chmod fix to preserve additional principals added to to ACL (#727)

* chmod shall result into SetAccessControl call with permissions and not ACL to preserve the existing principals added to the file * Adding loopbackfs config to base config
2022-03-11 09:11:05 +05:30 · 2022-03-11 09:11:05 +05:30 · d9ffe5cba9
--- a/cmd/mount.go
+++ b/cmd/mount.go
@ -222,15 +222,11 @@ var mountCmd = &cobra.Command{
 			os.Exit(1)
 		}

-		if !config.IsSet("config-file") {
-			options.ConfigFile = "config.yaml"
-		}
-
 		if !config.IsSet("logging.file-path") {
 			options.Logging.LogFilePath = common.DefaultLogFilePath
 		}

-		if !config.IsSet("logging.log-level") {
+		if !config.IsSet("logging.level") {
 			options.Logging.LogLevel = "LOG_WARNING"
 		}

--- a/component/azstorage/datalake.go
+++ b/component/azstorage/datalake.go
@ -505,8 +505,23 @@ func (dl *Datalake) ChangeMod(name string, mode os.FileMode) error {
 	log.Trace("Datalake::ChangeMod : Change mode of file %s to %s", name, mode)
 	fileURL := dl.Filesystem.NewRootDirectoryURL().NewFileURL(filepath.Join(dl.Config.prefixPath, name))

-	accessControlList := getAccessControlList(mode)
-	_, err := fileURL.SetAccessControl(context.Background(), azbfs.BlobFSAccessControl{ACL: accessControlList})
+	/*
+		// If we need to call the ACL set api then we need to get older acl string here
+		// and create new string with the username included in the string
+		// Keeping this code here so in future if its required we can get the string and manipulate
+
+		currPerm, err := fileURL.GetAccessControl(context.Background())
+		e := storeDatalakeErrToErr(err)
+		if e == ErrFileNotFound {
+			return syscall.ENOENT
+		} else if err != nil {
+			log.Err("Datalake::ChangeMod : Failed to get mode of file %s (%s)", name, err.Error())
+			return err
+		}
+	*/
+
+	newPerm := getACLPermissions(mode)
+	_, err := fileURL.SetAccessControl(context.Background(), azbfs.BlobFSAccessControl{Permissions: newPerm})
 	e := storeDatalakeErrToErr(err)
 	if e == ErrFileNotFound {
 		return syscall.ENOENT
--- a/component/azstorage/utils.go
+++ b/component/azstorage/utils.go
@ -474,6 +474,25 @@ func getAccessTierType(name string) azblob.AccessTierType {
 	return azblob.AccessTierNone
 }

+// Called by x method
+func getACLPermissions(mode os.FileMode) string {
+	// Format for ACL and Permission string is different
+	// ACL:"user::rwx,user:<id>:rwx,group::rwx,mask::rwx,other::rwx"
+	// Permissions:"rwxrwxrwx+"
+	// If we call the set ACL without giving user then all other principals will be removed.
+	var sb strings.Builder
+	writePermission(&sb, mode&(1<<8) != 0, 'r')
+	writePermission(&sb, mode&(1<<7) != 0, 'w')
+	writePermission(&sb, mode&(1<<6) != 0, 'x')
+	writePermission(&sb, mode&(1<<5) != 0, 'r')
+	writePermission(&sb, mode&(1<<4) != 0, 'w')
+	writePermission(&sb, mode&(1<<3) != 0, 'x')
+	writePermission(&sb, mode&(1<<2) != 0, 'r')
+	writePermission(&sb, mode&(1<<1) != 0, 'w')
+	writePermission(&sb, mode&(1<<0) != 0, 'x')
+	return sb.String()
+}
+
 // Called by x method
 func getAccessControlList(mode os.FileMode) string {
 	// The format for the value x-ms-acl is user::rwx,group::rwx,mask::rwx,other::rwx
@ -496,7 +515,6 @@ func getAccessControlList(mode os.FileMode) string {
 	writePermission(&sb, mode&(1<<0) != 0, 'x')

 	return sb.String()
-
 }

 func writePermission(sb *strings.Builder, permitted bool, permission rune) {
--- a/setup/baseConfig.yaml
+++ b/setup/baseConfig.yaml
@ -69,6 +69,10 @@ attr_cache:
  no-cache-on-list: true|false <do not cache attributes during listing, to optimize performance>
  no-symlinks: true|false <to improve performance disable symlink support. symlinks will be treated like regular files.>
  
+# Loopback configuration
+loopbackfs:
+  path: <path to local directory>
+
 # Azure storage configuration
 azstorage:
  type: block|adls <type of storage account to be connected. Default - block>