下面列出了java.nio.file.attribute.AclEntry#permissions ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
private void makeKeyFileReadOnly(File file) throws IOException
{
if(isPosixFileSystem(file))
{
Files.setPosixFilePermissions(file.toPath(), EnumSet.of(PosixFilePermission.OWNER_READ));
}
else if(isAclFileSystem(file))
{
AclFileAttributeView attributeView = Files.getFileAttributeView(file.toPath(), AclFileAttributeView.class);
ArrayList<AclEntry> acls = new ArrayList<>(attributeView.getAcl());
ListIterator<AclEntry> iter = acls.listIterator();
file.setReadOnly();
while(iter.hasNext())
{
AclEntry acl = iter.next();
Set<AclEntryPermission> originalPermissions = acl.permissions();
Set<AclEntryPermission> updatedPermissions = EnumSet.copyOf(originalPermissions);
if(updatedPermissions.removeAll(EnumSet.of(AclEntryPermission.APPEND_DATA,
AclEntryPermission.DELETE,
AclEntryPermission.EXECUTE,
AclEntryPermission.WRITE_ACL,
AclEntryPermission.WRITE_DATA,
AclEntryPermission.WRITE_ATTRIBUTES,
AclEntryPermission.WRITE_NAMED_ATTRS,
AclEntryPermission.WRITE_OWNER)))
{
AclEntry.Builder builder = AclEntry.newBuilder(acl);
builder.setPermissions(updatedPermissions);
iter.set(builder.build());
}
}
attributeView.setAcl(acls);
}
else
{
throw new IllegalArgumentException(ILLEGAL_ARG_EXCEPTION);
}
}
private Set<AclEntryPermission> getOwnerPermissions(Collection<AclEntry> entries, UserPrincipal owner) {
Set<AclEntryPermission> set = new HashSet<>();
for (AclEntry aclEntry : entries) {
if (aclEntry.principal().equals(owner)) {
Set<AclEntryPermission> permissions = aclEntry.permissions();
for (AclEntryPermission aclEntryPermission : permissions) {
set.add(aclEntryPermission);
}
}
}
return set;
}
private void checkFilePermissions(String fileLocation, File file) throws IOException
{
if(isPosixFileSystem(file))
{
Set<PosixFilePermission> permissions = Files.getPosixFilePermissions(file.toPath());
if (permissions.contains(PosixFilePermission.GROUP_READ)
|| permissions.contains(PosixFilePermission.OTHERS_READ)
|| permissions.contains(PosixFilePermission.GROUP_WRITE)
|| permissions.contains(PosixFilePermission.OTHERS_WRITE)) {
throw new IllegalArgumentException("Key file '"
+ fileLocation
+ "' has incorrect permissions. Only the owner "
+ "should be able to read or write this file.");
}
}
else if(isAclFileSystem(file))
{
AclFileAttributeView attributeView = Files.getFileAttributeView(file.toPath(), AclFileAttributeView.class);
ArrayList<AclEntry> acls = new ArrayList<>(attributeView.getAcl());
ListIterator<AclEntry> iter = acls.listIterator();
UserPrincipal owner = Files.getOwner(file.toPath());
while(iter.hasNext())
{
AclEntry acl = iter.next();
if(acl.type() == AclEntryType.ALLOW)
{
Set<AclEntryPermission> originalPermissions = acl.permissions();
Set<AclEntryPermission> updatedPermissions = EnumSet.copyOf(originalPermissions);
if (updatedPermissions.removeAll(EnumSet.of(AclEntryPermission.APPEND_DATA,
AclEntryPermission.EXECUTE,
AclEntryPermission.WRITE_ACL,
AclEntryPermission.WRITE_DATA,
AclEntryPermission.WRITE_OWNER))) {
throw new IllegalArgumentException("Key file '"
+ fileLocation
+ "' has incorrect permissions. The file should not be modifiable by any user.");
}
if (!owner.equals(acl.principal()) && updatedPermissions.removeAll(EnumSet.of(AclEntryPermission.READ_DATA))) {
throw new IllegalArgumentException("Key file '"
+ fileLocation
+ "' has incorrect permissions. Only the owner should be able to read from the file.");
}
}
}
}
else
{
throw new IllegalArgumentException(ILLEGAL_ARG_EXCEPTION);
}
}
@Override
public void testCopy() throws Exception {
super.testCopy();
CloverURI source;
CloverURI target;
CopyResult result;
source = relativeURI("W.TMP");
if (manager.exists(source)) { // case insensitive file system
target = relativeURI("w.tmp");
result = manager.copy(source, target);
assertFalse(result.success());
assertTrue(manager.exists(source));
}
{
// CLO-4658:
source = relativeURI("unreadable.tmp");
target = relativeURI("unreadable_destination/");
manager.create(source);
manager.create(target);
File file = new File(source.getAbsoluteURI().getSingleURI().toURI());
Path path = file.toPath();
assertTrue(file.exists());
if (!file.setReadable(false)) {
AclFileAttributeView view = Files.getFileAttributeView(path, AclFileAttributeView.class);
UserPrincipal owner = view.getOwner();
List<AclEntry> acl = view.getAcl();
for (ListIterator<AclEntry> it = acl.listIterator(); it.hasNext(); ) {
AclEntry entry = it.next();
if (entry.principal().equals(owner)) {
Set<AclEntryPermission> permissions = entry.permissions();
permissions.remove(AclEntryPermission.READ_DATA);
AclEntry.Builder builder = AclEntry.newBuilder(entry);
builder.setPermissions(permissions);
it.set(builder.build());
break;
}
}
view.setAcl(acl);
}
assertFalse(Files.isReadable(path));
result = manager.copy(source, target);
assertFalse(result.success());
assertFalse(manager.exists(relativeURI("unreadable_destination/unreadable.tmp")));
}
}