Update the behavior of fs.set_permissions on Windows

author: George Roman <george.roman.99@gmail.com> 2018-07-07 16:23:07 +0300
committer: Hisham Muhammad <hisham@gobolinux.org> 2018-07-16 20:34:30 -0300
commit: 1b3b6525a4313404af84fce0fbbc29695e664f73 (patch)
tree: 76ad679d512e216ace739662ac60d1785d43af2c /src
parent: f2772aee0d4ee5012d9b1be65f685b535d7380bd (diff)
download: luarocks-1b3b6525a4313404af84fce0fbbc29695e664f73.tar.gz
luarocks-1b3b6525a4313404af84fce0fbbc29695e664f73.tar.bz2
luarocks-1b3b6525a4313404af84fce0fbbc29695e664f73.zip
1 files changed, 41 insertions, 16 deletions
diff --git a/src/luarocks/fs/win32/tools.lua b/src/luarocks/fs/win32/tools.lua
index c03b0d7b..c267b316 100644
--- a/src/luarocks/fs/win32/tools.lua
+++ b/src/luarocks/fs/win32/tools.lua
@@ -182,33 +182,58 @@ end
 function tools.set_permissions(filename, mode, scope)
   assert(filename and mode and scope)
-   local who, what
   if scope == "user" then
-      who = os.getenv("USERNAME")
+      local perms
-   elseif scope == "all" then
+      if mode == "read" then
-      who = "Everyone"
+         perms = "(R,W,M)"
-   end
+      elseif mode == "exec" then
-   if mode == "read" then
+         perms = "(F)"
-      what = "(RD)"
+      end
-   elseif mode == "exec" then
-      what = "(X)"
-   end
-   if not who or not what then
-      return false, "Invalid permission " .. mode .. " for " .. scope
-   end
-   if scope == "user" then
+      local ok
+      -- Take ownership of the given file
+      ok = fs.execute_quiet("takeown /f " .. fs.Q(filename))
+      if not ok then
+         return false, "Could not take ownership of the given file"
+      end
+      -- Grant the current user the proper rights
+      ok = fs.execute_quiet(fs.Q(vars.ICACLS) .. " " .. fs.Q(filename) .. " /inheritance:d /grant:r %USERNAME%:" .. perms)
+      if not ok then
+         return false, "Failed setting permission " .. mode .. " for " .. scope
+      end
+      -- Finally, remove all the other users from the ACL in order to deny them access to the file
      for _, user in pairs(get_system_users()) do
         if user ~= who then
-            local ok = fs.execute(fs.Q(vars.ICACLS) .. " " .. fs.Q(filename) .. " /deny " .. fs.Q(user) .. ":" .. fs.Q(what))
+            local ok = fs.execute_quiet(fs.Q(vars.ICACLS) .. " " .. fs.Q(filename) .. " /remove " .. fs.Q(user))
            if not ok then
               return false, "Failed setting permission " .. mode .. " for " .. scope
            end
         end
      end
+   elseif scope == "all" then
+      local my_perms, others_perms
+      if mode == "read" then
+         my_perms = "(R,W,M)"
+         others_perms = "(R)"
+      elseif mode == "exec" then
+         my_perms = "(F)"
+         others_perms = "(RX)"
+      end
+      local ok
+      -- Grant permissions available to all users
+      ok = fs.execute_quiet(fs.Q(vars.ICACLS) .. " " .. fs.Q(filename) .. " /inheritance:d /grant:r Everyone:" .. others_perms)
+      if not ok then
+         return false, "Failed setting permission " .. mode .. " for " .. scope
+      end
+      -- Grant permissions available only to the current user
+      ok = fs.execute_quiet(fs.Q(vars.ICACLS) .. " " .. fs.Q(filename) .. " /inheritance:d /grant %USERNAME%:" .. my_perms)
+      if not ok then
+         return false, "Failed setting permission " .. mode .. " for " .. scope
+      end
   end
-   return fs.execute(fs.Q(vars.ICACLS) .. " " .. fs.Q(filename) .. " /grant " .. fs.Q(who) .. ":" .. fs.Q(what))
+   return true
 end
author	George Roman <george.roman.99@gmail.com>	2018-07-07 16:23:07 +0300
committer	Hisham Muhammad <hisham@gobolinux.org>	2018-07-16 20:34:30 -0300
commit	1b3b6525a4313404af84fce0fbbc29695e664f73 (patch)
tree	76ad679d512e216ace739662ac60d1785d43af2c /src
parent	f2772aee0d4ee5012d9b1be65f685b535d7380bd (diff)
download	luarocks-1b3b6525a4313404af84fce0fbbc29695e664f73.tar.gz luarocks-1b3b6525a4313404af84fce0fbbc29695e664f73.tar.bz2 luarocks-1b3b6525a4313404af84fce0fbbc29695e664f73.zip