Class: Inspec::Resources::UnixFilePermissions

Inherits:
FilePermissions show all
Defined in:
lib/resources/file.rb

Instance Attribute Summary

Attributes inherited from FilePermissions

#inspec

Instance Method Summary collapse

Methods inherited from FilePermissions

#initialize

Constructor Details

This class inherits a constructor from Inspec::Resources::FilePermissions

Instance Method Details

#check_file_permission_by_user(user, access_type, path) ⇒ Object 



167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
 
# File 'lib/resources/file.rb', line 167

def check_file_permission_by_user(user, access_type, path)
  flag = case access_type
         when 'read'
           'r'
         when 'write'
           'w'
         when 'execute'
           'x'
         else
           fail 'Invalid access_type provided'
         end
  if inspec.os.linux?
    perm_cmd = "su -s /bin/sh -c \"test -#{flag} #{path}\" #{user}"
  elsif inspec.os.bsd? || inspec.os.solaris?
    perm_cmd = "sudo -u #{user} test -#{flag} #{path}"
  elsif inspec.os.aix?
    perm_cmd = "su #{user} -c test -#{flag} #{path}"
  elsif inspec.os.hpux?
    perm_cmd = "su #{user} -c \"test -#{flag} #{path}\""
  else
    return skip_resource 'The `file` resource does not support `by_user` on your OS.'
  end

  cmd = inspec.command(perm_cmd)
  cmd.exit_status == 0 ? true : false
end