nova/Chatto
1
0
Fork 0
Code Issues 7 Pull Requests Releases Wiki Activity

Updated migration script v3

Browse Source 
now sets unix permissions to 600 for the generated password file
This commit is contained in:
Rohan Sircar 2020-08-11 15:05:40 +05:30
parent 474d014f09
commit ced84a05a6
1 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/main/java/db/migration/V3__add_default_admin.java
View File

@ -2,6 +2,9 @@ package db.migration;
import java.io.BufferedWriter;
import java.io.FileWriter;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.nio.file.attribute.PosixFilePermission;
import java.security.SecureRandom;
import java.sql.PreparedStatement;
@ -43,10 +46,32 @@ public class V3__add_default_admin extends BaseJavaMigration {
try (final PreparedStatement ps = context.getConnection()
.prepareStatement("insert into users (user_id, name, password) values (0,?,?)")) {
final String generatedPassword = generatePassword(60, ALPHA_CAPS + ALPHA + SPECIAL_CHARS);
final BufferedWriter bw = new BufferedWriter(new FileWriter("gen-password.txt"));
final BufferedWriter bw = new BufferedWriter(
new FileWriter("gen-password.txt"));
bw.write(generatedPassword);
bw.write("\nPlease delete this file");
bw.close();
final var perms = Files.getPosixFilePermissions(Paths.get(
"gen-password.txt"));
//add owners permission
perms.add(PosixFilePermission.OWNER_READ);
perms.add(PosixFilePermission.OWNER_WRITE);
perms.remove(PosixFilePermission.OWNER_EXECUTE);
//add group permissions
perms.remove(PosixFilePermission.GROUP_READ);
perms.remove(PosixFilePermission.GROUP_WRITE);
perms.remove(PosixFilePermission.GROUP_EXECUTE);
//add others permissions
perms.remove(PosixFilePermission.OTHERS_READ);
perms.remove(PosixFilePermission.OTHERS_WRITE);
perms.remove(PosixFilePermission.OTHERS_EXECUTE);
Files.setPosixFilePermissions(Paths.get("gen-password.txt"), perms);
ps.setString(1, "admin");
ps.setString(2, passwordEncoder.encode(generatedPassword));
ps.execute();