chore: check data folder write permission

Signed-off-by: Henry <mail@henrygressmann.de>

Author: explodingcamera

Cargo.lock

@@ -47,6 +47,7 @@ figment={version="0.10", features=["toml", "env"]}
 tracing={version="0.1", default-features=false, features=["std"]}
 tracing-subscriber={version="0.3", features=["env-filter"]}
 ahash="0.8"
+nix={version="0.31", features=["user"]}
 
 # web
 axum={version="0.8", default-features=false, features=[

Cargo.toml

@@ -5,10 +5,10 @@ pub mod models;
 pub use core::reports;
 use std::sync::Arc;
 
-use crate::config::Config;
+use crate::{config::Config, utils::writable::check_directory_writable};
 
 use crate::utils::r2d2_sqlite::SqliteConnectionManager;
-use anyhow::Result;
+use anyhow::{Context, Result};
 use core::{LiwanEntities, LiwanEvents, LiwanOnboarding, LiwanProjects, LiwanSessions, LiwanUsers};
 use duckdb::DuckdbConnectionManager;
 
@@ -41,16 +41,18 @@ const EVENT_BATCH_INTERVAL: std::time::Duration = std::time::Duration::from_secs
 impl Liwan {
     pub fn try_new(config: Config) -> Result<Arc<Self>> {
         tracing::debug!("Initializing app");
-        let folder = std::path::Path::new(&config.data_dir);
-        if !folder.exists() {
-            tracing::debug!(path = config.data_dir, "Creating database folder since it doesn't exist");
-            std::fs::create_dir_all(folder)?;
+        let dir = std::path::Path::new(&config.data_dir);
+
+        if !dir.exists() {
+            tracing::debug!(path = config.data_dir, "Creating data directory since it doesn't exist");
+            std::fs::create_dir_all(dir).context("Failed to create data directory")?;
         }
+        check_directory_writable(dir);
 
         tracing::debug!("Initializing databases");
-        let conn_app = db::init_sqlite(&folder.join("liwan-app.sqlite"), embedded::app::migrations::runner())?;
+        let conn_app = db::init_sqlite(&dir.join("liwan-app.sqlite"), embedded::app::migrations::runner())?;
         let conn_events = db::init_duckdb(
-            &folder.join("liwan-events.duckdb"),
+            &dir.join("liwan-events.duckdb"),
             config.duckdb.clone(),
             embedded::events::migrations::runner(),
         )?;

src/app/mod.rs

@@ -9,6 +9,7 @@ pub mod seed;
 pub mod signals;
 pub mod useragent;
 pub mod validate;
+pub mod writable;
 
 pub fn to_sorted<T: Clone + Ord>(v: &[T]) -> Vec<T> {
     let mut v = v.to_vec();

src/utils/mod.rs

@@ -0,0 +1,38 @@
+use std::{fs, io::Write, path::Path};
+
+/// Checks if the directory is writable by attempting to create a temporary file.
+pub fn check_directory_writable(dir: &Path) {
+    let test_path = dir.join(".liwan_write_test");
+
+    match fs::OpenOptions::new().create_new(true).write(true).open(&test_path) {
+        Ok(mut f) => {
+            let _ = f.write_all(b"test");
+            let _ = fs::remove_file(&test_path);
+        }
+        Err(err) => {
+            #[cfg(unix)]
+            {
+                let uid = nix::unistd::geteuid();
+                let gid = nix::unistd::getegid();
+
+                let path = dir.display();
+                tracing::warn!(
+                    %path,
+                    uid = uid.as_raw(),
+                    gid = gid.as_raw(),
+                    error = %err,
+                    "Directory is not writable"
+                );
+            }
+
+            #[cfg(not(unix))]
+            {
+                tracing::warn!(
+                    path = dir.display(),
+                    error = %err,
+                    "Directory is not writable"
+                );
+            }
+        }
+    }
+}