summaryrefslogtreecommitdiff
path: root/pkg/permissions.go
blob: 2bd73a986bd209ca90fe40bc87f151da36053032 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
package gonf

import (
	"errors"
	"io/fs"
	"os"
	"os/user"
	"strconv"
	"syscall"
)

type Permissions struct {
	group Value
	mode  Value
	user  Value
}

func ModeUserGroup(mode, user, group interface{}) *Permissions {
	return &Permissions{
		group: interfaceToTemplateValue(group),
		mode:  interfaceToTemplateValue(mode),
		user:  interfaceToTemplateValue(user),
	}
}

func (p *Permissions) resolve(filename string) (Status, error) {
	g, ok := p.group.(*IntValue)
	if !ok {
		if group, err := user.LookupGroup(p.group.String()); err != nil {
			return BROKEN, err
		} else {
			if groupId, err := strconv.Atoi(group.Gid); err != nil {
				return BROKEN, err
			} else {
				g = &IntValue{groupId}
				p.group = g
			}
		}
	}
	m, ok := p.mode.(*IntValue)
	if !ok {
		if i, err := strconv.Atoi(p.mode.String()); err != nil {
			return BROKEN, err
		} else {
			m = &IntValue{i}
			p.mode = m
		}
	}
	u, ok := p.user.(*IntValue)
	if !ok {
		if user, err := user.Lookup(p.user.String()); err != nil {
			return BROKEN, err
		} else {
			if userId, err := strconv.Atoi(user.Uid); err != nil {
				return BROKEN, err
			} else {
				u = &IntValue{userId}
				p.group = u
			}
		}
	}
	var status Status = KEPT
	if fileInfo, err := os.Lstat(filename); err != nil {
		return BROKEN, err
	} else {
		gv := g.Int()
		mv := fs.FileMode(m.Int())
		uv := u.Int()
		if fileInfo.Mode() != mv {
			if err := os.Chmod(filename, mv); err != nil {
				return BROKEN, err
			}
			status = REPAIRED
		}
		if stat, ok := fileInfo.Sys().(*syscall.Stat_t); ok {
			if stat.Gid != uint32(gv) || stat.Uid != uint32(uv) {
				if err := os.Chown(filename, uv, gv); err != nil {
					return BROKEN, err
				}
				status = REPAIRED
			}
		} else {
			return BROKEN, errors.New("Unsupported operating system")
		}
		_ = gv
		_ = uv
	}
	return status, nil
}