Search in sources :

Example 6 with AclEntry

use of java.nio.file.attribute.AclEntry in project qpid-broker-j by apache.

the class AESKeyFileEncrypterFactory method createEmptyKeyFile.

private void createEmptyKeyFile(File file) throws IOException {
    final Path parentFilePath = file.getAbsoluteFile().getParentFile().toPath();
    if (isPosixFileSystem(file)) {
        Set<PosixFilePermission> ownerOnly = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE);
        Files.createDirectories(parentFilePath, PosixFilePermissions.asFileAttribute(ownerOnly));
        Files.createFile(file.toPath(), PosixFilePermissions.asFileAttribute(EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE)));
    } else if (isAclFileSystem(file)) {
        Files.createDirectories(parentFilePath);
        final UserPrincipal owner = Files.getOwner(parentFilePath);
        AclFileAttributeView attributeView = Files.getFileAttributeView(parentFilePath, AclFileAttributeView.class);
        List<AclEntry> acls = new ArrayList<>(attributeView.getAcl());
        ListIterator<AclEntry> iter = acls.listIterator();
        boolean found = false;
        while (iter.hasNext()) {
            AclEntry acl = iter.next();
            if (!owner.equals(acl.principal())) {
                iter.remove();
            } else if (acl.type() == AclEntryType.ALLOW) {
                found = true;
                AclEntry.Builder builder = AclEntry.newBuilder(acl);
                Set<AclEntryPermission> permissions = acl.permissions().isEmpty() ? new HashSet<AclEntryPermission>() : EnumSet.copyOf(acl.permissions());
                permissions.addAll(Arrays.asList(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY));
                builder.setPermissions(permissions);
                iter.set(builder.build());
            }
        }
        if (!found) {
            AclEntry.Builder builder = AclEntry.newBuilder();
            builder.setPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY);
            builder.setType(AclEntryType.ALLOW);
            builder.setPrincipal(owner);
            acls.add(builder.build());
        }
        attributeView.setAcl(acls);
        Files.createFile(file.toPath(), new FileAttribute<List<AclEntry>>() {

            @Override
            public String name() {
                return "acl:acl";
            }

            @Override
            public List<AclEntry> value() {
                AclEntry.Builder builder = AclEntry.newBuilder();
                builder.setType(AclEntryType.ALLOW);
                builder.setPermissions(EnumSet.allOf(AclEntryPermission.class));
                builder.setPrincipal(owner);
                return Collections.singletonList(builder.build());
            }
        });
    } else {
        throw new IllegalArgumentException("Unable to determine a mechanism to protect access to the key file on this filesystem");
    }
}
Also used : Path(java.nio.file.Path) AclFileAttributeView(java.nio.file.attribute.AclFileAttributeView) AclEntry(java.nio.file.attribute.AclEntry) AclEntryPermission(java.nio.file.attribute.AclEntryPermission) PosixFilePermission(java.nio.file.attribute.PosixFilePermission) ListIterator(java.util.ListIterator) UserPrincipal(java.nio.file.attribute.UserPrincipal) ArrayList(java.util.ArrayList) List(java.util.List) FileAttribute(java.nio.file.attribute.FileAttribute)

Example 7 with AclEntry

use of java.nio.file.attribute.AclEntry in project j2objc by google.

the class AclEntryTest method testGetters.

@Test
public void testGetters() throws Exception {
    UserPrincipal user = Files.getOwner(Paths.get("."));
    AclEntry aclEntry = AclEntry.newBuilder().setType(AclEntryType.ALLOW).setPrincipal(user).setFlags(AclEntryFlag.INHERIT_ONLY).setPermissions(AclEntryPermission.READ_DATA, AclEntryPermission.READ_ATTRIBUTES).build();
    assertEquals(AclEntryType.ALLOW, aclEntry.type());
    assertEquals(user, aclEntry.principal());
    Set<AclEntryPermission> permissions = aclEntry.permissions();
    assertEquals(2, permissions.size());
    assertTrue(permissions.contains(AclEntryPermission.READ_DATA));
    assertTrue(permissions.contains(AclEntryPermission.READ_ATTRIBUTES));
    Set<AclEntryFlag> flags = aclEntry.flags();
    assertEquals(1, flags.size());
    assertTrue(flags.contains(AclEntryFlag.INHERIT_ONLY));
}
Also used : AclEntryFlag(java.nio.file.attribute.AclEntryFlag) AclEntry(java.nio.file.attribute.AclEntry) AclEntryPermission(java.nio.file.attribute.AclEntryPermission) UserPrincipal(java.nio.file.attribute.UserPrincipal) Test(org.junit.Test)

Example 8 with AclEntry

use of java.nio.file.attribute.AclEntry in project qpid-broker-j by apache.

the class AbstractAESKeyFileEncrypterFactory method createEmptyKeyFile.

private static void createEmptyKeyFile(File file) throws IOException {
    final Path parentFilePath = file.getAbsoluteFile().getParentFile().toPath();
    if (isPosixFileSystem(file)) {
        final Set<PosixFilePermission> ownerOnly = EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE);
        Files.createDirectories(parentFilePath, PosixFilePermissions.asFileAttribute(ownerOnly));
        Files.createFile(file.toPath(), PosixFilePermissions.asFileAttribute(EnumSet.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE)));
    } else if (isAclFileSystem(file)) {
        Files.createDirectories(parentFilePath);
        final UserPrincipal owner = Files.getOwner(parentFilePath);
        final AclFileAttributeView attributeView = Files.getFileAttributeView(parentFilePath, AclFileAttributeView.class);
        final List<AclEntry> acls = new ArrayList<>(attributeView.getAcl());
        final ListIterator<AclEntry> iter = acls.listIterator();
        boolean found = false;
        while (iter.hasNext()) {
            final AclEntry acl = iter.next();
            if (!owner.equals(acl.principal())) {
                iter.remove();
            } else if (acl.type() == AclEntryType.ALLOW) {
                found = true;
                final AclEntry.Builder builder = AclEntry.newBuilder(acl);
                final Set<AclEntryPermission> permissions = acl.permissions().isEmpty() ? new HashSet<>() : EnumSet.copyOf(acl.permissions());
                permissions.addAll(Arrays.asList(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY));
                builder.setPermissions(permissions);
                iter.set(builder.build());
            }
        }
        if (!found) {
            final AclEntry.Builder builder = AclEntry.newBuilder();
            builder.setPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.LIST_DIRECTORY);
            builder.setType(AclEntryType.ALLOW);
            builder.setPrincipal(owner);
            acls.add(builder.build());
        }
        attributeView.setAcl(acls);
        Files.createFile(file.toPath(), new FileAttribute<List<AclEntry>>() {

            @Override
            public String name() {
                return "acl:acl";
            }

            @Override
            public List<AclEntry> value() {
                final AclEntry.Builder builder = AclEntry.newBuilder();
                builder.setType(AclEntryType.ALLOW);
                builder.setPermissions(EnumSet.allOf(AclEntryPermission.class));
                builder.setPrincipal(owner);
                return Collections.singletonList(builder.build());
            }
        });
    } else {
        throw new IllegalConfigurationException(GENERAL_EXCEPTION_MESSAGE);
    }
}
Also used : Path(java.nio.file.Path) AclFileAttributeView(java.nio.file.attribute.AclFileAttributeView) AclEntry(java.nio.file.attribute.AclEntry) AclEntryPermission(java.nio.file.attribute.AclEntryPermission) IllegalConfigurationException(org.apache.qpid.server.configuration.IllegalConfigurationException) PosixFilePermission(java.nio.file.attribute.PosixFilePermission) ListIterator(java.util.ListIterator) UserPrincipal(java.nio.file.attribute.UserPrincipal) ArrayList(java.util.ArrayList) List(java.util.List) FileAttribute(java.nio.file.attribute.FileAttribute)

Example 9 with AclEntry

use of java.nio.file.attribute.AclEntry in project graal by oracle.

the class WindowsFileOperations method doWithPermissions.

@Override
protected boolean doWithPermissions(Path p, Callable<Void> action) throws IOException {
    AclFileAttributeView aclView = Files.getFileAttributeView(p, AclFileAttributeView.class);
    UserPrincipalLookupService upls = p.getFileSystem().getUserPrincipalLookupService();
    // NOI18N
    String un = System.getProperty("user.name");
    UserPrincipal up;
    List<AclEntry> save;
    try {
        up = upls.lookupPrincipalByName(un);
        save = aclView.getAcl();
        List<AclEntry> temp = new ArrayList<>(save);
        AclEntry en = AclEntry.newBuilder().setType(AclEntryType.ALLOW).setPrincipal(up).setPermissions(AclEntryPermission.DELETE).build();
        temp.add(en);
        aclView.setAcl(temp);
    } catch (IOException ex) {
        // expected, bail out
        return false;
    }
    boolean ok = false;
    try {
        action.call();
        ok = true;
    } catch (IOException ex) {
        throw ex;
    } catch (Exception ex) {
        ok = false;
    } finally {
        try {
            aclView.setAcl(save);
        } catch (IOException ex) {
            // do not obscure the result with this exception
            feedback().error("FILE_ErrorRestoringPermissions", ex, p, ex.getLocalizedMessage());
            // expected, bail out
            ok = false;
        }
    }
    return ok;
}
Also used : UserPrincipalLookupService(java.nio.file.attribute.UserPrincipalLookupService) AclFileAttributeView(java.nio.file.attribute.AclFileAttributeView) AclEntry(java.nio.file.attribute.AclEntry) ArrayList(java.util.ArrayList) IOException(java.io.IOException) UserPrincipal(java.nio.file.attribute.UserPrincipal) IOException(java.io.IOException)

Aggregations

AclEntry (java.nio.file.attribute.AclEntry)9 UserPrincipal (java.nio.file.attribute.UserPrincipal)8 AclFileAttributeView (java.nio.file.attribute.AclFileAttributeView)7 ArrayList (java.util.ArrayList)5 Path (java.nio.file.Path)4 IOException (java.io.IOException)3 AclEntryPermission (java.nio.file.attribute.AclEntryPermission)3 FileAttribute (java.nio.file.attribute.FileAttribute)3 PosixFilePermission (java.nio.file.attribute.PosixFilePermission)3 AclEntryFlag (java.nio.file.attribute.AclEntryFlag)2 List (java.util.List)2 ListIterator (java.util.ListIterator)2 File (java.io.File)1 PosixFileAttributeView (java.nio.file.attribute.PosixFileAttributeView)1 UserPrincipalLookupService (java.nio.file.attribute.UserPrincipalLookupService)1 IllegalConfigurationException (org.apache.qpid.server.configuration.IllegalConfigurationException)1 ServerException (org.eclipse.che.api.core.ServerException)1 Test (org.junit.Test)1