MCPcopy
hub / github.com/keploy/keploy / CheckKeployFolderPermissions

Function CheckKeployFolderPermissions

utils/permissions_unix.go:22–129  ·  view source on GitHub ↗

CheckKeployFolderPermissions checks if the keploy folder and its contents are readable and writable by the current user. Returns a list of paths with permission issues.

(logger *zap.Logger, keployPath string)

Source from the content-addressed store, hash-verified

20// CheckKeployFolderPermissions checks if the keploy folder and its contents are readable
21// and writable by the current user. Returns a list of paths with permission issues.
22func CheckKeployFolderPermissions(logger *zap.Logger, keployPath string) ([]PermissionError, error) {
23 var permissionErrors []PermissionError
24 currentUID := uint32(os.Getuid())
25
26 // Check if keploy folder exists
27 info, err := os.Stat(keployPath)
28 if os.IsNotExist(err) {
29 // Folder doesn't exist yet - no permission issues
30 return nil, nil
31 } else if err != nil {
32 // Can't even stat the folder - this is a permission issue
33 return []PermissionError{{Path: keployPath, OwnerUID: 0, IsRead: true}}, nil
34 }
35
36 // Folder exists, check if it's a directory
37 if !info.IsDir() {
38 return nil, fmt.Errorf("keploy path %s exists but is not a directory", keployPath)
39 }
40
41 // Walk the directory tree and check permissions
42 err = filepath.WalkDir(keployPath, func(path string, d os.DirEntry, err error) error {
43 if err != nil {
44 // Access error - this indicates a permission issue
45 logger.Debug("cannot access path", zap.String("path", path), zap.Error(err))
46 ownerUID := uint32(0)
47 if fileInfo, statErr := os.Lstat(path); statErr == nil {
48 if stat, ok := fileInfo.Sys().(*syscall.Stat_t); ok {
49 ownerUID = stat.Uid
50 }
51 }
52 permissionErrors = append(permissionErrors, PermissionError{Path: path, OwnerUID: ownerUID, IsRead: true})
53 return filepath.SkipDir
54 }
55
56 // Get file info to check ownership
57 fileInfo, infoErr := d.Info()
58 if infoErr != nil {
59 return nil
60 }
61
62 // Check if file is owned by a different user (likely root)
63 if stat, ok := fileInfo.Sys().(*syscall.Stat_t); ok {
64 if stat.Uid != currentUID {
65 // File is owned by someone else - potential permission issue
66 // Verify by actually trying to open for read/write
67 hasIssue := false
68
69 if d.IsDir() {
70 // For directories, check if we can read and write
71 _, readErr := os.ReadDir(path)
72 if readErr != nil {
73 hasIssue = true
74 }
75 // Also check write permission by checking if we can create a temp file
76 // We use access() syscall equivalent - try to open with write flag
77 testFile := filepath.Join(path, ".keploy_perm_test")
78 f, writeErr := os.OpenFile(testFile, os.O_CREATE|os.O_WRONLY, 0644)
79 if writeErr != nil {

Callers 1

Calls 4

DebugMethod · 0.65
CloseMethod · 0.65
StringMethod · 0.45
ErrorMethod · 0.45

Tested by

no test coverage detected