[
https://issues.apache.org/jira/browse/VFS-651?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Syed Aqeel Ashiq updated VFS-651:
---------------------------------
Description:
Consider a user X only has read/write access to let's say /sftp and /sftp/abc
directory on a sftp server. And default directory for user is /sftp
In this case, we have to set userDirIsRoot to false, and thus vfs will try to
switch to root directory, which will fail due to lack of read permission.
Consider following code:
{code:java}
public void uploadFile(String localFilePath) throws FileSystemException {
FileSystemManager manager = VFS.getManager();
FileObject localFile = manager.resolveFile(localFilePath);
FileSystemOptions opts = new FileSystemOptions();
SftpFileSystemConfigBuilder.getInstance().setUserDirIsRoot(opts, false);
// I set it to false,
// because user default dir is /sftp and it is obviously not root directory.
// As a workaround, If I set it to true, it will work after also tweaking
with
// the file path while resolving a file, but semantics will be wrong, since
// the user directory is not root.
SftpFileSystemConfigBuilder.getInstance().setTimeout(opts, 90000);
String remoteFilePath =
"sftp://myuser:[email protected]/sftp/abc/abc.txt";;
// Exception at the following line
FileObject remoteFile = manager.resolveFile(remoteFilePath, opts);
// Exception at the line above line. Because this line tries to switch to
// root directory of sftp file system, whichfails due to lack of read
// permission on root directory. Switching to root directory is not
// needed here at all. This is bug, although it works in most scenarios,
// since most of times, permissions are available.
remoteFile.copyFrom(localFile, Selectors.SELECT_SELF);
}
{code}
This is the underlying code responsible in
{code:java}
org.apache.commons.vfs.provider.sftp.SftpFileSystem
{code}
:
{code:java}
Boolean userDirIsRoot =
SftpFileSystemConfigBuilder.getInstance().getUserDirIsRoot(getFileSystemOptions());
String workingDirectory = getRootName().getPath();
if (workingDirectory != null && (userDirIsRoot == null ||
!userDirIsRoot.booleanValue())) {
try {
channel.cd(workingDirectory);
} catch (SftpException e) {
throw new
FileSystemException("vfs.provider.sftp/change-work-directory.error",
workingDirectory);
}
}{code}
It purposelessly switches to root directory of filesystem. There is a fair
use-case that root directory doesn't have read access.
*Possible Fix:* It should not switch to root directory, rather it should switch
to actual final directory. This approach would be the safest. E.g. if the
needed directory is '/sftp/abc' then it can switch to that directory in above
code, rather than switching to root.
Please also see related SO question:
https://stackoverflow.com/questions/48709971/why-apache-vfs-sftp-tries-to-switch-to-root-directory-even-when-not-needed
was:
Consider a user X only has read/write access to let's say /sftp and /sftp/abc
directory on a sftp server. And default directory for user is /sftp
In this case, we have to set userDirIsRoot to false, and thus vfs will try to
switch to root directory, which will fail due to lack of read permission.
Consider following code:
{code:java}
public void uploadFile(String localFilePath) throws FileSystemException {
FileSystemManager manager = VFS.getManager();
FileObject localFile = manager.resolveFile(localFilePath);
FileSystemOptions opts = new FileSystemOptions();
SftpFileSystemConfigBuilder.getInstance().setUserDirIsRoot(opts, false); //
I set it to false,
// because user default dir is /sftp and it is obviously not root directory.
// As a workaround, If I set it to true, it will work after also tweaking
with
// the file path while resolving a file, but semantics will be wrong, since
// the user directory is not root.
SftpFileSystemConfigBuilder.getInstance().setTimeout(opts, 90000);
String remoteFilePath =
"sftp://myuser:[email protected]/sftp/abc/abc.txt";;
// Exception at the following line
FileObject remoteFile = manager.resolveFile(remoteFilePath, opts);
// Exception at the line above line. Because this line tries to switch to
root directory
// of sftp file system, whichfails due to lack of read permission on root
directory.
// Switching to root directory is not needed here at all. This is bug,
although it
// works in most scenarios, since most of times, permissions are available.
remoteFile.copyFrom(localFile, Selectors.SELECT_SELF);
}
{code}
This is the underlying code responsible in
{code:java}
org.apache.commons.vfs.provider.sftp.SftpFileSystem
{code}
:
{code:java}
Boolean userDirIsRoot =
SftpFileSystemConfigBuilder.getInstance().getUserDirIsRoot(getFileSystemOptions());
String workingDirectory = getRootName().getPath();
if (workingDirectory != null && (userDirIsRoot == null ||
!userDirIsRoot.booleanValue())) {
try {
channel.cd(workingDirectory);
} catch (SftpException e) {
throw new
FileSystemException("vfs.provider.sftp/change-work-directory.error",
workingDirectory);
}
}{code}
It purposelessly switches to root directory of filesystem. There is a fair
use-case that root directory doesn't have read access.
*Possible Fix:* It should not switch to root directory, rather it should switch
to actual final directory. This approach would be the safest. E.g. if the
needed directory is '/sftp/abc' then it can switch to that directory in above
code, rather than switching to root.
Please also see related SO question:
https://stackoverflow.com/questions/48709971/why-apache-vfs-sftp-tries-to-switch-to-root-directory-even-when-not-needed
> SftpFileSystem Should not switch to root directory when not absolutely needed
> -----------------------------------------------------------------------------
>
> Key: VFS-651
> URL: https://issues.apache.org/jira/browse/VFS-651
> Project: Commons VFS
> Issue Type: Bug
> Affects Versions: 2.0
> Reporter: Syed Aqeel Ashiq
> Priority: Major
> Fix For: 2.3
>
>
> Consider a user X only has read/write access to let's say /sftp and /sftp/abc
> directory on a sftp server. And default directory for user is /sftp
> In this case, we have to set userDirIsRoot to false, and thus vfs will try to
> switch to root directory, which will fail due to lack of read permission.
> Consider following code:
> {code:java}
> public void uploadFile(String localFilePath) throws FileSystemException {
>
> FileSystemManager manager = VFS.getManager();
> FileObject localFile = manager.resolveFile(localFilePath);
> FileSystemOptions opts = new FileSystemOptions();
> SftpFileSystemConfigBuilder.getInstance().setUserDirIsRoot(opts, false);
> // I set it to false,
> // because user default dir is /sftp and it is obviously not root
> directory.
> // As a workaround, If I set it to true, it will work after also tweaking
> with
> // the file path while resolving a file, but semantics will be wrong,
> since
> // the user directory is not root.
> SftpFileSystemConfigBuilder.getInstance().setTimeout(opts, 90000);
> String remoteFilePath =
> "sftp://myuser:[email protected]/sftp/abc/abc.txt";;
> // Exception at the following line
> FileObject remoteFile = manager.resolveFile(remoteFilePath, opts);
> // Exception at the line above line. Because this line tries to switch to
> // root directory of sftp file system, whichfails due to lack of read
> // permission on root directory. Switching to root directory is not
> // needed here at all. This is bug, although it works in most scenarios,
> // since most of times, permissions are available.
> remoteFile.copyFrom(localFile, Selectors.SELECT_SELF);
> }
> {code}
> This is the underlying code responsible in
> {code:java}
> org.apache.commons.vfs.provider.sftp.SftpFileSystem
> {code}
> :
> {code:java}
> Boolean userDirIsRoot =
> SftpFileSystemConfigBuilder.getInstance().getUserDirIsRoot(getFileSystemOptions());
> String workingDirectory = getRootName().getPath();
> if (workingDirectory != null && (userDirIsRoot == null ||
> !userDirIsRoot.booleanValue())) {
> try {
> channel.cd(workingDirectory);
> } catch (SftpException e) {
> throw new
> FileSystemException("vfs.provider.sftp/change-work-directory.error",
> workingDirectory);
> }
> }{code}
> It purposelessly switches to root directory of filesystem. There is a fair
> use-case that root directory doesn't have read access.
> *Possible Fix:* It should not switch to root directory, rather it should
> switch to actual final directory. This approach would be the safest. E.g. if
> the needed directory is '/sftp/abc' then it can switch to that directory in
> above code, rather than switching to root.
> Please also see related SO question:
> https://stackoverflow.com/questions/48709971/why-apache-vfs-sftp-tries-to-switch-to-root-directory-even-when-not-needed
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
