This repository was archived by the owner on Jan 23, 2023. It is now read-only.
Add file creation method that takes an ACL#42099
Merged
carlossanlop merged 17 commits intodotnet:masterfrom Oct 29, 2019
carlossanlop:FileCreate
Merged
Add file creation method that takes an ACL#42099carlossanlop merged 17 commits intodotnet:masterfrom carlossanlop:FileCreate
carlossanlop merged 17 commits intodotnet:masterfrom
carlossanlop:FileCreate
Conversation
carlossanlop
commented
Oct 24, 2019
src/System.IO.FileSystem.AccessControl/ref/System.IO.FileSystem.AccessControl.cs
Show resolved
Hide resolved
carlossanlop
commented
Oct 24, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Show resolved
Hide resolved
carlossanlop
commented
Oct 24, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
carlossanlop
commented
Oct 24, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
carlossanlop
commented
Oct 24, 2019
src/System.IO.FileSystem.AccessControl/tests/FileSystemAclExtensionsTests.cs
Outdated
Show resolved
Hide resolved
carlossanlop
commented
Oct 24, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
carlossanlop
commented
Oct 24, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Show resolved
Hide resolved
carlossanlop
commented
Oct 24, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Show resolved
Hide resolved
danmoseley
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
danmoseley
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
Author
|
The unit tests will fail with my latest commit. Some expected exceptions were different than expected, so I'm investigating. |
carlossanlop
commented
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Show resolved
Hide resolved
jkotas
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
jkotas
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/Resources/Strings.resx
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/Resources/Strings.resx
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/tests/FileSystemAclExtensionsTests.cs
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/tests/FileSystemAclExtensionsTests.cs
Outdated
Show resolved
Hide resolved
stephentoub
reviewed
Oct 25, 2019
src/System.IO.FileSystem.AccessControl/src/Resources/Strings.resx
Outdated
Show resolved
Hide resolved
carlossanlop
commented
Oct 28, 2019
src/System.IO.FileSystem.AccessControl/src/Resources/Strings.resx
Outdated
Show resolved
Hide resolved
JeremyKuhne
reviewed
Oct 29, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Outdated
Show resolved
Hide resolved
JeremyKuhne
reviewed
Oct 29, 2019
src/System.IO.FileSystem.AccessControl/tests/FileSystemAclExtensionsTests.cs
Show resolved
Hide resolved
Author
|
@JeremyKuhne @danmosemsft @stephentoub @jkotas I have addressed the latest comments/suggestions and the build passed. Would you mind taking another look? |
JeremyKuhne
reviewed
Oct 29, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Show resolved
Hide resolved
JeremyKuhne
approved these changes
Oct 29, 2019
danmoseley
reviewed
Oct 29, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Show resolved
Hide resolved
danmoseley
reviewed
Oct 29, 2019
src/System.IO.FileSystem.AccessControl/src/System/IO/FileSystemAclExtensions.netcoreapp.cs
Show resolved
Hide resolved
danmoseley
reviewed
Oct 29, 2019
| } | ||
| if ((rights & FileSystemRights.WriteData) != 0 || ((int)rights & Interop.Kernel32.GenericOperations.GENERIC_WRITE) != 0) | ||
| { | ||
| access = access == FileAccess.Read ? FileAccess.ReadWrite : FileAccess.Write; |
Member
There was a problem hiding this comment.
nit: our style would be to parenthesize
access = (access == FileAccess.Read) ? FileAccess.ReadWrite : FileAccess.Write;
danmoseley
reviewed
Oct 29, 2019
|
|
||
| Assert.Throws<ArgumentNullException>("fileInfo", () => | ||
| { | ||
| if (PlatformDetection.IsFullFramework) |
Member
There was a problem hiding this comment.
Nit, there's a bunch of repetition among these tests, you could do
private void FileInfoCreate(info, mode, rights, share, buffer, options, security)
{
if (PlatformDetection.IsFullFramework)
{
FileSystemAclExtensions.Create(....);
}
else
{
info.Create(...);
}
}Then your test would be just eg
[Fact]
public void FileInfo_Create_NullFileSecurity()
{
FileInfo info = new FileInfo("path");
Assert.Throws<ArgumentNullException>("fileSecurity", () => FileInfoCreate(info, FileMode.Create, FileSystemRights.WriteData, FileShare.Read, DefaultBufferSize, FileOptions.None, null);
}
Member
There was a problem hiding this comment.
Or - another idea. You could have a separate source file that's only included when building tests for .NET Framework which defines your new extension method and just passes it through to the .NET Framework method. That might be nice because the tests themselves don't need to know it exists. They just call the .NET Core method.
If it's worth doing, you coudl do it later.
Member
There was a problem hiding this comment.
Generally you want tests to be short and sweet, because that makes it easier to see what changes between them (what the test cases are)
Author
There was a problem hiding this comment.
Totally understood, @danmosemsft . Would it be ok if I address this in a separate PR so I get this merged today?
danmoseley
approved these changes
Oct 29, 2019
Member
danmoseley
left a comment
danmoseley
left a comment
There was a problem hiding this comment.
Feel free to defer any minor things until after the port.
Dotnet-GitSync-Bot
pushed a commit
to Dotnet-GitSync-Bot/mono
that referenced
this pull request
Oct 29, 2019
Approved API Proposal: #41614 Related change for directory creation method that takes an ACL: #41834 -merged and ported to 3.1 Prev2 Description We have extension methods in System.IO.FileSystem.AclExtensions that let the user get and set ACLs for existing files, but we do not have methods that create files with predefined ACLs. .NET ACL (Access Control List) support is Windows specific. This change will reside inside the System.IO.FileSystem.AccessControl assembly. Customer impact Before this change, customers had to create a file or filestream, then set its ACLs. This presents a few problems: Potential security hole as files can be accessed between creation and modification. Porting difficulties as there isn't a 1-1 API replacement Stability issues with background processes (file filters) can prevent modifying ACLs right after creation (typically surfaces as a security exception). This change addresses those problems by adding a new extension method that allows creating a file and ensuring the provided ACLs are set during creation. This change is expected to be backported to 3.1. Signed-off-by: dotnet-bot <[email protected]>
Dotnet-GitSync-Bot
pushed a commit
to Dotnet-GitSync-Bot/coreclr
that referenced
this pull request
Oct 30, 2019
Approved API Proposal: #41614 Related change for directory creation method that takes an ACL: #41834 -merged and ported to 3.1 Prev2 Description We have extension methods in System.IO.FileSystem.AclExtensions that let the user get and set ACLs for existing files, but we do not have methods that create files with predefined ACLs. .NET ACL (Access Control List) support is Windows specific. This change will reside inside the System.IO.FileSystem.AccessControl assembly. Customer impact Before this change, customers had to create a file or filestream, then set its ACLs. This presents a few problems: Potential security hole as files can be accessed between creation and modification. Porting difficulties as there isn't a 1-1 API replacement Stability issues with background processes (file filters) can prevent modifying ACLs right after creation (typically surfaces as a security exception). This change addresses those problems by adding a new extension method that allows creating a file and ensuring the provided ACLs are set during creation. This change is expected to be backported to 3.1. Signed-off-by: dotnet-bot <[email protected]>
Dotnet-GitSync-Bot
pushed a commit
to Dotnet-GitSync-Bot/corert
that referenced
this pull request
Oct 30, 2019
Approved API Proposal: #41614 Related change for directory creation method that takes an ACL: #41834 -merged and ported to 3.1 Prev2 Description We have extension methods in System.IO.FileSystem.AclExtensions that let the user get and set ACLs for existing files, but we do not have methods that create files with predefined ACLs. .NET ACL (Access Control List) support is Windows specific. This change will reside inside the System.IO.FileSystem.AccessControl assembly. Customer impact Before this change, customers had to create a file or filestream, then set its ACLs. This presents a few problems: Potential security hole as files can be accessed between creation and modification. Porting difficulties as there isn't a 1-1 API replacement Stability issues with background processes (file filters) can prevent modifying ACLs right after creation (typically surfaces as a security exception). This change addresses those problems by adding a new extension method that allows creating a file and ensuring the provided ACLs are set during creation. This change is expected to be backported to 3.1. Signed-off-by: dotnet-bot <[email protected]>
jkotas
pushed a commit
to dotnet/coreclr
that referenced
this pull request
Oct 30, 2019
Approved API Proposal: #41614 Related change for directory creation method that takes an ACL: #41834 -merged and ported to 3.1 Prev2 Description We have extension methods in System.IO.FileSystem.AclExtensions that let the user get and set ACLs for existing files, but we do not have methods that create files with predefined ACLs. .NET ACL (Access Control List) support is Windows specific. This change will reside inside the System.IO.FileSystem.AccessControl assembly. Customer impact Before this change, customers had to create a file or filestream, then set its ACLs. This presents a few problems: Potential security hole as files can be accessed between creation and modification. Porting difficulties as there isn't a 1-1 API replacement Stability issues with background processes (file filters) can prevent modifying ACLs right after creation (typically surfaces as a security exception). This change addresses those problems by adding a new extension method that allows creating a file and ensuring the provided ACLs are set during creation. This change is expected to be backported to 3.1. Signed-off-by: dotnet-bot <[email protected]>
vargaz
pushed a commit
to mono/mono
that referenced
this pull request
Oct 30, 2019
* Revert removal of SuppressGCTransition from SystemNative_GetTimestamp() (#27473) * Revert removal of SuppressGCTransition from SystemNative_GetTimestamp() * Insert GC_POLL before statement with unmanaged call. * JIT test for insertion of GCPoll Signed-off-by: dotnet-bot <[email protected]> * Add file creation method that takes an ACL (dotnet/corefx#42099) Approved API Proposal: #41614 Related change for directory creation method that takes an ACL: #41834 -merged and ported to 3.1 Prev2 Description We have extension methods in System.IO.FileSystem.AclExtensions that let the user get and set ACLs for existing files, but we do not have methods that create files with predefined ACLs. .NET ACL (Access Control List) support is Windows specific. This change will reside inside the System.IO.FileSystem.AccessControl assembly. Customer impact Before this change, customers had to create a file or filestream, then set its ACLs. This presents a few problems: Potential security hole as files can be accessed between creation and modification. Porting difficulties as there isn't a 1-1 API replacement Stability issues with background processes (file filters) can prevent modifying ACLs right after creation (typically surfaces as a security exception). This change addresses those problems by adding a new extension method that allows creating a file and ensuring the provided ACLs are set during creation. This change is expected to be backported to 3.1. Signed-off-by: dotnet-bot <[email protected]>
jkotas
pushed a commit
to dotnet/corert
that referenced
this pull request
Oct 30, 2019
Approved API Proposal: #41614 Related change for directory creation method that takes an ACL: #41834 -merged and ported to 3.1 Prev2 Description We have extension methods in System.IO.FileSystem.AclExtensions that let the user get and set ACLs for existing files, but we do not have methods that create files with predefined ACLs. .NET ACL (Access Control List) support is Windows specific. This change will reside inside the System.IO.FileSystem.AccessControl assembly. Customer impact Before this change, customers had to create a file or filestream, then set its ACLs. This presents a few problems: Potential security hole as files can be accessed between creation and modification. Porting difficulties as there isn't a 1-1 API replacement Stability issues with background processes (file filters) can prevent modifying ACLs right after creation (typically surfaces as a security exception). This change addresses those problems by adding a new extension method that allows creating a file and ensuring the provided ACLs are set during creation. This change is expected to be backported to 3.1. Signed-off-by: dotnet-bot <[email protected]>
danmoseley
pushed a commit
that referenced
this pull request
Oct 30, 2019
picenka21
pushed a commit
to picenka21/runtime
that referenced
this pull request
Feb 18, 2022
Approved API Proposal: dotnet/corefx#41614 Related change for directory creation method that takes an ACL: dotnet/corefx#41834 -merged and ported to 3.1 Prev2 Description We have extension methods in System.IO.FileSystem.AclExtensions that let the user get and set ACLs for existing files, but we do not have methods that create files with predefined ACLs. .NET ACL (Access Control List) support is Windows specific. This change will reside inside the System.IO.FileSystem.AccessControl assembly. Customer impact Before this change, customers had to create a file or filestream, then set its ACLs. This presents a few problems: Potential security hole as files can be accessed between creation and modification. Porting difficulties as there isn't a 1-1 API replacement Stability issues with background processes (file filters) can prevent modifying ACLs right after creation (typically surfaces as a security exception). This change addresses those problems by adding a new extension method that allows creating a file and ensuring the provided ACLs are set during creation. This change is expected to be backported to 3.1. Commit migrated from dotnet/corefx@508cbc4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Approved API Proposal: #41614
Related change for directory creation method that takes an ACL: #41834 [merged and ported to 3.1 Prev2]
Description
We have extension methods in System.IO.FileSystem.AclExtensions that let the user get and set ACLs for existing files, but we do not have methods that create files with predefined ACLs.
.NET ACL (Access Control List) support is Windows specific. This change will reside inside the System.IO.FileSystem.AccessControl assembly.
Customer impact
Before this change, customers had to create a file or filestream, then set its ACLs. This presents a few problems:
This change is expected to be backported to 3.1.