use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class ComponentManagerIntegTest method GIVEN_component_with_archived_artifact_WHEN_prepareArtifacts_THEN_unarchives_artifacts.
@Test
void GIVEN_component_with_archived_artifact_WHEN_prepareArtifacts_THEN_unarchives_artifacts() throws Exception {
// GIVEN
ComponentIdentifier ident = new ComponentIdentifier("aws.iot.gg.test.integ.zip", new Semver("1.0.0"));
NucleusPaths nucleusPaths = kernel.getNucleusPaths();
nucleusPaths.setComponentStorePath(tempRootDir);
ComponentStore store = new ComponentStore(nucleusPaths, platformResolver, recipeLoader);
kernel.getContext().put(ComponentStore.class, store);
ArtifactDownloader mockDownloader = mock(ArtifactDownloader.class);
File artifactFile = store.resolveArtifactDirectoryPath(ident).resolve("zip.zip").toFile();
when(mockDownloader.downloadRequired()).thenReturn(true);
when(mockDownloader.checkDownloadable()).thenReturn(Optional.empty());
when(mockDownloader.getArtifactFile()).thenReturn(artifactFile);
when(mockDownloader.canUnarchiveArtifact()).thenReturn(true);
when(mockDownloader.canSetFilePermissions()).thenReturn(true);
when(mockDownloader.checkComponentStoreSize()).thenReturn(true);
when(mockDownloader.download()).thenAnswer(downloadToPath("zip.zip", artifactFile));
ArtifactDownloaderFactory mockDownloaderFactory = mock(ArtifactDownloaderFactory.class);
when(mockDownloaderFactory.getArtifactDownloader(any(), any(), any())).thenReturn(mockDownloader);
kernel.getContext().put(ArtifactDownloaderFactory.class, mockDownloaderFactory);
Files.copy(Paths.get(this.getClass().getResource("aws.iot.gg.test.integ.zip-1.0.0.yaml").toURI()), nucleusPaths.recipePath().resolve(PreloadComponentStoreHelper.getRecipeStorageFilenameFromTestSource("aws.iot.gg.test.integ.zip-1.0.0.yaml")));
// THEN
kernel.getContext().get(ComponentManager.class).preparePackages(Collections.singletonList(ident)).get(10, TimeUnit.SECONDS);
Path zipPath = nucleusPaths.unarchiveArtifactPath(ident, "zip");
assertThat(zipPath.toFile(), anExistingDirectory());
assertThat(zipPath.resolve("zip").toFile(), anExistingDirectory());
assertThat(zipPath.resolve("zip").resolve("1").toFile(), anExistingFile());
assertThat(zipPath.resolve("zip").resolve("2").toFile(), anExistingFile());
// check everyone can enter dir
assertThat(zipPath.resolve("zip"), hasPermission(FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).groupRead(true).groupExecute(true).otherRead(true).otherExecute(true).build()));
// check perms match what we gave
FileSystemPermission allRead = FileSystemPermission.builder().ownerRead(true).groupRead(true).otherRead(true).ownerWrite(!PlatformResolver.isWindows && !SystemUtils.USER_NAME.equals(ROOT)).build();
assertThat(zipPath.resolve("zip").resolve("1"), hasPermission(allRead));
assertThat(zipPath.resolve("zip").resolve("2"), hasPermission(allRead));
}
use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class PlatformTest method GIVEN_file_WHEN_set_owner_mode_THEN_succeed.
@Test
void GIVEN_file_WHEN_set_owner_mode_THEN_succeed() throws IOException {
Path tempFile = Files.createTempFile(tempDir, null, null);
FileSystemPermission expectedPermission = FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).build();
PLATFORM.setPermissions(MIN_PERMISSION, tempFile);
assertThat(tempFile, hasPermission(MIN_PERMISSION));
PLATFORM.setPermissions(expectedPermission, tempFile);
assertThat(tempFile, hasPermission(expectedPermission));
}
use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class PlatformTest method GIVEN_non_empty_dir_WHEN_set_mode_recurse_THEN_succeed.
@Test
void GIVEN_non_empty_dir_WHEN_set_mode_recurse_THEN_succeed() throws IOException {
Path tempSubDir = Files.createTempDirectory(tempDir, null);
Path tempFile = Files.createTempFile(tempSubDir, null, null);
FileSystemPermission expectedPermission = FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).groupRead(true).groupWrite(true).groupExecute(true).otherRead(true).otherWrite(true).otherExecute(true).build();
PLATFORM.setPermissions(MIN_PERMISSION, tempSubDir, FileSystemPermission.Option.SetMode, FileSystemPermission.Option.Recurse);
assertThat(tempSubDir, hasPermission(MIN_PERMISSION));
assertThat(tempFile, hasPermission(MIN_PERMISSION));
PLATFORM.setPermissions(expectedPermission, tempSubDir, FileSystemPermission.Option.SetMode, FileSystemPermission.Option.Recurse);
assertThat(tempSubDir, hasPermission(expectedPermission));
assertThat(tempFile, hasPermission(expectedPermission));
}
use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class PlatformTest method GIVEN_file_WHEN_set_group_mode_THEN_succeed.
@Test
void GIVEN_file_WHEN_set_group_mode_THEN_succeed() throws IOException {
Path tempFile = Files.createTempFile(tempDir, null, null);
FileSystemPermission expectedPermission = FileSystemPermission.builder().groupRead(true).groupWrite(true).groupExecute(true).build();
PLATFORM.setPermissions(MIN_PERMISSION, tempFile);
assertThat(tempFile, hasPermission(MIN_PERMISSION));
PLATFORM.setPermissions(expectedPermission, tempFile);
assertThat(tempFile, hasPermission(expectedPermission));
}
use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class UniqueRootPathExtension method createPath.
public static CloseableResource createPath(String key) {
try {
Path p = Files.createTempDirectory("greengrass-test");
System.setProperty("root", p.toAbsolutePath().toString());
return new CloseableResource() {
@Override
public void close() throws Throwable {
System.clearProperty("root");
FileSystemPermission permission = FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).build();
// this visitor is necessary so that we can set permissions for everything to ensure it is
// writable before deleting
Files.walkFileTree(p, new SimpleFileVisitor<Path>() {
@Override
public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException {
try {
Platform.getInstance().setPermissions(permission, dir);
} catch (IOException e) {
logger.atWarn().setCause(e).log("Could not set permissions on {}", dir);
}
return FileVisitResult.CONTINUE;
}
@Override
public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
try {
Platform.getInstance().setPermissions(permission, file);
} catch (IOException e) {
logger.atWarn().setCause(e).log("Could not set permissions on {}", file);
}
try {
Files.deleteIfExists(file);
} catch (IOException e) {
logger.atWarn().setCause(e).log("Could not delete {}", file);
throw e;
}
return FileVisitResult.CONTINUE;
}
@Override
public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException {
try {
Files.deleteIfExists(dir);
} catch (IOException e) {
logger.atWarn().setCause(e).log("Could not delete {}", dir);
throw e;
}
return FileVisitResult.CONTINUE;
}
});
}
};
} catch (IOException e) {
throw new ExtensionConfigurationException("Couldn't create temp directory", e);
}
}
Aggregations