private static void makeFileNonReadable(String file) throws IOException { Path filePath = Paths.get(file); Set<String> supportedAttr = filePath.getFileSystem().supportedFileAttributeViews(); if (supportedAttr.contains("posix")) { Files.setPosixFilePermissions(filePath, PosixFilePermissions.fromString("-w--w----")); } else if (supportedAttr.contains("acl")) { UserPrincipal fileOwner = Files.getOwner(filePath); AclFileAttributeView view = Files.getFileAttributeView(filePath, AclFileAttributeView.class); AclEntry entry = AclEntry.newBuilder() .setType(AclEntryType.DENY) .setPrincipal(fileOwner) .setPermissions(AclEntryPermission.READ_DATA) .build(); List<AclEntry> acl = view.getAcl(); acl.add(0, entry); view.setAcl(acl); } }
@Override public boolean checkAccessAllowed(CloudPath path, UserPrincipal userOrGroup, Set<AclEntryPermission> checkPermissions) { // Get the view for the path CloudFileAttributesView cloudFileAttributeView = Files.getFileAttributeView(path, CloudFileAttributesView.class); if (cloudFileAttributeView == null) { LOG.warn("Could not get {} attribute view from path {}", CloudFileAttributesView.class, path); return false; } CloudAclFileAttributes aclFileAttributes; try { aclFileAttributes = cloudFileAttributeView.readAttributes(); } catch (IOException e) { LOG.warn("Could not read ACL file attributes for {}", path); return false; } return checkAccessAllowed(aclFileAttributes.getAclSet(), userOrGroup, checkPermissions); }
/** * Checks the access for the given user/group such that the <em>all</em> of the permissions in * <em>checkPermissions</em> are allowed in the <em>cloudAclEntrySet</em> * * @param cloudAclEntrySet Asset ACL permissions * @param userOrGroup A {@link UserPrincipal} or {@link GroupPrincipal}, which can be null for * anonymous * @param checkPermissions Permissions to check for * @return true if access is allowed with the given permissions, false otherwise */ @Override public boolean checkAccessAllowed(CloudAclEntrySet assetPermissions, UserPrincipal userOrGroup, Set<AclEntryPermission> checkPermissions) { boolean isGroup = userOrGroup != null ? GroupPrincipal.class.isAssignableFrom(userOrGroup.getClass()) : false; // Get a user's groups if required Set<GroupPrincipal> userGroups; if (!isGroup && userPrincipalLookupService != null && userOrGroup != null) { userGroups = userPrincipalLookupService.getUserPrincipalGroups(userOrGroup); } else { userGroups = null; } return doesUserHaveAccess(assetPermissions, userOrGroup, userGroups, checkPermissions); }
/** * File access is checked using {@link #checkAccess(BlobStoreContext, CloudPath, Set)} * always with {@link AclEntryPermission#WRITE_DATA} and {@link AclEntryPermission#ADD_FILE}, * and optionally with {@link AclEntryPermission#APPEND_DATA} if <em>options</em> contains * {@link StandardOpenOption#APPEND}. * @see CloudFileChannel */ @Override public CloudFileChannel newByteChannel(BlobStoreContext context, CloudPath path, Set<? extends OpenOption> options, FileAttribute<?>... attrs) throws IOException { EnumSet<AclEntryPermission> channelPerms = EnumSet.noneOf(AclEntryPermission.class); options.forEach(o -> { AclEntryPermission aclPerm = openOptionToAclEntryPermission(o); if (aclPerm != null) { channelPerms.add(aclPerm); } }); // Check the parent path for file add if (channelPerms.remove(AclEntryPermission.ADD_FILE)) { checkAccess(context, path.getParent(), CREATE_NEW_FILE_PERMS); } // Check file access if the file exists if (path.exists()) { checkAccess(context, path, channelPerms); } // Create the channel return new CloudFileChannel(context, path, getCloudFileChannelTransport(), options, attrs); }
/** * Transforms a {@link StandardOpenOption} into an {@link AclEntryPermission}. Other * {@link OpenOption} types are ignored. * @param o * @return The option as an ACL permission or null if this is not applicable. */ protected AclEntryPermission openOptionToAclEntryPermission(OpenOption o) { if (o instanceof StandardOpenOption) { switch ((StandardOpenOption)o) { case APPEND: return AclEntryPermission.APPEND_DATA; case CREATE: return AclEntryPermission.ADD_FILE; case CREATE_NEW: return AclEntryPermission.ADD_FILE; case DELETE_ON_CLOSE: return AclEntryPermission.DELETE; case READ: return AclEntryPermission.READ_DATA; case TRUNCATE_EXISTING: return AclEntryPermission.APPEND_DATA; case WRITE: return AclEntryPermission.WRITE_DATA; default: return null; } } return null; }
/** * <p> * This constructor can only discern some very basic permissions. It assumes that because you have access * to this container then you have all CRUD operation access. This may not be true. More sophisticated * implementations should be able to tell the exact permissions. * </p> * <p> * There is a lone {@link CloudAclEntry} created which has the default permissions. It is of type * {@link PublicPrivateCloudPermissionsPrincipal}. * </p> * <p> * Subclasses may implement different permissions. * </p> */ public CloudAclFileAttributes(CloudAclEntryConflictChecker conflictChecker, BlobMetadata blobMetadata, BlobAccess blobAccess) { super(blobMetadata); aclSet = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, conflictChecker); CloudAclEntry<PublicPrivateCloudPermissionsPrincipal> entry = new CloudAclEntryBuilder<>(PublicPrivateCloudPermissionsPrincipal.class) .addPermissions(AclEntryPermission.READ_DATA, AclEntryPermission.WRITE_DATA, AclEntryPermission.APPEND_DATA, AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.DELETE, AclEntryPermission.DELETE_CHILD, AclEntryPermission.LIST_DIRECTORY, AclEntryPermission.READ_ACL, AclEntryPermission.WRITE_ACL, AclEntryPermission.READ_ATTRIBUTES, AclEntryPermission.READ_ATTRIBUTES) .setType(AclEntryType.ALLOW) .setPrincipal(new PublicPrivateCloudPermissionsPrincipal(blobAccess)) .build(); addAcl(AnonymousUserPrincipal.INSTANCE, entry); }
@Override public void checkAccess(Path path, AccessMode... modes) throws IOException { CloudPath cloudPath = getCloudPath(path); CloudFileSystemImplementation sourceCloudFileSystemImplementation = getCloudFileSystemImplementation(cloudPath); // Work out permissions to check Set<AclEntryPermission> checkPermissions = EnumSet.noneOf(AclEntryPermission.class); Arrays.stream(modes).forEach(m -> { if (AccessMode.EXECUTE.equals(m)) { checkPermissions.add(AclEntryPermission.EXECUTE); } else if (AccessMode.READ.equals(m)) { checkPermissions.add(AclEntryPermission.READ_DATA); } else if (AccessMode.WRITE.equals(m)) { checkPermissions.add(AclEntryPermission.WRITE_DATA); } }); sourceCloudFileSystemImplementation.checkAccess(getBlobStoreContext(cloudPath), cloudPath, checkPermissions); }
boolean hasPermissions(EnumSet<AclEntryPermission> permissions) { CloudHostConfiguration cloudHostConfiguration = cloudPath.getFileSystem().getCloudHostConfiguration(); CloudHostSecurityManager cloudHostSecurityManager = cloudHostConfiguration.getCloudHostSecurityManager(); UserGroupLookupService<?> userPrincipalLookupService = cloudHostConfiguration.getUserGroupLookupService(); if (cloudHostSecurityManager == null) { // No security manager, allow access LOG.debug("No {} found in cloud host configuration {}, default action is to allow all access", CloudHostSecurityManager.class, cloudHostConfiguration); return true; } UserPrincipal currentUser = null; // Anonymous if (userPrincipalLookupService != null) { currentUser = userPrincipalLookupService.getCurrentUser(); } else { LOG.debug("Cannot find current user, no {} in cloud host configuration {}", UserGroupLookupService.class, cloudHostConfiguration); currentUser = AnonymousUserPrincipal.INSTANCE; } return cloudHostSecurityManager.checkAccessAllowed(cloudPath, currentUser, permissions); }
@Test public void testDoesUserHaveAccessFailsForAUserWithAnAnonymousGroupAllowRuleButAnonymousUserDenyRule() { UserPrincipal user = new TestUserImpl("user1"); CloudAclEntry<GroupPrincipal> entry1 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.ALLOW) .setPrincipal(AnonymousGroupPrincipal.INSTANCE) .build(); CloudAclEntry<UserPrincipal> entry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.DENY) .setPrincipal(new AnonymousUserPrincipal()) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1, entry2); Assert.assertFalse(mgr.doesUserHaveAccess(assetPermissions, user, null, EnumSet.of(AclEntryPermission.ADD_FILE))); }
@Test public void testDoesUserHaveAccessFailsForAUserGroupWithAnAllowRuleAndAUserWithADenyRule() { UserPrincipal user = new TestUserImpl("user1"); CloudAclEntry<UserPrincipal> entry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.DENY) .setPrincipal(user) .build(); GroupPrincipal group1 = new TestGroupImpl("group1"); GroupPrincipal group2 = new TestGroupImpl("group2"); Set<GroupPrincipal> userGroups = Sets.newHashSet(group1, group2); CloudAclEntry<GroupPrincipal> entry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.ALLOW) .setPrincipal(group2) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1, entry2); Assert.assertFalse(mgr.doesUserHaveAccess(assetPermissions, user, userGroups, EnumSet.of(AclEntryPermission.ADD_FILE))); }
@Test public void testDoesUserHaveAccessSucceedsForAUserPrincipalWithMultipleCheckPermissionsAndMultipleAssetPermissionsAllowed() { UserPrincipal user = new TestUserImpl("user1"); CloudAclEntry<UserPrincipal> entry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL) .setType(AclEntryType.ALLOW) .setPrincipal(user) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, null, EnumSet.of(AclEntryPermission.ADD_FILE, AclEntryPermission.WRITE_ACL))); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, null, EnumSet.of(AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL))); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, null, EnumSet.of(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL))); }
@Test public void testDoesUserHaveAccessSucceedsForUsersGroupWithMultipleCheckPermissionsAndMultipleAssetPermissionsAllowed() { UserPrincipal user = new TestUserImpl("user1"); GroupPrincipal group1 = new TestGroupImpl("group1"); GroupPrincipal group2 = new TestGroupImpl("group2"); Set<GroupPrincipal> userGroups = Sets.newHashSet(group1, group2); CloudAclEntry<GroupPrincipal> entry1 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL) .setType(AclEntryType.ALLOW) .setPrincipal(group2) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, userGroups, EnumSet.of(AclEntryPermission.ADD_FILE))); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, userGroups, EnumSet.of(AclEntryPermission.ADD_FILE, AclEntryPermission.WRITE_ACL))); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, userGroups, EnumSet.of(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL))); }
@Test public void testIsConflictingAclWillDetermineThatAnAllowAndDenyForTheSamePermissionsForAUserConflicts() { UserPrincipal user1 = new TestUserImpl("user1"); UserPrincipal user2 = new TestUserImpl("user1"); CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(user1) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(user2) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.DELETE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); Assert.assertTrue(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2)); }
@Test public void testIsConflictingAclWillDetermineThatAnAllowAndDenyForDifferentUsersDoesNotConflict() { UserPrincipal user1 = new TestUserImpl("user1"); UserPrincipal user2 = new TestUserImpl("user2"); CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(user1) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(user2) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.DELETE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); Assert.assertFalse(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2)); }
@Test public void testIsConflictingAclWillDetermineThatAnAllowAndDenyForTheSamePermissionsForAGroupConflicts() { GroupPrincipal group1 = new TestGroupImpl("group1"); GroupPrincipal group2 = new TestGroupImpl("group1"); CloudAclEntry<GroupPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .setPrincipal(group1) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .setPrincipal(group2) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.ADD_SUBDIRECTORY) .build(); Assert.assertTrue(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2)); }
@Test public void testIsConflictingAclWillDetermineThatAnAllowAndDenyForDifferentGroupsDoesNotConflict() { GroupPrincipal group1 = new TestGroupImpl("group1"); GroupPrincipal group2 = new TestGroupImpl("group2"); CloudAclEntry<GroupPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .setPrincipal(group1) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .setPrincipal(group2) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.ADD_SUBDIRECTORY) .build(); Assert.assertFalse(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2)); }
@Test public void testIsConflictingAclWillReturnFalseForAUserNotInAGroup() { UserPrincipal user1 = new TestUserImpl("user1"); GroupPrincipal group2 = new TestGroupImpl("group1"); CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(user1) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .setPrincipal(group2) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.ADD_SUBDIRECTORY) .build(); Assert.assertFalse(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2)); }
@Test public void testIsConflictingAclWillReturnFalseByDefaultForAUserInAGroupWithConflictingPermissions() { UserPrincipal user1 = new TestUserImpl("user1"); TestGroupImpl group2 = new TestGroupImpl("group1"); group2.addMember(user1); Assert.assertTrue(group2.isMember(user1)); CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(user1) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .setPrincipal(group2) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.ADD_SUBDIRECTORY) .build(); Assert.assertFalse(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2)); }
@Test public void testIsConflictingAclWillReturnTrueIfTheGroupMembershipCheckIsEnabledForAUserInAGroupWithConflictingPermissions() { checker = new DefaultCloudAclEntryConflictChecker(true); UserPrincipal user1 = new TestUserImpl("user1"); TestGroupImpl group2 = new TestGroupImpl("group1"); group2.addMember(user1); Assert.assertTrue(group2.isMember(user1)); CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(user1) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .setPrincipal(group2) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.ADD_SUBDIRECTORY) .build(); Assert.assertTrue(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2)); }
@Test public void testMergeAclForTwoAllowRulesWillMergeThePermissionsAndFlagsOfTwoAclsForTheSameUser() { CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .addFlag(AclEntryFlag.DIRECTORY_INHERIT) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.DELETE) .addFlag(AclEntryFlag.FILE_INHERIT) .build(); CloudAclEntry<?> mergedAcl = checker.mergeAcl(new ConflictingCloudAclEntry(cloudAclEntry1, cloudAclEntry2)); Assert.assertEquals("user1", ((TestUserImpl)mergedAcl.getPrincipal()).getName()); Assert.assertEquals(AclEntryType.ALLOW, mergedAcl.getType()); Assert.assertEquals(EnumSet.of(AclEntryPermission.DELETE, AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY), mergedAcl.getPermissions()); Assert.assertEquals(EnumSet.of(AclEntryFlag.DIRECTORY_INHERIT, AclEntryFlag.FILE_INHERIT), mergedAcl.getFlags()); }
@Test public void testMergeAclForTwoDenyRulesWillMergeThePermissionsAndFlagsOfTwoAclsForTheSameUser() { CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .addFlag(AclEntryFlag.DIRECTORY_INHERIT) .build(); CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(new TestUserImpl("user1")) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.DELETE) .addFlag(AclEntryFlag.FILE_INHERIT) .build(); CloudAclEntry<?> mergedAcl = checker.mergeAcl(new ConflictingCloudAclEntry(cloudAclEntry1, cloudAclEntry2)); Assert.assertEquals("user1", ((TestUserImpl)mergedAcl.getPrincipal()).getName()); Assert.assertEquals(AclEntryType.DENY, mergedAcl.getType()); Assert.assertEquals(EnumSet.of(AclEntryPermission.DELETE, AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY), mergedAcl.getPermissions()); Assert.assertEquals(EnumSet.of(AclEntryFlag.DIRECTORY_INHERIT, AclEntryFlag.FILE_INHERIT), mergedAcl.getFlags()); }
@Test public void testCheckAccessForADirectoryWithAnAnonymousUserWillAllowAccessIfTheSecurityManagerAllowsIt() throws IOException { CloudHostSecurityManager securityManager = context.mock(CloudHostSecurityManager.class); EnumSet<AclEntryPermission> perms = EnumSet.of(AclEntryPermission.ADD_FILE); context.checking(new Expectations() {{ allowing(config).getUserGroupLookupService(); will(returnValue(null)); allowing(config).getCloudHostSecurityManager(); will(returnValue(securityManager)); allowing(blobStore).directoryExists(TEST_CONTAINER, TEST_PATH); will(returnValue(true)); exactly(1).of(securityManager).checkAccessAllowed(with(any(CloudAclEntrySet.class)), with(equal(AnonymousUserPrincipal.INSTANCE)), with(equal(perms))); will(returnValue(true)); }}); view.checkAccess(perms); }
@Test public void testCloneProducesACloneEqualsToTheOriginalSet() throws NotOwnerException { UserPrincipal user1 = new TestUserImpl("user1"); TestGroupImpl group1 = new TestGroupImpl("group1"); CloudAclEntrySet acls = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE); CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .setPrincipal(user1) .setType(AclEntryType.DENY) .addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY) .build(); CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .setPrincipal(group1) .setType(AclEntryType.ALLOW) .addPermissions(AclEntryPermission.ADD_SUBDIRECTORY) .build(); Assert.assertTrue(acls.addAllEntries(AnonymousUserPrincipal.INSTANCE, Arrays.asList(new CloudAclEntry<?>[] {cloudAclEntry1, cloudAclEntry2}))); CloudAclEntrySet clone = acls.clone(); Assert.assertEquals(acls, clone); }
/** * Add the proper File-System permissions to a file so that SQL Server can run a RESTORE query. * * @param username The username that SQL Server runs as, e.g. "NETWORK SERVICE" * @param file The file whose permissions will be modified. * @throws IOException */ public static void addRestorePermissions(String username, Path file) throws IOException { AclFileAttributeView aclAttr = Files.getFileAttributeView(file, AclFileAttributeView.class); UserPrincipalLookupService currULS = file.getFileSystem().getUserPrincipalLookupService(); UserPrincipal principal = currULS.lookupPrincipalByName(username); AclEntry.Builder builder = AclEntry.newBuilder(); builder.setPermissions(EnumSet.of(AclEntryPermission.READ_DATA, AclEntryPermission.READ_ACL, AclEntryPermission.READ_ATTRIBUTES, AclEntryPermission.READ_NAMED_ATTRS, AclEntryPermission.EXECUTE, AclEntryPermission.SYNCHRONIZE)); builder.setPrincipal(principal); builder.setType(AclEntryType.ALLOW); aclAttr.setAcl(Collections.singletonList(builder.build())); }
private AclEntry createConfigurationAccessACLEntry(UserPrincipal user) { AclEntry entry = AclEntry .newBuilder() .setType(AclEntryType.ALLOW) .setPrincipal(user) .setPermissions( AclEntryPermission.WRITE_NAMED_ATTRS, AclEntryPermission.WRITE_DATA, AclEntryPermission.WRITE_ATTRIBUTES, AclEntryPermission.READ_ATTRIBUTES, AclEntryPermission.APPEND_DATA, AclEntryPermission.READ_DATA, AclEntryPermission.READ_NAMED_ATTRS, AclEntryPermission.READ_ACL, AclEntryPermission.SYNCHRONIZE, AclEntryPermission.DELETE) .setFlags(AclEntryFlag.FILE_INHERIT) .build(); return entry; }
/** * 获取默认acl权限 */ public static Set<AclEntryPermission> getDefaultAclPerm() { Set<AclEntryPermission> perms = EnumSet.noneOf(AclEntryPermission.class); perms.addAll(Arrays.asList(permList)); return perms; }
private void setWindowsPermissions(Path path) { try { AclFileAttributeView aclAttr = Files.getFileAttributeView(path, AclFileAttributeView.class); UserPrincipalLookupService lookupService = path.getFileSystem().getUserPrincipalLookupService(); aclAttr.setAcl(Arrays.asList( getAclEntry(lookupService.lookupPrincipalByName("SYSTEM"), Collections.emptySet()), getAclEntry(lookupService.lookupPrincipalByName(System.getProperty("user.name")), EnumSet.allOf(AclEntryPermission.class)) )); } catch (IOException ex) { throw new RuntimeException(ex); } }
/** * <p> * This first invokes {@link #readInternalAclFileAttributes()} * to determine file existence, which throws a {@link FileNotFoundException} if the file doesn't exist. * Access to the file is then checked by first retrieving the * {@link CloudHostConfiguration#getUserGroupLookupService() user service} and if it is * of has the mixin interface {@link UserGroupLookupService} then it will get the * {@link CloudHostConfiguration#getCloudHostSecurityManager() cloud host security manager} and invoke * {@link CloudHostSecurityManager#checkAccessAllowed(CloudAclEntrySet, UserPrincipal, Set)} to work out * if the permissions are valid. * </p> * <p> * If no {@link UserGroupLookupService} exists or the lookup returns <em>null</em> then the * {@link AnonymousUserPrincipal#INSTANCE} is used. * </p> * <p> * If no {@link CloudHostSecurityManager} is available then access will just be allowed as no access * check is possible. * </p> * @throws SecurityException If access is not allowed */ public CloudAclFileAttributes checkAccess(Set<AclEntryPermission> checkPermissions) throws IOException { // Throws FileNotFoundException CloudAclFileAttributes readAttributes = readInternalAclFileAttributes(); // Read the config CloudHostConfiguration cloudHostConfiguration = path.getFileSystem().getCloudHostConfiguration(); // Get the security manager CloudHostSecurityManager cloudHostSecurityManager = cloudHostConfiguration.getCloudHostSecurityManager(); if (cloudHostSecurityManager == null) { // No security manager, no access LOG.info("No {} found in cloud host configuration {}, default action is to allow all access", CloudHostSecurityManager.class, cloudHostConfiguration); return readAttributes; } // Try to get the current user UserPrincipal currentUser = null; UserGroupLookupService<?> userGroupLookupService = cloudHostConfiguration.getUserGroupLookupService(); if (userGroupLookupService != null) { currentUser = ((UserGroupLookupService<?>)userGroupLookupService).getCurrentUser(); } // Default to anonymous if (currentUser == null) { currentUser = AnonymousUserPrincipal.INSTANCE; } // Check for access against the ACL's if (!cloudHostSecurityManager.checkAccessAllowed(readAttributes.getAclSet(), currentUser, checkPermissions)) { LOG.debug("Permission doesn't allow access for '{}': {}", path.toString(), checkPermissions); throw new AccessDeniedException(path.toString(), null, "Permission doesn't allow access"); } return readAttributes; }
/** * Finds all ACL's with any of the specified type and with <em>all</em> of the permissions * type. * @param aclOwner * @param type * @return */ public Set<CloudAclEntry<?>> findAclsOfTypeWithAllPermissions(Principal aclOwner, AclEntryType type, Set<AclEntryPermission> permissions) { return findAcls(a -> type.equals(a.getType()) && aclOwner.equals(a.getPrincipal()) && SetUtils.difference(permissions, a.getPermissions()).isEmpty()); }
/** * Finds all ACL's with any of the specified type and with <em>any</em> of the permissions * type. * @param aclOwner * @param type * @return */ public Set<CloudAclEntry<?>> findAclsOfTypeWithAnyPermissions(Principal aclOwner, AclEntryType type, Set<AclEntryPermission> permissions) { return findAcls(a -> type.equals(a.getType()) && aclOwner.equals(a.getPrincipal()) && SetUtils.difference(permissions, a.getPermissions()).size() < permissions.size()); }
@Test public void testDoesUserHaveAccessFailsForAUserPrincipalWithNoRules() { UserPrincipal user = new TestUserImpl("user1"); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE); Assert.assertFalse(mgr.doesUserHaveAccess(assetPermissions, user, null, EnumSet.of(AclEntryPermission.ADD_FILE))); // Now try it with some groups as well GroupPrincipal group1 = new TestGroupImpl("group1"); GroupPrincipal group2 = new TestGroupImpl("group2"); Set<GroupPrincipal> userGroups = Sets.newHashSet(group1, group2); Assert.assertFalse(mgr.doesUserHaveAccess(assetPermissions, user, userGroups, EnumSet.of(AclEntryPermission.ADD_FILE))); }
@Test public void testDoesUserHaveAccessFailsForAnAnonymousUserWithNoRules() { CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE); Assert.assertFalse(mgr.doesUserHaveAccess(assetPermissions, null, null, EnumSet.of(AclEntryPermission.ADD_FILE))); // Now try it with some groups as well to try and break it GroupPrincipal group1 = new TestGroupImpl("group1"); GroupPrincipal group2 = new TestGroupImpl("group2"); Set<GroupPrincipal> userGroups = Sets.newHashSet(group1, group2); Assert.assertFalse(mgr.doesUserHaveAccess(assetPermissions, null, userGroups, EnumSet.of(AclEntryPermission.ADD_FILE))); }
@Test public void testDoesUserHaveAccessSucceedsForAUserPrincipalWithAnAllowRule() { UserPrincipal user = new TestUserImpl("user1"); CloudAclEntry<UserPrincipal> entry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.ALLOW) .setPrincipal(user) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, null, EnumSet.of(AclEntryPermission.ADD_FILE))); }
@Test public void testDoesUserHaveAccessSucceedsForAUserPrincipalWithAnAnonymousAllowRule() { UserPrincipal user = new TestUserImpl("user1"); CloudAclEntry<UserPrincipal> entry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.ALLOW) .setPrincipal(new AnonymousUserPrincipal()) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, null, EnumSet.of(AclEntryPermission.ADD_FILE))); }
@Test public void testDoesUserHaveAccessSucceedsForAnAnonymousUserWithAnAnonymousAllowRule() { CloudAclEntry<UserPrincipal> entry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.ALLOW) .setPrincipal(new AnonymousUserPrincipal()) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, null, null, EnumSet.of(AclEntryPermission.ADD_FILE))); }
@Test public void testDoesUserHaveAccessSucceedsForAUserWithAnAnonymousGroupAllowRule() { UserPrincipal user = new TestUserImpl("user1"); CloudAclEntry<GroupPrincipal> entry1 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.ALLOW) .setPrincipal(AnonymousGroupPrincipal.INSTANCE) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, null, EnumSet.of(AclEntryPermission.ADD_FILE))); }
@Test public void testDoesUserHaveAccessSucceedsForAnAnonymousUserWithAnAnonymousGroupAllowRule() { CloudAclEntry<GroupPrincipal> entry1 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.ALLOW) .setPrincipal(AnonymousGroupPrincipal.INSTANCE) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, null, null, EnumSet.of(AclEntryPermission.ADD_FILE))); }
@Test public void testDoesUserHaveAccessSucceedsForAUsersGroupWithAnAllowRule() { UserPrincipal user = new TestUserImpl("user1"); GroupPrincipal group1 = new TestGroupImpl("group1"); GroupPrincipal group2 = new TestGroupImpl("group2"); Set<GroupPrincipal> userGroups = Sets.newHashSet(group1, group2); CloudAclEntry<GroupPrincipal> entry1 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class) .addPermission(AclEntryPermission.ADD_FILE) .setType(AclEntryType.ALLOW) .setPrincipal(group2) .build(); CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1); Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, userGroups, EnumSet.of(AclEntryPermission.ADD_FILE))); }
