summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/File.hs
diff options
context:
space:
mode:
authorJoey Hess2014-07-17 22:35:59 -0400
committerJoey Hess2014-07-17 22:35:59 -0400
commitcfb758d655ec9e825cfd25c233c2c55589324236 (patch)
tree94824c425d549e09641e02c7b041a279d9b7934d /src/Propellor/Property/File.hs
parent91d148215aba848a0af7d7106a3303ecbbb844f1 (diff)
better hasPrivContentExposed
Avoid locking down and then lossening the file mode; just use the default/current mode from the beginning.
Diffstat (limited to 'src/Propellor/Property/File.hs')
-rw-r--r--src/Propellor/Property/File.hs24
1 files changed, 15 insertions, 9 deletions
diff --git a/src/Propellor/Property/File.hs b/src/Propellor/Property/File.hs
index 0e738f25..07ac8c26 100644
--- a/src/Propellor/Property/File.hs
+++ b/src/Propellor/Property/File.hs
@@ -18,17 +18,23 @@ f `hasContent` newcontent = fileProperty ("replace " ++ f)
-- The file's permissions are preserved if the file already existed.
-- Otherwise, they're set to 600.
hasPrivContent :: FilePath -> Context -> Property
-hasPrivContent f context = withPrivData (PrivFile f) context $ \getcontent ->
- property desc $ getcontent $ \privcontent ->
- ensureProperty $ fileProperty' writeFileProtected desc
- (\_oldcontent -> lines privcontent) f
- where
- desc = "privcontent " ++ f
+hasPrivContent = hasPrivContent' writeFileProtected
--- | Leaves the file world-readable.
+-- | Leaves the file at its default or current mode,
+-- allowing "private" data to be read.
+--
+-- Use with caution!
hasPrivContentExposed :: FilePath -> Context -> Property
-hasPrivContentExposed f context = hasPrivContent f context `onChange`
- mode f (combineModes (ownerWriteMode:readModes))
+hasPrivContentExposed = hasPrivContent' writeFile
+
+hasPrivContent' :: (String -> FilePath -> IO ()) -> FilePath -> Context -> Property
+hasPrivContent' writer f context =
+ withPrivData (PrivFile f) context $ \getcontent ->
+ property desc $ getcontent $ \privcontent ->
+ ensureProperty $ fileProperty' writer desc
+ (\_oldcontent -> lines privcontent) f
+ where
+ desc = "privcontent " ++ f
-- | Ensures that a line is present in a file, adding it to the end if not.
containsLine :: FilePath -> Line -> Property