|
| 1 | +/* |
| 2 | + * Licensed to Elasticsearch under one or more contributor |
| 3 | + * license agreements. See the NOTICE file distributed with |
| 4 | + * this work for additional information regarding copyright |
| 5 | + * ownership. Elasticsearch licenses this file to you under |
| 6 | + * the Apache License, Version 2.0 (the "License"); you may |
| 7 | + * not use this file except in compliance with the License. |
| 8 | + * You may obtain a copy of the License at |
| 9 | + * |
| 10 | + * http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | + * |
| 12 | + * Unless required by applicable law or agreed to in writing, |
| 13 | + * software distributed under the License is distributed on an |
| 14 | + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| 15 | + * KIND, either express or implied. See the License for the |
| 16 | + * specific language governing permissions and limitations |
| 17 | + * under the License. |
| 18 | + */ |
| 19 | +package org.elasticsearch.gradle.precommit |
| 20 | + |
| 21 | +import org.gradle.api.DefaultTask |
| 22 | +import org.gradle.api.GradleException |
| 23 | +import org.gradle.api.file.FileCollection |
| 24 | +import org.gradle.api.tasks.InputFiles |
| 25 | +import org.gradle.api.tasks.OutputFile |
| 26 | +import org.gradle.api.tasks.SourceSet |
| 27 | +import org.gradle.api.tasks.TaskAction |
| 28 | +import org.gradle.api.tasks.util.PatternSet |
| 29 | +import org.gradle.api.tasks.util.PatternFilterable |
| 30 | +import org.apache.tools.ant.taskdefs.condition.Os |
| 31 | + |
| 32 | +import java.nio.file.Files |
| 33 | +import java.nio.file.attribute.PosixFilePermission |
| 34 | +import java.nio.file.attribute.PosixFileAttributeView |
| 35 | + |
| 36 | +import static java.nio.file.attribute.PosixFilePermission.OTHERS_EXECUTE |
| 37 | +import static java.nio.file.attribute.PosixFilePermission.GROUP_EXECUTE |
| 38 | +import static java.nio.file.attribute.PosixFilePermission.OWNER_EXECUTE |
| 39 | + |
| 40 | +/** |
| 41 | + * Checks source files for correct file permissions. |
| 42 | + */ |
| 43 | +public class FilePermissionsTask extends DefaultTask { |
| 44 | + |
| 45 | + /** A pattern set of which files should be checked. */ |
| 46 | + private PatternFilterable filesFilter = new PatternSet() |
| 47 | + |
| 48 | + @OutputFile |
| 49 | + File outputMarker = new File(project.buildDir, 'markers/filePermissions') |
| 50 | + |
| 51 | + FilePermissionsTask() { |
| 52 | + onlyIf { !Os.isFamily(Os.FAMILY_WINDOWS) } |
| 53 | + description = "Checks java source files for correct file permissions" |
| 54 | + // we always include all source files, and exclude what should not be checked |
| 55 | + filesFilter.include('**') |
| 56 | + // exclude sh files that might have the executable bit set |
| 57 | + filesFilter.exclude('**/*.sh') |
| 58 | + } |
| 59 | + |
| 60 | + /** Returns the files this task will check */ |
| 61 | + @InputFiles |
| 62 | + FileCollection files() { |
| 63 | + List<FileCollection> collections = new ArrayList<>() |
| 64 | + for (SourceSet sourceSet : project.sourceSets) { |
| 65 | + collections.add(sourceSet.allSource.matching(filesFilter)) |
| 66 | + } |
| 67 | + return project.files(collections.toArray()) |
| 68 | + } |
| 69 | + |
| 70 | + @TaskAction |
| 71 | + void checkInvalidPermissions() { |
| 72 | + List<String> failures = new ArrayList<>() |
| 73 | + for (File f : files()) { |
| 74 | + PosixFileAttributeView fileAttributeView = Files.getFileAttributeView(f.toPath(), PosixFileAttributeView.class) |
| 75 | + Set<PosixFilePermission> permissions = fileAttributeView.readAttributes().permissions() |
| 76 | + if (permissions.contains(OTHERS_EXECUTE) || permissions.contains(OWNER_EXECUTE) || |
| 77 | + permissions.contains(GROUP_EXECUTE)) { |
| 78 | + failures.add("Source file is executable: " + f) |
| 79 | + } |
| 80 | + } |
| 81 | + if (failures.isEmpty() == false) { |
| 82 | + throw new GradleException('Found invalid file permissions:\n' + failures.join('\n')) |
| 83 | + } |
| 84 | + outputMarker.setText('done', 'UTF-8') |
| 85 | + } |
| 86 | + |
| 87 | +} |
0 commit comments