Class FilePermissionHelper


  • public class FilePermissionHelper
    extends java.lang.Object
    A helper class for performing basic Unix file permission checks.

    This class is intended to provide simple permission validation and modification for specific files, such as private keys and proxy certificates. It relies on executing system commands to fetch and update file permissions.

    Note: This implementation is a workaround until proper support for POSIX file permissions is available in Java.

    • Field Detail

      • PRIVATE_KEY_PERMS_STR

        public static final java.lang.String PRIVATE_KEY_PERMS_STR
        String representation of private key required permissions.
      • LS_CMD_TEMPLATE

        public static final java.lang.String LS_CMD_TEMPLATE
        The command used to retrieve file permissions for a given file
        See Also:
        Constant Field Values
      • CHMOD_CMD_TEMPLATE

        public static final java.lang.String CHMOD_CMD_TEMPLATE
        The command used to set file permissions on a given file
        See Also:
        Constant Field Values
    • Constructor Detail

      • FilePermissionHelper

        public FilePermissionHelper()
    • Method Detail

      • checkProxyPermissions

        public static void checkProxyPermissions​(java.lang.String proxyFile)
                                          throws java.io.IOException
        Checks whether a proxy file has the right permissions
        Parameters:
        proxyFile - the file to be checked
        Throws:
        java.io.IOException - if an error occurs checking file attributes
        FilePermissionError - if permissions are not as expected
      • checkPrivateKeyPermissions

        public static void checkPrivateKeyPermissions​(java.lang.String privateKeyFile)
                                               throws java.io.IOException
        Checks whether a private key file has the 'right' permissions
        Parameters:
        privateKeyFile - the file to be checked
        Throws:
        java.io.IOException - if an error occurs checking file attributes
        FilePermissionError - if the permissions are not correct
      • checkPKCS12Permissions

        public static void checkPKCS12Permissions​(java.lang.String pkcs12File)
                                           throws java.io.IOException
        Checks whether a pkcs12 file has the 'right' permissions
        Parameters:
        pkcs12File - the file to be checked
        Throws:
        java.io.IOException - if an error occurs checking file attributes
        FilePermissionError - if the permissions are not correct
      • matchesFilePermissions

        public static void matchesFilePermissions​(java.lang.String filename,
                                                  FilePermissionHelper.PosixFilePermission expectedPerm)
                                           throws java.io.IOException
        Checks that a given file has the appropriate unix permissions. This naive implementation just fetches the output of ls -al on a given file and matches the resulting string with the permissionString passed as argument. So the permissionString must be something like:
         -rw-------
         
        Parameters:
        filename - the filename to be checked
        expectedPerm - the permission string that must be matched
        Throws:
        java.io.IOException - if an error occurs checking file attributes
        FilePermissionError - if file permissions are not as requested
      • filenameSanityChecks

        private static void filenameSanityChecks​(java.lang.String filename)
      • getFilePermissions

        private static java.lang.String getFilePermissions​(java.lang.String filename)
      • setProxyPermissions

        public static void setProxyPermissions​(java.lang.String filename)
        Sets the default POSIX permissions on a proxy identified by filename.
        Parameters:
        filename - the file to modify
      • setPKCS12Permissions

        public static void setPKCS12Permissions​(java.lang.String filename)
        Sets the default POSIX permissions on a p12 identified by filename.
        Parameters:
        filename - the file to modify
      • setPrivateKeyPermissions

        public static void setPrivateKeyPermissions​(java.lang.String filename)
        Sets the default POSIX permissions on a private key identified by filename.
        Parameters:
        filename - the file to modify
      • setFilePermissions

        public static void setFilePermissions​(java.lang.String filename,
                                              FilePermissionHelper.PosixFilePermission perm)
        Sets the specified POSIX permissions on a file.
        Parameters:
        filename - the file to modify
        perm - the permissions to apply