README
¶
go-access 
A small Go library for checking whether a user has the permissions to access a file (on *nix).
- checks mode on file and
xbit on all its parent directories - checks for permission on all, group, and user modes
- checks for permission on symlinks and resolves them
- the current user needs to have access to the file
- does not check permissions for root but makes all stat system calls regardless
- does not support ACLs
status
- api stability: open issues or PRs if you need anything new for your use case
- bugs: tested locally, probably needs more testing
using
- import access "github.com/delthas/go-access"
docs
license
MIT
Documentation
¶
Overview ¶
Package access has simple functions for checking whether a *nix user has the permissions to access a file (or folder).
Index ¶
Examples ¶
Constants ¶
const Execute = os.FileMode(1)
Execute permission (x)
const Read = os.FileMode(4)
Read permission (r)
const Write = os.FileMode(2)
Write permission (w)
Variables ¶
This section is empty.
Functions ¶
func Uid ¶
Uid checks whether a user has the permissions to access a file.
- uid is the *nix uid of the user
- mode is the requested permission on the file, for example Read, Write, and/or Execute
- path is the path of the file/folder
- returns a PermissionError if the user does not have access the requested access to the file
- returns a non-nil error if the user does not exist (in which case the returned error is a UnknownUserIdError), or if an underlying error occurs when reading permissions
- if the error is nil, the user has the requested access to the file
func Username ¶
Username checks whether a user has the permissions to access a file.
- username is the *nix username of the user
- mode is the requested permission on the file, for example Read, Write, and/or Execute
- path is the path of the file/folder
- returns a PermissionError if the user does not have access the requested access to the file
- returns a non-nil error if the user does not exist (in which case the returned error is a UnknownUserIdError), or if an underlying error occurs when reading permissions
- if the error is nil, the user has the requested access to the file
Example ¶
// check if the current user has access to the current program
file, err := os.Executable()
if err != nil {
panic(err)
}
u, err := user.Current()
if err != nil {
panic(err)
}
err = Username(u.Username, Read, file)
if err != nil {
if e, ok := err.(*PermissionError); !ok {
panic(err)
} else {
fmt.Printf("current user does not have access to this executable: %s\n", e)
return
}
} else {
fmt.Println("current user can access this executable!")
}
Output: current user can access this executable!
Types ¶
type PermissionError ¶
type PermissionError struct {
// path of the file/folder for which the permission check failed
File string
// permissions of the file
FileMode os.FileMode
// uid of the file
FileUid int
// gid of the file
FileGid int
// uid of the user whose permission is checked
Uid int
// gid of the premiary and all secondary groups of the user whose permission is checked
Gid []int
// permissions requested for the file (can be different from the one requested in Uid or Username)
WantMode os.FileMode
}
PermissionError is returned by Uid and Username when a user does not have sufficient permissions to access the requested file or folder.
It contains data about the file for which the permission check failed, which can be different from the requested file.
func (*PermissionError) Error ¶
func (p *PermissionError) Error() string
Source Files