diff --git a/tool/src/main/java/org/wildfly/security/tool/Command.java b/tool/src/main/java/org/wildfly/security/tool/Command.java index 4f06b917fe7..4b29a26b881 100644 --- a/tool/src/main/java/org/wildfly/security/tool/Command.java +++ b/tool/src/main/java/org/wildfly/security/tool/Command.java @@ -498,7 +498,6 @@ class Params { static final String SILENT_PARAM = "silent"; static final String STORE_LOCATION_PARAM = "location"; static final String SUMMARY_PARAM = "summary"; - static final String OVERWRITE_SCRIPT_FILE = "overwrite-script-file"; // Other constants static final Pattern BOOLEAN_ARG_REGEX = Pattern.compile("(true|false)", Pattern.CASE_INSENSITIVE | Pattern.UNICODE_CASE); diff --git a/tool/src/main/java/org/wildfly/security/tool/ElytronToolMessages.java b/tool/src/main/java/org/wildfly/security/tool/ElytronToolMessages.java index 7d4bc482527..4b876d33b25 100644 --- a/tool/src/main/java/org/wildfly/security/tool/ElytronToolMessages.java +++ b/tool/src/main/java/org/wildfly/security/tool/ElytronToolMessages.java @@ -589,9 +589,6 @@ public interface ElytronToolMessages extends BasicLogger { @Message(id = NONE, value = "Provides a detailed summary of all operations performed, once the command finishes.") String cmdFileSystemRealmSummaryDesc(); - @Message(id = NONE, value = "Whether the cli script file will be overwritten, if attempting to write to an existing file.") - String cmdFileSystemRealmOverwriteCliScriptFileDesc(); - @Message(id = NONE, value = "No users file specified. Please use either --bulk-convert or specify a users file using --users-file ") MissingOptionException missingUsersFile(); diff --git a/tool/src/main/java/org/wildfly/security/tool/FileSystemEncryptRealmCommand.java b/tool/src/main/java/org/wildfly/security/tool/FileSystemEncryptRealmCommand.java index 76a76d95e9d..844332d76de 100644 --- a/tool/src/main/java/org/wildfly/security/tool/FileSystemEncryptRealmCommand.java +++ b/tool/src/main/java/org/wildfly/security/tool/FileSystemEncryptRealmCommand.java @@ -17,7 +17,6 @@ */ package org.wildfly.security.tool; -import static org.wildfly.security.tool.Params.BOOLEAN_PARAM; import static org.wildfly.security.tool.Params.BULK_CONVERT_PARAM; import static org.wildfly.security.tool.Params.CREATE_CREDENTIAL_STORE_PARAM; import static org.wildfly.security.tool.Params.CREDENTIAL_STORE_LOCATION_PARAM; @@ -39,7 +38,6 @@ import static org.wildfly.security.tool.Params.LINE_SEPARATOR; import static org.wildfly.security.tool.Params.NAME_PARAM; import static org.wildfly.security.tool.Params.OUTPUT_LOCATION_PARAM; -import static org.wildfly.security.tool.Params.OVERWRITE_SCRIPT_FILE; import static org.wildfly.security.tool.Params.PASSWORD_ENV_PARAM; import static org.wildfly.security.tool.Params.PASSWORD_PARAM; import static org.wildfly.security.tool.Params.REALM_NAME_PARAM; @@ -178,10 +176,6 @@ class FileSystemEncryptRealmCommand extends Command { option.setArgName(FILE_PARAM); options.addOption(option); - option = new Option("w", OVERWRITE_SCRIPT_FILE, true, ElytronToolMessages.msg.cmdFileSystemRealmOverwriteCliScriptFileDesc()); - option.setArgName(BOOLEAN_PARAM); - options.addOption(option); - option = Option.builder().longOpt(HELP_PARAM).desc(ElytronToolMessages.msg.cmdLineHelp()).build(); options.addOption(option); @@ -214,7 +208,6 @@ private static final class Descriptor { private Boolean encoded; private Boolean createCredentialStore; private Boolean populate; - private Boolean overwriteScriptFile; Descriptor() { } @@ -237,7 +230,6 @@ private static final class Descriptor { this.createCredentialStore = descriptor.createCredentialStore; this.secretKeyAlias = descriptor.secretKeyAlias; this.populate = descriptor.populate; - this.overwriteScriptFile = descriptor.overwriteScriptFile; } public Encoding getHashEncoding() { @@ -370,14 +362,6 @@ void setKeyPairAlias(String keyPairAlias) { this.keyPairAlias = keyPairAlias; } - public Boolean getOverwriteScriptFile() { - return overwriteScriptFile; - } - - public void setOverwriteScriptFile(Boolean overwriteScriptFile) { - this.overwriteScriptFile = overwriteScriptFile; - } - void reset() { this.inputRealmLocation = null; this.outputRealmLocation = null; @@ -395,7 +379,6 @@ void reset() { this.encoded = null; this.levels = null; this.populate = null; - this.overwriteScriptFile = null; } } @@ -441,7 +424,6 @@ public void execute(String[] args) throws Exception { String encodedOption = cmdLine.getOptionValue("f"); String bulkConvert = cmdLine.getOptionValue("b"); String populateOption = cmdLine.getOptionValue("p"); - String overwriteScriptFileOption = cmdLine.getOptionValue("w"); if (bulkConvert == null) { if (realmNameOption == null) { @@ -491,9 +473,6 @@ public void execute(String[] args) throws Exception { } else { descriptor.setPopulate(Boolean.valueOf(populateOption)); } - if (overwriteScriptFileOption != null) { - descriptor.setOverwriteScriptFile(Boolean.valueOf(overwriteScriptFileOption)); - } if (levelsOption == null) { descriptor.setLevels(DEFAULT_LEVELS); @@ -949,7 +928,6 @@ private void createWildFlyScript() throws Exception { String keyStoreType = descriptor.getKeyStoreType(); char[] password = descriptor.getPassword(); String keyPairAlias = descriptor.getKeyPairAlias(); - Boolean overwriteScript = descriptor.getOverwriteScriptFile(); if (hashCharset == null) { hashCharset = StandardCharsets.UTF_8; @@ -964,20 +942,17 @@ private void createWildFlyScript() throws Exception { Path scriptPath = Paths.get(String.format("%s/%s.cli", outputRealmLocation, fileSystemRealmName)); - if (overwriteScript == null) { - if (scriptPath.toFile().exists()) { - createScriptCheck = prompt( - true, - ElytronToolMessages.msg.shouldFileBeOverwritten(scriptPath.toString()), - false, - null - ); - if (createScriptCheck.trim().isEmpty()) createScriptCheck = "n"; - } - - overwriteScript = createScriptCheck.isEmpty() || createScriptCheck.toLowerCase().startsWith("y"); + if (scriptPath.toFile().exists()) { + createScriptCheck = prompt( + true, + ElytronToolMessages.msg.shouldFileBeOverwritten(scriptPath.toString()), + false, + null + ); + if (createScriptCheck.trim().isEmpty()) createScriptCheck = "n"; } + boolean overwriteScript = createScriptCheck.isEmpty() || createScriptCheck.toLowerCase().startsWith("y"); if (!overwriteScript) { // Generate a random file for the CLI script do { scriptPath = Paths.get(String.format("%s/%s.cli", @@ -1031,7 +1006,7 @@ private void createWildFlyScript() throws Exception { if (overwriteScript) { // Create a new script file, or overwrite the existing one Files.write(scriptPath, scriptLines, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING); } else { - Files.write(scriptPath, scriptLines, StandardOpenOption.CREATE); + Files.write(scriptPath, scriptLines, StandardOpenOption.APPEND); } counter++; } diff --git a/tool/src/main/java/org/wildfly/security/tool/FileSystemRealmIntegrityCommand.java b/tool/src/main/java/org/wildfly/security/tool/FileSystemRealmIntegrityCommand.java index 9e9225ba370..33de909669f 100644 --- a/tool/src/main/java/org/wildfly/security/tool/FileSystemRealmIntegrityCommand.java +++ b/tool/src/main/java/org/wildfly/security/tool/FileSystemRealmIntegrityCommand.java @@ -39,7 +39,6 @@ import static org.wildfly.security.tool.Params.NAME_PARAM; import static org.wildfly.security.tool.Params.NUMBER_PARAM; import static org.wildfly.security.tool.Params.OUTPUT_LOCATION_PARAM; -import static org.wildfly.security.tool.Params.OVERWRITE_SCRIPT_FILE; import static org.wildfly.security.tool.Params.PASSWORD_ENV_PARAM; import static org.wildfly.security.tool.Params.PASSWORD_PARAM; import static org.wildfly.security.tool.Params.REALM_NAME_PARAM; @@ -161,9 +160,6 @@ public class FileSystemRealmIntegrityCommand extends Command { options.addOption(Option.builder("b").longOpt(BULK_CONVERT_PARAM).desc(ElytronToolMessages.msg.cmdFileSystemRealmIntegrityBulkConvertDesc()) .hasArg().argName(FILE_PARAM) .build()); - options.addOption(Option.builder("w").longOpt(OVERWRITE_SCRIPT_FILE).desc(ElytronToolMessages.msg.cmdFileSystemRealmOverwriteCliScriptFileDesc()) - .hasArg().argName(BOOLEAN_PARAM) - .build()); // General options options.addOption(Option.builder("h").longOpt(HELP_PARAM).desc(ElytronToolMessages.msg.cmdLineHelp()) @@ -192,7 +188,6 @@ private static final class Descriptor { private Encoding hashEncoding; private Charset hashCharset; private Boolean encoded; - private Boolean overwriteScriptFile; private Boolean upgradeInPlace; private Boolean missingRequiredValue; @@ -220,7 +215,6 @@ private static final class Descriptor { this.hashEncoding = descriptor.hashEncoding; this.hashCharset = descriptor.hashCharset; this.encoded = descriptor.encoded; - this.overwriteScriptFile = descriptor.overwriteScriptFile; this.upgradeInPlace = descriptor.upgradeInPlace; this.missingRequiredValue = descriptor.missingRequiredValue; @@ -331,9 +325,6 @@ public Boolean getMissingRequiredValue() { public Boolean getRealmUpgraded() { return realmUpgraded; } - public Boolean getOverwriteScriptFile() { - return overwriteScriptFile; - } public void setInputRealmPath(String inputRealmPath) { setInputRealmPath(Paths.get(inputRealmPath).normalize().toAbsolutePath()); @@ -422,9 +413,6 @@ public void setMissingRequiredValue() { public void setRealmUpgraded() { this.realmUpgraded = true; } - public void setOverwriteScriptFile(Boolean overwriteScriptFile) { - this.overwriteScriptFile = overwriteScriptFile; - } void reset(boolean resetMissingValues) { // Required values are set to null if contents are null, or equal "MISSING" @@ -443,7 +431,6 @@ void reset(boolean resetMissingValues) { hashEncoding = null; hashCharset = null; encoded = null; - overwriteScriptFile = null; upgradeInPlace = false; realmUpgraded = false; @@ -492,7 +479,6 @@ public void execute(String[] args) throws Exception { String hashCharsetOption = cmdLine.getOptionValue("u"); String encodedOption = cmdLine.getOptionValue("f"); String bulkConvertOption = cmdLine.getOptionValue("b"); - String overwriteScriptFileOption = cmdLine.getOptionValue("w"); if (bulkConvertOption == null) { if (summaryMode) { @@ -591,10 +577,6 @@ public void execute(String[] args) throws Exception { descriptor.setEncoded(Boolean.parseBoolean(encodedOption)); } - if (overwriteScriptFileOption != null) { - descriptor.setOverwriteScriptFile(Boolean.valueOf(overwriteScriptFileOption)); - } - descriptors.add(descriptor); findMissingRequiredValuesAndSetValues(0, descriptor); } else if (nonBulkConvertOptionSet(inputRealmPathOption, outputRealmPathOption, realmNameOption, keyStorePathOption, @@ -973,26 +955,22 @@ private void createWildFlyScript() throws Exception { String fileSystemRealmName = descriptor.getFileSystemRealmName(); Path outputRealmPath = descriptor.getOutputRealmPath(); boolean upgradeInPlace = descriptor.getUpgradeInPlace(); - Boolean overwriteScript = descriptor.getOverwriteScriptFile(); String createScriptCheck = ""; Path scriptPath = Paths.get(String.format("%s/%s.cli", outputRealmPath, fileSystemRealmName)); - if (overwriteScript == null) { - // Ask to overwrite CLI script, if already exists - if(scriptPath.toFile().exists()) { - createScriptCheck = prompt( - true, - ElytronToolMessages.msg.shouldFileBeOverwritten(scriptPath.toString()), - false, - null - ); - if (createScriptCheck.trim().isEmpty()) createScriptCheck = "n"; - } - - overwriteScript = createScriptCheck.isEmpty() || createScriptCheck.toLowerCase().startsWith("y"); + // Ask to overwrite CLI script, if already exists + if(scriptPath.toFile().exists()) { + createScriptCheck = prompt( + true, + ElytronToolMessages.msg.shouldFileBeOverwritten(scriptPath.toString()), + false, + null + ); + if (createScriptCheck.trim().isEmpty()) createScriptCheck = "n"; } + boolean overwriteScript = createScriptCheck.isEmpty() || createScriptCheck.toLowerCase().startsWith("y"); if (!overwriteScript) { do { scriptPath = Paths.get(String.format("%s/%s.cli", diff --git a/tool/src/test/java/org/wildfly/security/tool/FileSystemEncryptRealmCommandTest.java b/tool/src/test/java/org/wildfly/security/tool/FileSystemEncryptRealmCommandTest.java index 910f78580f9..32ff3c29f2d 100644 --- a/tool/src/test/java/org/wildfly/security/tool/FileSystemEncryptRealmCommandTest.java +++ b/tool/src/test/java/org/wildfly/security/tool/FileSystemEncryptRealmCommandTest.java @@ -17,8 +17,6 @@ */ package org.wildfly.security.tool; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotEquals; import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; import static org.wildfly.security.tool.Command.ELYTRON_KS_PASS_PROVIDERS; @@ -68,12 +66,6 @@ private void runCommand(String inputLocation, String outputLocation, String file executeCommandAndCheckStatus(requiredArgs, expectedStatus); } - private void runCommand(String inputLocation, String outputLocation, String fileSystemRealmName, String encoded, boolean create, int expectedStatus, boolean overwriteScriptFile) { - String[] requiredArgs; - requiredArgs = new String[]{"--input-location", inputLocation, "--output-location", outputLocation, "--realm-name", fileSystemRealmName, "--encoded", encoded, "--create", String.valueOf(create), "--credential-store", CREDENTIAL_STORE_PATH, "--overwrite-script-file", String.valueOf(overwriteScriptFile)}; - executeCommandAndCheckStatus(requiredArgs, expectedStatus); - } - private void runCommand(String inputLocation, String outputLocation, String fileSystemRealmName, int levels, String encoded, boolean create, int expectedStatus) { String[] requiredArgs; requiredArgs = new String[]{"--input-location", inputLocation, "--output-location", outputLocation, "--realm-name", fileSystemRealmName, "--levels", String.valueOf(levels), "--encoded", encoded, "--create", String.valueOf(create), "--credential-store", CREDENTIAL_STORE_PATH}; @@ -167,48 +159,6 @@ public void testSingleUser() throws Exception { } } - @Test - public void testOverwritingScriptFileTrue() throws Exception { - String outputLocation = RELATIVE_BASE_DIR + "fs-encrypted-realms"; - String fileSystemRealmName = "overwrite-script-true"; - String file = "target/test-classes/filesystem-encrypt/fs-encrypted-realms/overwrite-script-true.cli"; - - String inputLocation = RELATIVE_BASE_DIR + "fs-unencrypted-realms/single-user-with-role/"; - runCommand(inputLocation, outputLocation, fileSystemRealmName, 3, "false", true, 0); - - assertTrue(fileExists(file)); - File scriptFile = new File(file); - Long modifiedBefore = scriptFile.lastModified(); - - inputLocation = RELATIVE_BASE_DIR + "fs-unencrypted-realms/single-user/"; - runCommand(inputLocation, outputLocation, fileSystemRealmName, "false", true, 0, true); - - Long modifiedAfter = scriptFile.lastModified(); - - assertNotEquals(modifiedBefore, modifiedAfter); - } - - @Test - public void testOverwritingScriptFileFalse() throws Exception { - String outputLocation = RELATIVE_BASE_DIR + "fs-encrypted-realms"; - String fileSystemRealmName = "overwrite-script-false"; - String file = "target/test-classes/filesystem-encrypt/fs-encrypted-realms/overwrite-script-false.cli"; - - String inputLocation = RELATIVE_BASE_DIR + "fs-unencrypted-realms/single-user-with-role/"; - runCommand(inputLocation, outputLocation, fileSystemRealmName, 3, "false", true, 0); - - assertTrue(fileExists(file)); - File scriptFile = new File(file); - Long modifiedBefore = scriptFile.lastModified(); - - inputLocation = RELATIVE_BASE_DIR + "fs-unencrypted-realms/single-user/"; - runCommand(inputLocation, outputLocation, fileSystemRealmName, "false", true, 0, false); - - Long modifiedAfter = scriptFile.lastModified(); - - assertEquals(modifiedBefore, modifiedAfter); - } - @Test public void testSingleUserMissingParam() throws Exception { String outputLocation = RELATIVE_BASE_DIR + "fs-encrypted-realms"; diff --git a/tool/src/test/java/org/wildfly/security/tool/FileSystemRealmIntegrityCommandTest.java b/tool/src/test/java/org/wildfly/security/tool/FileSystemRealmIntegrityCommandTest.java index 7db8da89604..2d134d31d7f 100644 --- a/tool/src/test/java/org/wildfly/security/tool/FileSystemRealmIntegrityCommandTest.java +++ b/tool/src/test/java/org/wildfly/security/tool/FileSystemRealmIntegrityCommandTest.java @@ -17,7 +17,6 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNotEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import static org.wildfly.security.tool.Command.GENERAL_CONFIGURATION_ERROR; @@ -37,7 +36,6 @@ import static org.wildfly.security.tool.Params.KEY_PAIR_ALIAS_PARAM; import static org.wildfly.security.tool.Params.LEVELS_PARAM; import static org.wildfly.security.tool.Params.OUTPUT_LOCATION_PARAM; -import static org.wildfly.security.tool.Params.OVERWRITE_SCRIPT_FILE; import static org.wildfly.security.tool.Params.PASSWORD_ENV_PARAM; import static org.wildfly.security.tool.Params.PASSWORD_PARAM; import static org.wildfly.security.tool.Params.REALM_NAME_PARAM; @@ -118,90 +116,6 @@ public void testSingleUserRealmWithJCEKS() throws IOException { validateScript(params, FS_REALM_SIGNED_PATH.resolve(realmName + ".cli")); } - @Test - public void testScriptFileOverwriteFalse() throws IOException { - String realmName = "scriptOverwriteFalse"; - Path keyStore = Paths.get(RELATIVE_BASE_DIR, "fsKeyStoreEC.jceks"); - String keyStoreType = "JCEKS"; - String keyPairAlias = "curveKeyPair"; - - Path inputLocation = Paths.get(RELATIVE_UNSIGNED_DIR, "fsRealmSingle"); - String[] firstRealmArgs = { - "--" + INPUT_LOCATION_PARAM, inputLocation.toString(), - "--" + OUTPUT_LOCATION_PARAM, FS_REALM_SIGNED_PATH.toString(), - "--" + REALM_NAME_PARAM, realmName, - "--" + KEYSTORE_PARAM, keyStore.toString(), - "--" + KEYSTORE_TYPE_PARAM, keyStoreType, - "--" + KEY_PAIR_ALIAS_PARAM, keyPairAlias, - "--" + PASSWORD_PARAM, KEYSTORE_PASSWORD - }; - - runCommand(inputLocation, firstRealmArgs, ElytronToolExitStatus_OK); - - File scriptFile = FS_REALM_SIGNED_PATH.resolve(realmName + ".cli").toFile(); - Long modifiedBefore = scriptFile.lastModified(); - - inputLocation = Paths.get(RELATIVE_UNSIGNED_DIR, "fsRealmAl"); - String[] secondRealmArgs = { - "--" + INPUT_LOCATION_PARAM, inputLocation.toString(), - "--" + OUTPUT_LOCATION_PARAM, FS_REALM_SIGNED_PATH.toString(), - "--" + REALM_NAME_PARAM, realmName, - "--" + KEYSTORE_PARAM, keyStore.toString(), - "--" + KEYSTORE_TYPE_PARAM, keyStoreType, - "--" + KEY_PAIR_ALIAS_PARAM, keyPairAlias, - "--" + PASSWORD_PARAM, KEYSTORE_PASSWORD, - "--" + OVERWRITE_SCRIPT_FILE, "false" - }; - - runCommand(inputLocation, secondRealmArgs, ElytronToolExitStatus_OK); - - Long modifiedAfter = scriptFile.lastModified(); - - assertEquals(modifiedBefore, modifiedAfter); - } - - @Test - public void testScriptFileOverwriteTrue() throws IOException { - String realmName = "scriptOverwriteTrue"; - Path keyStore = Paths.get(RELATIVE_BASE_DIR, "fsKeyStoreEC.jceks"); - String keyStoreType = "JCEKS"; - String keyPairAlias = "curveKeyPair"; - - Path inputLocation = Paths.get(RELATIVE_UNSIGNED_DIR, "fsRealmSingle"); - String[] firstRealmArgs = { - "--" + INPUT_LOCATION_PARAM, inputLocation.toString(), - "--" + OUTPUT_LOCATION_PARAM, FS_REALM_SIGNED_PATH.toString(), - "--" + REALM_NAME_PARAM, realmName, - "--" + KEYSTORE_PARAM, keyStore.toString(), - "--" + KEYSTORE_TYPE_PARAM, keyStoreType, - "--" + KEY_PAIR_ALIAS_PARAM, keyPairAlias, - "--" + PASSWORD_PARAM, KEYSTORE_PASSWORD - }; - - runCommand(inputLocation, firstRealmArgs, ElytronToolExitStatus_OK); - - File scriptFile = FS_REALM_SIGNED_PATH.resolve(realmName + ".cli").toFile(); - Long modifiedBefore = scriptFile.lastModified(); - - inputLocation = Paths.get(RELATIVE_UNSIGNED_DIR, "fsRealmAl"); - String[] secondRealmArgs = { - "--" + INPUT_LOCATION_PARAM, inputLocation.toString(), - "--" + OUTPUT_LOCATION_PARAM, FS_REALM_SIGNED_PATH.toString(), - "--" + REALM_NAME_PARAM, realmName, - "--" + KEYSTORE_PARAM, keyStore.toString(), - "--" + KEYSTORE_TYPE_PARAM, keyStoreType, - "--" + KEY_PAIR_ALIAS_PARAM, keyPairAlias, - "--" + PASSWORD_PARAM, KEYSTORE_PASSWORD, - "--" + OVERWRITE_SCRIPT_FILE, "true" - }; - - runCommand(inputLocation, secondRealmArgs, ElytronToolExitStatus_OK); - - Long modifiedAfter = scriptFile.lastModified(); - - assertNotEquals(modifiedBefore, modifiedAfter); - } - @Test public void testMultiUserRealmWithSummary() throws IOException { String realmName = "fsRealmMultiUser"; diff --git a/tool/src/test/resources/filesystem-integrity/fs-unsigned-realms/fsRealmAl/a/l/alice-MFWGSY3F.xml b/tool/src/test/resources/filesystem-integrity/fs-unsigned-realms/fsRealmAl/a/l/alice-MFWGSY3F.xml deleted file mode 100644 index 3e94e6776f9..00000000000 --- a/tool/src/test/resources/filesystem-integrity/fs-unsigned-realms/fsRealmAl/a/l/alice-MFWGSY3F.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - \ No newline at end of file