2024-07-14 00:24:16 +00:00
|
|
|
# typed: strict
|
2020-04-18 15:44:24 +01:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2023-02-20 10:22:39 -08:00
|
|
|
require "rubocops/extend/formula_cop"
|
2020-04-18 15:44:24 +01:00
|
|
|
|
|
|
|
|
module RuboCop
|
|
|
|
|
module Cop
|
|
|
|
|
module FormulaAudit
|
2020-08-26 02:31:31 +02:00
|
|
|
# This cop makes sure that a formula's file permissions are correct.
|
2023-02-20 18:10:59 -08:00
|
|
|
class Files < FormulaCop
|
2024-07-07 15:18:29 -04:00
|
|
|
sig { override.params(formula_nodes: FormulaNodes).void }
|
|
|
|
|
def audit_formula(formula_nodes)
|
2020-04-18 15:44:24 +01:00
|
|
|
return unless file_path
|
|
|
|
|
|
2023-01-25 16:05:02 +00:00
|
|
|
# Codespaces routinely screws up all permissions so don't complain there.
|
|
|
|
|
return if ENV["CODESPACES"] || ENV["HOMEBREW_CODESPACES"]
|
|
|
|
|
|
2024-07-07 15:18:29 -04:00
|
|
|
offending_node(formula_nodes.node)
|
2020-04-18 15:44:24 +01:00
|
|
|
actual_mode = File.stat(file_path).mode
|
|
|
|
|
# Check that the file is world-readable.
|
|
|
|
|
if actual_mode & 0444 != 0444
|
|
|
|
|
problem format("Incorrect file permissions (%03<actual>o): chmod %<wanted>s %<path>s",
|
|
|
|
|
actual: actual_mode & 0777,
|
2024-02-20 16:06:36 -05:00
|
|
|
wanted: "a+r",
|
2020-04-18 15:44:24 +01:00
|
|
|
path: file_path)
|
|
|
|
|
end
|
|
|
|
|
# Check that the file is user-writeable.
|
|
|
|
|
if actual_mode & 0200 != 0200
|
|
|
|
|
problem format("Incorrect file permissions (%03<actual>o): chmod %<wanted>s %<path>s",
|
|
|
|
|
actual: actual_mode & 0777,
|
|
|
|
|
wanted: "u+w",
|
|
|
|
|
path: file_path)
|
|
|
|
|
end
|
|
|
|
|
# Check that the file is *not* other-writeable.
|
|
|
|
|
return if actual_mode & 0002 != 002
|
|
|
|
|
|
|
|
|
|
problem format("Incorrect file permissions (%03<actual>o): chmod %<wanted>s %<path>s",
|
|
|
|
|
actual: actual_mode & 0777,
|
|
|
|
|
wanted: "o-w",
|
|
|
|
|
path: file_path)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
