1818import java .io .UncheckedIOException ;
1919import java .nio .file .Files ;
2020import java .nio .file .Path ;
21+ import java .nio .file .Paths ;
2122import java .util .ArrayList ;
2223import java .util .Arrays ;
2324import java .util .List ;
@@ -44,7 +45,8 @@ private FileAccessTree(FilesEntitlement filesEntitlement, PathLookup pathLookup)
4445 }
4546 readPaths .add (normalized );
4647 };
47- BiConsumer <Path , Mode > maybeAddLinkPath = (path , mode ) -> {
48+ BiConsumer <Path , Mode > addPathAndMaybeLink = (path , mode ) -> {
49+ addPath .accept (path , mode );
4850 // also try to follow symlinks. Lucene does this and writes to the target path.
4951 if (Files .exists (path )) {
5052 try {
@@ -69,14 +71,16 @@ private FileAccessTree(FilesEntitlement filesEntitlement, PathLookup pathLookup)
6971 // TODO: null paths shouldn't be allowed, but they can occur due to repo paths
7072 return ;
7173 }
72- addPath .accept (path , mode );
73- maybeAddLinkPath .accept (path , mode );
74+ addPathAndMaybeLink .accept (path , mode );
7475 });
7576 }
7677
77- // everything has access to the temp dir
78- addPath .accept (pathLookup .tempDir (), Mode .READ_WRITE );
79- maybeAddLinkPath .accept (pathLookup .tempDir (), Mode .READ_WRITE );
78+ // everything has access to the temp dir and the jdk
79+ addPathAndMaybeLink .accept (pathLookup .tempDir (), Mode .READ_WRITE );
80+
81+ // TODO: watcher uses javax.activation which looks for known mime types configuration, should this be global or explicit in watcher?
82+ Path jdk = Paths .get (System .getProperty ("java.home" ));
83+ addPathAndMaybeLink .accept (jdk .resolve ("conf" ), Mode .READ );
8084
8185 readPaths .sort (String ::compareTo );
8286 writePaths .sort (String ::compareTo );
0 commit comments