#!/usr/bin/env python
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
import os
import json
import six.moves.urllib.request
import six.moves.urllib.parse
import six.moves.urllib.error
import sys
import pwd
import errno
import fcntl
import logging
import time
from threading import Lock
from collections import deque
import fuse
import six
log = logging.getLogger(__name__)
logging.basicConfig()
fuse.fuse_python_api = (0, 2)
fuse.feature_assert('stateful_files', 'has_init')
class check_access:
def __init__(self, *args, **kwargs):
self._args = args
self._kwargs = kwargs
def __call__(self, func):
def wrapper(inst, *args, **kwargs):
new_args = list(args)
new_kwargs = dict(kwargs)
for i, (mode, path) in enumerate(zip(self._args, args)):
new_args[i] = self.check(inst, path, mode)
for name, mode in self._kwargs.items():
new_kwargs[name] = self.check(inst, kwargs.get(name), mode)
return func(inst, *new_args, **new_kwargs)
return wrapper
def check(self, inst, path, mode):
if mode is None:
return
rc = inst.access(path, mode)
if rc:
raise OSError(errno.EPERM, path, 'Permission denied')
class check_and_translate(check_access):
def check(self, inst, path, mode):
super().check(inst, path, mode)
return inst._to_global(path)
def flag2mode(flags):
md = {os.O_RDONLY: 'r', os.O_WRONLY: 'w', os.O_RDWR: 'w+'}
m = md[flags & (os.O_RDONLY | os.O_WRONLY | os.O_RDWR)]
if flags | os.O_APPEND:
m = m.replace('w', 'a', 1)
return m
class AccessFS(fuse.Fuse):
def __init__(self, *args, **kw):
super().__init__(*args, **kw)
self.root = '/'
self.auth_method = 'unix'
self.permission_host = 'http://localhost:8080'
self.permission_cache_timeout = 30
self.permission_cache_size = 1024
self.file_class = self.make_file_class()
self.perm_cache = None
def getattr(self, path):
return os.lstat("." + path)
def readlink(self, path):
self._assert_access(path, os.R_OK)
return os.readlink("." + path)
def readdir(self, path, offset):
print('Readdir!')
for e in os.listdir("." + path):
yield fuse.Direntry(e)
def unlink(self, path):
self._assert_access(path, os.W_OK)
os.unlink("." + path)
def rmdir(self, path):
self._assert_access(path, os.W_OK)
os.rmdir("." + path)
def symlink(self, path, path1):
self._assert_access(path, os.W_OK)
os.symlink(path, "." + path1)
def rename(self, path, path1):
self._assert_access(path, os.R_OK | os.W_OK)
self._assert_access(path1, os.R_OK | os.W_OK)
os.rename("." + path, "." + path1)
def link(self, path, path1):
self._assert_access(path, os.R_OK)
self._assert_access(path1, os.W_OK)
os.link("." + path, "." + path1)
def chmod(self, path, mode):
self._assert_access(path, os.W_OK)
os.chmod("." + path, mode)
def chown(self, path, user, group):
self._assert_access(path, os.W_OK)
os.chown("." + path, user, group)
def truncate(self, path, len):
self._assert_access(path, os.W_OK)
f = open("." + path, "a")
f.truncate(len)
f.close()
def mknod(self, path, mode, dev):
self._assert_access(path, os.W_OK)
os.mknod("." + path, mode, dev)
def mkdir(self, path, mode):
self._assert_access(path, os.W_OK)
os.mkdir("." + path, mode)
def utime(self, path, times):
os.utime("." + path, times)
def access(self, path, mode):
if mode & (os.R_OK | os.W_OK) == 0:
return
ctx = fuse.FuseGetContext()
entry = self.perm_cache.get(ctx['uid'], path)
if (mode & entry) != mode:
return -errno.EACCES
def _assert_access(self, path, mode):
rc = self.access(path, mode)
if rc:
raise OSError(errno.EPERM, path, 'Permission denied')
def statfs(self):
"""
Should return an object with statvfs attributes (f_bsize, f_frsize...).
Eg., the return value of os.statvfs() is such a thing (since py 2.2).
If you are not reusing an existing statvfs object, start with
fuse.StatVFS(), and define the attributes.
To provide usable information (ie., you want sensible df(1)
output, you are suggested to specify the following attributes:
- f_bsize - preferred size of file blocks, in bytes
- f_frsize - fundamental size of file blcoks, in bytes
[if you have no idea, use the same as blocksize]
- f_blocks - total number of blocks in the filesystem
- f_bfree - number of free blocks
- f_files - total number of file inodes
- f_ffree - nunber of free file inodes
"""
return os.statvfs(".")
def fsinit(self):
uid_cache = UnixUsernameCache()
self.perm_cache = PermissionCache(
uid_cache,
self.permission_host,
self.permission_cache_timeout,
self.permission_cache_size)
os.chdir(self.root)
def make_file_class(self):
class FSAccessFile(AccessFile):
filesystem = self
return FSAccessFile
class AccessFile(fuse.FuseFileInfo):
direct_io = False
keep_cache = False
needs_write = (
os.O_WRONLY
| os.O_RDWR
| os.O_APPEND
| os.O_CREAT
| os.O_TRUNC)
def __init__(self, path, flags, *mode):
access_mode = os.R_OK
if flags & self.needs_write:
access_mode |= os.W_OK
self.filesystem._assert_access(path, access_mode)
self.file = os.fdopen(os.open("." + path, flags, *mode),
flag2mode(flags))
self.fd = self.file.fileno()
def read(self, length, offset):
self.file.seek(offset)
return self.file.read(length)
def write(self, buf, offset):
self.file.seek(offset)
self.file.write(buf)
return len(buf)
def release(self, flags):
self.file.close()
def _fflush(self):
if 'w' in self.file.mode or 'a' in self.file.mode:
self.file.flush()
def fsync(self, isfsyncfile):
self._fflush()
if isfsyncfile and hasattr(os, 'fdatasync'):
os.fdatasync(self.fd)
else:
os.fsync(self.fd)
def flush(self):
self._fflush()
# cf. xmp_flush() in fusexmp_fh.c
os.close(os.dup(self.fd))
def fgetattr(self):
return os.fstat(self.fd)
def ftruncate(self, len):
self.file.truncate(len)
def lock(self, cmd, owner, **kw):
# The code here is much rather just a demonstration of the locking
# API than something which actually was seen to be useful.
# Advisory file locking is pretty messy in Unix, and the Python
# interface to this doesn't make it better.
# We can't do fcntl(2)/F_GETLK from Python in a platfrom independent
# way. The following implementation *might* work under Linux.
#
# if cmd == fcntl.F_GETLK:
# import struct
#
# lockdata = struct.pack('hhQQi', kw['l_type'], os.SEEK_SET,
# kw['l_start'], kw['l_len'], kw['l_pid'])
# ld2 = fcntl.fcntl(self.fd, fcntl.F_GETLK, lockdata)
# flockfields = ('l_type', 'l_whence', 'l_start', 'l_len', 'l_pid')
# uld2 = struct.unpack('hhQQi', ld2)
# res = {}
# for i in xrange(len(uld2)):
# res[flockfields[i]] = uld2[i]
#
# return fuse.Flock(**res)
# Convert fcntl-ish lock parameters to Python's weird
# lockf(3)/flock(2) medley locking API...
op = {fcntl.F_UNLCK: fcntl.LOCK_UN,
fcntl.F_RDLCK: fcntl.LOCK_SH,
fcntl.F_WRLCK: fcntl.LOCK_EX}[kw['l_type']]
if cmd == fcntl.F_GETLK:
return -errno.EOPNOTSUPP
elif cmd == fcntl.F_SETLK:
if op != fcntl.LOCK_UN:
op |= fcntl.LOCK_NB
elif cmd == fcntl.F_SETLKW:
pass
else:
return -errno.EINVAL
fcntl.lockf(self.fd, op, kw['l_start'], kw['l_len'])
class PermissionCache:
def __init__(self, uid_cache, host, timeout=30, size=1024):
self._host = host
self._timeout = timeout
self._size = size
self._data = {}
self._entries = deque()
self._lock = Lock()
self._uid_cache = uid_cache
def get(self, uid, path):
try:
entry, timestamp = self._data[uid, path]
elapsed = time.time() - timestamp
if elapsed > self._timeout:
print('Timeout!', elapsed)
uname = self._uid_cache.get(uid)
entry = self._refresh_result(
uid, path, self._api_lookup(uname, path))
return entry
return entry
except KeyError:
pass
uname = self._uid_cache.get(uid)
try:
entry = self._api_lookup(uname, path)
except Exception:
entry = 0
log.exception('Error checking access for %s', path)
self._save_result(uid, path, entry)
return entry
def _api_lookup(self, uname, path):
if path.count('/') < 3:
return os.R_OK
path = self._mangle(path)
url = (
self._host
+ '/auth/repo_permissions?'
+ six.moves.urllib.parse.urlencode(dict(
repo_path=path,
username=uname)))
print(f'Checking access for {uname} at {url} ({path})')
fp = six.moves.urllib.request.urlopen(url) # noqa: S310
result = json.load(fp)
print(result)
entry = 0
if result['allow_read']:
entry |= os.R_OK
if result['allow_write']:
entry |= os.W_OK
return entry
def _refresh_result(self, uid, path, value):
with self._lock:
if (uid, path) in self._data:
self._data[uid, path] = (value, time.time())
else:
if len(self._data) >= self._size:
k = self._entries.popleft()
del self._data[k]
self._data[uid, path] = (value, time.time())
self._entries.append((uid, path))
return value
def _save_result(self, uid, path, value):
with self._lock:
if len(self._data) >= self._size:
k = self._entries.popleft()
del self._data[k]
self._data[uid, path] = (value, time.time())
self._entries.append((uid, path))
def _mangle(self, path):
'''Convert paths from the form /SCM/neighborhood/project/a/b/c to
/SCM/project.neighborhood/a/b/c
'''
parts = [p for p in path.split(os.path.sep) if p]
scm, nbhd, proj, rest = parts[0], parts[1], parts[2], parts[3:]
parts = [f'/SCM/{proj}.{nbhd}'] + rest
return '/'.join(parts)
class UnixUsernameCache:
def __init__(self):
self._cache = {}
def get(self, uid):
try:
return self._cache[uid]
except KeyError:
pass
uname = pwd.getpwuid(uid).pw_name
self._cache[uid] = uname
return uname
def main():
usage = """
Userspace nullfs-alike: mirror the filesystem tree from some point on.
""" + fuse.Fuse.fusage
server = AccessFS(version="%prog " + fuse.__version__,
usage=usage,
dash_s_do='setsingle')
server.parser.add_option(mountopt="root", metavar="PATH", default='/',
help="mirror filesystem from under PATH [default: %default]")
server.parse(values=server, errex=1)
try:
if server.fuse_args.mount_expected():
os.chdir(server.root)
except OSError:
print("can't enter root of underlying filesystem", file=sys.stderr)
sys.exit(1)
server.main()
if __name__ == '__main__':
main()