Class: Chef::FileAccessControl

Inherits:
Object
  • Object
show all
Includes:
Unix, Windows
Defined in:
lib/chef/file_access_control.rb,
lib/chef/file_access_control/unix.rb,
lib/chef/file_access_control/windows.rb

Overview

== Chef::FileAccessControl FileAccessControl objects set the owner, group and mode of +file+ to the values specified by a value object, usually a Chef::Resource.

Defined Under Namespace

Modules: Unix, Windows

Constant Summary

Constants included from Unix

Unix::UID_MAX, Unix::UINT

Constants included from Windows

Windows::ACE, Windows::ACL, Windows::SID, Windows::Security

Constants included from ReservedNames::Win32::API::Security

ReservedNames::Win32::API::Security::ACCESS_ALLOWED_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_COMPOUND_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_ALLOWED_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_DENIED_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V2_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V3_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V4_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MAX_MS_V5_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MIN_MS_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_MIN_MS_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::ACCESS_SYSTEM_SECURITY, ReservedNames::Win32::API::Security::ACL_REVISION, ReservedNames::Win32::API::Security::ACL_REVISION1, ReservedNames::Win32::API::Security::ACL_REVISION2, ReservedNames::Win32::API::Security::ACL_REVISION3, ReservedNames::Win32::API::Security::ACL_REVISION4, ReservedNames::Win32::API::Security::ACL_REVISION_DS, ReservedNames::Win32::API::Security::CONTAINER_INHERIT_ACE, ReservedNames::Win32::API::Security::DACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::DELETE, ReservedNames::Win32::API::Security::FAILED_ACCESS_ACE_FLAG, ReservedNames::Win32::API::Security::FILE_ADD_FILE, ReservedNames::Win32::API::Security::FILE_ADD_SUBDIRECTORY, ReservedNames::Win32::API::Security::FILE_ALL_ACCESS, ReservedNames::Win32::API::Security::FILE_APPEND_DATA, ReservedNames::Win32::API::Security::FILE_CREATE_PIPE_INSTANCE, ReservedNames::Win32::API::Security::FILE_DELETE_CHILD, ReservedNames::Win32::API::Security::FILE_EXECUTE, ReservedNames::Win32::API::Security::FILE_GENERIC_EXECUTE, ReservedNames::Win32::API::Security::FILE_GENERIC_READ, ReservedNames::Win32::API::Security::FILE_GENERIC_WRITE, ReservedNames::Win32::API::Security::FILE_LIST_DIRECTORY, ReservedNames::Win32::API::Security::FILE_READ_ATTRIBUTES, ReservedNames::Win32::API::Security::FILE_READ_DATA, ReservedNames::Win32::API::Security::FILE_READ_EA, ReservedNames::Win32::API::Security::FILE_TRAVERSE, ReservedNames::Win32::API::Security::FILE_WRITE_ATTRIBUTES, ReservedNames::Win32::API::Security::FILE_WRITE_DATA, ReservedNames::Win32::API::Security::FILE_WRITE_EA, ReservedNames::Win32::API::Security::GENERIC_ALL, ReservedNames::Win32::API::Security::GENERIC_EXECUTE, ReservedNames::Win32::API::Security::GENERIC_READ, ReservedNames::Win32::API::Security::GENERIC_WRITE, ReservedNames::Win32::API::Security::GROUP_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::INHERITED_ACE, ReservedNames::Win32::API::Security::INHERIT_ONLY_ACE, ReservedNames::Win32::API::Security::LABEL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::LOGON32_LOGON_BATCH, ReservedNames::Win32::API::Security::LOGON32_LOGON_INTERACTIVE, ReservedNames::Win32::API::Security::LOGON32_LOGON_NETWORK, ReservedNames::Win32::API::Security::LOGON32_LOGON_NETWORK_CLEARTEXT, ReservedNames::Win32::API::Security::LOGON32_LOGON_NEW_CREDENTIALS, ReservedNames::Win32::API::Security::LOGON32_LOGON_SERVICE, ReservedNames::Win32::API::Security::LOGON32_LOGON_UNLOCK, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_DEFAULT, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_WINNT35, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_WINNT40, ReservedNames::Win32::API::Security::LOGON32_PROVIDER_WINNT50, ReservedNames::Win32::API::Security::MAXDWORD, ReservedNames::Win32::API::Security::MAX_ACL_REVISION, ReservedNames::Win32::API::Security::MIN_ACL_REVISION, ReservedNames::Win32::API::Security::NO_PROPAGATE_INHERIT_ACE, ReservedNames::Win32::API::Security::OBJECT_INHERIT_ACE, ReservedNames::Win32::API::Security::OWNER_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::POLICY_AUDIT_LOG_ADMIN, ReservedNames::Win32::API::Security::POLICY_CREATE_ACCOUNT, ReservedNames::Win32::API::Security::POLICY_CREATE_PRIVILEGE, ReservedNames::Win32::API::Security::POLICY_CREATE_SECRET, ReservedNames::Win32::API::Security::POLICY_GET_PRIVATE_INFORMATION, ReservedNames::Win32::API::Security::POLICY_LOOKUP_NAMES, ReservedNames::Win32::API::Security::POLICY_NOTIFICATION, ReservedNames::Win32::API::Security::POLICY_SERVER_ADMIN, ReservedNames::Win32::API::Security::POLICY_SET_AUDIT_REQUIREMENTS, ReservedNames::Win32::API::Security::POLICY_SET_DEFAULT_QUOTA_LIMITS, ReservedNames::Win32::API::Security::POLICY_TRUST_ADMIN, ReservedNames::Win32::API::Security::POLICY_VIEW_AUDIT_INFORMATION, ReservedNames::Win32::API::Security::POLICY_VIEW_LOCAL_INFORMATION, ReservedNames::Win32::API::Security::PROTECTED_DACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::PROTECTED_SACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::READ_CONTROL, ReservedNames::Win32::API::Security::SACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::SECURITY_DESCRIPTOR_MIN_LENGTH, ReservedNames::Win32::API::Security::SECURITY_DESCRIPTOR_REVISION, ReservedNames::Win32::API::Security::SECURITY_DESCRIPTOR_REVISION1, ReservedNames::Win32::API::Security::SECURITY_IMPERSONATION_LEVEL, ReservedNames::Win32::API::Security::SE_DACL_AUTO_INHERITED, ReservedNames::Win32::API::Security::SE_DACL_AUTO_INHERIT_REQ, ReservedNames::Win32::API::Security::SE_DACL_DEFAULTED, ReservedNames::Win32::API::Security::SE_DACL_PRESENT, ReservedNames::Win32::API::Security::SE_DACL_PROTECTED, ReservedNames::Win32::API::Security::SE_GROUP_DEFAULTED, ReservedNames::Win32::API::Security::SE_OBJECT_TYPE, ReservedNames::Win32::API::Security::SE_OWNER_DEFAULTED, ReservedNames::Win32::API::Security::SE_PRIVILEGE_ENABLED, ReservedNames::Win32::API::Security::SE_PRIVILEGE_ENABLED_BY_DEFAULT, ReservedNames::Win32::API::Security::SE_PRIVILEGE_REMOVED, ReservedNames::Win32::API::Security::SE_PRIVILEGE_USED_FOR_ACCESS, ReservedNames::Win32::API::Security::SE_PRIVILEGE_VALID_ATTRIBUTES, ReservedNames::Win32::API::Security::SE_RM_CONTROL_VALID, ReservedNames::Win32::API::Security::SE_SACL_AUTO_INHERITED, ReservedNames::Win32::API::Security::SE_SACL_AUTO_INHERIT_REQ, ReservedNames::Win32::API::Security::SE_SACL_DEFAULTED, ReservedNames::Win32::API::Security::SE_SACL_PRESENT, ReservedNames::Win32::API::Security::SE_SACL_PROTECTED, ReservedNames::Win32::API::Security::SE_SELF_RELATIVE, ReservedNames::Win32::API::Security::SID_NAME_USE, ReservedNames::Win32::API::Security::SPECIFIC_RIGHTS_ALL, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_ALL, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_EXECUTE, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_READ, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_REQUIRED, ReservedNames::Win32::API::Security::STANDARD_RIGHTS_WRITE, ReservedNames::Win32::API::Security::SUCCESSFUL_ACCESS_ACE_FLAG, ReservedNames::Win32::API::Security::SYNCHRONIZE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_ALARM_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_CALLBACK_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_AUDIT_OBJECT_ACE_TYPE, ReservedNames::Win32::API::Security::SYSTEM_MANDATORY_LABEL_ACE_TYPE, ReservedNames::Win32::API::Security::TOKEN_ADJUST_DEFAULT, ReservedNames::Win32::API::Security::TOKEN_ADJUST_GROUPS, ReservedNames::Win32::API::Security::TOKEN_ADJUST_PRIVILEGES, ReservedNames::Win32::API::Security::TOKEN_ADJUST_SESSIONID, ReservedNames::Win32::API::Security::TOKEN_ALL_ACCESS, ReservedNames::Win32::API::Security::TOKEN_ASSIGN_PRIMARY, ReservedNames::Win32::API::Security::TOKEN_DUPLICATE, ReservedNames::Win32::API::Security::TOKEN_IMPERSONATE, ReservedNames::Win32::API::Security::TOKEN_INFORMATION_CLASS, ReservedNames::Win32::API::Security::TOKEN_QUERY, ReservedNames::Win32::API::Security::TOKEN_QUERY_SOURCE, ReservedNames::Win32::API::Security::TOKEN_READ, ReservedNames::Win32::API::Security::UNPROTECTED_DACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::UNPROTECTED_SACL_SECURITY_INFORMATION, ReservedNames::Win32::API::Security::VALID_INHERIT_FLAGS, ReservedNames::Win32::API::Security::WRITE_DAC, ReservedNames::Win32::API::Security::WRITE_OWNER

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Unix

#current_gid, #current_mode, #current_uid, #define_resource_requirements, #describe_changes, #gid_from_resource, included, #manage_symlink_attrs?, #mode_from_resource, #mode_to_s, #requires_changes?, #set_all, #set_all!, #set_group, #set_group!, #set_mode, #set_mode!, #set_owner, #set_owner!, #should_update_group?, #should_update_mode?, #should_update_owner?, #stat, #target_gid, #target_mode, #target_uid

Methods included from Windows

#define_resource_requirements, #describe_changes, included, #requires_changes?, #set_all, #set_all!

Constructor Details

#initialize(current_resource, new_resource, provider) ⇒ FileAccessControl

FileAccessControl objects set the owner, group and mode of +file+ to the values specified by +resource+. +file+ is completely independent of any file or path attribute on +resource+, so it is possible to set access control settings on a tempfile (for example). === Arguments: resource: probably a Chef::Resource::File object (or subclass), but this is not required. Must respond to +owner+, +group+, and +mode+ file: The file whose access control settings you wish to modify, given as a String.

TODO requiring current_resource will break cookbook_file template_file


54
55
56
57
58
# File 'lib/chef/file_access_control.rb', line 54

def initialize(current_resource, new_resource, provider)
  @current_resource, @resource, @provider = current_resource, new_resource, provider
  @file = @current_resource.path
  @modified = false
end

Instance Attribute Details

#current_resourceObject (readonly)

Returns the value of attribute current_resource


37
38
39
# File 'lib/chef/file_access_control.rb', line 37

def current_resource
  @current_resource
end

#fileObject (readonly)

Returns the value of attribute file


40
41
42
# File 'lib/chef/file_access_control.rb', line 40

def file
  @file
end

#providerObject (readonly)

Returns the value of attribute provider


39
40
41
# File 'lib/chef/file_access_control.rb', line 39

def provider
  @provider
end

#resourceObject (readonly)

Returns the value of attribute resource


38
39
40
# File 'lib/chef/file_access_control.rb', line 38

def resource
  @resource
end

Instance Method Details

#modified?Boolean


60
61
62
# File 'lib/chef/file_access_control.rb', line 60

def modified?
  @modified
end