From 2d1f3a985febeec79812e2cabd2d6e90ecf290a1 Mon Sep 17 00:00:00 2001
From: selfhoster1312 <selfhoster1312@kl.netlib.re>
Date: Tue, 22 Aug 2023 15:18:04 +0200
Subject: [PATCH] Add permissions on the socket

---
 Cargo.toml          |  3 +-
 src/error.rs        | 12 +++++++
 src/main.rs         |  1 +
 src/utils/fs.rs     | 78 +++++++++++++++++++++++++++++++++++++++++++++
 src/utils/mod.rs    |  1 +
 src/utils/socket.rs |  9 ++++--
 6 files changed, 101 insertions(+), 3 deletions(-)
 create mode 100644 src/utils/fs.rs

diff --git a/Cargo.toml b/Cargo.toml
index 79e387b..c2e0401 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -23,4 +23,5 @@ chrono = { version = "0.4", features = [ "serde" ] }
 yunohost-api = { path = "yunohost-api" }
 axum_typed_multipart = "0.8"
 async-trait = "0.1"
-serde = { version = "1", features = [ "derive" ] }
\ No newline at end of file
+serde = { version = "1", features = [ "derive" ] }
+file-owner = { version = "0.1" }
\ No newline at end of file
diff --git a/src/error.rs b/src/error.rs
index bdecee0..a2984ba 100644
--- a/src/error.rs
+++ b/src/error.rs
@@ -16,4 +16,16 @@ pub enum Error {
 
     #[snafu(display("{}", source))]
     Session { source: crate::state::sessions::SessionError },
+
+    #[snafu(display("Failed to executed tokio task"))]
+    TokioTask { source: tokio::task::JoinError },
+
+    #[snafu(display("Failed to set permissions on file {}", path.display()))]
+    Permissions { path: PathBuf, source: std::io::Error },
+
+    #[snafu(display("Failed to set owner on file {}", path.display()))]
+    PermissionsChown { path: PathBuf, source: file_owner::FileOwnerError },
+
+    #[snafu(display("Failed to set group on file {}", path.display()))]
+    PermissionsChgrp { path: PathBuf, source: file_owner::FileOwnerError },
 }
diff --git a/src/main.rs b/src/main.rs
index abc0059..0c325b9 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,5 +1,6 @@
 #[macro_use] extern crate async_trait;
 #[macro_use] extern crate axum;
+#[macro_use] extern crate log;
 #[macro_use] extern crate serde;
 
 use clap::Parser;
diff --git a/src/utils/fs.rs b/src/utils/fs.rs
new file mode 100644
index 0000000..6c7ebee
--- /dev/null
+++ b/src/utils/fs.rs
@@ -0,0 +1,78 @@
+use file_owner::PathExt;
+use snafu::prelude::*;
+use tokio::{
+    fs::set_permissions,
+    task::spawn_blocking,
+};
+
+use std::{
+    fs::Permissions,
+    os::unix::fs::PermissionsExt,
+    path::Path,
+};
+
+use crate::error::*;
+
+pub struct FSPermissions {
+    pub owner: Option<String>,
+    pub group: Option<String>,
+    pub mode: Option<u32>,
+}
+
+impl FSPermissions {
+    pub fn new() -> FSPermissions {
+        FSPermissions {
+            owner: None,
+            group: None,
+            mode: None,
+        }
+    }
+
+    pub fn chown(mut self, owner: &str) -> Self {
+        self.owner = Some(owner.to_string());
+        self
+    }
+
+    pub fn chgrp(mut self, group: &str) -> Self {
+        self.group = Some(group.to_string());
+        self
+    }
+
+    pub fn chmod(mut self, mode: u32) -> Self {
+        self.mode = Some(mode);
+        self
+    }
+
+    pub async fn apply_to(&self, path: &Path) -> Result<(), Error> {
+        if let Some(mode) = self.mode {
+            set_permissions(
+                path,
+                Permissions::from_mode(mode)
+            ).await.context(PermissionsSnafu { path: path.to_path_buf()})?;
+        }
+
+        if let Some(owner) = &self.owner {
+            let owner = owner.to_string();
+            let path = path.to_path_buf();
+            let _ = spawn_blocking(move || -> Result<(), Error> {
+                Ok(
+                    path.set_owner(owner.as_str())
+                        .context(PermissionsChownSnafu { path: path.to_path_buf() })?
+                )
+            }).await.context(TokioTaskSnafu)?;
+        }
+
+        if let Some(group) = &self.group {
+            let group = group.to_string();
+            let path = path.to_path_buf();
+            let _ = spawn_blocking(move || -> Result<(), Error> {
+                Ok(
+                    path.set_group(group.as_str())
+                        .context(PermissionsChgrpSnafu { path: path.to_path_buf() })?
+                )
+            }).await.context(TokioTaskSnafu)?;
+        }
+
+        Ok(())
+    }
+}
\ No newline at end of file
diff --git a/src/utils/mod.rs b/src/utils/mod.rs
index 07d42f3..dea1626 100644
--- a/src/utils/mod.rs
+++ b/src/utils/mod.rs
@@ -1,2 +1,3 @@
+pub mod fs;
 pub mod time;
 pub mod socket;
\ No newline at end of file
diff --git a/src/utils/socket.rs b/src/utils/socket.rs
index 31a6839..49336c8 100644
--- a/src/utils/socket.rs
+++ b/src/utils/socket.rs
@@ -21,7 +21,10 @@ use tokio::{
 };
 use tower::BoxError;
 
-use crate::error::*;
+use crate::{
+    error::*,
+    utils::fs::FSPermissions,
+};
 
 pub struct ServerAccept {
     uds: UnixListener,
@@ -118,7 +121,9 @@ pub async fn serve(path: &Path, app: Router) -> Result<(), Error> {
         .await
         .unwrap();
 
-    // TODO: set permissions
+    // TODO: make proper permissions
+    // Apply 777 permissions
+    FSPermissions::new().chmod(0o777).apply_to(&path).await?;
     
     let uds = UnixListener::bind(path.clone())
         .context(SocketCreateSnafu { path: path.clone() })?;