From a0f1fcbfb84ee19b9aa6d58cf2dedfc1ec8d0a3c Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Fri, 2 Aug 2024 09:53:05 +0200 Subject: [PATCH] amendments after self-review --- .../hostsharing/hsadminng/hash/HashGenerator.java | 7 ++++++- .../HsPostgreSqlUserHostingAssetValidator.java | 8 -------- .../hsadminng/hs/validation/HsEntityValidator.java | 14 +------------- .../hsadminng/hs/validation/PasswordProperty.java | 2 ++ .../hs/migration/ImportHostingAssets.java | 1 + 5 files changed, 10 insertions(+), 22 deletions(-) diff --git a/src/main/java/net/hostsharing/hsadminng/hash/HashGenerator.java b/src/main/java/net/hostsharing/hsadminng/hash/HashGenerator.java index a577f3ce..44f41281 100644 --- a/src/main/java/net/hostsharing/hsadminng/hash/HashGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/hash/HashGenerator.java @@ -27,6 +27,7 @@ public final class HashGenerator { "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "0123456789/."; + private static boolean couldBeHashEnabled; // TODO.impl: remove after legacy data is migrated public enum Algorithm { LINUX_SHA512(LinuxEtcShadowHashGenerator::hash, "6"), @@ -59,8 +60,12 @@ public final class HashGenerator { this.algorithm = algorithm; } + public static void enableChouldBeHash(final boolean enable) { + couldBeHashEnabled = enable; + } + public boolean couldBeHash(final String value) { - return value.startsWith(algorithm.prefix); + return couldBeHashEnabled && value.startsWith(algorithm.prefix); } public String hash(final String plaintextPassword) { diff --git a/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsPostgreSqlUserHostingAssetValidator.java b/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsPostgreSqlUserHostingAssetValidator.java index 736648ff..e10b6e6c 100644 --- a/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsPostgreSqlUserHostingAssetValidator.java +++ b/src/main/java/net/hostsharing/hsadminng/hs/hosting/asset/validators/HsPostgreSqlUserHostingAssetValidator.java @@ -3,7 +3,6 @@ package net.hostsharing.hsadminng.hs.hosting.asset.validators; import net.hostsharing.hsadminng.hash.HashGenerator; import net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAsset; -import java.util.List; import java.util.regex.Pattern; import static net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType.PGSQL_USER; @@ -28,13 +27,6 @@ class HsPostgreSqlUserHostingAssetValidator extends HostingAssetEntityValidator passwordProperty("password").minLength(8).maxLength(40).hashedUsing(HashGenerator.Algorithm.SCRAM_SHA256).writeOnly()); } - // FIXME: remove method - @Override - public List validateEntity(final HsHostingAsset assetEntity) { - final var result = super.validateEntity(assetEntity); - return result; - } - @Override protected Pattern identifierPattern(final HsHostingAsset assetEntity) { final var webspaceIdentifier = assetEntity.getParentAsset().getIdentifier(); diff --git a/src/main/java/net/hostsharing/hsadminng/hs/validation/HsEntityValidator.java b/src/main/java/net/hostsharing/hsadminng/hs/validation/HsEntityValidator.java index 0ba440d2..77cc2514 100644 --- a/src/main/java/net/hostsharing/hsadminng/hs/validation/HsEntityValidator.java +++ b/src/main/java/net/hostsharing/hsadminng/hs/validation/HsEntityValidator.java @@ -5,7 +5,6 @@ package net.hostsharing.hsadminng.hs.validation; import jakarta.persistence.EntityManager; import java.util.ArrayList; import java.util.Arrays; -import java.util.Collection; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -63,18 +62,7 @@ public abstract class HsEntityValidator { } protected ArrayList validateProperties(final PropertiesProvider propsProvider) { - final var result = new ArrayList() { - - @Override - public boolean add(final String s) { - return super.add(s); - } - - @Override - public boolean addAll(final Collection c) { - return super.addAll(c); - } - }; + final var result = new ArrayList(); // verify that all actually given properties are specified final var properties = propsProvider.directProps(); diff --git a/src/main/java/net/hostsharing/hsadminng/hs/validation/PasswordProperty.java b/src/main/java/net/hostsharing/hsadminng/hs/validation/PasswordProperty.java index fa23b1d2..ceaf2603 100644 --- a/src/main/java/net/hostsharing/hsadminng/hs/validation/PasswordProperty.java +++ b/src/main/java/net/hostsharing/hsadminng/hs/validation/PasswordProperty.java @@ -31,10 +31,12 @@ public class PasswordProperty extends StringProperty { @Override protected void validate(final List result, final String propValue, final PropertiesProvider propProvider) { + // TODO.impl: remove after legacy data is migrated if (HashGenerator.using(hashedUsing).couldBeHash(propValue) && propValue.length() > this.maxLength()) { // already hashed => do not validate return; } + super.validate(result, propValue, propProvider); validatePassword(result, propValue); } diff --git a/src/test/java/net/hostsharing/hsadminng/hs/migration/ImportHostingAssets.java b/src/test/java/net/hostsharing/hsadminng/hs/migration/ImportHostingAssets.java index c974ba3e..288261e7 100644 --- a/src/test/java/net/hostsharing/hsadminng/hs/migration/ImportHostingAssets.java +++ b/src/test/java/net/hostsharing/hsadminng/hs/migration/ImportHostingAssets.java @@ -972,6 +972,7 @@ public class ImportHostingAssets extends ImportOfficeData { } private void importDatabaseUsers(final String[] header, final List records) { + HashGenerator.enableChouldBeHash(true); final var columns = new Columns(header); records.stream() .map(this::trimAll)