Search in sources :

Example 1 with FileSystemPermission

use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.

the class ComponentManagerIntegTest method GIVEN_component_with_archived_artifact_WHEN_prepareArtifacts_THEN_unarchives_artifacts.

@Test
void GIVEN_component_with_archived_artifact_WHEN_prepareArtifacts_THEN_unarchives_artifacts() throws Exception {
    // GIVEN
    ComponentIdentifier ident = new ComponentIdentifier("aws.iot.gg.test.integ.zip", new Semver("1.0.0"));
    NucleusPaths nucleusPaths = kernel.getNucleusPaths();
    nucleusPaths.setComponentStorePath(tempRootDir);
    ComponentStore store = new ComponentStore(nucleusPaths, platformResolver, recipeLoader);
    kernel.getContext().put(ComponentStore.class, store);
    ArtifactDownloader mockDownloader = mock(ArtifactDownloader.class);
    File artifactFile = store.resolveArtifactDirectoryPath(ident).resolve("zip.zip").toFile();
    when(mockDownloader.downloadRequired()).thenReturn(true);
    when(mockDownloader.checkDownloadable()).thenReturn(Optional.empty());
    when(mockDownloader.getArtifactFile()).thenReturn(artifactFile);
    when(mockDownloader.canUnarchiveArtifact()).thenReturn(true);
    when(mockDownloader.canSetFilePermissions()).thenReturn(true);
    when(mockDownloader.checkComponentStoreSize()).thenReturn(true);
    when(mockDownloader.download()).thenAnswer(downloadToPath("zip.zip", artifactFile));
    ArtifactDownloaderFactory mockDownloaderFactory = mock(ArtifactDownloaderFactory.class);
    when(mockDownloaderFactory.getArtifactDownloader(any(), any(), any())).thenReturn(mockDownloader);
    kernel.getContext().put(ArtifactDownloaderFactory.class, mockDownloaderFactory);
    Files.copy(Paths.get(this.getClass().getResource("aws.iot.gg.test.integ.zip-1.0.0.yaml").toURI()), nucleusPaths.recipePath().resolve(PreloadComponentStoreHelper.getRecipeStorageFilenameFromTestSource("aws.iot.gg.test.integ.zip-1.0.0.yaml")));
    // THEN
    kernel.getContext().get(ComponentManager.class).preparePackages(Collections.singletonList(ident)).get(10, TimeUnit.SECONDS);
    Path zipPath = nucleusPaths.unarchiveArtifactPath(ident, "zip");
    assertThat(zipPath.toFile(), anExistingDirectory());
    assertThat(zipPath.resolve("zip").toFile(), anExistingDirectory());
    assertThat(zipPath.resolve("zip").resolve("1").toFile(), anExistingFile());
    assertThat(zipPath.resolve("zip").resolve("2").toFile(), anExistingFile());
    // check everyone can enter dir
    assertThat(zipPath.resolve("zip"), hasPermission(FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).groupRead(true).groupExecute(true).otherRead(true).otherExecute(true).build()));
    // check perms match what we gave
    FileSystemPermission allRead = FileSystemPermission.builder().ownerRead(true).groupRead(true).otherRead(true).ownerWrite(!PlatformResolver.isWindows && !SystemUtils.USER_NAME.equals(ROOT)).build();
    assertThat(zipPath.resolve("zip").resolve("1"), hasPermission(allRead));
    assertThat(zipPath.resolve("zip").resolve("2"), hasPermission(allRead));
}
Also used : Path(java.nio.file.Path) ArtifactDownloaderFactory(com.aws.greengrass.componentmanager.builtins.ArtifactDownloaderFactory) NucleusPaths(com.aws.greengrass.util.NucleusPaths) ComponentIdentifier(com.aws.greengrass.componentmanager.models.ComponentIdentifier) FileSystemPermission(com.aws.greengrass.util.FileSystemPermission) Semver(com.vdurmont.semver4j.Semver) ArtifactDownloader(com.aws.greengrass.componentmanager.builtins.ArtifactDownloader) FileMatchers.anExistingFile(org.hamcrest.io.FileMatchers.anExistingFile) File(java.io.File) ComponentStore(com.aws.greengrass.componentmanager.ComponentStore) Test(org.junit.jupiter.api.Test)

Example 2 with FileSystemPermission

use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.

the class PlatformTest method GIVEN_file_WHEN_set_owner_mode_THEN_succeed.

@Test
void GIVEN_file_WHEN_set_owner_mode_THEN_succeed() throws IOException {
    Path tempFile = Files.createTempFile(tempDir, null, null);
    FileSystemPermission expectedPermission = FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).build();
    PLATFORM.setPermissions(MIN_PERMISSION, tempFile);
    assertThat(tempFile, hasPermission(MIN_PERMISSION));
    PLATFORM.setPermissions(expectedPermission, tempFile);
    assertThat(tempFile, hasPermission(expectedPermission));
}
Also used : Path(java.nio.file.Path) FileSystemPermission(com.aws.greengrass.util.FileSystemPermission) Test(org.junit.jupiter.api.Test)

Example 3 with FileSystemPermission

use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.

the class PlatformTest method GIVEN_non_empty_dir_WHEN_set_mode_recurse_THEN_succeed.

@Test
void GIVEN_non_empty_dir_WHEN_set_mode_recurse_THEN_succeed() throws IOException {
    Path tempSubDir = Files.createTempDirectory(tempDir, null);
    Path tempFile = Files.createTempFile(tempSubDir, null, null);
    FileSystemPermission expectedPermission = FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).groupRead(true).groupWrite(true).groupExecute(true).otherRead(true).otherWrite(true).otherExecute(true).build();
    PLATFORM.setPermissions(MIN_PERMISSION, tempSubDir, FileSystemPermission.Option.SetMode, FileSystemPermission.Option.Recurse);
    assertThat(tempSubDir, hasPermission(MIN_PERMISSION));
    assertThat(tempFile, hasPermission(MIN_PERMISSION));
    PLATFORM.setPermissions(expectedPermission, tempSubDir, FileSystemPermission.Option.SetMode, FileSystemPermission.Option.Recurse);
    assertThat(tempSubDir, hasPermission(expectedPermission));
    assertThat(tempFile, hasPermission(expectedPermission));
}
Also used : Path(java.nio.file.Path) FileSystemPermission(com.aws.greengrass.util.FileSystemPermission) Test(org.junit.jupiter.api.Test)

Example 4 with FileSystemPermission

use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.

the class PlatformTest method GIVEN_file_WHEN_set_group_mode_THEN_succeed.

@Test
void GIVEN_file_WHEN_set_group_mode_THEN_succeed() throws IOException {
    Path tempFile = Files.createTempFile(tempDir, null, null);
    FileSystemPermission expectedPermission = FileSystemPermission.builder().groupRead(true).groupWrite(true).groupExecute(true).build();
    PLATFORM.setPermissions(MIN_PERMISSION, tempFile);
    assertThat(tempFile, hasPermission(MIN_PERMISSION));
    PLATFORM.setPermissions(expectedPermission, tempFile);
    assertThat(tempFile, hasPermission(expectedPermission));
}
Also used : Path(java.nio.file.Path) FileSystemPermission(com.aws.greengrass.util.FileSystemPermission) Test(org.junit.jupiter.api.Test)

Example 5 with FileSystemPermission

use of com.aws.greengrass.util.FileSystemPermission in project aws-greengrass-nucleus by aws-greengrass.

the class UniqueRootPathExtension method createPath.

public static CloseableResource createPath(String key) {
    try {
        Path p = Files.createTempDirectory("greengrass-test");
        System.setProperty("root", p.toAbsolutePath().toString());
        return new CloseableResource() {

            @Override
            public void close() throws Throwable {
                System.clearProperty("root");
                FileSystemPermission permission = FileSystemPermission.builder().ownerRead(true).ownerWrite(true).ownerExecute(true).build();
                // this visitor is necessary so that we can set permissions for everything to ensure it is
                // writable before deleting
                Files.walkFileTree(p, new SimpleFileVisitor<Path>() {

                    @Override
                    public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException {
                        try {
                            Platform.getInstance().setPermissions(permission, dir);
                        } catch (IOException e) {
                            logger.atWarn().setCause(e).log("Could not set permissions on {}", dir);
                        }
                        return FileVisitResult.CONTINUE;
                    }

                    @Override
                    public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
                        try {
                            Platform.getInstance().setPermissions(permission, file);
                        } catch (IOException e) {
                            logger.atWarn().setCause(e).log("Could not set permissions on {}", file);
                        }
                        try {
                            Files.deleteIfExists(file);
                        } catch (IOException e) {
                            logger.atWarn().setCause(e).log("Could not delete {}", file);
                            throw e;
                        }
                        return FileVisitResult.CONTINUE;
                    }

                    @Override
                    public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException {
                        try {
                            Files.deleteIfExists(dir);
                        } catch (IOException e) {
                            logger.atWarn().setCause(e).log("Could not delete {}", dir);
                            throw e;
                        }
                        return FileVisitResult.CONTINUE;
                    }
                });
            }
        };
    } catch (IOException e) {
        throw new ExtensionConfigurationException("Couldn't create temp directory", e);
    }
}
Also used : Path(java.nio.file.Path) ExtensionConfigurationException(org.junit.jupiter.api.extension.ExtensionConfigurationException) CloseableResource(org.junit.jupiter.api.extension.ExtensionContext.Store.CloseableResource) FileVisitResult(java.nio.file.FileVisitResult) FileSystemPermission(com.aws.greengrass.util.FileSystemPermission) IOException(java.io.IOException) BasicFileAttributes(java.nio.file.attribute.BasicFileAttributes)

Aggregations

FileSystemPermission (com.aws.greengrass.util.FileSystemPermission)9 Path (java.nio.file.Path)9 Test (org.junit.jupiter.api.Test)5 IOException (java.io.IOException)3 FileVisitResult (java.nio.file.FileVisitResult)2 BasicFileAttributes (java.nio.file.attribute.BasicFileAttributes)2 ComponentStore (com.aws.greengrass.componentmanager.ComponentStore)1 ArtifactDownloader (com.aws.greengrass.componentmanager.builtins.ArtifactDownloader)1 ArtifactDownloaderFactory (com.aws.greengrass.componentmanager.builtins.ArtifactDownloaderFactory)1 ComponentIdentifier (com.aws.greengrass.componentmanager.models.ComponentIdentifier)1 PlatformResolver (com.aws.greengrass.config.PlatformResolver)1 OS_DARWIN (com.aws.greengrass.config.PlatformResolver.OS_DARWIN)1 OS_LINUX (com.aws.greengrass.config.PlatformResolver.OS_LINUX)1 Logger (com.aws.greengrass.logging.api.Logger)1 LogManager (com.aws.greengrass.logging.impl.LogManager)1 CrashableFunction (com.aws.greengrass.util.CrashableFunction)1 Exec (com.aws.greengrass.util.Exec)1 Option (com.aws.greengrass.util.FileSystemPermission.Option)1 NucleusPaths (com.aws.greengrass.util.NucleusPaths)1 Utils (com.aws.greengrass.util.Utils)1