From 42f6ff6d04b675143b04cc8438b1a3dc30d27cae Mon Sep 17 00:00:00 2001 From: Sven Nissel Date: Tue, 19 Apr 2022 22:23:06 +0200 Subject: [PATCH 1/3] VFS-818 root has read and write permissions also if he is not owner --- .../vfs2/provider/sftp/SftpFileObject.java | 8 ++++++-- .../sftp/UserIsOwnerPosixPermissions.java | 2 +- .../commons/vfs2/util/PosixPermissions.java | 15 ++++++++++++++- 3 files changed, 21 insertions(+), 4 deletions(-) diff --git a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/SftpFileObject.java b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/SftpFileObject.java index 7093493f47..e4c636009f 100644 --- a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/SftpFileObject.java +++ b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/SftpFileObject.java @@ -49,6 +49,8 @@ */ public class SftpFileObject extends AbstractFileObject { + private static final int ROOT_USER_ID = 0; + /** * An InputStream that monitors for end-of-file. */ @@ -471,8 +473,10 @@ protected synchronized PosixPermissions getPermissions(final boolean checkIds) t } } } - final boolean isOwner = checkIds && attrs.getUId() == getAbstractFileSystem().getUId(); - return new PosixPermissions(attrs.getPermissions(), isOwner, isInGroup); + boolean sameUser = attrs.getUId() == getAbstractFileSystem().getUId(); + boolean isRoot = getAbstractFileSystem().getUId() == ROOT_USER_ID; + final boolean isOwner = checkIds && sameUser; + return new PosixPermissions(attrs.getPermissions(), isOwner, isInGroup, isRoot); } /** diff --git a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/UserIsOwnerPosixPermissions.java b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/UserIsOwnerPosixPermissions.java index caece9bbe2..b2fb74c141 100644 --- a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/UserIsOwnerPosixPermissions.java +++ b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/UserIsOwnerPosixPermissions.java @@ -29,6 +29,6 @@ public class UserIsOwnerPosixPermissions extends PosixPermissions { * @param permissions permission bits. */ public UserIsOwnerPosixPermissions(final int permissions) { - super(permissions, true, true); + super(permissions, true, true, false); } } diff --git a/commons-vfs2/src/main/java/org/apache/commons/vfs2/util/PosixPermissions.java b/commons-vfs2/src/main/java/org/apache/commons/vfs2/util/PosixPermissions.java index 67cf31316b..2391b64b5a 100644 --- a/commons-vfs2/src/main/java/org/apache/commons/vfs2/util/PosixPermissions.java +++ b/commons-vfs2/src/main/java/org/apache/commons/vfs2/util/PosixPermissions.java @@ -112,17 +112,24 @@ public int getMask() { */ private final boolean isInGroup; + /** + * If the user is root. The user root has always read and write permissions. + */ + private final boolean isRoot; + /** * Creates a new PosixPermissions object. * * @param permissions The permissions * @param isOwner true if the user is the owner of the file * @param isInGroup true if the user is a group owner of the file + * @param isRoot true if the user is root */ - public PosixPermissions(final int permissions, final boolean isOwner, final boolean isInGroup) { + public PosixPermissions(final int permissions, final boolean isOwner, final boolean isInGroup, final boolean isRoot) { this.permissions = permissions; this.isOwner = isOwner; this.isInGroup = isInGroup; + this.isRoot = isRoot; } /** @@ -183,6 +190,9 @@ public boolean isExecutable() { * @return whether the permissions are readable. */ public boolean isReadable() { + if(this.isRoot) { + return true; + } if (this.isOwner) { return this.get(Type.UserReadable); } @@ -198,6 +208,9 @@ public boolean isReadable() { * @return whether the permissions are writable. */ public boolean isWritable() { + if(this.isRoot) { + return true; + } if (this.isOwner) { return this.get(Type.UserWritable); } From f2c7fb21f950c52e370c6e2a139fb10b2551fb7b Mon Sep 17 00:00:00 2001 From: Sven Nissel Date: Tue, 19 Apr 2022 23:10:54 +0200 Subject: [PATCH 2/3] Revert "VFS-818 root has read and write permissions also if he is not owner" This reverts commit 42f6ff6d04b675143b04cc8438b1a3dc30d27cae. --- .../vfs2/provider/sftp/SftpFileObject.java | 8 ++------ .../sftp/UserIsOwnerPosixPermissions.java | 2 +- .../commons/vfs2/util/PosixPermissions.java | 15 +-------------- 3 files changed, 4 insertions(+), 21 deletions(-) diff --git a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/SftpFileObject.java b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/SftpFileObject.java index e4c636009f..7093493f47 100644 --- a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/SftpFileObject.java +++ b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/SftpFileObject.java @@ -49,8 +49,6 @@ */ public class SftpFileObject extends AbstractFileObject { - private static final int ROOT_USER_ID = 0; - /** * An InputStream that monitors for end-of-file. */ @@ -473,10 +471,8 @@ protected synchronized PosixPermissions getPermissions(final boolean checkIds) t } } } - boolean sameUser = attrs.getUId() == getAbstractFileSystem().getUId(); - boolean isRoot = getAbstractFileSystem().getUId() == ROOT_USER_ID; - final boolean isOwner = checkIds && sameUser; - return new PosixPermissions(attrs.getPermissions(), isOwner, isInGroup, isRoot); + final boolean isOwner = checkIds && attrs.getUId() == getAbstractFileSystem().getUId(); + return new PosixPermissions(attrs.getPermissions(), isOwner, isInGroup); } /** diff --git a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/UserIsOwnerPosixPermissions.java b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/UserIsOwnerPosixPermissions.java index b2fb74c141..caece9bbe2 100644 --- a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/UserIsOwnerPosixPermissions.java +++ b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/sftp/UserIsOwnerPosixPermissions.java @@ -29,6 +29,6 @@ public class UserIsOwnerPosixPermissions extends PosixPermissions { * @param permissions permission bits. */ public UserIsOwnerPosixPermissions(final int permissions) { - super(permissions, true, true, false); + super(permissions, true, true); } } diff --git a/commons-vfs2/src/main/java/org/apache/commons/vfs2/util/PosixPermissions.java b/commons-vfs2/src/main/java/org/apache/commons/vfs2/util/PosixPermissions.java index 2391b64b5a..67cf31316b 100644 --- a/commons-vfs2/src/main/java/org/apache/commons/vfs2/util/PosixPermissions.java +++ b/commons-vfs2/src/main/java/org/apache/commons/vfs2/util/PosixPermissions.java @@ -112,24 +112,17 @@ public int getMask() { */ private final boolean isInGroup; - /** - * If the user is root. The user root has always read and write permissions. - */ - private final boolean isRoot; - /** * Creates a new PosixPermissions object. * * @param permissions The permissions * @param isOwner true if the user is the owner of the file * @param isInGroup true if the user is a group owner of the file - * @param isRoot true if the user is root */ - public PosixPermissions(final int permissions, final boolean isOwner, final boolean isInGroup, final boolean isRoot) { + public PosixPermissions(final int permissions, final boolean isOwner, final boolean isInGroup) { this.permissions = permissions; this.isOwner = isOwner; this.isInGroup = isInGroup; - this.isRoot = isRoot; } /** @@ -190,9 +183,6 @@ public boolean isExecutable() { * @return whether the permissions are readable. */ public boolean isReadable() { - if(this.isRoot) { - return true; - } if (this.isOwner) { return this.get(Type.UserReadable); } @@ -208,9 +198,6 @@ public boolean isReadable() { * @return whether the permissions are writable. */ public boolean isWritable() { - if(this.isRoot) { - return true; - } if (this.isOwner) { return this.get(Type.UserWritable); } From b92e4657937f39b38e0389cb8856f31fc7af19e9 Mon Sep 17 00:00:00 2001 From: Sven Nissel Date: Tue, 19 Apr 2022 23:15:17 +0200 Subject: [PATCH 3/3] VFS-818 try to read file also if the user has no permissions For example the user root can also read file with no permissions --- .../apache/commons/vfs2/provider/AbstractFileObject.java | 6 ------ 1 file changed, 6 deletions(-) diff --git a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/AbstractFileObject.java b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/AbstractFileObject.java index 6f66543589..831d8f2f28 100644 --- a/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/AbstractFileObject.java +++ b/commons-vfs2/src/main/java/org/apache/commons/vfs2/provider/AbstractFileObject.java @@ -1334,18 +1334,12 @@ public RandomAccessContent getRandomAccessContent(final RandomAccessMode mode) t if (!fileSystem.hasCapability(Capability.RANDOM_ACCESS_READ)) { throw new FileSystemException("vfs.provider/random-access-read-not-supported.error"); } - if (!isReadable()) { - throw new FileSystemException("vfs.provider/read-not-readable.error", fileName); - } } if (mode.requestWrite()) { if (!fileSystem.hasCapability(Capability.RANDOM_ACCESS_WRITE)) { throw new FileSystemException("vfs.provider/random-access-write-not-supported.error"); } - if (!isWriteable()) { - throw new FileSystemException("vfs.provider/write-read-only.error", fileName); - } } // Get the raw input stream