Fix sonar security issues in apex-pdp
Fixed sonar security issues:
- set permissions of temporary files
Issue-ID: POLICY-3093
Change-Id: I1dfc87f22975fa950cfcfc47196fad55d6cbf277
Signed-off-by: Jim Hahn <jrh3@att.com>
diff --git a/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java b/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java
index 1f2703d..0926c80 100644
--- a/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java
+++ b/auth/cli-editor/src/main/java/org/onap/policy/apex/auth/clieditor/tosca/ApexCliToscaEditorMain.java
@@ -20,7 +20,6 @@
package org.onap.policy.apex.auth.clieditor.tosca;
-import java.io.File;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
@@ -29,6 +28,7 @@
import org.onap.policy.apex.auth.clieditor.CommandLineParameters;
import org.onap.policy.apex.auth.clieditor.utils.CliUtils;
import org.onap.policy.common.utils.coder.CoderException;
+import org.onap.policy.common.utils.resources.TextFileUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -65,7 +65,7 @@
String policyModelFilePath = null;
try {
- final var tempModelFile = File.createTempFile("policyModel", ".json");
+ final var tempModelFile = TextFileUtils.createTempFile("policyModel", ".json");
policyModelFilePath = tempModelFile.getAbsolutePath();
} catch (IOException e) {
LOGGER.error("Cannot create the policy model temp file.", e);
diff --git a/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java b/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java
index 5e5d39c..b350af5 100644
--- a/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java
+++ b/model/model-api/src/main/java/org/onap/policy/apex/model/modelapi/impl/ModelHandlerFacade.java
@@ -480,7 +480,7 @@
ApexApiResult splitResult = new ApexApiResult();
File tempSplitPolicyFile = null;
try {
- tempSplitPolicyFile = File.createTempFile("ApexTempPolicy", null);
+ tempSplitPolicyFile = TextFileUtils.createTempFile("ApexTempPolicy", null);
// Split the policy into a temporary file
splitResult = split(tempSplitPolicyFile.getCanonicalPath(), splitOutPolicies);
diff --git a/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java b/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java
index b676450..2030b3b 100644
--- a/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java
+++ b/services/services-onappf/src/main/java/org/onap/policy/apex/services/onappf/handler/ApexEngineHandler.java
@@ -57,6 +57,7 @@
import org.onap.policy.common.parameters.ParameterService;
import org.onap.policy.common.utils.coder.CoderException;
import org.onap.policy.common.utils.coder.StandardCoder;
+import org.onap.policy.common.utils.resources.TextFileUtils;
import org.onap.policy.models.tosca.authorative.concepts.ToscaConceptIdentifier;
import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy;
import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate;
@@ -254,7 +255,7 @@
toscaServiceTemplate.setToscaTopologyTemplate(toscaTopologyTemplate);
File file;
try {
- file = File.createTempFile(policyName, ".json");
+ file = TextFileUtils.createTempFile(policyName, ".json");
standardCoder.encode(file, toscaServiceTemplate);
} catch (CoderException | IOException e) {
throw new ApexStarterException(e);