87 sm.checkPermission(new RuntimePermission("accessUserInformation"));
88 }
89 }
90
91 /**
92 * Encode the ACL to the given buffer
93 */
94 private static void encode(List<AclEntry> acl, long address) {
95 long offset = address;
96 for (AclEntry ace: acl) {
97 int flags = 0;
98
99 // map UserPrincipal to uid and flags
100 UserPrincipal who = ace.principal();
101 if (!(who instanceof UnixUserPrincipals.User))
102 throw new ProviderMismatchException();
103 UnixUserPrincipals.User user = (UnixUserPrincipals.User)who;
104 int uid;
105 if (user.isSpecial()) {
106 uid = -1;
107 if (who.getName().equals(UnixUserPrincipals.SPECIAL_OWNER.getName()))
108 flags |= ACE_OWNER;
109 else if (who.getName().equals(UnixUserPrincipals.SPECIAL_GROUP.getName()))
110 flags |= ACE_GROUP;
111 else if (who.getName().equals(UnixUserPrincipals.SPECIAL_EVERYONE.getName()))
112 flags |= ACE_EVERYONE;
113 else
114 throw new AssertionError("Unable to map special identifier");
115 } else {
116 if (user instanceof UnixUserPrincipals.Group) {
117 uid = user.gid();
118 flags |= ACE_IDENTIFIER_GROUP;
119 } else {
120 uid = user.uid();
121 }
122 }
123
124 // map ACE type
125 int type;
126 switch (ace.type()) {
127 case ALLOW:
128 type = ACE_ACCESS_ALLOWED_ACE_TYPE;
129 break;
130 case DENY:
131 type = ACE_ACCESS_DENIED_ACE_TYPE;
264 if ((mask & ACE_WRITE_ATTRIBUTES) > 0)
265 aceMask.add(AclEntryPermission.WRITE_ATTRIBUTES);
266 if ((mask & ACE_DELETE) > 0)
267 aceMask.add(AclEntryPermission.DELETE);
268 if ((mask & ACE_READ_ACL) > 0)
269 aceMask.add(AclEntryPermission.READ_ACL);
270 if ((mask & ACE_WRITE_ACL) > 0)
271 aceMask.add(AclEntryPermission.WRITE_ACL);
272 if ((mask & ACE_WRITE_OWNER) > 0)
273 aceMask.add(AclEntryPermission.WRITE_OWNER);
274 if ((mask & ACE_SYNCHRONIZE) > 0)
275 aceMask.add(AclEntryPermission.SYNCHRONIZE);
276
277 HashSet<AclEntryFlag> aceFlags = new HashSet<AclEntryFlag>();
278 if ((flags & ACE_FILE_INHERIT_ACE) > 0)
279 aceFlags.add(AclEntryFlag.FILE_INHERIT);
280 if ((flags & ACE_DIRECTORY_INHERIT_ACE) > 0)
281 aceFlags.add(AclEntryFlag.DIRECTORY_INHERIT);
282 if ((flags & ACE_NO_PROPAGATE_INHERIT_ACE) > 0)
283 aceFlags.add(AclEntryFlag.NO_PROPAGATE_INHERIT);
284 if ((flags & ACE_INHERIT_ONLY_ACE ) > 0)
285 aceFlags.add(AclEntryFlag.INHERIT_ONLY);
286
287 // build the ACL entry and add it to the list
288 AclEntry ace = AclEntry.newBuilder()
289 .setType(aceType)
290 .setPrincipal(who)
291 .setPermissions(aceMask).setFlags(aceFlags).build();
292 acl.add(ace);
293 }
294
295 return acl;
296 }
297
298 // Retrns true if NFSv4 ACLs not enabled on file system
299 private static boolean isAclsEnabled(int fd) {
300 try {
301 long enabled = fpathconf(fd, _PC_ACL_ENABLED);
302 if (enabled == _ACL_ACE_ENABLED)
303 return true;
304 } catch (UnixException x) {
|
87 sm.checkPermission(new RuntimePermission("accessUserInformation"));
88 }
89 }
90
91 /**
92 * Encode the ACL to the given buffer
93 */
94 private static void encode(List<AclEntry> acl, long address) {
95 long offset = address;
96 for (AclEntry ace: acl) {
97 int flags = 0;
98
99 // map UserPrincipal to uid and flags
100 UserPrincipal who = ace.principal();
101 if (!(who instanceof UnixUserPrincipals.User))
102 throw new ProviderMismatchException();
103 UnixUserPrincipals.User user = (UnixUserPrincipals.User)who;
104 int uid;
105 if (user.isSpecial()) {
106 uid = -1;
107 if (who == UnixUserPrincipals.SPECIAL_OWNER)
108 flags |= ACE_OWNER;
109 else if (who == UnixUserPrincipals.SPECIAL_GROUP)
110 flags |= (ACE_GROUP | ACE_IDENTIFIER_GROUP);
111 else if (who == UnixUserPrincipals.SPECIAL_EVERYONE)
112 flags |= ACE_EVERYONE;
113 else
114 throw new AssertionError("Unable to map special identifier");
115 } else {
116 if (user instanceof UnixUserPrincipals.Group) {
117 uid = user.gid();
118 flags |= ACE_IDENTIFIER_GROUP;
119 } else {
120 uid = user.uid();
121 }
122 }
123
124 // map ACE type
125 int type;
126 switch (ace.type()) {
127 case ALLOW:
128 type = ACE_ACCESS_ALLOWED_ACE_TYPE;
129 break;
130 case DENY:
131 type = ACE_ACCESS_DENIED_ACE_TYPE;
264 if ((mask & ACE_WRITE_ATTRIBUTES) > 0)
265 aceMask.add(AclEntryPermission.WRITE_ATTRIBUTES);
266 if ((mask & ACE_DELETE) > 0)
267 aceMask.add(AclEntryPermission.DELETE);
268 if ((mask & ACE_READ_ACL) > 0)
269 aceMask.add(AclEntryPermission.READ_ACL);
270 if ((mask & ACE_WRITE_ACL) > 0)
271 aceMask.add(AclEntryPermission.WRITE_ACL);
272 if ((mask & ACE_WRITE_OWNER) > 0)
273 aceMask.add(AclEntryPermission.WRITE_OWNER);
274 if ((mask & ACE_SYNCHRONIZE) > 0)
275 aceMask.add(AclEntryPermission.SYNCHRONIZE);
276
277 HashSet<AclEntryFlag> aceFlags = new HashSet<AclEntryFlag>();
278 if ((flags & ACE_FILE_INHERIT_ACE) > 0)
279 aceFlags.add(AclEntryFlag.FILE_INHERIT);
280 if ((flags & ACE_DIRECTORY_INHERIT_ACE) > 0)
281 aceFlags.add(AclEntryFlag.DIRECTORY_INHERIT);
282 if ((flags & ACE_NO_PROPAGATE_INHERIT_ACE) > 0)
283 aceFlags.add(AclEntryFlag.NO_PROPAGATE_INHERIT);
284 if ((flags & ACE_INHERIT_ONLY_ACE) > 0)
285 aceFlags.add(AclEntryFlag.INHERIT_ONLY);
286
287 // build the ACL entry and add it to the list
288 AclEntry ace = AclEntry.newBuilder()
289 .setType(aceType)
290 .setPrincipal(who)
291 .setPermissions(aceMask).setFlags(aceFlags).build();
292 acl.add(ace);
293 }
294
295 return acl;
296 }
297
298 // Retrns true if NFSv4 ACLs not enabled on file system
299 private static boolean isAclsEnabled(int fd) {
300 try {
301 long enabled = fpathconf(fd, _PC_ACL_ENABLED);
302 if (enabled == _ACL_ACE_ENABLED)
303 return true;
304 } catch (UnixException x) {
|