Respect process-level umask when creating temporary staging files. (#3)

LTLA · web-flow · commit a8b3928632e2 · 2025-02-24T16:43:06.000-08:00
tempfile automatically creates files/directories with 0o*00 permissions,
which usually means that the gobbler's service account can't read them.
chmod'ing can help but will override FACLs which is not desirable, e.g., the
gobbler service account can't delete non-empty directories.

The best solution is to respect the process-level umask when creating
tempfiles.  So we use the tempfile.mk*temp() functions to suggest a name, and
then we actually create the file/dir via regular Python functions.
diff --git a/src/pygobbler/_utils.py b/src/pygobbler/_utils.py
@@ -22,9 +22,15 @@ def dump_request(staging: str, url: str, action: str, payload: Optional[Dict]) -
     else:
         as_str = json.dumps(payload, indent=4)
 
+    # Doing this little shuffle to get the right permissions. tempfile loves to
+    # create 0o600 directories that the gobbler service account can't actually
+    # read, so we just delete it and create it again under the more permissive
+    # umask. Unfortunately we can't use chmod as this screws up FACLs.
     prefix = "request-" + action + "-"
     fd, holding_name = tempfile.mkstemp(dir=staging, prefix=prefix)
-    with os.fdopen(fd, "w") as handle:
+    os.close(fd)
+    os.remove(holding_name)
+    with open(holding_name, "w") as handle:
         handle.write(as_str)
 
     res = requests.post(url + "/new/" + os.path.basename(holding_name))
diff --git a/src/pygobbler/allocate_upload_directory.py b/src/pygobbler/allocate_upload_directory.py
@@ -1,7 +1,10 @@
+import os
+import tempfile
+
+
 def allocate_upload_directory(staging: str) -> str:
     """
-    Allocate a subdirectory in the staging directory to prepare files for
-    upload via :py:func:`~.upload_directory`.
+    Allocate a subdirectory in the staging directory to prepare files for upload via :py:func:`~.upload_directory`.
 
     Args:
         staging:
@@ -10,5 +13,11 @@ def allocate_upload_directory(staging: str) -> str:
     Returns:
         Path to a new subdirectory for staging uploads.
     """
-    import tempfile
-    return tempfile.mkdtemp(dir=staging)
+    trial = tempfile.mkdtemp(dir=staging)
+    # Doing this little shuffle to get the right permissions. tempfile loves to
+    # create 0o700 directories that the gobbler service account can't actually
+    # read, so we just delete it and create it again under the more permissive
+    # umask. Unfortunately we can't use chmod as this screws up FACLs.
+    os.rmdir(trial)
+    os.mkdir(trial)
+    return trial
