Example 1 with FileSystemPermission
use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class ComponentManagerIntegTest method GIVEN_component_with_archived_artifact_WHEN_prepareArtifacts_THEN_unarchives_artifacts.
@Test
void GIVEN_component_with_archived_artifact_WHEN_prepareArtifacts_THEN_unarchives_artifacts() throws Exception {
// GIVEN
ComponentIdentifier ident = new ComponentIdentifier("aws.iot.gg.test.integ.zip", new Semver("1.0.0"));
NucleusPaths nucleusPaths = kernel.getNucleusPaths();
nucleusPaths.setComponentStorePath(tempRootDir);
ComponentStore store = new ComponentStore(nucleusPaths, platformResolver, recipeLoader);
kernel.getContext().put(ComponentStore.class, store);
ArtifactDownloader mockDownloader = mock(ArtifactDownloader.class);
File artifactFile = store.resolveArtifactDirectoryPath(ident).resolve("zip.zip").toFile();
when(mockDownloader.downloadRequired()).thenReturn(true);
when(mockDownloader.checkDownloadable()).thenReturn(Optional.empty());
when(mockDownloader.getArtifactFile()).thenReturn(artifactFile);
when(mockDownloader.canUnarchiveArtifact()).thenReturn(true);
when(mockDownloader.canSetFilePermissions()).thenReturn(true);
when(mockDownloader.checkComponentStoreSize()).thenReturn(true);
when(mockDownloader.download()).thenAnswer(downloadToPath("zip.zip", artifactFile));
ArtifactDownloaderFactory mockDownloaderFactory = mock(ArtifactDownloaderFactory.class);
when(mockDownloaderFactory.getArtifactDownloader(any(), any(), any())).thenReturn(mockDownloader);
kernel.getContext().put(ArtifactDownloaderFactory.class, mockDownloaderFactory);
Files.copy(Paths.get(this.getClass().getResource("aws.iot.gg.test.integ.zip-1.0.0.yaml").toURI()), nucleusPaths.recipePath().resolve(PreloadComponentStoreHelper.getRecipeStorageFilenameFromTestSource("aws.iot.gg.test.integ.zip-1.0.0.yaml")));
// THEN
kernel.getContext().get(ComponentManager.class).preparePackages(Collections.singletonList(ident)).get(10, TimeUnit.SECONDS);
Path zipPath = nucleusPaths.unarchiveArtifactPath(ident, "zip");
assertThat(zipPath.toFile(), anExistingDirectory());
assertThat(zipPath.resolve("zip").toFile(), anExistingDirectory());
assertThat(zipPath.resolve("zip").resolve("1").toFile(), anExistingFile());
assertThat(zipPath.resolve("zip").resolve("2").toFile(), anExistingFile());
// check everyone can enter dir
assertThat(zipPath.resolve("zip"), hasPermission(FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).groupRead(true).groupExecute(true).otherRead(true).otherExecute(true).build()));
// check perms match what we gave
FileSystemPermission allRead = FileSystemPermission.builder().ownerRead(true).groupRead(true).otherRead(true).ownerWrite(!PlatformResolver.isWindows && !SystemUtils.USER_NAME.equals(ROOT)).build();
assertThat(zipPath.resolve("zip").resolve("1"), hasPermission(allRead));
assertThat(zipPath.resolve("zip").resolve("2"), hasPermission(allRead));
}
Also used :
Path(java.nio.file.Path)
ArtifactDownloaderFactory(com.aws.greengrass.componentmanager.builtins.ArtifactDownloaderFactory)
NucleusPaths(com.aws.greengrass.util.NucleusPaths)
ComponentIdentifier(com.aws.greengrass.componentmanager.models.ComponentIdentifier)
FileSystemPermission(com.aws.greengrass.util.FileSystemPermission)
Semver(com.vdurmont.semver4j.Semver)
ArtifactDownloader(com.aws.greengrass.componentmanager.builtins.ArtifactDownloader)
FileMatchers.anExistingFile(org.hamcrest.io.FileMatchers.anExistingFile)
File(java.io.File)
ComponentStore(com.aws.greengrass.componentmanager.ComponentStore)
Test(org.junit.jupiter.api.Test)
Example 2 with FileSystemPermission
use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class PlatformTest method GIVEN_file_WHEN_set_owner_mode_THEN_succeed.
@Test
void GIVEN_file_WHEN_set_owner_mode_THEN_succeed() throws IOException {
Path tempFile = Files.createTempFile(tempDir, null, null);
FileSystemPermission expectedPermission = FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).build();
PLATFORM.setPermissions(MIN_PERMISSION, tempFile);
assertThat(tempFile, hasPermission(MIN_PERMISSION));
PLATFORM.setPermissions(expectedPermission, tempFile);
assertThat(tempFile, hasPermission(expectedPermission));
}
Also used :
Path(java.nio.file.Path)
FileSystemPermission(com.aws.greengrass.util.FileSystemPermission)
Test(org.junit.jupiter.api.Test)
Example 3 with FileSystemPermission
use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class PlatformTest method GIVEN_non_empty_dir_WHEN_set_mode_recurse_THEN_succeed.
@Test
void GIVEN_non_empty_dir_WHEN_set_mode_recurse_THEN_succeed() throws IOException {
Path tempSubDir = Files.createTempDirectory(tempDir, null);
Path tempFile = Files.createTempFile(tempSubDir, null, null);
FileSystemPermission expectedPermission = FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).groupRead(true).groupWrite(true).groupExecute(true).otherRead(true).otherWrite(true).otherExecute(true).build();
PLATFORM.setPermissions(MIN_PERMISSION, tempSubDir, FileSystemPermission.Option.SetMode, FileSystemPermission.Option.Recurse);
assertThat(tempSubDir, hasPermission(MIN_PERMISSION));
assertThat(tempFile, hasPermission(MIN_PERMISSION));
PLATFORM.setPermissions(expectedPermission, tempSubDir, FileSystemPermission.Option.SetMode, FileSystemPermission.Option.Recurse);
assertThat(tempSubDir, hasPermission(expectedPermission));
assertThat(tempFile, hasPermission(expectedPermission));
}
Also used :
Path(java.nio.file.Path)
FileSystemPermission(com.aws.greengrass.util.FileSystemPermission)
Test(org.junit.jupiter.api.Test)
Example 4 with FileSystemPermission
use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class PlatformTest method GIVEN_file_WHEN_set_group_mode_THEN_succeed.
@Test
void GIVEN_file_WHEN_set_group_mode_THEN_succeed() throws IOException {
Path tempFile = Files.createTempFile(tempDir, null, null);
FileSystemPermission expectedPermission = FileSystemPermission.builder().groupRead(true).groupWrite(true).groupExecute(true).build();
PLATFORM.setPermissions(MIN_PERMISSION, tempFile);
assertThat(tempFile, hasPermission(MIN_PERMISSION));
PLATFORM.setPermissions(expectedPermission, tempFile);
assertThat(tempFile, hasPermission(expectedPermission));
}
Also used :
Path(java.nio.file.Path)
FileSystemPermission(com.aws.greengrass.util.FileSystemPermission)
Test(org.junit.jupiter.api.Test)
Example 5 with FileSystemPermission
use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.
the class UniqueRootPathExtension method createPath.
public static CloseableResource createPath(String key) {
try {
Path p = Files.createTempDirectory("greengrass-test");
System.setProperty("root", p.toAbsolutePath().toString());
return new CloseableResource() {
@Override
public void close() throws Throwable {
System.clearProperty("root");
FileSystemPermission permission = FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).build();
// this visitor is necessary so that we can set permissions for everything to ensure it is
// writable before deleting
Files.walkFileTree(p, new SimpleFileVisitor<Path>() {
@Override
public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException {
try {
Platform.getInstance().setPermissions(permission, dir);
} catch (IOException e) {
logger.atWarn().setCause(e).log("Could not set permissions on {}", dir);
}
return FileVisitResult.CONTINUE;
}
@Override
public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
try {
Platform.getInstance().setPermissions(permission, file);
} catch (IOException e) {
logger.atWarn().setCause(e).log("Could not set permissions on {}", file);
}
try {
Files.deleteIfExists(file);
} catch (IOException e) {
logger.atWarn().setCause(e).log("Could not delete {}", file);
throw e;
}
return FileVisitResult.CONTINUE;
}
@Override
public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException {
try {
Files.deleteIfExists(dir);
} catch (IOException e) {
logger.atWarn().setCause(e).log("Could not delete {}", dir);
throw e;
}
return FileVisitResult.CONTINUE;
}
});
}
};
} catch (IOException e) {
throw new ExtensionConfigurationException("Couldn't create temp directory", e);
}
}
Also used :
Path(java.nio.file.Path)
ExtensionConfigurationException(org.junit.jupiter.api.extension.ExtensionConfigurationException)
CloseableResource(org.junit.jupiter.api.extension.ExtensionContext.Store.CloseableResource)
FileVisitResult(java.nio.file.FileVisitResult)
FileSystemPermission(com.aws.greengrass.util.FileSystemPermission)
IOException(java.io.IOException)
BasicFileAttributes(java.nio.file.attribute.BasicFileAttributes)
Aggregations
FileSystemPermission (com.aws.greengrass.util.FileSystemPermission)9
Path (java.nio.file.Path)9
Test (org.junit.jupiter.api.Test)5
IOException (java.io.IOException)3
FileVisitResult (java.nio.file.FileVisitResult)2
BasicFileAttributes (java.nio.file.attribute.BasicFileAttributes)2
ComponentStore (com.aws.greengrass.componentmanager.ComponentStore)1
ArtifactDownloader (com.aws.greengrass.componentmanager.builtins.ArtifactDownloader)1
ArtifactDownloaderFactory (com.aws.greengrass.componentmanager.builtins.ArtifactDownloaderFactory)1
ComponentIdentifier (com.aws.greengrass.componentmanager.models.ComponentIdentifier)1
PlatformResolver (com.aws.greengrass.config.PlatformResolver)1
OS_DARWIN (com.aws.greengrass.config.PlatformResolver.OS_DARWIN)1
OS_LINUX (com.aws.greengrass.config.PlatformResolver.OS_LINUX)1
Logger (com.aws.greengrass.logging.api.Logger)1
LogManager (com.aws.greengrass.logging.impl.LogManager)1
CrashableFunction (com.aws.greengrass.util.CrashableFunction)1
Exec (com.aws.greengrass.util.Exec)1
Option (com.aws.greengrass.util.FileSystemPermission.Option)1
NucleusPaths (com.aws.greengrass.util.NucleusPaths)1
Utils (com.aws.greengrass.util.Utils)1
