在java中检查文件创建权限的最佳方法是什么
我需要检查特定目录的文件创建权限。
我已经尝试过:
try {
AccessController.checkPermission(new FilePermission("directory_path", "write"));
// Have permission
} catch (SecurityException e) {
// Doesn't have permission
}
...但这总是抛出 SecurityException (据我所知,这检查的不是底层的 fs 权限,而是一些应该显式配置的 JVM 设置)。
另一种可能的方法是使用类似这样的方法:
File f = new File("directory_path");
if(f.canWrite()) {
// Have permission
} else {
// Doesn't have permission
}
...但即使我无法在指定目录中创建文件,这也会返回 true (例如,当我在没有管理员权限的用户下运行我的应用程序时,我无法在“c:\”中创建文件,但 f.canWrite() 返回 true)。
最后我做了类似的黑客:
File f = new File("directory_path");
try {
File.createTempFile("check", null, f).delete();
// Have permission
} catch (IOException e) {
// Doesn't have permission
}
...但这可能只能作为临时解决方案,因为我需要为客户端文件系统上的几乎所有文件夹获得此类权限。
有谁知道如何很好地获得真正的文件创建权限,而不会导致上述性能问题和黑客攻击?
I need to check for file creation permissions for specific directory.
I've tried:
try {
AccessController.checkPermission(new FilePermission("directory_path", "write"));
// Have permission
} catch (SecurityException e) {
// Doesn't have permission
}
... but this always throws SecurityException (as far as I've understood this checks not underlying fs permissions but some JVM settings that should be configured explicitly).
Another possible way was to use something like this:
File f = new File("directory_path");
if(f.canWrite()) {
// Have permission
} else {
// Doesn't have permission
}
... but this returns true even if I cannot create file in specified directory (For example I cannot create file in "c:\" when I run my app under user without admin privileges, but f.canWrite() returns true).
In the end I've done hack similar to this:
File f = new File("directory_path");
try {
File.createTempFile("check", null, f).delete();
// Have permission
} catch (IOException e) {
// Doesn't have permission
}
... but this may serve only as a temporary solution since I need to get such permissions for almost all folders on client's fs.
Does anybody know how to get REAL file creation permissions nicely, without causing performance issues and hacks described above?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
测试任何资源的可用性/可用性的最佳方法是尝试使用它。在本例中,
new FileOutputStream(new File(dir, name))。如果目录不可写,或者文件已经存在但不可写,等等,它将抛出 IOException 。当您执行该代码时,操作系统已经必须执行所有这些检查:尝试全部复制是没有意义的,即使您 100% 正确(这不太可能),您仍然会引入一个计时窗口,其中先前的“true”条件可能会由于异步活动而变为“false” 。无论如何,您都必须捕获文件创建过程中的异常,并在 catch 块中编写代码来处理它们:为什么要写两次呢?The best way to test the availability/usability of any resource is to try to use it. In this case,
new FileOutputStream(new File(dir, name)). It will throw anIOExceptionif the directory isn't writable, or the file already exists and isn't writable, etc etc etc. The operating system already has to do all those checks when you execute that code: there is no point in trying to duplicate it all, and even if you get it 100% right, which is unlikely, you are still introducing a timing window in which the previously 'true' condition can become 'false' due to asynchronous activity. You have to catch exceptions from the file creation anyway, and write code in the catch block to handle them: why write all that twice?