Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ELY-2547] Add Elytron Tool option to overwrite CLI script #2194

Open
wants to merge 1 commit into
base: 2.x
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -498,6 +498,7 @@ class Params {
static final String SILENT_PARAM = "silent";
static final String STORE_LOCATION_PARAM = "location";
static final String SUMMARY_PARAM = "summary";
static final String OVERWRITE_SCRIPT_FILE = "overwrite-script-file";

// Other constants
static final Pattern BOOLEAN_ARG_REGEX = Pattern.compile("(true|false)", Pattern.CASE_INSENSITIVE | Pattern.UNICODE_CASE);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -589,6 +589,9 @@ public interface ElytronToolMessages extends BasicLogger {
@Message(id = NONE, value = "Provides a detailed summary of all operations performed, once the command finishes.")
String cmdFileSystemRealmSummaryDesc();

@Message(id = NONE, value = "Whether the cli script file will be overwritten, if attempting to write to an existing file.")
String cmdFileSystemRealmOverwriteCliScriptFileDesc();

@Message(id = NONE, value = "No users file specified. Please use either --bulk-convert <file> or specify a users file using --users-file <file>")
MissingOptionException missingUsersFile();

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
*/
package org.wildfly.security.tool;

import static org.wildfly.security.tool.Params.BOOLEAN_PARAM;
import static org.wildfly.security.tool.Params.BULK_CONVERT_PARAM;
import static org.wildfly.security.tool.Params.CREATE_CREDENTIAL_STORE_PARAM;
import static org.wildfly.security.tool.Params.CREDENTIAL_STORE_LOCATION_PARAM;
Expand All @@ -38,6 +39,7 @@
import static org.wildfly.security.tool.Params.LINE_SEPARATOR;
import static org.wildfly.security.tool.Params.NAME_PARAM;
import static org.wildfly.security.tool.Params.OUTPUT_LOCATION_PARAM;
import static org.wildfly.security.tool.Params.OVERWRITE_SCRIPT_FILE;
import static org.wildfly.security.tool.Params.PASSWORD_ENV_PARAM;
import static org.wildfly.security.tool.Params.PASSWORD_PARAM;
import static org.wildfly.security.tool.Params.REALM_NAME_PARAM;
Expand Down Expand Up @@ -176,6 +178,10 @@ class FileSystemEncryptRealmCommand extends Command {
option.setArgName(FILE_PARAM);
options.addOption(option);

option = new Option("w", OVERWRITE_SCRIPT_FILE, true, ElytronToolMessages.msg.cmdFileSystemRealmOverwriteCliScriptFileDesc());
option.setArgName(BOOLEAN_PARAM);
options.addOption(option);

option = Option.builder().longOpt(HELP_PARAM).desc(ElytronToolMessages.msg.cmdLineHelp()).build();
options.addOption(option);

Expand Down Expand Up @@ -208,6 +214,7 @@ private static final class Descriptor {
private Boolean encoded;
private Boolean createCredentialStore;
private Boolean populate;
private Boolean overwriteScriptFile;
Descriptor() {
}

Expand All @@ -230,6 +237,7 @@ private static final class Descriptor {
this.createCredentialStore = descriptor.createCredentialStore;
this.secretKeyAlias = descriptor.secretKeyAlias;
this.populate = descriptor.populate;
this.overwriteScriptFile = descriptor.overwriteScriptFile;
}

public Encoding getHashEncoding() {
Expand Down Expand Up @@ -362,6 +370,14 @@ void setKeyPairAlias(String keyPairAlias) {
this.keyPairAlias = keyPairAlias;
}

public Boolean getOverwriteScriptFile() {
return overwriteScriptFile;
}

public void setOverwriteScriptFile(Boolean overwriteScriptFile) {
this.overwriteScriptFile = overwriteScriptFile;
}

void reset() {
this.inputRealmLocation = null;
this.outputRealmLocation = null;
Expand All @@ -379,6 +395,7 @@ void reset() {
this.encoded = null;
this.levels = null;
this.populate = null;
this.overwriteScriptFile = null;
}
}

Expand Down Expand Up @@ -424,6 +441,7 @@ public void execute(String[] args) throws Exception {
String encodedOption = cmdLine.getOptionValue("f");
String bulkConvert = cmdLine.getOptionValue("b");
String populateOption = cmdLine.getOptionValue("p");
String overwriteScriptFileOption = cmdLine.getOptionValue("w");

if (bulkConvert == null) {
if (realmNameOption == null) {
Expand Down Expand Up @@ -473,6 +491,9 @@ public void execute(String[] args) throws Exception {
} else {
descriptor.setPopulate(Boolean.valueOf(populateOption));
}
if (overwriteScriptFileOption != null) {
descriptor.setOverwriteScriptFile(Boolean.valueOf(overwriteScriptFileOption));
}

if (levelsOption == null) {
descriptor.setLevels(DEFAULT_LEVELS);
Expand Down Expand Up @@ -928,6 +949,7 @@ private void createWildFlyScript() throws Exception {
String keyStoreType = descriptor.getKeyStoreType();
char[] password = descriptor.getPassword();
String keyPairAlias = descriptor.getKeyPairAlias();
Boolean overwriteScript = descriptor.getOverwriteScriptFile();

if (hashCharset == null) {
hashCharset = StandardCharsets.UTF_8;
Expand All @@ -942,17 +964,20 @@ private void createWildFlyScript() throws Exception {

Path scriptPath = Paths.get(String.format("%s/%s.cli", outputRealmLocation, fileSystemRealmName));

if (scriptPath.toFile().exists()) {
createScriptCheck = prompt(
true,
ElytronToolMessages.msg.shouldFileBeOverwritten(scriptPath.toString()),
false,
null
);
if (createScriptCheck.trim().isEmpty()) createScriptCheck = "n";
if (overwriteScript == null) {
if (scriptPath.toFile().exists()) {
createScriptCheck = prompt(
true,
ElytronToolMessages.msg.shouldFileBeOverwritten(scriptPath.toString()),
false,
null
);
if (createScriptCheck.trim().isEmpty()) createScriptCheck = "n";
}

overwriteScript = createScriptCheck.isEmpty() || createScriptCheck.toLowerCase().startsWith("y");
}

boolean overwriteScript = createScriptCheck.isEmpty() || createScriptCheck.toLowerCase().startsWith("y");
if (!overwriteScript) { // Generate a random file for the CLI script
do {
scriptPath = Paths.get(String.format("%s/%s.cli",
Expand Down Expand Up @@ -1006,7 +1031,7 @@ private void createWildFlyScript() throws Exception {
if (overwriteScript) { // Create a new script file, or overwrite the existing one
Files.write(scriptPath, scriptLines, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
} else {
Files.write(scriptPath, scriptLines, StandardOpenOption.APPEND);
Files.write(scriptPath, scriptLines, StandardOpenOption.CREATE);
}
counter++;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
import static org.wildfly.security.tool.Params.NAME_PARAM;
import static org.wildfly.security.tool.Params.NUMBER_PARAM;
import static org.wildfly.security.tool.Params.OUTPUT_LOCATION_PARAM;
import static org.wildfly.security.tool.Params.OVERWRITE_SCRIPT_FILE;
import static org.wildfly.security.tool.Params.PASSWORD_ENV_PARAM;
import static org.wildfly.security.tool.Params.PASSWORD_PARAM;
import static org.wildfly.security.tool.Params.REALM_NAME_PARAM;
Expand Down Expand Up @@ -160,6 +161,9 @@ public class FileSystemRealmIntegrityCommand extends Command {
options.addOption(Option.builder("b").longOpt(BULK_CONVERT_PARAM).desc(ElytronToolMessages.msg.cmdFileSystemRealmIntegrityBulkConvertDesc())
.hasArg().argName(FILE_PARAM)
.build());
options.addOption(Option.builder("w").longOpt(OVERWRITE_SCRIPT_FILE).desc(ElytronToolMessages.msg.cmdFileSystemRealmOverwriteCliScriptFileDesc())
.hasArg().argName(BOOLEAN_PARAM)
.build());

// General options
options.addOption(Option.builder("h").longOpt(HELP_PARAM).desc(ElytronToolMessages.msg.cmdLineHelp())
Expand Down Expand Up @@ -188,6 +192,7 @@ private static final class Descriptor {
private Encoding hashEncoding;
private Charset hashCharset;
private Boolean encoded;
private Boolean overwriteScriptFile;

private Boolean upgradeInPlace;
private Boolean missingRequiredValue;
Expand Down Expand Up @@ -215,6 +220,7 @@ private static final class Descriptor {
this.hashEncoding = descriptor.hashEncoding;
this.hashCharset = descriptor.hashCharset;
this.encoded = descriptor.encoded;
this.overwriteScriptFile = descriptor.overwriteScriptFile;

this.upgradeInPlace = descriptor.upgradeInPlace;
this.missingRequiredValue = descriptor.missingRequiredValue;
Expand Down Expand Up @@ -325,6 +331,9 @@ public Boolean getMissingRequiredValue() {
public Boolean getRealmUpgraded() {
return realmUpgraded;
}
public Boolean getOverwriteScriptFile() {
return overwriteScriptFile;
}

public void setInputRealmPath(String inputRealmPath) {
setInputRealmPath(Paths.get(inputRealmPath).normalize().toAbsolutePath());
Expand Down Expand Up @@ -413,6 +422,9 @@ public void setMissingRequiredValue() {
public void setRealmUpgraded() {
this.realmUpgraded = true;
}
public void setOverwriteScriptFile(Boolean overwriteScriptFile) {
this.overwriteScriptFile = overwriteScriptFile;
}

void reset(boolean resetMissingValues) {
// Required values are set to null if contents are null, or equal "MISSING"
Expand All @@ -431,6 +443,7 @@ void reset(boolean resetMissingValues) {
hashEncoding = null;
hashCharset = null;
encoded = null;
overwriteScriptFile = null;

upgradeInPlace = false;
realmUpgraded = false;
Expand Down Expand Up @@ -479,6 +492,7 @@ public void execute(String[] args) throws Exception {
String hashCharsetOption = cmdLine.getOptionValue("u");
String encodedOption = cmdLine.getOptionValue("f");
String bulkConvertOption = cmdLine.getOptionValue("b");
String overwriteScriptFileOption = cmdLine.getOptionValue("w");

if (bulkConvertOption == null) {
if (summaryMode) {
Expand Down Expand Up @@ -577,6 +591,10 @@ public void execute(String[] args) throws Exception {
descriptor.setEncoded(Boolean.parseBoolean(encodedOption));
}

if (overwriteScriptFileOption != null) {
descriptor.setOverwriteScriptFile(Boolean.valueOf(overwriteScriptFileOption));
}

descriptors.add(descriptor);
findMissingRequiredValuesAndSetValues(0, descriptor);
} else if (nonBulkConvertOptionSet(inputRealmPathOption, outputRealmPathOption, realmNameOption, keyStorePathOption,
Expand Down Expand Up @@ -955,22 +973,26 @@ private void createWildFlyScript() throws Exception {
String fileSystemRealmName = descriptor.getFileSystemRealmName();
Path outputRealmPath = descriptor.getOutputRealmPath();
boolean upgradeInPlace = descriptor.getUpgradeInPlace();
Boolean overwriteScript = descriptor.getOverwriteScriptFile();

String createScriptCheck = "";
Path scriptPath = Paths.get(String.format("%s/%s.cli", outputRealmPath, fileSystemRealmName));

// Ask to overwrite CLI script, if already exists
if(scriptPath.toFile().exists()) {
createScriptCheck = prompt(
true,
ElytronToolMessages.msg.shouldFileBeOverwritten(scriptPath.toString()),
false,
null
);
if (createScriptCheck.trim().isEmpty()) createScriptCheck = "n";
if (overwriteScript == null) {
// Ask to overwrite CLI script, if already exists
if(scriptPath.toFile().exists()) {
createScriptCheck = prompt(
true,
ElytronToolMessages.msg.shouldFileBeOverwritten(scriptPath.toString()),
false,
null
);
if (createScriptCheck.trim().isEmpty()) createScriptCheck = "n";
}

overwriteScript = createScriptCheck.isEmpty() || createScriptCheck.toLowerCase().startsWith("y");
}

boolean overwriteScript = createScriptCheck.isEmpty() || createScriptCheck.toLowerCase().startsWith("y");
if (!overwriteScript) {
do {
scriptPath = Paths.get(String.format("%s/%s.cli",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
*/
package org.wildfly.security.tool;

import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.wildfly.security.tool.Command.ELYTRON_KS_PASS_PROVIDERS;
Expand All @@ -26,6 +27,7 @@
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Arrays;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Map;
Expand Down Expand Up @@ -66,6 +68,12 @@ private void runCommand(String inputLocation, String outputLocation, String file
executeCommandAndCheckStatus(requiredArgs, expectedStatus);
}

private void runCommand(String inputLocation, String outputLocation, String fileSystemRealmName, String encoded, boolean create, int expectedStatus, boolean overwriteScriptFile) {
String[] requiredArgs;
requiredArgs = new String[]{"--input-location", inputLocation, "--output-location", outputLocation, "--realm-name", fileSystemRealmName, "--encoded", encoded, "--create", String.valueOf(create), "--credential-store", CREDENTIAL_STORE_PATH, "--overwrite-script-file", String.valueOf(overwriteScriptFile)};
executeCommandAndCheckStatus(requiredArgs, expectedStatus);
}

private void runCommand(String inputLocation, String outputLocation, String fileSystemRealmName, int levels, String encoded, boolean create, int expectedStatus) {
String[] requiredArgs;
requiredArgs = new String[]{"--input-location", inputLocation, "--output-location", outputLocation, "--realm-name", fileSystemRealmName, "--levels", String.valueOf(levels), "--encoded", encoded, "--create", String.valueOf(create), "--credential-store", CREDENTIAL_STORE_PATH};
Expand Down Expand Up @@ -159,6 +167,48 @@ public void testSingleUser() throws Exception {
}
}

@Test
public void testOverwritingScriptFileTrue() throws Exception {
String outputLocation = RELATIVE_BASE_DIR + "fs-encrypted-realms";
String fileSystemRealmName = "overwrite-script-true";
String file = "target/test-classes/filesystem-encrypt/fs-encrypted-realms/overwrite-script-true.cli";

String inputLocation = RELATIVE_BASE_DIR + "fs-unencrypted-realms/single-user-with-role/";
runCommand(inputLocation, outputLocation, fileSystemRealmName, 3, "false", true, 0);

assertTrue(fileExists(file));
Path scriptPath = Paths.get(file);
byte[] fileContentBefore = Files.readAllBytes(scriptPath);

inputLocation = RELATIVE_BASE_DIR + "fs-unencrypted-realms/single-user/";
runCommand(inputLocation, outputLocation, fileSystemRealmName, "false", true, 0, true);

byte[] fileContentAfter = Files.readAllBytes(scriptPath);

assertFalse(Arrays.equals(fileContentBefore, fileContentAfter));
}

@Test
public void testOverwritingScriptFileFalse() throws Exception {
String outputLocation = RELATIVE_BASE_DIR + "fs-encrypted-realms";
String fileSystemRealmName = "overwrite-script-false";
String file = "target/test-classes/filesystem-encrypt/fs-encrypted-realms/overwrite-script-false.cli";

String inputLocation = RELATIVE_BASE_DIR + "fs-unencrypted-realms/single-user-with-role/";
runCommand(inputLocation, outputLocation, fileSystemRealmName, 3, "false", true, 0);

assertTrue(fileExists(file));
Path scriptPath = Paths.get(file);
byte[] fileContentBefore = Files.readAllBytes(scriptPath);

inputLocation = RELATIVE_BASE_DIR + "fs-unencrypted-realms/single-user/";
runCommand(inputLocation, outputLocation, fileSystemRealmName, "false", true, 0, false);

byte[] fileContentAfter = Files.readAllBytes(scriptPath);

assertTrue(Arrays.equals(fileContentBefore, fileContentAfter));
}

@Test
public void testSingleUserMissingParam() throws Exception {
String outputLocation = RELATIVE_BASE_DIR + "fs-encrypted-realms";
Expand Down
Loading
Loading