From 7f4abff9d8eab658998bdd97fb63d482bb34fca0 Mon Sep 17 00:00:00 2001 From: Ishank Arora Date: Thu, 14 Oct 2021 16:37:03 +0200 Subject: [PATCH] Inherit ACLs for files from parent directories (#2174) --- changelog/unreleased/eos-file-perms.md | 3 +++ pkg/eosclient/eosbinary/eosbinary.go | 24 +++++++++++++++++++++--- pkg/eosclient/eosgrpc/eosgrpc.go | 17 +++++++++++++++-- 3 files changed, 39 insertions(+), 5 deletions(-) create mode 100644 changelog/unreleased/eos-file-perms.md diff --git a/changelog/unreleased/eos-file-perms.md b/changelog/unreleased/eos-file-perms.md new file mode 100644 index 0000000000..f3c950078e --- /dev/null +++ b/changelog/unreleased/eos-file-perms.md @@ -0,0 +1,3 @@ +Enhancement: Inherit ACLs for files from parent directories + +https://github.com/cs3org/reva/pull/2174 \ No newline at end of file diff --git a/pkg/eosclient/eosbinary/eosbinary.go b/pkg/eosclient/eosbinary/eosbinary.go index 6339962de2..ac5e4dff4b 100644 --- a/pkg/eosclient/eosbinary/eosbinary.go +++ b/pkg/eosclient/eosbinary/eosbinary.go @@ -462,7 +462,7 @@ func (c *Client) GetFileInfoByInode(ctx context.Context, auth eosclient.Authoriz info.Inode = inode } - return info, nil + return c.mergeParentACLsForFiles(ctx, auth, info), nil } // GetFileInfoByFXID returns the FileInfo by the given file id in hexadecimal @@ -472,7 +472,13 @@ func (c *Client) GetFileInfoByFXID(ctx context.Context, auth eosclient.Authoriza if err != nil { return nil, err } - return c.parseFileInfo(stdout) + + info, err := c.parseFileInfo(stdout) + if err != nil { + return nil, err + } + + return c.mergeParentACLsForFiles(ctx, auth, info), nil } // GetFileInfoByPath returns the FilInfo at the given path @@ -493,7 +499,19 @@ func (c *Client) GetFileInfoByPath(ctx context.Context, auth eosclient.Authoriza } } - return info, nil + return c.mergeParentACLsForFiles(ctx, auth, info), nil +} + +func (c *Client) mergeParentACLsForFiles(ctx context.Context, auth eosclient.Authorization, info *eosclient.FileInfo) *eosclient.FileInfo { + // We need to inherit the ACLs for the parent directory as these are not available for files + if !info.IsDir { + parentInfo, err := c.GetFileInfoByPath(ctx, auth, path.Dir(info.File)) + // Even if this call fails, at least return the current file object + if err == nil { + info.SysACL.Entries = append(info.SysACL.Entries, parentInfo.SysACL.Entries...) + } + } + return info } // SetAttr sets an extended attributes on a path. diff --git a/pkg/eosclient/eosgrpc/eosgrpc.go b/pkg/eosclient/eosgrpc/eosgrpc.go index 9693b6013b..a85ec28f41 100644 --- a/pkg/eosclient/eosgrpc/eosgrpc.go +++ b/pkg/eosclient/eosgrpc/eosgrpc.go @@ -485,7 +485,19 @@ func (c *Client) GetFileInfoByInode(ctx context.Context, auth eosclient.Authoriz } log.Debug().Str("func", "GetFileInfoByInode").Uint64("inode", inode).Msg("") - return info, nil + return c.mergeParentACLsForFiles(ctx, auth, info), nil +} + +func (c *Client) mergeParentACLsForFiles(ctx context.Context, auth eosclient.Authorization, info *eosclient.FileInfo) *eosclient.FileInfo { + // We need to inherit the ACLs for the parent directory as these are not available for files + if !info.IsDir { + parentInfo, err := c.GetFileInfoByPath(ctx, auth, path.Dir(info.File)) + // Even if this call fails, at least return the current file object + if err == nil { + info.SysACL.Entries = append(info.SysACL.Entries, parentInfo.SysACL.Entries...) + } + } + return info } // SetAttr sets an extended attributes on a path. @@ -627,7 +639,8 @@ func (c *Client) GetFileInfoByPath(ctx context.Context, auth eosclient.Authoriza } info.Inode = inode } - return info, nil + + return c.mergeParentACLsForFiles(ctx, auth, info), nil } // GetFileInfoByFXID returns the FileInfo by the given file id in hexadecimal