GH-15972: Add Configuration Option Filtering File System For Reading …

…and Writing

h2o-core/src/main/java/water/H2O.java

@@ -30,6 +30,8 @@
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.net.*;
+import java.nio.file.FileSystems;
+import java.nio.file.PathMatcher;
 import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.atomic.AtomicInteger;
@@ -323,6 +325,9 @@ public static void printHelp() {
     public String context_path = "";
 
     public KeyValueArg[] extra_headers = new KeyValueArg[0];
+
+    public PathMatcher file_deny_glob = FileSystems.getDefault().getPathMatcher("glob:{/bin/*,/etc/*,/var/*,/usr/*,/proc/*,**/.**}");
+
   }
 
   public static class KeyValueArg {
@@ -843,7 +848,17 @@ else if(s.matches(("client_disconnect_timeout"))){
         i = s.incrementAndCheck(i, args);
         String value = args[i];
         trgt.extra_headers = ArrayUtils.append(trgt.extra_headers, new KeyValueArg(key, value));
-      } else if(s.matches("embedded")) {
+      } else if (s.matches("file_deny_glob")) {
+        i = s.incrementAndCheck(i, args);
+        String key = args[i];
+        try {
+          trgt.file_deny_glob = FileSystems.getDefault().getPathMatcher("glob:" + key);
+        }
+        catch (Exception e) {
+          throw new IllegalArgumentException("Error parsing file_deny_glob parameter");
+        }
+      }
+      else if(s.matches("embedded")) {
         trgt.embedded = true;
       } else {
         parseFailed("Unknown argument (" + s + ")");

h2o-core/src/main/java/water/exceptions/H2OFileAccessDeniedException.java

@@ -0,0 +1,16 @@
+package water.exceptions;
+
+/**
+ * Exception thrown when a file matches file_deny_glob
+ */
+public class H2OFileAccessDeniedException extends H2OAbstractRuntimeException {
+
+  public H2OFileAccessDeniedException(String message, String dev_message) {
+    super(message, dev_message);
+  }
+
+  public H2OFileAccessDeniedException(String message) {
+    super(message, message);
+  }
+
+}

h2o-core/src/main/java/water/fvec/Frame.java

@@ -5,6 +5,7 @@
 import water.*;
 import water.api.FramesHandler;
 import water.api.schemas3.KeyV3;
+import water.exceptions.H2OFileAccessDeniedException;
 import water.exceptions.H2OIllegalArgumentException;
 import water.parser.BinaryFormatExporter;
 import water.parser.BufferedString;
@@ -14,7 +15,6 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.util.*;
-import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
 /** A collection of named {@link Vec}s, essentially an R-like Distributed Data Frame.
@@ -1590,6 +1590,9 @@ public static Job export(Frame fr, String path, String frameName, boolean overwr
                            String compression, CSVStreamParams csvParms) {
     boolean forceSingle = nParts == 1;
     // Validate input
+    if (H2O.getPM().isFileAccessDenied(path)) {
+      throw new H2OFileAccessDeniedException("File " + path + " access denied");
+    }
     if (forceSingle) {
       boolean fileExists = H2O.getPM().exists(path);
       if (overwrite && fileExists) {
@@ -1613,6 +1616,9 @@ public static Job export(Frame fr, String path, String frameName, boolean overwr
 
   public static Job exportParquet(Frame fr, String path, boolean overwrite, String compression, boolean writeChecksum) {
     // Validate input
+    if (H2O.getPM().isFileAccessDenied(path)) {
+      throw new H2OFileAccessDeniedException("File " + path + " access denied");
+    }
     if (! H2O.getPM().isEmptyDirectoryAllNodes(path)) {
       throw new H2OIllegalArgumentException(path, "exportFrame", "Cannot use path " + path +
               " to store part files! The target needs to be either an existing empty directory or not exist yet.");

h2o-core/src/main/java/water/persist/Persist.java

@@ -302,4 +302,5 @@ public boolean delete(String path) {
   public boolean canHandle(String path) {
     throw new RuntimeException("Not implemented");
   }
+
 }

h2o-core/src/main/java/water/persist/PersistManager.java

@@ -16,6 +16,7 @@
 import java.net.HttpURLConnection;
 import java.net.URI;
 import java.net.URL;
+import java.nio.file.Path;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
@@ -841,6 +842,21 @@ public Persist getPersistForURI(URI uri) {
     }
   }
 
+  /**
+   * Returns true when path matches file_deny_glob input argument
+   *
+   * @param path path to a file
+   * @return boolean
+   */
+  public boolean isFileAccessDenied(String path) {
+    File f = new File(FileUtils.getURI(path));
+    return isFileAccessDenied(f.toPath());
+  }
+
+  public boolean isFileAccessDenied(Path path) {
+    return H2O.ARGS.file_deny_glob.matches(path.normalize());
+  }
+
   /**
    * Finds all entries in the list that matches the regex
    * @param prefix The substring to extract before pattern matching

h2o-core/src/main/java/water/persist/PersistNFS.java

@@ -6,6 +6,7 @@
 import java.util.ArrayList;
 
 import water.*;
+import water.exceptions.H2OFileAccessDeniedException;
 import water.exceptions.H2ONotFoundArgumentException;
 import water.fvec.NFSFileVec;
 import water.util.FileIntegrityChecker;
@@ -124,6 +125,9 @@ public ArrayList<String> calcTypeaheadMatches(String filter, int limit) {
   @Override
   public void importFiles(String path, String pattern, ArrayList<String> files, ArrayList<String> keys, ArrayList<String> fails, ArrayList<String> dels) {
     File f = new File(FileUtils.getURI(path));
+    if (H2O.ARGS.file_deny_glob.matches(f.toPath().normalize())) {
+      throw new H2OFileAccessDeniedException("File " + path + " access denied");
+    }
     if( !f.exists() ) throw new H2ONotFoundArgumentException("File " + path + " does not exist");
     FileIntegrityChecker.check(f).syncDirectory(files,keys,fails,dels);
   }

h2o-core/src/test/java/water/persist/PersistManagerTest.java

@@ -5,6 +5,7 @@
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
 import water.*;
+import water.exceptions.H2OFileAccessDeniedException;
 import water.fvec.*;
 
 import java.io.*;
@@ -33,15 +34,15 @@ public void calcTypeaheadMatches_emptyPath() {
         List<String> matches = persistManager.calcTypeaheadMatches("", 100);
         assertNotNull(matches);
         assertEquals(0, matches.size());
-        
+
         // Path with spaces (testing trim is being done)
         matches = persistManager.calcTypeaheadMatches("   ", 100);
         assertNotNull(matches);
         assertEquals(0, matches.size());
     }
 
     @Test
-    public void createReturnsBufferedOutputStreamForFiles() throws IOException  {
+    public void createReturnsBufferedOutputStreamForFiles() throws IOException {
         File target = new File(tmp.getRoot(), "target.txt");
         try (OutputStream os = persistManager.create(target.getAbsolutePath(), false)) {
             assertTrue(os instanceof BufferedOutputStream);
@@ -150,7 +151,7 @@ public void testCreateHexPath() throws IOException {
         }
     }
 
-    
+
     @Test
     public void testDeltaLakeMetadataFilter() {
         PersistManager.DeltaLakeMetadataFilter filter = new PersistManager.DeltaLakeMetadataFilter();
@@ -169,5 +170,10 @@ public void testDeltaLakeMetadataFilter() {
                 "dbfs:///_delta_log/b/fileB.parquet"
         ), result);
     }
-
+
+    @Test(expected = H2OFileAccessDeniedException.class)
+    public void testImportFileMatchingDenyList() {
+        persistManager.importFiles("/etc/hosts", null, new ArrayList<String>(), new ArrayList<String>(), new ArrayList<String>(), new ArrayList<String>());
+    }
+
 }