Commit | Line | Data |
---|---|---|
805e021f CE |
1 | /* |
2 | * @(#)ACL.java 2.0 04/18/2001 | |
3 | * | |
4 | * Copyright (c) 2001 International Business Machines Corp. | |
5 | * All rights reserved. | |
6 | * | |
7 | * This software has been released under the terms of the IBM Public | |
8 | * License. For details, see the LICENSE file in the top-level source | |
9 | * directory or online at http://www.openafs.org/dl/license10.html | |
10 | * | |
11 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
12 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
13 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
14 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR | |
15 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, | |
16 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, | |
17 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR | |
18 | * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF | |
19 | * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | |
20 | * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | |
21 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
22 | */ | |
23 | ||
24 | package org.openafs.jafs; | |
25 | ||
26 | import java.io.Serializable; | |
27 | import java.util.ArrayList; | |
28 | import java.util.StringTokenizer; | |
29 | ||
30 | /** | |
31 | * An abstract representation of AFS file and directory pathnames. | |
32 | * | |
33 | * This class is an extension of the standard Java File class with file-based | |
34 | * manipulation methods overridden by integrated AFS native methods. | |
35 | * | |
36 | * @version 2.0, 04/18/2001 - Completely revised class for efficiency. | |
37 | */ | |
38 | ||
39 | public class ACL implements Serializable, Comparable | |
40 | { | |
41 | protected ACL.Entry[] positiveEntries; | |
42 | protected ACL.Entry[] negativeEntries; | |
43 | protected String path; | |
44 | ||
45 | public ACL(String path) throws AFSException | |
46 | { | |
47 | this(path,true); | |
48 | } | |
49 | ||
50 | public ACL(String path, boolean init) throws AFSException { | |
51 | int numberPositiveEntries = 0; | |
52 | int numberNegativeEntries = 0; | |
53 | ACL.Entry aclEntry; | |
54 | String buffer; | |
55 | this.path = path; | |
56 | ||
57 | if (init) { | |
58 | ||
59 | StringTokenizer st = new StringTokenizer(getACLString(path), "\n\t"); | |
60 | ||
61 | buffer = st.nextToken(); | |
62 | numberPositiveEntries = new Integer(buffer).intValue(); | |
63 | positiveEntries = new ACL.Entry[numberPositiveEntries]; | |
64 | ||
65 | buffer = st.nextToken(); | |
66 | numberNegativeEntries = new Integer(buffer).intValue(); | |
67 | negativeEntries = new ACL.Entry[numberNegativeEntries]; | |
68 | ||
69 | for (int i = 0; i < numberPositiveEntries; i++) { | |
70 | aclEntry = new ACL.Entry(); | |
71 | aclEntry.setUser(st.nextToken()); | |
72 | aclEntry.setPermissions(new Integer(st.nextToken()).intValue()); | |
73 | positiveEntries[i] = aclEntry; | |
74 | } | |
75 | ||
76 | for (int i = 0; i < numberNegativeEntries; i++) { | |
77 | aclEntry = new ACL.Entry(); | |
78 | aclEntry.setUser(st.nextToken()); | |
79 | aclEntry.setPermissions(new Integer(st.nextToken()).intValue()); | |
80 | negativeEntries[i] = aclEntry; | |
81 | } | |
82 | }else{ | |
83 | positiveEntries = new ACL.Entry[numberPositiveEntries]; | |
84 | negativeEntries = new ACL.Entry[numberNegativeEntries]; | |
85 | } | |
86 | } | |
87 | public int getEntryCount() | |
88 | { | |
89 | return positiveEntries.length + positiveEntries.length; | |
90 | } | |
91 | public String getPath() | |
92 | { | |
93 | return path; | |
94 | } | |
95 | public void setPath(String path) | |
96 | { | |
97 | this.path= path; | |
98 | } | |
99 | public ACL.Entry[] getPositiveEntries() | |
100 | { | |
101 | return positiveEntries; | |
102 | } | |
103 | public void addPositiveEntry(ACL.Entry entry) throws AFSException | |
104 | { | |
105 | int n = positiveEntries.length; | |
106 | ACL.Entry[] e = new ACL.Entry[n + 1]; | |
107 | System.arraycopy(positiveEntries, 0, e, 0, n); | |
108 | e[n] = entry; | |
109 | positiveEntries = e; | |
110 | setACLString(path, getFormattedString()); | |
111 | } | |
112 | public void setPositiveEntries(ACL.Entry[] entries) throws AFSException | |
113 | { | |
114 | this.positiveEntries = entries; | |
115 | setACLString(path, getFormattedString()); | |
116 | } | |
117 | public ACL.Entry[] getNegativeEntries() | |
118 | { | |
119 | return negativeEntries; | |
120 | } | |
121 | public void addNegativeEntry(ACL.Entry entry) throws AFSException | |
122 | { | |
123 | int n = negativeEntries.length; | |
124 | ACL.Entry[] e = new ACL.Entry[n + 1]; | |
125 | System.arraycopy(negativeEntries, 0, e, 0, n); | |
126 | e[n] = entry; | |
127 | negativeEntries = e; | |
128 | setACLString(path, getFormattedString()); | |
129 | } | |
130 | ||
131 | public void addAllNegativeEntrys(ACL.Entry[] entry) throws AFSException | |
132 | { | |
133 | int n = negativeEntries.length; | |
134 | ACL.Entry[] e = new ACL.Entry[n + entry.length]; | |
135 | System.arraycopy(negativeEntries, 0, e, 0, n); | |
136 | System.arraycopy(entry,0,e,n,entry.length); | |
137 | ||
138 | negativeEntries = e; | |
139 | setACLString(path, getFormattedString()); | |
140 | ||
141 | } | |
142 | ||
143 | public void addAllPositiveEntrys(ACL.Entry[] entry) throws AFSException | |
144 | { | |
145 | int n = positiveEntries.length; | |
146 | ACL.Entry[] e = new ACL.Entry[n + entry.length]; | |
147 | System.arraycopy(positiveEntries, 0, e, 0, n); | |
148 | System.arraycopy(entry,0,e,n,entry.length); | |
149 | ||
150 | positiveEntries = e; | |
151 | setACLString(path, getFormattedString()); | |
152 | ||
153 | } | |
154 | public void setNegativeEntries(ACL.Entry[] entries) throws AFSException | |
155 | { | |
156 | this.negativeEntries = entries; | |
157 | setACLString(path, getFormattedString()); | |
158 | } | |
159 | ||
160 | /** | |
161 | * Needs a AFS Connection | |
162 | */ | |
163 | public void flush() throws AFSException | |
164 | { | |
165 | setACLString(path, getFormattedString()); | |
166 | } | |
167 | ||
168 | /** | |
169 | * removes a ACL Entry from acl | |
170 | */ | |
171 | public void removeNegativeEntry(Entry entry) throws AFSException { | |
172 | ||
173 | ArrayList arr = new ArrayList(); | |
174 | ||
175 | for (int i = 0; i < negativeEntries.length; i++) { | |
176 | ||
177 | if(!negativeEntries[i].equals(entry)){ | |
178 | arr.add(negativeEntries[i]); | |
179 | } | |
180 | } | |
181 | negativeEntries = (ACL.Entry[]) arr.toArray(new ACL.Entry[arr.size()]); | |
182 | ||
183 | setACLString(path, getFormattedString()); | |
184 | } | |
185 | ||
186 | /** | |
187 | * removes all ACL Entrys from acl | |
188 | */ | |
189 | public void removeAllNegativeEntrys() throws AFSException { | |
190 | negativeEntries = new Entry[0]; | |
191 | setACLString(path, getFormattedString()); | |
192 | } | |
193 | ||
194 | /** | |
195 | * removes all ACL Entrys from acl | |
196 | */ | |
197 | public void removeAllPositiveEntrys() throws AFSException { | |
198 | positiveEntries = new Entry[0]; | |
199 | setACLString(path, getFormattedString()); | |
200 | } | |
201 | ||
202 | ||
203 | public boolean containsNegative(Entry entry) { | |
204 | ||
205 | for (int i = 0; i < negativeEntries.length; i++) { | |
206 | ||
207 | if(negativeEntries[i].equals(entry)){ | |
208 | return true; | |
209 | } | |
210 | } | |
211 | return false; | |
212 | } | |
213 | ||
214 | ||
215 | public Entry getNegative(String entryname) { | |
216 | ||
217 | for (int i = 0; i < negativeEntries.length; i++) { | |
218 | ||
219 | if(negativeEntries[i].getUser().equalsIgnoreCase(entryname)){ | |
220 | return negativeEntries[i]; | |
221 | } | |
222 | } | |
223 | return null; | |
224 | } | |
225 | ||
226 | public Entry getPositive(String entryname) { | |
227 | ||
228 | for (int i = 0; i < positiveEntries.length; i++) { | |
229 | ||
230 | if(positiveEntries[i].getUser().equalsIgnoreCase(entryname)){ | |
231 | return positiveEntries[i]; | |
232 | } | |
233 | } | |
234 | return null; | |
235 | } | |
236 | public boolean containsPositive(Entry entry) { | |
237 | ||
238 | for (int i = 0; i < positiveEntries.length; i++) { | |
239 | ||
240 | if(positiveEntries[i].equals(entry)){ | |
241 | return true; | |
242 | } | |
243 | } | |
244 | return false; | |
245 | } | |
246 | ||
247 | /** | |
248 | * removes a ACL Entry from acl | |
249 | */ | |
250 | public void removePositiveEntry(Entry entry) throws AFSException { | |
251 | ||
252 | ArrayList arr = new ArrayList(); | |
253 | ||
254 | for (int i = 0; i < positiveEntries.length; i++) { | |
255 | ||
256 | if(!positiveEntries[i].equals(entry)){ | |
257 | arr.add(positiveEntries[i]); | |
258 | } | |
259 | } | |
260 | positiveEntries = (ACL.Entry[]) arr.toArray(new ACL.Entry[arr.size()]); | |
261 | setACLString(path, getFormattedString()); | |
262 | } | |
263 | ||
264 | private ACL.Entry[] getNonEmptyEntries(ACL.Entry[] entries) | |
265 | { | |
266 | ArrayList response = new ArrayList(entries.length); | |
267 | for (int i = 0; i < entries.length; i++) | |
268 | { | |
269 | boolean isNonEmpty = entries[i].canRead() || | |
270 | entries[i].canLookup() || | |
271 | entries[i].canWrite() || | |
272 | entries[i].canInsert() || | |
273 | entries[i].canDelete() || | |
274 | entries[i].canLock() || | |
275 | entries[i].canAdmin(); | |
276 | if (isNonEmpty) response.add(entries[i]); | |
277 | } | |
278 | if (response.size() == entries.length) return entries; | |
279 | return (ACL.Entry[])response.toArray(new ACL.Entry[response.size()]); | |
280 | } | |
281 | ||
282 | private void entriesToString(ACL.Entry[] entries, StringBuffer response) | |
283 | { | |
284 | for (int i = 0; i < entries.length; i++) | |
285 | { | |
286 | this.entryToString((ACL.Entry)entries[i], response); | |
287 | } | |
288 | } | |
289 | ||
290 | private void entryToString(ACL.Entry entry, StringBuffer response) | |
291 | { | |
292 | response.append(entry.getUser() + '\t' + entry.getPermissionsMask() + '\n'); | |
293 | } | |
294 | ||
295 | /** | |
296 | * Returns a ViceIoctl formatted String representation of this | |
297 | * <CODE>ACL</CODE>. | |
298 | * | |
299 | * @return a ViceIoctl formatted String representation of this | |
300 | * <CODE>ACL</CODE>. | |
301 | */ | |
302 | private String getFormattedString() | |
303 | { | |
304 | StringBuffer out = null; | |
305 | ACL.Entry[] nonEmptyPos = this.getNonEmptyEntries(this.getPositiveEntries()); | |
306 | ACL.Entry[] nonEmptyNeg = this.getNonEmptyEntries(this.getNegativeEntries()); | |
307 | ||
308 | out = new StringBuffer(nonEmptyPos.length + "\n" + nonEmptyNeg.length + "\n"); | |
309 | this.entriesToString(nonEmptyPos, out); | |
310 | this.entriesToString(nonEmptyNeg, out); | |
311 | ||
312 | return out.toString(); | |
313 | } | |
314 | ||
315 | /////////////// custom override methods //////////////////// | |
316 | ||
317 | /** | |
318 | * Compares two ACL objects respective to their paths and does not | |
319 | * factor any other attribute. Alphabetic case is significant in | |
320 | * comparing names. | |
321 | * | |
322 | * @param acl The ACL object to be compared to this ACL | |
323 | * instance | |
324 | * | |
325 | * @return Zero if the argument is equal to this ACL's path, a | |
326 | * value less than zero if this ACL's path is | |
327 | * lexicographically less than the argument, or a value greater | |
328 | * than zero if this ACL's path is lexicographically | |
329 | * greater than the argument | |
330 | */ | |
331 | public int compareTo(ACL acl) | |
332 | { | |
333 | return this.getPath().compareTo(acl.getPath()); | |
334 | } | |
335 | ||
336 | /** | |
337 | * Comparable interface method. | |
338 | * | |
339 | * @see #compareTo(ACL) | |
340 | */ | |
341 | public int compareTo(Object obj) | |
342 | { | |
343 | return compareTo((ACL)obj); | |
344 | } | |
345 | ||
346 | /** | |
347 | * Tests whether two <code>ACL</code> objects are equal, based on their | |
348 | * paths and permission bits. | |
349 | * | |
350 | * @param acl the ACL to test | |
351 | * @return whether the specifed ACL is the same as this ACL | |
352 | */ | |
353 | public boolean equals( ACL acl ) | |
354 | { | |
355 | return ( (this.getPath().equals(acl.getPath())) && | |
356 | (positiveEntries.equals(acl.getPositiveEntries())) && | |
357 | (negativeEntries.equals(acl.getNegativeEntries())) ); | |
358 | } | |
359 | ||
360 | /** | |
361 | * Returns a String representation of this <CODE>ACL</CODE> | |
362 | * | |
363 | * @return a String representation of this <CODE>ACL</CODE> | |
364 | */ | |
365 | public String toString() | |
366 | { | |
367 | ACL.Entry[] nonEmptyPos = this.getNonEmptyEntries(this.getPositiveEntries()); | |
368 | ACL.Entry[] nonEmptyNeg = this.getNonEmptyEntries(this.getNegativeEntries()); | |
369 | ||
370 | StringBuffer out = new StringBuffer("ACL for "); | |
371 | out.append(path); | |
372 | out.append("\n"); | |
373 | out.append("Positive Entries:\n"); | |
374 | for (int i = 0; i < nonEmptyPos.length; i++) { | |
375 | out.append(" "); | |
376 | out.append(nonEmptyPos[i].toString()); | |
377 | } | |
378 | if (nonEmptyNeg.length > 0) { | |
379 | out.append("Negative Entries:\n"); | |
380 | for (int i = 0; i < nonEmptyNeg.length; i++) { | |
381 | out.append(" "); | |
382 | out.append(nonEmptyNeg[i].toString()); | |
383 | } | |
384 | } | |
385 | ||
386 | return out.toString(); | |
387 | } | |
388 | ||
389 | /////////////// native methods //////////////////// | |
390 | ||
391 | /** | |
392 | * Returns a formatted String representing the ACL for the specified path. | |
393 | * | |
394 | * The string format is in the form of a ViceIoctl and is as follows: | |
395 | * printf("%d\n%d\n", positiveEntriesCount, negativeEntriesCount); | |
396 | * printf("%s\t%d\n", userOrGroupName, rightsMask); | |
397 | * | |
398 | * @param path the directory path | |
399 | * @returns a formatted String representing the ACL for the specified path. | |
400 | * @throws an AFSException if an AFS or JNI exception is encountered. | |
401 | */ | |
402 | private native String getACLString(String path) throws AFSException; | |
403 | ||
404 | /** | |
405 | * Sets the ACL in the file system according to this abstract representation. | |
406 | * | |
407 | * @param path the directory path | |
408 | * @param aclString string representation of ACL to be set | |
409 | * @throws an AFSException if an AFS or JNI exception is encountered. | |
410 | */ | |
411 | private native void setACLString(String path, String aclString) throws AFSException; | |
412 | ||
413 | /*====================================================================*/ | |
414 | /* INNER CLASSES */ | |
415 | /*====================================================================*/ | |
416 | ||
417 | /** | |
418 | * AFS ACL Entry Class. | |
419 | * | |
420 | * <p> Documentation reference: | |
421 | * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ772">Managing Access Control Lists</A> | |
422 | * | |
423 | * @version 2.0, 04/18/2001 - Completely revised class for efficiency. | |
424 | * @version 3.0, 05/01/2002 - Converted class to an inner class. | |
425 | */ | |
426 | public static final class Entry implements Serializable | |
427 | { | |
428 | /** ACL Mask read constant */ | |
429 | public static final int READ = 1; | |
430 | /** ACL Mask write constant */ | |
431 | public static final int WRITE = 2; | |
432 | /** ACL Mask insert constant */ | |
433 | public static final int INSERT = 4; | |
434 | /** ACL Mask lookup constant */ | |
435 | public static final int LOOKUP = 8; | |
436 | /** ACL Mask delete constant */ | |
437 | public static final int DELETE = 16; | |
438 | /** ACL Mask lock constant */ | |
439 | public static final int LOCK = 32; | |
440 | /** ACL Mask administer constant */ | |
441 | public static final int ADMIN = 64; | |
442 | ||
443 | private String username; | |
444 | ||
445 | private boolean r = false; | |
446 | private boolean l = false; | |
447 | private boolean i = false; | |
448 | private boolean d = false; | |
449 | private boolean w = false; | |
450 | private boolean k = false; | |
451 | private boolean a = false; | |
452 | ||
453 | /** | |
454 | * Constructs a new ACL entry with all permission bits set to <code>false</code>. | |
455 | */ | |
456 | public Entry() | |
457 | { | |
458 | } | |
459 | /** | |
460 | * Constructs a new ACL entry with all permission bits set to <code>false</code> | |
461 | * and sets the associated user or group name. | |
462 | * | |
463 | * @param user The user or group name associated with this entry | |
464 | */ | |
465 | public Entry(String user) | |
466 | { | |
467 | this.setUser(user); | |
468 | } | |
469 | /** | |
470 | * Constructs a new ACL entry setting each permission bit to its appropriate | |
471 | * value according to the <code>permissionsMask</code> specified. | |
472 | * | |
473 | * @see #canRead | |
474 | * @see #canWrite | |
475 | * @see #canInsert | |
476 | * @see #canLookup | |
477 | * @see #canDelete | |
478 | * @see #canLock | |
479 | * @see #canAdmin | |
480 | * @param permissionsMask An integer representation of the permissoin | |
481 | * rights of this entry | |
482 | */ | |
483 | public Entry(int permissionsMask) | |
484 | { | |
485 | this.setPermissions(permissionsMask); | |
486 | } | |
487 | /** | |
488 | * Constructs a new ACL entry setting each permission bit to its appropriate | |
489 | * value according to the <code>permissionsMask</code> specified | |
490 | * and sets the associated user or group name. | |
491 | * | |
492 | * @see #canRead | |
493 | * @see #canWrite | |
494 | * @see #canInsert | |
495 | * @see #canLookup | |
496 | * @see #canDelete | |
497 | * @see #canLock | |
498 | * @see #canAdmin | |
499 | * @see #setUser | |
500 | * @param permissionsMask An integer representation of the permissoin | |
501 | * rights of this entry | |
502 | * @param user The username or group associated with this entry | |
503 | */ | |
504 | public Entry(String user, int permissionsMask) | |
505 | { | |
506 | this.setUser(user); | |
507 | this.setPermissions(permissionsMask); | |
508 | } | |
509 | /*-------------------------------------------------------------------------*/ | |
510 | /** | |
511 | * Set this entry's permission bits according to the value of the | |
512 | * <code>permissionsMask</code> specified. | |
513 | * | |
514 | * @see #getPermissionsMask | |
515 | * @param permissionsMask An integer representation of the permissoin | |
516 | * rights of this entry | |
517 | */ | |
518 | public void setPermissions(int permissionsMask) | |
519 | { | |
520 | if ((permissionsMask & READ) != 0) { | |
521 | this.setRead(true); | |
522 | } | |
523 | if ((permissionsMask & LOOKUP) != 0) { | |
524 | this.setLookup(true); | |
525 | } | |
526 | if ((permissionsMask & INSERT) != 0) { | |
527 | this.setInsert(true); | |
528 | } | |
529 | if ((permissionsMask & DELETE) != 0) { | |
530 | this.setDelete(true); | |
531 | } | |
532 | if ((permissionsMask & WRITE) != 0) { | |
533 | this.setWrite(true); | |
534 | } | |
535 | if ((permissionsMask & LOCK) != 0) { | |
536 | this.setLock(true); | |
537 | } | |
538 | if ((permissionsMask & ADMIN) != 0) { | |
539 | this.setAdmin(true); | |
540 | } | |
541 | } | |
542 | /** | |
543 | * Returns this entry's permission mask. | |
544 | * | |
545 | * <p> <B>Permission Mask</B><BR> | |
546 | * 01 - READ <BR> | |
547 | * 02 - WRITE <BR> | |
548 | * 04 - INSERT<BR> | |
549 | * 08 - LOOKUP<BR> | |
550 | * 16 - DELETE<BR> | |
551 | * 32 - LOCK <BR> | |
552 | * 64 - ADMIN <BR> | |
553 | * | |
554 | * <p> Any combination of the above mask values would equate to a valid combination of | |
555 | * permission settings. For example, if the permission mask was <B>11</B>, the ACL permissions | |
556 | * would be as follows: <code>read</code> (1), <code>write</code> (2), and <code>lookup</code> (8).<BR> | |
557 | * [1 + 2 + 8 = 11] | |
558 | * | |
559 | * @return An integer representation (mask) of the permissoin rights of this entry | |
560 | */ | |
561 | public int getPermissionsMask() | |
562 | { | |
563 | int permissionsMask = 0; | |
564 | if (canRead()) permissionsMask |= READ; | |
565 | if (canWrite()) permissionsMask |= WRITE; | |
566 | if (canInsert()) permissionsMask |= INSERT; | |
567 | if (canLookup()) permissionsMask |= LOOKUP; | |
568 | if (canDelete()) permissionsMask |= DELETE; | |
569 | if (canLock()) permissionsMask |= LOCK; | |
570 | if (canAdmin()) permissionsMask |= ADMIN; | |
571 | return permissionsMask; | |
572 | } | |
573 | /** | |
574 | * Returns the user <B>or</B> group name associated with this ACL entry. | |
575 | * | |
576 | * @return String representation of the user or group name associated with this entry. | |
577 | */ | |
578 | public String getUser() | |
579 | { | |
580 | return username; | |
581 | } | |
582 | /** | |
583 | * Sets the user <B>or</B> group name associated with this ACL entry. | |
584 | * | |
585 | * @param user representation of the user or group name associated with this entry. | |
586 | */ | |
587 | public void setUser(String user) | |
588 | { | |
589 | username = user; | |
590 | } | |
591 | /** | |
592 | * <IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>read</code> access. | |
593 | * | |
594 | * <p> This permission enables a user to read the contents of files in the directory | |
595 | * and to obtain complete status information for the files (read/retrieve the file | |
596 | * attributes). | |
597 | * | |
598 | * <p><FONT COLOR="666699"><IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>File Permission</B></U></FONT><BR> | |
599 | * This permission is meaningful with respect to files in | |
600 | * a directory, rather than the directory itself or its subdirectories. | |
601 | * | |
602 | * <p> Documentation reference: | |
603 | * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A> | |
604 | * | |
605 | * @return <code>true</code> if and only if the ACL permits <code>read</code> access of | |
606 | * files; <code>false</code> otherwise | |
607 | */ | |
608 | public boolean canRead() | |
609 | { | |
610 | return r; | |
611 | } | |
612 | /** | |
613 | * Sets the ACL permission to accomodate <code>read</code> access for files. | |
614 | * | |
615 | * @see #canRead | |
616 | * @param flag boolean flag that denotes the permission bit for <code>read</code> access. | |
617 | */ | |
618 | public void setRead(boolean flag) | |
619 | { | |
620 | r = flag; | |
621 | } | |
622 | /** | |
623 | * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits lookup access. | |
624 | * | |
625 | * <p> This permission functions as something of a gate keeper for access to the directory | |
626 | * and its files, because a user must have it in order to exercise any other permissions. | |
627 | * In particular, a user must have this permission to access anything in the directory's | |
628 | * subdirectories, even if the ACL on a subdirectory grants extensive permissions. | |
629 | * | |
630 | * <p> This permission enables a user to list the names of the files and subdirectories in | |
631 | * the directory (this does not permit read access to its respective entries), obtain | |
632 | * complete status information for the directory element itself, and examine the directory's | |
633 | * ACL. | |
634 | * | |
635 | * <p> This permission does not enable a user to read the contents of a file in the | |
636 | * directory. | |
637 | * | |
638 | * <p> Similarly, this permission does not enable a user to lookup the contents of, | |
639 | * obtain complete status information for, or examine the ACL of the subdirectory of | |
640 | * the directory. Those operations require the <code>lookup</code> permission on the ACL | |
641 | * of the subdirectory itself. | |
642 | * | |
643 | * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR> | |
644 | * This permission is meaningful with respect to the | |
645 | * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert}) | |
646 | * does not control addition of data to a file, but rather creation of a new file or | |
647 | * subdirectory. | |
648 | * | |
649 | * <p> Documentation reference: | |
650 | * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A> | |
651 | * | |
652 | * @return <code>true</code> if and only if the ACL permits <code>lookup</code> access for | |
653 | * directories; <code>false</code> otherwise | |
654 | */ | |
655 | public boolean canLookup() | |
656 | { | |
657 | return l; | |
658 | } | |
659 | /** | |
660 | * Sets the ACL permission to accomodate <code>lookup</code> access for directories. | |
661 | * | |
662 | * @see #canLookup | |
663 | * @param flag boolean flag that denotes the permission bit for <code>lookup</code> access. | |
664 | */ | |
665 | public void setLookup(boolean flag) | |
666 | { | |
667 | l = flag; | |
668 | } | |
669 | /** | |
670 | * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>insert</code> access. | |
671 | * | |
672 | * <p> This permission enables a user to add new files to the directory, either by creating | |
673 | * or copying, and to create new subdirectories. It does not extend into any subdirectories, | |
674 | * which are protected by their own ACLs. | |
675 | * | |
676 | * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR> | |
677 | * This permission is meaningful with respect to the | |
678 | * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert}) | |
679 | * does not control addition of data to a file, but rather creation of a new file or | |
680 | * subdirectory. | |
681 | * | |
682 | * <p> Documentation reference: | |
683 | * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A> | |
684 | * | |
685 | * @return <code>true</code> if and only if the ACL permits <code>insert</code> access for | |
686 | * directories; <code>false</code> otherwise | |
687 | */ | |
688 | public boolean canInsert() | |
689 | { | |
690 | return i; | |
691 | } | |
692 | /** | |
693 | * Sets the ACL permission to accomodate <code>insert</code> access for directories. | |
694 | * | |
695 | * @see #canInsert | |
696 | * @param flag boolean flag that denotes the permission bit for <code>insert</code> access. | |
697 | */ | |
698 | public void setInsert(boolean flag) | |
699 | { | |
700 | i = flag; | |
701 | } | |
702 | /** | |
703 | * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>delete</code> access. | |
704 | * | |
705 | * <p> This permission enables a user to remove files and subdirectories from the directory | |
706 | * or move them into other directories (assuming that the user has the <code>insert</code> | |
707 | * (see: {@link #canInsert}) permission on the ACL of the other directories). | |
708 | * | |
709 | * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR> | |
710 | * This permission is meaningful with respect to the | |
711 | * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert}) | |
712 | * does not control addition of data to a file, but rather creation of a new file or | |
713 | * subdirectory. | |
714 | * | |
715 | * <p> Documentation reference: | |
716 | * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A> | |
717 | * | |
718 | * @return <code>true</code> if and only if the ACL permits <code>delete</code> access for | |
719 | * directories; <code>false</code> otherwise | |
720 | */ | |
721 | public boolean canDelete() | |
722 | { | |
723 | return d; | |
724 | } | |
725 | /** | |
726 | * Sets the ACL permission to accomodate <code>delete</code> access for directories. | |
727 | * | |
728 | * @see #canDelete | |
729 | * @param flag boolean flag that denotes the permission bit for <code>delete</code> rights. | |
730 | */ | |
731 | public void setDelete(boolean flag) | |
732 | { | |
733 | d = flag; | |
734 | } | |
735 | /** | |
736 | * <IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>write</code> access. | |
737 | * | |
738 | * <p> This permission enables a user to modify the contents of files in the directory | |
739 | * and to change their operating system specific mode bits. | |
740 | * | |
741 | * <p><FONT COLOR="666699"><IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>File Permission</B></U></FONT><BR> | |
742 | * This permission is meaningful with respect to files in | |
743 | * a directory, rather than the directory itself or its subdirectories. | |
744 | * | |
745 | * <p> Documentation reference: | |
746 | * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A> | |
747 | * | |
748 | * @return <code>true</code> if and only if the ACL permits <code>write</code> access for | |
749 | * files; <code>false</code> otherwise | |
750 | */ | |
751 | public boolean canWrite() | |
752 | { | |
753 | return w; | |
754 | } | |
755 | /** | |
756 | * Sets the ACL permission to accomodate <code>write</code> access for files. | |
757 | * | |
758 | * @see #canWrite | |
759 | * @param flag boolean flag that denotes the permission bit for <code>write</code> access. | |
760 | */ | |
761 | public void setWrite(boolean flag) | |
762 | { | |
763 | w = flag; | |
764 | } | |
765 | /** | |
766 | * <IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits the <code>lock</code> authority. | |
767 | * | |
768 | * <p> This permission enables the user to run programs that issue system calls to | |
769 | * lock files in the directory. | |
770 | * | |
771 | * <p><FONT COLOR="666699"><IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>File Permission</B></U></FONT><BR> | |
772 | * This permission is meaningful with respect to files in | |
773 | * a directory, rather than the directory itself or its subdirectories. | |
774 | * | |
775 | * <p> Documentation reference: | |
776 | * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A> | |
777 | * | |
778 | * @return <code>true</code> if and only if the ACL permits <code>lock</code> authority for | |
779 | * files; <code>false</code> otherwise | |
780 | */ | |
781 | public boolean canLock() | |
782 | { | |
783 | return k; | |
784 | } | |
785 | /** | |
786 | * Sets the ACL permission to accomodate <code>lock</code> access for files. | |
787 | * | |
788 | * @see #canLock | |
789 | * @param flag boolean flag that denotes the permission bit for <code>lock</code> rights. | |
790 | */ | |
791 | public void setLock(boolean flag) | |
792 | { | |
793 | k = flag; | |
794 | } | |
795 | /** | |
796 | * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>administer</code> access. | |
797 | * | |
798 | * <p> This permission enables a user to change the directory's ACL. Members of the | |
799 | * <code>system:administrators</code> group implicitly have this permission on every | |
800 | * directory (that is, even if that group does not appear on the ACL). Similarly, the | |
801 | * owner of a directory implicitly has this permission on its ACL and those of all | |
802 | * directories below it that he or she owns. | |
803 | * | |
804 | * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR> | |
805 | * This permission is meaningful with respect to the | |
806 | * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert}) | |
807 | * does not control addition of data to a file, but rather creation of a new file or | |
808 | * subdirectory. | |
809 | * | |
810 | * <p> Documentation reference: | |
811 | * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A> | |
812 | * | |
813 | * @return <code>true</code> if and only if the ACL permits <code>administer</code> access for | |
814 | * directories; <code>false</code> otherwise | |
815 | */ | |
816 | public boolean canAdmin() | |
817 | { | |
818 | return a; | |
819 | } | |
820 | /** | |
821 | * Sets the ACL permission to accomodate <code>administer</code> rights for directories. | |
822 | * | |
823 | * @see #canAdmin | |
824 | * @param flag boolean flag that denotes the permission bit for <code>administer</code> rights. | |
825 | */ | |
826 | public void setAdmin(boolean flag) | |
827 | { | |
828 | a = flag; | |
829 | } | |
830 | ||
831 | /////////////// custom override methods //////////////////// | |
832 | ||
833 | /** | |
834 | * Tests whether two <code>ACL.Entry</code> objects are equal, based on associated | |
835 | * username and permission bits. | |
836 | * | |
837 | * @param entry the ACL.Entry to test | |
838 | * @return whether the specifed ACL.Entry is the same as this ACL.Entry | |
839 | */ | |
840 | public boolean equals( ACL.Entry entry ) | |
841 | { | |
842 | return ( (this.getUser().equals( entry.getUser() )) && | |
843 | (this.getPermissionsMask() == entry.getPermissionsMask()) ); | |
844 | } | |
845 | ||
846 | /** | |
847 | * Returns a String representation of this <CODE>ACL.Entry</CODE> | |
848 | * | |
849 | * @return a String representation of this <CODE>ACL.Entry</CODE> | |
850 | */ | |
851 | public String toString() | |
852 | { | |
853 | StringBuffer out = new StringBuffer(username); | |
854 | out.append("\t"); | |
855 | if (r) out.append("r"); | |
856 | if (l) out.append("l"); | |
857 | if (i) out.append("i"); | |
858 | if (d) out.append("d"); | |
859 | if (w) out.append("w"); | |
860 | if (k) out.append("k"); | |
861 | if (a) out.append("a"); | |
862 | out.append("\n"); | |
863 | return out.toString(); | |
864 | } | |
865 | ||
866 | } | |
867 | } | |
868 | ||
869 | ||
870 | ||
871 | ||
872 | ||
873 | ||
874 | ||
875 | ||
876 |