summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJim Hahn <jrh3@att.com>2021-09-02 13:27:40 -0400
committerJim Hahn <jrh3@att.com>2021-09-02 14:03:14 -0400
commitb2d3fb99d210ce13b38f8bf71f7888a70086254a (patch)
tree7141eea456438aaf8b935bb539269ef023196e6c
parent51f1fffd687e53c858685ec41fd3ab8cfd4fcdf1 (diff)
Fix sonar security issues in apex-pdp
Fixed sonar security issues: - set permissions of temporary files Issue-ID: POLICY-3093 Change-Id: I1dfc87f22975fa950cfcfc47196fad55d6cbf277 Signed-off-by: Jim Hahn <jrh3@att.com>
-rw-r--r--auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java4
-rw-r--r--model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java2
-rw-r--r--services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java3
3 files changed, 5 insertions, 4 deletions
diff --git a/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java b/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java
index 1f2703daa..0926c80e0 100644
--- a/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java
+++ b/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java
@@ -20,7 +20,6 @@
package org.onap.policy.apex.auth.clieditor.tosca;
-import java.io.File;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
@@ -29,6 +28,7 @@ import org.onap.policy.apex.auth.clieditor.ApexCommandLineEditorMain;
import org.onap.policy.apex.auth.clieditor.CommandLineParameters;
import org.onap.policy.apex.auth.clieditor.utils.CliUtils;
import org.onap.policy.common.utils.coder.CoderException;
+import org.onap.policy.common.utils.resources.TextFileUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -65,7 +65,7 @@ public class ApexCliToscaEditorMain {
String policyModelFilePath = null;
try {
- final var tempModelFile = File.createTempFile("policyModel", ".json");
+ final var tempModelFile = TextFileUtils.createTempFile("policyModel", ".json");
policyModelFilePath = tempModelFile.getAbsolutePath();
} catch (IOException e) {
LOGGER.error("Cannot create the policy model temp file.", e);
diff --git a/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java b/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java
index 5e5d39c9b..b350af527 100644
--- a/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java
+++ b/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java
@@ -480,7 +480,7 @@ public class ModelHandlerFacade {
ApexApiResult splitResult = new ApexApiResult();
File tempSplitPolicyFile = null;
try {
- tempSplitPolicyFile = File.createTempFile("ApexTempPolicy", null);
+ tempSplitPolicyFile = TextFileUtils.createTempFile("ApexTempPolicy", null);
// Split the policy into a temporary file
splitResult = split(tempSplitPolicyFile.getCanonicalPath(), splitOutPolicies);
diff --git a/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java b/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java
index b676450a3..2030b3b65 100644
--- a/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java
+++ b/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java
@@ -57,6 +57,7 @@ import org.onap.policy.apex.services.onappf.exception.ApexStarterException;
import org.onap.policy.common.parameters.ParameterService;
import org.onap.policy.common.utils.coder.CoderException;
import org.onap.policy.common.utils.coder.StandardCoder;
+import org.onap.policy.common.utils.resources.TextFileUtils;
import org.onap.policy.models.tosca.authorative.concepts.ToscaConceptIdentifier;
import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy;
import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate;
@@ -254,7 +255,7 @@ public class ApexEngineHandler {
toscaServiceTemplate.setToscaTopologyTemplate(toscaTopologyTemplate);
File file;
try {
- file = File.createTempFile(policyName, ".json");
+ file = TextFileUtils.createTempFile(policyName, ".json");
standardCoder.encode(file, toscaServiceTemplate);
} catch (CoderException | IOException e) {
throw new ApexStarterException(e);