...
 
Commits (2)
...@@ -95,6 +95,9 @@ bash --version ...@@ -95,6 +95,9 @@ bash --version
* You must have docker on your mac.(see [Mac-OS docker installation](https://docs.docker.com/docker-for-mac/install/)) * You must have docker on your mac.(see [Mac-OS docker installation](https://docs.docker.com/docker-for-mac/install/))
__*note*__: don't forget to add folders we want to mount on Docker preferences (preferences -> File Sharing -> +)
# Installation # Installation
1. Clone the photos_montage_aladin repository: 1. Clone the photos_montage_aladin repository:
......
...@@ -24,6 +24,16 @@ function_message() ...@@ -24,6 +24,16 @@ function_message()
echo -e "WARNING => ${message}" echo -e "WARNING => ${message}"
echo -e "=========================================================${COLOR_OFF}" echo -e "=========================================================${COLOR_OFF}"
elif [ "$type_message" == "TYPE_MOUNT_ERROR" ]; then
echo ""
echo "------------------------------------"
echo ""
echo -e "${RED}========================================================="
echo -e "${message}"
echo -e "on volume mounted : ${option}"
echo -e "=========================================================${COLOR_OFF}"
elif [ "$type_message" == "TYPE_FILE_ERROR" ]; then elif [ "$type_message" == "TYPE_FILE_ERROR" ]; then
echo "" echo ""
...@@ -673,6 +683,134 @@ function_check_number() ...@@ -673,6 +683,134 @@ function_check_number()
} }
function_check_permission_volume()
{
# function_check_permission_volume: check if user have read and write
# permissions for the input volume.
# input: volume
# returns:
# return TRUE if permission OK else FALSE
volume=$1
volume_permissions=$(namei -l $volume | tail -n 1 | awk -F" " '{print $1}')
volume_type=${volume_permissions:0:1}
volume_owner_permissions=${volume_permissions:1:3}
volume_group_permissions=${volume_permissions:4:3}
volume_others_permissions=${volume_permissions:7:3}
volume_owner=$(namei -l $volume | tail -n 1 | awk -F" " '{print $2}')
volume_group_owner=$(namei -l $volume | tail -n 1 | awk -F" " '{print $3}')
user_name=$(whoami)
user_groups=$(id | awk -F " " '{print $3}' | sed 's/^groupes//g' | sed 's/[0-9()=]//g')
tab_user_groups=( ${user_groups//,/ } )
if [[ $user_name == $volume_owner ]]; then
# -----------------------------------------#
# case user is volume owner
# -----------------------------------------#
if [[ $volume_owner_permissions == "rwx" || $volume_owner_permissions == "rw-" ]]; then
#case user could read and write on volume
AUTHORIZATION="TRUE"
else
#case user could not read and write on volume
#we check group authorization
if [[ "${tab_user_groups[@]}" =~ "$volume_group_owner" ]]; then
#case group volume is in user group list
if [[ $volume_group_permissions == "rwx" || $volume_group_permissions == "rw-" ]]; then
#case group volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case group volume not allow user to read and write
#we check other volume permissions
if [[ $volume_others_permissions == "rwx" || $volume_others_permissions == "rw-" ]]; then
#case other permissions volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case other permissions volume not allow user to read and write
AUTHORIZATION="FALSE"
fi
fi
else
#case group volume is not in user group list
#we check other volume permissions
if [[ $volume_others_permissions == "rwx" || $volume_others_permissions == "rw-" ]]; then
#case other permissions volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case other permissions volume not allow user to read and write
AUTHORIZATION="FALSE"
fi
fi
fi
else
# -----------------------------------------#
# case user is not volume owner
# -----------------------------------------#
if [[ "${tab_user_groups[@]}" =~ "$volume_group_owner" ]]; then
#case group volume is in user group list
if [[ $volume_group_permissions == "rwx" || $volume_group_permissions == "rw-" ]]; then
#case group volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case group volume not allow user to read and write
#we check other volume permissions
if [[ $volume_others_permissions == "rwx" || $volume_others_permissions == "rw-" ]]; then
#case other permissions volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case other permissions volume not allow user to read and write
AUTHORIZATION="FALSE"
fi
fi
else
#case group volume is not in user group list
#we check other volume permissions
if [[ $volume_others_permissions == "rwx" || $volume_others_permissions == "rw-" ]]; then
#case other permissions volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case other permissions volume not allow user to read and write
AUTHORIZATION="FALSE"
fi
fi
fi
echo "$AUTHORIZATION"
}
function_jar_updated_search() function_jar_updated_search()
{ {
# function_jar_updated_search: get the last jar version # function_jar_updated_search: get the last jar version
...@@ -923,6 +1061,17 @@ if [[ $OUTPUT_FOLDER_LINUX != $OLD_OUTPUT_FOLDER_LINUX && $VOLUME_MOUNT != "NONE ...@@ -923,6 +1061,17 @@ if [[ $OUTPUT_FOLDER_LINUX != $OLD_OUTPUT_FOLDER_LINUX && $VOLUME_MOUNT != "NONE
if [ "$CHAINE" != "" ]; then if [ "$CHAINE" != "" ]; then
OUTPUT_FOLDER_ON_VOLUME_MOUNT="TRUE" OUTPUT_FOLDER_ON_VOLUME_MOUNT="TRUE"
result_check_permission=`function_check_permission_volume $VOLUME_MOUNT`
echo "result_check_permission=$result_check_permission"
if [ $result_check_permission != 'TRUE' ]; then
function_message "TYPE_MOUNT_ERROR" "you do not have permission to write and / or read" $VOLUME_MOUNT
exit 0
fi
fi fi
fi fi
......
...@@ -674,6 +674,134 @@ function_check_number() ...@@ -674,6 +674,134 @@ function_check_number()
} }
function_check_permission_volume()
{
# function_check_permission_volume: check if user have read and write
# permissions for the input volume.
# input: volume
# returns:
# return TRUE if permission OK else FALSE
volume=$1
volume_permissions=$(namei -l $volume | tail -n 1 | awk -F" " '{print $1}')
volume_type=${volume_permissions:0:1}
volume_owner_permissions=${volume_permissions:1:3}
volume_group_permissions=${volume_permissions:4:3}
volume_others_permissions=${volume_permissions:7:3}
volume_owner=$(namei -l $volume | tail -n 1 | awk -F" " '{print $2}')
volume_group_owner=$(namei -l $volume | tail -n 1 | awk -F" " '{print $3}')
user_name=$(whoami)
user_groups=$(id | awk -F " " '{print $3}' | sed 's/^groupes//g' | sed 's/[0-9()=]//g')
tab_user_groups=( ${user_groups//,/ } )
if [[ $user_name == $volume_owner ]]; then
# -----------------------------------------#
# case user is volume owner
# -----------------------------------------#
if [[ $volume_owner_permissions == "rwx" || $volume_owner_permissions == "rw-" ]]; then
#case user could read and write on volume
AUTHORIZATION="TRUE"
else
#case user could not read and write on volume
#we check group authorization
if [[ "${tab_user_groups[@]}" =~ "$volume_group_owner" ]]; then
#case group volume is in user group list
if [[ $volume_group_permissions == "rwx" || $volume_group_permissions == "rw-" ]]; then
#case group volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case group volume not allow user to read and write
#we check other volume permissions
if [[ $volume_others_permissions == "rwx" || $volume_others_permissions == "rw-" ]]; then
#case other permissions volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case other permissions volume not allow user to read and write
AUTHORIZATION="FALSE"
fi
fi
else
#case group volume is not in user group list
#we check other volume permissions
if [[ $volume_others_permissions == "rwx" || $volume_others_permissions == "rw-" ]]; then
#case other permissions volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case other permissions volume not allow user to read and write
AUTHORIZATION="FALSE"
fi
fi
fi
else
# -----------------------------------------#
# case user is not volume owner
# -----------------------------------------#
if [[ "${tab_user_groups[@]}" =~ "$volume_group_owner" ]]; then
#case group volume is in user group list
if [[ $volume_group_permissions == "rwx" || $volume_group_permissions == "rw-" ]]; then
#case group volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case group volume not allow user to read and write
#we check other volume permissions
if [[ $volume_others_permissions == "rwx" || $volume_others_permissions == "rw-" ]]; then
#case other permissions volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case other permissions volume not allow user to read and write
AUTHORIZATION="FALSE"
fi
fi
else
#case group volume is not in user group list
#we check other volume permissions
if [[ $volume_others_permissions == "rwx" || $volume_others_permissions == "rw-" ]]; then
#case other permissions volume allow user to read and write
AUTHORIZATION="TRUE"
else
#case other permissions volume not allow user to read and write
AUTHORIZATION="FALSE"
fi
fi
fi
echo "$AUTHORIZATION"
}
function_jar_updated_search() function_jar_updated_search()
{ {
# function_jar_updated_search: get the last jar version # function_jar_updated_search: get the last jar version
...@@ -940,6 +1068,16 @@ if [[ $OUTPUT_FOLDER_MACOS != $OLD_OUTPUT_FOLDER_MACOS && $VOLUME_MOUNT != "NONE ...@@ -940,6 +1068,16 @@ if [[ $OUTPUT_FOLDER_MACOS != $OLD_OUTPUT_FOLDER_MACOS && $VOLUME_MOUNT != "NONE
if [ "$CHAINE" != "" ]; then if [ "$CHAINE" != "" ]; then
OUTPUT_FOLDER_ON_VOLUME_MOUNT="TRUE" OUTPUT_FOLDER_ON_VOLUME_MOUNT="TRUE"
result_check_permission=`function_check_permission_volume $VOLUME_MOUNT`
echo "result_check_permission=$result_check_permission"
if [ $result_check_permission != 'TRUE' ]; then
function_message "TYPE_MOUNT_ERROR" "you do not have permission to write and / or read" $VOLUME_MOUNT
exit 0
fi
fi fi
fi fi
......