Catch EACCES too in access().

diff --git a/src/VfsNs.cpp b/src/VfsNs.cpp
index ff3d9b7..3ff977c 100644 (file)
--- a/src/VfsNs.cpp
+++ b/src/VfsNs.cpp
@@ -259,28 +259,33 @@ bool VfsCatalog::access(const std::string& path, int mode) throw (DmException)
   ExtendedStat meta;
   mode_t perm;
 
-  if (vfsCheckPermissions(path, S_IREAD))
-    vfsThrow(EACCES, "not enough permissions for '%s'", clientName.c_str());
-
   try {
+    if (vfsCheckPermissions(path, S_IREAD))
+      vfsThrow(EACCES, "not enough permissions for '%s'", clientName.c_str());
+
     meta = this->vfsExtendedStat(path);
 
     perm = 0;
     if (mode & R_OK) perm  = S_IREAD;
     if (mode & W_OK) perm |= S_IWRITE;
     if (mode & X_OK) perm |= S_IEXEC;
+
+    if (checkPermissions(this->secCtx_, meta.acl, meta.stat, perm) != 0) return false;
   } catch (DmException& e) {
-    if (e.code() == ENOENT) {
-      // throw exeption up only if there was not requested test for existence (F_OK)
-      if (mode & F_OK) return false;
-      else throw DmException(DMLITE_NO_SUCH_REPLICA, e.what());
-    } else {
-      throw;
+    switch (e.code()) {
+      case ENOENT:
+        // throw exeption up only if there was not requested test for existence (F_OK)
+        if (mode & F_OK) return false;
+        else throw DmException(DMLITE_NO_SUCH_REPLICA, e.what());
+        break;
+      case EACCES:
+        return false;
+        break;
+      default:
+        throw;
     }
   }
 
-  if (checkPermissions(this->secCtx_, meta.acl, meta.stat, perm) != 0) return false;
-
   if (::access(getLocalPath(path).c_str(), mode) == -1) {
     if (errno == ENOENT) {
       // stat() performed OK, but access() failed with ENOENT