cap_primitives/fs/
access.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
//! Access test functions.

use crate::fs::{access_impl, FollowSymlinks};
#[cfg(racy_asserts)]
use crate::fs::{access_unchecked, file_path};
use std::path::Path;
use std::{fs, io};

/// Access modes for use with [`DirExt::access`].
#[derive(Clone, Copy, Debug)]
pub struct AccessModes {
    /// Is the object readable?
    pub readable: bool,
    /// Is the object writable?
    pub writable: bool,
    /// Is the object executable?
    pub executable: bool,
}

/// Access modes for use with [`DirExt::access`].
#[derive(Clone, Copy, Debug)]
pub enum AccessType {
    /// Test whether the named object is accessible in the given modes.
    Access(AccessModes),

    /// Test whether the named object exists.
    Exists,
}

/// Canonicalize the given path, ensuring that the resolution of the path never
/// escapes the directory tree rooted at `start`.
#[cfg_attr(not(racy_asserts), allow(clippy::let_and_return))]
pub fn access(
    start: &fs::File,
    path: &Path,
    type_: AccessType,
    follow: FollowSymlinks,
) -> io::Result<()> {
    // Call the underlying implementation.
    let result = access_impl(start, path, type_, follow);

    #[cfg(racy_asserts)]
    let unchecked = access_unchecked(start, path, type_, follow);

    #[cfg(racy_asserts)]
    check_access(start, path, type_, follow, &result, &unchecked);

    result
}

#[cfg(racy_asserts)]
#[allow(clippy::enum_glob_use)]
fn check_access(
    start: &fs::File,
    path: &Path,
    _type_: AccessType,
    _follow: FollowSymlinks,
    result: &io::Result<()>,
    unchecked: &io::Result<()>,
) {
    use io::ErrorKind::*;

    match (map_result(result), map_result(stat)) {
        (Ok(()), Ok(())) => {}

        (Err((PermissionDenied, message)), _) => {
            // TODO: Check that access in the no-follow case got the right
            // error.
        }

        (Err((kind, message)), Err((unchecked_kind, unchecked_message))) => {
            assert_eq!(kind, unchecked_kind);
            assert_eq!(
                message,
                unchecked_message,
                "start='{:?}', path='{:?}'",
                start,
                path.display()
            );
        }

        other => panic!(
            "unexpected result from access start='{:?}', path='{}':\n{:#?}",
            start,
            path.display(),
            other,
        ),
    }
}