amendments after self-review
This commit is contained in:
parent
194405c577
commit
a0f1fcbfb8
@ -27,6 +27,7 @@ public final class HashGenerator {
|
|||||||
"abcdefghijklmnopqrstuvwxyz" +
|
"abcdefghijklmnopqrstuvwxyz" +
|
||||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" +
|
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" +
|
||||||
"0123456789/.";
|
"0123456789/.";
|
||||||
|
private static boolean couldBeHashEnabled; // TODO.impl: remove after legacy data is migrated
|
||||||
|
|
||||||
public enum Algorithm {
|
public enum Algorithm {
|
||||||
LINUX_SHA512(LinuxEtcShadowHashGenerator::hash, "6"),
|
LINUX_SHA512(LinuxEtcShadowHashGenerator::hash, "6"),
|
||||||
@ -59,8 +60,12 @@ public final class HashGenerator {
|
|||||||
this.algorithm = algorithm;
|
this.algorithm = algorithm;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static void enableChouldBeHash(final boolean enable) {
|
||||||
|
couldBeHashEnabled = enable;
|
||||||
|
}
|
||||||
|
|
||||||
public boolean couldBeHash(final String value) {
|
public boolean couldBeHash(final String value) {
|
||||||
return value.startsWith(algorithm.prefix);
|
return couldBeHashEnabled && value.startsWith(algorithm.prefix);
|
||||||
}
|
}
|
||||||
|
|
||||||
public String hash(final String plaintextPassword) {
|
public String hash(final String plaintextPassword) {
|
||||||
|
@ -3,7 +3,6 @@ package net.hostsharing.hsadminng.hs.hosting.asset.validators;
|
|||||||
import net.hostsharing.hsadminng.hash.HashGenerator;
|
import net.hostsharing.hsadminng.hash.HashGenerator;
|
||||||
import net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAsset;
|
import net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAsset;
|
||||||
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.regex.Pattern;
|
import java.util.regex.Pattern;
|
||||||
|
|
||||||
import static net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType.PGSQL_USER;
|
import static net.hostsharing.hsadminng.hs.hosting.asset.HsHostingAssetType.PGSQL_USER;
|
||||||
@ -28,13 +27,6 @@ class HsPostgreSqlUserHostingAssetValidator extends HostingAssetEntityValidator
|
|||||||
passwordProperty("password").minLength(8).maxLength(40).hashedUsing(HashGenerator.Algorithm.SCRAM_SHA256).writeOnly());
|
passwordProperty("password").minLength(8).maxLength(40).hashedUsing(HashGenerator.Algorithm.SCRAM_SHA256).writeOnly());
|
||||||
}
|
}
|
||||||
|
|
||||||
// FIXME: remove method
|
|
||||||
@Override
|
|
||||||
public List<String> validateEntity(final HsHostingAsset assetEntity) {
|
|
||||||
final var result = super.validateEntity(assetEntity);
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected Pattern identifierPattern(final HsHostingAsset assetEntity) {
|
protected Pattern identifierPattern(final HsHostingAsset assetEntity) {
|
||||||
final var webspaceIdentifier = assetEntity.getParentAsset().getIdentifier();
|
final var webspaceIdentifier = assetEntity.getParentAsset().getIdentifier();
|
||||||
|
@ -5,7 +5,6 @@ package net.hostsharing.hsadminng.hs.validation;
|
|||||||
import jakarta.persistence.EntityManager;
|
import jakarta.persistence.EntityManager;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collection;
|
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
@ -63,18 +62,7 @@ public abstract class HsEntityValidator<E extends PropertiesProvider> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
protected ArrayList<String> validateProperties(final PropertiesProvider propsProvider) {
|
protected ArrayList<String> validateProperties(final PropertiesProvider propsProvider) {
|
||||||
final var result = new ArrayList<String>() {
|
final var result = new ArrayList<String>();
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean add(final String s) {
|
|
||||||
return super.add(s);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean addAll(final Collection<? extends String> c) {
|
|
||||||
return super.addAll(c);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
// verify that all actually given properties are specified
|
// verify that all actually given properties are specified
|
||||||
final var properties = propsProvider.directProps();
|
final var properties = propsProvider.directProps();
|
||||||
|
@ -31,10 +31,12 @@ public class PasswordProperty extends StringProperty<PasswordProperty> {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void validate(final List<String> result, final String propValue, final PropertiesProvider propProvider) {
|
protected void validate(final List<String> result, final String propValue, final PropertiesProvider propProvider) {
|
||||||
|
// TODO.impl: remove after legacy data is migrated
|
||||||
if (HashGenerator.using(hashedUsing).couldBeHash(propValue) && propValue.length() > this.maxLength()) {
|
if (HashGenerator.using(hashedUsing).couldBeHash(propValue) && propValue.length() > this.maxLength()) {
|
||||||
// already hashed => do not validate
|
// already hashed => do not validate
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
super.validate(result, propValue, propProvider);
|
super.validate(result, propValue, propProvider);
|
||||||
validatePassword(result, propValue);
|
validatePassword(result, propValue);
|
||||||
}
|
}
|
||||||
|
@ -972,6 +972,7 @@ public class ImportHostingAssets extends ImportOfficeData {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private void importDatabaseUsers(final String[] header, final List<String[]> records) {
|
private void importDatabaseUsers(final String[] header, final List<String[]> records) {
|
||||||
|
HashGenerator.enableChouldBeHash(true);
|
||||||
final var columns = new Columns(header);
|
final var columns = new Columns(header);
|
||||||
records.stream()
|
records.stream()
|
||||||
.map(this::trimAll)
|
.map(this::trimAll)
|
||||||
|
Loading…
Reference in New Issue
Block a user