CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5586 from Security-Onion-Solutions/kilo

Browse Source 
Ensure identity ID parm is quoted now that it doesn't have embedded quotes in the value
This commit is contained in:
Jason Ertel
2021-09-20 13:56:30 -04:00
committed by GitHub
parent 1a7237bcdf a9049eccd4
commit 3924b8f5db
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
salt/common/tools/sbin/so-user
View File

@@ -367,7 +367,7 @@ EOF
[[ $? != 0 ]] && fail "Unable to communicate with Kratos" [[ $? != 0 ]] && fail "Unable to communicate with Kratos"
identityId=$(echo "${response}" | jq -r ".id") identityId=$(echo "${response}" | jq -r ".id")
if [[ ${identityId} == "null" ]]; then if [[ "${identityId}" == "null" ]]; then
code=$(echo "${response}" | jq ".error.code") code=$(echo "${response}" | jq ".error.code")
[[ "${code}" == "409" ]] && fail "User already exists" [[ "${code}" == "409" ]] && fail "User already exists"
@@ -389,17 +389,17 @@ function updateStatus() {
response=$(curl -Ss -L "${kratosUrl}/identities/$identityId") response=$(curl -Ss -L "${kratosUrl}/identities/$identityId")
[[ $? != 0 ]] && fail "Unable to communicate with Kratos" [[ $? != 0 ]] && fail "Unable to communicate with Kratos"
oldConfig=$(echo "select config from identity_credentials where identity_id=${identityId};" | sqlite3 "$databasePath") oldConfig=$(echo "select config from identity_credentials where identity_id='${identityId}';" | sqlite3 "$databasePath")
if [[ "$status" == "locked" ]]; then if [[ "$status" == "locked" ]]; then
config=$(echo $oldConfig | sed -e 's/hashed/locked/') config=$(echo $oldConfig | sed -e 's/hashed/locked/')
echo "update identity_credentials set config=CAST('${config}' as BLOB) where identity_id=${identityId};" | sqlite3 "$databasePath" echo "update identity_credentials set config=CAST('${config}' as BLOB) where identity_id='${identityId}';" | sqlite3 "$databasePath"
[[ $? != 0 ]] && fail "Unable to lock credential record" [[ $? != 0 ]] && fail "Unable to lock credential record"
echo "delete from sessions where identity_id=${identityId};" | sqlite3 "$databasePath" echo "delete from sessions where identity_id='${identityId}';" | sqlite3 "$databasePath"
[[ $? != 0 ]] && fail "Unable to invalidate sessions" [[ $? != 0 ]] && fail "Unable to invalidate sessions"
else else
config=$(echo $oldConfig | sed -e 's/locked/hashed/') config=$(echo $oldConfig | sed -e 's/locked/hashed/')
echo "update identity_credentials set config=CAST('${config}' as BLOB) where identity_id=${identityId};" | sqlite3 "$databasePath" echo "update identity_credentials set config=CAST('${config}' as BLOB) where identity_id='${identityId}';" | sqlite3 "$databasePath"
[[ $? != 0 ]] && fail "Unable to unlock credential record" [[ $? != 0 ]] && fail "Unable to unlock credential record"
fi fi
@@ -415,7 +415,7 @@ function updateUser() {
identityId=$(findIdByEmail "$email") identityId=$(findIdByEmail "$email")
[[ ${identityId} == "" ]] && fail "User not found" [[ ${identityId} == "" ]] && fail "User not found"
updatePassword $identityId updatePassword "$identityId"
} }
function deleteUser() { function deleteUser() {