Commit 4e10c985 authored by Han-Wen Nienhuys's avatar Han-Wen Nienhuys

internal: fix access for root user

parent 1abae81d
...@@ -12,6 +12,10 @@ import ( ...@@ -12,6 +12,10 @@ import (
// HasAccess tests if a caller can access a file with permissions // HasAccess tests if a caller can access a file with permissions
// `perm` in mode `mask` // `perm` in mode `mask`
func HasAccess(callerUid, callerGid, fileUid, fileGid uint32, perm uint32, mask uint32) bool { func HasAccess(callerUid, callerGid, fileUid, fileGid uint32, perm uint32, mask uint32) bool {
if callerUid == 0 {
// root can do anything.
return true
}
mask = mask & 7 mask = mask & 7
if mask == 0 { if mask == 0 {
return true return true
......
...@@ -63,6 +63,7 @@ func TestHasAccess(t *testing.T) { ...@@ -63,6 +63,7 @@ func TestHasAccess(t *testing.T) {
{myUid, myGid, myUid + 1, notMyGid, 0020, 002, false}, {myUid, myGid, myUid + 1, notMyGid, 0020, 002, false},
{myUid, myGid, myUid, myGid, 0000, 01, false}, {myUid, myGid, myUid, myGid, 0000, 01, false},
{myUid, myGid, myUid, myGid, 0200, 01, false}, {myUid, myGid, myUid, myGid, 0200, 01, false},
{0, myGid, myUid + 1, notMyGid, 0700, 01, true},
} { } {
got := HasAccess(tc.uid, tc.gid, tc.fuid, tc.fgid, tc.perm, tc.mask) got := HasAccess(tc.uid, tc.gid, tc.fuid, tc.fgid, tc.perm, tc.mask)
if got != tc.want { if got != tc.want {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment