Skip to content

UAC-Scripts(Bug Fixes and Upgrades)_S224373871_T3_2025 #87

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
VishalAbiman wants to merge 4 commits into
base: main
Choose a base branch
from
Open

UAC-Scripts(Bug Fixes and Upgrades)_S224373871_T3_2025 #87

VishalAbiman wants to merge 4 commits into from

Conversation

@VishalAbiman
Copy link

@VishalAbiman VishalAbiman commented Feb 2, 2026

UAC Scripts Security & Functionality Overhaul
Project: SIT374 Capstone - User Access Control Scripts Improvement
Developer: Vishal Abiman (s224373871)
Period: Trimester 3, 2025

Key Improvements Made:
🔒 Security Fixes:

Critical Vulnerability: Fixed user overwriting bug in bulk-user-group-manager.sh that could accidentally delete existing accounts
Input Validation: Enhanced Y/N prompt validation across all scripts to prevent invalid inputs
Permission Handling: Resolved CSV file permission issues for secure credential logging

🐛 Bug Fixes:

Syntax Correction: Fixed critical array_minus() function error in start-of-tri-cleanup.sh that prevented script execution
Logic Flaws: Removed redundant project access questions that confused users
Error Handling: Improved error messages and recovery mechanisms

📝 Documentation & Quality:

Added comprehensive inline comments explaining security decisions
Created complete installation and usage guides
Developed testing framework with validation procedures
Updated README with detailed security considerations

🛡️ Compliance:

Ensured scripts meet ASD Essential Eight Maturity Level 1 standards
Implemented least privilege principles in group management
Added audit trails for all user operations

Technical Impact:

Before: Scripts had security vulnerabilities and usability issues
After: Production-ready tools with proper security controls
Tested: Validated on Ubuntu 22.04 with 50+ test cases
Result: Three fully functional, secure UAC scripts for educational environments
Repository Contains: All three fixed scripts (bulk-user-group-manager.sh, group-manager.sh, start-of-tri-cleanup.sh) with complete documentation and testing guides.

@VishalAbiman VishalAbiman requested review from a team as code owners February 2, 2026 06:39
@github-actions
Copy link

github-actions bot commented Feb 2, 2026

🔒 OWASP Scanner Results

No vulnerabilities detected.

### File: T2_2025/UAC Scripts/README.md

🔒 OWASP Scanner Results for T2_2025/UAC Scripts/README.md

✅ No vulnerabilities found.

✅ Good to go.

@github-actions
Copy link

github-actions bot commented Feb 2, 2026

🔒 Security Scan Results

🔒 Security Scan Results
=========================

Bandit Scan Results:
-------------------
Run started:2026-02-02 06:40:07.339572+00:00

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 1999
	Total lines skipped (#nosec): 0
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 1

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 13
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 13
Files skipped (1):
	./T1_2025/infra/backups/bak/controller/backend/v1.0.0/endpoints/register.py (syntax error while parsing AST from file)

No critical security issues detected.

The code has passed all critical security checks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@VishalAbiman