Updated migration script v3
now sets unix permissions to 600 for the generated password file
This commit is contained in:
parent
474d014f09
commit
ced84a05a6
@ -2,6 +2,9 @@ package db.migration;
|
|||||||
|
|
||||||
import java.io.BufferedWriter;
|
import java.io.BufferedWriter;
|
||||||
import java.io.FileWriter;
|
import java.io.FileWriter;
|
||||||
|
import java.nio.file.Files;
|
||||||
|
import java.nio.file.Paths;
|
||||||
|
import java.nio.file.attribute.PosixFilePermission;
|
||||||
import java.security.SecureRandom;
|
import java.security.SecureRandom;
|
||||||
import java.sql.PreparedStatement;
|
import java.sql.PreparedStatement;
|
||||||
|
|
||||||
@ -43,10 +46,32 @@ public class V3__add_default_admin extends BaseJavaMigration {
|
|||||||
try (final PreparedStatement ps = context.getConnection()
|
try (final PreparedStatement ps = context.getConnection()
|
||||||
.prepareStatement("insert into users (user_id, name, password) values (0,?,?)")) {
|
.prepareStatement("insert into users (user_id, name, password) values (0,?,?)")) {
|
||||||
final String generatedPassword = generatePassword(60, ALPHA_CAPS + ALPHA + SPECIAL_CHARS);
|
final String generatedPassword = generatePassword(60, ALPHA_CAPS + ALPHA + SPECIAL_CHARS);
|
||||||
final BufferedWriter bw = new BufferedWriter(new FileWriter("gen-password.txt"));
|
final BufferedWriter bw = new BufferedWriter(
|
||||||
|
new FileWriter("gen-password.txt"));
|
||||||
|
|
||||||
bw.write(generatedPassword);
|
bw.write(generatedPassword);
|
||||||
bw.write("\nPlease delete this file");
|
bw.write("\nPlease delete this file");
|
||||||
bw.close();
|
bw.close();
|
||||||
|
|
||||||
|
final var perms = Files.getPosixFilePermissions(Paths.get(
|
||||||
|
"gen-password.txt"));
|
||||||
|
|
||||||
|
|
||||||
|
//add owners permission
|
||||||
|
perms.add(PosixFilePermission.OWNER_READ);
|
||||||
|
perms.add(PosixFilePermission.OWNER_WRITE);
|
||||||
|
perms.remove(PosixFilePermission.OWNER_EXECUTE);
|
||||||
|
//add group permissions
|
||||||
|
perms.remove(PosixFilePermission.GROUP_READ);
|
||||||
|
perms.remove(PosixFilePermission.GROUP_WRITE);
|
||||||
|
perms.remove(PosixFilePermission.GROUP_EXECUTE);
|
||||||
|
//add others permissions
|
||||||
|
perms.remove(PosixFilePermission.OTHERS_READ);
|
||||||
|
perms.remove(PosixFilePermission.OTHERS_WRITE);
|
||||||
|
perms.remove(PosixFilePermission.OTHERS_EXECUTE);
|
||||||
|
Files.setPosixFilePermissions(Paths.get("gen-password.txt"), perms);
|
||||||
|
|
||||||
|
|
||||||
ps.setString(1, "admin");
|
ps.setString(1, "admin");
|
||||||
ps.setString(2, passwordEncoder.encode(generatedPassword));
|
ps.setString(2, passwordEncoder.encode(generatedPassword));
|
||||||
ps.execute();
|
ps.execute();
|
||||||
|
Loading…
Reference in New Issue
Block a user