/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package org.apache.tools.ant.taskdefs;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.DosFileAttributeView;
import java.nio.file.attribute.PosixFilePermission;
import java.util.Arrays;
import java.util.EnumSet;
import java.util.Set;
import org.apache.tools.ant.BuildException;
import org.apache.tools.ant.Project;
import org.apache.tools.ant.Task;
import org.apache.tools.ant.types.Resource;
import org.apache.tools.ant.types.ResourceCollection;
import org.apache.tools.ant.types.resources.Resources;
import org.apache.tools.ant.util.PermissionUtils;
import org.apache.tools.ant.util.StringUtils;
/**
* Sets {@link PosixFilePermission}s for resources.
*
* <p>This task provides a subset of {@link Chmod}'s and {@link
* org.apache.tools.ant.taskdefs.optional.windows.Attrib}'s abilities
* in less platform dependent way.</p>
*
* <p>It requires a file system that supports PosixFilePermissions for
* its full potential. It can optionally fall back to
* DosFilePermissions (only changing the readonly state) on file
* systems that don't support POSIX permissions. See {@link
* SetPermissions.NonPosixMode}</p>
*
* @since Ant 1.10.0
*/
public class SetPermissions extends Task {
private final Set<PosixFilePermission> permissions =
EnumSet.noneOf(PosixFilePermission.class);
private Resources resources = null;
private boolean failonerror = true;
private NonPosixMode nonPosixMode = NonPosixMode.fail;
/**
* Options for dealing with file systems that don't support POSIX
* permissions.
*/
public enum NonPosixMode {
/** Fail the build. */
fail,
/** Log an error and go on. */
pass,
/**
* Try DosFilePermissions - setting the read-only flag - and
* fail the build if that fails as well.
*/
tryDosOrFail,
/**
* Try DosFilePermissions - setting the read-only flag - and
* log an error and go on if that fails as well.
*/
tryDosOrPass;
}
/**
* Adds permissions as a comma separated list.
* @param perms comma separated list of names of {@link PosixFilePermission}s.
*/
public void setPermissions(String perms) {
if (perms != null) {
Arrays.stream(perms.split(",")) //NOSONAR
.map(String::trim)
.filter(s -> !s.isEmpty())
.map(s -> Enum.valueOf(PosixFilePermission.class, s))
.forEach(permissions::add);
}
}
/**
* A 3 digit octal string, specify the user, group and
* other modes in the standard Unix fashion;
* @param octalString a <code>String</code> value
*/
public void setMode(String octalString) {
int mode = Integer.parseInt(octalString, 8);
permissions.addAll(PermissionUtils.permissionsFromMode(mode));
}
/**
* Set whether to fail when errors are encountered. If false, note errors
* to the output but keep going. Default is true.
* <p>Only applies to IO and SecurityExceptions, see {@link
* #setNonPosixMode} for ways to deal with file-systems that don't
* support PosixPermissions.</p>
* @param failonerror true or false.
*/
public void setFailOnError(final boolean failonerror) {
this.failonerror = failonerror;
}
/**
* Set what to do if changing the permissions of a file is not
* possible because the file-system doesn't support POSIX file
* permissions.
* <p>The default is {@link NonPosixMode#fail}.</p>
* @param m what to do if changing the permissions of a file is not possible
*/
public void setNonPosixMode(NonPosixMode m) {
this.nonPosixMode = m;
}
/**
* Adds a collection of resources to set permissions on.
* @param rc a resource collection
*/
public void add(ResourceCollection rc) {
if (resources == null) {
resources = new Resources();
}
resources.add(rc);
}
@Override
public void execute() {
if (resources == null) {
throw new BuildException("At least one resource-collection is required");
}
Resource currentResource = null;
try {
for (Resource r : resources) {
currentResource = r;
try {
PermissionUtils.setPermissions(r, permissions, this::posixPermissionsNotSupported);
} catch (IOException ioe) {
maybeThrowException(ioe, "Failed to set permissions on '%s' due to %s", r, ioe.getMessage());
}
}
} catch (ClassCastException cce) {
maybeThrowException(null,
"some specified permissions are not of type PosixFilePermission: %s",
StringUtils.join(permissions, ", "));
} catch (SecurityException se) {
maybeThrowException(null,
"the SecurityManager denies role accessUserInformation or write access for SecurityManager.checkWrite for resource '%s'",
currentResource);
} catch (BuildException be) {
// maybe thrown by callback method this::posixPermissionsNotSupported.
maybeThrowException(be, be.getMessage());
}
}
private void maybeThrowException(Exception exc, String msgFormat, Object... msgArgs) {
String msg = String.format(msgFormat, msgArgs);
if (failonerror) {
if (exc instanceof BuildException) {
throw (BuildException) exc;
}
throw new BuildException(msg, exc);
}
log("Warning: " + msg, Project.MSG_ERR);
}
private void posixPermissionsNotSupported(Path p) {
String msg = String.format(
"the associated path '%s' does not support the PosixFileAttributeView",
p);
switch (nonPosixMode) {
case fail:
throw new BuildException(msg);
case pass:
log("Warning: " + msg, Project.MSG_ERR);
break;
case tryDosOrFail:
tryDos(p, true);
break;
case tryDosOrPass:
tryDos(p, false);
break;
}
}
private void tryDos(Path p, boolean failIfDosIsNotSupported) {
log("Falling back to DosFileAttributeView");
boolean readOnly = !isWritable();
DosFileAttributeView view = Files.getFileAttributeView(p, DosFileAttributeView.class);
if (view != null) {
try {
view.setReadOnly(readOnly);
} catch (IOException ioe) {
maybeThrowException(ioe, "Failed to set permissions on '%s' due to %s",
p, ioe.getMessage());
} catch (SecurityException uoe) {
maybeThrowException(null,
"the SecurityManager denies role accessUserInformation or write access for SecurityManager.checkWrite for resource '%s'",
p);
}
} else {
String msg = String.format(
"the associated path '%s' does not support the DosFileAttributeView",
p);
if (failIfDosIsNotSupported) {
throw new BuildException(msg);
}
log("Warning: " + msg, Project.MSG_ERR);
}
}
private boolean isWritable() {
return permissions.contains(PosixFilePermission.OWNER_WRITE)
|| permissions.contains(PosixFilePermission.GROUP_WRITE)
|| permissions.contains(PosixFilePermission.OTHERS_WRITE);
}
}