POSIX: check deletion permission

3 years ago · f2847f1266
2 changed files with 64 additions and 0 deletions
--- a/weed/filesys/dir.go
+++ b/weed/filesys/dir.go
@ -424,6 +424,10 @@ func findFileType(mode uint16) fuse.DirentType {

 func (dir *Dir) Remove(ctx context.Context, req *fuse.RemoveRequest) error {

+	if err := checkPermission(dir.entry, req.Uid, req.Gid, true); err != nil {
+		return err
+	}
+
 	if !req.Dir {
 		return dir.removeOneFile(req)
 	}
--- a/weed/filesys/permission.go
+++ b/weed/filesys/permission.go
@ -0,0 +1,60 @@
+package filesys
+
+import (
+	"github.com/chrislusf/seaweedfs/weed/pb/filer_pb"
+	"github.com/seaweedfs/fuse"
+)
+
+func checkPermission(entry *filer_pb.Entry, uid, gid uint32, isWrite bool) error {
+	if entry == nil {
+		return nil
+	}
+	if entry.Attributes == nil {
+		return nil
+	}
+	attr := entry.Attributes
+	if attr.Uid == uid {
+		if isWrite {
+			if attr.FileMode&0002 > 0 {
+				return nil
+			} else {
+				return fuse.EPERM
+			}
+		} else {
+			if attr.FileMode&0004 > 0 {
+				return nil
+			} else {
+				return fuse.EPERM
+			}
+		}
+	} else if attr.Gid == gid {
+		if isWrite {
+			if attr.FileMode&0020 > 0 {
+				return nil
+			} else {
+				return fuse.EPERM
+			}
+		} else {
+			if attr.FileMode&0040 > 0 {
+				return nil
+			} else {
+				return fuse.EPERM
+			}
+		}
+	} else {
+		if isWrite {
+			if attr.FileMode&0200 > 0 {
+				return nil
+			} else {
+				return fuse.EPERM
+			}
+		} else {
+			if attr.FileMode&0400 > 0 {
+				return nil
+			} else {
+				return fuse.EPERM
+			}
+		}
+	}
+
+}