PROJECTROOT0%% variable found + ECHO at the top of this script to point to the corresponding directory + ECHO located on this machine. + GOTO :FINISHED +) + +IF %DEBUG%==true set LAUNCHERSWITCHES=-debug %LAUNCHERSWITCHES% +echo Extracting Arguments File + + +echo. >Fortifystandard.bat.args +SETLOCAL ENABLEDELAYEDEXPANSION +IF EXIST %0 ( + set SCAScriptFile=%0 +) ELSE ( + set SCAScriptFile=%0.bat +) + +set PROJECTROOT0=%PROJECTROOT0:)=^)% +FOR /f "delims=" %%a IN ('findstr /B /C:"REM ARGS" %SCAScriptFile%' ) DO ( + set argVal=%%a + set argVal=!argVal:PROJECTROOT0_MARKER=%PROJECTROOT0:~1,-1%! + echo !argVal:~9! >> %ARGFILE% +) +ENDLOCAL + +REM ########################################################################### +echo Cleaning previous scan artifacts +%SOURCEANALYZER% %MEMORY% %LAUNCHERSWITCHES% -b %BUILDID% -clean +IF %ERRORLEVEL%==1 ( +echo Sourceanalyzer failed, exiting +GOTO :FINISHED +) +REM ########################################################################### +echo Running Build Integration +%SOURCEANALYZER% %MEMORY% %LAUNCHERSWITCHES% -b %BUILDID% -source 1.8 mvn -f "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\pom.xml" com.fortify.ps.maven.plugin:sca-maven-plugin:translate +IF %ERRORLEVEL%==1 ( +echo Sourceanalyzer failed, exiting +GOTO :FINISHED +) +REM ########################################################################### +echo Translating files +%SOURCEANALYZER% %MEMORY% %LAUNCHERSWITCHES% -b %BUILDID% @%ARGFILE% +IF %ERRORLEVEL%==1 ( +echo Sourceanalyzer failed, exiting +GOTO :FINISHED +) +REM ########################################################################### +echo Testing Difference between Translations +SETLOCAL +FOR /F "delims=" %%A in ('%SOURCEANALYZER% -b %BUILDID% -show-files ^| findstr /R /N "^" ^| find /C ":" ') DO SET FILENUMBER=%%A +IF NOT EXIST %OLDFILENUMBER% ( + ECHO It appears to be the first time running this script, setting %OLDFILENUMBER% to %FILENUMBER% + ECHO %FILENUMBER% > %OLDFILENUMBER% + GOTO TESTENDED +) + +FOR /F "delims=" %%i IN (%OLDFILENUMBER%) DO SET OLDFILENO=%%i +set /a DIFF=%OLDFILENO% * %FILENOMAXDIFF% +set /a DIFF /= 100 +set /a MAX=%OLDFILENO% + %DIFF% +set /a MIN=%OLDFILENO% - %DIFF% + +IF %FILENUMBER% LSS %MIN% set SHOWWARNING=true +IF %FILENUMBER% GTR %MAX% set SHOWWARNING=true + +IF DEFINED SHOWWARNING ( + ECHO WARNING: The number of files has changed by over %FILENOMAXDIFF%%%, it is recommended + ECHO that this script is regenerated with the ScanWizard +) +:TESTENDED +ENDLOCAL + +REM ########################################################################### +echo Starting scan +%SOURCEANALYZER% %MEMORY% %LAUNCHERSWITCHES% -b %BUILDID% -scan -f %FPR% +IF %ERRORLEVEL%==1 ( +echo Sourceanalyzer failed, exiting +GOTO :FINISHED +) +REM ########################################################################### +echo Finished +:FINISHED +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.htm" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.html" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.java" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.properties" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.ini" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.js" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.php" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.ctp" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.sql" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.pks" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.pkh" +REM ARGS -exclude "PROJECTROOT0_MARKER\**\*.pkb" +REM ARGS -exclude "PROJECTROOT0_MARKER\target\site\doxygen.config" +REM ARGS "PROJECTROOT0_MARKER" Index: standard/Fortifystandard.bat.args =================================================================== diff -u --- standard/Fortifystandard.bat.args (revision 0) +++ standard/Fortifystandard.bat.args (revision c8171c0033762ec05750a14448a5142f78e0b492) @@ -0,0 +1,15 @@ + +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.htm" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.html" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.java" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.properties" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.ini" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.js" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.php" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.ctp" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.sql" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.pks" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.pkh" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\**\*.pkb" +-exclude "C:\DEV\ideaIU-15.0.6\jstree\backend\standard\target\site\doxygen.config" +"C:\DEV\ideaIU-15.0.6\jstree\backend\standard" Index: standard/Fortifystandard.bat.fileno =================================================================== diff -u --- standard/Fortifystandard.bat.fileno (revision 0) +++ standard/Fortifystandard.bat.fileno (revision c8171c0033762ec05750a14448a5142f78e0b492) @@ -0,0 +1 @@ +470 Index: standard/Fortifystandard.fpr =================================================================== diff -u Binary files differ Index: standard/Fortifystandard_-_Fortify_Security_Report.pdf =================================================================== diff -u Binary files differ Index: standard/pom.xml =================================================================== diff -u -r2059e1cb9871173bc856c9ea6e552c706b7f42bc -rc8171c0033762ec05750a14448a5142f78e0b492 --- standard/pom.xml (.../pom.xml) (revision 2059e1cb9871173bc856c9ea6e552c706b7f42bc) +++ standard/pom.xml (.../pom.xml) (revision c8171c0033762ec05750a14448a5142f78e0b492) @@ -226,7 +226,24 @@ maven-site-plugin 3.5.1 + + + com.fortify.ps.maven.plugin + sca-maven-plugin + 4.30 + + true + true + 800M + myJavaVersion + myBuildId + true + true + myTopLevelId + + + ${basedir}/target/site Index: standard/project/web/src/main/java/egovframework/api/rivalWar/directChat/controller/UserDirectChatController.java =================================================================== diff -u -r31a357f42e37457d57156ff06788729aaa98de6e -rc8171c0033762ec05750a14448a5142f78e0b492 --- standard/project/web/src/main/java/egovframework/api/rivalWar/directChat/controller/UserDirectChatController.java (.../UserDirectChatController.java) (revision 31a357f42e37457d57156ff06788729aaa98de6e) +++ standard/project/web/src/main/java/egovframework/api/rivalWar/directChat/controller/UserDirectChatController.java (.../UserDirectChatController.java) (revision c8171c0033762ec05750a14448a5142f78e0b492) @@ -7,7 +7,10 @@ import egovframework.api.rivalWar.menu.vo.MenuDTO; import egovframework.com.ext.jstree.springiBatis.core.validation.group.AddNode; import egovframework.com.ext.jstree.support.mvc.GenericAbstractController; +import egovframework.com.ext.jstree.support.util.DateUtils; import egovframework.com.ext.jstree.support.util.ParameterParser; +import egovframework.com.ext.jstree.support.util.StringUtils; +import net.sf.ehcache.util.TimeUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -49,6 +52,13 @@ } //user 권한 체크할 필요없음. 필터 처리되 있음. + jsTreeHibernateDTO.setUserId(getUser()); + jsTreeHibernateDTO.setLikeCount(new Long(0)); + jsTreeHibernateDTO.setHateCount(new Long(0)); + jsTreeHibernateDTO.setReportYN("N"); + jsTreeHibernateDTO.setHiddenYN("N"); + jsTreeHibernateDTO.setUserLevel(new Long(0)); + jsTreeHibernateDTO.setWriteTime(DateUtils.getCurrentDay().toString()); ParameterParser parser = new ParameterParser(request); @@ -72,4 +82,15 @@ return modelAndView; } + private String getUser() { + String userName = null; + Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); + if (principal instanceof UserDetails) { + userName = ((UserDetails) principal).getUsername(); + } else { + userName = principal.toString(); + } + return userName; + } + }