Java Code Examples for java.nio.file.attribute.AclFileAttributeView#setAcl()

The following examples show how to use java.nio.file.attribute.AclFileAttributeView#setAcl() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TestVMOptionsFile.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
private static void makeFileNonReadable(String file) throws IOException {
    Path filePath = Paths.get(file);
    Set<String> supportedAttr = filePath.getFileSystem().supportedFileAttributeViews();

    if (supportedAttr.contains("posix")) {
        Files.setPosixFilePermissions(filePath, PosixFilePermissions.fromString("-w--w----"));
    } else if (supportedAttr.contains("acl")) {
        UserPrincipal fileOwner = Files.getOwner(filePath);

        AclFileAttributeView view = Files.getFileAttributeView(filePath, AclFileAttributeView.class);

        AclEntry entry = AclEntry.newBuilder()
                .setType(AclEntryType.DENY)
                .setPrincipal(fileOwner)
                .setPermissions(AclEntryPermission.READ_DATA)
                .build();

        List<AclEntry> acl = view.getAcl();
        acl.add(0, entry);
        view.setAcl(acl);
    }
}
 
Example 2
Source File: InitMojo.java    From helm-maven-plugin with MIT License 6 votes vote down vote up
private void addExecPermission(final Path helm) throws IOException {
	Set<String> fileAttributeView = FileSystems.getDefault().supportedFileAttributeViews();

	if (fileAttributeView.contains("posix")) {
		final Set<PosixFilePermission> permissions;
		try {
			permissions = Files.getPosixFilePermissions(helm);
		} catch (UnsupportedOperationException e) {
			getLog().debug("Exec file permission is not set", e);
			return;
		}
		permissions.add(PosixFilePermission.OWNER_EXECUTE);
		Files.setPosixFilePermissions(helm, permissions);

	} else if (fileAttributeView.contains("acl")) {
		String username = System.getProperty("user.name");
		UserPrincipal userPrincipal = FileSystems.getDefault().getUserPrincipalLookupService().lookupPrincipalByName(username);
		AclEntry aclEntry = AclEntry.newBuilder().setPermissions(AclEntryPermission.EXECUTE).setType(AclEntryType.ALLOW).setPrincipal(userPrincipal).build();

		AclFileAttributeView acl = Files.getFileAttributeView(helm, AclFileAttributeView.class, LinkOption.NOFOLLOW_LINKS);
		List<AclEntry> aclEntries = acl.getAcl();
		aclEntries.add(aclEntry);
		acl.setAcl(aclEntries);
	}
}
 
Example 3
Source File: WindowsFilePermissionHelper.java    From hashicorp-vault-plugin with MIT License 6 votes vote down vote up
public static void fixSshKeyOnWindows(Path file) {
    AclFileAttributeView fileAttributeView = Files
        .getFileAttributeView(file, AclFileAttributeView.class);
    if (fileAttributeView == null) return;

    try {
        UserPrincipal userPrincipal = fileAttributeView.getOwner();
        AclEntry aclEntry = AclEntry.newBuilder()
            .setType(AclEntryType.ALLOW)
            .setPrincipal(userPrincipal)
            .setPermissions(ACL_ENTRY_PERMISSIONS)
            .build();
        fileAttributeView.setAcl(Collections.singletonList(aclEntry));
    } catch (IOException | UnsupportedOperationException e) {
        throw new IllegalStateException("Error updating file permission for \"" + file + "\"", e);
    }
}
 
Example 4
Source File: AclAttributeProviderTest.java    From jimfs with Apache License 2.0 6 votes vote down vote up
@Test
public void testView() throws IOException {
  AclFileAttributeView view =
      provider.view(
          fileLookup(),
          ImmutableMap.<String, FileAttributeView>of(
              "owner", new OwnerAttributeProvider().view(fileLookup(), NO_INHERITED_VIEWS)));
  assertNotNull(view);

  assertThat(view.name()).isEqualTo("acl");

  assertThat(view.getAcl()).isEqualTo(defaultAcl);

  view.setAcl(ImmutableList.<AclEntry>of());
  view.setOwner(FOO);

  assertThat(view.getAcl()).isEqualTo(ImmutableList.<AclEntry>of());
  assertThat(view.getOwner()).isEqualTo(FOO);

  assertThat(file.getAttribute("acl", "acl")).isEqualTo(ImmutableList.<AclEntry>of());
}
 
Example 5
Source File: CliGitAPIImpl.java    From git-client-plugin with MIT License 6 votes vote down vote up
void fixSshKeyOnWindows(File key) throws GitException {
    if (launcher.isUnix()) return;

    Path file = Paths.get(key.toURI());

    AclFileAttributeView fileAttributeView = Files.getFileAttributeView(file, AclFileAttributeView.class);
    if (fileAttributeView == null) return;

    try {
        UserPrincipal userPrincipal = fileAttributeView.getOwner();
        AclEntry aclEntry = AclEntry.newBuilder()
            .setType(AclEntryType.ALLOW)
            .setPrincipal(userPrincipal)
            .setPermissions(ACL_ENTRY_PERMISSIONS)
            .build();
        fileAttributeView.setAcl(Collections.singletonList(aclEntry));
    } catch (IOException | UnsupportedOperationException e) {
        throw new GitException("Error updating file permission for \"" + key.getAbsolutePath() + "\"", e);
    }
}
 
Example 6
Source File: EvenMoreFiles.java    From bazel-buildfarm with Apache License 2.0 5 votes vote down vote up
public static void setReadOnlyPerms(Path path, boolean executable) throws IOException {
  FileStore fileStore = Files.getFileStore(path);
  if (fileStore.supportsFileAttributeView("posix")) {
    if (executable) {
      Files.setPosixFilePermissions(path, readOnlyExecPerms);
    } else {
      Files.setPosixFilePermissions(path, readOnlyPerms);
    }
  } else if (fileStore.supportsFileAttributeView("acl")) {
    // windows, we hope
    UserPrincipal authenticatedUsers =
        path.getFileSystem()
            .getUserPrincipalLookupService()
            .lookupPrincipalByName("Authenticated Users");
    AclEntry denyWriteEntry =
        AclEntry.newBuilder()
            .setType(AclEntryType.DENY)
            .setPrincipal(authenticatedUsers)
            .setPermissions(AclEntryPermission.APPEND_DATA, AclEntryPermission.WRITE_DATA)
            .build();
    AclEntry execEntry =
        AclEntry.newBuilder()
            .setType(executable ? AclEntryType.ALLOW : AclEntryType.DENY)
            .setPrincipal(authenticatedUsers)
            .setPermissions(AclEntryPermission.EXECUTE)
            .build();

    AclFileAttributeView view = Files.getFileAttributeView(path, AclFileAttributeView.class);
    List<AclEntry> acl = view.getAcl();
    acl.add(0, execEntry);
    acl.add(0, denyWriteEntry);
    view.setAcl(acl);
  } else {
    throw new UnsupportedOperationException("no recognized attribute view");
  }
}
 
Example 7
Source File: Directories.java    From bazel-buildfarm with Apache License 2.0 5 votes vote down vote up
private static void makeWritable(Path dir, boolean writable) throws IOException {
  FileStore fileStore = Files.getFileStore(dir);
  if (fileStore.supportsFileAttributeView("posix")) {
    if (writable) {
      Files.setPosixFilePermissions(dir, writablePerms);
    } else {
      Files.setPosixFilePermissions(dir, nonWritablePerms);
    }
  } else if (fileStore.supportsFileAttributeView("acl")) {
    // windows, we hope
    UserPrincipal authenticatedUsers =
        dir.getFileSystem()
            .getUserPrincipalLookupService()
            .lookupPrincipalByName("Authenticated Users");
    AclEntry entry =
        AclEntry.newBuilder()
            .setType(writable ? AclEntryType.ALLOW : AclEntryType.DENY)
            .setPrincipal(authenticatedUsers)
            .setPermissions(
                AclEntryPermission.DELETE,
                AclEntryPermission.DELETE_CHILD,
                AclEntryPermission.ADD_FILE,
                AclEntryPermission.ADD_SUBDIRECTORY)
            .build();

    AclFileAttributeView view = Files.getFileAttributeView(dir, AclFileAttributeView.class);
    List<AclEntry> acl = view.getAcl();
    acl.add(0, entry);
    view.setAcl(acl);
  } else {
    throw new UnsupportedOperationException("no recognized attribute view");
  }
}
 
Example 8
Source File: AESKeyFileEncrypterFactory.java    From qpid-broker-j with Apache License 2.0 5 votes vote down vote up
private void makeKeyFileReadOnly(File file) throws IOException
{
    if(isPosixFileSystem(file))
    {
        Files.setPosixFilePermissions(file.toPath(), EnumSet.of(PosixFilePermission.OWNER_READ));
    }
    else if(isAclFileSystem(file))
    {
        AclFileAttributeView attributeView = Files.getFileAttributeView(file.toPath(), AclFileAttributeView.class);
        ArrayList<AclEntry> acls = new ArrayList<>(attributeView.getAcl());
        ListIterator<AclEntry> iter = acls.listIterator();
        file.setReadOnly();
        while(iter.hasNext())
        {
            AclEntry acl = iter.next();
            Set<AclEntryPermission> originalPermissions = acl.permissions();
            Set<AclEntryPermission> updatedPermissions = EnumSet.copyOf(originalPermissions);

            if(updatedPermissions.removeAll(EnumSet.of(AclEntryPermission.APPEND_DATA,
                                                       AclEntryPermission.DELETE,
                                                       AclEntryPermission.EXECUTE,
                                                       AclEntryPermission.WRITE_ACL,
                                                       AclEntryPermission.WRITE_DATA,
                                                       AclEntryPermission.WRITE_ATTRIBUTES,
                                                       AclEntryPermission.WRITE_NAMED_ATTRS,
                                                       AclEntryPermission.WRITE_OWNER)))
            {
                AclEntry.Builder builder = AclEntry.newBuilder(acl);
                builder.setPermissions(updatedPermissions);
                iter.set(builder.build());
            }
        }
        attributeView.setAcl(acls);
    }
    else
    {
        throw new IllegalArgumentException(ILLEGAL_ARG_EXCEPTION);
    }
}
 
Example 9
Source File: FileDataStoreFactory.java    From google-http-java-client with Apache License 2.0 4 votes vote down vote up
private static void setPermissionsToOwnerOnlyWindows(File file) throws IOException {
  Path path = Paths.get(file.getAbsolutePath());
  FileOwnerAttributeView fileAttributeView =
      Files.getFileAttributeView(path, FileOwnerAttributeView.class);
  UserPrincipal owner = fileAttributeView.getOwner();

  // get view
  AclFileAttributeView view = Files.getFileAttributeView(path, AclFileAttributeView.class);

  // All available entries
  Set<AclEntryPermission> permissions =
      ImmutableSet.of(
          AclEntryPermission.APPEND_DATA,
          AclEntryPermission.DELETE,
          AclEntryPermission.DELETE_CHILD,
          AclEntryPermission.READ_ACL,
          AclEntryPermission.READ_ATTRIBUTES,
          AclEntryPermission.READ_DATA,
          AclEntryPermission.READ_NAMED_ATTRS,
          AclEntryPermission.SYNCHRONIZE,
          AclEntryPermission.WRITE_ACL,
          AclEntryPermission.WRITE_ATTRIBUTES,
          AclEntryPermission.WRITE_DATA,
          AclEntryPermission.WRITE_NAMED_ATTRS,
          AclEntryPermission.WRITE_OWNER);

  // create ACL to give owner everything
  AclEntry entry =
      AclEntry.newBuilder()
          .setType(AclEntryType.ALLOW)
          .setPrincipal(owner)
          .setPermissions(permissions)
          .build();

  // Overwrite the ACL with only this permission
  try {
    view.setAcl(ImmutableList.of(entry));
  } catch (SecurityException ex) {
    throw new IOException("Unable to set permissions for " + file, ex);
  }
}
 
Example 10
Source File: LocalOperationHandlerTest.java    From CloverETL-Engine with GNU Lesser General Public License v2.1 4 votes vote down vote up
@Override
public void testCopy() throws Exception {
	super.testCopy();
	
	CloverURI source;
	CloverURI target;
	CopyResult result;
	
	source = relativeURI("W.TMP");
	if (manager.exists(source)) { // case insensitive file system
		target = relativeURI("w.tmp");
		result = manager.copy(source, target);
		assertFalse(result.success());
		assertTrue(manager.exists(source));
	}
	
	{
		// CLO-4658:
		source = relativeURI("unreadable.tmp");
		target = relativeURI("unreadable_destination/");
		manager.create(source);
		manager.create(target);
		File file = new File(source.getAbsoluteURI().getSingleURI().toURI());
		Path path = file.toPath();
		assertTrue(file.exists());
		if (!file.setReadable(false)) {
			AclFileAttributeView view = Files.getFileAttributeView(path, AclFileAttributeView.class);
			UserPrincipal owner = view.getOwner();
			List<AclEntry> acl = view.getAcl();
			for (ListIterator<AclEntry> it = acl.listIterator(); it.hasNext(); ) {
				AclEntry entry = it.next();
				if (entry.principal().equals(owner)) {
					Set<AclEntryPermission> permissions = entry.permissions();
					permissions.remove(AclEntryPermission.READ_DATA);
					AclEntry.Builder builder = AclEntry.newBuilder(entry);
					builder.setPermissions(permissions);
					it.set(builder.build());
					break;
				}
			}
			view.setAcl(acl);
		}
		assertFalse(Files.isReadable(path));
		result = manager.copy(source, target);
		assertFalse(result.success());
		assertFalse(manager.exists(relativeURI("unreadable_destination/unreadable.tmp")));
	}
	
}