Merge pull request #242 from pdowler/master

cavern: fix inheritPermissions prop usage
opencadc · Jun 10, 2024 · 5e5bd8b · 5e5bd8b
2 parents 62bafc8 + 5543f4b
commit 5e5bd8b
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 29 deletions.
diff --git a/cadc-test-vos/build.gradle b/cadc-test-vos/build.gradle
@@ -12,11 +12,11 @@ repositories {
 
 apply from: '../opencadc.gradle'
 
-sourceCompatibility = 1.8
+sourceCompatibility = 11 
 
 group = 'org.opencadc'
 
-version = '2.1.9'
+version = '2.1.10'
 
 description = 'OpenCADC VOSpace test library'
 def git_url = 'https://github.com/opencadc/vos'

diff --git a/cadc-vos-client/build.gradle b/cadc-vos-client/build.gradle
@@ -13,11 +13,11 @@ repositories {
 
 apply from: '../opencadc.gradle'
 
-sourceCompatibility = 1.8
+sourceCompatibility = 11
 
 group = 'org.opencadc'
 
-version = '2.0.4'
+version = '2.0.5'
 
 description = 'OpenCADC VOSpace client library'
 def git_url = 'https://github.com/opencadc/vos'

diff --git a/cadc-vos-server/build.gradle b/cadc-vos-server/build.gradle
@@ -12,11 +12,11 @@ repositories {
 
 apply from: '../opencadc.gradle'
 
-sourceCompatibility = 1.8
+sourceCompatibility = 11 
 
 group = 'org.opencadc'
 
-version = '2.0.15'
+version = '2.0.16'
 
 description = 'OpenCADC VOSpace server'
 def git_url = 'https://github.com/opencadc/vos'

diff --git a/cavern/VERSION b/cavern/VERSION
@@ -1,6 +1,6 @@
 ## deployable containers have a semantic and build tag
 # semantic version tag: major.minor
 # build version tag: timestamp
-VER=0.7.7
+VER=0.7.8
 TAGS="${VER} ${VER}-$(date -u +"%Y%m%dT%H%M%S")"
 unset VER
diff --git a/cavern/src/main/java/org/opencadc/cavern/CavernConfig.java b/cavern/src/main/java/org/opencadc/cavern/CavernConfig.java
@@ -3,7 +3,7 @@
  *******************  CANADIAN ASTRONOMY DATA CENTRE  *******************
  **************  CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES  **************
  *
- *  (c) 2023.                            (c) 2023.
+ *  (c) 2024.                            (c) 2024.
  *  Government of Canada                 Gouvernement du Canada
  *  National Research Council            Conseil national de recherches
  *  Ottawa, Canada, K1A 0R6              Ottawa, Canada, K1A 0R6
@@ -76,6 +76,7 @@
 import ca.nrc.cadc.util.InvalidConfigException;
 import ca.nrc.cadc.util.MultiValuedProperties;
 import ca.nrc.cadc.util.PropertiesReader;
+import ca.nrc.cadc.util.StringUtil;
 import java.io.File;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.InvocationTargetException;
@@ -85,8 +86,6 @@
 import java.util.ArrayList;
 import java.util.List;
 import javax.security.auth.Subject;
-
-import ca.nrc.cadc.util.StringUtil;
 import org.apache.log4j.Logger;
 import org.opencadc.cavern.nodes.NoQuotaPlugin;
 import org.opencadc.cavern.nodes.QuotaPlugin;

diff --git a/cavern/src/main/java/org/opencadc/cavern/nodes/NodeUtil.java b/cavern/src/main/java/org/opencadc/cavern/nodes/NodeUtil.java
@@ -135,6 +135,7 @@ class NodeUtil {
             VOS.PROPERTY_URI_DATE,
             VOS.PROPERTY_URI_GROUPREAD,
             VOS.PROPERTY_URI_GROUPWRITE,
+            VOS.PROPERTY_URI_INHERIT_PERMISSIONS, // presence of default ACLs
             VOS.PROPERTY_URI_ISLOCKED, // but not supported
             VOS.PROPERTY_URI_ISPUBLIC,
             VOS.PROPERTY_URI_QUOTA
@@ -533,18 +534,17 @@ Node pathToNode(Path p, boolean getAttrs)
         ret.getProperties().add(new NodeProperty(VOS.PROPERTY_URI_DATE, df.format(modified)));
 
         if (getAttrs && !attrs.isSymbolicLink()) {
-            Map<String,String> uda = ExtendedFileAttributes.getAttributes(p);
+            Map<String,String> uda = ExtendedFileAttributes.getAttributes(p); // no namespace: user attrs
             for (Map.Entry<String,String> me : uda.entrySet()) {
                 try {
                     URI pk = new URI(me.getKey());
                     log.debug("found prop: " + pk + " = " + me.getValue());
-                    if (VOS.PROPERTY_URI_INHERIT_PERMISSIONS.equals(pk)) {
-                        if (ret instanceof ContainerNode) {
-                            ContainerNode cn = (ContainerNode) ret;
-                            cn.inheritPermissions = Boolean.parseBoolean(me.getValue());
-                        } else {
-                            log.error("found " + VOS.PROPERTY_URI_INHERIT_PERMISSIONS + " on a " + ret.getClass().getSimpleName());
-                        }
+                    // check if this prop should not be set and fix
+                    // could happen is user set it manually or it was not in the restructed set
+                    // in a previous version
+                    if (FILESYSTEM_PROPS.contains(pk)) {
+                        ExtendedFileAttributes.setFileAttribute(p, pk.toASCIIString(), null);
+                        log.debug("removed bogus user prop: " + pk.toASCIIString() + " from " + p);
                     } else {
                         ret.getProperties().add(new NodeProperty(pk, me.getValue()));
                     }
@@ -557,27 +557,22 @@ Node pathToNode(Path p, boolean getAttrs)
 
             Long quota = quotaImpl.getQuota(p);
             if (quota != null) {
-                // This quota takes precedence.
-                ret.getProperties().remove(new NodeProperty(VOS.PROPERTY_URI_QUOTA));
                 ret.getProperties().add(new NodeProperty(VOS.PROPERTY_URI_QUOTA, quota.toString()));
             }
 
             boolean isDir = (ret instanceof ContainerNode);
             AclCommandExecutor acl = new AclCommandExecutor(p, isDir);
 
-            // backwards compat: check for default ACLs and assume inheritPermission is true
+            // check for default ACLs aka inheritPermissions
             if (ret instanceof ContainerNode) {
                 ContainerNode cn = (ContainerNode) ret;
-                if (cn.inheritPermissions == null || !cn.inheritPermissions) {
-                    // check for inconsistency with default ACLs
-                    Set<Integer> dro = acl.getReadOnlyACL(true);
-                    Set<Integer> drw = acl.getReadWriteACL(true);
-                    cn.inheritPermissions = !dro.isEmpty() || !drw.isEmpty();
-                    log.debug("default ACLs imply inheritPermissions==" + cn.inheritPermissions);
-                }
+                // check for inconsistency with default ACLs
+                Set<Integer> dro = acl.getReadOnlyACL(true);
+                Set<Integer> drw = acl.getReadWriteACL(true);
+                cn.inheritPermissions = !dro.isEmpty() || !drw.isEmpty();
+                log.debug("default ACLs imply inheritPermissions==" + cn.inheritPermissions);
             }
 
-
             // TODO: could collect all gids from read-only and read-write and prime the gid cache in 1 call instead of 2
             Set<Integer> rogids = acl.getReadOnlyACL();
             if (!rogids.isEmpty()) {