JAFS API v2

org.openafs.jafs
Class ACL.Entry

java.lang.Object
  |
  +--org.openafs.jafs.ACL.Entry
All Implemented Interfaces:
Serializable
Enclosing class:
ACL

public static final class ACL.Entry
extends Object
implements Serializable

AFS ACL Entry Class.

Documentation reference: Managing Access Control Lists

Version:
2.0, 04/18/2001 - Completely revised class for efficiency., 3.0, 05/01/2002 - Converted class to an inner class.
See Also:
Serialized Form

Field Summary
static int ADMIN
          ACL Mask administer constant
static int DELETE
          ACL Mask delete constant
static int INSERT
          ACL Mask insert constant
static int LOCK
          ACL Mask lock constant
static int LOOKUP
          ACL Mask lookup constant
static int READ
          ACL Mask read constant
static int WRITE
          ACL Mask write constant
 
Constructor Summary
ACL.Entry()
          Constructs a new ACL entry with all permission bits set to false.
ACL.Entry(int permissionsMask)
          Constructs a new ACL entry setting each permission bit to its appropriate value according to the permissionsMask specified.
ACL.Entry(String user)
          Constructs a new ACL entry with all permission bits set to false and sets the associated user or group name.
ACL.Entry(String user, int permissionsMask)
          Constructs a new ACL entry setting each permission bit to its appropriate value according to the permissionsMask specified and sets the associated user or group name.
 
Method Summary
 boolean canAdmin()
          Directory Permission Tests whether the ACL permits administer access.
 boolean canDelete()
          Directory Permission Tests whether the ACL permits delete access.
 boolean canInsert()
          Directory Permission Tests whether the ACL permits insert access.
 boolean canLock()
          File Permission Tests whether the ACL permits the lock authority.
 boolean canLookup()
          Directory Permission Tests whether the ACL permits lookup access.
 boolean canRead()
          File Permission Tests whether the ACL permits read access.
 boolean canWrite()
          File Permission Tests whether the ACL permits write access.
 boolean equals(ACL.Entry entry)
          Tests whether two ACL.Entry objects are equal, based on associated username and permission bits.
 int getPermissionsMask()
          Returns this entry's permission mask.
 String getUser()
          Returns the user or group name associated with this ACL entry.
 void setAdmin(boolean flag)
          Sets the ACL permission to accomodate administer rights for directories.
 void setDelete(boolean flag)
          Sets the ACL permission to accomodate delete access for directories.
 void setInsert(boolean flag)
          Sets the ACL permission to accomodate insert access for directories.
 void setLock(boolean flag)
          Sets the ACL permission to accomodate lock access for files.
 void setLookup(boolean flag)
          Sets the ACL permission to accomodate lookup access for directories.
 void setPermissions(int permissionsMask)
          Set this entry's permission bits according to the value of the permissionsMask specified.
 void setRead(boolean flag)
          Sets the ACL permission to accomodate read access for files.
 void setUser(String user)
          Sets the user or group name associated with this ACL entry.
 void setWrite(boolean flag)
          Sets the ACL permission to accomodate write access for files.
 String toString()
          Returns a String representation of this ACL.Entry
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

READ

public static final int READ
ACL Mask read constant

See Also:
Constant Field Values

WRITE

public static final int WRITE
ACL Mask write constant

See Also:
Constant Field Values

INSERT

public static final int INSERT
ACL Mask insert constant

See Also:
Constant Field Values

LOOKUP

public static final int LOOKUP
ACL Mask lookup constant

See Also:
Constant Field Values

DELETE

public static final int DELETE
ACL Mask delete constant

See Also:
Constant Field Values

LOCK

public static final int LOCK
ACL Mask lock constant

See Also:
Constant Field Values

ADMIN

public static final int ADMIN
ACL Mask administer constant

See Also:
Constant Field Values
Constructor Detail

ACL.Entry

public ACL.Entry()
Constructs a new ACL entry with all permission bits set to false.


ACL.Entry

public ACL.Entry(String user)
Constructs a new ACL entry with all permission bits set to false and sets the associated user or group name.

Parameters:
user - The user or group name associated with this entry

ACL.Entry

public ACL.Entry(int permissionsMask)
Constructs a new ACL entry setting each permission bit to its appropriate value according to the permissionsMask specified.

Parameters:
permissionsMask - An integer representation of the permissoin rights of this entry
See Also:
canRead(), canWrite(), canInsert(), canLookup(), canDelete(), canLock(), canAdmin()

ACL.Entry

public ACL.Entry(String user,
                 int permissionsMask)
Constructs a new ACL entry setting each permission bit to its appropriate value according to the permissionsMask specified and sets the associated user or group name.

Parameters:
permissionsMask - An integer representation of the permissoin rights of this entry
user - The username or group associated with this entry
See Also:
canRead(), canWrite(), canInsert(), canLookup(), canDelete(), canLock(), canAdmin(), setUser(java.lang.String)
Method Detail

setPermissions

public void setPermissions(int permissionsMask)
Set this entry's permission bits according to the value of the permissionsMask specified.

Parameters:
permissionsMask - An integer representation of the permissoin rights of this entry
See Also:
getPermissionsMask()

getPermissionsMask

public int getPermissionsMask()
Returns this entry's permission mask.

Permission Mask
01 - READ
02 - WRITE
04 - INSERT
08 - LOOKUP
16 - DELETE
32 - LOCK
64 - ADMIN

Any combination of the above mask values would equate to a valid combination of permission settings. For example, if the permission mask was 11, the ACL permissions would be as follows: read (1), write (2), and lookup (8).
[1 + 2 + 8 = 11]

Returns:
An integer representation (mask) of the permissoin rights of this entry

getUser

public String getUser()
Returns the user or group name associated with this ACL entry.

Returns:
String representation of the user or group name associated with this entry.

setUser

public void setUser(String user)
Sets the user or group name associated with this ACL entry.

Parameters:
user - representation of the user or group name associated with this entry.

canRead

public boolean canRead()
File Permission Tests whether the ACL permits read access.

This permission enables a user to read the contents of files in the directory and to obtain complete status information for the files (read/retrieve the file attributes).

File Permission File Permission
This permission is meaningful with respect to files in a directory, rather than the directory itself or its subdirectories.

Documentation reference: The AFS ACL Permissions

Returns:
true if and only if the ACL permits read access of files; false otherwise

setRead

public void setRead(boolean flag)
Sets the ACL permission to accomodate read access for files.

Parameters:
flag - boolean flag that denotes the permission bit for read access.
See Also:
canRead()

canLookup

public boolean canLookup()
Directory Permission Tests whether the ACL permits lookup access.

This permission functions as something of a gate keeper for access to the directory and its files, because a user must have it in order to exercise any other permissions. In particular, a user must have this permission to access anything in the directory's subdirectories, even if the ACL on a subdirectory grants extensive permissions.

This permission enables a user to list the names of the files and subdirectories in the directory (this does not permit read access to its respective entries), obtain complete status information for the directory element itself, and examine the directory's ACL.

This permission does not enable a user to read the contents of a file in the directory.

Similarly, this permission does not enable a user to lookup the contents of, obtain complete status information for, or examine the ACL of the subdirectory of the directory. Those operations require the lookup permission on the ACL of the subdirectory itself.

Directory Permission Directory Permission
This permission is meaningful with respect to the directory itself. For example, the insert permission (see: canInsert()) does not control addition of data to a file, but rather creation of a new file or subdirectory.

Documentation reference: The AFS ACL Permissions

Returns:
true if and only if the ACL permits lookup access for directories; false otherwise

setLookup

public void setLookup(boolean flag)
Sets the ACL permission to accomodate lookup access for directories.

Parameters:
flag - boolean flag that denotes the permission bit for lookup access.
See Also:
canLookup()

canInsert

public boolean canInsert()
Directory Permission Tests whether the ACL permits insert access.

This permission enables a user to add new files to the directory, either by creating or copying, and to create new subdirectories. It does not extend into any subdirectories, which are protected by their own ACLs.

Directory Permission Directory Permission
This permission is meaningful with respect to the directory itself. For example, the insert permission (see: canInsert()) does not control addition of data to a file, but rather creation of a new file or subdirectory.

Documentation reference: The AFS ACL Permissions

Returns:
true if and only if the ACL permits insert access for directories; false otherwise

setInsert

public void setInsert(boolean flag)
Sets the ACL permission to accomodate insert access for directories.

Parameters:
flag - boolean flag that denotes the permission bit for insert access.
See Also:
canInsert()

canDelete

public boolean canDelete()
Directory Permission Tests whether the ACL permits delete access.

This permission enables a user to remove files and subdirectories from the directory or move them into other directories (assuming that the user has the insert (see: canInsert()) permission on the ACL of the other directories).

Directory Permission Directory Permission
This permission is meaningful with respect to the directory itself. For example, the insert permission (see: canInsert()) does not control addition of data to a file, but rather creation of a new file or subdirectory.

Documentation reference: The AFS ACL Permissions

Returns:
true if and only if the ACL permits delete access for directories; false otherwise

setDelete

public void setDelete(boolean flag)
Sets the ACL permission to accomodate delete access for directories.

Parameters:
flag - boolean flag that denotes the permission bit for delete rights.
See Also:
canDelete()

canWrite

public boolean canWrite()
File Permission Tests whether the ACL permits write access.

This permission enables a user to modify the contents of files in the directory and to change their operating system specific mode bits.

File Permission File Permission
This permission is meaningful with respect to files in a directory, rather than the directory itself or its subdirectories.

Documentation reference: The AFS ACL Permissions

Returns:
true if and only if the ACL permits write access for files; false otherwise

setWrite

public void setWrite(boolean flag)
Sets the ACL permission to accomodate write access for files.

Parameters:
flag - boolean flag that denotes the permission bit for write access.
See Also:
canWrite()

canLock

public boolean canLock()
File Permission Tests whether the ACL permits the lock authority.

This permission enables the user to run programs that issue system calls to lock files in the directory.

File Permission File Permission
This permission is meaningful with respect to files in a directory, rather than the directory itself or its subdirectories.

Documentation reference: The AFS ACL Permissions

Returns:
true if and only if the ACL permits lock authority for files; false otherwise

setLock

public void setLock(boolean flag)
Sets the ACL permission to accomodate lock access for files.

Parameters:
flag - boolean flag that denotes the permission bit for lock rights.
See Also:
canLock()

canAdmin

public boolean canAdmin()
Directory Permission Tests whether the ACL permits administer access.

This permission enables a user to change the directory's ACL. Members of the system:administrators group implicitly have this permission on every directory (that is, even if that group does not appear on the ACL). Similarly, the owner of a directory implicitly has this permission on its ACL and those of all directories below it that he or she owns.

Directory Permission Directory Permission
This permission is meaningful with respect to the directory itself. For example, the insert permission (see: canInsert()) does not control addition of data to a file, but rather creation of a new file or subdirectory.

Documentation reference: The AFS ACL Permissions

Returns:
true if and only if the ACL permits administer access for directories; false otherwise

setAdmin

public void setAdmin(boolean flag)
Sets the ACL permission to accomodate administer rights for directories.

Parameters:
flag - boolean flag that denotes the permission bit for administer rights.
See Also:
canAdmin()

equals

public boolean equals(ACL.Entry entry)
Tests whether two ACL.Entry objects are equal, based on associated username and permission bits.

Parameters:
entry - the ACL.Entry to test
Returns:
whether the specifed ACL.Entry is the same as this ACL.Entry

toString

public String toString()
Returns a String representation of this ACL.Entry

Overrides:
toString in class Object
Returns:
a String representation of this ACL.Entry

JAFS API v2