Tomcat write permission apache server user uploads

Question

When a user uploads an image, the file is created in "/var/www/example.com/uploads" by the tomcat webapp so that apache can serve the image. However, the tomcat group/user creates the file so it is not accessible through example.com/uploads/image.jpg unless I manually change the read permissions, then the file is no longer forbidden. But, every file is created without read permissions. I am not fluent with ubuntu and I do not know if I need to change something within the java servlet or to the folder/group/user. Any help would be greatly appreciated.

-rw-r----- 1 tomcat tomcat 120264 Jul 14 19:26 second-image.jpg
-rw-r--r-- 1 tomcat tomcat 172853 Jul 14 19:05 image.png

Edit: The file is submitted as multipart config form data. After checking the types, size, etc., it is written to the system simply as:

Path imageDir = Path.of("/var/www/example.com/uploads");
Path imageFile = Files.createFile(imageDir.resolve(fileName).toAbsolutePath());
part.write(imageFile.toString());

Answer 1

Your application code is already calling a method that is able to set permissions, but isn't providing a parameter to do so. You can read this tutorial on File Attributes to see an example of setting file permissions. I'm guessing you'd want to create the permissions from a string, since you're already working with the format:

Set<PosixFilePermission> perms =
PosixFilePermissions.fromString("rw-------");
FileAttribute<Set<PosixFilePermission>> attr = PosixFilePermissions.asFileAttribute(perms);
Files.createFile(file, attr);