Java 类java.nio.file.attribute.UserPrincipal 实例源码
项目:openjdk-jdk10
文件:TestVMOptionsFile.java
private static void makeFileNonReadable(String file) throws IOException {
Path filePath = Paths.get(file);
Set<String> supportedAttr = filePath.getFileSystem().supportedFileAttributeViews();
if (supportedAttr.contains("posix")) {
Files.setPosixFilePermissions(filePath, PosixFilePermissions.fromString("-w--w----"));
} else if (supportedAttr.contains("acl")) {
UserPrincipal fileOwner = Files.getOwner(filePath);
AclFileAttributeView view = Files.getFileAttributeView(filePath, AclFileAttributeView.class);
AclEntry entry = AclEntry.newBuilder()
.setType(AclEntryType.DENY)
.setPrincipal(fileOwner)
.setPermissions(AclEntryPermission.READ_DATA)
.build();
List<AclEntry> acl = view.getAcl();
acl.add(0, entry);
view.setAcl(acl);
}
}
项目:openjdk9
文件:TestVMOptionsFile.java
private static void makeFileNonReadable(String file) throws IOException {
Path filePath = Paths.get(file);
Set<String> supportedAttr = filePath.getFileSystem().supportedFileAttributeViews();
if (supportedAttr.contains("posix")) {
Files.setPosixFilePermissions(filePath, PosixFilePermissions.fromString("-w--w----"));
} else if (supportedAttr.contains("acl")) {
UserPrincipal fileOwner = Files.getOwner(filePath);
AclFileAttributeView view = Files.getFileAttributeView(filePath, AclFileAttributeView.class);
AclEntry entry = AclEntry.newBuilder()
.setType(AclEntryType.DENY)
.setPrincipal(fileOwner)
.setPermissions(AclEntryPermission.READ_DATA)
.build();
List<AclEntry> acl = view.getAcl();
acl.add(0, entry);
view.setAcl(acl);
}
}
项目:java-cloud-filesystem-provider
文件:DefaultAclCheckingSecurityManager.java
@Override
public boolean checkAccessAllowed(CloudPath path, UserPrincipal userOrGroup,
Set<AclEntryPermission> checkPermissions) {
// Get the view for the path
CloudFileAttributesView cloudFileAttributeView = Files.getFileAttributeView(path, CloudFileAttributesView.class);
if (cloudFileAttributeView == null) {
LOG.warn("Could not get {} attribute view from path {}", CloudFileAttributesView.class, path);
return false;
}
CloudAclFileAttributes aclFileAttributes;
try {
aclFileAttributes = cloudFileAttributeView.readAttributes();
} catch (IOException e) {
LOG.warn("Could not read ACL file attributes for {}", path);
return false;
}
return checkAccessAllowed(aclFileAttributes.getAclSet(), userOrGroup, checkPermissions);
}
项目:java-cloud-filesystem-provider
文件:DefaultAclCheckingSecurityManager.java
/**
* Checks the access for the given user/group such that the <em>all</em> of the permissions in
* <em>checkPermissions</em> are allowed in the <em>cloudAclEntrySet</em>
*
* @param cloudAclEntrySet Asset ACL permissions
* @param userOrGroup A {@link UserPrincipal} or {@link GroupPrincipal}, which can be null for
* anonymous
* @param checkPermissions Permissions to check for
* @return true if access is allowed with the given permissions, false otherwise
*/
@Override
public boolean checkAccessAllowed(CloudAclEntrySet assetPermissions, UserPrincipal userOrGroup,
Set<AclEntryPermission> checkPermissions) {
boolean isGroup = userOrGroup != null ? GroupPrincipal.class.isAssignableFrom(userOrGroup.getClass()) : false;
// Get a user's groups if required
Set<GroupPrincipal> userGroups;
if (!isGroup && userPrincipalLookupService != null && userOrGroup != null) {
userGroups = userPrincipalLookupService.getUserPrincipalGroups(userOrGroup);
} else {
userGroups = null;
}
return doesUserHaveAccess(assetPermissions, userOrGroup, userGroups, checkPermissions);
}
项目:java-cloud-filesystem-provider
文件:ResettingAclIterator.java
boolean hasNextInternal(boolean advance) {
while (advance && (hasNext = currentIterator.hasNext())) {
nextEntry = currentIterator.next();
// When no principal class then iterate across the whole set
if (principalClass == null) {
return hasNext;
}
// GroupPrincipal inherits from UserPrincipal so we would like to constrain the
// Class.isAssignableFrom call when we are looking for UserPrincipal to exclude GroupPrincipal
boolean lookingForUserPrincipal = UserPrincipal.class.isAssignableFrom(principalClass) &&
!GroupPrincipal.class.isAssignableFrom(principalClass);
// Check if this is the class type we are looking for
if (principalClass.isAssignableFrom(nextEntry.getPrincipalClass()) &&
(!lookingForUserPrincipal || !GroupPrincipal.class.isAssignableFrom(nextEntry.getPrincipalClass()))) {
return hasNext;
}
}
return hasNext;
}
项目:java-cloud-filesystem-provider
文件:CloudFile.java
boolean hasPermissions(EnumSet<AclEntryPermission> permissions) {
CloudHostConfiguration cloudHostConfiguration = cloudPath.getFileSystem().getCloudHostConfiguration();
CloudHostSecurityManager cloudHostSecurityManager = cloudHostConfiguration.getCloudHostSecurityManager();
UserGroupLookupService<?> userPrincipalLookupService =
cloudHostConfiguration.getUserGroupLookupService();
if (cloudHostSecurityManager == null) {
// No security manager, allow access
LOG.debug("No {} found in cloud host configuration {}, default action is to allow all access",
CloudHostSecurityManager.class, cloudHostConfiguration);
return true;
}
UserPrincipal currentUser = null; // Anonymous
if (userPrincipalLookupService != null) {
currentUser = userPrincipalLookupService.getCurrentUser();
} else {
LOG.debug("Cannot find current user, no {} in cloud host configuration {}",
UserGroupLookupService.class, cloudHostConfiguration);
currentUser = AnonymousUserPrincipal.INSTANCE;
}
return cloudHostSecurityManager.checkAccessAllowed(cloudPath, currentUser, permissions);
}
项目:java-cloud-filesystem-provider
文件:DefaultAclCheckingSecurityManagerTest.java
@Test
public void testDoesUserHaveAccessFailsForAUserWithAnAnonymousGroupAllowRuleButAnonymousUserDenyRule() {
UserPrincipal user = new TestUserImpl("user1");
CloudAclEntry<GroupPrincipal> entry1 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class)
.addPermission(AclEntryPermission.ADD_FILE)
.setType(AclEntryType.ALLOW)
.setPrincipal(AnonymousGroupPrincipal.INSTANCE)
.build();
CloudAclEntry<UserPrincipal> entry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.addPermission(AclEntryPermission.ADD_FILE)
.setType(AclEntryType.DENY)
.setPrincipal(new AnonymousUserPrincipal())
.build();
CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1, entry2);
Assert.assertFalse(mgr.doesUserHaveAccess(assetPermissions, user, null, EnumSet.of(AclEntryPermission.ADD_FILE)));
}
项目:java-cloud-filesystem-provider
文件:DefaultAclCheckingSecurityManagerTest.java
@Test
public void testDoesUserHaveAccessFailsForAUserGroupWithAnAllowRuleAndAUserWithADenyRule() {
UserPrincipal user = new TestUserImpl("user1");
CloudAclEntry<UserPrincipal> entry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.addPermission(AclEntryPermission.ADD_FILE)
.setType(AclEntryType.DENY)
.setPrincipal(user)
.build();
GroupPrincipal group1 = new TestGroupImpl("group1");
GroupPrincipal group2 = new TestGroupImpl("group2");
Set<GroupPrincipal> userGroups = Sets.newHashSet(group1, group2);
CloudAclEntry<GroupPrincipal> entry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class)
.addPermission(AclEntryPermission.ADD_FILE)
.setType(AclEntryType.ALLOW)
.setPrincipal(group2)
.build();
CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1, entry2);
Assert.assertFalse(mgr.doesUserHaveAccess(assetPermissions, user, userGroups, EnumSet.of(AclEntryPermission.ADD_FILE)));
}
项目:java-cloud-filesystem-provider
文件:DefaultAclCheckingSecurityManagerTest.java
@Test
public void testDoesUserHaveAccessSucceedsForAUserPrincipalWithMultipleCheckPermissionsAndMultipleAssetPermissionsAllowed() {
UserPrincipal user = new TestUserImpl("user1");
CloudAclEntry<UserPrincipal> entry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL)
.setType(AclEntryType.ALLOW)
.setPrincipal(user)
.build();
CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1);
Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, null,
EnumSet.of(AclEntryPermission.ADD_FILE, AclEntryPermission.WRITE_ACL)));
Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, null,
EnumSet.of(AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL)));
Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, null,
EnumSet.of(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL)));
}
项目:java-cloud-filesystem-provider
文件:DefaultAclCheckingSecurityManagerTest.java
@Test
public void testDoesUserHaveAccessSucceedsForUsersGroupWithMultipleCheckPermissionsAndMultipleAssetPermissionsAllowed() {
UserPrincipal user = new TestUserImpl("user1");
GroupPrincipal group1 = new TestGroupImpl("group1");
GroupPrincipal group2 = new TestGroupImpl("group2");
Set<GroupPrincipal> userGroups = Sets.newHashSet(group1, group2);
CloudAclEntry<GroupPrincipal> entry1 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL)
.setType(AclEntryType.ALLOW)
.setPrincipal(group2)
.build();
CloudAclEntrySet assetPermissions = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE, entry1);
Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, userGroups, EnumSet.of(AclEntryPermission.ADD_FILE)));
Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, userGroups,
EnumSet.of(AclEntryPermission.ADD_FILE, AclEntryPermission.WRITE_ACL)));
Assert.assertTrue(mgr.doesUserHaveAccess(assetPermissions, user, userGroups,
EnumSet.of(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY, AclEntryPermission.WRITE_ACL)));
}
项目:java-cloud-filesystem-provider
文件:DefaultCloudAclEntryConflictCheckerTest.java
@Test
public void testIsConflictingAclWillDetermineThatAnAllowAndDenyForTheSamePermissionsForAUserConflicts() {
UserPrincipal user1 = new TestUserImpl("user1");
UserPrincipal user2 = new TestUserImpl("user1");
CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(user1)
.setType(AclEntryType.DENY)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY)
.build();
CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(user2)
.setType(AclEntryType.ALLOW)
.addPermissions(AclEntryPermission.DELETE, AclEntryPermission.ADD_SUBDIRECTORY)
.build();
Assert.assertTrue(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2));
}
项目:java-cloud-filesystem-provider
文件:DefaultCloudAclEntryConflictCheckerTest.java
@Test
public void testIsConflictingAclWillDetermineThatAnAllowAndDenyForDifferentUsersDoesNotConflict() {
UserPrincipal user1 = new TestUserImpl("user1");
UserPrincipal user2 = new TestUserImpl("user2");
CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(user1)
.setType(AclEntryType.DENY)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY)
.build();
CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(user2)
.setType(AclEntryType.ALLOW)
.addPermissions(AclEntryPermission.DELETE, AclEntryPermission.ADD_SUBDIRECTORY)
.build();
Assert.assertFalse(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2));
}
项目:java-cloud-filesystem-provider
文件:DefaultCloudAclEntryConflictCheckerTest.java
@Test
public void testIsConflictingAclWillReturnFalseForAUserNotInAGroup() {
UserPrincipal user1 = new TestUserImpl("user1");
GroupPrincipal group2 = new TestGroupImpl("group1");
CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(user1)
.setType(AclEntryType.DENY)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY)
.build();
CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class)
.setPrincipal(group2)
.setType(AclEntryType.ALLOW)
.addPermissions(AclEntryPermission.ADD_SUBDIRECTORY)
.build();
Assert.assertFalse(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2));
}
项目:java-cloud-filesystem-provider
文件:DefaultCloudAclEntryConflictCheckerTest.java
@Test
public void testIsConflictingAclWillReturnFalseByDefaultForAUserInAGroupWithConflictingPermissions() {
UserPrincipal user1 = new TestUserImpl("user1");
TestGroupImpl group2 = new TestGroupImpl("group1");
group2.addMember(user1);
Assert.assertTrue(group2.isMember(user1));
CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(user1)
.setType(AclEntryType.DENY)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY)
.build();
CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class)
.setPrincipal(group2)
.setType(AclEntryType.ALLOW)
.addPermissions(AclEntryPermission.ADD_SUBDIRECTORY)
.build();
Assert.assertFalse(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2));
}
项目:java-cloud-filesystem-provider
文件:DefaultCloudAclEntryConflictCheckerTest.java
@Test
public void testIsConflictingAclWillReturnTrueIfTheGroupMembershipCheckIsEnabledForAUserInAGroupWithConflictingPermissions() {
checker = new DefaultCloudAclEntryConflictChecker(true);
UserPrincipal user1 = new TestUserImpl("user1");
TestGroupImpl group2 = new TestGroupImpl("group1");
group2.addMember(user1);
Assert.assertTrue(group2.isMember(user1));
CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(user1)
.setType(AclEntryType.DENY)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY)
.build();
CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class)
.setPrincipal(group2)
.setType(AclEntryType.ALLOW)
.addPermissions(AclEntryPermission.ADD_SUBDIRECTORY)
.build();
Assert.assertTrue(checker.isConflictingAcl(cloudAclEntry1, cloudAclEntry2));
}
项目:java-cloud-filesystem-provider
文件:DefaultCloudAclEntryConflictCheckerTest.java
@Test
public void testMergeAclForTwoAllowRulesWillMergeThePermissionsAndFlagsOfTwoAclsForTheSameUser() {
CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(new TestUserImpl("user1"))
.setType(AclEntryType.ALLOW)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY)
.addFlag(AclEntryFlag.DIRECTORY_INHERIT)
.build();
CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(new TestUserImpl("user1"))
.setType(AclEntryType.ALLOW)
.addPermissions(AclEntryPermission.DELETE)
.addFlag(AclEntryFlag.FILE_INHERIT)
.build();
CloudAclEntry<?> mergedAcl = checker.mergeAcl(new ConflictingCloudAclEntry(cloudAclEntry1, cloudAclEntry2));
Assert.assertEquals("user1", ((TestUserImpl)mergedAcl.getPrincipal()).getName());
Assert.assertEquals(AclEntryType.ALLOW, mergedAcl.getType());
Assert.assertEquals(EnumSet.of(AclEntryPermission.DELETE, AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY),
mergedAcl.getPermissions());
Assert.assertEquals(EnumSet.of(AclEntryFlag.DIRECTORY_INHERIT, AclEntryFlag.FILE_INHERIT), mergedAcl.getFlags());
}
项目:java-cloud-filesystem-provider
文件:DefaultCloudAclEntryConflictCheckerTest.java
@Test
public void testMergeAclForTwoDenyRulesWillMergeThePermissionsAndFlagsOfTwoAclsForTheSameUser() {
CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(new TestUserImpl("user1"))
.setType(AclEntryType.DENY)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY)
.addFlag(AclEntryFlag.DIRECTORY_INHERIT)
.build();
CloudAclEntry<UserPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(new TestUserImpl("user1"))
.setType(AclEntryType.DENY)
.addPermissions(AclEntryPermission.DELETE)
.addFlag(AclEntryFlag.FILE_INHERIT)
.build();
CloudAclEntry<?> mergedAcl = checker.mergeAcl(new ConflictingCloudAclEntry(cloudAclEntry1, cloudAclEntry2));
Assert.assertEquals("user1", ((TestUserImpl)mergedAcl.getPrincipal()).getName());
Assert.assertEquals(AclEntryType.DENY, mergedAcl.getType());
Assert.assertEquals(EnumSet.of(AclEntryPermission.DELETE, AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY),
mergedAcl.getPermissions());
Assert.assertEquals(EnumSet.of(AclEntryFlag.DIRECTORY_INHERIT, AclEntryFlag.FILE_INHERIT), mergedAcl.getFlags());
}
项目:java-cloud-filesystem-provider
文件:CloudAclEntrySetTest.java
@Test
public void testCloneProducesACloneEqualsToTheOriginalSet() throws NotOwnerException {
UserPrincipal user1 = new TestUserImpl("user1");
TestGroupImpl group1 = new TestGroupImpl("group1");
CloudAclEntrySet acls = new CloudAclEntrySet(AnonymousUserPrincipal.INSTANCE);
CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(user1)
.setType(AclEntryType.DENY)
.addPermissions(AclEntryPermission.ADD_FILE, AclEntryPermission.ADD_SUBDIRECTORY)
.build();
CloudAclEntry<GroupPrincipal> cloudAclEntry2 = new CloudAclEntryBuilder<GroupPrincipal>(GroupPrincipal.class)
.setPrincipal(group1)
.setType(AclEntryType.ALLOW)
.addPermissions(AclEntryPermission.ADD_SUBDIRECTORY)
.build();
Assert.assertTrue(acls.addAllEntries(AnonymousUserPrincipal.INSTANCE,
Arrays.asList(new CloudAclEntry<?>[] {cloudAclEntry1, cloudAclEntry2})));
CloudAclEntrySet clone = acls.clone();
Assert.assertEquals(acls, clone);
}
项目:java-cloud-filesystem-provider
文件:CloudAclEntrySetTest.java
@Test
public void testGetAclEntriesUsesClonedEntriesAndDoesNotModifyTheUnderlyingAclEntry() throws NotOwnerException {
UserPrincipal user1 = new TestUserImpl("user1");
CloudAclEntry<UserPrincipal> cloudAclEntry1 = new CloudAclEntryBuilder<UserPrincipal>(UserPrincipal.class)
.setPrincipal(user1)
.setType(AclEntryType.ALLOW)
.addPermissions(AclConstants.ALL_DIRECTORY_READ_PERMISSIONS)
.build();
CloudAclEntrySet acls = new CloudAclEntrySet(user1, cloudAclEntry1);
Set<CloudAclEntry<?>> aclEntries = acls.getAclEntries();
Assert.assertEquals(1, aclEntries.size());
CloudAclEntry<?> cloudAclEntryClone = aclEntries.stream().findFirst().get();
Assert.assertEquals(cloudAclEntry1, cloudAclEntryClone);
Assert.assertFalse(cloudAclEntry1 == cloudAclEntryClone);
cloudAclEntryClone.setPermissions(AclConstants.ALL_FILE_WRITE_PERMISSIONS);
Assert.assertEquals(AclConstants.ALL_FILE_WRITE_PERMISSIONS, cloudAclEntryClone.getPermissions());
Assert.assertNotEquals(AclConstants.ALL_DIRECTORY_READ_PERMISSIONS, cloudAclEntryClone.getPermissions());
Assert.assertEquals(AclConstants.ALL_DIRECTORY_READ_PERMISSIONS, cloudAclEntry1.getPermissions());
Assert.assertNotEquals(AclConstants.ALL_FILE_WRITE_PERMISSIONS, cloudAclEntry1.getPermissions());
}
项目:NewJavaDemo
文件:NewFileLibrary.java
public void otherPotentiallyUsefulFeatures() {
final Path path = Paths.get("/foo/bar");
Files.isRegularFile(path);
Files.isExecutable(path);
Files.isReadable(path);
Files.isDirectory(path);
try {
Files.isHidden(path);
UserPrincipal userPrincipal = FileSystems.getDefault().getUserPrincipalLookupService()
.lookupPrincipalByName("zmelnick");
Files.setOwner(path, userPrincipal);
Files.isExecutable(path);
} catch (IOException e) {
e.printStackTrace();
}
}
项目:mssqlapplylogs
文件:FSHelper.java
/**
* Add the proper File-System permissions to a file so that SQL Server can run a RESTORE query.
*
* @param username The username that SQL Server runs as, e.g. "NETWORK SERVICE"
* @param file The file whose permissions will be modified.
* @throws IOException
*/
public static void addRestorePermissions(String username, Path file) throws IOException
{
AclFileAttributeView aclAttr = Files.getFileAttributeView(file, AclFileAttributeView.class);
UserPrincipalLookupService currULS = file.getFileSystem().getUserPrincipalLookupService();
UserPrincipal principal = currULS.lookupPrincipalByName(username);
AclEntry.Builder builder = AclEntry.newBuilder();
builder.setPermissions(EnumSet.of(AclEntryPermission.READ_DATA,
AclEntryPermission.READ_ACL,
AclEntryPermission.READ_ATTRIBUTES,
AclEntryPermission.READ_NAMED_ATTRS,
AclEntryPermission.EXECUTE,
AclEntryPermission.SYNCHRONIZE));
builder.setPrincipal(principal);
builder.setType(AclEntryType.ALLOW);
aclAttr.setAcl(Collections.singletonList(builder.build()));
}
项目:spike.x
文件:Files.java
public static void setOwner(
final String owner,
final Path... dirs) throws IOException {
UserPrincipal principal = FileSystems.getDefault()
.getUserPrincipalLookupService()
.lookupPrincipalByName(owner);
for (Path dir : dirs) {
try {
java.nio.file.Files.setOwner(dir, principal);
} catch (IOException e) {
m_logger.warn("Failed to set \"{}\" as the owner of \"{}\"",
owner, dir);
}
}
}
项目:tomcat-jwt-security
文件:JwtTokenValveTest.java
/**
* @throws Exception
*/
@Test
public void shouldPassAuth() throws Exception {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setAuthConstraint(true);
when(realm.findSecurityConstraints(request, request.getContext()))
.thenReturn(new SecurityConstraint[] { securityConstraint });
when(request.getHeader(JwtConstants.AUTH_HEADER)).thenReturn(
getTestToken());
jwtValve.invoke(request, response);
InOrder inOrder = inOrder(request, nextValve);
inOrder.verify(request).getHeader(JwtConstants.AUTH_HEADER);
inOrder.verify(request).setUserPrincipal(any(UserPrincipal.class));
inOrder.verify(request).setAuthType("TOKEN");
inOrder.verify(nextValve).invoke(request, response);
}
项目:ParallelGit
文件:PosixFileAttributeViewTest.java
@Test(expected = UnsupportedOperationException.class)
public void setOwnerOfFile_shouldThrowUnsupportedOperationException() throws IOException {
writeToCache("/file.txt");
commitToMaster();
initGitFileSystem();
GfsFileAttributeView.Posix view = provider.getFileAttributeView(gfs.getPath("/file.txt"), GfsFileAttributeView.Posix.class);
assertNotNull(view);
view.setOwner(new UserPrincipal() {
@Nonnull
@Override
public String getName() {
return "some_owner";
}
});
}
项目:che
文件:WindowsSshScript.java
@Override
protected void protectPrivateKeyFile(File sshKey) throws ServerException {
try {
AclFileAttributeView attributes =
Files.getFileAttributeView(sshKey.toPath(), AclFileAttributeView.class);
AclEntry.Builder builder = AclEntry.newBuilder();
builder.setType(ALLOW);
String ownerName = System.getProperty(OWNER_NAME_PROPERTY);
UserPrincipal userPrincipal =
FileSystems.getDefault().getUserPrincipalLookupService().lookupPrincipalByName(ownerName);
builder.setPrincipal(userPrincipal);
builder.setPermissions(
READ_DATA, APPEND_DATA, READ_NAMED_ATTRS, READ_ATTRIBUTES, DELETE, READ_ACL, SYNCHRONIZE);
AclEntry entry = builder.build();
List<AclEntry> aclEntryList = new ArrayList<>();
aclEntryList.add(entry);
attributes.setAcl(aclEntryList);
} catch (IOException e) {
throw new ServerException("Failed to set file permissions");
}
}
项目:Personifiler
文件:FileSystemWriter.java
private String getOwnerName(File file)
{
String directory = file.getAbsolutePath();
Path path = Paths.get(directory);
FileOwnerAttributeView ownerAttributeView = Files.getFileAttributeView(path, FileOwnerAttributeView.class);
UserPrincipal owner = null;
try
{
owner = ownerAttributeView.getOwner();
} catch (IOException e)
{
throw new PersonifilerException(e);
}
return owner.getName();
}
项目:openid-connect
文件:OpenIdConnectAuthModule.java
/**
* Cleans off the user principal and group principal from the subject.
*
* @param messageInfo
* message info
* @param subject
* subject
*/
@Override
public void cleanSubject(final MessageInfo messageInfo,
final Subject subject) throws AuthException {
final Iterator<Principal> i = subject.getPrincipals().iterator();
while (i.hasNext()) {
final Principal principal = i.next();
if (principal instanceof UserPrincipal) {
i.remove();
}
if (principal instanceof GroupPrincipal) {
i.remove();
}
}
}
项目:yajsync
文件:UnixFileAttributeManager.java
private RsyncFileAttributes fullStat(Path path) throws IOException
{
String toStat = "unix:mode,lastModifiedTime,size,uid,gid,owner,group";
Map<String, Object> attrs = Files.readAttributes(path, toStat, LinkOption.NOFOLLOW_LINKS);
int mode = (int) attrs.get("mode");
long mtime = ((FileTime) attrs.get("lastModifiedTime")).to(TimeUnit.SECONDS);
long size = (long) attrs.get("size");
int uid = (int) attrs.get("uid");
int gid = (int) attrs.get("gid");
String userName = ((UserPrincipal ) attrs.get("owner")).getName();
String groupName = ((GroupPrincipal) attrs.get("group")).getName();
User user = new User(userName, uid);
Group group = new Group(groupName, gid);
return new RsyncFileAttributes(mode, size, mtime, user, group);
}
项目:yajsync
文件:PosixFileAttributeManager.java
@Override
public RsyncFileAttributes stat(Path path) throws IOException
{
PosixFileAttributes attrs = Files.readAttributes(path, PosixFileAttributes.class,
LinkOption.NOFOLLOW_LINKS);
UserPrincipal userPrincipal = attrs.owner();
String userName = userPrincipal.getName();
GroupPrincipal groupPrincipal = attrs.group();
String groupName = groupPrincipal.getName();
_nameToUserPrincipal.putIfAbsent(userName, userPrincipal);
_nameToGroupPrincipal.putIfAbsent(groupName, groupPrincipal);
return new RsyncFileAttributes(toMode(attrs),
attrs.size(),
attrs.lastModifiedTime().to(TimeUnit.SECONDS),
new User(userName, _defaultUserId),
new Group(groupName, _defaultGroupId));
}
项目:memoryfs
文件:MemoryFS.java
@Override
public void checkAccess( EightyPath path, AccessMode... modes ) {
checkContract( path );
// can not be moved to Eighty because Files.exists calls checkAccess first -> loop
if( !isDirectory( path ) && !isFile( path ) ) {
throw u( new NoSuchFileException( "files does not exist " + path ) );
}
// todo generalize
if( Arrays.asList( modes ).contains( AccessMode.WRITE ) ) {
UserPrincipal fileOwner = Unchecked.u( () -> Files.getOwner( path ) );
if( !principals.getCurrentUser().equals( fileOwner ) ) {
throw u( new AccessDeniedException( "file is not writable " ) );
}
}
}
项目:ParallelGit
文件:PosixFileAttributeViewTest.java
@Test(expected = UnsupportedOperationException.class)
public void setOwnerOfFile_shouldThrowUnsupportedOperationException() throws IOException {
writeToCache("/file.txt");
commitToMaster();
initGitFileSystem();
GfsFileAttributeView.Posix view = provider.getFileAttributeView(gfs.getPath("/file.txt"), GfsFileAttributeView.Posix.class);
assertNotNull(view);
view.setOwner(new UserPrincipal() {
@Nonnull
@Override
public String getName() {
return "some_owner";
}
});
}
项目:jsr203-hadoop
文件:TestUserPrincipalLookupService.java
@Test
public void testUsersEquals() throws IOException {
Path rootPath = Paths.get(clusterUri);
UserPrincipal user = Files.getOwner(rootPath);
assertNotNull(user);
// Get the same user
UserPrincipal user2 = Files.getOwner(rootPath);
assertNotNull(user2);
Assert.assertTrue(user.equals(user));
Assert.assertTrue(user.equals(user2) && user2.equals(user));
Assert.assertFalse(user.equals(null));
Assert.assertFalse(user.equals(new Double(-1)));
UserPrincipal userTest = rootPath.getFileSystem()
.getUserPrincipalLookupService().lookupPrincipalByName("test");
Assert.assertFalse(user.equals(userTest));
}
项目:wildfly-core
文件:FilePermissionTestCase.java
@Test
public void testDefaultOwnership() throws Exception {
// This is unix test only
if (!Util.isWindows()) {
CommandContext ctx = CLITestUtil.getCommandContext(TestSuiteEnvironment.getServerAddress(),
TestSuiteEnvironment.getServerPort(), System.in, System.out);
String tmpFile = "tmpFile";
Path path = Paths.get(tmpFile);
try {
ctx.handle("echo \"aaa\" >> " + tmpFile);
UserPrincipal userPrincipal = Files.getOwner(path);
assertThat("The test file has unexpected ownership: " + userPrincipal.toString(),
userPrincipal.toString(), CoreMatchers.is(CoreMatchers.equalTo(System.getProperty("user.name"))));
} finally {
ctx.terminateSession();
Files.delete(path);
}
}
}
项目:wildfly-core
文件:PersistanceResourceTestCase.java
private AclEntry createConfigurationAccessACLEntry(UserPrincipal user) {
AclEntry entry = AclEntry
.newBuilder()
.setType(AclEntryType.ALLOW)
.setPrincipal(user)
.setPermissions(
AclEntryPermission.WRITE_NAMED_ATTRS,
AclEntryPermission.WRITE_DATA,
AclEntryPermission.WRITE_ATTRIBUTES,
AclEntryPermission.READ_ATTRIBUTES,
AclEntryPermission.APPEND_DATA,
AclEntryPermission.READ_DATA,
AclEntryPermission.READ_NAMED_ATTRS,
AclEntryPermission.READ_ACL,
AclEntryPermission.SYNCHRONIZE,
AclEntryPermission.DELETE)
.setFlags(AclEntryFlag.FILE_INHERIT)
.build();
return entry;
}
项目:jimfs
文件:UserLookupServiceTest.java
@Test
public void testUserLookupService() throws IOException {
UserPrincipalLookupService service = new UserLookupService(true);
UserPrincipal bob1 = service.lookupPrincipalByName("bob");
UserPrincipal bob2 = service.lookupPrincipalByName("bob");
UserPrincipal alice = service.lookupPrincipalByName("alice");
assertThat(bob1).isEqualTo(bob2);
assertThat(bob1).isNotEqualTo(alice);
GroupPrincipal group1 = service.lookupPrincipalByGroupName("group");
GroupPrincipal group2 = service.lookupPrincipalByGroupName("group");
GroupPrincipal foo = service.lookupPrincipalByGroupName("foo");
assertThat(group1).isEqualTo(group2);
assertThat(group1).isNotEqualTo(foo);
}
项目:joanne
文件:Sorter.java
private void sortByOwner(String param){
toSort.forEach(event ->{
try {
UserPrincipal user = Files.getOwner(new File(event).toPath(), LinkOption.NOFOLLOW_LINKS);
if(user.toString().equals(param)){
sorted.add(event);
}
} catch (IOException ex) {
}
});
}
项目:ats-framework
文件:LocalFileSystemOperations.java
/**
*
* @param filename the file name
* @return the file owner
* @throws FileSystemOperationException
*/
private String getOwner(
String filename ) {
try {
UserPrincipal owner = Files.readAttributes( new File( filename ).toPath(),
PosixFileAttributes.class, LinkOption.NOFOLLOW_LINKS )
.owner();
return owner.getName();
} catch( Exception e ) {
throw new FileSystemOperationException( "Could not get owner for '" + filename + "'", e );
}
}
项目:cyberduck
文件:LocalUnixPermissionFeature.java
@Override
public void setUnixOwner(final Path file, final String owner) throws BackgroundException {
try {
final UserPrincipal principal = session.getClient().getUserPrincipalLookupService().lookupPrincipalByName(owner);
Files.setOwner(session.toPath(file), principal);
}
catch(IOException e) {
throw new LocalExceptionMappingService().map("Failure to write attributes of {0}", e, file);
}
}
项目:jdk8u-jdk
文件:CheckLockLocationTest.java
private static String getOwner(Path path) {
UserPrincipal user = null;
try {
user = Files.getOwner(path);
} catch (Exception x) {
System.err.println("Failed to get owner of: " + path);
System.err.println("\terror is: " + x);
}
return user == null ? "???" : user.getName();
}
项目:openjdk-jdk10
文件:CheckLockLocationTest.java
private static String getOwner(Path path) {
UserPrincipal user = null;
try {
user = Files.getOwner(path);
} catch (Exception x) {
System.err.println("Failed to get owner of: " + path);
System.err.println("\terror is: " + x);
}
return user == null ? "???" : user.getName();
}