Any suggestion can bypass Fortify 'Access Controle Database' - jpa

I use springboot-data-jpa in my project.I use fortify to scan my project,it shows a number of problems called "Access Control: Database" .
The code in question is something like
assetsRepository.updateGraphByAssetId(graph, assetId);
Any suggestions can bypass this problem !
tks

Related

Ignore popup windows when executing powershell script Request-Certificate.ps1

In order to request a User ceritificate I'm using the script provided by the Powershell gallery https://www.powershellgallery.com/packages/Request-Certificate/1.5.0/Content/Request-Certificate.ps1
To execute this script I'm using the following command:
. "C:\Certificates\RequestCertificate.ps1" -CN "User Common Name" -TemplateName "User" -CAName "domain\CAserver" -Export
However when I run this command here is the output:
After this output I get a popup message with the following information:
Machine context template conflicts with user context.
If I click ok, the request is concludes successfully. However I'm trying to automate this process. Is there a way to ignore the popup window?
I already looked at the question How to suppress a popup window while using certreq to request a certificate from an enterprise CA? (How to suppress a popup window while using certreq to request a certificate from an enterprise CA?). However the solution for the problem described was to run the script as Admin or System because the certificate generated was for the Machine and not for the User.
Does anyone know why this is happening?
Thank you in advance

Task scheduler "Run whether user is logged on or not" issue to startup application

I have a .bat file that starts up a powershell script.
Within this powershell script, i startup PowerBI with a given database.
The powershell script waits till powerBI has been done starting up, and will then be exporting data to some datadump files.
Doing this manually works fine, and also when its on the task scheduler to run when user is logged on.
The moment i change this to "Run whether user is logged on or not" it doesnt work anymore.
The reason behind this, is that it seems that powershell is unable to start PowerBI and therefore there is no open data to query in the rest of the script.
So the positive side is it runs the bat and powershell just fine, only the powershell itself seems incapable to start powerBI.
Are there any solutions to this? should i for example use a different method to call the appliation to start?
currently the powershell snippit to start the app looks like this:
$PBIDesktop = "C:\Program Files\Microsoft Power BI Desktop\bin\PBIDesktop.exe"
$template = "C:\LiveData\Data.pbix"
$waitoPBD = 60
$app = START-PROCESS $PBIDesktop $template -PassThru
log_message "Waiting $($waitoPBD) seconds for PBI to launch"
Start-Sleep -s $waitoPBD
I faced similar issue. So, sharing my experience..
First of all, please verify couple of things.
Specify user account which will be used to invoke the job. Also, ensure that, the account have sufficient permission.
Don't forget to un-check the checkbox (as shown in screenshot) under Conditions Tab
Just found this one - sorry it took so long :D
But, i had this totally nervwrecking issue to.
Solution for me is to realize that the task scheduler is very deep part of the OS.
Thats why i have to grant access to the file, for the computername$ (system name) on the file or folder containing the file to run.
Rightclick on the file or folder -> Security. Select edit and add [Name of your computer]$ and give the read and execute permissions.
That's the only way I can make it run.
But i hope you found the solution in the meantime :)

Powershell remote installation has problems with setup of util:ServiceConfig wix element during installation

I would like to ask you if there is any other way how to setup parts of wix element - util:ServiceConfig other than in MS installer?
I need to configure this parts of wix element:
FirstFailureActionType="restart"
SecondFailureActionType="restart"
ThirdFailureActionType="restart"
ResetPeriodInDays="1"
RestartServiceDelayInSeconds="60"
When I make comment from whole "util:ServiceConfig" part of code and build installer, everything is fine and remote installation will be executed without issues.
I am trying to find way how to configure it besides Microsoft installer but google did not give me desired answers.
Or is there any other solution how to make PowerShell remote installation somehow process that configuration?(I mean user rights and permissions or something similar)
I have found solution for this problem by myself.
I have created Custom action which is executing command calling "sc.exe failure" and configure FailureActions in that command.
I deleted whole util:ServiceConfig wix element and replaced it with this:
<CustomAction Id="ServiceRestarter"
Directory="INSTALLFOLDER"
ExeCommand=""[SystemFolder]sc.exe" failure "ServiceName" reset= 86400 actions= restart/60000/restart/60000/restart/60000"/>
<InstallExecuteSequence>
<Custom Action='ServiceRestarter' After='InstallFinalize'>(NOT Installed)</Custom>
</InstallExecuteSequence>
Now my PowerShell script doesn't have problem with remote installation of .msi package. Cheers, I hope it will help someone else than me.

Yii command tool not work

I use Yii command line inside web Root folder (C:\xampp\htdocs\myapps\cmd.exe). My command looks like this:
D:\xampp\htdocs\YiiRoot\framework\yiic shell
normally it will works, but now it didn't; I just get no output:
Sorry for late answer.
Have you configured access rules since last time you used it? If index.php isn't accessible without login anymore, the yiic tool will fail. You can overcome that by specifying the path to the config file:
protected\yiic shell protected\config\main.php
I experienced the same thing and in the end I discovered yiic file was unexpectedly empty!
A way to discover what happens behind the scenes is to comment "rem echo off" at the beginning of yiic.bat file.

IIS 6.0 command line set execute permissions

I am looking for a way to set permissions on a virtual directory through command line.
I have a website setup with scripts only permission, but one of the child virtual directories needs to have scripts and executables.
So far, I haven't found a command line option to change the permissions for 6.0 - I saw the chacess command for 5.1 but it is not available in my system...
Is there an equivalent or another function that can do this for me?
Thanks,
Christy
Found it :-)
In case anyone else needs the information - here goes:
use the adsutil.vbs script (usually under inetpub/adminscripts) and type
adsutil.vbs set w3svc/[site id]/AccessExecute "True"
The [site id] is the unique id IIS gives your site. I found another script that gives the site number and name in a nice output:
http://blog.crowe.co.nz/archive/2005/12/08/346.aspx
Hope this helps!
Christy