|
JAFS API v2 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--org.openafs.jafs.ACL.Entry
AFS ACL Entry Class.
Documentation reference: Managing Access Control Lists
Field Summary | |
static int |
ADMIN
ACL Mask administer constant |
static int |
DELETE
ACL Mask delete constant |
static int |
INSERT
ACL Mask insert constant |
static int |
LOCK
ACL Mask lock constant |
static int |
LOOKUP
ACL Mask lookup constant |
static int |
READ
ACL Mask read constant |
static int |
WRITE
ACL Mask write constant |
Constructor Summary | |
ACL.Entry()
Constructs a new ACL entry with all permission bits set to false . |
|
ACL.Entry(int permissionsMask)
Constructs a new ACL entry setting each permission bit to its appropriate value according to the permissionsMask specified. |
|
ACL.Entry(String user)
Constructs a new ACL entry with all permission bits set to false
and sets the associated user or group name. |
|
ACL.Entry(String user,
int permissionsMask)
Constructs a new ACL entry setting each permission bit to its appropriate value according to the permissionsMask specified
and sets the associated user or group name. |
Method Summary | |
boolean |
canAdmin()
Tests whether the ACL permits administer access.
|
boolean |
canDelete()
Tests whether the ACL permits delete access.
|
boolean |
canInsert()
Tests whether the ACL permits insert access.
|
boolean |
canLock()
Tests whether the ACL permits the lock authority.
|
boolean |
canLookup()
Tests whether the ACL permits lookup access. |
boolean |
canRead()
Tests whether the ACL permits read access.
|
boolean |
canWrite()
Tests whether the ACL permits write access.
|
boolean |
equals(ACL.Entry entry)
Tests whether two ACL.Entry objects are equal, based on associated
username and permission bits. |
int |
getPermissionsMask()
Returns this entry's permission mask. |
String |
getUser()
Returns the user or group name associated with this ACL entry. |
void |
setAdmin(boolean flag)
Sets the ACL permission to accomodate administer rights for directories. |
void |
setDelete(boolean flag)
Sets the ACL permission to accomodate delete access for directories. |
void |
setInsert(boolean flag)
Sets the ACL permission to accomodate insert access for directories. |
void |
setLock(boolean flag)
Sets the ACL permission to accomodate lock access for files. |
void |
setLookup(boolean flag)
Sets the ACL permission to accomodate lookup access for directories. |
void |
setPermissions(int permissionsMask)
Set this entry's permission bits according to the value of the permissionsMask specified. |
void |
setRead(boolean flag)
Sets the ACL permission to accomodate read access for files. |
void |
setUser(String user)
Sets the user or group name associated with this ACL entry. |
void |
setWrite(boolean flag)
Sets the ACL permission to accomodate write access for files. |
String |
toString()
Returns a String representation of this ACL.Entry |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
public static final int READ
public static final int WRITE
public static final int INSERT
public static final int LOOKUP
public static final int DELETE
public static final int LOCK
public static final int ADMIN
Constructor Detail |
public ACL.Entry()
false
.
public ACL.Entry(String user)
false
and sets the associated user or group name.
user
- The user or group name associated with this entrypublic ACL.Entry(int permissionsMask)
permissionsMask
specified.
permissionsMask
- An integer representation of the permissoin
rights of this entrycanRead()
,
canWrite()
,
canInsert()
,
canLookup()
,
canDelete()
,
canLock()
,
canAdmin()
public ACL.Entry(String user, int permissionsMask)
permissionsMask
specified
and sets the associated user or group name.
permissionsMask
- An integer representation of the permissoin
rights of this entryuser
- The username or group associated with this entrycanRead()
,
canWrite()
,
canInsert()
,
canLookup()
,
canDelete()
,
canLock()
,
canAdmin()
,
setUser(java.lang.String)
Method Detail |
public void setPermissions(int permissionsMask)
permissionsMask
specified.
permissionsMask
- An integer representation of the permissoin
rights of this entrygetPermissionsMask()
public int getPermissionsMask()
Permission Mask
01 - READ
02 - WRITE
04 - INSERT
08 - LOOKUP
16 - DELETE
32 - LOCK
64 - ADMIN
Any combination of the above mask values would equate to a valid combination of
permission settings. For example, if the permission mask was 11, the ACL permissions
would be as follows: read
(1), write
(2), and lookup
(8).
[1 + 2 + 8 = 11]
public String getUser()
public void setUser(String user)
user
- representation of the user or group name associated with this entry.public boolean canRead()
read
access.
This permission enables a user to read the contents of files in the directory and to obtain complete status information for the files (read/retrieve the file attributes).
File Permission
This permission is meaningful with respect to files in
a directory, rather than the directory itself or its subdirectories.
Documentation reference: The AFS ACL Permissions
true
if and only if the ACL permits read
access of
files; false
otherwisepublic void setRead(boolean flag)
read
access for files.
flag
- boolean flag that denotes the permission bit for read
access.canRead()
public boolean canLookup()
This permission functions as something of a gate keeper for access to the directory and its files, because a user must have it in order to exercise any other permissions. In particular, a user must have this permission to access anything in the directory's subdirectories, even if the ACL on a subdirectory grants extensive permissions.
This permission enables a user to list the names of the files and subdirectories in the directory (this does not permit read access to its respective entries), obtain complete status information for the directory element itself, and examine the directory's ACL.
This permission does not enable a user to read the contents of a file in the directory.
Similarly, this permission does not enable a user to lookup the contents of,
obtain complete status information for, or examine the ACL of the subdirectory of
the directory. Those operations require the lookup
permission on the ACL
of the subdirectory itself.
Directory Permission
This permission is meaningful with respect to the
directory itself. For example, the insert
permission (see: canInsert()
)
does not control addition of data to a file, but rather creation of a new file or
subdirectory.
Documentation reference: The AFS ACL Permissions
true
if and only if the ACL permits lookup
access for
directories; false
otherwisepublic void setLookup(boolean flag)
lookup
access for directories.
flag
- boolean flag that denotes the permission bit for lookup
access.canLookup()
public boolean canInsert()
insert
access.
This permission enables a user to add new files to the directory, either by creating or copying, and to create new subdirectories. It does not extend into any subdirectories, which are protected by their own ACLs.
Directory Permission
This permission is meaningful with respect to the
directory itself. For example, the insert
permission (see: canInsert()
)
does not control addition of data to a file, but rather creation of a new file or
subdirectory.
Documentation reference: The AFS ACL Permissions
true
if and only if the ACL permits insert
access for
directories; false
otherwisepublic void setInsert(boolean flag)
insert
access for directories.
flag
- boolean flag that denotes the permission bit for insert
access.canInsert()
public boolean canDelete()
delete
access.
This permission enables a user to remove files and subdirectories from the directory
or move them into other directories (assuming that the user has the insert
(see: canInsert()
) permission on the ACL of the other directories).
Directory Permission
This permission is meaningful with respect to the
directory itself. For example, the insert
permission (see: canInsert()
)
does not control addition of data to a file, but rather creation of a new file or
subdirectory.
Documentation reference: The AFS ACL Permissions
true
if and only if the ACL permits delete
access for
directories; false
otherwisepublic void setDelete(boolean flag)
delete
access for directories.
flag
- boolean flag that denotes the permission bit for delete
rights.canDelete()
public boolean canWrite()
write
access.
This permission enables a user to modify the contents of files in the directory and to change their operating system specific mode bits.
File Permission
This permission is meaningful with respect to files in
a directory, rather than the directory itself or its subdirectories.
Documentation reference: The AFS ACL Permissions
true
if and only if the ACL permits write
access for
files; false
otherwisepublic void setWrite(boolean flag)
write
access for files.
flag
- boolean flag that denotes the permission bit for write
access.canWrite()
public boolean canLock()
lock
authority.
This permission enables the user to run programs that issue system calls to lock files in the directory.
File Permission
This permission is meaningful with respect to files in
a directory, rather than the directory itself or its subdirectories.
Documentation reference: The AFS ACL Permissions
true
if and only if the ACL permits lock
authority for
files; false
otherwisepublic void setLock(boolean flag)
lock
access for files.
flag
- boolean flag that denotes the permission bit for lock
rights.canLock()
public boolean canAdmin()
administer
access.
This permission enables a user to change the directory's ACL. Members of the
system:administrators
group implicitly have this permission on every
directory (that is, even if that group does not appear on the ACL). Similarly, the
owner of a directory implicitly has this permission on its ACL and those of all
directories below it that he or she owns.
Directory Permission
This permission is meaningful with respect to the
directory itself. For example, the insert
permission (see: canInsert()
)
does not control addition of data to a file, but rather creation of a new file or
subdirectory.
Documentation reference: The AFS ACL Permissions
true
if and only if the ACL permits administer
access for
directories; false
otherwisepublic void setAdmin(boolean flag)
administer
rights for directories.
flag
- boolean flag that denotes the permission bit for administer
rights.canAdmin()
public boolean equals(ACL.Entry entry)
ACL.Entry
objects are equal, based on associated
username and permission bits.
entry
- the ACL.Entry to test
public String toString()
ACL.Entry
toString
in class Object
ACL.Entry
|
JAFS API v2 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |