Skip to content

Add acl support to libpna#2671

Draft
ChanTsune wants to merge 3 commits into
mainfrom
1585-add-acl-support-to-libpna
Draft

Add acl support to libpna#2671
ChanTsune wants to merge 3 commits into
mainfrom
1585-add-acl-support-to-libpna

Conversation

@ChanTsune
Copy link
Copy Markdown
Owner

@ChanTsune ChanTsune commented Feb 1, 2026

No description provided.

@ChanTsune ChanTsune linked an issue Feb 1, 2026 that may be closed by this pull request
Add ACL support to libpna #1585
Open
@ChanTsune ChanTsune marked this pull request as draft February 1, 2026 00:49
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented Feb 1, 2026
edited
Loading

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: dcdbcb8c-d295-49d6-9471-fb6f5719c713

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch 1585-add-acl-support-to-libpna

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@gemini-code-assist
Copy link
Copy Markdown
Contributor

gemini-code-assist Bot commented Feb 1, 2026

Summary of Changes

Hello @ChanTsune, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the libpna library by introducing robust support for Access Control Lists (ACLs). It establishes a flexible framework to handle ACLs across various operating systems, integrating them seamlessly into the library's core data structures and archive format. This allows for the preservation and retrieval of detailed file access permissions, expanding the utility and compatibility of the library.

Highlights

  • New ACL Module: Introduced a new acl module with data structures for representing Access Control Lists (ACLs), including AclPlatform, AclType, AceType, AcePermission, AceFlag, Ace, and Acl.
  • Multi-Platform ACL Support: The AcePermission and AceFlag structs, powered by the bitflags crate, define comprehensive permission and flag constants for POSIX, macOS, Windows, and NFSv4 ACL systems.
  • Serialization and Deserialization: The Ace and Acl structs include methods (to_bytes, write_into, try_from_bytes) for efficient serialization and deserialization of ACL data to and from byte arrays.
  • Dependency Updates: Added bitflags as a core dependency and windows (with specific features for file system and security APIs) as a Windows-specific development dependency to Cargo.toml and Cargo.lock.
  • Integration into Archive Format: A new ChunkType::fACL was added to lib/src/chunk/types.rs, and the NormalEntry struct in lib/src/entry.rs was extended to store and process ACLs, allowing them to be included in the archive format.
  • Entry Builder Updates: The EntryBuilder in lib/src/entry/builder.rs was updated to support the creation and inclusion of ACLs when building new archive entries.
  • Windows ACL Constant Verification: A new test file lib/tests/windows_acl_values.rs was added to ensure that the defined Windows ACL permission constants correctly map to the windows crate's constants.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Feb 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces support for Access Control Lists (ACLs) in libpna. A new acl module is added with data structures for representing ACLs from different platforms (POSIX, macOS, Windows, NFSv4) in a unified format. The changes include a new fACL chunk type, and integration into NormalEntry for serialization and deserialization.

The implementation is comprehensive, but I've found a few critical issues:

  • The EntryBuilder is missing a public API to add ACLs, which makes the feature unusable when building new entries.
  • The AceFlag bitflags use overlapping values for different platforms, which is error-prone.
  • There's a potential for a panic when serializing an Acl with a large number of entries.

I've left specific comments with suggestions on how to address these points. Additionally, a new test file for verifying Windows ACL constant values is a great addition for ensuring correctness.

Comment thread lib/src/entry/builder.rs
Comment thread lib/src/acl.rs
Comment thread lib/src/acl.rs
impl Acl {
#[inline]
pub(crate) fn to_bytes(&self) -> Vec<u8> {
let entry_count = self.entries.len() as u16;
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Feb 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The conversion self.entries.len() as u16 will panic with an overflow if the number of entries exceeds 65,535. While a very large number of ACEs is unlikely, it's safer to handle this case gracefully. Since this function doesn't return a Result, an explicit check with expect is a good way to provide a more informative panic message.

Suggested change
let entry_count = self.entries.len() as u16;
let entry_count = u16::try_from(self.entries.len())
.expect("number of ACL entries should not exceed u16::MAX");

@ChanTsune ChanTsune force-pushed the 1585-add-acl-support-to-libpna branch from e626a43 to 1a6c195 Compare February 1, 2026 00:55
@github-actions github-actions Bot added dependencies Pull requests that update a dependency file lib This issue is about lib crate labels Feb 1, 2026
github-advanced-security[bot]
github-advanced-security AI found potential problems Feb 1, 2026
View reviewed changes
Comment thread lib/src/acl.rs Fixed
Comment thread lib/src/acl.rs Fixed
Comment thread lib/src/acl.rs Fixed
Comment thread lib/src/acl.rs Fixed
@ChanTsune ChanTsune force-pushed the 1585-add-acl-support-to-libpna branch from fd14591 to 4a53c7d Compare February 21, 2026 01:28
ChanTsune added 3 commits May 14, 2026 20:56
@ChanTsune
➕ Add bitflags to libpna dependencies
bde5e86
@ChanTsune
🚧 Add AclPlatform enum and acl module
3b7368f 
Introduces the AclPlatform enum in a new acl module to represent different ACL platforms. Updates lib.rs to include the new acl module.
Introduces ACL-related enums, structs, and bitflags for permissions and flags in acl.rs. Updates lib.rs to properly declare the acl module, laying groundwork for ACL support.
@ChanTsune
🚧 Add public ACL API constructors and EntryBuilder::add_acl()
8d5ba8e 
- Add TryFrom<u8> for AceType to allow byte conversion
- Add ace_type field to Ace struct with serialization support
- Add Ace::new() constructor for creating access control entries
- Add Acl::new() constructor for creating access control lists
- Add EntryBuilder::add_acl() method to add ACLs to entries
@ChanTsune ChanTsune force-pushed the 1585-add-acl-support-to-libpna branch from 4a53c7d to 8d5ba8e Compare May 14, 2026 13:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file lib This issue is about lib crate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add ACL support to libpna

2 participants

@ChanTsune @github-advanced-security