Implement update_acl_on_path()

This allows to update or extend the existing ACL on path. Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2024-09-23 21:21:40 +02:00 · 2024-09-23 21:21:40 +02:00 · 7c56d619fe
commit 7c56d619fe
parent efc419757e
1 changed files with 24 additions and 0 deletions
--- a/pyacl/acl.py
+++ b/pyacl/acl.py
@ -243,6 +243,30 @@ def apply_acl_to_path(acl, path):
  acl.applyto(path)


+def update_acl_on_path(new_acl, path):
+  """
+  Example usage: update_acl_on_path(posix1e.ACL, '/etc/foo.txt')
+  Return: None
+  """
+  acl = read_acl_from_path(path)
+  for entry in new_acl:
+    tag_type = entry.tag_type
+
+    # keep existing entries which may only exist once
+    if tag_type not in [ACL_USER_OBJ, ACL_GROUP_OBJ, ACL_OTHER, ACL_MASK]:
+
+      # replace existing user/group entries with new ones if the uid/gid matches
+      if tag_type in [ACL_USER, ACL_GROUP]:
+        for existing_entry in acl:
+          if tag_type == existing_entry.tag_type:
+            if entry.qualifier == existing_entry.qualifier:
+              acl.delete_entry(existing_entry)
+
+      acl.append(entry)
+
+  return apply_acl_to_path(acl, path)
+
+
 def read_acl_from_path(path):
  """
  Example usage: read_acl_from_path('/etc/foo.txt')