Class FileSecurityUtil


  • public abstract class FileSecurityUtil
    extends java.lang.Object
    Author:
    Maxim Podkolzine (maxim.podkolzine@jetbrains.com)
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void checkInsideDirectory​(java.io.File destinationFile, java.io.File allowedDirectory)
      Checks that destinationFile is inside the allowedDirectory.
      static void checkSecurityViolation​(java.lang.String fileName, AuthorityHolder currentAuthHolder)
      Checks that fileName is a correct relative file name.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • FileSecurityUtil

        public FileSecurityUtil()
    • Method Detail

      • checkSecurityViolation

        public static void checkSecurityViolation​(@NotNull
                                                  java.lang.String fileName,
                                                  AuthorityHolder currentAuthHolder)
        Checks that fileName is a correct relative file name.
        Parameters:
        fileName - the relative name of file
        currentAuthHolder - current authority holder
      • checkInsideDirectory

        public static void checkInsideDirectory​(@NotNull
                                                java.io.File destinationFile,
                                                @NotNull
                                                java.io.File allowedDirectory)
        Checks that destinationFile is inside the allowedDirectory. The message of the exception thrown should not be shown to users as it exposes server paths.
        Parameters:
        destinationFile - the destination file
        allowedDirectory - allowed directory