use of java.nio.file.attribute.AclEntry in project qpid-broker-j by apache.
the class AESKeyFileEncrypterFactory method createEmptyKeyFile.
private void createEmptyKeyFile(File file) throws IOException {
final Path parentFilePath = file.getAbsoluteFile().getParentFile().toPath();
if (isPosixFileSystem(file)) {
Set<PosixFilePermission> ownerOnly = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE);
Files.createDirectories(parentFilePath, PosixFilePermissions.asFileAttribute(ownerOnly));
Files.createFile(file.toPath(), PosixFilePermissions.asFileAttribute(EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE)));
} else if (isAclFileSystem(file)) {
Files.createDirectories(parentFilePath);
final UserPrincipal owner = Files.getOwner(parentFilePath);
AclFileAttributeView attributeView = Files.getFileAttributeView(parentFilePath, AclFileAttributeView.class);
List<AclEntry> acls = new ArrayList<>(attributeView.getAcl());
ListIterator<AclEntry> iter = acls.listIterator();
boolean found = false;
while (iter.hasNext()) {
AclEntry acl = iter.next();
if (!owner.equals(acl.principal())) {
iter.remove();
} else if (acl.type() == AclEntryType.ALLOW) {
found = true;
AclEntry.Builder builder = AclEntry.newBuilder(acl);
Set<AclEntryPermission> permissions = acl.permissions().isEmpty() ? new HashSet<AclEntryPermission>() : EnumSet.copyOf(acl.permissions());
permissions.addAll(Arrays.asList(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY));
builder.setPermissions(permissions);
iter.set(builder.build());
}
}
if (!found) {
AclEntry.Builder builder = AclEntry.newBuilder();
builder.setPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY);
builder.setType(AclEntryType.ALLOW);
builder.setPrincipal(owner);
acls.add(builder.build());
}
attributeView.setAcl(acls);
Files.createFile(file.toPath(), new FileAttribute<List<AclEntry>>() {
@Override
public String name() {
return "acl:acl";
}
@Override
public List<AclEntry> value() {
AclEntry.Builder builder = AclEntry.newBuilder();
builder.setType(AclEntryType.ALLOW);
builder.setPermissions(EnumSet.allOf(AclEntryPermission.class));
builder.setPrincipal(owner);
return Collections.singletonList(builder.build());
}
});
} else {
throw new IllegalArgumentException("Unable to determine a mechanism to protect access to the key file on this filesystem");
}
}
use of java.nio.file.attribute.AclEntry in project j2objc by google.
the class AclEntryTest method testGetters.
@Test
public void testGetters() throws Exception {
UserPrincipal user = Files.getOwner(Paths.get("."));
AclEntry aclEntry = AclEntry.newBuilder().setType(AclEntryType.ALLOW).setPrincipal(user).setFlags(AclEntryFlag.INHERIT_ONLY).setPermissions(AclEntryPermission.READ_DATA, AclEntryPermission.READ_ATTRIBUTES).build();
assertEquals(AclEntryType.ALLOW, aclEntry.type());
assertEquals(user, aclEntry.principal());
Set<AclEntryPermission> permissions = aclEntry.permissions();
assertEquals(2, permissions.size());
assertTrue(permissions.contains(AclEntryPermission.READ_DATA));
assertTrue(permissions.contains(AclEntryPermission.READ_ATTRIBUTES));
Set<AclEntryFlag> flags = aclEntry.flags();
assertEquals(1, flags.size());
assertTrue(flags.contains(AclEntryFlag.INHERIT_ONLY));
}
use of java.nio.file.attribute.AclEntry in project qpid-broker-j by apache.
the class AbstractAESKeyFileEncrypterFactory method createEmptyKeyFile.
private static void createEmptyKeyFile(File file) throws IOException {
final Path parentFilePath = file.getAbsoluteFile().getParentFile().toPath();
if (isPosixFileSystem(file)) {
final Set<PosixFilePermission> ownerOnly = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE);
Files.createDirectories(parentFilePath, PosixFilePermissions.asFileAttribute(ownerOnly));
Files.createFile(file.toPath(), PosixFilePermissions.asFileAttribute(EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE)));
} else if (isAclFileSystem(file)) {
Files.createDirectories(parentFilePath);
final UserPrincipal owner = Files.getOwner(parentFilePath);
final AclFileAttributeView attributeView = Files.getFileAttributeView(parentFilePath, AclFileAttributeView.class);
final List<AclEntry> acls = new ArrayList<>(attributeView.getAcl());
final ListIterator<AclEntry> iter = acls.listIterator();
boolean found = false;
while (iter.hasNext()) {
final AclEntry acl = iter.next();
if (!owner.equals(acl.principal())) {
iter.remove();
} else if (acl.type() == AclEntryType.ALLOW) {
found = true;
final AclEntry.Builder builder = AclEntry.newBuilder(acl);
final Set<AclEntryPermission> permissions = acl.permissions().isEmpty() ? new HashSet<>() : EnumSet.copyOf(acl.permissions());
permissions.addAll(Arrays.asList(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY));
builder.setPermissions(permissions);
iter.set(builder.build());
}
}
if (!found) {
final AclEntry.Builder builder = AclEntry.newBuilder();
builder.setPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY);
builder.setType(AclEntryType.ALLOW);
builder.setPrincipal(owner);
acls.add(builder.build());
}
attributeView.setAcl(acls);
Files.createFile(file.toPath(), new FileAttribute<List<AclEntry>>() {
@Override
public String name() {
return "acl:acl";
}
@Override
public List<AclEntry> value() {
final AclEntry.Builder builder = AclEntry.newBuilder();
builder.setType(AclEntryType.ALLOW);
builder.setPermissions(EnumSet.allOf(AclEntryPermission.class));
builder.setPrincipal(owner);
return Collections.singletonList(builder.build());
}
});
} else {
throw new IllegalConfigurationException(GENERAL_EXCEPTION_MESSAGE);
}
}
use of java.nio.file.attribute.AclEntry in project graal by oracle.
the class WindowsFileOperations method doWithPermissions.
@Override
protected boolean doWithPermissions(Path p, Callable<Void> action) throws IOException {
AclFileAttributeView aclView = Files.getFileAttributeView(p, AclFileAttributeView.class);
UserPrincipalLookupService upls = p.getFileSystem().getUserPrincipalLookupService();
// NOI18N
String un = System.getProperty("user.name");
UserPrincipal up;
List<AclEntry> save;
try {
up = upls.lookupPrincipalByName(un);
save = aclView.getAcl();
List<AclEntry> temp = new ArrayList<>(save);
AclEntry en = AclEntry.newBuilder().setType(AclEntryType.ALLOW).setPrincipal(up).setPermissions(AclEntryPermission.DELETE).build();
temp.add(en);
aclView.setAcl(temp);
} catch (IOException ex) {
// expected, bail out
return false;
}
boolean ok = false;
try {
action.call();
ok = true;
} catch (IOException ex) {
throw ex;
} catch (Exception ex) {
ok = false;
} finally {
try {
aclView.setAcl(save);
} catch (IOException ex) {
// do not obscure the result with this exception
feedback().error("FILE_ErrorRestoringPermissions", ex, p, ex.getLocalizedMessage());
// expected, bail out
ok = false;
}
}
return ok;
}
Aggregations