Ophestra
e68db7fbfc
All checks were successful
Test / Create distribution (push) Successful in 52s
Test / Sandbox (push) Successful in 3m30s
Test / Hakurei (push) Successful in 5m40s
Test / Sandbox (race detector) (push) Successful in 6m30s
Test / Hpkg (push) Successful in 7m21s
Test / Hakurei (race detector) (push) Successful in 3m22s
Test / Flake checks (push) Successful in 2m2s
None of these are valid with their zero value, and the implementations assume they are created by the builder methods. They are by all means an implementation detail and exporting them makes no sense. Signed-off-by: Ophestra <cat@gensokyo.uk>
68 lines
1.6 KiB
Go
68 lines
1.6 KiB
Go
package system
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"os"
|
|
"slices"
|
|
|
|
"hakurei.app/system/acl"
|
|
)
|
|
|
|
// UpdatePerm calls UpdatePermType with the [Process] criteria.
|
|
func (sys *I) UpdatePerm(path string, perms ...acl.Perm) *I {
|
|
sys.UpdatePermType(Process, path, perms...)
|
|
return sys
|
|
}
|
|
|
|
// UpdatePermType maintains [acl.Perms] on a file until its [Enablement] is no longer satisfied.
|
|
func (sys *I) UpdatePermType(et Enablement, path string, perms ...acl.Perm) *I {
|
|
sys.ops = append(sys.ops, &aclUpdateOp{et, path, perms})
|
|
return sys
|
|
}
|
|
|
|
// aclUpdateOp implements [I.UpdatePermType].
|
|
type aclUpdateOp struct {
|
|
et Enablement
|
|
path string
|
|
perms acl.Perms
|
|
}
|
|
|
|
func (a *aclUpdateOp) Type() Enablement { return a.et }
|
|
|
|
func (a *aclUpdateOp) apply(sys *I) error {
|
|
sys.verbose("applying ACL", a)
|
|
return newOpError("acl", sys.aclUpdate(a.path, sys.uid, a.perms...), false)
|
|
}
|
|
|
|
func (a *aclUpdateOp) revert(sys *I, ec *Criteria) error {
|
|
if ec.hasType(a.Type()) {
|
|
sys.verbose("stripping ACL", a)
|
|
err := sys.aclUpdate(a.path, sys.uid)
|
|
if errors.Is(err, os.ErrNotExist) {
|
|
// the ACL is effectively stripped if the file no longer exists
|
|
sys.verbosef("target of ACL %s no longer exists", a)
|
|
err = nil
|
|
}
|
|
return newOpError("acl", err, true)
|
|
} else {
|
|
sys.verbose("skipping ACL", a)
|
|
return nil
|
|
}
|
|
}
|
|
|
|
func (a *aclUpdateOp) Is(o Op) bool {
|
|
target, ok := o.(*aclUpdateOp)
|
|
return ok && a != nil && target != nil &&
|
|
a.et == target.et &&
|
|
a.path == target.path &&
|
|
slices.Equal(a.perms, target.perms)
|
|
}
|
|
|
|
func (a *aclUpdateOp) Path() string { return a.path }
|
|
|
|
func (a *aclUpdateOp) String() string {
|
|
return fmt.Sprintf("%s type: %s path: %q",
|
|
a.perms, TypeString(a.et), a.path)
|
|
}
|