src-util/diagnostic/check-ob-perms.sh
changeset 6886 60a98816806d
parent 6701 690d2af86089
child 9072 79e55dfc8af0
equal deleted inserted replaced
6885:39596de39bca 6886:60a98816806d
       
     1 #!/bin/sh
       
     2 
       
     3 # *************************************************************************
       
     4 # * The contents of this file are subject to the Openbravo  Public  License
       
     5 # * Version  1.0  (the  "License"),  being   the  Mozilla   Public  License
       
     6 # * Version 1.1  with a permitted attribution clause; you may not  use this
       
     7 # * file except in compliance with the License. You  may  obtain  a copy of
       
     8 # * the License at http://www.openbravo.com/legal/license.html 
       
     9 # * Software distributed under the License  is  distributed  on  an "AS IS"
       
    10 # * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
       
    11 # * License for the specific  language  governing  rights  and  limitations
       
    12 # * under the License. 
       
    13 # * The Original Code is Openbravo ERP. 
       
    14 # * The Initial Developer of the Original Code is Openbravo SLU 
       
    15 # * All portions are Copyright (C) 2008 Openbravo SLU 
       
    16 # * All Rights Reserved. 
       
    17 # * Contributor(s):  ______________________________________.
       
    18 # ************************************************************************
       
    19 
       
    20 
       
    21 # Check a user's permissions in a directory
       
    22 
       
    23 if [ $# -lt 1 ]; then
       
    24   echo "Usage: check-ob-perms.sh directory [username]"
       
    25   exit 1
       
    26 elif [ ! -d "$1" ]; then
       
    27   echo "Error: specified directory does not exist: $2"
       
    28   exit 1
       
    29 fi
       
    30 
       
    31 if [ $# -lt 2 ]; then
       
    32   USER=${whoami}
       
    33 else
       
    34   USER=$2
       
    35 fi
       
    36 
       
    37 USERID=$(id -u $USER)
       
    38 USERGROUPS="$(id -G $USER)"
       
    39 DIRFILES=$(find "$1" -printf "%U-%G+%m_%p\n")
       
    40 
       
    41 # If find fails, there is no read permission or the file does not exist
       
    42 if [ $? -eq 1 ]; then
       
    43   echo "Error: user $USER does not have read permissions in some files or directories"
       
    44   exit 1
       
    45 fi
       
    46 
       
    47 IFS='
       
    48 '
       
    49 
       
    50 for FILEDATA in $DIRFILES; do
       
    51   # get part until first -
       
    52   OWNER=${FILEDATA%%-*}
       
    53   # get part until first +, but after -
       
    54   mytemp=${FILEDATA%%+*}
       
    55   GROUP=${mytemp#*-}
       
    56   # get part until first -, but after +
       
    57   mytemp=${FILEDATA%%_*}
       
    58   PERM=${mytemp#*+}
       
    59   # get part after first _
       
    60   FILE=${FILEDATA#*_}
       
    61 
       
    62   if [ $USERID -ne $OWNER ]; then
       
    63     
       
    64     # Check if user belongs to the file's group
       
    65     echo $USERGROUPS | grep -q $GROUP
       
    66     [ $? -eq 0 ] && BELONGS=1 || BELONGS=0
       
    67 
       
    68     # Significant bit
       
    69     if [ $BELONGS -eq 1 ]; then
       
    70       SBIT=$(echo $PERM | sed 's/.\(.\)./\1/')
       
    71     else
       
    72       SBIT=$(echo $PERM | sed 's/..\(.\)/\1/')
       
    73     fi
       
    74 
       
    75     if [ $SBIT -ne 6 ] && [ $SBIT -ne 7 ]; then
       
    76       echo "Error: user $USER does not have read or write permissions in file or directory:"
       
    77       echo "$FILE"
       
    78       exit 1
       
    79     fi
       
    80 
       
    81   fi
       
    82 
       
    83 done