From b2d3fb99d210ce13b38f8bf71f7888a70086254a Mon Sep 17 00:00:00 2001
From: Jim Hahn <jrh3@att.com>
Date: Thu, 2 Sep 2021 13:27:40 -0400
Subject: Fix sonar security issues in apex-pdp

Fixed sonar security issues:
- set permissions of temporary files

Issue-ID: POLICY-3093
Change-Id: I1dfc87f22975fa950cfcfc47196fad55d6cbf277
Signed-off-by: Jim Hahn <jrh3@att.com>
---
 .../onap/policy/apex/services/onappf/handler/ApexEngineHandler.java    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'services/services-onappf/src/main')

diff --git a/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java b/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java
index b676450a3..2030b3b65 100644
--- a/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java
+++ b/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java
@@ -57,6 +57,7 @@ import org.onap.policy.apex.services.onappf.exception.ApexStarterException;
 import org.onap.policy.common.parameters.ParameterService;
 import org.onap.policy.common.utils.coder.CoderException;
 import org.onap.policy.common.utils.coder.StandardCoder;
+import org.onap.policy.common.utils.resources.TextFileUtils;
 import org.onap.policy.models.tosca.authorative.concepts.ToscaConceptIdentifier;
 import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy;
 import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate;
@@ -254,7 +255,7 @@ public class ApexEngineHandler {
             toscaServiceTemplate.setToscaTopologyTemplate(toscaTopologyTemplate);
             File file;
             try {
-                file = File.createTempFile(policyName, ".json");
+                file = TextFileUtils.createTempFile(policyName, ".json");
                 standardCoder.encode(file, toscaServiceTemplate);
             } catch (CoderException | IOException e) {
                 throw new ApexStarterException(e);
-- 
cgit 1.2.3-korg