diff options
author | Jim Hahn <jrh3@att.com> | 2021-09-02 13:27:40 -0400 |
---|---|---|
committer | Jim Hahn <jrh3@att.com> | 2021-09-02 14:03:14 -0400 |
commit | b2d3fb99d210ce13b38f8bf71f7888a70086254a (patch) | |
tree | 7141eea456438aaf8b935bb539269ef023196e6c | |
parent | 51f1fffd687e53c858685ec41fd3ab8cfd4fcdf1 (diff) |
Fix sonar security issues in apex-pdp
Fixed sonar security issues:
- set permissions of temporary files
Issue-ID: POLICY-3093
Change-Id: I1dfc87f22975fa950cfcfc47196fad55d6cbf277
Signed-off-by: Jim Hahn <jrh3@att.com>
3 files changed, 5 insertions, 4 deletions
diff --git a/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java b/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java index 1f2703daa..0926c80e0 100644 --- a/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java +++ b/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java @@ -20,7 +20,6 @@ package org.onap.policy.apex.auth.clieditor.tosca; -import java.io.File; import java.io.IOException; import java.util.Arrays; import java.util.List; @@ -29,6 +28,7 @@ import org.onap.policy.apex.auth.clieditor.ApexCommandLineEditorMain; import org.onap.policy.apex.auth.clieditor.CommandLineParameters; import org.onap.policy.apex.auth.clieditor.utils.CliUtils; import org.onap.policy.common.utils.coder.CoderException; +import org.onap.policy.common.utils.resources.TextFileUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -65,7 +65,7 @@ public class ApexCliToscaEditorMain { String policyModelFilePath = null; try { - final var tempModelFile = File.createTempFile("policyModel", ".json"); + final var tempModelFile = TextFileUtils.createTempFile("policyModel", ".json"); policyModelFilePath = tempModelFile.getAbsolutePath(); } catch (IOException e) { LOGGER.error("Cannot create the policy model temp file.", e); diff --git a/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java b/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java index 5e5d39c9b..b350af527 100644 --- a/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java +++ b/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java @@ -480,7 +480,7 @@ public class ModelHandlerFacade { ApexApiResult splitResult = new ApexApiResult(); File tempSplitPolicyFile = null; try { - tempSplitPolicyFile = File.createTempFile("ApexTempPolicy", null); + tempSplitPolicyFile = TextFileUtils.createTempFile("ApexTempPolicy", null); // Split the policy into a temporary file splitResult = split(tempSplitPolicyFile.getCanonicalPath(), splitOutPolicies); diff --git a/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java b/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java index b676450a3..2030b3b65 100644 --- a/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java +++ b/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java @@ -57,6 +57,7 @@ import org.onap.policy.apex.services.onappf.exception.ApexStarterException; import org.onap.policy.common.parameters.ParameterService; import org.onap.policy.common.utils.coder.CoderException; import org.onap.policy.common.utils.coder.StandardCoder; +import org.onap.policy.common.utils.resources.TextFileUtils; import org.onap.policy.models.tosca.authorative.concepts.ToscaConceptIdentifier; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate; @@ -254,7 +255,7 @@ public class ApexEngineHandler { toscaServiceTemplate.setToscaTopologyTemplate(toscaTopologyTemplate); File file; try { - file = File.createTempFile(policyName, ".json"); + file = TextFileUtils.createTempFile(policyName, ".json"); standardCoder.encode(file, toscaServiceTemplate); } catch (CoderException | IOException e) { throw new ApexStarterException(e); |